/*
* simple_providers.c: providers for SVN_AUTH_CRED_SIMPLE
*
* ====================================================================
* Copyright (c) 2000-2004 CollabNet. All rights reserved.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://subversion.tigris.org/license-1.html.
* If newer versions of this license are posted there, you may use a
* newer version instead, at your option.
*
* This software consists of voluntary contributions made by many
* individuals. For exact contribution history, see the revision
* history and logs, available at http://subversion.tigris.org/.
* ====================================================================
*/
/* ==================================================================== */
�
/*** Includes. ***/
#include <apr_pools.h>
#include "svn_auth.h"
#include "svn_error.h"
#include "svn_utf.h"
#include "svn_config.h"
#include "svn_user.h"
#include "svn_private_config.h"
�
/*-----------------------------------------------------------------------*/
/* File provider */
/*-----------------------------------------------------------------------*/
/* The keys that will be stored on disk */
#define SVN_AUTH__AUTHFILE_USERNAME_KEY "username"
#define SVN_AUTH__AUTHFILE_PASSWORD_KEY "password"
#define SVN_AUTH__AUTHFILE_PASSTYPE_KEY "passtype"
#define SVN_AUTH__SIMPLE_PASSWORD_TYPE "simple"
#define SVN_AUTH__WINCRYPT_PASSWORD_TYPE "wincrypt"
#define SVN_AUTH__KEYCHAIN_PASSWORD_TYPE "keychain"
�
/* A function that stores PASSWORD (or some encrypted version thereof)
either directly in CREDS, or externally using REALMSTRING and USERNAME
as keys into the external store. If NON_INTERACTIVE is set, the user
must not be involved in the storage process. POOL is used for any
necessary allocation. */
typedef svn_boolean_t (*password_set_t)(apr_hash_t *creds,
const char *realmstring,
const char *username,
const char *password,
svn_boolean_t non_interactive,
apr_pool_t *pool);
/* A function that stores in *PASSWORD (potentially after decrypting it)
the user's password. It might be obtained directly from CREDS, or
from an external store, using REALMSTRING and USERNAME as keys.
If NON_INTERACTIVE is set, the user must not be involved in the
retrieval process. POOL is used for any necessary allocation. */
typedef svn_boolean_t (*password_get_t)(const char **password,
apr_hash_t *creds,
const char *realmstring,
const char *username,
svn_boolean_t non_interactive,
apr_pool_t *pool);
/* Implementation of password_get_t that retrieves the plaintext password
from CREDS. */
static svn_boolean_t
simple_password_get(const char **password,
apr_hash_t *creds,
const char *realmstring,
const char *username,
svn_boolean_t non_interactive,
apr_pool_t *pool)
{
svn_string_t *str;
str = apr_hash_get(creds, SVN_AUTH__AUTHFILE_PASSWORD_KEY,
APR_HASH_KEY_STRING);
if (str && str->data)
{
*password = str->data;
return TRUE;
}
return FALSE;
}
/* Implementation of password_set_t that store the plaintext password
in CREDS. */
static svn_boolean_t
simple_password_set(apr_hash_t *creds,
const char *realmstring,
const char *username,
const char *password,
svn_boolean_t non_interactive,
apr_pool_t *pool)
{
apr_hash_set(creds, SVN_AUTH__AUTHFILE_PASSWORD_KEY, APR_HASH_KEY_STRING,
svn_string_create(password, pool));
return TRUE;
}
/* Common implementation for simple_first_creds and
windows_simple_first_creds. Uses PARAMETERS, REALMSTRING and the
simple auth provider's username and password cache to fill a set of
CREDENTIALS. PASSWORD_GET is used to obtain the password value.
PASSTYPE identifies the type of the cached password. CREDENTIALS are
allocated from POOL. */
static svn_error_t *
simple_first_creds_helper(void **credentials,
void **iter_baton,
void *provider_baton,
apr_hash_t *parameters,
const char *realmstring,
password_get_t password_get,
const char *passtype,
apr_pool_t *pool)
{
const char *config_dir = apr_hash_get(parameters,
SVN_AUTH_PARAM_CONFIG_DIR,
APR_HASH_KEY_STRING);
const char *username = apr_hash_get(parameters,
SVN_AUTH_PARAM_DEFAULT_USERNAME,
APR_HASH_KEY_STRING);
const char *password = apr_hash_get(parameters,
SVN_AUTH_PARAM_DEFAULT_PASSWORD,
APR_HASH_KEY_STRING);
svn_boolean_t non_interactive = apr_hash_get(parameters,
SVN_AUTH_PARAM_NON_INTERACTIVE,
APR_HASH_KEY_STRING) != NULL;
svn_boolean_t may_save = username || password;
svn_error_t *err;
/* If we don't have a usename and a password yet, we try the auth cache */
if (! (username && password))
{
apr_hash_t *creds_hash = NULL;
/* Try to load credentials from a file on disk, based on the
realmstring. Don't throw an error, though: if something went
wrong reading the file, no big deal. What really matters is that
we failed to get the creds, so allow the auth system to try the
next provider. */
err = svn_config_read_auth_data(&creds_hash, SVN_AUTH_CRED_SIMPLE,
realmstring, config_dir, pool);
svn_error_clear(err);
if (! err && creds_hash)
{
svn_string_t *str;
if (! username)
{
str = apr_hash_get(creds_hash,
SVN_AUTH__AUTHFILE_USERNAME_KEY,
APR_HASH_KEY_STRING);
if (str && str->data)
username = str->data;
}
if (! password)
{
svn_boolean_t have_passtype;
/* The password type in the auth data must match the
mangler's type, otherwise the password must be
interpreted by another provider. */
str = apr_hash_get(creds_hash,
SVN_AUTH__AUTHFILE_PASSTYPE_KEY,
APR_HASH_KEY_STRING);
have_passtype = (str && str->data);
if (have_passtype && passtype
&& 0 != strcmp(str->data, passtype))
password = NULL;
else
{
if (!password_get(&password, creds_hash, realmstring,
username, non_interactive, pool))
password = NULL;
/* If the auth data didn't contain a password type,
force a write to upgrade the format of the auth
data file. */
if (password && passtype && !have_passtype)
may_save = TRUE;
}
}
}
}
/* Ask the OS for the username if we have a password but no
username. */
if (password && ! username)
username = svn_user_get_name(pool);
if (username && password)
{
svn_auth_cred_simple_t *creds = apr_pcalloc(pool, sizeof(*creds));
creds->username = username;
creds->password = password;
creds->may_save = may_save;
*credentials = creds;
}
else
*credentials = NULL;
*iter_baton = NULL;
return SVN_NO_ERROR;
}
/* Common implementation for simple_save_creds and
windows_simple_save_creds. Uses PARAMETERS and REALMSTRING to save
a set of CREDENTIALS to the simple auth provider's username and
password cache. PASSWORD_SET is used to store the password.
PASSTYPE identifies the type of the cached password. Allocates from POOL. */
static svn_error_t *
simple_save_creds_helper(svn_boolean_t *saved,
void *credentials,
void *provider_baton,
apr_hash_t *parameters,
const char *realmstring,
password_set_t password_set,
const char *passtype,
apr_pool_t *pool)
{
svn_auth_cred_simple_t *creds = credentials;
apr_hash_t *creds_hash = NULL;
const char *config_dir;
svn_error_t *err;
const char *dont_store_passwords =
apr_hash_get(parameters,
SVN_AUTH_PARAM_DONT_STORE_PASSWORDS,
APR_HASH_KEY_STRING);
svn_boolean_t non_interactive = apr_hash_get(parameters,
SVN_AUTH_PARAM_NON_INTERACTIVE,
APR_HASH_KEY_STRING) != NULL;
svn_boolean_t password_stored = TRUE;
*saved = FALSE;
if (! creds->may_save)
return SVN_NO_ERROR;
config_dir = apr_hash_get(parameters,
SVN_AUTH_PARAM_CONFIG_DIR,
APR_HASH_KEY_STRING);
/* Put the credentials in a hash and save it to disk */
creds_hash = apr_hash_make(pool);
apr_hash_set(creds_hash, SVN_AUTH__AUTHFILE_USERNAME_KEY,
APR_HASH_KEY_STRING,
svn_string_create(creds->username, pool));
if (! dont_store_passwords)
{
password_stored = password_set(creds_hash, realmstring, creds->username,
creds->password, non_interactive, pool);
if (password_stored)
{
/* Store the password type with the auth data, so that we
know which provider owns the password. */
if (passtype)
{
apr_hash_set(creds_hash, SVN_AUTH__AUTHFILE_PASSTYPE_KEY,
APR_HASH_KEY_STRING,
svn_string_create(passtype, pool));
}
}
else
*saved = FALSE;
}
if (password_stored)
{
err = svn_config_write_auth_data(creds_hash, SVN_AUTH_CRED_SIMPLE,
realmstring, config_dir, pool);
svn_error_clear(err);
*saved = ! err;
}
return SVN_NO_ERROR;
}
/* Get cached (unencrypted) credentials from the simple provider's cache. */
static svn_error_t *
simple_first_creds(void **credentials,
void **iter_baton,
void *provider_baton,
apr_hash_t *parameters,
const char *realmstring,
apr_pool_t *pool)
{
return simple_first_creds_helper(credentials,
iter_baton, provider_baton,
parameters, realmstring,
simple_password_get,
SVN_AUTH__SIMPLE_PASSWORD_TYPE,
pool);
}
/* Save (unencrypted) credentials to the simple provider's cache. */
static svn_error_t *
simple_save_creds(svn_boolean_t *saved,
void *credentials,
void *provider_baton,
apr_hash_t *parameters,
const char *realmstring,
apr_pool_t *pool)
{
return simple_save_creds_helper(saved, credentials, provider_baton,
parameters, realmstring,
simple_password_set,
SVN_AUTH__SIMPLE_PASSWORD_TYPE,
pool);
}
static const svn_auth_provider_t simple_provider = {
SVN_AUTH_CRED_SIMPLE,
simple_first_creds,
NULL,
simple_save_creds
};
/* Public API */
void
svn_auth_get_simple_provider(svn_auth_provider_object_t **provider,
apr_pool_t *pool)
{
svn_auth_provider_object_t *po = apr_pcalloc(pool, sizeof(*po));
po->vtable = &simple_provider;
*provider = po;
}
�
/*-----------------------------------------------------------------------*/
/* Prompt provider */
/*-----------------------------------------------------------------------*/
/* Baton type for username/password prompting. */
typedef struct
{
svn_auth_simple_prompt_func_t prompt_func;
void *prompt_baton;
/* how many times to re-prompt after the first one fails */
int retry_limit;
} simple_prompt_provider_baton_t;
/* Iteration baton type for username/password prompting. */
typedef struct
{
/* how many times we've reprompted */
int retries;
} simple_prompt_iter_baton_t;
�
/*** Helper Functions ***/
static svn_error_t *
prompt_for_simple_creds(svn_auth_cred_simple_t **cred_p,
simple_prompt_provider_baton_t *pb,
apr_hash_t *parameters,
const char *realmstring,
svn_boolean_t first_time,
svn_boolean_t may_save,
apr_pool_t *pool)
{
const char *def_username = NULL, *def_password = NULL;
*cred_p = NULL;
/* If we're allowed to check for default usernames and passwords, do
so. */
if (first_time)
{
def_username = apr_hash_get(parameters,
SVN_AUTH_PARAM_DEFAULT_USERNAME,
APR_HASH_KEY_STRING);
/* No default username? Try the auth cache. */
if (! def_username)
{
const char *config_dir = apr_hash_get(parameters,
SVN_AUTH_PARAM_CONFIG_DIR,
APR_HASH_KEY_STRING);
apr_hash_t *creds_hash = NULL;
svn_string_t *str;
svn_error_t *err;
err = svn_config_read_auth_data(&creds_hash, SVN_AUTH_CRED_SIMPLE,
realmstring, config_dir, pool);
svn_error_clear(err);
if (! err && creds_hash)
{
str = apr_hash_get(creds_hash,
SVN_AUTH__AUTHFILE_USERNAME_KEY,
APR_HASH_KEY_STRING);
if (str && str->data)
def_username = str->data;
}
}
/* Still no default username? Try the UID. */
if (! def_username)
def_username = svn_user_get_name(pool);
def_password = apr_hash_get(parameters,
SVN_AUTH_PARAM_DEFAULT_PASSWORD,
APR_HASH_KEY_STRING);
}
/* If we have defaults, just build the cred here and return it.
*
* ### I do wonder why this is here instead of in a separate
* ### 'defaults' provider that would run before the prompt
* ### provider... Hmmm.
*/
if (def_username && def_password)
{
*cred_p = apr_palloc(pool, sizeof(**cred_p));
(*cred_p)->username = apr_pstrdup(pool, def_username);
(*cred_p)->password = apr_pstrdup(pool, def_password);
(*cred_p)->may_save = TRUE;
}
else
{
SVN_ERR(pb->prompt_func(cred_p, pb->prompt_baton, realmstring,
def_username, may_save, pool));
}
return SVN_NO_ERROR;
}
/* Our first attempt will use any default username/password passed
in, and prompt for the remaining stuff. */
static svn_error_t *
simple_prompt_first_creds(void **credentials_p,
void **iter_baton,
void *provider_baton,
apr_hash_t *parameters,
const char *realmstring,
apr_pool_t *pool)
{
simple_prompt_provider_baton_t *pb = provider_baton;
simple_prompt_iter_baton_t *ibaton = apr_pcalloc(pool, sizeof(*ibaton));
const char *no_auth_cache = apr_hash_get(parameters,
SVN_AUTH_PARAM_NO_AUTH_CACHE,
APR_HASH_KEY_STRING);
SVN_ERR(prompt_for_simple_creds((svn_auth_cred_simple_t **) credentials_p,
pb, parameters, realmstring, TRUE,
! no_auth_cache, pool));
ibaton->retries = 0;
*iter_baton = ibaton;
return SVN_NO_ERROR;
}
/* Subsequent attempts to fetch will ignore the default values, and
simply re-prompt for both, up to a maximum of ib->pb->retry_limit. */
static svn_error_t *
simple_prompt_next_creds(void **credentials_p,
void *iter_baton,
void *provider_baton,
apr_hash_t *parameters,
const char *realmstring,
apr_pool_t *pool)
{
simple_prompt_iter_baton_t *ib = iter_baton;
simple_prompt_provider_baton_t *pb = provider_baton;
const char *no_auth_cache = apr_hash_get(parameters,
SVN_AUTH_PARAM_NO_AUTH_CACHE,
APR_HASH_KEY_STRING);
if (ib->retries >= pb->retry_limit)
{
/* give up, go on to next provider. */
*credentials_p = NULL;
return SVN_NO_ERROR;
}
ib->retries++;
SVN_ERR(prompt_for_simple_creds((svn_auth_cred_simple_t **) credentials_p,
pb, parameters, realmstring, FALSE,
! no_auth_cache, pool));
return SVN_NO_ERROR;
}
static const svn_auth_provider_t simple_prompt_provider = {
SVN_AUTH_CRED_SIMPLE,
simple_prompt_first_creds,
simple_prompt_next_creds,
NULL,
};
/* Public API */
void
svn_auth_get_simple_prompt_provider
(svn_auth_provider_object_t **provider,
svn_auth_simple_prompt_func_t prompt_func,
void *prompt_baton,
int retry_limit,
apr_pool_t *pool)
{
svn_auth_provider_object_t *po = apr_pcalloc(pool, sizeof(*po));
simple_prompt_provider_baton_t *pb = apr_pcalloc(pool, sizeof(*pb));
pb->prompt_func = prompt_func;
pb->prompt_baton = prompt_baton;
pb->retry_limit = retry_limit;
po->vtable = &simple_prompt_provider;
po->provider_baton = pb;
*provider = po;
}
�
/*-----------------------------------------------------------------------*/
/* Windows simple provider, encrypts the password on Win2k and later. */
/*-----------------------------------------------------------------------*/
#ifdef WIN32
#include <wincrypt.h>
#include <apr_base64.h>
/* The description string that's combined with unencrypted data by the
Windows CryptoAPI. Used during decryption to verify that the
encrypted data were valid. */
static const WCHAR description[] = L"auth_svn.simple.wincrypt";
/* The password type used by the windows simple auth provider, passed
into simple_first_creds_helper and simple_save_creds_helper. */
static const char windows_crypto_type[] = "wincrypt";
/* Dynamically load the address of function NAME in PDLL into
PFN. Return TRUE if the function name was found, otherwise
FALSE. Equivalent to dlsym(). */
static svn_boolean_t
get_crypto_function(const char *name, HINSTANCE *pdll, FARPROC *pfn)
{
/* In case anyone wonders why we use LoadLibraryA here: This will
always work on Win9x/Me, whilst LoadLibraryW may not. */
HINSTANCE dll = LoadLibraryA("Crypt32.dll");
if (dll)
{
FARPROC fn = GetProcAddress(dll, name);
if (fn)
{
*pdll = dll;
*pfn = fn;
return TRUE;
}
FreeLibrary(dll);
}
return FALSE;
}
/* Implementation of password_set_t that encrypts the incoming
password using the Windows CryptoAPI. */
static svn_boolean_t
windows_password_encrypter(apr_hash_t *creds,
const char *realmstring,
const char *username,
const char *in,
svn_boolean_t non_interactive,
apr_pool_t *pool)
{
typedef BOOL (CALLBACK *encrypt_fn_t)
(DATA_BLOB *, /* pDataIn */
LPCWSTR, /* szDataDescr */
DATA_BLOB *, /* pOptionalEntropy */
PVOID, /* pvReserved */
CRYPTPROTECT_PROMPTSTRUCT*, /* pPromptStruct */
DWORD, /* dwFlags */
DATA_BLOB*); /* pDataOut */
HINSTANCE dll;
FARPROC fn;
encrypt_fn_t encrypt;
DATA_BLOB blobin;
DATA_BLOB blobout;
svn_boolean_t crypted;
if (!get_crypto_function("CryptProtectData", &dll, &fn))
return FALSE;
encrypt = (encrypt_fn_t) fn;
blobin.cbData = strlen(in);
blobin.pbData = (BYTE*) in;
crypted = encrypt(&blobin, description, NULL, NULL, NULL,
CRYPTPROTECT_UI_FORBIDDEN, &blobout);
if (crypted)
{
char *coded = apr_palloc(pool, apr_base64_encode_len(blobout.cbData));
apr_base64_encode(coded, blobout.pbData, blobout.cbData);
crypted = simple_password_set(creds, realmstring, username, coded,
non_interactive, pool);
LocalFree(blobout.pbData);
}
FreeLibrary(dll);
return crypted;
}
/* Implementation of password_get_t that decrypts the incoming
password using the Windows CryptoAPI and verifies its validity. */
static svn_boolean_t
windows_password_decrypter(const char **out,
apr_hash_t *creds,
const char *realmstring,
const char *username,
svn_boolean_t non_interactive,
apr_pool_t *pool)
{
typedef BOOL (CALLBACK * decrypt_fn_t)
(DATA_BLOB *, /* pDataIn */
LPWSTR *, /* ppszDataDescr */
DATA_BLOB *, /* pOptionalEntropy */
PVOID, /* pvReserved */
CRYPTPROTECT_PROMPTSTRUCT*, /* pPromptStruct */
DWORD, /* dwFlags */
DATA_BLOB*); /* pDataOut */
HINSTANCE dll;
FARPROC fn;
DATA_BLOB blobin;
DATA_BLOB blobout;
LPWSTR descr;
decrypt_fn_t decrypt;
svn_boolean_t decrypted;
char *in;
if (!simple_password_get(&in, creds, realmstring, username,
non_interactive, pool))
return FALSE;
if (!get_crypto_function("CryptUnprotectData", &dll, &fn))
return FALSE;
decrypt = (decrypt_fn_t) fn;
blobin.cbData = strlen(in);
blobin.pbData = apr_palloc(pool, apr_base64_decode_len(in));
apr_base64_decode(blobin.pbData, in);
decrypted = decrypt(&blobin, &descr, NULL, NULL, NULL,
CRYPTPROTECT_UI_FORBIDDEN, &blobout);
if (decrypted)
{
if (0 == lstrcmpW(descr, description))
*out = apr_pstrndup(pool, blobout.pbData, blobout.cbData);
else
decrypted = FALSE;
LocalFree(blobout.pbData);
}
FreeLibrary(dll);
return decrypted;
}
/* Get cached encrypted credentials from the simple provider's cache. */
static svn_error_t *
windows_simple_first_creds(void **credentials,
void **iter_baton,
void *provider_baton,
apr_hash_t *parameters,
const char *realmstring,
apr_pool_t *pool)
{
return simple_first_creds_helper(credentials,
iter_baton, provider_baton,
parameters, realmstring,
windows_password_decrypter,
SVN_AUTH__WINCRYPT_PASSWORD_TYPE,
pool);
}
/* Save encrypted credentials to the simple provider's cache. */
static svn_error_t *
windows_simple_save_creds(svn_boolean_t *saved,
void *credentials,
void *provider_baton,
apr_hash_t *parameters,
const char *realmstring,
apr_pool_t *pool)
{
return simple_save_creds_helper(saved, credentials, provider_baton,
parameters, realmstring,
windows_password_encrypter,
SVN_AUTH__WINCRYPT_PASSWORD_TYPE,
pool);
}
static const svn_auth_provider_t windows_simple_provider = {
SVN_AUTH_CRED_SIMPLE,
windows_simple_first_creds,
NULL,
windows_simple_save_creds
};
/* Public API */
void
svn_auth_get_windows_simple_provider(svn_auth_provider_object_t **provider,
apr_pool_t *pool)
{
svn_auth_provider_object_t *po = apr_pcalloc(pool, sizeof(*po));
po->vtable = &windows_simple_provider;
*provider = po;
}
#endif /* WIN32 */
�
/*-----------------------------------------------------------------------*/
/* keychain simple provider, puts passwords in the KeyChain */
/*-----------------------------------------------------------------------*/
#ifdef SVN_HAVE_KEYCHAIN_SERVICES
#include <Security/Security.h>
/*
* XXX (2005-12-07): If no GUI is available (e.g. over a SSH session),
* you won't be prompted for credentials with which to unlock your
* keychain. Apple recognizes lack of TTY prompting as a known
* problem.
*
*
* XXX (2005-12-07): SecKeychainSetUserInteractionAllowed(FALSE) does
* not appear to actually prevent all user interaction. Specifically,
* if the executable changes (for example, if it is rebuilt), the
* system prompts the user to okay the use of the new executable.
*
* Worse than that, the interactivity setting is global per app (not
* process/thread), meaning that there is a race condition in the
* implementation below between calls to
* SecKeychainSetUserInteractionAllowed() when multiple instances of
* the same Subversion auth provider-based app run concurrently.
*/
/* Implementation of password_set_t that stores the password
in the OS X KeyChain. */
static svn_boolean_t
keychain_password_set(apr_hash_t *creds,
const char *realmstring,
const char *username,
const char *password,
svn_boolean_t non_interactive,
apr_pool_t *pool)
{
OSStatus status;
SecKeychainItemRef item;
if (non_interactive)
SecKeychainSetUserInteractionAllowed(FALSE);
status = SecKeychainFindGenericPassword(NULL, strlen(realmstring),
realmstring, strlen(username),
username, 0, NULL, &item);
if (status)
{
if (status == errSecItemNotFound)
status = SecKeychainAddGenericPassword(NULL, strlen(realmstring),
realmstring, strlen(username),
username, strlen(password),
password, NULL);
}
else
{
status = SecKeychainItemModifyAttributesAndData(item, NULL,
strlen(password),
password);
CFRelease(item);
}
if (non_interactive)
SecKeychainSetUserInteractionAllowed(TRUE);
return status == 0;
}
/* Implementation of password_get_t that retrieves the password
from the OS X KeyChain. */
static svn_boolean_t
keychain_password_get(const char **password,
apr_hash_t *creds,
const char *realmstring,
const char *username,
svn_boolean_t non_interactive,
apr_pool_t *pool)
{
OSStatus status;
UInt32 length;
void *data;
if (non_interactive)
SecKeychainSetUserInteractionAllowed(FALSE);
status = SecKeychainFindGenericPassword(NULL, strlen(realmstring),
realmstring, strlen(username),
username, &length, &data, NULL);
if (non_interactive)
SecKeychainSetUserInteractionAllowed(TRUE);
if (status != 0)
return FALSE;
*password = apr_pstrmemdup(pool, data, length);
SecKeychainItemFreeContent(NULL, data);
return TRUE;
}
/* Get cached encrypted credentials from the simple provider's cache. */
static svn_error_t *
keychain_simple_first_creds(void **credentials,
void **iter_baton,
void *provider_baton,
apr_hash_t *parameters,
const char *realmstring,
apr_pool_t *pool)
{
return simple_first_creds_helper(credentials,
iter_baton, provider_baton,
parameters, realmstring,
keychain_password_get,
SVN_AUTH__KEYCHAIN_PASSWORD_TYPE,
pool);
}
/* Save encrypted credentials to the simple provider's cache. */
static svn_error_t *
keychain_simple_save_creds(svn_boolean_t *saved,
void *credentials,
void *provider_baton,
apr_hash_t *parameters,
const char *realmstring,
apr_pool_t *pool)
{
return simple_save_creds_helper(saved, credentials, provider_baton,
parameters, realmstring,
keychain_password_set,
SVN_AUTH__KEYCHAIN_PASSWORD_TYPE,
pool);
}
static const svn_auth_provider_t keychain_simple_provider = {
SVN_AUTH_CRED_SIMPLE,
keychain_simple_first_creds,
NULL,
keychain_simple_save_creds
};
/* Public API */
void
svn_auth_get_keychain_simple_provider(svn_auth_provider_object_t **provider,
apr_pool_t *pool)
{
svn_auth_provider_object_t *po = apr_pcalloc(pool, sizeof(*po));
po->vtable = &keychain_simple_provider;
*provider = po;
}
#endif /* SVN_HAVE_KEYCHAIN_SERVICES */
syntax highlighted by Code2HTML, v. 0.9.1