| blob | c87999b01002975de15227315192947b282eddc2 |
1 ### This file specifies server-specific parameters,
2 ### including HTTP proxy information, HTTP timeout settings,
3 ### and authentication settings.
4 ###
5 ### The currently defined server options are:
6 ### http-proxy-host Proxy host for HTTP connection
7 ### http-proxy-port Port number of proxy host service
8 ### http-proxy-username Username for auth to proxy service
9 ### http-proxy-password Password for auth to proxy service
10 ### http-proxy-exceptions List of sites that do not use proxy
11 ### http-timeout Timeout for HTTP requests in seconds
12 ### http-compression Whether to compress HTTP requests
13 ### neon-debug-mask Debug mask for Neon HTTP library
14 ### http-auth-types Auth types to use for HTTP library
15 ### ssl-authority-files List of files, each of a trusted CA
16 ### ssl-trust-default-ca Trust the system 'default' CAs
17 ### ssl-client-cert-file PKCS#12 format client certificate file
18 ### ssl-client-cert-password Client Key password, if needed.
19 ### ssl-pkcs11-provider Name of PKCS#11 provider to use.
20 ### http-library Which library to use for http/https
21 ### connections (neon or serf)
22 ### store-passwords Specifies whether passwords used
23 ### to authenticate against a
24 ### Subversion server may be cached
25 ### to disk in any way.
26 ### store-plaintext-passwords Specifies whether passwords may
27 ### be cached on disk unencrypted.
28 ### store-ssl-client-cert-pp Specifies whether passphrase used
29 ### to authenticate against a client
30 ### certificate may be cached to disk
31 ### in any way
32 ### store-ssl-client-cert-pp-plaintext
33 ### Specifies whether client cert
34 ### passphrases may be cached on disk
35 ### unencrypted (i.e., as plaintext).
36 ### store-auth-creds Specifies whether any auth info
37 ### (passwords as well as server certs)
38 ### may be cached to disk.
39 ### username Specifies the default username.
40 ###
41 ### Set store-passwords to 'no' to avoid storing passwords in the
42 ### auth/ area of your config directory. It defaults to 'yes',
43 ### but Subversion will never save your password to disk in
44 ### plaintext unless you tell it to.
45 ### Note that this option only prevents saving of *new* passwords;
46 ### it doesn't invalidate existing passwords. (To do that, remove
47 ### the cache files by hand as described in the Subversion book.)
48 ###
49 ### Set store-plaintext-passwords to 'no' to avoid storing
50 ### passwords in unencrypted form in the auth/ area of your config
51 ### directory. Set it to 'yes' to allow Subversion to store
52 ### unencrypted passwords in the auth/ area. The default is
53 ### 'ask', which means that Subversion will ask you before
54 ### saving a password to disk in unencrypted form. Note that
55 ### this option has no effect if either 'store-passwords' or
56 ### 'store-auth-creds' is set to 'no'.
57 ###
58 ### Set store-ssl-client-cert-pp to 'no' to avoid storing ssl
59 ### client certificate passphrases in the auth/ area of your
60 ### config directory. It defaults to 'yes', but Subversion will
61 ### never save your passphrase to disk in plaintext unless you tell
62 ### it to via 'store-ssl-client-cert-pp-plaintext' (see below).
63 ###
64 ### Note store-ssl-client-cert-pp only prevents the saving of *new*
65 ### passphrases; it doesn't invalidate existing passphrases. To do
66 ### that, remove the cache files by hand as described in the
67 ### Subversion book at http://svnbook.red-bean.com/nightly/en/\
68 ### svn.serverconfig.netmodel.html\
69 ### #svn.serverconfig.netmodel.credcache
70 ###
71 ### Set store-ssl-client-cert-pp-plaintext to 'no' to avoid storing
72 ### passphrases in unencrypted form in the auth/ area of your
73 ### config directory. Set it to 'yes' to allow Subversion to
74 ### store unencrypted passphrases in the auth/ area. The default
75 ### is 'ask', which means that Subversion will prompt before
76 ### saving a passphrase to disk in unencrypted form. Note that
77 ### this option has no effect if either 'store-auth-creds' or
78 ### 'store-ssl-client-cert-pp' is set to 'no'.
79 ###
80 ### Set store-auth-creds to 'no' to avoid storing any Subversion
81 ### credentials in the auth/ area of your config directory.
82 ### Note that this includes SSL server certificates.
83 ### It defaults to 'yes'. Note that this option only prevents
84 ### saving of *new* credentials; it doesn't invalidate existing
85 ### caches. (To do that, remove the cache files by hand.)
86 ###
87 ### HTTP timeouts, if given, are specified in seconds. A timeout
88 ### of 0, i.e. zero, causes a builtin default to be used.
89 ###
90 ### The commented-out examples below are intended only to
91 ### demonstrate how to use this file; any resemblance to actual
92 ### servers, living or dead, is entirely coincidental.
94 ### In the 'groups' section, the URL of the repository you're
95 ### trying to access is matched against the patterns on the right.
96 ### If a match is found, the server options are taken from the
97 ### section with the corresponding name on the left.
99 [groups]
100 # group1 = *.collab.net
101 # othergroup = repository.blarggitywhoomph.com
102 # thirdgroup = *.example.com
104 ### Information for the first group:
105 # [group1]
106 # http-proxy-host = proxy1.some-domain-name.com
107 # http-proxy-port = 80
108 # http-proxy-username = blah
109 # http-proxy-password = doubleblah
110 # http-timeout = 60
111 # http-auth-types = basic;digest;negotiate
112 # neon-debug-mask = 130
113 # store-plaintext-passwords = no
114 # username = harry
116 ### Information for the second group:
117 # [othergroup]
118 # http-proxy-host = proxy2.some-domain-name.com
119 # http-proxy-port = 9000
120 # No username and password for the proxy, so use the defaults below.
122 ### You can set default parameters in the 'global' section.
123 ### These parameters apply if no corresponding parameter is set in
124 ### a specifically matched group as shown above. Thus, if you go
125 ### through the same proxy server to reach every site on the
126 ### Internet, you probably just want to put that server's
127 ### information in the 'global' section and not bother with
128 ### 'groups' or any other sections.
129 ###
130 ### Most people might want to configure password caching
131 ### parameters here, but you can also configure them per server
132 ### group (per-group settings override global settings).
133 ###
134 ### If you go through a proxy for all but a few sites, you can
135 ### list those exceptions under 'http-proxy-exceptions'. This only
136 ### overrides defaults, not explicitly matched server names.
137 ###
138 ### 'ssl-authority-files' is a semicolon-delimited list of files,
139 ### each pointing to a PEM-encoded Certificate Authority (CA)
140 ### SSL certificate. See details above for overriding security
141 ### due to SSL.
142 [global]
143 # http-proxy-exceptions = *.exception.com, www.internal-site.org
144 # http-proxy-host = defaultproxy.whatever.com
145 # http-proxy-port = 7000
146 # http-proxy-username = defaultusername
147 # http-proxy-password = defaultpassword
148 # http-compression = no
149 # http-auth-types = basic;digest;negotiate
150 # No http-timeout, so just use the builtin default.
151 # No neon-debug-mask, so neon debugging is disabled.
152 # ssl-authority-files = /path/to/CAcert.pem;/path/to/CAcert2.pem
153 #
154 # Password / passphrase caching parameters:
155 # store-passwords = no
156 # store-plaintext-passwords = no
157 # store-ssl-client-cert-pp = no
158 # store-ssl-client-cert-pp-plaintext = no