source: 2012/26/Antti-JussiL/servers @ 3151

Revision 3151, 7.7 KB checked in by anlakane, 8 years ago (diff)

Talletus.

Line 
1### This file specifies server-specific parameters,
2### including HTTP proxy information, HTTP timeout settings,
3### and authentication settings.
4###
5### The currently defined server options are:
6###   http-proxy-host            Proxy host for HTTP connection
7###   http-proxy-port            Port number of proxy host service
8###   http-proxy-username        Username for auth to proxy service
9###   http-proxy-password        Password for auth to proxy service
10###   http-proxy-exceptions      List of sites that do not use proxy
11###   http-timeout               Timeout for HTTP requests in seconds
12###   http-compression           Whether to compress HTTP requests
13###   neon-debug-mask            Debug mask for Neon HTTP library
14###   http-auth-types            Auth types to use for HTTP library
15###   ssl-authority-files        List of files, each of a trusted CA
16###   ssl-trust-default-ca       Trust the system 'default' CAs
17###   ssl-client-cert-file       PKCS#12 format client certificate file
18###   ssl-client-cert-password   Client Key password, if needed.
19###   ssl-pkcs11-provider        Name of PKCS#11 provider to use.
20###   http-library               Which library to use for http/https
21###                              connections (neon or serf)
22###   store-passwords            Specifies whether passwords used
23###                              to authenticate against a
24###                              Subversion server may be cached
25###                              to disk in any way.
26###   store-plaintext-passwords  Specifies whether passwords may
27###                              be cached on disk unencrypted.
28###   store-ssl-client-cert-pp   Specifies whether passphrase used
29###                              to authenticate against a client
30###                              certificate may be cached to disk
31###                              in any way
32###   store-ssl-client-cert-pp-plaintext
33###                              Specifies whether client cert
34###                              passphrases may be cached on disk
35###                              unencrypted (i.e., as plaintext).
36###   store-auth-creds           Specifies whether any auth info
37###                              (passwords as well as server certs)
38###                              may be cached to disk.
39###   username                   Specifies the default username.
40###
41### Set store-passwords to 'no' to avoid storing passwords on disk
42### in any way, including in password stores. It defaults to 'yes',
43### but Subversion will never save your password to disk in plaintext
44### unless you tell it to.
45### Note that this option only prevents saving of *new* passwords;
46### it doesn't invalidate existing passwords.  (To do that, remove
47### the cache files by hand as described in the Subversion book.)
48###
49### Set store-plaintext-passwords to 'no' to avoid storing
50### passwords in unencrypted form in the auth/ area of your config
51### directory. Set it to 'yes' to allow Subversion to store
52### unencrypted passwords in the auth/ area.  The default is
53### 'ask', which means that Subversion will ask you before
54### saving a password to disk in unencrypted form.  Note that
55### this option has no effect if either 'store-passwords' or
56### 'store-auth-creds' is set to 'no'.
57###
58### Set store-ssl-client-cert-pp to 'no' to avoid storing ssl
59### client certificate passphrases in the auth/ area of your
60### config directory.  It defaults to 'yes', but Subversion will
61### never save your passphrase to disk in plaintext unless you tell
62### it to via 'store-ssl-client-cert-pp-plaintext' (see below).
63###
64### Note store-ssl-client-cert-pp only prevents the saving of *new*
65### passphrases; it doesn't invalidate existing passphrases.  To do
66### that, remove the cache files by hand as described in the
67### Subversion book at http://svnbook.red-bean.com/nightly/en/\
68###                    svn.serverconfig.netmodel.html\
69###                    #svn.serverconfig.netmodel.credcache
70###
71### Set store-ssl-client-cert-pp-plaintext to 'no' to avoid storing
72### passphrases in unencrypted form in the auth/ area of your
73### config directory.  Set it to 'yes' to allow Subversion to
74### store unencrypted passphrases in the auth/ area.  The default
75### is 'ask', which means that Subversion will prompt before
76### saving a passphrase to disk in unencrypted form.  Note that
77### this option has no effect if either 'store-auth-creds' or
78### 'store-ssl-client-cert-pp' is set to 'no'.
79###
80### Set store-auth-creds to 'no' to avoid storing any Subversion
81### credentials in the auth/ area of your config directory.
82### Note that this includes SSL server certificates.
83### It defaults to 'yes'.  Note that this option only prevents
84### saving of *new* credentials;  it doesn't invalidate existing
85### caches.  (To do that, remove the cache files by hand.)
86###
87### HTTP timeouts, if given, are specified in seconds.  A timeout
88### of 0, i.e. zero, causes a builtin default to be used.
89###
90### The commented-out examples below are intended only to
91### demonstrate how to use this file; any resemblance to actual
92### servers, living or dead, is entirely coincidental.
93
94### In the 'groups' section, the URL of the repository you're
95### trying to access is matched against the patterns on the right.
96### If a match is found, the server options are taken from the
97### section with the corresponding name on the left.
98
99[groups]
100# group1 = *.collab.net
101# othergroup = repository.blarggitywhoomph.com
102# thirdgroup = *.example.com
103
104### Information for the first group:
105# [group1]
106# http-proxy-host = proxy1.some-domain-name.com
107# http-proxy-port = 80
108# http-proxy-username = blah
109# http-proxy-password = doubleblah
110# http-timeout = 60
111# http-auth-types = basic;digest;negotiate
112# neon-debug-mask = 130
113# store-plaintext-passwords = no
114# username = harry
115
116### Information for the second group:
117# [othergroup]
118# http-proxy-host = proxy2.some-domain-name.com
119# http-proxy-port = 9000
120# No username and password for the proxy, so use the defaults below.
121
122### You can set default parameters in the 'global' section.
123### These parameters apply if no corresponding parameter is set in
124### a specifically matched group as shown above.  Thus, if you go
125### through the same proxy server to reach every site on the
126### Internet, you probably just want to put that server's
127### information in the 'global' section and not bother with
128### 'groups' or any other sections.
129###
130### Most people might want to configure password caching
131### parameters here, but you can also configure them per server
132### group (per-group settings override global settings).
133###
134### If you go through a proxy for all but a few sites, you can
135### list those exceptions under 'http-proxy-exceptions'.  This only
136### overrides defaults, not explicitly matched server names.
137###
138### 'ssl-authority-files' is a semicolon-delimited list of files,
139### each pointing to a PEM-encoded Certificate Authority (CA)
140### SSL certificate.  See details above for overriding security
141### due to SSL.
142[global]
143# http-proxy-exceptions = *.exception.com, www.internal-site.org
144# http-proxy-host = defaultproxy.whatever.com
145# http-proxy-port = 7000
146# http-proxy-username = defaultusername
147# http-proxy-password = defaultpassword
148# http-compression = no
149# http-auth-types = basic;digest;negotiate
150# No http-timeout, so just use the builtin default.
151# No neon-debug-mask, so neon debugging is disabled.
152# ssl-authority-files = /path/to/CAcert.pem;/path/to/CAcert2.pem
153#
154# Password / passphrase caching parameters:
155# store-passwords = no
156# store-plaintext-passwords = no
157# store-ssl-client-cert-pp = no
158# store-ssl-client-cert-pp-plaintext = no
Note: See TracBrowser for help on using the repository browser.