I am trying to get Subversion 1.8.5 + SASL2 working on Windows 7 or Server 2008, either one is 64 bit. I just want the local encryption from SASL using DIGEST-MD5. I don't need LDAP, AD, SSPI, or any of the other authentication methods.
I've been struggling with this for two days, so documenting all the different things I tried is not really a valuable way to ask for help.
All the links, tutorials, etc I found seem to indicate this is rather easy on an XP machine, or on Server 2003, or on a 32 bit machine. But my environment seems to deviate enough to gyve me headaches.
My conclusion is that svnserve/sasl libraries can't read the sasldb file. Here is what I've done, and how I draw that conclusion.
I am following the instructions in the chapter on setting up the server. also this was helpful: http://tortoisesvn.net/sasl_howto.html (And a lot of this is repeated all over the 'net)
(A lot of the doc says add registry 'keys' SearchPath and ConfFile, but the CollabNet and Cyrus installers added 'strings' under those keys... something that likely should be corrected in the doc. Also, I am aware of the Wow6432Node for 32 bit apps in a 64 bit world)
I did get the entire setup working in Linux (Ubuntu). So I know how to set up the DIGEST-MD5 encryption and add the users. (The reason I need Windows is we are also doing Windows builds on the machine, so need a Windows environment)
I am using CollabNet, Win32 build (but I also tried the x64 build). It comes with the Sasl libs already present, but didn't have any of the executables to manage the sasldb. So I also downloaded the binaries for Sasl from sourceforge (cyrus-sasl-2.1.26-static-x86), so I could create and manage the sasldb file.
Enough background. My issue is I am getting the error:
SASL(-13): user not found
The user is in the DB file. I put it there, and can see it with the sasldblistusers2 command.
Interestingly enough, they are listed three times in the windows version:
me@TheRealm: userPassword
me@TheRealm: cmusaslsecretOTP
me@TheRealm: cmusaslsecretSRP
But it is listed only once, the first line, in the sasldb I created on the linux machine.
I am initally running svnserve from the command line. And will until I get things working, and am ready to install it as a service.
Sadly, not a single error message is reported after the execution appears to enter the libSasl.
Here is what I have surmised is the flow:
Client -> Svnserve ->libSasl -> SearchPath registry -> Libs -> ConfFile Registry -> Sasldb file
So I systematically corrupted some settings along the above path to see what the errors were.
I changed subsersion.conf to just use the password file. All is good.
I removed libSasl - Obviously the server didn't even start.
I changed the SearchPath - It failed with "svn could not obtain list of..." Ok.
I changed it back, got "user not found". Ok
I removed the svn.conf file. Got "svn could not obtain list..." Ok.
I put it back, and changed the ConfFile setting. Same error: "svn could not obtain list..."
I corrupted the entry "mech_list: DIGEST-MD5" in the svn.conf. Same error: "svn could not obtain list..."
So when everything is set properly, I get the "user not found" error.
If I remove or change the "sasldb_path:" entry, I still get "user not found" error.
My conclusion is that the server/sasl library is finding all the steps to get to the svn.conf file, and even reading the "mech_list:" line from it, so it must be able to find the name of the sasldb file I specified.
But for some reason, it is not actually able to open the file, or if it can, it can't find the name I added.
I moved the file around, and changed the rights to it. No difference.
I even copied the sasldb file from the linux machine to the windows machine (so it is attempting to read that file that only has a single name in it, and I know works on the linux install). But it made no difference.
Does anyone have any advice?
Has anyone gotten this to work in a 64 bit system?
Thanks in advance for any help.
-Scott