yuan lixin wrote on Sat, Oct 22, 2016 at 20:26:42 +0800:
> static svn_error_t *
> onSslServerTrustPrompt(svn_auth_cred_ssl_server_trust_t **cred,
> void *baton,
> const char *realm,
> apr_uint32_t failures,
> const svn_auth_ssl_server_cert_info_t *info,
> svn_boolean_t may_save,
> apr_pool_t *pool)
> {
> svn_auth_cred_ssl_server_trust_t *cred_ =
> (svn_auth_cred_ssl_server_trust_t*)
> apr_palloc(pool, sizeof(svn_auth_cred_ssl_server_trust_t));
Is this forward compatible? svn_auth_cred_ssl_server_trust_t doesn't
have a constructor function, so if the above code is permissible, then
we're not allowed to extend that struct type in minor releases.
> cred_->may_save = 1;
> cred_->accepted_failures = acceptedFailures;
You may want to do (acceptedFailures & failures) so once you switch to
a valid certificate, the cache will not record more "accepted
failures" than are required.
|