Return-Path: 
 <dev-return-26623-apmail-subversion-dev-archive=subversion.apache.org@subversion.apache.org>
X-Original-To: apmail-subversion-dev-archive@minotaur.apache.org
Delivered-To: apmail-subversion-dev-archive@minotaur.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id A103410E42
	for <apmail-subversion-dev-archive@minotaur.apache.org>;
 Wed,  5 Jun 2013 18:09:53 +0000 (UTC)
Received: (qmail 44832 invoked by uid 500); 5 Jun 2013 18:09:53 -0000
Delivered-To: apmail-subversion-dev-archive@subversion.apache.org
Received: (qmail 44786 invoked by uid 500); 5 Jun 2013 18:09:53 -0000
Mailing-List: contact dev-help@subversion.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@subversion.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@subversion.apache.org>
List-Post: <mailto:dev@subversion.apache.org>
List-Id: <dev.subversion.apache.org>
Delivered-To: mailing list dev@subversion.apache.org
Received: (qmail 44778 invoked by uid 99); 5 Jun 2013 18:09:53 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 05 Jun 2013 18:09:53 +0000
X-ASF-Spam-Status: No, hits=-0.7 required=5.0
	tests=RCVD_IN_DNSWL_LOW,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (nike.apache.org: domain of tortoisesvn@gmail.com
 designates 74.125.83.44 as permitted sender)
Received: from [74.125.83.44] (HELO mail-ee0-f44.google.com) (74.125.83.44)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 05 Jun 2013 18:09:47 +0000
Received: by mail-ee0-f44.google.com with SMTP id c13so577866eek.31
        for <dev@subversion.apache.org>; Wed, 05 Jun 2013 11:09:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=message-id:date:from:user-agent:mime-version:to:cc:subject
         :references:in-reply-to:content-type:content-transfer-encoding;
        bh=fqorGdDFz7KkJ788bhAMatyrjBnj3Ww2ojMCHqghP48=;
        b=bna7AijoyLApefXlD3pz+YA3qUG2s1tOOfNmGrpantMbHBAO9cnbiQDNUa8Jx2c1dU
         oja3t/jv83mJBA34mfTVjnht2IsH7uEfMBpesX0Ps7Dp+/EN7zRX4BNsgV4QTd6JnKt9
         ITMagCON9Y+ip1oW9XoG07Ar0CJYwwG/gSpphqL0AyQ3jvMG6WY7725IULhtv+cfNUOE
         JJv1pzq6hYghy1/dHFmKZ6YHxf0jEg+rI+MIF4PC6YCCQ6MmjM1ODWYJdZ5F7VWEyhxK
         HxtzF4llgUUI+vJgSXc4Mjx7Ao1zk2IXgZBxOQwZcul+nYCCMnAcAeqCfvUmIb6M8ooU
         QVlw==
X-Received: by 10.14.2.7 with SMTP id 7mr13150592eee.99.1370455767369;
        Wed, 05 Jun 2013 11:09:27 -0700 (PDT)
Received: from [192.168.1.115] (cable-static-20-197.rsnweb.ch. [88.84.20.197])
        by mx.google.com with ESMTPSA id c5sm83615240eeu.8.2013.06.05.11.09.25
        for <multiple recipients>
        (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
        Wed, 05 Jun 2013 11:09:26 -0700 (PDT)
Message-ID: <51AF7ED2.7020704@gmail.com>
Date: Wed, 05 Jun 2013 20:09:22 +0200
From: =?ISO-8859-1?Q?Stefan_K=FCng?= <tortoisesvn@gmail.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64;
 rv:17.0) Gecko/20130509 Thunderbird/17.0.6
MIME-Version: 1.0
To: Markus Schaber <m.schaber@codesys.com>
CC: "dev@subversion.apache.org" <dev@subversion.apache.org>
Subject: Re: AW: Should missing smart card support not be added in the release
 notes?
References: 
 <CANvU9scB6F+5BDk71mMjRPt4DKaHaOpzK=nVdTZF--MmC_nbiA@mail.gmail.com>
 <CABw-3YfVV8DW07CveV8v0ZiLeP3E4uQCLxdFhTzH9PACYQ1hhg@mail.gmail.com>
 <CANvU9sfgZzJ=YpsO+CZWnspNbhcBiTWzy+QR1SRxCdzt+Q9NeQ@mail.gmail.com>
 <CABw-3YdceYXDZ2zCJ06_Wke3C3_4wki4tTVQ7Ztpnvk_tRWEqQ@mail.gmail.com>
 <CANvU9seS=wONwPGsS10doRKzhUNPRuMQTrOHsAPtzbK=xnrEqg@mail.gmail.com>
 <51AE3038.10908@gmail.com>
 <727D8E16AE957149B447FE368139F2B51A3179F8@SERVER10>
In-Reply-To: <727D8E16AE957149B447FE368139F2B51A3179F8@SERVER10>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 8bit
X-Virus-Checked: Checked by ClamAV on apache.org

On 05.06.2013 09:25, Markus Schaber wrote:
> Hi, Stefan,
>
> Von: Stefan K�ng [mailto:tortoisesvn@gmail.com]
>> On 04.06.2013 13:56, Lieven Govaerts wrote:
>>> You are referring to a configuration where OpenSSL uses MS's CryptoAPI
>>> to use the Windows certificate store. Never used it myself, but I see
>>> that TSVN has implemented this, with an extra dialog to select a
>>> client certificate if multiple were found.
>>> I see no reason why that won't work with serf, we probably would have
>>> heard about it if not.
>>>
>>> So for Windows there's no problem, only for Mac & Linux we don't have
>>> a smart card solution in 1.8.0 at this time.
>>
>> Some information about this:
>>
>> [...]
>>
>> This patched version of the CAPI engine in OpenSSL is already in use in a
>> company and works fine there.
>>
>> In case you're interested: the patch for e_capi.c in OpenSSL is here:
>> https://tortoisesvn.googlecode.com/svn/trunk/ext/build/openssl.patch
>
> Just out of curiosity: Did you try to upstream your changes for inclusion in OpenSSL?

no, I didn't: I doubt it would have the slightest chance to get included 
since it's basically an ugly hack to get what I need. A real solution 
would require not only changing the OpenSSL code but then also serf and 
even svn to use those changes in OpenSSL.

Stefan

-- 
        ___
   oo  // \\      "De Chelonian Mobile"
  (_,\/ \_/ \     TortoiseSVN
    \ \_/_\_/>    The coolest interface to (Sub)version control
    /_/   \_\     http://tortoisesvn.net