subversion-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "yuan lixin" <woo...@126.com>
Subject Re:Re: subversion issue: ignore server invaild certificate in linux
Date Fri, 21 Oct 2016 11:34:05 GMT
but  in the  interface "svn_auth_ssl_server_trust_prompt_func_t",  <br/>the actual parameter
is "failures", not "*failures". so it can not change <br/>the svn's failures in linux,
then can not ignore certificate.<br/>could you look at my code for a solution.<br/><br/>Thank
you<br/>--woodsp
At 2016-10-21 18:52:09, "Stefan Sperling" <stsp@elego.de> wrote:
>On Fri, Oct 21, 2016 at 06:08:45PM +0800, yuan lixin wrote:
>> Dear stefan:
>> 
>> At first, my code is using the "libsvncpp", that has its own providers, and it can
run normal in windows.
>> second, i used the svns's code to implement of downloading and uploading, not the
svn cmd line. the "--trust-server-cert” and “”--trust-server-cert-failures” is the
layer of svn.exe,but refer to the two parameter , i trace  the svn code :
>> 
>> code file:"\src-trunk\subversion\libsvn_subr\ssl_server_trust_providers.c"
>> >        ...
>> >        *failures = 0;   //wj  add
>> >         /* If all failures are cleared now, we return the creds */
>> >         if (! *failures)
>> >         {
>> >               svn_auth_cred_ssl_server_trust_t *creds =
>> >                 apr_pcalloc(pool, sizeof(*creds));
>> >                   creds->may_save = FALSE; /* No need to save it again...
*/
>> >               *credentials = creds;
>> > 
>> >         }
>> or 
>> >     typedef svn_error_t *(*svn_auth_ssl_server_trust_prompt_func_t)(
>> >             svn_auth_cred_ssl_server_trust_t **cred,
>> >             void *baton,
>> >             const char *realm,
>> >             apr_uint32_t *failures,
>> >             const svn_auth_ssl_server_cert_info_t *cert_info,
>> >             svn_boolean_t may_save,
>> >             apr_pool_t *pool);
>> 
>> but my leader ask me to do not change the svn's code, so it a problem for me. would
you help me for another adear.
>> Thank you
>> --woodsp
>> 
>> 
>
>I am not suggesting that you use svn.exe. I am suggesting that you use
>similar code in your application as svn.exe is using, and use SVN's API.
>
>Implement your own provieder with an svn_auth_ssl_server_trust_prompt_func_t
>which just sets *failures to 0. Then register that provider when you
>init the auth subsystem.
>
>It sounds like libsvncpp is managing the auth subssytem for you.
>So you may need to modify libsvncpp for this.
>
>Another and better solution might be using a valid SSL certificate ;-)
Mime
View raw message