#35300: subversion ignores Negotiate? --------------------------------------+------------------------------------- Reporter: 56h29g002@… | Owner: macports-tickets@… Type: defect | Status: new Priority: Normal | Milestone: Component: ports | Version: 2.1.1 Keywords: GSSAPI Kerberos svn | Port: subversion --------------------------------------+------------------------------------- Comment(by 56h29g002@…): Some more context: I am running Mac OS 10.7.4, Macports 2.1.1, subversion @1.7.5_0+universal, neon @0.29.6_1+universal -- Ticket URL: <https://trac.macports.org/ticket/35300#comment:1> MacPorts <http://www.macports.org/> Ports system for Mac OS

#35300: subversion ignores Negotiate? ---------------------------------------+------------------------------------ Reporter: 56h29g002@… | Owner: dluke@… Type: defect | Status: closed Priority: Normal | Milestone: Component: ports | Version: 2.1.1 Resolution: invalid | Keywords: GSSAPI Kerberos svn Port: subversion | ---------------------------------------+------------------------------------ Changes (by dluke@…): * status: new => closed * resolution: => invalid Comment: subversion uses cyrus-sasl for authentication, the MacPorts port doesn't build kerberos support by default. If you re-build cyrus-sasl2 with +kerberos things should work for you. -- Ticket URL: <https://trac.macports.org/ticket/35300#comment:3> MacPorts <http://www.macports.org/> Ports system for Mac OS

#35300: subversion ignores Negotiate? ---------------------------------------+------------------------------------ Reporter: 56h29g002@… | Owner: dluke@… Type: defect | Status: reopened Priority: Normal | Milestone: Component: ports | Version: 2.1.1 Resolution: | Keywords: GSSAPI Kerberos svn Port: subversion | ---------------------------------------+------------------------------------ Comment(by dluke@…): I don't have a kerberos setup to test with, so you're probably going to have to figure out what is wrong (and either provide a patch or gather enough information so I can put one together for you to test). One thing that might make a difference is the build order of things. It's possible that subversion built against cyrus-sasl2 (-kerberos) won't do kerberos things even if you later install cyrus-sasl2+kerberos. Is it possible that you did: {{{ port install subversion port -f uninstall cyrus-sasl2 port install cyrus-sasl2+kerberos }}} -- Ticket URL: <https://trac.macports.org/ticket/35300#comment:5> MacPorts <http://www.macports.org/> Ports system for Mac OS

#35300: subversion ignores Negotiate? ---------------------------------------+------------------------------------ Reporter: 56h29g002@… | Owner: dluke@… Type: defect | Status: reopened Priority: Normal | Milestone: Component: ports | Version: 2.1.1 Resolution: | Keywords: GSSAPI Kerberos svn Port: subversion | ---------------------------------------+------------------------------------ Comment(by 56h29g002@…): So, if I'm gathering information, where do I look? Are there any particular logs that I should examine? Any experiments I should do? -- Ticket URL: <https://trac.macports.org/ticket/35300#comment:7> MacPorts <http://www.macports.org/> Ports system for Mac OS

#35300: subversion ignores Negotiate? ---------------------------------------+------------------------------------ Reporter: 56h29g002@… | Owner: dluke@… Type: defect | Status: new Priority: Normal | Milestone: Component: ports | Version: 2.1.1 Resolution: | Keywords: GSSAPI Kerberos svn Port: subversion | ---------------------------------------+------------------------------------ Changes (by dluke@…): * status: reopened => new * owner: dluke@… => dluke@… -- Ticket URL: <https://trac.macports.org/ticket/35300#comment:9> MacPorts <http://www.macports.org/> Ports system for Mac OS

#35300: subversion ignores Negotiate? --------------------------+--------------------------------- Reporter: 56h29g002@… | Owner: dluke@… Type: defect | Status: reopened Priority: Normal | Milestone: Component: ports | Version: 2.1.1 Resolution: | Keywords: GSSAPI Kerberos svn Port: subversion | --------------------------+--------------------------------- Changes (by fbacchella@…): * status: closed => reopened * resolution: fixed => Comment: I uninstalled everything, re-installed svn with : {{{ sudo port install subversion +kerberos }}} And the connection failed : {{{ $ svn co http://svnserver/svn/sysop svn: E170001: Unable to connect to a repository at URL 'http://svnserver/svn/sysop' svn: E170001: OPTIONS of 'http://svnserver/svn/sysop': authorization failed: Could not authenticate to server: ignored Negotiate challenge (http://svnserver) }}} As my ports was empty, everything is up to date : {{{ apr @1.4.6_1 (active) apr-util @1.4.1_0 (active) curl-ca-bundle @7.28.0_0 (active) cyrus-sasl2 @2.1.25_2+kerberos (active) db46 @4.6.21_7 (active) expat @2.1.0_0 (active) gettext @0.18.1.1_2 (active) kerberos5 @1.7.2_0 (active) libedit @20120601-3.0_0 (active) libiconv @1.14_0 (active) ncurses @5.9_1 (active) neon @0.29.6_1 (active) openssl @1.0.1c_0 (active) serf1 @1.1.1_0 (active) sqlite3 @3.7.14.1_0 (active) subversion @1.7.7_0 (active) zlib @1.2.7_0 (active) }}} port is up to date too : {{{ $ port version Version: 2.1.2 }}} It was working fine a few days ago, just before an upgrade. When I tcpdump the http exchange, I see the Authentication: negotiate from the server but svn ignore it. -- Ticket URL: <https://trac.macports.org/ticket/35300#comment:11> MacPorts <http://www.macports.org/> Ports system for Mac OS

#35300: subversion ignores Negotiate? --------------------------+--------------------------------- Reporter: 56h29g002@… | Owner: dluke@… Type: defect | Status: reopened Priority: Normal | Milestone: Component: ports | Version: 2.1.1 Resolution: | Keywords: GSSAPI Kerberos svn Port: subversion | --------------------------+--------------------------------- Comment (by fbacchella@…): After much investigation, it's not a problem with macports. One should add : {{{ [global] http-auth-types = Negotiate }}} in there ~/.subversion/servers. I think upstream changed the default settings in the last version, because it failed after an upgrade of macport's subversion from 1.7.6_2 to 1.7.7_0. Sorry for the false ticket re-open. -- Ticket URL: <https://trac.macports.org/ticket/35300#comment:13> MacPorts <http://www.macports.org/> Ports system for Mac OS

#35300: subversion ignores Negotiate? --------------------------+--------------------------------- Reporter: 56h29g002@… | Owner: dluke@… Type: defect | Status: closed Priority: Normal | Milestone: Component: ports | Version: 2.1.1 Resolution: fixed | Keywords: GSSAPI Kerberos svn Port: subversion | --------------------------+--------------------------------- Comment (by dluke@…): Replying to [comment:13 fbacchella@…]:

Sorry for the false ticket re-open.

Thanks for posting the fix, though. Hopefully if anyone else has the problem they'll see it when they search. -- Ticket URL: <https://trac.macports.org/ticket/35300#comment:15> MacPorts <http://www.macports.org/> Ports system for Mac OS