[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svnserve SASL documentation?

From: Vlad Georgescu <vgeorgescu_at_gmail.com>
Date: 2007-04-12 16:07:35 CEST

Lars Gullik Bjønnes wrote:
> Eric Gillespie <epg@pretzelnet.org> writes:
>
> | Vlad Georgescu <vgeorgescu@gmail.com> writes:
> |
> | > saslauthd expects plaintext passwords, which means the passwords must
> | > travel over the wire in plaintext. This would be only be OK if we
> | > supported SSL, which we currently don't, so plaintext mechanisms are
> | > currently disabled. I could enable them again, if people think that's a
> | > good idea.
> |
> | No, i don't think that's a good idea.
>
> [...]
>
> Just a Q. Does this mean that the use of /etc/passwd as the user/pass
> db for svnserve is impossible before we get SSL/TLS support?

Yes.

>
> (I have been waiting for just that feature and thought SASL would give
> it. In my setting on-the-wire security is not important, so plaintext
> passwds would not be a (huge) problem.)
>

If svnserve doesn't grow SSL support by the time we release 1.5, we
could introduce new configuration options for the client and the server
to explicitly enable plain text mechanisms, in order to accommodate
people who don't care about this problem. I'm not exactly thrilled about
this idea, though.

-- 
Vlad
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Thu Apr 12 16:08:03 2007

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.