subversion-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Sperling <s...@elego.de>
Subject Re: subversion issue: ignore server invaild certificate in linux
Date Fri, 21 Oct 2016 06:17:35 GMT
On Fri, Oct 21, 2016 at 01:45:57PM +0800, yuan lixin wrote:
> Dear All,
>       My  program call the api "svn_auth_ssl_server_trust_prompt_func_t" in windows to
ignore server invaild certificate,
> Code like :
>        svn_client_get_ssl_server_trust_prompt_provider(
>                 &provider, onSslServerTrustPrompt, this, pool);
> 
>       *(svn_auth_provider_object_t **)apr_array_push(providers) = provider;
> 
> 
> But in linux can't run normal,and change the API :
>     typedef svn_error_t *(*svn_auth_ssl_server_trust_prompt_func_t)(
>             svn_auth_cred_ssl_server_trust_t **cred,
>             void *baton,
>             const char *realm,
>             apr_uint32_t *failures,
>             const svn_auth_ssl_server_cert_info_t *cert_info,
>             svn_boolean_t may_save,
>             apr_pool_t *pool);
> This could connect the server by "https". I write a commit on github, but the API is
release, can not change it.
> 
> My last way is this :
> change code file:"\src-trunk\subversion\libsvn_subr\ssl_server_trust_providers.c"
>        ...
>        *failures = 0;   //wj  add
>         /* If all failures are cleared now, we return the creds */
>         if (! *failures)
>         {
>               svn_auth_cred_ssl_server_trust_t *creds =
>                 apr_pcalloc(pool, sizeof(*creds));
>                   creds->may_save = FALSE; /* No need to save it again... */
>               *credentials = creds;
> 
>         }
> 
> 
> This way was deny by my leader for do not change the code of subversion, please help
me!      
> 
> Thank you
> --woodsp

Hi,

Please study the code which implements the --trust-server-cert and
--trust-server-cert-failures options of the 'svn' client. This will
provide insight.

Does your program call svn_auth_open()? When you do that you can add
your own provider. You could write a custom provider for your program
which implements the svn_auth_provider_t interface.
See svn_cmdline_create_auth_baton2() which adds SVN's built-in providers
for an example.

Regards,
Stefan

Mime
View raw message