You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@subversion.apache.org by Adam <su...@adamsutton.co.uk> on 2009/03/27 09:24:51 UTC
Python bindings - HTTPS authentication problem
Hi All,
Firstly apologies if this is not the correct group to post this query
on. If it's not could someone suggest a more appropriate place, ta.
I'm trying to migrate an automated build system I have, written in
python, to use the libsvn bindings rather than pysvn. The main reason
being that the bindings are obviously released in-step with the svn
releases and since the WC format has changed in 1.6 I cannot upgrade
my svn clients as the build system would be broken as pysvn doesn't
yet have an official release with 1.6 support. Also I thought it would
be useful to learn the APIs as no doubt they provide greater
flexibility.
The problem I'm having is surrounding the use of the svn_client_info2
call for getting info from a URL which requires authentication. I've
looked at various different examples of how to set things up
(including pysvn, svn command line and also soom of the tools/examples
python scripts).
So far I've come up with the following:
------------------------------------------------------------------------------------------------------------------------
#!/usr/bin/env python
#
# Determine youngest rev for a URL
import sys
import svn.core, svn.client
# URL to check
url = sys.argv[1]
# Create context
ctx = svn.client.ctx_t()
# Load config
svn.core.svn_config_ensure(None)
ctx.config = svn.core.svn_config_get_config(None)
# Build auth provider list
providers = [
#svn.core.svn_auth_get_windows_simple_provider(),
svn.core.svn_auth_get_simple_provider(),
svn.core.svn_auth_get_username_provider(),
svn.core.svn_auth_get_ssl_server_trust_file_provider(),
svn.core.svn_auth_get_ssl_client_cert_file_provider(),
svn.core.svn_auth_get_ssl_client_cert_pw_file_provider(),
]
# Setup authentication handler
ctx.auth_baton = svn.core.svn_auth_open(providers)
# Set revision to HEAD
rev = svn.core.svn_opt_revision_t()
rev.kind = svn.core.svn_opt_revision_head
# Output result
def handler ( path, info, pool ):
print "url = %s, rev = %s" % (info.URL, info.rev)
# Get info
svn.client.info2(path, rev, rev, handler, 0, None, ctx)
------------------------------------------------------------------------------------------------------------------------
Since the build system will always be used on WC's which have already
been checked out with clients that cache the authentication info, I'm
happy that if something has changed in the authentication this script
will fail and the user will first need to update the cached info from
another client (svn cmd line or TSVN typically).
The main issue seems to be that its not properly loading the info from
the cached configuration. Interestingly the server_trust provider is
working. Without it I get an invalid SSL cert response and with it I
get an authentication failure.
I'm currently testing this on a windows platform. I have tried using
the platform_specific_provider() call to retrieve windows specific
providers but this doesn't seem to change anything.
If anyone has any suggestions they would be greatly appreciated.
Ta
Adam
------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=462&dsMessageId=1441704
Re: Python bindings - HTTPS authentication problem
Posted by Adam <su...@adamsutton.co.uk>.
I've fixed the problem. Although I had previously used the platform
specific providers I think I had either missed out the windows simple
provider or more likely I had things in the wrong order.
Adam
Adam wrote:
> Hi All,
>
> Firstly apologies if this is not the correct group to post this query
> on. If it's not could someone suggest a more appropriate place, ta.
>
> I'm trying to migrate an automated build system I have, written in
> python, to use the libsvn bindings rather than pysvn. The main reason
> being that the bindings are obviously released in-step with the svn
> releases and since the WC format has changed in 1.6 I cannot upgrade
> my svn clients as the build system would be broken as pysvn doesn't
> yet have an official release with 1.6 support. Also I thought it would
> be useful to learn the APIs as no doubt they provide greater
> flexibility.
>
> The problem I'm having is surrounding the use of the svn_client_info2
> call for getting info from a URL which requires authentication. I've
> looked at various different examples of how to set things up
> (including pysvn, svn command line and also soom of the tools/examples
> python scripts).
>
> So far I've come up with the following:
>
> ------------------------------------------------------------------------------------------------------------------------
> #!/usr/bin/env python
> #
> # Determine youngest rev for a URL
>
> import sys
> import svn.core, svn.client
>
> # URL to check
> url = sys.argv[1]
>
> # Create context
> ctx = svn.client.ctx_t()
>
> # Load config
> svn.core.svn_config_ensure(None)
> ctx.config = svn.core.svn_config_get_config(None)
>
> # Build auth provider list
> providers = [
> #svn.core.svn_auth_get_windows_simple_provider(),
> svn.core.svn_auth_get_simple_provider(),
> svn.core.svn_auth_get_username_provider(),
> svn.core.svn_auth_get_ssl_server_trust_file_provider(),
> svn.core.svn_auth_get_ssl_client_cert_file_provider(),
> svn.core.svn_auth_get_ssl_client_cert_pw_file_provider(),
> ]
>
> # Setup authentication handler
> ctx.auth_baton = svn.core.svn_auth_open(providers)
>
> # Set revision to HEAD
> rev = svn.core.svn_opt_revision_t()
> rev.kind = svn.core.svn_opt_revision_head
>
> # Output result
> def handler ( path, info, pool ):
> print "url = %s, rev = %s" % (info.URL, info.rev)
>
> # Get info
> svn.client.info2(path, rev, rev, handler, 0, None, ctx)
> ------------------------------------------------------------------------------------------------------------------------
>
> Since the build system will always be used on WC's which have already
> been checked out with clients that cache the authentication info, I'm
> happy that if something has changed in the authentication this script
> will fail and the user will first need to update the cached info from
> another client (svn cmd line or TSVN typically).
>
> The main issue seems to be that its not properly loading the info from
> the cached configuration. Interestingly the server_trust provider is
> working. Without it I get an invalid SSL cert response and with it I
> get an authentication failure.
>
> I'm currently testing this on a windows platform. I have tried using
> the platform_specific_provider() call to retrieve windows specific
> providers but this doesn't seem to change anything.
>
> If anyone has any suggestions they would be greatly appreciated.
>
> Ta
> Adam
>
> ------------------------------------------------------
> http://subversion.tigris.org/ds/viewMessage.do?dsForumId=462&dsMessageId=1441704
------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=462&dsMessageId=1443030