[sysad...@gorod0k.ru] > Hi, I detect problem in mod_dav_svn or mod_dav_svn_authz. > If enabled mod_evasive, problems with authorization to subversion.
I haven't investigated this in detail, but Subversion libsvn_neon (client side) and mod_dav_svn (server side) implement a rather inefficient protocol. Accomplishing anything requires too many queries and too many round trips. It is possible that mod_evasive is noticing these patterns and mistaking them for a DoS attack. Subversion 1.7, when it comes out (early next year, perhaps) will have a redesigned, more streamlined, HTTP-based protocol. This will only be used when both client and server are running 1.7, of course, but I expect it may solve this bug. Thanks for the report, Peter -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
