On Fri, Oct 21, 2016 at 01:45:57PM +0800, yuan lixin wrote:
> Dear All,
> My program call the api "svn_auth_ssl_server_trust_prompt_func_t" in
> windows to ignore server invaild certificate,
> Code like :
> svn_client_get_ssl_server_trust_prompt_provider(
> &provider, onSslServerTrustPrompt, this, pool);
>
> *(svn_auth_provider_object_t **)apr_array_push(providers) = provider;
>
>
> But in linux can't run normal,and change the API :
> typedef svn_error_t *(*svn_auth_ssl_server_trust_prompt_func_t)(
> svn_auth_cred_ssl_server_trust_t **cred,
> void *baton,
> const char *realm,
> apr_uint32_t *failures,
> const svn_auth_ssl_server_cert_info_t *cert_info,
> svn_boolean_t may_save,
> apr_pool_t *pool);
> This could connect the server by "https". I write a commit on github, but the
> API is release, can not change it.
>
> My last way is this :
> change code
> file:"\src-trunk\subversion\libsvn_subr\ssl_server_trust_providers.c"
> ...
> *failures = 0; //wj add
> /* If all failures are cleared now, we return the creds */
> if (! *failures)
> {
> svn_auth_cred_ssl_server_trust_t *creds =
> apr_pcalloc(pool, sizeof(*creds));
> creds->may_save = FALSE; /* No need to save it again... */
> *credentials = creds;
>
> }
>
>
> This way was deny by my leader for do not change the code of subversion,
> please help me!
>
> Thank you
> --woodsp
Hi,
Please study the code which implements the --trust-server-cert and
--trust-server-cert-failures options of the 'svn' client. This will
provide insight.
Does your program call svn_auth_open()? When you do that you can add
your own provider. You could write a custom provider for your program
which implements the svn_auth_provider_t interface.
See svn_cmdline_create_auth_baton2() which adds SVN's built-in providers
for an example.
Regards,
Stefan
