On 4/10/07, Eric Gillespie <epg@pretzelnet.org> wrote:
> Can someone who worked on adding SASL support to svnserve update
> the man pages to explain how to use it? The comments in the
> svnserve.conf in a new repository are less than helpful:
I didn't do anything with SASL other than follow the development, but
my understanding is that most of the actual configuration takes place
in /etc/sasl, where Cyrus SASL stores one config file per server with
SASL support. The values in svnserve.conf just specify "Yes, ask Cyrus
to handle SASL", and the min/max encryption values will act as a
filter to Cyrus SASL as it tries to decide what authentication
mechanism it should use, if it has a choice between several.
For the rest, we need a sample /etc/sasl/subversion.conf. If my
explanation was correct, that is.
- Dave
>
> [sasl]
> ### This option specifies whether you want to use the Cyrus SASL
> ### library for authentication. The default is false.
> # use-sasl = true
> ### These options specify the desired strength of the security layer
> ### that you want SASL to provide. 0 means no encryption, 1 means
> ### integrity-checking only, values larger than 1 are correlated
> ### to the effective key length for encryption (e.g. 128 means 128-bit
> ### encryption). The values below are the defaults.
> # min-encryption = 0
> # max-encryption = 256
>
> The only answers i've heard so far were basically "sniff the
> traffic" and "poke around your system package database for sasl
> modules". This isn't acceptable.
>
> --
> Eric Gillespie <*> epg@pretzelnet.org
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
> For additional commands, e-mail: dev-help@subversion.tigris.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Apr 10 21:21:34 2007