Storing client certificate and passphrase. dialog loop

[Thomas Åkesson]

Hi,

I am working on replacing CAPI with a web page that guides users through the process of storing the cert and passphrase in the Subversion auth cache. The user experience here becomes very important while moving away from the familiarity of CAPI / installing cert in Windows Personal cert store.

The process that I am envisioning:

 - Web site with OpenID Connect authentication provides a client certificate.

 - User downloads the certificate to disk, typically the Downloads folder.

 - Web page provides a link containing a tsvncmd for repobrowser pointing to the repository.

 - User gets "Open client certificate file" dialog. Selects the downloaded file with "Save client certificate path" checked. (it would be helpful if the URL could make that checkbox selected)

 - User gets a passphrase prompt, again "Save Authentication" checked.

 - The path and passphrase should now be saved and authentication works until the certificate expires.

There is instability in this process. I am consistently getting into a loop of these 2 dialogs even when providing correct p12 + passphrase. The trick is to respond once and then cancel / X the file-picker a number of times until it gives up. Then try the repobrowser again which immediately connects with stored credentials.

I know where the passphrase is saved, in "svn.ssl.client-passphrase". Where is the path to the p12 stored? I am assuming it is stored under the registry key "tigris.org". Is this a Subversion feature rather than TSVN feature? When was the registry introduced for this purpose (duplicating the servers file config)? 

After storing a passphrase, the TortoiseSVN Settings - Saved Data tab keeps the "Clear..." btn disabled under certain circumstances. I suspect it stays disabled until there is a file in svn.simple.

Thanks in advance

Thomas Å.

[Stefan]

On Wednesday, February 26, 2020 at 5:19:27 PM UTC+1, Thomas Åkesson wrote:

Hi,

I am working on replacing CAPI with a web page that guides users through the process of storing the cert and passphrase in the Subversion auth cache. The user experience here becomes very important while moving away from the familiarity of CAPI / installing cert in Windows Personal cert store.

The process that I am envisioning:

 - Web site with OpenID Connect authentication provides a client certificate.

 - User downloads the certificate to disk, typically the Downloads folder.

 - Web page provides a link containing a tsvncmd for repobrowser pointing to the repository.

 - User gets "Open client certificate file" dialog. Selects the downloaded file with "Save client certificate path" checked. (it would be helpful if the URL could make that checkbox selected)

that would be considered a security risk: never make something like this the default!

 

 - User gets a passphrase prompt, again "Save Authentication" checked.

 - The path and passphrase should now be saved and authentication works until the certificate expires.

There is instability in this process. I am consistently getting into a loop of these 2 dialogs even when providing correct p12 + passphrase. The trick is to respond once and then cancel / X the file-picker a number of times until it gives up. Then try the repobrowser again which immediately connects with stored credentials.

Since the repo browser starts multiple threads on startup to fetch the data, even if you provide the certificate on the first attempt the other threads are already running without that certificate.

So you'll get about as many dialogs on the first attempt as your computer has processor cores - that's the amount of threads that are started.

 

I know where the passphrase is saved, in "svn.ssl.client-passphrase". Where is the path to the p12 stored? I am assuming it is stored under the registry key "tigris.org". Is this a Subversion feature rather than TSVN feature? When was the registry introduced for this purpose (duplicating the servers file config)? 

After storing a passphrase, the TortoiseSVN Settings - Saved Data tab keeps the "Clear..." btn disabled under certain circumstances. I suspect it stays disabled until there is a file in svn.simple.

this is actually part of the svn library:

http://svnbook.red-bean.com/en/1.7/svn.advanced.confarea.html

Stefan