Return-Path: X-Original-To: apmail-subversion-users-archive@minotaur.apache.org Delivered-To: apmail-subversion-users-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 0111E105F5 for ; Tue, 8 Apr 2014 10:19:27 +0000 (UTC) Received: (qmail 39598 invoked by uid 500); 8 Apr 2014 10:19:26 -0000 Delivered-To: apmail-subversion-users-archive@subversion.apache.org Received: (qmail 38790 invoked by uid 500); 8 Apr 2014 10:19:23 -0000 Mailing-List: contact users-help@subversion.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@subversion.apache.org Received: (qmail 38761 invoked by uid 99); 8 Apr 2014 10:19:19 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 08 Apr 2014 10:19:19 +0000 X-ASF-Spam-Status: No, hits=-0.7 required=5.0 tests=RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: local policy) Received: from [217.110.94.82] (HELO mx01.mgm-tp.com) (217.110.94.82) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 08 Apr 2014 10:19:14 +0000 Received: from pmx01.mgm-tp.com (unknown [10.0.202.41]) by mx01.mgm-tp.com (Postfix) with ESMTP id 59814F88044; Tue, 8 Apr 2014 12:18:52 +0200 (CEST) Received: from smtp-relay.mgm-tp.com (unknown [10.0.202.38]) by pmx01.mgm-tp.com (Postfix) with ESMTP id 8F27D159C0A3; Tue, 8 Apr 2014 12:18:51 +0200 (CEST) X-Trusted-binford: yes Received: from [192.168.1.168] (unknown [212.144.248.186]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by smtp-relay.mgm-tp.com (Postfix) with ESMTPSA id 51ACF5CE922; Tue, 8 Apr 2014 12:18:51 +0200 (CEST) Message-ID: <5343CD01.2030003@mgm-tp.com> Date: Tue, 08 Apr 2014 12:18:41 +0200 From: Guido Wischrop User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.23) Gecko/20090812 Lightning/0.9 Thunderbird/2.0.0.23 Mnenhy/0.7.5.0 MIME-Version: 1.0 To: users@subversion.apache.org, dev@subversion.apache.org CC: Bert Huijben Subject: Re: svn: E170000: 'https://user:pass@x' isn't in the same repository as 'https://user:XXXXXXXX@x' References: <533AD16C.5060106@mgm-tp.com> <87sipupu4d.fsf@ntlworld.com> <533EAE5C.6060500@mgm-tp.com> <005601cf501c$47765f00$d6631d00$@qqmail.nl> In-Reply-To: <005601cf501c$47765f00$d6631d00$@qqmail.nl> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-PMX-Version: 5.6.1.2065439, Antispam-Engine: 2.7.2.376379, Antispam-Data: 2014.4.8.101220 X-mgm-scanner: geek value 5000 X-Virus-Checked: Checked by ClamAV on apache.org On 04.04.2014 17:40, Bert Huijben wrote: > >> -----Original Message----- >> From: Guido Wischrop [mailto:Guido.Wischrop@mgm-tp.com] >> Sent: vrijdag 4 april 2014 15:07 >> To: users@subversion.apache.org; dev@subversion.apache.org >> Subject: Re: svn: E170000: 'https://user:pass@x' isn't in the same > repository >> as 'https://user:XXXXXXXX@x' >> >> >> On 03.04.2014 12:47, Philip Martin wrote: >>> Guido Wischrop writes: >>> >>>> I'm using win32svn, version 1.8.5 (r1542147) in Windows 7 x64 like > this: >>>> svn checkout https://user:pass@server/svn/p1/trunk >>>> >>>> I get the following error immediately: >>>> >>>> svn: E170000: 'https://user:pass@server/svn/p1/trunk' isn't in the same >>>> repository as 'https://user:XXXXXXXX@server/svn/p1/trunk' >>>> >>>> I tried SlikSVN (svn, version 1.8.5-SlikSvn-1.8.5-X64 (SlikSvn/1.8.5) >>>> X64) with the same result. >>>> >>>> With version 1.7.1 or 1.6.5 (SlikSVN 1.7.1/win32svn) the same command >>>> works as expected. Is the user:pass@server scheme no longer >> supported? >>> I get the same problem with trunk on Linux. I can fix it with this >>> patch but I'm not sure I understand all the consequences. Is there any >>> reason we should be hiding the password here? >>> >>> Index: subversion/libsvn_ra_serf/options.c >>> >> ========================================================== >> ========= >>> --- subversion/libsvn_ra_serf/options.c (revision 1584323) >>> +++ subversion/libsvn_ra_serf/options.c (working copy) >>> @@ -245,7 +245,8 @@ >>> (char *)svn_fspath__canonicalize(val, session->pool); >>> session->repos_root_str = >>> svn_urlpath__canonicalize( >>> - apr_uri_unparse(session->pool, &session->repos_root, > 0), >>> + apr_uri_unparse(session->pool, &session->repos_root, >>> + APR_URI_UNP_REVEALPASSWORD), >>> session->pool); >>> } >>> else if (svn_cstring_casecmp(key, SVN_DAV_ME_RESOURCE_HEADER) >> == 0) >>> >> So is this considered to be a bug? Is there another workaround as using >> --user --password? > As far as I can tell we only really support a username in the url for > svn+XXX:// urls. In some other cases we just passed 'the unsupported' url to > the lower layers and the neon library (our <= 1.7 default) completely > ignored this, while serf (which we use as default since 1.8) tried to use it > as the hostname. > > I would really recommend not using a username in the url this way... You > just store the password unencrypted on your disk in a place where it isn't > even really used. > > It also breaks using 'svn cp WC WC2' where WC and WC2 have a slightly > different authentication id. > > And as Subversion doesn't actually use the username and password from the > url, they won't be updated if you ever want to change your password (or use > the working copy as a different user) > > Bert We are using a apache reverse proxy in front of subversion. This apache uses a Single Sign On module, which handles the authentication. So I agree, that Subversion doesn't actually needs/uses the username and password. Unfortunately I have no idea, how to remove the username and password, as it seems not to be part of the ProxyPass directive. Is there any way to restore the previous behavior (ignore username and password) in Subversion? Thanks, Guido