Thank you all. the issue of ignoring server invaild certificate is solved.
this is my code :
[...]
apr_array_header_t *providers =
apr_array_make(pool, 8, sizeof(svn_auth_provider_object_t *));
svn_auth_provider_object_t *provider;
[...]
svn_client_get_ssl_server_trust_prompt_provider(
&provider, onSslServerTrustPrompt, this, pool);
*(svn_auth_provider_object_t **)apr_array_push(providers) = provider;
[...]
svn_auth_baton_t *ab;
svn_auth_open(&ab, providers, pool);
[...]
static svn_error_t *
onSslServerTrustPrompt(svn_auth_cred_ssl_server_trust_t **cred,
void *baton,
const char *realm,
apr_uint32_t failures,
const svn_auth_ssl_server_cert_info_t *info,
svn_boolean_t may_save,
apr_pool_t *pool)
{
svn_auth_cred_ssl_server_trust_t *cred_ =
(svn_auth_cred_ssl_server_trust_t*)
apr_palloc(pool, sizeof(svn_auth_cred_ssl_server_trust_t));
cred_->may_save = 1;
cred_->accepted_failures = acceptedFailures;
*cred = cred_;
return SVN_NO_ERROR;
}
--woodsp
At 2016-10-22 04:25:51, "Bert Huijben" <bert_at_qqmail.nl> wrote:
>
>
>> -----Original Message-----
>> From: Stefan Sperling [mailto:stsp_at_elego.de]
>> Sent: vrijdag 21 oktober 2016 14:14
>> To: yuan lixin <woodsp_at_126.com>
>> Cc: users_at_subversion.apache.org
>> Subject: Re: Re: subversion issue: ignore server invaild certificate in
>linux
>>
>> On Fri, Oct 21, 2016 at 07:41:18PM +0800, yuan lixin wrote:
>> > but in the interface "svn_auth_ssl_server_trust_prompt_func_t",
>> > the actual parameter is "failures", not "*failures". so it can not
>change
>> > the svn's failures in linux, then can not ignore certificate.
>> > could you look at my code for a solution.
>> >
>> > Thank you
>> > --woodsp
>>
>> libsvn_subr gets 'failures' from the 'parameters' hash:
>
>Code shouldn't touch the failures value; they should change the
>accepted_failures in the credentials value.
>
>/** @c SVN_AUTH_CRED_SSL_SERVER_TRUST credentials. */
>typedef struct svn_auth_cred_ssl_server_trust_t
>{
> /** Indicates if the credentials may be saved (to disk). For example, a
> * GUI prompt implementation with a checkbox to accept the certificate
> * permanently shall set @a may_save to TRUE if the checkbox is checked.
> */
> svn_boolean_t may_save;
> /** Bit mask of the accepted failures */
> apr_uint32_t accepted_failures;
>} svn_auth_cred_ssl_server_trust_t;
>
>
>If svn uses a different way to change a value in the caller that is a bug
>that should be fixed there.
>
> Bert
>
Received on 2016-10-22 14:27:21 CEST