| 1 | ### This file specifies server-specific parameters,
|
|---|
| 2 | ### including HTTP proxy information, HTTP timeout settings,
|
|---|
| 3 | ### and authentication settings.
|
|---|
| 4 | ###
|
|---|
| 5 | ### The currently defined server options are:
|
|---|
| 6 | ### http-proxy-host Proxy host for HTTP connection
|
|---|
| 7 | ### http-proxy-port Port number of proxy host service
|
|---|
| 8 | ### http-proxy-username Username for auth to proxy service
|
|---|
| 9 | ### http-proxy-password Password for auth to proxy service
|
|---|
| 10 | ### http-proxy-exceptions List of sites that do not use proxy
|
|---|
| 11 | ### http-timeout Timeout for HTTP requests in seconds
|
|---|
| 12 | ### http-compression Whether to compress HTTP requests
|
|---|
| 13 | ### neon-debug-mask Debug mask for Neon HTTP library
|
|---|
| 14 | ### http-auth-types Auth types to use for HTTP library
|
|---|
| 15 | ### ssl-authority-files List of files, each of a trusted CA
|
|---|
| 16 | ### ssl-trust-default-ca Trust the system 'default' CAs
|
|---|
| 17 | ### ssl-client-cert-file PKCS#12 format client certificate file
|
|---|
| 18 | ### ssl-client-cert-password Client Key password, if needed.
|
|---|
| 19 | ### ssl-pkcs11-provider Name of PKCS#11 provider to use.
|
|---|
| 20 | ### http-library Which library to use for http/https
|
|---|
| 21 | ### connections (neon or serf)
|
|---|
| 22 | ### store-passwords Specifies whether passwords used
|
|---|
| 23 | ### to authenticate against a
|
|---|
| 24 | ### Subversion server may be cached
|
|---|
| 25 | ### to disk in any way.
|
|---|
| 26 | ### store-plaintext-passwords Specifies whether passwords may
|
|---|
| 27 | ### be cached on disk unencrypted.
|
|---|
| 28 | ### store-ssl-client-cert-pp Specifies whether passphrase used
|
|---|
| 29 | ### to authenticate against a client
|
|---|
| 30 | ### certificate may be cached to disk
|
|---|
| 31 | ### in any way
|
|---|
| 32 | ### store-ssl-client-cert-pp-plaintext
|
|---|
| 33 | ### Specifies whether client cert
|
|---|
| 34 | ### passphrases may be cached on disk
|
|---|
| 35 | ### unencrypted (i.e., as plaintext).
|
|---|
| 36 | ### store-auth-creds Specifies whether any auth info
|
|---|
| 37 | ### (passwords as well as server certs)
|
|---|
| 38 | ### may be cached to disk.
|
|---|
| 39 | ### username Specifies the default username.
|
|---|
| 40 | ###
|
|---|
| 41 | ### Set store-passwords to 'no' to avoid storing passwords on disk
|
|---|
| 42 | ### in any way, including in password stores. It defaults to 'yes',
|
|---|
| 43 | ### but Subversion will never save your password to disk in plaintext
|
|---|
| 44 | ### unless you tell it to.
|
|---|
| 45 | ### Note that this option only prevents saving of *new* passwords;
|
|---|
| 46 | ### it doesn't invalidate existing passwords. (To do that, remove
|
|---|
| 47 | ### the cache files by hand as described in the Subversion book.)
|
|---|
| 48 | ###
|
|---|
| 49 | ### Set store-plaintext-passwords to 'no' to avoid storing
|
|---|
| 50 | ### passwords in unencrypted form in the auth/ area of your config
|
|---|
| 51 | ### directory. Set it to 'yes' to allow Subversion to store
|
|---|
| 52 | ### unencrypted passwords in the auth/ area. The default is
|
|---|
| 53 | ### 'ask', which means that Subversion will ask you before
|
|---|
| 54 | ### saving a password to disk in unencrypted form. Note that
|
|---|
| 55 | ### this option has no effect if either 'store-passwords' or
|
|---|
| 56 | ### 'store-auth-creds' is set to 'no'.
|
|---|
| 57 | ###
|
|---|
| 58 | ### Set store-ssl-client-cert-pp to 'no' to avoid storing ssl
|
|---|
| 59 | ### client certificate passphrases in the auth/ area of your
|
|---|
| 60 | ### config directory. It defaults to 'yes', but Subversion will
|
|---|
| 61 | ### never save your passphrase to disk in plaintext unless you tell
|
|---|
| 62 | ### it to via 'store-ssl-client-cert-pp-plaintext' (see below).
|
|---|
| 63 | ###
|
|---|
| 64 | ### Note store-ssl-client-cert-pp only prevents the saving of *new*
|
|---|
| 65 | ### passphrases; it doesn't invalidate existing passphrases. To do
|
|---|
| 66 | ### that, remove the cache files by hand as described in the
|
|---|
| 67 | ### Subversion book at http://svnbook.red-bean.com/nightly/en/\
|
|---|
| 68 | ### svn.serverconfig.netmodel.html\
|
|---|
| 69 | ### #svn.serverconfig.netmodel.credcache
|
|---|
| 70 | ###
|
|---|
| 71 | ### Set store-ssl-client-cert-pp-plaintext to 'no' to avoid storing
|
|---|
| 72 | ### passphrases in unencrypted form in the auth/ area of your
|
|---|
| 73 | ### config directory. Set it to 'yes' to allow Subversion to
|
|---|
| 74 | ### store unencrypted passphrases in the auth/ area. The default
|
|---|
| 75 | ### is 'ask', which means that Subversion will prompt before
|
|---|
| 76 | ### saving a passphrase to disk in unencrypted form. Note that
|
|---|
| 77 | ### this option has no effect if either 'store-auth-creds' or
|
|---|
| 78 | ### 'store-ssl-client-cert-pp' is set to 'no'.
|
|---|
| 79 | ###
|
|---|
| 80 | ### Set store-auth-creds to 'no' to avoid storing any Subversion
|
|---|
| 81 | ### credentials in the auth/ area of your config directory.
|
|---|
| 82 | ### Note that this includes SSL server certificates.
|
|---|
| 83 | ### It defaults to 'yes'. Note that this option only prevents
|
|---|
| 84 | ### saving of *new* credentials; it doesn't invalidate existing
|
|---|
| 85 | ### caches. (To do that, remove the cache files by hand.)
|
|---|
| 86 | ###
|
|---|
| 87 | ### HTTP timeouts, if given, are specified in seconds. A timeout
|
|---|
| 88 | ### of 0, i.e. zero, causes a builtin default to be used.
|
|---|
| 89 | ###
|
|---|
| 90 | ### The commented-out examples below are intended only to
|
|---|
| 91 | ### demonstrate how to use this file; any resemblance to actual
|
|---|
| 92 | ### servers, living or dead, is entirely coincidental.
|
|---|
| 93 |
|
|---|
| 94 | ### In the 'groups' section, the URL of the repository you're
|
|---|
| 95 | ### trying to access is matched against the patterns on the right.
|
|---|
| 96 | ### If a match is found, the server options are taken from the
|
|---|
| 97 | ### section with the corresponding name on the left.
|
|---|
| 98 |
|
|---|
| 99 | [groups]
|
|---|
| 100 | # group1 = *.collab.net
|
|---|
| 101 | # othergroup = repository.blarggitywhoomph.com
|
|---|
| 102 | # thirdgroup = *.example.com
|
|---|
| 103 |
|
|---|
| 104 | ### Information for the first group:
|
|---|
| 105 | # [group1]
|
|---|
| 106 | # http-proxy-host = proxy1.some-domain-name.com
|
|---|
| 107 | # http-proxy-port = 80
|
|---|
| 108 | # http-proxy-username = blah
|
|---|
| 109 | # http-proxy-password = doubleblah
|
|---|
| 110 | # http-timeout = 60
|
|---|
| 111 | # http-auth-types = basic;digest;negotiate
|
|---|
| 112 | # neon-debug-mask = 130
|
|---|
| 113 | # store-plaintext-passwords = no
|
|---|
| 114 | # username = harry
|
|---|
| 115 |
|
|---|
| 116 | ### Information for the second group:
|
|---|
| 117 | # [othergroup]
|
|---|
| 118 | # http-proxy-host = proxy2.some-domain-name.com
|
|---|
| 119 | # http-proxy-port = 9000
|
|---|
| 120 | # No username and password for the proxy, so use the defaults below.
|
|---|
| 121 |
|
|---|
| 122 | ### You can set default parameters in the 'global' section.
|
|---|
| 123 | ### These parameters apply if no corresponding parameter is set in
|
|---|
| 124 | ### a specifically matched group as shown above. Thus, if you go
|
|---|
| 125 | ### through the same proxy server to reach every site on the
|
|---|
| 126 | ### Internet, you probably just want to put that server's
|
|---|
| 127 | ### information in the 'global' section and not bother with
|
|---|
| 128 | ### 'groups' or any other sections.
|
|---|
| 129 | ###
|
|---|
| 130 | ### Most people might want to configure password caching
|
|---|
| 131 | ### parameters here, but you can also configure them per server
|
|---|
| 132 | ### group (per-group settings override global settings).
|
|---|
| 133 | ###
|
|---|
| 134 | ### If you go through a proxy for all but a few sites, you can
|
|---|
| 135 | ### list those exceptions under 'http-proxy-exceptions'. This only
|
|---|
| 136 | ### overrides defaults, not explicitly matched server names.
|
|---|
| 137 | ###
|
|---|
| 138 | ### 'ssl-authority-files' is a semicolon-delimited list of files,
|
|---|
| 139 | ### each pointing to a PEM-encoded Certificate Authority (CA)
|
|---|
| 140 | ### SSL certificate. See details above for overriding security
|
|---|
| 141 | ### due to SSL.
|
|---|
| 142 | [global]
|
|---|
| 143 | # http-proxy-exceptions = *.exception.com, www.internal-site.org
|
|---|
| 144 | # http-proxy-host = defaultproxy.whatever.com
|
|---|
| 145 | # http-proxy-port = 7000
|
|---|
| 146 | # http-proxy-username = defaultusername
|
|---|
| 147 | # http-proxy-password = defaultpassword
|
|---|
| 148 | # http-compression = no
|
|---|
| 149 | # http-auth-types = basic;digest;negotiate
|
|---|
| 150 | # No http-timeout, so just use the builtin default.
|
|---|
| 151 | # No neon-debug-mask, so neon debugging is disabled.
|
|---|
| 152 | # ssl-authority-files = /path/to/CAcert.pem;/path/to/CAcert2.pem
|
|---|
| 153 | #
|
|---|
| 154 | # Password / passphrase caching parameters:
|
|---|
| 155 | # store-passwords = no
|
|---|
| 156 | # store-plaintext-passwords = no
|
|---|
| 157 | # store-ssl-client-cert-pp = no
|
|---|
| 158 | # store-ssl-client-cert-pp-plaintext = no
|
|---|
![(please configure the [header_logo] section in trac.ini)](/pubtrac/Genius/chrome/site/your_project_logo.png){kind=logo}
