Re: Using Kerberos-Authentication with subversion 1.4.2

From: Yves Martin <yves.martin_at_elca.ch>
Date: 2007-03-19 11:55:39 CET

On Tue, 2007-03-06 at 02:21 +0100, Stephan Wienczny wrote:
> Hi,
> I'm trying to use kerberos-authentication for my subversion repositories but
> the clients in version 1.4.2 fail to connect with HTTP-Error 207
> Multi-Status.

> Older 1.3.2 clients and browsers are able to connect to the server.
> The server uses subversion-1.4.2, apache-2.2.3 and
> lib-apache-mod-auth-kerb-5.3

> This smells like a bug either in my configuration or svn-1.4.2.

Hello,

I had the same error when building a Linux subversion client 1.4.3 with
neon 0.26.3. The fix is available on neon 0.26 branch.

Your server configuration is OK. The big trouble for Kerberos SPNEGO is
the neon 0.26 branch ! You should build with neon 0.25.5 to avoid
problems.

Here is the patch:

--- src/ne_auth.c (revision 1148)
+++ src/ne_auth.c (working copy)
@@ -533,7 +533,7 @@
     int ret;
     ne_buffer *errmsg;

- if (strncmp(hdr, "Negotiate", ptr - hdr) != 0) {
+ if (strncmp(hdr, "Negotiate", ptr - duphdr) != 0) {
         NE_DEBUG(NE_DBG_HTTPAUTH, "gssapi: Not a Negotiate response!
\n");
         ne_free(duphdr);
         return NE_ERROR;

Regards

-- 
Yves Martin
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

Received on Mon Mar 19 11:56:07 2007

This message: [ Message body ]
Next message: Jan Hendrik: "Re: svn does not detect file recodings as changes"
Previous message: hajhouse: "Re: Reconstructing a repository from revs/* files --- success"
In reply to: Stephan Wienczny: "Using Kerberos-Authentication with subversion 1.4.2"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]