Author: ivan Date: Tue Jul 26 17:14:10 2011 New Revision: 1151177 URL: http://svn.apache.org/viewvc?rev=1151177&view=rev Log: Fix two bugs in ra_serf when connecting to HTTPS repository hosted on non-standard port. 1. ra_serf complains that server certificate doesn't match hostname. 2. XML parsing failed: (400 Bad Request) error when working with SNI enabled server. http://svn.haxx.se/users/archive-2011-07/0404.shtml
* subversion/libsvn_ra_serf/ra_serf.h (svn_ra_serf__connection_t): Rename HOSTINFO to HOSTNAME. * subversion/libsvn_ra_serf/serf.c (svn_ra_serf__open): Store hostname in connection object, not hostinfo. * subversion/libsvn_ra_serf/update.c (open_connection_if_needed): Update to reflect rename. * subversion/libsvn_ra_serf/util.c (ssl_server_cert): Use hostname for validating SSL certificate. (conn_setup): Pass hostname to serf_ssl_set_hostname(). Modified: subversion/trunk/subversion/libsvn_ra_serf/ra_serf.h subversion/trunk/subversion/libsvn_ra_serf/serf.c subversion/trunk/subversion/libsvn_ra_serf/update.c subversion/trunk/subversion/libsvn_ra_serf/util.c Modified: subversion/trunk/subversion/libsvn_ra_serf/ra_serf.h URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_ra_serf/ra_serf.h?rev=1151177&r1=1151176&r2=1151177&view=diff ============================================================================== --- subversion/trunk/subversion/libsvn_ra_serf/ra_serf.h (original) +++ subversion/trunk/subversion/libsvn_ra_serf/ra_serf.h Tue Jul 26 17:14:10 2011 @@ -74,7 +74,7 @@ typedef struct svn_ra_serf__connection_t serf_bucket_alloc_t *bkt_alloc; /* Host name */ - const char *hostinfo; + const char *hostname; /* Are we using ssl */ svn_boolean_t using_ssl; Modified: subversion/trunk/subversion/libsvn_ra_serf/serf.c URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_ra_serf/serf.c?rev=1151177&r1=1151176&r2=1151177&view=diff ============================================================================== --- subversion/trunk/subversion/libsvn_ra_serf/serf.c (original) +++ subversion/trunk/subversion/libsvn_ra_serf/serf.c Tue Jul 26 17:14:10 2011 @@ -402,7 +402,7 @@ svn_ra_serf__open(svn_ra_session_t *sess serf_sess->conns[0]->using_ssl = serf_sess->using_ssl; serf_sess->conns[0]->using_compression = serf_sess->using_compression; - serf_sess->conns[0]->hostinfo = url.hostinfo; + serf_sess->conns[0]->hostname = url.hostname; serf_sess->conns[0]->useragent = NULL; /* create the user agent string */ Modified: subversion/trunk/subversion/libsvn_ra_serf/update.c URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_ra_serf/update.c?rev=1151177&r1=1151176&r2=1151177&view=diff ============================================================================== --- subversion/trunk/subversion/libsvn_ra_serf/update.c (original) +++ subversion/trunk/subversion/libsvn_ra_serf/update.c Tue Jul 26 17:14:10 2011 @@ -2214,7 +2214,7 @@ open_connection_if_needed(svn_ra_serf__s sess->conns[cur] = apr_palloc(sess->pool, sizeof(*sess->conns[cur])); sess->conns[cur]->bkt_alloc = serf_bucket_allocator_create(sess->pool, NULL, NULL); - sess->conns[cur]->hostinfo = sess->conns[0]->hostinfo; + sess->conns[cur]->hostname = sess->conns[0]->hostname; sess->conns[cur]->using_ssl = sess->conns[0]->using_ssl; sess->conns[cur]->using_compression = sess->conns[0]->using_compression; sess->conns[cur]->useragent = sess->conns[0]->useragent; Modified: subversion/trunk/subversion/libsvn_ra_serf/util.c URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_ra_serf/util.c?rev=1151177&r1=1151176&r2=1151177&view=diff ============================================================================== --- subversion/trunk/subversion/libsvn_ra_serf/util.c (original) +++ subversion/trunk/subversion/libsvn_ra_serf/util.c Tue Jul 26 17:14:10 2011 @@ -302,7 +302,7 @@ ssl_server_cert(void *baton, int failure int i; for (i = 0; i < san->nelts; i++) { char *s = APR_ARRAY_IDX(san, i, char*); - if (apr_fnmatch(s, conn->hostinfo, + if (apr_fnmatch(s, conn->hostname, APR_FNM_PERIOD) == APR_SUCCESS) { found_matching_hostname = 1; cert_info.hostname = s; @@ -314,7 +314,7 @@ ssl_server_cert(void *baton, int failure /* Match server certificate CN with the hostname of the server */ if (!found_matching_hostname && cert_info.hostname) { - if (apr_fnmatch(cert_info.hostname, conn->hostinfo, + if (apr_fnmatch(cert_info.hostname, conn->hostname, APR_FNM_PERIOD) == APR_FNM_NOMATCH) { svn_failures |= SVN_AUTH_SSL_CNMISMATCH; @@ -428,7 +428,7 @@ conn_setup(apr_socket_t *sock, conn->ssl_context = serf_bucket_ssl_encrypt_context_get(*read_bkt); #if SERF_VERSION_AT_LEAST(1,0,0) - serf_ssl_set_hostname(conn->ssl_context, conn->hostinfo); + serf_ssl_set_hostname(conn->ssl_context, conn->hostname); #endif serf_ssl_client_cert_provider_set(conn->ssl_context,