You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@subversion.apache.org by br...@apache.org on 2014/06/18 00:22:10 UTC
svn commit: r1603298 -
/subversion/trunk/subversion/bindings/javahl/src/org/apache/subversion/javahl/callback/AuthnCallback.java
Author: brane
Date: Tue Jun 17 22:22:09 2014
New Revision: 1603298
URL: http://svn.apache.org/r1603298
Log:
Do not incompatibly modify SSL cert parsing failures in JavaHL.
* subversion/bindings/javahl/src/org/apache/subversion/javahl/callback/AuthnCallback.java
(AuthnCallback.SSLServerCertFailures.ALL_KNOWN):
Define a bitmask that includes all the failure mode bits.
(AuthnCallback.SSLServerCertFailures.<init>):
Check failures parameter against ALL_KNOWN, and do not modify it.
((AuthnCallback.SSLServerCertFailures.other):
Also check against ALL_KNOWN to determine the result.
Modified:
subversion/trunk/subversion/bindings/javahl/src/org/apache/subversion/javahl/callback/AuthnCallback.java
Modified: subversion/trunk/subversion/bindings/javahl/src/org/apache/subversion/javahl/callback/AuthnCallback.java
URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/bindings/javahl/src/org/apache/subversion/javahl/callback/AuthnCallback.java?rev=1603298&r1=1603297&r2=1603298&view=diff
==============================================================================
--- subversion/trunk/subversion/bindings/javahl/src/org/apache/subversion/javahl/callback/AuthnCallback.java (original)
+++ subversion/trunk/subversion/bindings/javahl/src/org/apache/subversion/javahl/callback/AuthnCallback.java Tue Jun 17 22:22:09 2014
@@ -194,7 +194,7 @@ public interface AuthnCallback
*/
public boolean other()
{
- return ((failures & OTHER) != 0);
+ return ((failures & OTHER) != 0 || (failures & ~ALL_KNOWN) != 0);
}
/** @return the internal bitfield representation of the failures. */
@@ -209,19 +209,21 @@ public interface AuthnCallback
private static final int UNKNOWN_CA = 0x00000008;
private static final int OTHER = 0x40000000;
+ private static final int ALL_KNOWN = (NOT_YET_VALID | EXPIRED
+ | CN_MISMATCH | UNKNOWN_CA
+ | OTHER);
+
/* This private constructor is used by the native implementation. */
private SSLServerCertFailures(int failures)
{
/* Double-check that we did not forget to map any of the
failure flags, and flag an "other" failure. */
- final int missing = failures & ~(NOT_YET_VALID | EXPIRED
- | CN_MISMATCH | UNKNOWN_CA
- | OTHER);
+ final int missing = (failures & ~ALL_KNOWN);
+
if (missing != 0) {
Logger log = Logger.getLogger("org.apache.subversion.javahl");
log.warning(String.format("Unknown SSL certificate parsing "
+ "failure flags: %1$x", missing));
- failures |= OTHER;
}
this.failures = failures;