[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Secure svnserve?

From: Branko ÄŒibej <brane_at_apache.org>
Date: Fri, 25 Nov 2016 12:20:44 +0100

On 25.11.2016 11:46, Stefan Sperling wrote:
> On Fri, Nov 25, 2016 at 11:37:10AM +0100, Branko ÄŒibej wrote:
>> On 25.11.2016 11:33, Stefan Sperling wrote:
>>> On Fri, Nov 25, 2016 at 11:11:15AM +0100, Olaf van der Spek wrote:
>>>> Wouldn't it be good if svnserve supported encryption directly?
>>> svnserve does support encryption directly, but not with TLS.
>>> Instead, it uses SASL for this purpose.
>> Um. SASL is used for authentication. The actual svnserve protocol stream
>> remains unencrypted.
>>
>> -- Brane
> "SASL is also able to perform data encryption if a particular
> mechanism supports it."
> http://svnbook.red-bean.com/nightly/en/svn.serverconfig.svnserve.html#svn.serverconfig.svnserve.sasl
>
> I'm not saying SASL wasn't a pain to set up, or that DIGEST-MD5 was
> very secure. But the mechanism exists and is advertised in the docs.

I stand corrected. In fact:

https://tortoisesvn.net/sasl_howto.html

describes how to set this up with TortoiseSVN, so I guess the OP's
question is answered.

-- Brane
Received on 2016-11-25 12:20:50 CET

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.