[svnbook] r5701 committed - branches/1.8/zh/book/ ch06-server-configuration.xml
wuzhouhui at users.sourceforge.net
wuzhouhui at users.sourceforge.net
Sun May 27 09:35:07 CDT 2018
Revision: 5701
http://sourceforge.net/p/svnbook/source/5701
Author: wuzhouhui
Date: 2018-05-27 14:35:06 +0000 (Sun, 27 May 2018)
Log Message:
-----------
1.8/zh: translation of chapter 6 in progress
Modified Paths:
--------------
branches/1.8/zh/book/ch06-server-configuration.xml
Modified: branches/1.8/zh/book/ch06-server-configuration.xml
===================================================================
--- branches/1.8/zh/book/ch06-server-configuration.xml 2018-05-26 14:31:06 UTC (rev 5700)
+++ branches/1.8/zh/book/ch06-server-configuration.xml 2018-05-27 14:35:06 UTC (rev 5701)
@@ -2117,12 +2117,18 @@
库, 需要确保进程 <command>svnserve</command> 对数据库文件具有读
权限 (某些认证机制—例如 OTP—还会要求写权限).</para>
+ <!--
<para>This is just one simple way of configuring SASL. Many
other authentication mechanisms are available, and passwords
can be stored in other places such as in LDAP or a SQL
database. Consult the full SASL documentation for
details.</para>
+ -->
+ <para>这只是一种配置 SASL 的简单方式. 还有其他多种认证机制可供选择,
+ 密码也能以其他格式存在, 例如 LDAP 或 SQL 数据库, 具体的细节请参考
+ SASL 文档.</para>
+ <!--
<para>Remember that if you configure your server to only allow
certain SASL authentication mechanisms, this forces all
connecting clients to have SASL support as well. Any
@@ -2134,12 +2140,24 @@
authenticate, be sure to advertise the CRAM-MD5 mechanism as
an option. All clients are able to use CRAM-MD5, whether
they have SASL capabilities or not.</para>
+ -->
+ <para>注意, 如果管理员将服务器配置成仅允许使用 SASL 认证机制, 这同时
+ 也在要求所有连接到服务器的客户端必须支持 SASL, 不支持 SASL 的客户
+ 端 (包括 1.5 版之前的所有客户端) 将无法完成认证, 但是另一个方面,
+ 这种配置也放正是你所想要的效果 (<quote>所有的客户端都必须使用
+ Kerberos!</quote>). 然而, 如果仍然存在不支持 SASL 的客户端需要
+ 连接服务器, 就要确保 CRAM-MD5 认证机制是可用的, 因为所有的客户端
+ 都支持 CRAM-MD5.</para>
</sect3>
<sect3 id="svn.serverconfig.svnserve.sasl.encryption">
+ <!--
<title>SASL encryption</title>
+ -->
+ <title>SASL 加密</title>
+ <!--
<para>SASL is also able to perform data encryption if a
particular mechanism supports it. The built-in CRAM-MD5
mechanism doesn't support encryption, but DIGEST-MD5 does,
@@ -2147,6 +2165,11 @@
OpenSSL library. To enable or disable different levels of
encryption, you can set two values in your repository's
<filename>svnserve.conf</filename> file:</para>
+ -->
+ <para>如果特定的认证机制支持, 那么 SASL 也能实现数据加密. 内建的
+ CRAM-MD5 不支持加密, 但 DIGEST-MD5 支持, SRP 实际上会用到 OpenSSL
+ 函数库. 为了开启或禁止加密的不同级别, 你需要在仓库的
+ <filename>svnserve.conf</filename> 里定义两个值:</para>
<informalexample>
<programlisting>
More information about the svnbook-dev
mailing list