Victor Sudakov <suda...@sibptus.tomsk.ru> writes: > Philip Martin wrote: >> >> > Setting "max-encryption = 0" really fixes the problem. Am I not >> > supposed to use any encryption or what? >> >> It is supposed to work. > > With "max-encryption = 0", is at least my Kerberos key encrypted (not > sent in the clear over the wire)?
I don't know. Would it be a problem? Kerberos is designed to provide authentication across an insecure network. >> The error "encoded packet size too big (4152 > 4096)" comes from the >> SASL library. Subversion sets the SASL buffersize to 16384 on the >> client and the server. It's not clear to me why the SASL GSSAPI module >> is using 4096. > > Is there any debug I could enable and look at? Something in > lib/sasl2/svn.conf perhaps? I have no experience debugging SASL. The best way from my point of view would be to build Subversion and SASL from source with debug symbols enabled and then use a debugger. -- Philip Martin | Subversion Committer WANdisco // *Non-Stop Data*
