Aaron Turner wrote on Sat, 3 Apr 2010 at 09:33 -0700:
> On Sat, Apr 3, 2010 at 9:16 AM, Aaron Turner <synfinatic_at_gmail.com> wrote:
> > On Sat, Apr 3, 2010 at 12:30 AM, Daniel Shahaf <d.s_at_daniel.shahaf.name> wrote:
> >> Aaron Turner wrote on Fri, 2 Apr 2010 at 18:48 -0700:
> >>> So this works fine for me from Linux and TortioseSVN, but from
> >>> Windows/Cygwin when I try to check out my repo
> >>> (svn://svn.synfin.net/tcpreplay) I get an error "svn: Cannot negotiate
> >>> authentication mechanisim". I'm using SASL auth on the backend...
> >>>
> >>
> >> That server only offers DIGEST-MD5 authentication. Natively, Subversion
> >> only knows CRAM-MD5 (if the comments in the source are still accurate;
> >> `grep MD5 subversion/{svnserve,libsvn_ra_svn}/*`). So I guess you need an
> >> svn binary compiled/configured for SASL support, or to configure the
> >> server to allow CRAM-MD5.
> >
> > So: svn --version on the client says:
> >
> > * ra_svn : Module for accessing a repository using the svn network protocol.
> > - with Cyrus SASL authentication
> > - handles 'svn' scheme
> >
> > So I thought that meant it should support things like digest-md5. Is
> > there a way to see what auth methods it does support?
> >
> > The reason I forced digest-md5 auth was since cram-md5 doesn't support
> > data encryption. Probably not the end of the world though.
> >
>
> FYI, after digging some more, I found the problem... it wasn't
> cram-md5 vs. digest-md5... client supports both. The issue was the
> server requiring encryption (min-encryption=128) and the client didn't
> support it. Probably would be nice if the error message was a little
> more specific to this problem.
>
It seems that the non-specific error message is inherent to the way
try_auth() (In libsvn_ra_svn/cyrus_auth.c) works: it discards the errors
from failing mechanisms, so the error it raises is always SASL_NOMECH.
>
Received on 2010-04-03 19:24:31 CEST