[svnbook] r5701 committed - branches/1.8/zh/book/ ch06-server-configuration.xml

wuzhouhui at users.sourceforge.net wuzhouhui at users.sourceforge.net
Sun May 27 09:35:07 CDT 2018 

Revision: 5701
          http://sourceforge.net/p/svnbook/source/5701
Author:   wuzhouhui
Date:     2018-05-27 14:35:06 +0000 (Sun, 27 May 2018)
Log Message:
-----------
1.8/zh: translation of chapter 6 in progress

Modified Paths:
--------------
    branches/1.8/zh/book/ch06-server-configuration.xml

Modified: branches/1.8/zh/book/ch06-server-configuration.xml
===================================================================
--- branches/1.8/zh/book/ch06-server-configuration.xml	2018-05-26 14:31:06 UTC (rev 5700)
+++ branches/1.8/zh/book/ch06-server-configuration.xml	2018-05-27 14:35:06 UTC (rev 5701)
@@ -2117,12 +2117,18 @@
           库, 需要确保进程 <command>svnserve</command> 对数据库文件具有读
           权限 (某些认证机制—例如 OTP—还会要求写权限).</para>
 
+      <!--
         <para>This is just one simple way of configuring SASL.  Many
           other authentication mechanisms are available, and passwords
           can be stored in other places such as in LDAP or a SQL
           database.  Consult the full SASL documentation for
           details.</para>
+      -->
+        <para>这只是一种配置 SASL 的简单方式. 还有其他多种认证机制可供选择,
+          密码也能以其他格式存在, 例如 LDAP 或 SQL 数据库, 具体的细节请参考
+          SASL 文档.</para>
 
+      <!--
         <para>Remember that if you configure your server to only allow
           certain SASL authentication mechanisms, this forces all
           connecting clients to have SASL support as well.  Any
@@ -2134,12 +2140,24 @@
           authenticate, be sure to advertise the CRAM-MD5 mechanism as
           an option.  All clients are able to use CRAM-MD5, whether
           they have SASL capabilities or not.</para>
+      -->
+        <para>注意, 如果管理员将服务器配置成仅允许使用 SASL 认证机制, 这同时
+          也在要求所有连接到服务器的客户端必须支持 SASL, 不支持 SASL 的客户
+          端 (包括 1.5 版之前的所有客户端) 将无法完成认证, 但是另一个方面,
+          这种配置也放正是你所想要的效果 (<quote>所有的客户端都必须使用
+            Kerberos!</quote>). 然而, 如果仍然存在不支持 SASL 的客户端需要
+          连接服务器, 就要确保 CRAM-MD5 认证机制是可用的, 因为所有的客户端
+          都支持 CRAM-MD5.</para>
 
       </sect3>
 
       <sect3 id="svn.serverconfig.svnserve.sasl.encryption">
+      <!--
         <title>SASL encryption</title>
+      -->
+        <title>SASL 加密</title>
 
+      <!--
         <para>SASL is also able to perform data encryption if a
           particular mechanism supports it.  The built-in CRAM-MD5
           mechanism doesn't support encryption, but DIGEST-MD5 does,
@@ -2147,6 +2165,11 @@
           OpenSSL library.  To enable or disable different levels of
           encryption, you can set two values in your repository's
           <filename>svnserve.conf</filename> file:</para>
+      -->
+        <para>如果特定的认证机制支持, 那么 SASL 也能实现数据加密. 内建的
+          CRAM-MD5 不支持加密, 但 DIGEST-MD5 支持, SRP 实际上会用到 OpenSSL
+          函数库. 为了开启或禁止加密的不同级别, 你需要在仓库的
+          <filename>svnserve.conf</filename> 里定义两个值:</para>
 
         <informalexample>
           <programlisting>

More information about the svnbook-dev mailing list