(No comment was entered for this change.)

(No comment was entered for this change.)

Here is half of a patch to fix this the SSL problem. This doesn't allow the --config-dir 
support however it does bypass the ssl problem.

I added an if with an imaginary variable repository.allow_all_certs that would turn it on 
or off. I am not sure how to hook this in, but I have tested the actual code and it seems 
to accept the ssl certs just fine.

reviewboard-patch-issue-1072 856 bytes   View   Download

I'm running on Debian with Apache2, by default the web server runs as www-data with 
homedir /var/www/.

I've changed the ownership and group of this folder to www-data and if I run svn 
commands as this user, I was prompted the first time to accept the certificate.

I can therefore confirm that .subversion/auth/... exists but I still get the 
problem.  Any ideas?

I've tried it with apache2, too.
The problem was that despite of running reviewboard scripts as www-data, HOME
environment variable was set to /home/vlysenkov, not /home/www-data. Very strange,
surely, and it occurs when I restart apache2 by "sudo /usr/local/etc/rc.d/apache2
restart". It seems that apache2 inherits HOME envvar value.
The possible solution is to tune apache2 to set HOME variable when starting reviewboard.
And my intention in this issue is to leave apache2 HOME var intact.

I ran into a similar issue.

Our SVN setup uses client certificates. When trying to use ReviewBoard I'd always end up with an error 
message saying 'callback_ssl_client_cert_prompt required': PySVN detected it needs a client certificate but 
there is no code to ask for it. 

I worked around this by giving PySVN.Client a config dir for the current -effective- user (working around the 
issue vlysenkov reported in comment #5).

Patch attached. Probably not the cleanest, as I'm no python developer, but this solves the issue for me.

reviewboard-patch-issue-1072-2 550 bytes   View   Download

I'm running on windows with Apache2, rise the same error.

how to fix it, any ideas?

thanks!

I tried to modify the following lines in svn.py:
        import pysvn
        self.client = pysvn.Client()
        if repository.username:
            self.client.set_default_username(str(repository.username))
        if repository.password:
            self.client.set_default_password(str(repository.password))
To:
        def ssl_server_trust_prompt(trust_dict):
            return True, 1, True

        self.client = pysvn.Client()
        self.client.callback_ssl_server_trust_prompt = ssl_server_trust_prompt

Then compile the svn.py again, try to create a review request, another error rised:
Server sent unexpected return value (403 Forbidden) in response to OPTIONS request 
for 'https://xxx.com/xxx/xxx_rep/xxx_proj/trunk/xxx/xxx.mak'

anybody could help me?

Just an update on this. We are working on a way to verify, store and manage
certificates for 1.1. This will work for SVN and other revision control systems.

Great to see your comment!

My subversion repository is using https authentication, so i'm blocked by it when 
using Review Board.

So, could you give me any suggestions to workaround it? and also, i'm hopefully to 
see the issue will be released in version 1.1.

Many thanks! 

You can use the patch that I posted previously. All it does is accept all ssl certificates 
regardless of if they are on the correct host or signed.

dear sharrell,

I have add the patch you provided, after compile the svn.py and restart apache 
server, the following error rises when i create a new review request:
========The message is copied from apache log=======
'Repository' object has no attribute 'allow_all_certs'
Traceback (most recent call last):
  File "c:\python25\lib\site-packages\django-1.0.3-
py2.5.egg\django\core\handlers\base.py", line 91, in get_response
    response = callback(request, *callback_args, **callback_kwargs)
  File "C:\Python25\lib\site-packages\djblets-0.5.3-py2.5.egg\djblets\auth\util.py", 
line 46, in _checklogin
    return view_func(request, *args, **kwargs)
  File "c:\python25\lib\site-packages\ReviewBoard-1.0rc3-
py2.5.egg\reviewboard\reviews\views.py", line 84, in new_review_request
    fields[repo.id] = repo.get_scmtool().get_fields()
  File "c:\python25\lib\site-packages\ReviewBoard-1.0rc3-
py2.5.egg\reviewboard\scmtools\models.py", line 40, in get_scmtool
    return cls(self)
  File "C:\Python25\lib\site-packages\reviewboard-1.0rc3-
py2.5.egg\reviewboard\scmtools\svn.py", line 81, in __init__
    if repository.allow_all_certs is True:
AttributeError: 'Repository' object has no attribute 'allow_all_certs'

please help, thanks again!

If you remove the "if repository.allow_all_certs is True:" line and unident the line after it 
four spaces that should probably work fine.

yes, i did it, and the 500 error gone;
but when i create a request, error prompt saying: "Server sent unexpected return 
value (403 Forbidden) in response to OPTIONS request for "URL"

i hava configed the svn repository with the username and password which can pass the 
authentication.

and i have tried in commandline, with "svn list --username name --passowrd pass URL"
it works.

so i'm sure why the 403 error came out.

I enabled the review board logging setting, create request again, it seems that diff 
is working background, but the review request is failed to be created with the 403 
Forbidden error.

The apache log:
2009-09-27 19:20:57,858 - WARNING - Could not open logfile /logs/reviewboard.log. 
Logging to stderr
2009-09-27 19:20:57,858 - INFO - Logging to /logs/reviewboard.log with a minimum 
level of DEBUG
2009-09-27 19:20:57,858 - INFO - Log file for Review Board v1.0rc3
2009-09-27 19:21:07,342 - DEBUG - DiffParser.parse: Beginning parse of diff, size = 
6082
2009-09-27 19:21:07,342 - DEBUG - DiffParser.parse: Finished parsing diff.
2009-09-28 13:50:05,924 - DEBUG - DiffParser.parse: Beginning parse of diff, size = 
8538
2009-09-28 13:50:05,924 - DEBUG - DiffParser.parse: Finished parsing diff.
2009-09-28 13:50:24,596 - DEBUG - DiffParser.parse: Beginning parse of diff, size = 
8538
2009-09-28 13:50:24,596 - DEBUG - DiffParser.parse: Finished parsing diff.
2009-09-28 13:50:32,721 - DEBUG - DiffParser.parse: Beginning parse of diff, size = 
8538
2009-09-28 13:50:32,737 - DEBUG - DiffParser.parse: Finished parsing diff.
2009-09-28 13:50:42,815 - DEBUG - DiffParser.parse: Beginning parse of diff, size = 
8538
2009-09-28 13:50:42,815 - DEBUG - DiffParser.parse: Finished parsing diff.

--config-dir isn't going to be supported, as we absolutely depend on using $HOME for
.ssh/known_hosts anyway (this is beyond our control). So supporting --config-dir just
makes it more complicated and only solves half our problem.

I don't know why your Apache is inheriting $HOME. That sounds like a broken setup
issue. Sure, we could in theory work around this for pysvn, but again, same problem
as I mentioned above for .ssh, which we can't as easily work around.

That all being said, we now support SSL in our Git repository. 

This bug became a mix of several different bug reports, but since it all centers
around SSL support, I'm repurposing the bug. Please feel free to open a new bug for
the broken $HOME issue. Maybe we can do something about it in code, but I suspect
it's better as a doc'd issue. Please tell me more about your Apache/distro config in
the report if you file it.

hi chipx86,

How to work around the issue "HTTPS Subversion repositories don't work with Review 
Board"?
I'm a little confused with your explanation, so could you please explain it in 
detail?

thanks!

There are two options:

1) Upgrade to the 1.1 development branch (which, being in-development, may be
unstable and probably isn't suitable for development use).

2) Figure out what the home directory is for Apache (I don't know on Windows, but you
may be able to figure it out by turning on logging and temporarily modifying, say,
reviewboard/__init__.py to add:

    logging.info("Home directory = %s" % os.path.expanduser("~"))

to the very end of the file. Then restart Apache, go to a URL, and check the log file.

Once you have this, create a .subversion directory inside that directory.

Then, using command line tools, do an svn checkout of the URL you need. It should
verify your certificate or user information. You'll then need to take your own
~/.subversion directory and copy all the contents into the .subversion directory you
created for Apache, and make sure the .subversion directory and everything inside of
it is writable by the web server.

Note that I have not done this on Windows, so you may have to play around with this a
bit. The problem should go away, though, in 1.1.

I choose the second solution,
after I restart Apache and then visitor site, the following error came out:
[Fri Oct 09 09:16:52 2009] [error] [client 127.0.0.1] mod_python (pid=3316, 
interpreter='reviewboard_review', phase='PythonHandler', 
handler='django.core.handlers.modpython'): Application error
[Fri Oct 09 09:16:52 2009] [error] [client 127.0.0.1] ServerName: 'IEOD-B1GW22X'
[Fri Oct 09 09:16:52 2009] [error] [client 127.0.0.1] DocumentRoot: 'C:/Program 
Files/Apache Software Foundation/Apache2.2/htdocs'
[Fri Oct 09 09:16:52 2009] [error] [client 127.0.0.1] URI: '/reviews'
[Fri Oct 09 09:16:52 2009] [error] [client 127.0.0.1] Location: '/reviews'
[Fri Oct 09 09:16:52 2009] [error] [client 127.0.0.1] Directory: None
[Fri Oct 09 09:16:52 2009] [error] [client 127.0.0.1] Filename: 'C:/Program 
Files/Apache Software Foundation/Apache2.2/htdocs/reviews'
[Fri Oct 09 09:16:52 2009] [error] [client 127.0.0.1] PathInfo: ''
[Fri Oct 09 09:16:52 2009] [error] [client 127.0.0.1] Traceback (most recent call 
last):
[Fri Oct 09 09:16:52 2009] [error] [client 127.0.0.1]   File "C:\\Python25
\\Lib\\site-packages\\mod_python\\importer.py", line 1537, in HandlerDispatch\n    
default=default_handler, arg=req, silent=hlist.silent)
[Fri Oct 09 09:16:52 2009] [error] [client 127.0.0.1]   File "C:\\Python25
\\Lib\\site-packages\\mod_python\\importer.py", line 1229, in _process_target\n    
result = _execute_target(config, req, object, arg)
[Fri Oct 09 09:16:52 2009] [error] [client 127.0.0.1]   File "C:\\Python25
\\Lib\\site-packages\\mod_python\\importer.py", line 1128, in _execute_target\n    
result = object(arg)
[Fri Oct 09 09:16:52 2009] [error] [client 127.0.0.1]   File "c:\\python25
\\lib\\site-packages\\django-1.0.3-py2.5.egg\\django\\core\\handlers\\modpython.py", 
line 228, in handler\n    return ModPythonHandler()(req)
[Fri Oct 09 09:16:52 2009] [error] [client 127.0.0.1]   File "c:\\python25
\\lib\\site-packages\\django-1.0.3-py2.5.egg\\django\\core\\handlers\\modpython.py", 
line 191, in __call__\n    self.load_middleware()
[Fri Oct 09 09:16:52 2009] [error] [client 127.0.0.1]   File "c:\\python25
\\lib\\site-packages\\django-1.0.3-py2.5.egg\\django\\core\\handlers\\base.py", line 
32, in load_middleware\n    for middleware_path in settings.MIDDLEWARE_CLASSES:
[Fri Oct 09 09:16:52 2009] [error] [client 127.0.0.1]   File "c:\\python25
\\lib\\site-packages\\django-1.0.3-py2.5.egg\\django\\utils\\functional.py", line 
269, in __getattr__\n    self._setup()
[Fri Oct 09 09:16:52 2009] [error] [client 127.0.0.1]   File "c:\\python25
\\lib\\site-packages\\django-1.0.3-py2.5.egg\\django\\conf\\__init__.py", line 39, 
in _setup\n    self._wrapped = Settings(settings_module)
[Fri Oct 09 09:16:52 2009] [error] [client 127.0.0.1]   File "c:\\python25
\\lib\\site-packages\\django-1.0.3-py2.5.egg\\django\\conf\\__init__.py", line 72, 
in __init__\n    mod = __import__(self.SETTINGS_MODULE, {}, {}, [''])
[Fri Oct 09 09:16:52 2009] [error] [client 127.0.0.1]   File "C:\\Python25
\\lib\\site-packages\\reviewboard-1.0rc3-py2.5.egg\\reviewboard\\__init__.py", line 
3, in <module>\n    logging.info("Home directory = %s" % os.path.expanduser("~"))
[Fri Oct 09 09:16:52 2009] [error] [client 127.0.0.1] NameError: name 'logging' is 
not defined

another question: Does "Review Board 1.1 alpha 1 released" support the HTTPS 
subversion repository?

I tried again and got the error:
Something broke! (Error 500)
It appears something broke when you tried to go to here. This is either a bug in 
Review Board or a server configuration error. Please report this to your 
administrator. 

It doesn't look like you put that at the end of the file.

On windows, the review board app located at:
C:\Python25\Lib\site-packages\ReviewBoard-1.0rc3-py2.5.egg\reviewboard
The content of __init__.py under the directory is:
# The version of Review Board.
VERSION = "1.0rc3"

I added the line:
logging.info("Home directory = %s" % os.path.expanduser("~"))
to the end of the file, and restart apache, visite site from IE, I got the 500 error.

Anything wrong with the operation?

Ohhh.. You're running a pretty old version. Okay, place this in reviewboard/urls.py
instead.

Many thanks!

I following your suggesting, add the line to the end of the urls.py and restart 
apache server, and try to create a review request, but with error:
Something broke! (Error 500)

The log message of apache is:
2009-10-10 15:14:46,717 - WARNING - Could not open logfile /logs/reviewboard.log. 
Logging to stderr
2009-10-10 15:14:46,717 - INFO - Logging to /logs/reviewboard.log with a minimum 
level of DEBUG
2009-10-10 15:14:46,717 - INFO - Log file for Review Board v1.0rc3
2009-10-10 15:14:46,779 - INFO - Home directory = ~
2009-10-10 15:14:58,030 - DEBUG - DiffParser.parse: Beginning parse of diff, size = 
10045
2009-10-10 15:14:58,030 - DEBUG - DiffParser.parse: Finished parsing diff.

maybe the version of review board is too old, i need switch to newer version...

Sounds like the expansion failed. The Python docs indicate that this is due to
%HOME%, %USERPROFILE%, %HOMEPATH% and %HOMEDRIVE% being unset. Python needs at least
two of these to expand the path.

The solution may be to figure out where the home directory should be and then add
some SetEnv directives to set HOME and USERPROFILE. Subversion, it seems, expects to
live in %APPDATA%\.subversion (basically, C:\Document and
Settings\<username>\Application Data\.subversion). Dunno about whether that directory
exists for Apache at all, or whatever user Apache is running as. That's something you
may need to figure out there. I don't really have a Windows install I can test this on.

You may also want to look into hosting Review Board on Linux in a VM or something.
It's far more supported by us.

I'm still trying to find solution for the issue, unfortunately...

I found another webapp(in python), which is similar to Review Board in dealing with 
access to SVN repository, and it solved 
the problem about the https authentication support.

Attached source code here for further reference.
ref: http://transifex.org/browser/transifex/vcs/lib/types/svn.py?rev=946%
3Ae2782e83e8dd

Wish it be useful to solved the issue.

svn.py 7.0 KB   View   Download

How is going on?

Did my recommendations not work out for setting those environment variables?

yes，I did, see attached screenshot.

I still got the error "HTTPS certificate not accepted. Please ensure that the proper 
certificate exists in C:/Documents and Settings/yunshandi/.subversion/auth for the 
user that reviewboard is running as."

But the certificate does exist under the .subversion/auth.

	env.png 16.1 KB   View   Download

	failed.png 16.4 KB   View   Download

I followed the step:
2) Figure out what the home directory is for Apache (I don't know on Windows, but you
may be able to figure it out by turning on logging and temporarily modifying, say,
reviewboard/__init__.py to add:

    logging.info("Home directory = %s" % os.path.expanduser("~"))

After restart apache, check the apache log, and found a few errors

detailed apache log

error.log 4.0 KB   View   Download

I have tried anyway i can do, still no help on this issue,

i will work on the issue until it works,

and i still hope someone could help me to workaround it, many thanks!

At this point, I recommend taking this to the mailing list and referencing this bug.
The original bug is fixed in 1.1, and we don't support HTTPS in any official capacity
for 1.0. You would have to see if other people have workarounds they've used.

hi Chipx86 
Could you tell me how to fix it? I can modify it by myself. which py file should I 
change? how to change?

There isn't some simple thing to modify. HTTPS support requires a great deal of code,
which is in the 1.1 alphas/nightlies. It's not perfectly stable yet, though, and some
people have problems with it.

hi how to crete the $home/.subversion/auth? i can not find the auth in my home dir. 

From the release notes, it seems the subverion https issue is gone.

but after i installed the latest RB1.5 Beta1, then add a subversion repository, the 
error prompt:
Please correct the error below. 
A repository was not found at the specified path.

Did you specify the path to the top-level of the repository, or a subdirectory inside
of it?

Is there anything in the logs?

a subdirectory of inside a repository

example:
https://svnserver/xxx_rep/xxx_proj

That's likely the problem. You must point to the very top of the Subversion
repository. Subdirectories will cause problems.

Https authentication problem is solved by add java options when start apache.

Another question: Does review board support pre-commit review? In the 1.5 Beta1, I 
can not find how to create a pre-commit review.

Pre-commit review is the default. Review Board was developed with pre-commit in mind.
Just run post-review and it will generate a diff of your changes and post them.

run post-review under my local svn workspace, error prompt:
D:\mywork\test_proj>post-review
Failed to execute command: ['svn', 'diff', '--diff-cmd=diff']
['Index: 
src/init.cpp\n', '===================================================================
\n', "svn: Can't start process 'diff': \xcf\xb5\xcd\xb3\
xd5\xd2\xb2\xbb\xb5\xbd\xd6\xb8\xb6\xa8\xb5\xc4\xce\xc4\xbc\xfe\xa1\xa3  \n"]

D:\mywork\test_proj>

You need to install GNU diff.

Further problems should be posted on the mailing list. I don't want to clutter the
history of this bug with unrelated problems.

old thread but maybe the workaround I found may help some.
thou apache is running as "apache" user the home I got by adding log to the py is "ERROR:root:Home directory = /root". Which I guess it the home of the apache root process. But the process running RB is running as "apache" user and thus cant access the "root/.subversion" folder. 

In short I did "chown -r apache:apache /root" and now it all works fine. 
real ugly I know.... 
 

In new installs, HOME will point to a writable directory, which should solve this problem. In new upgrades, rb-site will tell the user how to update their config to fix the home directory.