[ET Trac] [Einstein Toolkit] #1801: OSX does not install trusted certificates, breaking GetComponents (svn)

Einstein Toolkit trac-noreply at einsteintoolkit.org
Tue Sep 1 14:03:12 CDT 2015

#1801: OSX does not install trusted certificates, breaking GetComponents (svn)
  Reporter:  rhaas          |       Owner:                     
      Type:  defect         |      Status:  review             
  Priority:  major          |   Milestone:                     
 Component:  GetComponents  |     Version:  development version
Resolution:                 |    Keywords:                     

Comment (by rhaas):

 True. Right now it shows the message about the stock svn client if svn
 info first fails (line 584) and then succeeds if one adds --trust-server-
 cert (line 587). The man page says "--tryst-server-cert}} that this tell
 svn to "accept SSL server certificates from unknown certificate
 authorities" so other causes of failure to verify (expired, faulty) should
 still trigger. If the failure is due to something other than the
 certificates then this would have to have changed in between the two svn
 calls for this check to become invalid. It is of course possible that the
 validation fails for another certificate related reason and {{{--trust-
 server-cert}}} accepts this. On could make the regex more explicit since
 svn actually outputs: {{{Server certificate verification failed: issuer is
 not trusted}}}. Would you think this to be better, it would at least avoid
 mis-classifying expired certificates?

 I am a little bit unhappy to look for an English language text to
 determine some success state but the text seems to stay the same even if I
 eg set LANG to "DE" to try and see if I can get German language error
 messages. A bigger concern may be subversion updating the error text in
 the future.

Ticket URL: <https://trac.einsteintoolkit.org/ticket/1801#comment:27>
Einstein Toolkit <http://einsteintoolkit.org>
The Einstein Toolkit

More information about the Trac mailing list