--- subversion-1.2.1/subversion/include/svn_config.h Wed Apr 6 14:21:33 2005
+++ subversion-1.2.1/subversion/include/svn_config_dr.h Sun Sep 11 13:57:26 2005
@@ -69,6 +69,7 @@
#define SVN_CONFIG_OPTION_SSL_TRUST_DEFAULT_CA "ssl-trust-default-ca"
#define SVN_CONFIG_OPTION_SSL_CLIENT_CERT_FILE "ssl-client-cert-file"
#define SVN_CONFIG_OPTION_SSL_CLIENT_CERT_PASSWORD "ssl-client-cert-password"
+#define SVN_CONFIG_OPTION_SSL_CLIENT_CERTS "ssl-client-certs"
#define SVN_CONFIG_CATEGORY_CONFIG "config"
#define SVN_CONFIG_SECTION_AUTH "auth"
--- subversion-1.2.1/subversion/libsvn_ra_dav/session.c Fri Jul 1 17:02:13 2005
+++ subversion-1.2.1/subversion/libsvn_ra_dav/session_dr.c Sun Sep 11 13:57:04 2005
@@ -362,6 +362,7 @@
int *timeout_seconds,
int *neon_debug,
svn_boolean_t *compression,
+ svn_boolean_t *client_certs,
svn_config_t *cfg,
const char *requested_host,
apr_pool_t *pool)
@@ -401,6 +402,8 @@
SVN_CONFIG_OPTION_HTTP_TIMEOUT, NULL);
SVN_ERR(svn_config_get_bool(cfg, compression, SVN_CONFIG_SECTION_GLOBAL,
SVN_CONFIG_OPTION_HTTP_COMPRESSION, TRUE));
+ SVN_ERR(svn_config_get_bool(cfg, client_certs, SVN_CONFIG_SECTION_GLOBAL,
+ SVN_CONFIG_OPTION_SSL_CLIENT_CERTS, TRUE));
svn_config_get(cfg, &debug_str, SVN_CONFIG_SECTION_GLOBAL,
SVN_CONFIG_OPTION_NEON_DEBUG_MASK, NULL);
}
@@ -426,6 +429,9 @@
SVN_ERR(svn_config_get_bool(cfg, compression, server_group,
SVN_CONFIG_OPTION_HTTP_COMPRESSION,
*compression));
+ SVN_ERR(svn_config_get_bool(cfg, client_certs, server_group,
+ SVN_CONFIG_OPTION_SSL_CLIENT_CERTS,
+ *client_certs));
svn_config_get(cfg, &debug_str, server_group,
SVN_CONFIG_OPTION_NEON_DEBUG_MASK, debug_str);
}
@@ -575,7 +581,7 @@
ne_uri uri = { 0 };
svn_ra_dav__session_t *ras;
int is_ssl_session;
- svn_boolean_t compression;
+ svn_boolean_t compression, client_certs;
svn_config_t *cfg;
const char *server_group;
@@ -644,6 +650,7 @@
&timeout,
&debug,
&compression,
+ &client_certs,
cfg,
uri.host,
pool);
@@ -766,10 +773,13 @@
ne_ssl_set_verify(sess, server_ssl_callback, ras);
ne_ssl_set_verify(sess2, server_ssl_callback, ras);
/* For client connections, we register a callback for if the server
- wants to authenticate the client via client certificate. */
-
- ne_ssl_provide_clicert(sess, client_ssl_callback, ras);
- ne_ssl_provide_clicert(sess2, client_ssl_callback, ras);
+ wants to authenticate the client via client certificate and we're
+ using client certificates. */
+ if (client_certs)
+ {
+ ne_ssl_provide_clicert(sess, client_ssl_callback, ras);
+ ne_ssl_provide_clicert(sess2, client_ssl_callback, ras);
+ }
/* See if the user wants us to trust "default" openssl CAs. */
trust_default_ca = svn_config_get_server_setting(
Cynic’s Soapbox
Just a few ramblings on life
Translators
Categories
Archives
- May 2010
- April 2010
- February 2010
- August 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
- July 2006
- June 2006
- May 2006
- April 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
- October 2005
- September 2005
- August 2005
- July 2005
- June 2005
- May 2005
- April 2005
- March 2005
- February 2005
- January 2005
- December 2004
- November 2004
- October 2004
- September 2004
- August 2004
- July 2004
- June 2004
- May 2004
- April 2004
- March 2004
- July 2003
- June 2003
- May 2003
Pages
Blogroll
- Aitch
- Andrew Patterson
- Doc Searls
- Frank PS
- Mads Toftum
- Mikael Jansson
- Ted Leung
- The Digital Aviator
- The Old Man and the Street
- Tony Finch
- Wendy Seltzer