Prabhu Gnana Sundar wrote on Thu, Aug 18, 2011 at 21:55:28 +0530: > On Thursday 18 August 2011 06:46 PM, Daniel Shahaf wrote: > >I tried your patch against > >https://svn.eu.apache.org/repos/asf/subversion/README > >(which uses a non-self-signed cert, but rather one for which the cert's > >hostname differs from the URI's hostname), and it didn't seem to work: > > > > .. > >What am I missing? > I did not consider this scenario while giving this patch... And this > patch does not intend to solve this issue.
I'm not sure /why/ the patch doesn't handle this (technically), but I expect handling all failure bits (rather than just the "self signed" bit) to be a low-hanging fruit that could easily (and should) be integrated into the patch.