[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

parsing of boolean config options

From: Bernd Kreuss <prof7bit_at_googlemail.com>
Date: Sat, 14 Jun 2008 17:56:54 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

i wanted to bring your attention to this posting:
http://groups.google.com/group/google-code-hosting/msg/299a2482bff24865?hl=en

in this thread:
http://groups.google.com/group/google-code-hosting/browse_thread/thread/6a2ee19dfe942096/7a39e40cf0ac8f93?hl=en&lnk=st&q=7a39e40cf0ac8f93

the main problem was it once asked for confirmation about an unknown
certificate which normally should have been automatically trusted.

After digging around in the source code to find out what the default
behavior of subversion should be I came across the following lines,
mentioned in the posting above which may not necessarily cause the
original error but seem to be a bug anyway:

subversion/libsvn_ra_neon/session.c around line 1240 and
subversion/libsvn_ra_dav/session.c around line 846

       /* See if the user wants us to trust "default" openssl CAs. */
      trust_default_ca = svn_config_get_server_setting(
               cfg, server_group,
               SVN_CONFIG_OPTION_SSL_TRUST_DEFAULT_CA,
               "true");

      if (svn_cstring_casecmp(trust_default_ca, "true") == 0)
        {
          ne_ssl_trust_default_ca(sess);
          ne_ssl_trust_default_ca(sess2);
        }

it compares the config value with the *string* "true" which does not
take into account that it also could be "yes"/"no", "1"/"0", "on"/"off"

also all default values seem to be spread around all over the code and
are sometimes even redundantly defined more than once.

Bernd

- --
private communication within hostile networks:
http://torchat.googlecode.com/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIU+pDxT6R4jlFoh0RAv/HAKDaKX4vZAZHMmf+Yq3Dq+5unA3jcwCg5BfX
TwqNdRoYSxIIiXv0cekXOu0=
=OFfe
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: dev-help_at_subversion.tigris.org
Received on 2008-06-15 03:42:50 CEST

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.