Hello everybody! I'm sending two patches to osc which implement the following useful features. 1. Support for API URLs with pathname. Currently osc supports API URLs without path only, like https://api.example.com (if there is pathname, it's just ignored). With this change API URLS with path, like https://example.com/api are supported correctly. This is useful for those who can't have OBS api, webui and main site on different domains and buy separate X.509 certificates for them, or just can't afford to have separate IP addresses for them (please note that currently osc doesn't support TLS SNI). You may say that OBS API doesn't work correctly if installed with non-root path. But I took care about that already. I'll prepare and send a patch little bit later. 2. Support for TLS SNI (if M2Crypto supports it). Currently osc can't access API URLs which share the same IP address with other SSL-enabled sites, complaining about certificate not matching hostname. This change solves this problem by instructing M2Crypto.SSL.Connection to send the desired hostname to https server using TLS SNI extension, thus allowing the server to present the right certificate and choose the right virtual site. This is useful for those who can't afford to have a separate IP address for OBS API. For TLS SNI to work correctly, M2Crypto should be patched: https://bugzilla.osafoundation.org/show_bug.cgi?id=13073 For unpatched M2Crypto osc degrades to operation without TLS SNI. I've tested these changes with my OBS server, which has API installed on a virtual HTTPS server with non-root path. Patches are attached to this message. Please reply with cc to me, I'm not subscribed to opensuse-buildservice mailing list. Best regards, -- Oleg Girko, http://www.infoserver.lv/~ol/