On 21.10.2016 13:34, yuan lixin wrote:
> but in the interface "svn_auth_ssl_server_trust_prompt_func_t", <br/>the
> actual parameter is "failures", not "*failures". so it can not change
> <br/>the svn's failures in linux, then can not ignore certificate.
The svn_auth_ssl_server_trust_prompt_func_t function must return an
svn_auth_cred_ssl_server_trust_t structure, which has a member
accepted_failures; set that to the value of the incoming failures
parameter and may_save to FALSE and you're done. See
svn_cmdline_auth_ssl_server_trust_prompt() in
subversion/libsvn_subr/prompt.c.
This is all documented in the headers, see include/svn_auth.h.
> could you look at my code for a solution.
You've already been told that changing a public API is not acceptable.
-- Brane
> At 2016-10-21 18:52:09, "Stefan Sperling" <s...@elego.de> wrote:
>> On Fri, Oct 21, 2016 at 06:08:45PM +0800, yuan lixin wrote:
>>> Dear stefan:
>>>
>>> At first, my code is using the "libsvncpp", that has its own providers, and
>>> it can run normal in windows.
>>> second, i used the svns's code to implement of downloading and uploading,
>>> not the svn cmd line. the "--trust-server-cert” and
>>> “”--trust-server-cert-failures” is the layer of svn.exe,but refer to the
>>> two parameter , i trace the svn code :
>>>
>>> code file:"\src-trunk\subversion\libsvn_subr\ssl_server_trust_providers.c"
>>>> ...
>>>> *failures = 0; //wj add
>>>> /* If all failures are cleared now, we return the creds */
>>>> if (! *failures)
>>>> {
>>>> svn_auth_cred_ssl_server_trust_t *creds =
>>>> apr_pcalloc(pool, sizeof(*creds));
>>>> creds->may_save = FALSE; /* No need to save it again...
>>>> */
>>>> *credentials = creds;
>>>>
>>>> }
>>> or
>>>> typedef svn_error_t *(*svn_auth_ssl_server_trust_prompt_func_t)(
>>>> svn_auth_cred_ssl_server_trust_t **cred,
>>>> void *baton,
>>>> const char *realm,
>>>> apr_uint32_t *failures,
>>>> const svn_auth_ssl_server_cert_info_t *cert_info,
>>>> svn_boolean_t may_save,
>>>> apr_pool_t *pool);
>>> but my leader ask me to do not change the svn's code, so it a problem for
>>> me. would you help me for another adear.
>>> Thank you
>>> --woodsp
>>>
>>>
>> I am not suggesting that you use svn.exe. I am suggesting that you use
>> similar code in your application as svn.exe is using, and use SVN's API.
>>
>> Implement your own provieder with an svn_auth_ssl_server_trust_prompt_func_t
>> which just sets *failures to 0. Then register that provider when you
>> init the auth subsystem.
>>
>> It sounds like libsvncpp is managing the auth subssytem for you.
>> So you may need to modify libsvncpp for this.
>>
>> Another and better solution might be using a valid SSL certificate ;-)
