debug I could enable and look at? Something in
lib/sasl2/svn.conf perhaps?
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
sip:suda...@sibptus.tomsk.ru
some default is being
> > used.
>
> I suppose you could try setting them, perhaps max to zero
> or min to non-zero.
Setting "max-encryption = 0" really fixes the problem. Am I not
supposed to use any encryption or what?
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
sip:suda...@sibptus.tomsk.ru
on, but never
encountered this problem before.
> If so what are the min/max-enryption settings?
These settings are commented out, so I guess some default is being
used. I only have this
[svn@relay ~] grep -v ^# repos/src/conf/svnserve.conf | uniq
[general]
anon-access = none
auth-access =
09:04:50 relay svnserve: encoded packet size too big (4156 >
4096)
Aug 30 09:05:03 relay svnserve: encoded packet size too big (4156 >
4096)
What could be the cause of the problem?
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
sip:suda...@sibptus.tomsk.ru
access to the repository with their subversion ids (e.g. in logs) being
'user@FOREIGN.REALM'. Is this possible?
TIA for any input.
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
sip:suda...@sibptus.tomsk.ru
Sorry, it was a false alarm!
The cyrus-sasl2 port was compiled incorrectly (--with-gss_impl=mit
instead of --with-gss_impl=heimdal) due to a long-forgotten KRB5_HOME
defined in /etc/make.conf.
Everything works now. I love Unix, there are no unexplainable or
random glitches :)
--
Victor
because "anon-access = none" is configured
for this repo.
> Can you use "mech_list: gssapi"?
Made no difference.
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
sip:suda...@sibptus.tomsk.ru
o 1.7.
min-encryption and max-encryption are server-side settings, and the
issue is more probably in the client.
Yes, I tried specifying min-encryption = 0; max-encryption = 56 on the
server side (in conf/svnserve.conf) but it makes no difference. It's
the client that does not even try to contact the KDC for a service
ticket.
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
sip:suda...@sibptus.tomsk.ru
iate authentication mechanism"
message but have only come up with some Windows specific problems like
TortoiseSVN being unable to find a dll.
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
sip:suda...@sibptus.tomsk.ru
rather easy to figure out with find/grep. I think we need
someone with more expertise in sasl just to understand what is exactly
happening. It does not even try to request a service ticket from the
kdc.
>
> SVN_DBG() is a debug macro that basically wraps printf().
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
sip:suda...@sibptus.tomsk.ru
t least, how do I enable authentication debug in the svn client?
>
> By adding SVN_DBG() statements to subversion/libsvn_ra_svn/cyrus_auth.c
> and recompiling?
Could you please be more specific? SVN_DBG() what exactly?
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
sip:suda...@sibptus.tomsk.ru
Victor Sudakov wrote:
>
> I have upgraded the svn client from subversion-1.6.17 to
> subversion-1.7.2 on FreeBSD 7.4 and GSSAPI authentication stopped
> working. svn does not even try to get a Kerberos ticket and tries to
At least, how do I enable authentication debug in th
4.125.54580: ( step (
256:bm9uY2U9IkhsL29VdHFwZ0tESS9FMFVRajl4K212aUQwRjlhWnhZL1c4d1lTS2g2V0k9IixyZWFs
bT0iU0lCUFRVUy5UT01TSy5SVSIscW9wPSJhdXRoLGF1dGgtaW50LGF1dGgtY29uZiIsY2lwaGVy
PSJyYzQtNDAscmM0LTU2LHJjNCxkZXMsM2RlcyIsbWF4YnVmPTQwOTYsY2hhcnNldD11dGYtOCxh
bGdvcml0aG09bWQ1LXNlc3M=
) )
Thank you very much in advance.
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
sip:suda...@sibptus.tomsk.ru
is issue and it
> has been open since Oct. 2009:
> http://subversion.tigris.org/issues/show_bug.cgi?id=3516
>
> Anyway, I could be totally wrong here, but I do not think what you
> want to do is possible with svnserve. I hope I am mistaken, but if
> not, sorry to be the bearer o
tion.
I have found some tricky solutions for the http access method (like
defining two aliases for the same repository), but none for the
svnserve method. Any help?
Victor Sudakov wrote:
>
> I am trying to setup the following policy: a private repository with
> some public paths. Is such c
n uses
DIGEST-MD5 at once.
The patch seems to have totally broken GSSAPI. What kind of additional
debug can I provide?
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
sip:suda...@sibptus.tomsk.ru
c in svn_client_checkout3 (result_rev=0x0,
URL=0x28957058 "svn://admin/test", path=0x2894ac08 "test",
peg_revision=0xbfbfe9dc, revision=0xbfbfe9e8, depth=svn_depth_unknown,
ignore_externals=0, allow_unver_obstructions=0, ctx=0x28940840,
pool=0x28957018) at subversion/libsvn_client/deprecated.c:1453
#11 0x0804d378 in svn_cl__checkout (os=0x289401c0, baton=0xbfbfec08,
pool=0x28940018) at subversion/svn/checkout-cmd.c:160
#12 0x08054720 in main (argc=Cannot access memory at address 0x
) at subversion/svn/main.c:2119
(gdb) quit
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
sip:suda...@sibptus.tomsk.ru
inter target type
*** Error code 1
1 error
*** Error code 1
Stop in /usr/ports/devel/subversion.
*** Error code 1
Stop in /usr/ports/devel/subversion.
It does compile without the patch though.
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
sip:suda...@sibptus.tomsk.ru
Colleagues, I understand that you are expecting a patch. I am sorry, I
am a systems administrator and not a programmer, my code writing
ability does not go beyond scripting.
Victor Sudakov wrote:
>
> I have subversion-1.6.12 compiled with cyrus-sasl-2.1.23 from ports,
> FreeBSD 6.4.
&g
working.
Could we think of a way to manipulate the order? Perhaps svn needs an
option like the one OpenLDAP utilities have:
-Y mech
Specify the SASL mechanism to be used for authentication.
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
sip:suda...@sibptus.tomsk.ru
20 matches
Mail list logo
