You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@subversion.apache.org by br...@apache.org on 2014/06/18 00:22:10 UTC

svn commit: r1603298 - /subversion/trunk/subversion/bindings/javahl/src/org/apache/subversion/javahl/callback/AuthnCallback.java

Author: brane
Date: Tue Jun 17 22:22:09 2014
New Revision: 1603298

URL: http://svn.apache.org/r1603298
Log:
Do not incompatibly modify SSL cert parsing failures in JavaHL.

* subversion/bindings/javahl/src/org/apache/subversion/javahl/callback/AuthnCallback.java
  (AuthnCallback.SSLServerCertFailures.ALL_KNOWN):
   Define a bitmask that includes all the failure mode bits.
  (AuthnCallback.SSLServerCertFailures.<init>):
   Check failures parameter against ALL_KNOWN, and do not modify it.
  ((AuthnCallback.SSLServerCertFailures.other):
   Also check against ALL_KNOWN to determine the result.

Modified:
    subversion/trunk/subversion/bindings/javahl/src/org/apache/subversion/javahl/callback/AuthnCallback.java

Modified: subversion/trunk/subversion/bindings/javahl/src/org/apache/subversion/javahl/callback/AuthnCallback.java
URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/bindings/javahl/src/org/apache/subversion/javahl/callback/AuthnCallback.java?rev=1603298&r1=1603297&r2=1603298&view=diff
==============================================================================
--- subversion/trunk/subversion/bindings/javahl/src/org/apache/subversion/javahl/callback/AuthnCallback.java (original)
+++ subversion/trunk/subversion/bindings/javahl/src/org/apache/subversion/javahl/callback/AuthnCallback.java Tue Jun 17 22:22:09 2014
@@ -194,7 +194,7 @@ public interface AuthnCallback
          */
         public boolean other()
         {
-            return ((failures & OTHER) != 0);
+            return ((failures & OTHER) != 0 || (failures & ~ALL_KNOWN) != 0);
         }
 
         /** @return the internal bitfield representation of the failures. */
@@ -209,19 +209,21 @@ public interface AuthnCallback
         private static final int UNKNOWN_CA    = 0x00000008;
         private static final int OTHER         = 0x40000000;
 
+        private static final int ALL_KNOWN     = (NOT_YET_VALID | EXPIRED
+                                                  | CN_MISMATCH | UNKNOWN_CA
+                                                  | OTHER);
+
         /* This private constructor is used by the native implementation. */
         private SSLServerCertFailures(int failures)
         {
             /* Double-check that we did not forget to map any of the
                failure flags, and flag an "other" failure. */
-            final int missing = failures & ~(NOT_YET_VALID | EXPIRED
-                                             | CN_MISMATCH | UNKNOWN_CA
-                                             | OTHER);
+            final int missing = (failures & ~ALL_KNOWN);
+
             if (missing != 0) {
                 Logger log = Logger.getLogger("org.apache.subversion.javahl");
                 log.warning(String.format("Unknown SSL certificate parsing "
                                           + "failure flags: %1$x", missing));
-                failures |= OTHER;
             }
 
             this.failures = failures;