[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: New (1.5) feature questions -- things we need to address before a release can happen

From: Mark Phippard <markphip_at_gmail.com>
Date: 2007-05-25 17:04:18 CEST

On 5/25/07, Vlad Georgescu <vgeorgescu@gmail.com> wrote:
> Mark Phippard wrote:
> > [...]
> > SASL
> > Where is the notes file that explains the feature? What can you do
> > with it? Does it, or does it not support TLS or SSL? Does it work on
> > Windows? What is involved in bulding support for it into the client
> > and server? What happens if client and server do not both have the
> > support compiled in? How does one set it up etc. Given that we are
> > reasonably close to a 1.5 release this information should all be
> > readily available.
> I added a file (notes/sasl.txt) in r25148 that I think addresses these
> issues. Reviews are welcome.

Thanks, it is a good document. I do have some questions/comments.

1) What controls which auth mechanisms the client supports? It must
be something about how SASL that the client is using was compiled?

2) It seems like we really need to provide a pre-built library for
Windows. There has been talk about doing this for all our
dependencies which would be a good idea.

3) As I think I understand it, the auth mechanism is not bound to the
back-end store being used? So for example, you could use LDAP as the
user store, and still support the CRAM-MD5 auth mechanism which would
allow older clients to connect using their LDAP credentials? Server
could also offer additional auth mechanisms for the newer clients?

4) Encryption. Is there any other configuration involved, such as
certificates? What exactly is encrypted? The svnserve traffic? Just
the auth traffic? Just the post-auth traffic?

Mark Phippard
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri May 25 17:04:31 2007

This is an archived mail posted to the Subversion Dev mailing list.