If I am storing the Subversion user names and passwords for repository access in a text file in the conf folder, what is the maximum length of the passwords I can use? That is to say, how long can the secrets in the following file be?
[users]
harry = harryssecret
sally = sallyssecret
If you are using svnserve, it seems to be no limit defined (at least I couldn't find any mention of it). From svn book:
The svnserve server, by default, knows only how to send a CRAM-MD5 authentication challenge. In essence, the server sends a small amount of data to the client. The client uses the MD5 hash algorithm to create a fingerprint of the data and password combined, and then sends the fingerprint as a response. The server performs the same computation with the stored password to verify that the result is identical. At no point does the actual password travel over the network.
IMHO, if MD5 is used then you can use any manageable length for the password.
There's no limit in the config file (aside from memory constraints, of course!).
Whether the client limits the input or not will depend on which client you're using, of course, but I'd hope that all of them would allow fairly long passwords.