[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re:RE:subversion issue: ignore server invaild certificate in linux

From: yuan lixin <woodsp_at_126.com>
Date: Sat, 22 Oct 2016 20:26:42 +0800 (CST)

Thank you all. the issue of ignoring server invaild certificate is solved.
this is my code :

[...]
      apr_array_header_t *providers =
          apr_array_make(pool, 8, sizeof(svn_auth_provider_object_t *));
      svn_auth_provider_object_t *provider;
[...]
      svn_client_get_ssl_server_trust_prompt_provider(
                           &provider, onSslServerTrustPrompt, this, pool);
      *(svn_auth_provider_object_t **)apr_array_push(providers) = provider;
[...]
      svn_auth_baton_t *ab;
      svn_auth_open(&ab, providers, pool);
[...]

      static svn_error_t *
      onSslServerTrustPrompt(svn_auth_cred_ssl_server_trust_t **cred,
                           void *baton,
                           const char *realm,
                           apr_uint32_t failures,
                           const svn_auth_ssl_server_cert_info_t *info,
                           svn_boolean_t may_save,
                           apr_pool_t *pool)
     {
          svn_auth_cred_ssl_server_trust_t *cred_ =
                 (svn_auth_cred_ssl_server_trust_t*)
                 apr_palloc(pool, sizeof(svn_auth_cred_ssl_server_trust_t));
          cred_->may_save = 1;
          cred_->accepted_failures = acceptedFailures;
          *cred = cred_;
          return SVN_NO_ERROR;
     }

--woodsp

At 2016-10-22 04:25:51, "Bert Huijben" <bert_at_qqmail.nl> wrote:
>
>
>> -----Original Message-----
>> From: Stefan Sperling [mailto:stsp_at_elego.de]
>> Sent: vrijdag 21 oktober 2016 14:14
>> To: yuan lixin <woodsp_at_126.com>
>> Cc: users_at_subversion.apache.org
>> Subject: Re: Re: subversion issue: ignore server invaild certificate in
>linux
>>
>> On Fri, Oct 21, 2016 at 07:41:18PM +0800, yuan lixin wrote:
>> > but in the interface "svn_auth_ssl_server_trust_prompt_func_t",
>> > the actual parameter is "failures", not "*failures". so it can not
>change
>> > the svn's failures in linux, then can not ignore certificate.
>> > could you look at my code for a solution.
>> >
>> > Thank you
>> > --woodsp
>>
>> libsvn_subr gets 'failures' from the 'parameters' hash:
>
>Code shouldn't touch the failures value; they should change the
>accepted_failures in the credentials value.
>
>/** @c SVN_AUTH_CRED_SSL_SERVER_TRUST credentials. */
>typedef struct svn_auth_cred_ssl_server_trust_t
>{
> /** Indicates if the credentials may be saved (to disk). For example, a
> * GUI prompt implementation with a checkbox to accept the certificate
> * permanently shall set @a may_save to TRUE if the checkbox is checked.
> */
> svn_boolean_t may_save;
> /** Bit mask of the accepted failures */
> apr_uint32_t accepted_failures;
>} svn_auth_cred_ssl_server_trust_t;
>
>
>If svn uses a different way to change a value in the caller that is a bug
>that should be fixed there.
>
> Bert
>
Received on 2016-10-22 14:27:21 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.