Re: RE:subversion issue: ignore server invaild certificate in linux

From: Daniel Shahaf <danielsh_at_apache.org>
Date: Sat, 22 Oct 2016 12:40:11 +0000

yuan lixin wrote on Sat, Oct 22, 2016 at 20:26:42 +0800:
> static svn_error_t *
> onSslServerTrustPrompt(svn_auth_cred_ssl_server_trust_t **cred,
> void *baton,
> const char *realm,
> apr_uint32_t failures,
> const svn_auth_ssl_server_cert_info_t *info,
> svn_boolean_t may_save,
> apr_pool_t *pool)
> {
> svn_auth_cred_ssl_server_trust_t *cred_ =
> (svn_auth_cred_ssl_server_trust_t*)
> apr_palloc(pool, sizeof(svn_auth_cred_ssl_server_trust_t));

Is this forward compatible? svn_auth_cred_ssl_server_trust_t doesn't
have a constructor function, so if the above code is permissible, then
we're not allowed to extend that struct type in minor releases.

> cred_->may_save = 1;
> cred_->accepted_failures = acceptedFailures;

You may want to do (acceptedFailures & failures) so once you switch to
a valid certificate, the cache will not record more "accepted
failures" than are required.
Received on 2016-10-22 14:42:10 CEST

This message: [ Message body ]
Next message: yuan lixin: "Re:Re:subversion issue: ignore server invaild certificate in linux"
Previous message: yuan lixin: "Re:RE:subversion issue: ignore server invaild certificate in linux"
In reply to: yuan lixin: "Re:RE:subversion issue: ignore server invaild certificate in linux"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]