On Fri, Dec 26, 2003 at 05:05:15PM -0600, Ben Collins-Sussman wrote:
> On Fri, 2003-12-26 at 14:55, Andrew Snare wrote:
>
> > While trying to configure Subversion to accept my private CA, I
> > encountered a problem whereby my .subversion configuration files
> > are shared across several machines but my home directory is not
> > always the same. This means that the ssl-authority-files and
> > ssl-client-cert-file configuration directives are useless for me.
>
> Don't forget that /etc/subversion/ holds system-wide runtime config
> files as well. Perhaps that directory could be an NFS share?
In my situation, this isn't appropriate since we're talking systems
separated by the Internet. In addition, it's not really appropriate
for me to force my CA upon other people. As far as workarounds go,
it's also possible to ignore these directives and tell subversion
to permanently accept the CA when it prompts upon seeing it the
first time.
Mentioning the problem, however, was meant more as an introduction
for the motivation as to why I thought environment variable expansion
would be useful; it's a fairly generic mechanism, and may be useful
for other things like importing a user's http_proxy settings (for
example).
My particular issue problem was also intended to highlight weaknesses
that vastly reduces the effectiveness of these directives since
they're not fully parsed:
- Relative paths cannot be used. What are they relative to? This
is always an issue in any configuration file where paths are
given.
- Files cannot contain a semi-colon, since it is used as a
seperator and no escape mechanism is specified. This will rarely
be an, since semicolons are rarely used in filenames. Maybe
someone will swear when they get around to a VMS port though :).
Cheers,
- Andrew
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sat Dec 27 07:09:28 2003