Subversion
Data Structures | Macros | Typedefs | Functions
svn_auth.h File Reference

Subversion's authentication system. More...

#include <apr.h>
#include <apr_pools.h>
#include <apr_hash.h>
#include <apr_tables.h>
#include "svn_types.h"
#include "svn_config.h"

Go to the source code of this file.

Data Structures

struct  svn_auth_provider_t
 The main authentication "provider" vtable. More...
 
struct  svn_auth_provider_object_t
 A provider object, ready to be put into an array and given to svn_auth_open(). More...
 
struct  svn_auth_cred_simple_t
 SVN_AUTH_CRED_SIMPLE credentials. More...
 
struct  svn_auth_cred_username_t
 SVN_AUTH_CRED_USERNAME credentials. More...
 
struct  svn_auth_cred_ssl_client_cert_t
 SVN_AUTH_CRED_SSL_CLIENT_CERT credentials. More...
 
struct  svn_auth_cred_ssl_client_cert_pw_t
 SVN_AUTH_CRED_SSL_CLIENT_CERT_PW credentials. More...
 
struct  svn_auth_ssl_server_cert_info_t
 SSL server certificate information used by SVN_AUTH_CRED_SSL_SERVER_TRUST providers. More...
 
struct  svn_auth_cred_ssl_server_trust_t
 SVN_AUTH_CRED_SSL_SERVER_TRUST credentials. More...
 

Macros

#define SVN_AUTH_CRED_SIMPLE   "svn.simple"
 Specific types of credentials. More...
 
#define SVN_AUTH_CRED_USERNAME   "svn.username"
 Username credential kind. More...
 
#define SVN_AUTH_CRED_SSL_CLIENT_CERT   "svn.ssl.client-cert"
 SSL client certificate credential type. More...
 
#define SVN_AUTH_CRED_SSL_CLIENT_CERT_PW   "svn.ssl.client-passphrase"
 SSL client certificate passphrase credential type. More...
 
#define SVN_AUTH_CRED_SSL_SERVER_TRUST   "svn.ssl.server"
 SSL server verification credential type. More...
 
#define SVN_AUTH_PARAM_PREFIX   "svn:auth:"
 Universal run-time parameters, made available to all providers. More...
 
#define SVN_AUTH_PARAM_NON_INTERACTIVE   SVN_AUTH_PARAM_PREFIX "non-interactive"
 The application doesn't want any providers to prompt users. More...
 
#define SVN_AUTH_PARAM_DONT_STORE_PASSWORDS
 The application doesn't want any providers to save passwords to disk. More...
 
#define SVN_AUTH_PARAM_STORE_PLAINTEXT_PASSWORDS
 Indicates whether providers may save passwords to disk in plaintext. More...
 
#define SVN_AUTH_PARAM_DONT_STORE_SSL_CLIENT_CERT_PP   SVN_AUTH_PARAM_PREFIX "dont-store-ssl-client-cert-pp"
 The application doesn't want any providers to save passphrase to disk. More...
 
#define SVN_AUTH_PARAM_STORE_SSL_CLIENT_CERT_PP_PLAINTEXT   SVN_AUTH_PARAM_PREFIX "store-ssl-client-cert-pp-plaintext"
 Indicates whether providers may save passphrase to disk in plaintext. More...
 
#define SVN_AUTH_PARAM_NO_AUTH_CACHE   SVN_AUTH_PARAM_PREFIX "no-auth-cache"
 The application doesn't want any providers to save credentials to disk. More...
 
#define SVN_AUTH_PARAM_SSL_SERVER_FAILURES
 The following property is for SSL server cert providers. More...
 
#define SVN_AUTH_PARAM_SSL_SERVER_CERT_INFO
 The following property is for SSL server cert providers. More...
 
#define SVN_AUTH_PARAM_CONFIG_CATEGORY_CONFIG
 This provides a pointer to a svn_config_t containting the config category. More...
 
#define SVN_AUTH_PARAM_CONFIG_CATEGORY_SERVERS
 This provides a pointer to a svn_config_t containting the servers category. More...
 
#define SVN_AUTH_PARAM_CONFIG   SVN_AUTH_PARAM_CONFIG_CATEGORY_SERVERS
 
#define SVN_AUTH_PARAM_SERVER_GROUP   SVN_AUTH_PARAM_PREFIX "server-group"
 The current server group.
 
#define SVN_AUTH_PARAM_CONFIG_DIR   SVN_AUTH_PARAM_PREFIX "config-dir"
 A configuration directory that overrides the default ~/.subversion.
 
#define SVN_AUTH_PARAM_GNOME_KEYRING_UNLOCK_PROMPT_FUNC   "gnome-keyring-unlock-prompt-func"
 libsvn_auth_gnome_keyring-specific run-time parameters. More...
 
#define SVN_AUTH_PARAM_GNOME_KEYRING_UNLOCK_PROMPT_BATON   "gnome-keyring-unlock-prompt-baton"
 The baton which is passed to *SVN_AUTH_PARAM_GNOME_KEYRING_UNLOCK_PROMPT_FUNC. More...
 
SSL server certificate failure bits
Note
These values are stored in the on disk auth cache by the SSL server certificate auth provider, so the meaning of these bits must not be changed.
#define SVN_AUTH_SSL_NOTYETVALID   0x00000001
 Certificate is not yet valid.
 
#define SVN_AUTH_SSL_EXPIRED   0x00000002
 Certificate has expired.
 
#define SVN_AUTH_SSL_CNMISMATCH   0x00000004
 Certificate's CN (hostname) does not match the remote hostname.
 
#define SVN_AUTH_SSL_UNKNOWNCA   0x00000008
 Certificate authority is unknown (i.e. More...
 
#define SVN_AUTH_SSL_OTHER   0x40000000
 Other failure. More...
 
Default credentials defines

Property values are const char *.

#define SVN_AUTH_PARAM_DEFAULT_USERNAME   SVN_AUTH_PARAM_PREFIX "username"
 Default username provided by the application itself (e.g. More...
 
#define SVN_AUTH_PARAM_DEFAULT_PASSWORD   SVN_AUTH_PARAM_PREFIX "password"
 Default password provided by the application itself (e.g. More...
 

Typedefs

typedef struct svn_auth_baton_t svn_auth_baton_t
 The type of a Subversion authentication object.
 
typedef struct svn_auth_iterstate_t svn_auth_iterstate_t
 The type of a Subversion authentication-iteration object.
 
typedef struct svn_auth_provider_t svn_auth_provider_t
 The main authentication "provider" vtable.
 
typedef struct svn_auth_provider_object_t svn_auth_provider_object_t
 A provider object, ready to be put into an array and given to svn_auth_open().
 
typedef void(* svn_auth_simple_provider_func_t) (svn_auth_provider_object_t **provider, apr_pool_t *pool)
 The type of function returning authentication provider.
 
typedef struct svn_auth_cred_simple_t svn_auth_cred_simple_t
 SVN_AUTH_CRED_SIMPLE credentials.
 
typedef struct svn_auth_cred_username_t svn_auth_cred_username_t
 SVN_AUTH_CRED_USERNAME credentials.
 
typedef struct svn_auth_cred_ssl_client_cert_t svn_auth_cred_ssl_client_cert_t
 SVN_AUTH_CRED_SSL_CLIENT_CERT credentials.
 
typedef void(* svn_auth_ssl_client_cert_pw_provider_func_t) (svn_auth_provider_object_t **provider, apr_pool_t *pool)
 A function returning an SSL client certificate passphrase provider.
 
typedef struct svn_auth_cred_ssl_client_cert_pw_t svn_auth_cred_ssl_client_cert_pw_t
 SVN_AUTH_CRED_SSL_CLIENT_CERT_PW credentials.
 
typedef struct svn_auth_ssl_server_cert_info_t svn_auth_ssl_server_cert_info_t
 SSL server certificate information used by SVN_AUTH_CRED_SSL_SERVER_TRUST providers.
 
typedef struct svn_auth_cred_ssl_server_trust_t svn_auth_cred_ssl_server_trust_t
 SVN_AUTH_CRED_SSL_SERVER_TRUST credentials.
 
typedef svn_error_t *(* svn_auth_simple_prompt_func_t) (svn_auth_cred_simple_t **cred, void *baton, const char *realm, const char *username, svn_boolean_t may_save, apr_pool_t *pool)
 Credential-constructing prompt functions. More...
 
typedef svn_error_t *(* svn_auth_username_prompt_func_t) (svn_auth_cred_username_t **cred, void *baton, const char *realm, svn_boolean_t may_save, apr_pool_t *pool)
 Set *cred by prompting the user, allocating *cred in pool. More...
 
typedef svn_error_t *(* svn_auth_ssl_server_trust_prompt_func_t) (svn_auth_cred_ssl_server_trust_t **cred, void *baton, const char *realm, apr_uint32_t failures, const svn_auth_ssl_server_cert_info_t *cert_info, svn_boolean_t may_save, apr_pool_t *pool)
 Set *cred by prompting the user, allocating *cred in pool. More...
 
typedef svn_error_t *(* svn_auth_ssl_client_cert_prompt_func_t) (svn_auth_cred_ssl_client_cert_t **cred, void *baton, const char *realm, svn_boolean_t may_save, apr_pool_t *pool)
 Set *cred by prompting the user, allocating *cred in pool. More...
 
typedef svn_error_t *(* svn_auth_ssl_client_cert_pw_prompt_func_t) (svn_auth_cred_ssl_client_cert_pw_t **cred, void *baton, const char *realm, svn_boolean_t may_save, apr_pool_t *pool)
 Set *cred by prompting the user, allocating *cred in pool. More...
 
typedef svn_error_t *(* svn_auth_plaintext_prompt_func_t) (svn_boolean_t *may_save_plaintext, const char *realmstring, void *baton, apr_pool_t *pool)
 A type of callback function for asking whether storing a password to disk in plaintext is allowed. More...
 
typedef svn_error_t *(* svn_auth_plaintext_passphrase_prompt_func_t) (svn_boolean_t *may_save_plaintext, const char *realmstring, void *baton, apr_pool_t *pool)
 A type of callback function for asking whether storing a passphrase to disk in plaintext is allowed. More...
 
typedef svn_error_t *(* svn_auth_gnome_keyring_unlock_prompt_func_t) (char **keyring_password, const char *keyring_name, void *baton, apr_pool_t *pool)
 A type of callback function for obtaining the GNOME Keyring password. More...
 

Functions

svn_auth_ssl_server_cert_info_tsvn_auth_ssl_server_cert_info_dup (const svn_auth_ssl_server_cert_info_t *info, apr_pool_t *pool)
 Return a deep copy of info, allocated in pool. More...
 
void svn_auth_open (svn_auth_baton_t **auth_baton, const apr_array_header_t *providers, apr_pool_t *pool)
 Initialize an authentication system. More...
 
void svn_auth_set_parameter (svn_auth_baton_t *auth_baton, const char *name, const void *value)
 Set an authentication run-time parameter. More...
 
const void * svn_auth_get_parameter (svn_auth_baton_t *auth_baton, const char *name)
 Get an authentication run-time parameter. More...
 
svn_error_tsvn_auth_first_credentials (void **credentials, svn_auth_iterstate_t **state, const char *cred_kind, const char *realmstring, svn_auth_baton_t *auth_baton, apr_pool_t *pool)
 Get an initial set of credentials. More...
 
svn_error_tsvn_auth_next_credentials (void **credentials, svn_auth_iterstate_t *state, apr_pool_t *pool)
 Get another set of credentials, assuming previous ones failed to authenticate. More...
 
svn_error_tsvn_auth_save_credentials (svn_auth_iterstate_t *state, apr_pool_t *pool)
 Save a set of credentials. More...
 
svn_error_tsvn_auth_forget_credentials (svn_auth_baton_t *auth_baton, const char *cred_kind, const char *realmstring, apr_pool_t *pool)
 Forget a set (or all) memory-cached credentials. More...
 
void svn_auth_get_simple_prompt_provider (svn_auth_provider_object_t **provider, svn_auth_simple_prompt_func_t prompt_func, void *prompt_baton, int retry_limit, apr_pool_t *pool)
 Set *provider to an authentication provider of type svn_auth_cred_simple_t that gets information by prompting the user with prompt_func and prompt_baton. More...
 
void svn_auth_get_username_prompt_provider (svn_auth_provider_object_t **provider, svn_auth_username_prompt_func_t prompt_func, void *prompt_baton, int retry_limit, apr_pool_t *pool)
 Set *provider to an authentication provider of type svn_auth_cred_username_t that gets information by prompting the user with prompt_func and prompt_baton. More...
 
void svn_auth_get_simple_provider2 (svn_auth_provider_object_t **provider, svn_auth_plaintext_prompt_func_t plaintext_prompt_func, void *prompt_baton, apr_pool_t *pool)
 Set *provider to an authentication provider of type svn_auth_cred_simple_t that gets/sets information from the user's ~/.subversion configuration directory. More...
 
void svn_auth_get_simple_provider (svn_auth_provider_object_t **provider, apr_pool_t *pool)
 Like svn_auth_get_simple_provider2, but without the ability to call the svn_auth_plaintext_prompt_func_t callback, and the provider always assumes that it is allowed to store the password in plaintext. More...
 
svn_error_tsvn_auth_get_platform_specific_provider (svn_auth_provider_object_t **provider, const char *provider_name, const char *provider_type, apr_pool_t *pool)
 Set *provider to an authentication provider of type svn_auth_provider_object_t, or return NULL if the provider is not available for the requested platform or the requested provider is unknown. More...
 
svn_error_tsvn_auth_get_platform_specific_client_providers (apr_array_header_t **providers, svn_config_t *config, apr_pool_t *pool)
 Set *providers to an array of svn_auth_provider_object_t * objects. More...
 
void svn_auth_get_windows_simple_provider (svn_auth_provider_object_t **provider, apr_pool_t *pool)
 Set *provider to an authentication provider of type svn_auth_cred_simple_t that gets/sets information from the user's ~/.subversion configuration directory. More...
 
void svn_auth_get_windows_ssl_client_cert_pw_provider (svn_auth_provider_object_t **provider, apr_pool_t *pool)
 Set *provider to an authentication provider of type svn_auth_cred_ssl_client_cert_pw_t that gets/sets information from the user's ~/.subversion configuration directory. More...
 
void svn_auth_get_windows_ssl_server_trust_provider (svn_auth_provider_object_t **provider, apr_pool_t *pool)
 Set *provider to an authentication provider of type svn_auth_cred_ssl_server_trust_t, allocated in pool. More...
 
void svn_auth_get_keychain_simple_provider (svn_auth_provider_object_t **provider, apr_pool_t *pool)
 Set *provider to an authentication provider of type svn_auth_cred_simple_t that gets/sets information from the user's ~/.subversion configuration directory. More...
 
void svn_auth_get_keychain_ssl_client_cert_pw_provider (svn_auth_provider_object_t **provider, apr_pool_t *pool)
 Set *provider to an authentication provider of type svn_auth_cred_ssl_client_cert_pw_t that gets/sets information from the user's ~/.subversion configuration directory. More...
 
const svn_version_tsvn_auth_gnome_keyring_version (void)
 Get libsvn_auth_gnome_keyring version information. More...
 
void svn_auth_get_gnome_keyring_simple_provider (svn_auth_provider_object_t **provider, apr_pool_t *pool)
 Set *provider to an authentication provider of type svn_auth_cred_simple_t that gets/sets information from the user's ~/.subversion configuration directory. More...
 
void svn_auth_get_gnome_keyring_ssl_client_cert_pw_provider (svn_auth_provider_object_t **provider, apr_pool_t *pool)
 Set *provider to an authentication provider of type svn_auth_cred_ssl_client_cert_pw_t that gets/sets information from the user's ~/.subversion configuration directory. More...
 
const svn_version_tsvn_auth_kwallet_version (void)
 Get libsvn_auth_kwallet version information. More...
 
void svn_auth_get_kwallet_simple_provider (svn_auth_provider_object_t **provider, apr_pool_t *pool)
 Set *provider to an authentication provider of type svn_auth_cred_simple_t that gets/sets information from the user's ~/.subversion configuration directory. More...
 
void svn_auth_get_kwallet_ssl_client_cert_pw_provider (svn_auth_provider_object_t **provider, apr_pool_t *pool)
 Set *provider to an authentication provider of type svn_auth_cred_ssl_client_cert_pw_t that gets/sets information from the user's ~/.subversion configuration directory. More...
 
void svn_auth_get_gpg_agent_simple_provider (svn_auth_provider_object_t **provider, apr_pool_t *pool)
 Set *provider to an authentication provider of type svn_auth_cred_simple_t that gets/sets information from the user's ~/.subversion configuration directory. More...
 
void svn_auth_get_username_provider (svn_auth_provider_object_t **provider, apr_pool_t *pool)
 Set *provider to an authentication provider of type svn_auth_cred_username_t that gets/sets information from a user's ~/.subversion configuration directory. More...
 
void svn_auth_get_ssl_server_trust_file_provider (svn_auth_provider_object_t **provider, apr_pool_t *pool)
 Set *provider to an authentication provider of type svn_auth_cred_ssl_server_trust_t, allocated in pool. More...
 
void svn_auth_get_ssl_client_cert_file_provider (svn_auth_provider_object_t **provider, apr_pool_t *pool)
 Set *provider to an authentication provider of type svn_auth_cred_ssl_client_cert_t, allocated in pool. More...
 
void svn_auth_get_ssl_client_cert_pw_file_provider2 (svn_auth_provider_object_t **provider, svn_auth_plaintext_passphrase_prompt_func_t plaintext_passphrase_prompt_func, void *prompt_baton, apr_pool_t *pool)
 Set *provider to an authentication provider of type svn_auth_cred_ssl_client_cert_pw_t that gets/sets information from the user's ~/.subversion configuration directory. More...
 
void svn_auth_get_ssl_client_cert_pw_file_provider (svn_auth_provider_object_t **provider, apr_pool_t *pool)
 Like svn_auth_get_ssl_client_cert_pw_file_provider2, but without the ability to call the svn_auth_plaintext_passphrase_prompt_func_t callback, and the provider always assumes that it is not allowed to store the passphrase in plaintext. More...
 
void svn_auth_get_ssl_server_trust_prompt_provider (svn_auth_provider_object_t **provider, svn_auth_ssl_server_trust_prompt_func_t prompt_func, void *prompt_baton, apr_pool_t *pool)
 Set *provider to an authentication provider of type svn_auth_cred_ssl_server_trust_t, allocated in pool. More...
 
void svn_auth_get_ssl_client_cert_prompt_provider (svn_auth_provider_object_t **provider, svn_auth_ssl_client_cert_prompt_func_t prompt_func, void *prompt_baton, int retry_limit, apr_pool_t *pool)
 Set *provider to an authentication provider of type svn_auth_cred_ssl_client_cert_t, allocated in pool. More...
 
void svn_auth_get_ssl_client_cert_pw_prompt_provider (svn_auth_provider_object_t **provider, svn_auth_ssl_client_cert_pw_prompt_func_t prompt_func, void *prompt_baton, int retry_limit, apr_pool_t *pool)
 Set *provider to an authentication provider of type svn_auth_cred_ssl_client_cert_pw_t, allocated in pool. More...
 

Detailed Description

Subversion's authentication system.

@if copyrights

Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to you under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations

under the License.

Definition in file svn_auth.h.

Macro Definition Documentation

◆ SVN_AUTH_PARAM_GNOME_KEYRING_UNLOCK_PROMPT_BATON

#define SVN_AUTH_PARAM_GNOME_KEYRING_UNLOCK_PROMPT_BATON   "gnome-keyring-unlock-prompt-baton"

The baton which is passed to *SVN_AUTH_PARAM_GNOME_KEYRING_UNLOCK_PROMPT_FUNC.

Deprecated:
Only used by old libgnome-keyring implementation.

Definition at line 1022 of file svn_auth.h.

◆ SVN_AUTH_PARAM_GNOME_KEYRING_UNLOCK_PROMPT_FUNC

#define SVN_AUTH_PARAM_GNOME_KEYRING_UNLOCK_PROMPT_FUNC   "gnome-keyring-unlock-prompt-func"

libsvn_auth_gnome_keyring-specific run-time parameters.

The pointer to function which prompts user for GNOME Keyring password. The type of this pointer should be svn_auth_gnome_keyring_unlock_prompt_func_t.

Deprecated:
Only used by old libgnome-keyring implementation.

Definition at line 1017 of file svn_auth.h.

Typedef Documentation

◆ svn_auth_gnome_keyring_unlock_prompt_func_t

typedef svn_error_t*(* svn_auth_gnome_keyring_unlock_prompt_func_t) (char **keyring_password, const char *keyring_name, void *baton, apr_pool_t *pool)

A type of callback function for obtaining the GNOME Keyring password.

In this callback, the client should ask the user for default keyring keyring_name password.

The answer is returned in *keyring_password. baton is an implementation-specific closure. All allocations should be done in pool.

Since
New in 1.6

Definition at line 1004 of file svn_auth.h.

Function Documentation

◆ svn_auth_get_gnome_keyring_simple_provider()

void svn_auth_get_gnome_keyring_simple_provider ( svn_auth_provider_object_t **  provider,
apr_pool_t *  pool 
)

Set *provider to an authentication provider of type svn_auth_cred_simple_t that gets/sets information from the user's ~/.subversion configuration directory.

This is like svn_client_get_simple_provider(), except that the password is stored in GNOME Keyring.

If the GNOME Keyring is locked the old libgnome-keyring provider calls *SVN_AUTH_PARAM_GNOME_KEYRING_UNLOCK_PROMPT_FUNC in order to unlock the keyring.

SVN_AUTH_PARAM_GNOME_KEYRING_UNLOCK_PROMPT_BATON is passed to *SVN_AUTH_PARAM_GNOME_KEYRING_UNLOCK_PROMPT_FUNC.

Allocate *provider in pool.

Since
New in 1.6
Note
This function actually works only on systems with libsvn_auth_gnome_keyring and GNOME Keyring installed.
Deprecated:
Provided for backwards compatibility with the 1.8 API. Use svn_auth_get_platform_specific_provider with provider_name of "gnome_keyring" and provider_type of "simple".

◆ svn_auth_get_gnome_keyring_ssl_client_cert_pw_provider()

void svn_auth_get_gnome_keyring_ssl_client_cert_pw_provider ( svn_auth_provider_object_t **  provider,
apr_pool_t *  pool 
)

Set *provider to an authentication provider of type svn_auth_cred_ssl_client_cert_pw_t that gets/sets information from the user's ~/.subversion configuration directory.

This is like svn_client_get_ssl_client_cert_pw_file_provider(), except that the password is stored in GNOME Keyring.

If the GNOME Keyring is locked the provider calls *SVN_AUTH_PARAM_GNOME_KEYRING_UNLOCK_PROMPT_FUNC in order to unlock the keyring.

SVN_AUTH_PARAM_GNOME_KEYRING_UNLOCK_PROMPT_BATON is passed to *SVN_AUTH_PARAM_GNOME_KEYRING_UNLOCK_PROMPT_FUNC.

Allocate *provider in pool.

Since
New in 1.6
Note
This function actually works only on systems with libsvn_auth_gnome_keyring and GNOME Keyring installed.
Deprecated:
Provided for backwards compatibility with the 1.8 API. Use svn_auth_get_platform_specific_provider with provider_name of "gnome_keyring" and provider_type of "ssl_client_cert_pw".

◆ svn_auth_get_gpg_agent_simple_provider()

void svn_auth_get_gpg_agent_simple_provider ( svn_auth_provider_object_t **  provider,
apr_pool_t *  pool 
)

Set *provider to an authentication provider of type svn_auth_cred_simple_t that gets/sets information from the user's ~/.subversion configuration directory.

This is like svn_client_get_simple_provider(), except that the password is obtained from gpg_agent, which will keep it in a memory cache.

Allocate *provider in pool.

Since
New in 1.8
Note
This function actually works only on systems with GNU Privacy Guard installed.
Deprecated:
Provided for backwards compatibility with the 1.8 API. Use svn_auth_get_platform_specific_provider with provider_name of "gpg_agent" and provider_type of "simple".

◆ svn_auth_get_keychain_simple_provider()

void svn_auth_get_keychain_simple_provider ( svn_auth_provider_object_t **  provider,
apr_pool_t *  pool 
)

Set *provider to an authentication provider of type svn_auth_cred_simple_t that gets/sets information from the user's ~/.subversion configuration directory.

Allocate *provider in pool.

This is like svn_auth_get_simple_provider(), except that the password is stored in the Mac OS KeyChain.

Since
New in 1.4
Note
This function is only available on Mac OS 10.2 and higher.
Deprecated:
Provided for backwards compatibility with the 1.8 API. Use svn_auth_get_platform_specific_provider with provider_name of "keychain" and provider_type of "simple".

◆ svn_auth_get_keychain_ssl_client_cert_pw_provider()

void svn_auth_get_keychain_ssl_client_cert_pw_provider ( svn_auth_provider_object_t **  provider,
apr_pool_t *  pool 
)

Set *provider to an authentication provider of type svn_auth_cred_ssl_client_cert_pw_t that gets/sets information from the user's ~/.subversion configuration directory.

Allocate *provider in pool.

This is like svn_auth_get_ssl_client_cert_pw_file_provider(), except that the password is stored in the Mac OS KeyChain.

Since
New in 1.6
Note
This function is only available on Mac OS 10.2 and higher.
Deprecated:
Provided for backwards compatibility with the 1.8 API. Use svn_auth_get_platform_specific_provider with provider_name of "keychain" and provider_type of "ssl_client_cert_pw".

◆ svn_auth_get_kwallet_simple_provider()

void svn_auth_get_kwallet_simple_provider ( svn_auth_provider_object_t **  provider,
apr_pool_t *  pool 
)

Set *provider to an authentication provider of type svn_auth_cred_simple_t that gets/sets information from the user's ~/.subversion configuration directory.

Allocate *provider in pool.

This is like svn_client_get_simple_provider(), except that the password is stored in KWallet.

Since
New in 1.6
Note
This function actually works only on systems with libsvn_auth_kwallet and KWallet installed.
Deprecated:
Provided for backwards compatibility with the 1.8 API. Use svn_auth_get_platform_specific_provider with provider_name of "kwallet" and provider_type of "simple".

◆ svn_auth_get_kwallet_ssl_client_cert_pw_provider()

void svn_auth_get_kwallet_ssl_client_cert_pw_provider ( svn_auth_provider_object_t **  provider,
apr_pool_t *  pool 
)

Set *provider to an authentication provider of type svn_auth_cred_ssl_client_cert_pw_t that gets/sets information from the user's ~/.subversion configuration directory.

Allocate *provider in pool.

This is like svn_client_get_ssl_client_cert_pw_file_provider(), except that the password is stored in KWallet.

Since
New in 1.6
Note
This function actually works only on systems with libsvn_auth_kwallet and KWallet installed.
Deprecated:
Provided for backwards compatibility with the 1.8 API. Use svn_auth_get_platform_specific_provider with provider_name of "kwallet" and provider_type of "ssl_client_cert_pw".

◆ svn_auth_get_platform_specific_client_providers()

svn_error_t* svn_auth_get_platform_specific_client_providers ( apr_array_header_t **  providers,
svn_config_t config,
apr_pool_t *  pool 
)

Set *providers to an array of svn_auth_provider_object_t * objects.

Only client authentication providers available for the current platform are returned. Order of the platform-specific authentication providers is determined by the 'password-stores' configuration option which is retrieved from config. config can be NULL.

Create and allocate *providers in pool.

Default order of the platform-specific authentication providers:

  1. gnome-keyring
  2. kwallet
  3. keychain
  4. gpg-agent
  5. windows-cryptoapi
Since
New in 1.6.

◆ svn_auth_get_platform_specific_provider()

svn_error_t* svn_auth_get_platform_specific_provider ( svn_auth_provider_object_t **  provider,
const char *  provider_name,
const char *  provider_type,
apr_pool_t *  pool 
)

Set *provider to an authentication provider of type svn_auth_provider_object_t, or return NULL if the provider is not available for the requested platform or the requested provider is unknown.

Valid provider_name values are: "gnome_keyring", "keychain", "kwallet", "gpg_agent", and "windows".

Valid provider_type values are: "simple", "ssl_client_cert_pw" and "ssl_server_trust".

Allocate *provider in pool.

What actually happens is we invoke the appropriate provider function to supply the provider, like so:

svn_auth_get_<name>_<type>_provider(provider, pool);

Since
New in 1.6.

◆ svn_auth_get_simple_prompt_provider()

void svn_auth_get_simple_prompt_provider ( svn_auth_provider_object_t **  provider,
svn_auth_simple_prompt_func_t  prompt_func,
void *  prompt_baton,
int  retry_limit,
apr_pool_t *  pool 
)

Set *provider to an authentication provider of type svn_auth_cred_simple_t that gets information by prompting the user with prompt_func and prompt_baton.

Allocate *provider in pool.

If both SVN_AUTH_PARAM_DEFAULT_USERNAME and SVN_AUTH_PARAM_DEFAULT_PASSWORD are defined as runtime parameters in the auth_baton, then *provider will return the default arguments when svn_auth_first_credentials() is called. If svn_auth_first_credentials() fails, then *provider will re-prompt retry_limit times (via svn_auth_next_credentials()). For infinite retries, set retry_limit to value less than 0.

Since
New in 1.4.

◆ svn_auth_get_simple_provider()

void svn_auth_get_simple_provider ( svn_auth_provider_object_t **  provider,
apr_pool_t *  pool 
)

Like svn_auth_get_simple_provider2, but without the ability to call the svn_auth_plaintext_prompt_func_t callback, and the provider always assumes that it is allowed to store the password in plaintext.

Deprecated:
Provided for backwards compatibility with the 1.5 API.
Since
New in 1.4.

◆ svn_auth_get_simple_provider2()

void svn_auth_get_simple_provider2 ( svn_auth_provider_object_t **  provider,
svn_auth_plaintext_prompt_func_t  plaintext_prompt_func,
void *  prompt_baton,
apr_pool_t *  pool 
)

Set *provider to an authentication provider of type svn_auth_cred_simple_t that gets/sets information from the user's ~/.subversion configuration directory.

If the provider is going to save the password unencrypted, it calls plaintext_prompt_func, passing prompt_baton, before saving the password.

If plaintext_prompt_func is NULL it is not called and the answer is assumed to be TRUE. This matches the deprecated behaviour of storing unencrypted passwords by default, and is only done this way for backward compatibility reasons. Client developers are highly encouraged to provide this callback to ensure their users are made aware of the fact that their password is going to be stored unencrypted. In the future, providers may default to not storing the password unencrypted if this callback is NULL.

Clients can however set the callback to NULL and set SVN_AUTH_PARAM_STORE_PLAINTEXT_PASSWORDS to SVN_CONFIG_FALSE or SVN_CONFIG_TRUE to enforce a certain behaviour.

Allocate *provider in pool.

If a default username or password is available, *provider will honor them as well, and return them when svn_auth_first_credentials() is called. (see SVN_AUTH_PARAM_DEFAULT_USERNAME and SVN_AUTH_PARAM_DEFAULT_PASSWORD).

Since
New in 1.6.

◆ svn_auth_get_ssl_client_cert_file_provider()

void svn_auth_get_ssl_client_cert_file_provider ( svn_auth_provider_object_t **  provider,
apr_pool_t *  pool 
)

Set *provider to an authentication provider of type svn_auth_cred_ssl_client_cert_t, allocated in pool.

*provider retrieves its credentials from the configuration mechanism. The returned credential is used to load the appropriate client certificate for authentication when requested by a server.

Since
New in 1.4.

◆ svn_auth_get_ssl_client_cert_prompt_provider()

void svn_auth_get_ssl_client_cert_prompt_provider ( svn_auth_provider_object_t **  provider,
svn_auth_ssl_client_cert_prompt_func_t  prompt_func,
void *  prompt_baton,
int  retry_limit,
apr_pool_t *  pool 
)

Set *provider to an authentication provider of type svn_auth_cred_ssl_client_cert_t, allocated in pool.

*provider retrieves its credentials by using the prompt_func and prompt_baton. The returned credential is used to load the appropriate client certificate for authentication when requested by a server. The prompt will be retried retry_limit times. For infinite retries, set retry_limit to value less than 0.

Since
New in 1.4.

◆ svn_auth_get_ssl_client_cert_pw_file_provider()

void svn_auth_get_ssl_client_cert_pw_file_provider ( svn_auth_provider_object_t **  provider,
apr_pool_t *  pool 
)

Like svn_auth_get_ssl_client_cert_pw_file_provider2, but without the ability to call the svn_auth_plaintext_passphrase_prompt_func_t callback, and the provider always assumes that it is not allowed to store the passphrase in plaintext.

Deprecated:
Provided for backwards compatibility with the 1.5 API.
Since
New in 1.4.

◆ svn_auth_get_ssl_client_cert_pw_file_provider2()

void svn_auth_get_ssl_client_cert_pw_file_provider2 ( svn_auth_provider_object_t **  provider,
svn_auth_plaintext_passphrase_prompt_func_t  plaintext_passphrase_prompt_func,
void *  prompt_baton,
apr_pool_t *  pool 
)

Set *provider to an authentication provider of type svn_auth_cred_ssl_client_cert_pw_t that gets/sets information from the user's ~/.subversion configuration directory.

If the provider is going to save the passphrase unencrypted, it calls plaintext_passphrase_prompt_func, passing prompt_baton, before saving the passphrase.

If plaintext_passphrase_prompt_func is NULL it is not called and the passphrase is not stored in plaintext. Client developers are highly encouraged to provide this callback to ensure their users are made aware of the fact that their passphrase is going to be stored unencrypted.

Clients can however set the callback to NULL and set SVN_AUTH_PARAM_STORE_SSL_CLIENT_CERT_PP_PLAINTEXT to SVN_CONFIG_FALSE or SVN_CONFIG_TRUE to enforce a certain behaviour.

Allocate *provider in pool.

Since
New in 1.6.

◆ svn_auth_get_ssl_client_cert_pw_prompt_provider()

void svn_auth_get_ssl_client_cert_pw_prompt_provider ( svn_auth_provider_object_t **  provider,
svn_auth_ssl_client_cert_pw_prompt_func_t  prompt_func,
void *  prompt_baton,
int  retry_limit,
apr_pool_t *  pool 
)

Set *provider to an authentication provider of type svn_auth_cred_ssl_client_cert_pw_t, allocated in pool.

*provider retrieves its credentials by using the prompt_func and prompt_baton. The returned credential is used when a loaded client certificate is protected by a passphrase. The prompt will be retried retry_limit times. For infinite retries, set retry_limit to value less than 0.

Since
New in 1.4.

◆ svn_auth_get_ssl_server_trust_file_provider()

void svn_auth_get_ssl_server_trust_file_provider ( svn_auth_provider_object_t **  provider,
apr_pool_t *  pool 
)

Set *provider to an authentication provider of type svn_auth_cred_ssl_server_trust_t, allocated in pool.

*provider retrieves its credentials from the configuration mechanism. The returned credential is used to override SSL security on an error.

Since
New in 1.4.

◆ svn_auth_get_ssl_server_trust_prompt_provider()

void svn_auth_get_ssl_server_trust_prompt_provider ( svn_auth_provider_object_t **  provider,
svn_auth_ssl_server_trust_prompt_func_t  prompt_func,
void *  prompt_baton,
apr_pool_t *  pool 
)

Set *provider to an authentication provider of type svn_auth_cred_ssl_server_trust_t, allocated in pool.

*provider retrieves its credentials by using the prompt_func and prompt_baton. The returned credential is used to override SSL security on an error.

Since
New in 1.4.

◆ svn_auth_get_username_prompt_provider()

void svn_auth_get_username_prompt_provider ( svn_auth_provider_object_t **  provider,
svn_auth_username_prompt_func_t  prompt_func,
void *  prompt_baton,
int  retry_limit,
apr_pool_t *  pool 
)

Set *provider to an authentication provider of type svn_auth_cred_username_t that gets information by prompting the user with prompt_func and prompt_baton.

Allocate *provider in pool.

If SVN_AUTH_PARAM_DEFAULT_USERNAME is defined as a runtime parameter in the auth_baton, then *provider will return the default argument when svn_auth_first_credentials() is called. If svn_auth_first_credentials() fails, then *provider will re-prompt retry_limit times (via svn_auth_next_credentials()). For infinite retries, set retry_limit to value less than 0.

Since
New in 1.4.

◆ svn_auth_get_username_provider()

void svn_auth_get_username_provider ( svn_auth_provider_object_t **  provider,
apr_pool_t *  pool 
)

Set *provider to an authentication provider of type svn_auth_cred_username_t that gets/sets information from a user's ~/.subversion configuration directory.

Allocate *provider in pool.

If a default username is available, *provider will honor it, and return it when svn_auth_first_credentials() is called. (See SVN_AUTH_PARAM_DEFAULT_USERNAME.)

Since
New in 1.4.

◆ svn_auth_get_windows_simple_provider()

void svn_auth_get_windows_simple_provider ( svn_auth_provider_object_t **  provider,
apr_pool_t *  pool 
)

Set *provider to an authentication provider of type svn_auth_cred_simple_t that gets/sets information from the user's ~/.subversion configuration directory.

Allocate *provider in pool.

This is like svn_auth_get_simple_provider(), except that, when running on Window 2000 or newer (or any other Windows version that includes the CryptoAPI), the provider encrypts the password before storing it to disk. On earlier versions of Windows, the provider does nothing.

Since
New in 1.4.
Note
This function is only available on Windows.
An administrative password reset may invalidate the account's secret key. This function will detect that situation and behave as if the password were not cached at all.
Deprecated:
Provided for backwards compatibility with the 1.8 API. Use svn_auth_get_platform_specific_provider with provider_name of "windows" and provider_type of "simple".

◆ svn_auth_get_windows_ssl_client_cert_pw_provider()

void svn_auth_get_windows_ssl_client_cert_pw_provider ( svn_auth_provider_object_t **  provider,
apr_pool_t *  pool 
)

Set *provider to an authentication provider of type svn_auth_cred_ssl_client_cert_pw_t that gets/sets information from the user's ~/.subversion configuration directory.

Allocate *provider in pool.

This is like svn_auth_get_ssl_client_cert_pw_file_provider(), except that when running on Window 2000 or newer, the provider encrypts the password before storing it to disk. On earlier versions of Windows, the provider does nothing.

Since
New in 1.6
Note
This function is only available on Windows.
An administrative password reset may invalidate the account's secret key. This function will detect that situation and behave as if the password were not cached at all.
Deprecated:
Provided for backwards compatibility with the 1.8 API. Use svn_auth_get_platform_specific_provider with provider_name of "windows" and provider_type of "ssl_client_cert_pw".

◆ svn_auth_get_windows_ssl_server_trust_provider()

void svn_auth_get_windows_ssl_server_trust_provider ( svn_auth_provider_object_t **  provider,
apr_pool_t *  pool 
)

Set *provider to an authentication provider of type svn_auth_cred_ssl_server_trust_t, allocated in pool.

This provider automatically validates ssl server certificates with the CryptoApi, like Internet Explorer and the Windows network API do. This allows the rollout of root certificates via Windows Domain policies, instead of Subversion specific configuration.

Since
New in 1.5.
Note
This function is only available on Windows.
Deprecated:
Provided for backwards compatibility with the 1.8 API. Use svn_auth_get_platform_specific_provider with provider_name of "windows" and provider_type of "ssl_server_trust".

◆ svn_auth_gnome_keyring_version()

const svn_version_t* svn_auth_gnome_keyring_version ( void  )

Get libsvn_auth_gnome_keyring version information.

Since
New in 1.6

◆ svn_auth_kwallet_version()

const svn_version_t* svn_auth_kwallet_version ( void  )

Get libsvn_auth_kwallet version information.

Since
New in 1.6