On Thursday 18 August 2011 06:46 PM, Daniel Shahaf wrote:
I tried your patch against https://svn.eu.apache.org/repos/asf/subversion/README
(which uses a non-self-signed cert, but rather one for which the cert's
hostname differs from the URI's hostname), and it didn't seem to work:
[[[
./tools/examples/get-location-segments.py
https://svn.eu.apache.org/repos/asf/subversion/README
Untrusted cert details are as follows:
--------------------------------------
Issuer : 07969287, http://certificates.godaddy.com/repository, GoDaddy.com,
Inc., Scottsdale, Arizona, US
Hostname : svn.apache.org
ValidFrom : Thu, 13 Nov 2008 18:56:12 GMT
ValidUpto : Thu, 26 Jan 2012 14:18:55 GMT
Fingerprint: cc:54:a4:a9:ec:3a:9b:1c:23:ac:2d:57:c6:96:9f:5f:4a:1d:2d:86
accept (t)temporarily (p)permanently: t
Traceback (most recent call last):
File "./tools/examples/get-location-segments.py", line 147, in<module>
main()
File "./tools/examples/get-location-segments.py", line 142, in main
ra_session = ra.open(url, ra_callbacks, None, ctx.config)
File "/usr/lib/pymodules/python2.6/libsvn/ra.py", line 534, in svn_ra_open
return _ra.svn_ra_open(*args)
svn.core.SubversionException: ("OPTIONS of
'https://svn.eu.apache.org/repos/asf/subversion/README': Server certificate verification
failed: certificate issued for a different hostname (https://svn.eu.apache.org)",
175002)
zsh: exit 1 ./tools/examples/get-location-segments.py
]]]
What am I missing?
I did not consider this scenario while giving this patch... And this
patch does not intend to solve this issue.
--Prabhu
