[Bug 272386] Re: subversion doesn't permanently accept certificates

Maarten Bezemer maarten.bezemer at gmail.com
Sun Apr 29 19:54:53 UTC 2012 

Thank you for taking the time to report this bug and helping to make
Ubuntu better. We are sorry that we do not always have the capacity to
look at all reported bugs in a timely manner. There have been many
changes in Ubuntu since that time you reported the bug and your problem
may have been fixed with some of the updates. It would help us a lot if
you could test it on a currently supported Ubuntu version. When you test
it and it is still an issue, kindly upload the updated logs by running
apport-collect 272386 and any other logs that are relevant for this
particular issue.

** Changed in: subversion (Ubuntu)
       Status: Confirmed => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to subversion in Ubuntu.
https://bugs.launchpad.net/bugs/272386

Title:
  subversion doesn't permanently accept certificates

Status in “subversion” package in Ubuntu:
  Incomplete

Bug description:
  Binary package hint: subversion

  Since last update of subversion in hardy (from backports so
  1.5.1dfsg1-1ubuntu2~hardy1) subversion will always ask to accept
  reported "invalid certificates" for example from sourceforge (which is
  strange that it's using an invalid certificate). Not only this but
  also if allowing to accept it permanently this choice will be ignored
  and will be threated like if "accept temporarily" was chosen. This is
  extremely annoying because requires input each time i use sourceforge
  repositories (even for update).

  example of the error:

  Error validating server certificate for 'https://<aprojectname>.svn.sourceforge.net:443':
   - The certificate is not issued by a trusted authority. Use the
     fingerprint to validate the certificate manually!
  Certificate information:
   - Hostname: *.svn.sourceforge.net
   - Valid: from Tue, 09 Oct 2007 14:15:07 GMT until Mon, 08 Dec 2008 15:15:07 GMT
   - Issuer: US, Equifax, Equifax Secure Certificate Authority
   - Fingerprint: fb:75:6c:40:58:ae:21:8c:63:dd:1b:7b:6a:7d:bb:8c:74:36:e7:8a
  (R)eject, accept (t)emporarily or accept (p)ermanently? 

  this happens every time since the update to me.

  -----

  1) Description:	Ubuntu 8.04.1
  Release:	8.04

  2) subversion:
    Installed: 1.5.1dfsg1-1ubuntu2~hardy1
    Candidate: 1.5.1dfsg1-1ubuntu2~hardy1
    Version table:
   *** 1.5.1dfsg1-1ubuntu2~hardy1 0
          500 http://it.archive.ubuntu.com hardy-backports/main Packages
          100 /var/lib/dpkg/status
       1.4.6dfsg1-2ubuntu1 0
          500 http://it.archive.ubuntu.com hardy/main Packages

  3) there shouldn't be any request at all teorically as it's strange something like sourceforge is using a certificate from an untrusted autority. but at least the permanent accept should be allowed.
  4) it ignores the permanent accept of the certificate

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/subversion/+bug/272386/+subscriptions

More information about the foundations-bugs mailing list