[ET Trac] [Einstein Toolkit] #1801: OSX does not install trusted certificates, breaking GetComponents (svn)
Einstein Toolkit
trac-noreply at einsteintoolkit.org
Tue Sep 1 14:03:12 CDT 2015
#1801: OSX does not install trusted certificates, breaking GetComponents (svn)
----------------------------+-----------------------------------------------
Reporter: rhaas | Owner:
Type: defect | Status: review
Priority: major | Milestone:
Component: GetComponents | Version: development version
Resolution: | Keywords:
----------------------------+-----------------------------------------------
Comment (by rhaas):
True. Right now it shows the message about the stock svn client if svn
info first fails (line 584) and then succeeds if one adds --trust-server-
cert (line 587). The man page says "--tryst-server-cert}} that this tell
svn to "accept SSL server certificates from unknown certificate
authorities" so other causes of failure to verify (expired, faulty) should
still trigger. If the failure is due to something other than the
certificates then this would have to have changed in between the two svn
calls for this check to become invalid. It is of course possible that the
validation fails for another certificate related reason and {{{--trust-
server-cert}}} accepts this. On could make the regex more explicit since
svn actually outputs: {{{Server certificate verification failed: issuer is
not trusted}}}. Would you think this to be better, it would at least avoid
mis-classifying expired certificates?
I am a little bit unhappy to look for an English language text to
determine some success state but the text seems to stay the same even if I
eg set LANG to "DE" to try and see if I can get German language error
messages. A bigger concern may be subversion updating the error text in
the future.
--
Ticket URL: <https://trac.einsteintoolkit.org/ticket/1801#comment:27>
Einstein Toolkit <http://einsteintoolkit.org>
The Einstein Toolkit
More information about the Trac
mailing list