[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: [PATCH] Upgrade svn to use neon 0.19.2 & fix #625

From: Alex Holst <a_at_area51.dk>
Date: 2002-02-20 01:02:26 CET

Quoting William Uther (will=subversion@cs.cmu.edu):
> On 19/2/02 6:42 PM, "Blair Zajac" <blair@orcaware.com> wrote:
>
> > This patch replaces the previous one to neon 0.19.1.
>
> Hi,
> In the following callback function, should the user be warned? I'm just
> wondering if there should be a message: "The server seems to have an invalid
> SSL certificate. Connecting Anyway.\n".

Suggest that this produces a similar warning to OpenSSH's "changed hostkey"
detection, and that it be made a user option which by default prevents
the user from connecting to an SSL repository with an invalid cert.

        /* The host key has changed. */
        fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
        error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
        error("@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @");
        error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
        error("IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!");
        [..] 

-- 
I prefer the dark of the night, after midnight and before four-thirty,
when it's more bare, more hollow.                  http://a.area51.dk/
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sat Oct 21 14:37:09 2006

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.