changeset 970:3e59f9af15b0

svnrepo: Support --insecure option the same as the mercurial To bypass verification of ssl certificate on one of the following: - Specify the --insecure option - Set the fingerprint to config hostfingerprints
author Mitsuhiro Koga <shiena.jp@gmail.com>
date Mon, 29 Oct 2012 20:14:47 +0900
parents 145611306f8a
children 77b22e5b4ea6
files hgsubversion/svnrepo.py
diffstat 1 files changed, 21 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/hgsubversion/svnrepo.py
+++ b/hgsubversion/svnrepo.py
@@ -230,6 +230,27 @@ class SubversionPrompt(object):
         password = self.ui.getpass('Passphrase for \'%s\': ' % (realm,), default='')
         return (password, bool(may_save))
 
+    def insecure(fn):
+        def fun(self, *args, **kwargs):
+            failures = args[1]
+            cert_info = args[2]
+            # cert_info[0] is hostname
+            # cert_info[1] is fingerprint
+
+            fingerprint = self.ui.config('hostfingerprints', cert_info[0])
+            if fingerprint and fingerprint.lower() == cert_info[1].lower():
+                # same as the acceptance temporarily
+                return (failures, False)
+
+            cacerts = self.ui.config('web', 'cacerts')
+            if not cacerts:
+                # same as the acceptance temporarily
+                return (failures, False)
+
+            return fn(self, *args, **kwargs)
+        return fun
+
+    @insecure
     def ssl_server_trust(self, realm, failures, cert_info, may_save, pool=None):
         msg = 'Error validating server certificate for \'%s\':\n' % (realm,)
         if failures & svnwrap.SSL_UNKNOWNCA: