On 09/07/2012 09:59 AM, Bert Huijben wrote: > Can you add a note to the release notes to tell that this changes the default > behavior?
Attaching a patch for the release notes, lest I fail to remember to patch them. -- C. Michael Pilato <[email protected]> CollabNet <> www.collab.net <> Enterprise Cloud Development
Index: publish/docs/release-notes/1.8.html =================================================================== --- publish/docs/release-notes/1.8.html (revision 1382005) +++ publish/docs/release-notes/1.8.html (working copy) @@ -265,6 +265,37 @@ </div> <!-- verify-issue4129 --> +<div class="h4" id="client-cert-prompt-suppression"> +<h4>Client prompting for SSL client certificates + <a class="sectionlink" href="#client-cert-prompt-suppression" + title="Link to this section">¶</a> +</h4> + +<p>Subversion has long supported the use of SSL client certificates +for authentication against a server which accepts such. Users +typically employ the <code>ssl-client-cert-file</code> option in their +'servers' runtime configuration file to inform the client regarding +the location of the relevant certificate file. In interactive +scenarios, Subversion can also prompt the user for the location of the +certificate file when that runtime-configured value isn't set or +otherwise suitable.</p> + +<p>Prior to 1.8.0, this prompting was enabled by default. +Unfortunately, not every server which accepts client certificates +also <em>requires</em> them. Some users were being prompted for +client certificate file locations in scenarios where no certificate +was required (or perhaps even available). So in Subversion 1.8.0, the +Subversion client defaults to <em>not</em> prompting for the location +of an SSL client certificate file unless the user has set the new +<code>ssl-client-cert-file-prompt</code> runtime configuration +option (found in the <code>[auth]</code> section of the 'config' file) +to "yes".</p> + +<p>See <a href="http://subversion.tigris.org/issues/show_bug.cgi?id=2410";>issue +#2410</a> for discussion and details.</p> + +</div> <!-- client-cert-prompt-suppression --> + </div> <!-- compat-misc --> </div> <!-- compatibility -->
signature.asc
Description: OpenPGP digital signature
