[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: New auth system and hostname mismatch

From: David Waite <mass_at_akuma.org>
Date: 2003-04-22 11:11:58 CEST

Sander Striker wrote:

>>From: David Waite [mailto:mass@akuma.org]
>>Sent: Tuesday, April 22, 2003 10:48 AM
>>
>>
>
>
>
>>>My vote would be on handling wildcard certs as wildcard certs. This is
>>>clearly not a host-mismatch case, since it matches its cert.
>>>
>>>
>>I believe the original poster wanted a non-wildcard certificate to be
>>treated as a wildcard certificate.
>>
>>
>
>Ah, if that is the case, forget about my comment. Doing that would be
>a Bad Idea(tm) IMHO.
>
However, my comment in response (after thinking about the issue) may
still be valid - requiring the specification of an alternate host rather
than completely ignoring host mismatches would be more strict and thus
may be more desirable.

For his example, he could get the wildcard behavior he wants using
something like

[groups]
g1 = *.host.com

[g1]
ssl-host-override = host.com

-David Waite

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Apr 22 11:12:55 2003

This is an archived mail posted to the Subversion Dev mailing list.