On Tue, 10 Apr 2007, Vlad Georgescu wrote:
> On 4/10/07, Daniel Rall <email@example.com> wrote:
> >On Tue, 10 Apr 2007, David Anderson wrote:
> >> On 4/10/07, Eric Gillespie <firstname.lastname@example.org> wrote:
> >> >Can someone who worked on adding SASL support to svnserve update
> >> >the man pages to explain how to use it? The comments in the
> >> >svnserve.conf in a new repository are less than helpful:
> >> I didn't do anything with SASL other than follow the development, but
> >> my understanding is that most of the actual configuration takes place
> >> in /etc/sasl, where Cyrus SASL stores one config file per server with
> >> SASL support. The values in svnserve.conf just specify "Yes, ask Cyrus
> >> to handle SASL", and the min/max encryption values will act as a
> >> filter to Cyrus SASL as it tries to decide what authentication
> >> mechanism it should use, if it has a choice between several.
> >> For the rest, we need a sample /etc/sasl/subversion.conf. If my
> >> explanation was correct, that is.
> >> >[sasl]
> >> >### This option specifies whether you want to use the Cyrus SASL
> >> >### library for authentication. The default is false.
> >> ># use-sasl = true
> >> >### These options specify the desired strength of the security layer
> >> >### that you want SASL to provide. 0 means no encryption, 1 means
> >> >### integrity-checking only, values larger than 1 are correlated
> >> >### to the effective key length for encryption (e.g. 128 means 128-bit
> >> >### encryption). The values below are the defaults.
> >> ># min-encryption = 0
> >> ># max-encryption = 256
> >I'd also be useful if the generated documentation noted whether Cyrus
> >SASL is specific to ra_svn.
> I'm not sure I understand. If you're referring to the comments in
> svnserve.conf, I think it should be obvious that they're specific to
> ra_svn simply by their presence in that file. (There's a comment at
> the top of the default svnserve.conf telling people that the file is
> specific to ra_svn).
I didn't realize this was only in svnserve.conf (as Eric pointed out).
Please ignore. :)
Received on Tue Apr 10 23:16:46 2007
- application/pgp-signature attachment: stored