(This is my first post to the boost list. I've worked with Marshall Clow on Nitrogen, a C++ wrapper for Carbon.) On Mar 4, 2011, at 7:06 PM, Rene Rivera wrote:
I just turned on write-access commits from the HTTP side. So you should be able to do a checkout with authentication without HTTPS. Of course the password will be sent in the clear. The theory is that removing the HTTPS will work around the bug in HTTPS+WebDav. And of course relieve some CPU stress on the server. I was able to flawlessly do a trunk checkout, and a simple commit.
Is this an appropriate time to bring up the prospect of switching to Git? Aside from the details of whether a particular secure transport layer has bugs or not, the distributed version control model allows a developer to perform integration merging locally, without requiring network access at all, much less relying on a specific server.
PS. Since the password is in the clear..
That protects any passwords you don't use. But what of the Boost SVN service itself?
... Please consider your choice of passwords carefully.
And your Internet service provider even more carefully. I'm sure everyone here understands the issues, but I'm surprised to see authentication in the clear proposed as even a temporary workaround. Is using stunnel on the server an option? Josh