HTTPS read-only SVN access is denied?
SVN checkout over HTTPS protocol requires password. Is it intentional or just temporary server issue? I am behind a proxy that doesn't support PROPFIND requests and I can't test SVN+SSH, because 22 port is closed. Site docs keep silence about that HTTPS is used at all. Shouldn't authentication be asked only on write access in normal SVN setup? BTW, link to "current svn tree" is broken here - http://www.python.org/dev/patches/ -- --anatoly t.
techtonik <techtonik <at> gmail.com> writes:
SVN checkout over HTTPS protocol requires password. Is it intentional or just temporary server issue? I am behind a proxy that doesn't support PROPFIND requests and I can't test SVN+SSH, because 22 port is closed.
As a workaround, if you only need read-only access, you can use the Mercurial mirrors which should work through your proxy (AFAIK Mercurial only uses GET and POST). Type "hg clone http://code.python.org/hg/trunk/" or "hg clone http://code.python.org/hg/branches/py3k" depending on what you need exactly. Regards Antoine.
On Wed, Sep 3, 2008 at 6:08 PM, Antoine Pitrou <solipsis@pitrou.net> wrote:
As a workaround, if you only need read-only access, you can use the Mercurial mirrors which should work through your proxy (AFAIK Mercurial only uses GET and POST).
Type "hg clone http://code.python.org/hg/trunk/" or "hg clone http://code.python.org/hg/branches/py3k" depending on what you need exactly.
I do not need the whole branch - only a small subset of files related to distutils. I know that bazaar can't do partial checkouts - it can only fetch the whole branch. What about mercurial? And why not to setup HTTPS for anonymous read and authorized write access? It is not that hard to do and will solve many problems with proxies. -- --anatoly t.
techtonik <techtonik <at> gmail.com> writes:
I do not need the whole branch - only a small subset of files related to distutils. I know that bazaar can't do partial checkouts - it can only fetch the whole branch. What about mercurial?
Mercurial can't do it either. But I don't think it matters a lot; unless your bandwidth is very low the full clone should be fast enough. Here it takes just 150s. for the trunk.
And why not to setup HTTPS for anonymous read and authorized write access? It is not that hard to do and will solve many problems with proxies.
I don't know really, someone else should answer.
On Thu, Sep 4, 2008 at 1:48 AM, Antoine Pitrou <solipsis@pitrou.net> wrote:
I do not need the whole branch - only a small subset of files related to distutils. I know that bazaar can't do partial checkouts - it can only fetch the whole branch. What about mercurial?
Mercurial can't do it either. But I don't think it matters a lot; unless your bandwidth is very low the full clone should be fast enough. Here it takes just 150s. for the trunk.
Thanks for support. However, fetching whole branch is not an option, because Internet is expensive here - even 10Mb tarball costs 20 cents. To make matters worse I would say that it is more than 0.04% of an average salary. -- --anatoly t.
Hello, 2008/9/4 techtonik <techtonik@gmail.com>:
On Thu, Sep 4, 2008 at 1:48 AM, Antoine Pitrou <solipsis@pitrou.net> wrote:
I do not need the whole branch - only a small subset of files related to distutils. I know that bazaar can't do partial checkouts - it can only fetch the whole branch. What about mercurial?
Mercurial can't do it either. But I don't think it matters a lot; unless your bandwidth is very low the full clone should be fast enough. Here it takes just 150s. for the trunk.
Thanks for support. However, fetching whole branch is not an option, because Internet is expensive here - even 10Mb tarball costs 20 cents. To make matters worse I would say that it is more than 0.04% of an average salary.
Did you try to open your browser to (for example) http://svn.python.org/projects/python/trunk/Lib/distutils/ and download the desired files from there? -- Amaury Forgeot d'Arc
On Thu, Sep 4, 2008 at 5:06 PM, Amaury Forgeot d'Arc <amauryfa@gmail.com> >>
Did you try to open your browser to (for example) http://svn.python.org/projects/python/trunk/Lib/distutils/ and download the desired files from there?
Yes, but it's a waste of time. It is SVN that should be fixed unless somebody name a good reason to disallow r/o anonymous access through HTTPS . -- --anatoly t.
On Wed, Sep 3, 2008 at 3:39 PM, techtonik <techtonik@gmail.com> wrote:
On Wed, Sep 3, 2008 at 6:08 PM, Antoine Pitrou <solipsis@pitrou.net> wrote:
As a workaround, if you only need read-only access, you can use the Mercurial mirrors which should work through your proxy (AFAIK Mercurial only uses GET and POST).
Type "hg clone http://code.python.org/hg/trunk/" or "hg clone http://code.python.org/hg/branches/py3k" depending on what you need exactly.
I do not need the whole branch - only a small subset of files related to distutils. I know that bazaar can't do partial checkouts - it can only fetch the whole branch. What about mercurial?
And why not to setup HTTPS for anonymous read and authorized write access? It is not that hard to do and will solve many problems with proxies.
Because it requires setting up a certificate. You can use HTTP to do a read-only checkout. -Brett
On Wed, Sep 3, 2008 at 6:08 PM, Brett Cannon <brett@python.org> wrote:
On Wed, Sep 3, 2008 at 3:39 PM, techtonik <techtonik@gmail.com> wrote:
On Wed, Sep 3, 2008 at 6:08 PM, Antoine Pitrou <solipsis@pitrou.net> wrote:
As a workaround, if you only need read-only access, you can use the Mercurial mirrors which should work through your proxy (AFAIK Mercurial only uses GET and POST).
Type "hg clone http://code.python.org/hg/trunk/" or "hg clone http://code.python.org/hg/branches/py3k" depending on what you need exactly.
I do not need the whole branch - only a small subset of files related to distutils. I know that bazaar can't do partial checkouts - it can only fetch the whole branch. What about mercurial?
And why not to setup HTTPS for anonymous read and authorized write access? It is not that hard to do and will solve many problems with proxies.
Because it requires setting up a certificate. You can use HTTP to do a read-only checkout.
Or you could download a tarball snapshot: http://svn.python.org/snapshots/
-Brett _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/musiccomposition%40gmail.c...
-- Cheers, Benjamin Peterson "There's no place like 127.0.0.1."
On Thu, Sep 4, 2008 at 2:08 AM, Brett Cannon <brett@python.org> wrote:
And why not to setup HTTPS for anonymous read and authorized write access? It is not that hard to do and will solve many problems with proxies.
Because it requires setting up a certificate.
Certificate is already set. $ svn co https://svn.python.org/projects/trunk Error validating server certificate for 'https://svn.python.org:443': - The certificate is not issued by a trusted authority. Use the fingerprint to validate the certificate manually! Certificate information: - Hostname: svn.python.org - Valid: from Apr 10 00:00:00 2007 GMT until Apr 9 23:59:59 2010 GMT - Issuer: http://www.usertrust.com, The USERTRUST Network, Salt Lake City, UT, US - Fingerprint: fc:67:c1:59:f5:57:71:29:f5:13:50:bc:c9:16:f1:74:da:1f:12:98 (R)eject, accept (t)emporarily or accept (p)ermanently? t Authentication realm: <https://svn.python.org:443> Subversion repository Password for 'username': Authentication realm: <https://svn.python.org:443> Subversion repository Username: svn: PROPFIND request failed on '/projects/trunk' svn: PROPFIND of '/projects/trunk': authorization failed (https://svn.python.org)
You can use HTTP to do a read-only checkout.
Well, the main problem is that I can't. As I already said my machine is behind a proxy that doesn't support required WebDAV extensions for HTTP protocol - http://subversion.tigris.org/faq.html#proxy -- --anatoly t.
SVN checkout over HTTPS protocol requires password. Is it intentional or just temporary server issue? I am behind a proxy that doesn't support PROPFIND requests and I can't test SVN+SSH, because 22 port is closed.
Site docs keep silence about that HTTPS is used at all. Shouldn't authentication be asked only on write access in normal SVN setup?
Not necessarily - as you say, it's undocumented (and will remain so); in any case, I have now granted anonymous read access to that repository, through https. That there was access at all was for the sake of a completely unrelated repository for which even anonymous read access is denied (and remains so). Regards, Martin
2008/9/7, "Martin v. Löwis" <martin@v.loewis.de>:
Not necessarily - as you say, it's undocumented (and will remain so); in any case, I have now granted anonymous read access to that repository, through https.
Thnx a lot... Formerly I could not access anything because of the aforementioned authentication issue... Now public access is ok but... I have recently tried to check out the latest versions of the PEPs and I still can't do it. Something like this is what happens... -------------------------------- $ svn co https://svn.python.org/projects/peps/trunk/ . A pep-0100.txt A pep-0102.txt ... # Many other files "added" A pep-0297.txt A pep-0299.txt U . Fetching external item into 'docutils' svn: Can't connect to host 'svn.berlios.de': A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. ---------------------------------- Please I need some help so as to finally check out all the PEPs at once. Is this a consequence of my systems settings (SVN, etc...)? Otherwise, why is this "lovely" message shown? Please... how can I overcome this situation? Thnx. -- Regards, Olemis.
Olemis Lang wrote:
Fetching external item into 'docutils' svn: Can't connect to host 'svn.berlios.de': A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
Please I need some help so as to finally check out all the PEPs at once.
I suspect you already have all the PEP:s; the checkout command gets stuck when trying to fetch some additional software from an external server. try adding the --ignore-externals option to the checkout command, and see if this gets you any further. then check if you can reach http://svn.berlios.de via your browser, or if some firewall rule gets in the way. </F>
then check if you can reach http://svn.berlios.de via your browser, or if some firewall rule gets in the way.
He probably can, but the firewall still gets in the way when he tries to do the svn checkout - his firewall is incapable of forwarding OPTIONS and other methods used by subversion. Hence he needs to use https, as the firewall then puts through all traffic unmodified, thanks to the CONNECT method. So there will be no chance that he can checkout the berlios externals directly, as their URL is defined in the Python repository (and will remain at http, for the sake of most of us with sane networking environments) Regards, Martin
participants (8)
-
"Martin v. Löwis" -
Amaury Forgeot d'Arc -
Antoine Pitrou -
Benjamin Peterson -
Brett Cannon -
Fredrik Lundh -
Olemis Lang -
techtonik