[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: [Non-DoD Source] Re: using pkcs11 (CAC cards) with svn 1.8 and newer

From: Simpson, Andrew R CIV NSWC Crane, JXSNL <andrew.simpson_at_navy.mil>
Date: Thu, 10 Dec 2015 16:03:58 +0000

I'd love to, but I have to be "allowed" to :) I will push within DoD circles.

The issue with newer versus older was indicated by our server provider (forge.mil). I'm only rehashing what they stated, although I should be clear that was in regards to tortoiseSVN. We did see issues specifically with regards to tortoise using older versions that did seem to go away by upgrading to the latest client in those cases on windows.

I do believe, however, that the timeouts may be caused by either A) configuration of the svn server or B) the network setup of the server provider.

Thanks again for the info. much appreciated. Will take a look into what's required to modify serf to support this.

From: Mark Phippard [markphip_at_gmail.com]
Sent: Thursday, December 10, 2015 10:54 AM
To: Simpson, Andrew R CIV NSWC Crane, JXSNL
Cc: users_at_subversion.apache.org
Subject: Re: [Non-DoD Source] Re: using pkcs11 (CAC cards) with svn 1.8 and newer

On Thu, Dec 10, 2015 at 10:42 AM, Simpson, Andrew R CIV NSWC Crane, JXSNL <andrew.simpson_at_navy.mil<mailto:andrew.simpson_at_navy.mil>> wrote:
Hi Mark,

so to be clear, unless we re-roll the latest subversion clients with pakchois and neon, we're going to be unable to use pkcs11? That is a major issue for linux development in the DoD. I will also need to contact RedHat to see what their plans are, but RHEL 6 is still stuck at 1.6.

Neon support was removed with SVN 1.8. You are stuck on SVN 1.7 or earlier for your clients. I am sure the Apache Serf project would welcome contributions of PKCS11 support for Linux. If this is important to the DoD ... contribute resources. It is not like the average open source developer has access to a CAC environment to work on something like this.


I can still use svn 1.6 and 1.7 with the newer subversion server. However, we have been seeing timeout issues when checking out of repositories and other quirks. Otherwise, yes, it does work with PKCS 11. the subversion provider has updated to 1.8 or 1.9 (can't remember). Since then, we have been experiencing issues with these timeouts every 5-12 minutes of a checkout.

There is no reason to believe that a newer client version will make any difference for a problem like this. The version of Subversion on the server is not the most likely reason for timeouts.

Mark Phippard
Received on 2015-12-10 17:04:48 CET

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.