Red Hat Bugzilla – Bug 825376
git-svn does not use svn password stores
Last modified: 2013-04-30 19:51:25 EDT
Description of problem: git-svn does not use svn password stores to remember passwords. Version-Release number of selected component (if applicable): git-svn-1.7.10.1-1.fc17.noarch How reproducible: Always. Steps to Reproduce: 1. Configure svn for a repo that requires a passphrase-protected client SSL certificate (we'll call it "https://svn.example.com/trunk") 2. svn list https://svn.example.com/trunk # asks for and remembers password using password store (e.g. kwallet) 3. git svn clone https://svn.example.com/trunk Actual results: 1. "Password:" 2. Enter password 3. Password is not remembered Expected results: 1. Prompted to unlock kwallet 2. Successfully retrieves password from kwallet Additional info: Patch here (http://permalink.gmane.org/gmane.comp.version-control.git/196403) seems to work. (In case of trouble with the link, this was posted to git AT vger.kernel.org, Apr 26, 2012, in the thread "git-svn won't remember pem password".)
Also: This patch (http://permalink.gmane.org/gmane.comp.version-control.git/196404; same thread) may be needed for gnome-keyring (which I don't use, and so can't test), and the remainder of the thread suggests that the changes have landed upstream already. (But I didn't see a hash for upstream where they can be found.)
As this is being actively worked on upstream, I don't see any reason to backport the work until it is finished and included in a release. Once that happens, we'll likely update to that release in the current Fedora. Based on that, I'm inclined to close this. Adam's been doing more of the grunt work to keep up with git releases lately though, so I'll wait for his opinion. FWIW, the commit should be in master (082afee git-svn: use platform specific auth providers). https://github.com/git/git/commit/082afee6
@Todd: I'd agree with that except for the closing the report part. IMHO, the report should be closed when a new release is available in F17. Thanks for digging up the commit hash.
Now that 1.7.11 is out (since a month ago; current micro version 1.7.11.2) which contains this stuff, perhaps it's time for an update in F17? Note that this can be considered a security issue: essentially the lack of support for platform's password stores forced git-svn users to keep the passwords in plaintext in their ~/.subversion.
git-1.7.11.2-1.fc17 has been submitted as an update for Fedora 17. https://admin.fedoraproject.org/updates/git-1.7.11.2-1.fc17
Package git-1.7.11.2-1.fc17: * should fix your issue, * was pushed to the Fedora 17 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing git-1.7.11.2-1.fc17' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2012-10903/git-1.7.11.2-1.fc17 then log in and leave karma (feedback).
git-1.7.11.2-1.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.