I've been experimenting with SASL auth a bit and have found a strange
issue when using NTLM -- if I specify the ntlm_server option it sends
the client and server into a tight auth loop like:
( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries
commit-revprops mergeinfo ) ) ) ( 2 ( edit-pipeline svndiff1
absent-entries ) 13:svn://dc/Junk ) ( success ( ( NTLM ) 4:Junk ) ) (
NTLM ( 45:TlRMTVNTUAABAAAABwIAAAAAAAAgAAAAAAAAACAAAAA=
) ) ( failure ( 53:SASL(-24): remote authentication server
unavailable: ) ) ( NTLM (
45:TlRMTVNTUAABAAAABwIAAAAAAAAgAAAAAAAAACAAAAA=
) ) ( failure ( 53:SASL(-24): remote authentication server
unavailable: ) ) ( NTLM (
45:TlRMTVNTUAABAAAABwIAAAAAAAAgAAAAAAAAACAAAAA=
) ) ( failure ( 53:SASL(-24): remote authentication server
unavailable: ) ) ( NTLM (
45:TlRMTVNTUAABAAAABwIAAAAAAAAgAAAAAAAAACAAAAA=
) ) ( failure ( 53:SASL(-24): remote authentication server
unavailable: ) ) ( NTLM (
45:TlRMTVNTUAABAAAABwIAAAAAAAAgAAAAAAAAACAAAAA=
) ) ( failure ( 53:SASL(-24): remote authentication server
unavailable: ) ) ( NTLM (
45:TlRMTVNTUAABAAAABwIAAAAAAAAgAAAAAAAAACAAAAA=
) ) ( failure ( 53:SASL(-24): remote authentication server unavailable: ) )
...
which appears to go on forever.
Aside from the auth failing issue (and I would be interested to know
if anyone has a working NTLM sasl config), it seems like the client
should stop trying at some point.
I'll investigate further when I can, but would appreciate any info
from sasl/svn-protocol experts.
Thanks!
DJ
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Mon Oct 1 04:40:14 2007