# HG changeset patch
# User Mitsuhiro Koga <shiena.jp@gmail.com>
# Date 1351509287 -32400
# Node ID 3e59f9af15b01c5f0801fc7f32586889f147790b
# Parent  145611306f8af8ce81a499d717f8091e8f4c6fc2
svnrepo: Support --insecure option the same as the mercurial

To bypass verification of ssl certificate on one of the following:
- Specify the --insecure option
- Set the fingerprint to config hostfingerprints

diff --git a/hgsubversion/svnrepo.py b/hgsubversion/svnrepo.py
--- a/hgsubversion/svnrepo.py
+++ b/hgsubversion/svnrepo.py
@@ -230,6 +230,27 @@ class SubversionPrompt(object):
         password = self.ui.getpass('Passphrase for \'%s\': ' % (realm,), default='')
         return (password, bool(may_save))
 
+    def insecure(fn):
+        def fun(self, *args, **kwargs):
+            failures = args[1]
+            cert_info = args[2]
+            # cert_info[0] is hostname
+            # cert_info[1] is fingerprint
+
+            fingerprint = self.ui.config('hostfingerprints', cert_info[0])
+            if fingerprint and fingerprint.lower() == cert_info[1].lower():
+                # same as the acceptance temporarily
+                return (failures, False)
+
+            cacerts = self.ui.config('web', 'cacerts')
+            if not cacerts:
+                # same as the acceptance temporarily
+                return (failures, False)
+
+            return fn(self, *args, **kwargs)
+        return fun
+
+    @insecure
     def ssl_server_trust(self, realm, failures, cert_info, may_save, pool=None):
         msg = 'Error validating server certificate for \'%s\':\n' % (realm,)
         if failures & svnwrap.SSL_UNKNOWNCA: