On Mon, Aug 19, 2013 at 10:19 PM, Mark Tsuchida <marktsuch...@gmail.com> wrote: > Hello, > > I'm having an issue with our partially-public SVN repository. > > The server is running SVN 1.6.11 (CentOS 6.4) with Apache and TLS. > Our repository (let's call it "myrepo") allows public read access (* = > r) to myrepo/trunk, but not to myrepo/ (the root). There is also a > directory myrepo/trunk/secret to which only specific users have access > to. > > Everything has been working as expected with SVN 1.6 and 1.7 clients: > in particular, no username or password is requested when checking out > myrepo/trunk. > > However, with SVN 1.8.0 and 1.8.1 clients, it is not possible to check > out any directory without supplying the credentials of a user who has > access to the repository root. > > svn co https://our.server.com/svn/myrepo/trunk -> Requires > authentication with client 1.8.x but not with 1.6.x or 1.7.x > svn list https://our.server.com/svn/myrepo/trunk -> Works even with 1.8.1 > svn list https://our.server.com/svn/myrepo -> Requires auth, as expected > > The 1.8.x clients can successfully check out myrepo/trunk if a > username and password are given, for a user with access to the > repository root. > > I have so far been unable to reproduce this with a simplified test > repository, so any hints as to where to look would be much > appreciated. > > The following is the section of ssl_access_log produced by checking > out myrepo/trunk using client 1.6.18 (OS X): > xx.xx.xx.xx - - [16/Aug/2013:17:36:35 -0700] "OPTIONS > /svn/myrepo/trunk HTTP/1.1" 200 197 [...] > /svn/myrepo/!svn/vcc/default HTTP/1.1" 207 420 > xx.xx.xx.xx - - [16/Aug/2013:17:36:35 -0700] "PROPFIND > /svn/myrepo/!svn/bln/123 HTTP/1.1" 207 479 > > And the following is the section of ssl_access_log produced by > checking out myrepo/trunk using client 1.8.1 (TortoiseSVN on Windows > 7): > xx.xx.xx.xx - - [16/Aug/2013:17:34:05 -0700] "OPTIONS > /svn/myrepo/trunk HTTP/1.1" 200 197 [...] > xx.xx.xx.xx - - [16/Aug/2013:17:34:06 -0700] "PROPFIND > /svn/myrepo/!svn/bc/123 HTTP/1.1" 401 483 > > It appears that the 1.8.1 client requests /svn/myrepo/!svn/bc/123, to > which access is denied (401), whereas client 1.6.18 only ever requests > /svn/myrepo/!svn/bc/123/trunk, to which access is granted. > Most likely it is some problem with inherited properties feature implemented in Subversion 1.8.
@Paul: Do you have any ideas? -- Ivan Zhakov CTO | VisualSVN | http://www.visualsvn.com
