[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Can svnserve read an encrypted password file?

From: Stefan Sperling <stsp_at_elego.de>
Date: Fri, 29 Aug 2008 10:57:18 +0200

On Fri, Aug 29, 2008 at 10:21:23AM +0700, Grigory V. Kareev wrote:
> If you want to host multiple repositories using one svnserve process,
> cleartext passwords stored either in ldap, sasldb or svnserve db
> is the only option currently, IMO.
> Possible solutions are:
> a) TLS support for svn client and svnserve (in this case we can use
> sasl cleartext password transmitting auth methods like PLAIN or LOGIN
> and svnserve will be able to do checks against any encrypted passwords db)
> b) alter svnserve internal CRAM-MD5 auth method and make it work with
> stored passwords hashes as described here:
> http://southbrain.com/south/2008/08/cmusaslsecretcrammd5-cmusaslse.html
> c) add svnserve config or command line option to disable internal CRAM-MD5 mech
> and let the sasl do all checks

I would not expect good patches which implement either a, b, or c
to be rejected :)


To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-08-29 10:57:49 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.