[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: strange reaction from post-commit hook

From: Ryan Schmidt <subversion-2009b_at_ryandesign.com>
Date: Fri, 5 Jun 2009 00:51:24 -0500

On Jun 5, 2009, at 00:21, J. Bakshi wrote:

> Thanks for your kind guidance. This time I have created a new
> folder and
> chekout the repo within that folder . Then I did some modification in
> the "newfile" and tried to commit. As you expected there is no such
> errors as before. The repo has been updated BUT post-commit failed
> with
>
> ``````````````````````````````````````````````````````````````````````
> ````
> Sending newfile
> Transmitting file data .
> Committed revision 36.
>
> Warning: 'post-commit' hook failed with error output:
> Error validating server certificate for 'https://192.168.1.1:443':
> - The certificate is not issued by a trusted authority. Use the
> fingerprint to validate the certificate manually!
> - The certificate hostname does not match.
> Certificate information:
> - Hostname: gateway.clarkconnect.lan
> - Valid: from Jul 8 05:19:27 2008 GMT until Jul 6 05:19:27 2018 GMT
> - Issuer: Typo3, Kolkata Infoservices Pvt Ltd, Kolkata, West
> Bengal, IN
> - Fingerprint: 10:ea:91:68:4e:46:c8:71:5b:d6:98:db:38:2a:cb:
> 12:b2:bd:61:15
> (R)eject, accept (t)emporarily or accept (p)ermanently? svn: PROPFIND
> request failed on '/repos/test'
> svn: PROPFIND of '/repos/test': Server certificate verification
> failed:
> certificate issued for a different hostname, issuer is not trusted
> (https://192.168.1.1)
>
> ``````````````````````````````````````````````````````````````````````
> ````````````
>
> Surprisingly svn list https://192.168.1.1/repos/test with out
> any
> hitch.

Your user, the one you're running "svn list" as, has already accepted
the certificate, but the user the hook is running as (the apache
user) has not done this. The apache user probably doesn't even have a
home directory, thus no .subversion directory inside it and no place
to store information about accepted certificates.

There's really no need for the hook's working copy to be checked out
from https, or even http. Just check out from the repository directly
using the file:/// protocol. It'll be faster since you can bypass
apache completely. You can check out a new working copy and replace
the one currently in POSTCOMMIT, or relocate the one in POSTCOMMIT
using "svn switch --relocate".

------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=2359601

To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
Received on 2009-06-05 07:52:33 CEST

This is an archived mail posted to the Subversion Users mailing list.