Subversion & SSL

2008-09-24
2013-06-03
  • I use SSL web access to repositories.
    When I hit 'Parallel' link, Codestriker tries to retrieve file content from SVN but no success.
    There is a message in apache logfile:
    svn: PROPFIND of '/svn/Projects/00000/trunk/Source/common/Src/acctproc.c': Server certificate verification failed: issuer is not trusted (https://svn.st.com:8081)\r, referer: https://svn.st.com:8081/codestriker1/codestriker.pl?topic=4750366&action=view&mode=1&fview=-1

    So, 'Parallel' window is almost empty.

    Could you please advise how to turn this issuer to trusted?

     
    • David Sitsky
      David Sitsky
      2008-09-24

      This is really a subversion question.  Do some googling to find the answer.  On a quick search, I found the following:

      http://svn.haxx.se/dev/archive-2005-09/0827.shtml

       
    • David, thank for prompt answer,
      you are right, I placed my server cert as trusted and the problem gone.

      But another one faced to me.
      svn: PROPFIND of '/svn/Projects/00000/trunk/Source/common/Src/acctproc.c': authorization failed (https://svn.st.com:8081)\r, referer: https://svn.st.com:8081/codestriker1/codestriker.pl?topic=4750366&action=view&mode=1&fview=1

      Which in/pass Codestriker uses for SVN access?

       
    • I created special account for codestriker in Apache and allowed hom to access to SVN.
      It works.    But!

      I use a lot of SVN projects and users. Each user has personal permissoins to some projects.
      E.g.
      [Proj1/trunk]
      Ann = r
      Alex = rw

      [Proj2/tags]
      Ann = r
      Alex = r

      etc.

      Now I need to allow codestriker to read each project. This is not good.
      Do you have any idea to use user's credentials instead codestriker's for Apache access?

       
      • David Sitsky
        David Sitsky
        2008-10-16

        I can't imagine it being possible or very easy to switch to the user's credential's instead of the web-server's.  Sounds like you are better off writing a script to add Codestriker to the appropriate entries, and for the creation of the appropriate repository objects.

         
    • I confuse you, may be.
      In other words:
      there is a package "Codestriker::Repository::Subversion" in Subversion.pm
      And method "new" within it:
          my @userCmdLine = ();
          if (defined($user) && defined($password)) {
              push @userCmdLine, '--username';
          push @userCmdLine, $user;
          push @userCmdLine, '--password';
          push @userCmdLine, $password;
          }

      Can you please change Codestriker so as
      it will sent $evn['REMOTE_USER'] insted of $user
      and ask a user password instead of $password?
      Of couse, user password should ask only once per session.

      We are ready to donate this development.

       
      • David Sitsky
        David Sitsky
        2008-12-02

        Now that 1.9.7 has the notion of a user, it should be easier to do this. 

        In theory, we could add two new fields to the user table which records the user's subversion username and password.

        A hack could be instead of $user, use $email (with the domain part), and use the same password from the user table?