[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Client certificates - JavaHL not prompting for file/password?

From: Brian Clarke <bpclarke_at_gmail.com>
Date: 2005-08-15 18:48:23 CEST

Hi Patrick-
Hope your move went well...Just wanted to follow up and see if you'd
had a chance to take a look at this issue - JavaHL not exercising the
prompting callback for the client certificate password.

Mark: I'm working on the test server idea...
-Brian
 

On 8/2/05, Patrick Mayweg <mayweg@qint.de> wrote:
> Hi Ben.
>
> Ben Collins-Sussman wrote:
>
> >
> > On Jul 21, 2005, at 10:46 AM, Mark Phippard wrote:
> >
> >> Brian Clarke <brian_p_clarke@yahoo.com> wrote on 07/21/2005 11:42:03
> >> AM:
> >>
> >>
> >>> [It'd be fine to configure the client cert file
> >>> location and have Subclipse prompt the user for the
> >>> password (say once per Eclipse dev "session").]
> >>>
> >>
> >> I asked Brian to post this. I think it is a JavaHL bug. We have
> >> registered a prompting interface with JavaHL so that we can provide
> >> a GUI
> >> to prompt the user when needed. This works for normal username and
> >> password, as well as accepting server certificate. I think that JavaHL
> >> just needs to be enhanced to use this interface in this scenario as
> >> well.
> >
> >
> > Your analysis sounds correct to me. If you think of javahl as an
> > 'application' using the libsvn_client API, it seems that you've not
> > fully utilized the svn_auth.h API here, the way 'svn' or tortoisesvn
> > has done. I think you need to register another prompting callback
> > somewhere. I can help if you have questions.
>
> If you known which callback, that would help me.
>
> >
> > I wouldn't call this a 'bug', so much as an 'incomplete client'.
> > You're welcome to file it as an enhancement. Perhaps Mark Phippard
> > or Patrick Mayweg will volunteer to fix this in javahl? (Who's
> > maintaining javahl these days?)
>
> I think I am still maintain it. Unfortunately I am moving to a new
> aparment the upcomimg weekend. That why I did not have time to do
> anything for javahl in the last weeks. I hope I will be able to work on
> the open issues one weekend later.
>
> >
> >
> >>
> >> There is also another bug I have posted to this list where if we use
> >> the
> >> Accept Temporary option on a server certificate it doesn't really work
> >> correctly. The initial request succeeds, but all subsequent requests
> >> fail.
> >
> >
> > That's suspicious -- sounds like the svn_auth.h API is being used
> > incorrectly somewhere.
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
> > For additional commands, e-mail: dev-help@subversion.tigris.org
> >
> Patrick Mayweg
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
> For additional commands, e-mail: dev-help@subversion.tigris.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Mon Aug 15 18:49:12 2005

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.