> -----Original Message----- > From: Dmitry Pavlenko [mailto:pavle...@tmatesoft.com] > Sent: woensdag 20 juni 2012 18:15 > To: dev@subversion.apache.org > Subject: [PATCH]: credentials are not saved if username differs from cached > version but password does not > > simple_providers.c (svn_auth__simple_creds_cache_get): I propose to drop > all assignments > "need_to_save = FALSE" except the initial one; otherwise assignment to > FALSE may override existing > TRUE value. This may happen if default_username!=username and > default_password==password: in this > case need_to_save will be FALSE. Not very popular case, I guess, but > anyway. > > http://colabti.org/irclogger/irclogger_log/svn-dev?date=2012-06-20#l76 > > I also propose there (not covered by the patch) > * either not to use 'have_passtype' at all > * or always save credentials if have_passtype == FALSE > > Currently if have_passtype == FALSE (i.e. passsword encryption format has > been changed) new > credentials are saved only if old username differs from new username > (whatever old and new passwords > are). > > What do you think? > > [[[ > Fix potential situation in which credentials are not saved to cache. > > If cached username and new username differ but passwords are the same, > 'need_to_save' flag > will be overwritten to FALSE, and new credentials fill not be saved. > > * subversion/libsvn_subr/simple_providers.c > (svn_auth__simple_creds_cache_get): drop "need_to_save = FALSE" > assignments. > ]]]
Patch applied in r1361123. Thanks for pinging on irc. Bert