subversion-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From 1983-01...@gmx.net
Subject Re: Proxy authentication with Negotiate uses wrong host
Date Wed, 24 Aug 2011 07:26:19 GMT
> Betreff: Re: Proxy authentication with Negotiate uses wrong host
> > Digging deeper into that file shows that Negotiate auth for servers
> > (not proxy servers) is done only when the server is servered with
> > HTTPS [2].
> 
> Having taken a brief glance it looks as if you can override this
> via the http-auth-types option in ~/.subversion/servers.
> Have you tried that?

Yes, I did that already. Set to negotiate;basic. No avail.
For some strange reason it simply ignores the setup. Should I try any specific neon debug
mask?
 
> > I took a look back at neon_auth.h (define
> > NE_AUTH_NEGOTIATE) [3] and it constantly says that Digest and
> > Negotiate are unsecure and require a secure connection which is
> > complete non-sense. Kerberos was designed to provide security in
> > unsecure networks. This is definitively wrong documentation.
> 
> Not sure if this documentation is generally wrong.
> It can depend on what kinds of assumptions people make about security.
> Please verify this question with the neon devs.

I'll do but why is Negotiate auth activated in session.c if the target host is ssy only? This
should be on the user to decide not subversion.

Mike

-- 
NEU: FreePhone - 0ct/min Handyspartarif mit Geld-zurück-Garantie!		
Jetzt informieren: http://www.gmx.net/de/go/freephone


-- 
NEU: FreePhone - 0ct/min Handyspartarif mit Geld-zurück-Garantie!		
Jetzt informieren: http://www.gmx.net/de/go/freephone

Mime
View raw message