Attached is a log message and a patch which adds the new options
'--password-file' and '--password-envvar'. It also adds Julians warning
to the '--password' help text.
I haven't found out yet how the test suite checks the '--password'
option. So I tested it just by hand :)
Also I added a check that stdin is specified only once. This should
probably go into a seperate patch.
This is just the first iteration of the patch. Comments welcome.
- Martin
Add the new global options '--password-file' and '--password-envvar'.
* subversion/svn/svn.c
(svn_cl__longopt_t,svn_cl__global_options): Add opt_auth_password_envvar
and opt_auth_password_file.
(svn_cl__options): Add the '--password-file' and '--password-envvar' options,
and add a warning to the '--password' option.
(sub_main): Add opt_auth_password_envvar and opt_auth_password_file,
also check for multiple use of stdin.
Index: subversion/svn/svn.c
===================================================================
--- subversion/svn/svn.c (revision 1607783)
+++ subversion/svn/svn.c (working copy)
@@ -68,6 +68,8 @@
use the short option letter as identifier. */
typedef enum svn_cl__longopt_t {
opt_auth_password = SVN_OPT_FIRST_LONGOPT_ID,
+ opt_auth_password_envvar,
+ opt_auth_password_file,
opt_auth_username,
opt_autoprops,
opt_changelist,
@@ -191,7 +193,16 @@
{"verbose", 'v', 0, N_("print extra information")},
{"show-updates", 'u', 0, N_("display update information")},
{"username", opt_auth_username, 1, N_("specify a username ARG")},
- {"password", opt_auth_password, 1, N_("specify a password ARG")},
+ {"password", opt_auth_password, 1,
+ N_("specify a password ARG (insecure: on many systems,\n"
+ " "
+ "other users can read the command-line arguments.\n"
+ " "
+ "Please use --password-file or --password-envvar.)")},
+ {"password-file", opt_auth_password_file, 1,
+ N_("read a password from the specified file ARG")},
+ {"password-envvar", opt_auth_password_envvar, 1,
+ N_("get a password from the environment variable ARG")},
{"extensions", 'x', 1,
N_("Specify differencing options for external diff or\n"
" "
@@ -423,7 +434,8 @@
command to take these arguments allows scripts to just pass them
willy-nilly to every invocation of 'svn') . */
const int svn_cl__global_options[] =
-{ opt_auth_username, opt_auth_password, opt_no_auth_cache, opt_non_interactive,
+{ opt_auth_username, opt_auth_password, opt_auth_password_file,
+ opt_auth_password_envvar, opt_no_auth_cache, opt_non_interactive,
opt_force_interactive, opt_trust_server_cert, opt_config_dir,
opt_config_options, 0
};
@@ -2018,9 +2030,16 @@
* later (if it's a log/lock message or an svn:* prop value),
* according to the value of the '--encoding' option. */
SVN_ERR(svn_utf_cstring_to_utf8(&utf8_opt_arg, opt_arg, pool));
+ if (strcmp(utf8_opt_arg, "-") == 0)
+ {
+ if (reading_file_from_stdin)
+ return svn_error_create(SVN_ERR_CL_ARG_PARSING_ERROR, NULL,
+ _("stdin ('-') must not be specified "
+ "more than once"));
+ reading_file_from_stdin = TRUE;
+ }
SVN_ERR(svn_stringbuf_from_file2(&(opt_state.filedata),
utf8_opt_arg, pool));
- reading_file_from_stdin = (strcmp(utf8_opt_arg, "-") == 0);
dash_F_arg = utf8_opt_arg;
break;
case opt_targets:
@@ -2028,6 +2047,14 @@
svn_stringbuf_t *buffer, *buffer_utf8;
SVN_ERR(svn_utf_cstring_to_utf8(&utf8_opt_arg, opt_arg, pool));
+ if (strcmp(utf8_opt_arg, "-") == 0)
+ {
+ if (reading_file_from_stdin)
+ return svn_error_create(SVN_ERR_CL_ARG_PARSING_ERROR, NULL,
+ _("stdin ('-') must not be specified "
+ "more than once"));
+ reading_file_from_stdin = TRUE;
+ }
SVN_ERR(svn_stringbuf_from_file2(&buffer, utf8_opt_arg, pool));
SVN_ERR(svn_utf_stringbuf_to_utf8(&buffer_utf8, buffer, pool));
opt_state.targets = svn_cstring_split(buffer_utf8->data, "\n\r",
@@ -2097,6 +2124,35 @@
SVN_ERR(svn_utf_cstring_to_utf8(&opt_state.auth_password,
opt_arg, pool));
break;
+ case opt_auth_password_file:
+ {
+ svn_stringbuf_t *buffer, *buffer_utf8;
+
+ SVN_ERR(svn_utf_cstring_to_utf8(&utf8_opt_arg, opt_arg, pool));
+ if (strcmp(utf8_opt_arg, "-") == 0)
+ {
+ if (reading_file_from_stdin)
+ return svn_error_create(SVN_ERR_CL_ARG_PARSING_ERROR, NULL,
+ _("stdin ('-') must not be specified "
+ "more than once"));
+ reading_file_from_stdin = TRUE;
+ }
+ SVN_ERR(svn_stringbuf_from_file2(&buffer, utf8_opt_arg, pool));
+ SVN_ERR(svn_utf_stringbuf_to_utf8(&buffer_utf8, buffer, pool));
+ opt_state.auth_password = buffer_utf8->data;
+ }
+ break;
+ case opt_auth_password_envvar:
+ {
+ char *envvar_value;
+
+ envvar_value = getenv(opt_arg);
+ if (! envvar_value)
+ envvar_value = "";
+ SVN_ERR(svn_utf_cstring_to_utf8(&opt_state.auth_password,
+ envvar_value, pool));
+ }
+ break;
case opt_encoding:
opt_state.encoding = apr_pstrdup(pool, opt_arg);
break;
