subversion-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "yuan lixin" <woo...@126.com>
Subject Re:RE:subversion issue: ignore server invaild certificate in linux
Date Sat, 22 Oct 2016 12:26:42 GMT
Thank you all. the issue of ignoring server invaild certificate is solved.
this is my code :

[...]
      apr_array_header_t *providers =
          apr_array_make(pool, 8, sizeof(svn_auth_provider_object_t *));
      svn_auth_provider_object_t *provider;
[...]
      svn_client_get_ssl_server_trust_prompt_provider(
                           &provider, onSslServerTrustPrompt, this, pool);
      *(svn_auth_provider_object_t **)apr_array_push(providers) = provider;
[...]
      svn_auth_baton_t *ab;
      svn_auth_open(&ab, providers, pool);
[...]

      static svn_error_t *
      onSslServerTrustPrompt(svn_auth_cred_ssl_server_trust_t **cred,
                           void *baton,
                           const char *realm,
                           apr_uint32_t failures,
                           const svn_auth_ssl_server_cert_info_t *info,
                           svn_boolean_t may_save,
                           apr_pool_t *pool)
     {
          svn_auth_cred_ssl_server_trust_t *cred_ =
                 (svn_auth_cred_ssl_server_trust_t*)
                 apr_palloc(pool, sizeof(svn_auth_cred_ssl_server_trust_t));
          cred_->may_save = 1;
          cred_->accepted_failures = acceptedFailures;
          *cred = cred_;
          return SVN_NO_ERROR;
     }



--woodsp









At 2016-10-22 04:25:51, "Bert Huijben" <bert@qqmail.nl> wrote:
>
>
>> -----Original Message-----
>> From: Stefan Sperling [mailto:stsp@elego.de]
>> Sent: vrijdag 21 oktober 2016 14:14
>> To: yuan lixin <woodsp@126.com>
>> Cc: users@subversion.apache.org
>> Subject: Re: Re: subversion issue: ignore server invaild certificate in
>linux
>> 
>> On Fri, Oct 21, 2016 at 07:41:18PM +0800, yuan lixin wrote:
>> > but in the interface "svn_auth_ssl_server_trust_prompt_func_t",
>> > the actual parameter is "failures", not "*failures".  so it can not
>change
>> > the svn's failures in linux, then can not ignore certificate.
>> > could you look at my code for a solution.
>> >
>> > Thank you
>> > --woodsp
>> 
>> libsvn_subr gets 'failures' from the 'parameters' hash:
>
>Code shouldn't touch the failures value; they should change the
>accepted_failures in the credentials value. 
>
>/** @c SVN_AUTH_CRED_SSL_SERVER_TRUST credentials. */
>typedef struct svn_auth_cred_ssl_server_trust_t
>{
>  /** Indicates if the credentials may be saved (to disk). For example, a
>   * GUI prompt implementation with a checkbox to accept the certificate
>   * permanently shall set @a may_save to TRUE if the checkbox is checked.
>   */
>  svn_boolean_t may_save;
>  /** Bit mask of the accepted failures */
>  apr_uint32_t accepted_failures;
>} svn_auth_cred_ssl_server_trust_t;
>
>
>If svn uses a different way to change a value in the caller that is a bug
>that should be fixed there.
>
>	Bert
>
Mime
View raw message