RE: [Non-DoD Source] Re: using pkcs11 (CAC cards) with svn 1.8 and newer
From: Simpson, Andrew R CIV NSWC Crane, JXSNL <andrew.simpson_at_navy.mil>
Date: Thu, 10 Dec 2015 15:42:12 +0000
Hi Mark,
so to be clear, unless we re-roll the latest subversion clients with pakchois and neon, we're going to be unable to use pkcs11? That is a major issue for linux development in the DoD. I will also need to contact RedHat to see what their plans are, but RHEL 6 is still stuck at 1.6.
I can still use svn 1.6 and 1.7 with the newer subversion server. However, we have been seeing timeout issues when checking out of repositories and other quirks. Otherwise, yes, it does work with PKCS 11. the subversion provider has updated to 1.8 or 1.9 (can't remember). Since then, we have been experiencing issues with these timeouts every 5-12 minutes of a checkout.
Thanks!
On Thu, Dec 10, 2015 at 9:34 AM, Simpson, Andrew R CIV NSWC Crane, JXSNL <andrew.simpson_at_navy.mil<mailto:andrew.simpson_at_navy.mil>> wrote:
I do not believe Serf has any support for this. Even with Neon on Linux I believe it required a custom build involving the pakchois library. On Windows, the pkcs11 support still works for Serf, but that is because it is provided via OpenSSL compile options that leverage the Windows support for smart cards. There is nothing similar on Linux.
does anyone know if it even works? It's a huge issue considering that our subversion server provider has updated to svn 1.9x and now the older clients don't play nice.
I would like to hear more details on this as it should not be true. Any SVN client version should work properly with a SVN 1.9 server. You should still be able to use 1.6 and 1.7 clients without any problems at all. There were no features added in SVN 1.9 that require a 1.9 client AND server:
http://subversion.apache.org/docs/release-notes/1.9.html#new-feature-compatibility-table
-- Thanks Mark Phippard http://markphip.blogspot.com/Received on 2015-12-10 16:42:45 CET |
This is an archived mail posted to the Subversion Users mailing list.
This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.