[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: servers "ssl-authority-files" with svn lib

From: <Kai-Uwe.Schieser_at_hydrometer.de>
Date: Thu, 21 Nov 2013 18:15:17 +0100

Hi Stefan!

Thanks for your response.
You are right. Code would make things much clearer ;-). Sorry for that.

OK. So here is the constructor of my simple client.

CODE START:

SimpleSVNClient::SimpleSVNClient(const string& configDir)
{
        if(!aprPoolInitFlag)
    {
        apr_initialize();
        apr_pool_initialize();
        aprPoolInitFlag = true;
    }
 
    m_pool = svn_pool_create(0);
 
    if(0 == m_pool)
    {
        ...error handling...
    }
 
    const char* configDir_temp = 0;
    m_configDir = configDir;
    if(configDir.length() > 0)
    {
        configDir_temp = configDir.c_str();
    }
 
    svn_config_ensure(configDir_temp, m_pool);
 
    apr_array_header_t* providers = apr_array_make(m_pool, 8,
sizeof(svn_auth_provider_object_t *));
    svn_auth_provider_object_t *provider;

    svn_client_get_simple_provider(&provider, m_pool);
    *(svn_auth_provider_object_t **)apr_array_push(providers) = provider;

    svn_client_get_username_provider(&provider, m_pool);
    *(svn_auth_provider_object_t **)apr_array_push(providers) = provider;
 
    // add ssl providers
    // file first then prompt providers
    svn_client_get_ssl_server_trust_file_provider(&provider, m_pool);
    *(svn_auth_provider_object_t **)apr_array_push(providers) = provider;

    svn_client_get_ssl_client_cert_file_provider(&provider, m_pool);
    *(svn_auth_provider_object_t **)apr_array_push(providers) = provider;

    svn_client_get_ssl_client_cert_pw_file_provider(&provider, m_pool);
    *(svn_auth_provider_object_t **)apr_array_push(providers) = provider;

    svn_auth_baton_t* ab;
    svn_auth_open(&ab, providers, m_pool);
 
    if(0 == ab)
    {
        ...error handling...
    }
 
    // initialize m_ctx structure
    svn_client_create_context(&m_ctx, m_pool);
    // get the config based on the configDir passed in
    svn_config_get_config(&m_ctx->config, configDir_temp, m_pool);
    // tell the auth functions where the config is
    svn_auth_set_parameter(ab, SVN_AUTH_PARAM_CONFIG_DIR, configDir_temp);
    m_ctx->auth_baton = ab;
}

CODE END

And here is the checkout method of the class (SVNRevision is a wrapper for
the svn_revision):

CODE START:

long int SimpleSVNClient::checkout(const string& url, const string&
destPath, const BMSVNRevision& revision,
                                    const bool recursive, const bool
ignoreExt, const SVNRevision& pegRevision)
{
    int ret;
    apr_pool_t* pool = svn_pool_create(0);
    if(0 == pool)
    {
        ...error handling...
    }
 
    const char* int_path = svn_path_internal_style(destPath.c_str(),
pool);

    svn_revnum_t revnum = 0;
    svn_error_t* err = svn_client_checkout2(&revnum, url.c_str(),
destPath.c_str(), pegRevision.getSVNRevision(),
                                            revision.getSVNRevision(),
recursive, ignoreExt, m_ctx, pool);
 
    ret = revnum;
    if(err)
   {
        ...error handling...
    }
 
    svn_pool_destroy(pool);
 
    return ret;
}

CODE END

The whole thing crashes when svn_client_checkout2 is called.
In between I set the login of course:

CODE START

void SimpleSVNClient::setLogin(const string& username, const string&
password)
{
    m_username = username;
    m_password = password;
 
    svn_auth_baton_t* ab = m_ctx->auth_baton;
    svn_auth_set_parameter(ab, SVN_AUTH_PARAM_DEFAULT_USERNAME,
m_username.c_str());
    svn_auth_set_parameter(ab, SVN_AUTH_PARAM_DEFAULT_PASSWORD,
m_password.c_str());
}

CODE END

Bye, Kai

Stefan Sperling <stsp_at_elego.de> schrieb am 21.11.2013 13:59:49:

> Von: Stefan Sperling <stsp_at_elego.de>
> An: Kai-Uwe.Schieser_at_hydrometer.de
> Kopie: users_at_subversion.apache.org
> Datum: 21.11.2013 13:59
> Betreff: Re: servers "ssl-authority-files" with svn lib
>
> On Wed, Nov 20, 2013 at 06:53:48PM +0100, Kai-
> Uwe.Schieser_at_hydrometer.de wrote:
> > Please add me to the answer list, cause I am not subscribed.
> >
> >
> > Hi there!
> >
> > I am using the binary package of Subversion library version 1.7.9 in
my
> > software project.
> > I have written a simple client that I use in an other software to
simply
> > checkout from a repository and update it to a specified revision
> > automatically.
> >
> > Due to the certificate of the server, that must be accepted by the
> > client, I set the ssl-authority-files to a local certificate file.in
the
> > servers file of subversion.
> > I tested if it works right with the Tortoise svn-client and it does
the
> > job. The entry is something like ssl-authority-files=
> > C:/svn.hostname.de.crt
> >
> > If I try to checkout with the library the whole software crashes
without
> > any error messages.
> >
> > It seems the entry in the servers file ,makes my simple client
crashing.
> > As I mentioned the Tortoise works fine with the entry
ssl-authority-files.
> >
> > The simple client library works fine, when I accepted the certificate
> > permenantly in the Tortoise before I checkout with the lib.
> >
> > Do I need to activate something in my library to ensure the proper
usage
> > of the servers file entry ssl-authority-files ?
> > I am sure the entry is evaluated, because I get an error nmessage,
when I
> > enter a wrong file name.
> >
> >
> > I hope you hava an idea. Thanks,
> > Kai
>
> It is hard to tell where the problem could be without seeing the
> source code of your client.
>
> But here's a guess: Are you seeting up authentication providers
properly?
> See the function svn_cmdline_create_auth_baton() in this file:
> https://svn.apache.org/repos/asf/subversion/trunk/subversion/
> libsvn_subr/cmdline.c

Bitte überlegen Sie, ob Sie diese Nachricht wirklich ausdrucken müssen/
before printing, think about environmental responsibility.

Hydrometer GmbH, Industriestraße 13, 91522 Ansbach
Telefon + 49 981 1806 0, Telefax +49 981 1806 615
Sitz der Gesellschaft: Ansbach, Registergericht: Ansbach HRB 69
Geschäftsführer: Frank Gutzeit (Sprecher), Dr.-Ing. Robert Westphal,
Thomas Gastner, Adam Mechel

Der Inhalt der vorstehenden E-Mail ist nicht rechtlich bindend. Diese
E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen.
Informieren Sie uns bitte, wenn Sie diese E-Mail fälschlicherweise
erhalten haben. Bitte löschen Sie in diesem Fall die Nachricht. Jede
unerlaubte Form der Reproduktion, Bekanntgabe, Änderung, Verteilung
und/oder Publikation dieser E-Mail ist strengstens untersagt.

The contents of the above mentioned e-mail is not legally binding. This
e-mail contains confidential and/or legally protected information. Please
inform us if you have received this e-mail by mistake and delete it in
such a case. Each unauthorized reproduction, disclosure, alteration,
distribution and/or publication of this e-mail is strictly prohibited.
Received on 2013-11-21 18:16:38 CET

This is an archived mail posted to the Subversion Users mailing list.