On Tue, 10 Apr 2007, David Anderson wrote:
> On 4/10/07, Eric Gillespie <epg@pretzelnet.org> wrote:
> >Can someone who worked on adding SASL support to svnserve update
> >the man pages to explain how to use it? The comments in the
> >svnserve.conf in a new repository are less than helpful:
>
> I didn't do anything with SASL other than follow the development, but
> my understanding is that most of the actual configuration takes place
> in /etc/sasl, where Cyrus SASL stores one config file per server with
> SASL support. The values in svnserve.conf just specify "Yes, ask Cyrus
> to handle SASL", and the min/max encryption values will act as a
> filter to Cyrus SASL as it tries to decide what authentication
> mechanism it should use, if it has a choice between several.
>
> For the rest, we need a sample /etc/sasl/subversion.conf. If my
> explanation was correct, that is.
...
> >[sasl]
> >### This option specifies whether you want to use the Cyrus SASL
> >### library for authentication. The default is false.
> ># use-sasl = true
> >### These options specify the desired strength of the security layer
> >### that you want SASL to provide. 0 means no encryption, 1 means
> >### integrity-checking only, values larger than 1 are correlated
> >### to the effective key length for encryption (e.g. 128 means 128-bit
> >### encryption). The values below are the defaults.
> ># min-encryption = 0
> ># max-encryption = 256
...
I'd also be useful if the generated documentation noted whether Cyrus
SASL is specific to ra_svn.
- application/pgp-signature attachment: stored
Received on Tue Apr 10 21:25:51 2007