1 files changed, 76 insertions, 16 deletions

diff --git a/subversion/include/svn_auth.h b/subversion/include/svn_auth.h
index 04165aa..3e9f45e 100644
--- a/subversion/include/svn_auth.h
+++ b/subversion/include/svn_auth.h
@@ -416,8 +416,8 @@ typedef svn_error_t *(*svn_auth_username_prompt_func_t)(
 #define SVN_AUTH_SSL_CNMISMATCH  0x00000004
 /** @brief Certificate authority is unknown (i.e. not trusted) */
 #define SVN_AUTH_SSL_UNKNOWNCA   0x00000008
-/** @brief Other failure. This can happen if neon has introduced a new
- * failure bit that we do not handle yet. */
+/** @brief Other failure. This can happen if an unknown failure occurs
+ * that we do not handle yet. */
 #define SVN_AUTH_SSL_OTHER       0x40000000
 /** @} */
 
@@ -569,11 +569,11 @@ svn_auth_get_parameter(svn_auth_baton_t *auth_baton,
 
 /**
  * @name Default credentials defines
- * Any 'default' credentials that came in through the application itself,
- * (e.g. --username and --password options). Property values are
- * const char *.
+ * Property values are const char *.
  * @{ */
+/** Default username provided by the application itself (e.g. --username) */
 #define SVN_AUTH_PARAM_DEFAULT_USERNAME  SVN_AUTH_PARAM_PREFIX "username"
+/** Default password provided by the application itself (e.g. --password) */
 #define SVN_AUTH_PARAM_DEFAULT_PASSWORD  SVN_AUTH_PARAM_PREFIX "password"
 /** @} */
 
@@ -590,19 +590,25 @@ svn_auth_get_parameter(svn_auth_baton_t *auth_baton,
 
 /** @brief Indicates whether providers may save passwords to disk in
  * plaintext. Property value can be either SVN_CONFIG_TRUE,
- * SVN_CONFIG_FALSE, or SVN_CONFIG_ASK. */
+ * SVN_CONFIG_FALSE, or SVN_CONFIG_ASK.
+ * @since New in 1.6.
+ */
 #define SVN_AUTH_PARAM_STORE_PLAINTEXT_PASSWORDS  SVN_AUTH_PARAM_PREFIX \
                                                   "store-plaintext-passwords"
 
 /** @brief The application doesn't want any providers to save passphrase
  * to disk. Property value is irrelevant; only property's existence
- * matters. */
+ * matters.
+ * @since New in 1.6.
+ */
 #define SVN_AUTH_PARAM_DONT_STORE_SSL_CLIENT_CERT_PP \
   SVN_AUTH_PARAM_PREFIX "dont-store-ssl-client-cert-pp"
 
 /** @brief Indicates whether providers may save passphrase to disk in
  * plaintext. Property value can be either SVN_CONFIG_TRUE,
- * SVN_CONFIG_FALSE, or SVN_CONFIG_ASK. */
+ * SVN_CONFIG_FALSE, or SVN_CONFIG_ASK.
+ * @since New in 1.6.
+ */
 #define SVN_AUTH_PARAM_STORE_SSL_CLIENT_CERT_PP_PLAINTEXT \
   SVN_AUTH_PARAM_PREFIX "store-ssl-client-cert-pp-plaintext"
 
@@ -622,9 +628,15 @@ svn_auth_get_parameter(svn_auth_baton_t *auth_baton,
 #define SVN_AUTH_PARAM_SSL_SERVER_CERT_INFO SVN_AUTH_PARAM_PREFIX \
   "ssl:cert-info"
 
-/** Some providers need access to the @c svn_config_t configuration. */
-#define SVN_AUTH_PARAM_CONFIG_CATEGORY_CONFIG SVN_AUTH_PARAM_PREFIX "config-category-config"
-#define SVN_AUTH_PARAM_CONFIG_CATEGORY_SERVERS SVN_AUTH_PARAM_PREFIX "config-category-servers"
+/** This provides a pointer to a @c svn_config_t containting the config
+ * category. */
+#define SVN_AUTH_PARAM_CONFIG_CATEGORY_CONFIG SVN_AUTH_PARAM_PREFIX \
+  "config-category-config"
+
+/** This provides a pointer to a @c svn_config_t containting the servers
+ * category. */
+#define SVN_AUTH_PARAM_CONFIG_CATEGORY_SERVERS SVN_AUTH_PARAM_PREFIX \
+  "config-category-servers"
 
 /** @deprecated Provided for backward compatibility with the 1.5 API. */
 #define SVN_AUTH_PARAM_CONFIG SVN_AUTH_PARAM_CONFIG_CATEGORY_SERVERS
@@ -683,6 +695,28 @@ svn_error_t *
 svn_auth_save_credentials(svn_auth_iterstate_t *state,
                           apr_pool_t *pool);
 
+/** Forget a set (or all) memory-cached credentials.
+ *
+ * Remove references (if any) in @a auth_baton to credentials cached
+ * therein.  If @a cred_kind and @a realmstring are non-NULL, forget
+ * only the credentials associated with those credential types and
+ * realm.  Otherwise @a cred_kind and @a realmstring must both be
+ * NULL, and this function will forget all credentials cached within
+ * @a auth_baton.
+ *
+ * @note This function does not affect persisted authentication
+ * credential storage at all.  It is merely a way to cause Subversion
+ * to forget about credentials already fetched from a provider,
+ * forcing them to be fetched again later should they be required.
+ *
+ * @since New in 1.8.
+ */
+svn_error_t *
+svn_auth_forget_credentials(svn_auth_baton_t *auth_baton,
+                            const char *cred_kind,
+                            const char *realmstring,
+                            apr_pool_t *pool);
+
 /** @} */
 
 /** Set @a *provider to an authentication provider of type
@@ -785,8 +819,8 @@ svn_auth_get_simple_provider(svn_auth_provider_object_t **provider,
  * svn_auth_provider_object_t, or return @c NULL if the provider is not
  * available for the requested platform or the requested provider is unknown.
  *
- * Valid @a provider_name values are: "gnome_keyring", "keychain", "kwallet"
- * and "windows".
+ * Valid @a provider_name values are: "gnome_keyring", "keychain", "kwallet",
+ * "gpg_agent", and "windows".
  *
  * Valid @a provider_type values are: "simple", "ssl_client_cert_pw" and
  * "ssl_server_trust".
@@ -820,7 +854,8 @@ svn_auth_get_platform_specific_provider(
  *   1. gnome-keyring
  *   2. kwallet
  *   3. keychain
- *   4. windows-cryptoapi
+ *   4. gpg-agent
+ *   5. windows-cryptoapi
  *
  * @since New in 1.6.
  */
@@ -931,7 +966,10 @@ svn_auth_get_keychain_ssl_client_cert_pw_provider(
   apr_pool_t *pool);
 #endif /* DARWIN || DOXYGEN */
 
-#if (!defined(DARWIN) && !defined(WIN32)) || defined(DOXYGEN)
+/* Note that the gnome keyring unlock prompt related items below must be
+ * declared for all platforms in order to allow SWIG interfaces to be
+ * used regardless of the platform. */
+
 /** A type of callback function for obtaining the GNOME Keyring password.
  *
  * In this callback, the client should ask the user for default keyring
@@ -961,7 +999,7 @@ typedef svn_error_t *(*svn_auth_gnome_keyring_unlock_prompt_func_t)(
  * @c *SVN_AUTH_PARAM_GNOME_KEYRING_UNLOCK_PROMPT_FUNC. */
 #define SVN_AUTH_PARAM_GNOME_KEYRING_UNLOCK_PROMPT_BATON "gnome-keyring-unlock-prompt-baton"
 
-
+#if (!defined(DARWIN) && !defined(WIN32)) || defined(DOXYGEN)
 /**
  * Get libsvn_auth_gnome_keyring version information.
  *
@@ -1071,6 +1109,28 @@ svn_auth_get_kwallet_ssl_client_cert_pw_provider(
   apr_pool_t *pool);
 #endif /* (!DARWIN && !WIN32) || DOXYGEN */
 
+#if !defined(WIN32) || defined(DOXYGEN)
+/**
+ * Set @a *provider to an authentication provider of type @c
+ * svn_auth_cred_simple_t that gets/sets information from the user's
+ * ~/.subversion configuration directory.
+ *
+ * This is like svn_client_get_simple_provider(), except that the
+ * password is obtained from gpg_agent, which will keep it in
+ * a memory cache.
+ *
+ * Allocate @a *provider in @a pool.
+ *
+ * @since New in 1.8
+ * @note This function actually works only on systems with
+ * GNU Privacy Guard installed.
+ */
+void
+svn_auth_get_gpg_agent_simple_provider
+    (svn_auth_provider_object_t **provider,
+     apr_pool_t *pool);
+#endif /* !defined(WIN32) || defined(DOXYGEN) */
+
 
 /** Set @a *provider to an authentication provider of type @c
  * svn_auth_cred_username_t that gets/sets information from a user's