On Thu, Feb 27, 2014 at 01:26:38PM +0100, Stefan Sperling wrote: > I think we should get the serf project to issue a new set of > serf releases with a fix for this issue, for all actively > maintained serf-1.x branches that Subversion can be used with. > > I don't see a better way. We decided long ago that we should use > the serf cert parsing API instead of using OpenSSL directly. > When I rewrote the cert parsing code to use serf, I was told that > the serf API works fine. The only workaround we could use in svn > is to depend on OpenSSL or implement our own X509 parser (no thanks).
Another idea: we could also disable the 'svn auth' cert parsing feature on windows unless a particular serf version is used which contains the fix. The fallback case of just printing base64-encoded cert data already exists.
