SVN Passwords - allowed Char List

Hello Everyone,  I am Sorry if i am wrong in this forum or even Topic.  But I have searched the internet, the apache and CollabSVN documentation for a simple list of allowed chars so that a user can make und password that works.   But Everything I got are some simple forum threads with the info that one char did not work for someone.   My Question is:  Which chars are allowed for SVN passwords?   Maybe Someone has this answer.    Kind Regards,   Julien Schmitt (slimboyslim) 

Last updated 4 years ago

It's not easy because it's not always Subversion that is doing the AuthN.  If you're enabling access via "svnserve" and not using SASL then you can have a "passwd" file with the password in *cleartext* (ugh). The contents are rather simple and, reading the format of that file, the only characters that would not be allowed would be "newline" (ASCII 10) and "null" (ASCII 0). It's 50%/50% that "carriage return" (ASCII 13) would work or not. Beyond that, all ASCII characters should be possible.  If you're using SASL then the allowed characters will be up to your AuthN Authority (OAuth?, LDAP?, ...).  If you're uisng Apache then it will very much depend on which mod_auth_ you're using. Clearly mod_authnz_ldap will mean it will be up to your LDAP AuthN Authority. If using mod_auth_basic then you could have a file with contents specified by the "htpasswd" command (https://www.rfc-editor.org/rfc/rfc2617.txt).  Of course, it's a bit more complicated even than that since different operating systems use different characters for command-line editing (e.g. for deleting characters or all text typed so far) and those characters would need to be carefully escaped to work in a password - something beyond nearly all users.