"Ævar Arnfjörð Bjarmason" <avarab@xxxxxxxxx> writes:
>> On this aspect, I see no reason why we wouldn't have the passwords
>> crypt()ed or SHA1'd. Perl includes crypt() in the default
>> distribution, so it wouldn't add any dependency.
>
> It also includes Digest::SHA in the default distribution as of today:)
>
> I could add another option for allowing users to choose their password
> storage, e.g.:
>
> [gitcvs]
> password_storage = plaintext # or sha1, crypt, ...
I personally feel that selectable password storage format is going
overboard. Pick a reasonable one and use it everywhere.
Using some form of crypt is a good idea but then we would need a
separate mode of operation to gitcvs to generate user password.
$ gitcvs adduser junio
Password: ******
Retype password: ******
Added user 'junio' to .git/config
$ exit
I personally do not care about deluser or change-password subcommands,
as you can always go directly to .git/config to remove the user and
recreate anew, but adding them might be nice finishing touches.
$ gitcvs password junio
New password: ******
Retype password: ******
Changed password for user 'junio' in .git/config
$ gitcvs deluser junio
Are you sure you want to remove user 'junio' [y/N]? Y
Removed user 'junio' from .git/config
$ exit
-
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
