subversion: svn MKCOL ssl error
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
subversion (Debian) |
Fix Released
|
Unknown
|
|||
subversion (Ubuntu) |
Fix Released
|
High
|
Adam Conrad |
Bug Description
Automatically imported from Debian bug report #336373 http://
Debian Bug Importer (debzilla) wrote : | #1 |
Debian Bug Importer (debzilla) wrote : | #2 |
Message-Id: <email address hidden>
Date: Sat, 29 Oct 2005 22:22:04 +0200
From: Thomas Petazzoni <email address hidden>
To: Debian Bug Tracking System <email address hidden>
Subject: subversion: svn MKCOL ssl error
Package: subversion
Version: 1.2.3dfsg1-2
Severity: grave
Justification: renders package unusable
Hi,
While trying to import files inside a Subversion repository accessed
through https, I get the following error, fully reproducible (everytime
on the same directory):
svn: MKCOL of
'/svn/thomas/
Could not read status line: SSL error: decryption failed or bad record
mac (https:/
Maybe it's a problem around libneon24 (linked against openssl0.9.7) and
the fact that subversion is linked against openssl 0.9.8.
Sincerly,
Thomas
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-rc4
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=
Versions of packages subversion depends on:
ii db4.2-util 4.2.52-20 Berkeley v4.2 Database Utilities
ii libapr0 2.0.55-3 the Apache Portable Runtime
ii libc6 2.3.5-7 GNU C Library: Shared libraries an
ii libdb4.2 4.2.52-20 Berkeley v4.2 Database Libraries [
ii libexpat1 1.95.8-3 XML parsing C library - runtime li
ii libldap2 2.1.30-12 OpenLDAP libraries
ii libneon24 0.24.7.dfsg-2 An HTTP and WebDAV client library
ii libssl0.9.8 0.9.8a-2 SSL shared libraries
ii libsvn0 1.2.3dfsg1-2 shared libraries used by Subversio
ii libxml2 2.6.22-1 GNOME XML library
ii patch 2.5.9-2 Apply a diff file to an original
ii zlib1g 1:1.2.3-6 compression library - runtime
subversion recommends no packages.
-- no debconf information
In Debian Bug tracker #336373, Peter Samuelson (peter-p12n) wrote : Re: Bug#336373: subversion: svn MKCOL ssl error | #3 |
First, apologies for the delayed response - I didn't get the BTS mail
until the other day, possibly because of the known mail backlog
affecting certain Debian services.
> svn: MKCOL of
> '/svn/thomas/
> Could not read status line: SSL error: decryption failed or bad record
> mac (https:/
I don't have an https server handy, so I can't test this right away -
I'll try and get to it in the next couple of days. But grepping the
subversion source, I don't see that error string anywhere, which makes
me think it is indeed something internal to libneon.
I'll check the libneon source as soon as I get a bit of time, and
reassign this bug if necessary.
> Maybe it's a problem around libneon24 (linked against openssl0.9.7)
> and the fact that subversion is linked against openssl 0.9.8.
Yes, quite possibly. I wonder if bazaar exhibits a similar bug, since
it's in the same situation. No such bug has been reported ... but
maybe nobody uses baz with https. (:
Thanks for the report,
Peter
In Debian Bug tracker #336373, Peter Samuelson (peter-p12n) wrote : | #4 |
[Thomas Petazzoni]
> Maybe it's a problem around libneon24 (linked against openssl0.9.7)
> and the fact that subversion is linked against openssl 0.9.8.
Since you have a ready test case for this, can you try the neon package
at http://
mentioned in Bug #335574?
Thanks,
Peter
Debian Bug Importer (debzilla) wrote : | #5 |
Message-ID: <email address hidden>
Date: Sun, 6 Nov 2005 13:26:48 -0600
From: Peter Samuelson <email address hidden>
To: Thomas Petazzoni <email address hidden>, <email address hidden>
Subject: Re: Bug#336373: subversion: svn MKCOL ssl error
--fzb4MfPSWK/5QThu
Content-Type: text/plain; charset=us-ascii
Content-
First, apologies for the delayed response - I didn't get the BTS mail
until the other day, possibly because of the known mail backlog
affecting certain Debian services.
> svn: MKCOL of
> '/svn/thomas/
> Could not read status line: SSL error: decryption failed or bad record
> mac (https:/
I don't have an https server handy, so I can't test this right away -
I'll try and get to it in the next couple of days. But grepping the
subversion source, I don't see that error string anywhere, which makes
me think it is indeed something internal to libneon.
I'll check the libneon source as soon as I get a bit of time, and
reassign this bug if necessary.
> Maybe it's a problem around libneon24 (linked against openssl0.9.7)
> and the fact that subversion is linked against openssl 0.9.8.
Yes, quite possibly. I wonder if bazaar exhibits a similar bug, since
it's in the same situation. No such bug has been reported ... but
maybe nobody uses baz with https. (:
Thanks for the report,
Peter
--fzb4MfPSWK/5QThu
Content-Type: application/
Content-
Content-
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDblj4Xk7
6bUg/T5lC1xHiaZ
=gSU1
-----END PGP SIGNATURE-----
--fzb4MfPSWK/
Debian Bug Importer (debzilla) wrote : | #6 |
Message-ID: <email address hidden>
Date: Sun, 6 Nov 2005 13:47:01 -0600
From: Peter Samuelson <email address hidden>
To: Thomas Petazzoni <email address hidden>, <email address hidden>
Subject: Re: Bug#336373: subversion: svn MKCOL ssl error
--KQ2iXOoQ638mtNze
Content-Type: text/plain; charset=us-ascii
Content-
[Thomas Petazzoni]
> Maybe it's a problem around libneon24 (linked against openssl0.9.7)
> and the fact that subversion is linked against openssl 0.9.8.
Since you have a ready test case for this, can you try the neon package
at http://
mentioned in Bug #335574?
Thanks,
Peter
--KQ2iXOoQ638mtNze
Content-Type: application/
Content-
Content-
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDbl21Xk7
+iQmFVTxO+
=CfR2
-----END PGP SIGNATURE-----
--KQ2iXOoQ638mt
In Debian Bug tracker #336373, Thomas Petazzoni (thomas-petazzoni) wrote : | #7 |
Hi,
On Sun, 6 Nov 2005 13:47:01 -0600
Peter Samuelson <email address hidden> wrote:
> Since you have a ready test case for this, can you try the neon
> package at
> http://
> mentioned in Bug #335574?
With a Debian sid updated yesterday and your package, it still doesn't
work:
svn: PUT of
'/svn/thomas/
SSL negotiation failed: SSL error: decryption failed or bad record mac
(https:/
Sincerly,
Thomas
--
PETAZZONI Thomas - <email address hidden>
http://{thomas,
http://{agenda,
Fingerprint : 0BE1 4CF3 CEA4 AC9D CC6E 1624 F653 CB30 98D3 F7A7
Debian Bug Importer (debzilla) wrote : | #8 |
Message-ID: <email address hidden>
Date: Tue, 8 Nov 2005 20:53:50 +0100
From: Thomas Petazzoni <email address hidden>
To: Peter Samuelson <email address hidden>
Cc: <email address hidden>
Subject: Re: Bug#336373: subversion: svn MKCOL ssl error
--Sig_5CaInUxWC
Content-Type: text/plain; charset=US-ASCII
Content-
Hi,
On Sun, 6 Nov 2005 13:47:01 -0600
Peter Samuelson <email address hidden> wrote:
> Since you have a ready test case for this, can you try the neon
> package at
> http://
> mentioned in Bug #335574?
With a Debian sid updated yesterday and your package, it still doesn't
work:
svn: PUT of
'/svn/thomas/
/test/setjmp/
SSL negotiation failed: SSL error: decryption failed or bad record mac
(https:/
Sincerly,
Thomas
--=20
PETAZZONI Thomas - <email address hidden>=20
http://{thomas,
http://{agenda,
Fingerprint : 0BE1 4CF3 CEA4 AC9D CC6E 1624 F653 CB30 98D3 F7A7
--Sig_5CaInUxWC
Content-Type: application/
Content-
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDcQJT9lP
I8huYwCgzgneawh
=0oAB
-----END PGP SIGNATURE-----
--Sig_5CaInUxWC
In Debian Bug tracker #336373, Peter Samuelson (peter-p12n) wrote : | #9 |
[Thomas Petazzoni]
> > Since you have a ready test case for this, can you try the neon
> > package at
> > http://
> > mentioned in Bug #335574?
>
> With a Debian sid updated yesterday and your package, it still doesn't
> work:
Oh, doh! /usr/bin/svn will not use libneon25, so that accomplished
nothing.
I'll build a new set of packages that use libneon25 instead, and place
them in http://
should be there within about 2 hours. Can you test this again with
those packages?
Thanks,
Peter
Debian Bug Importer (debzilla) wrote : | #10 |
Message-ID: <email address hidden>
Date: Tue, 8 Nov 2005 15:13:02 -0600
From: Peter Samuelson <email address hidden>
To: Thomas Petazzoni <email address hidden>
Cc: <email address hidden>
Subject: Re: Bug#336373: subversion: svn MKCOL ssl error
--jYUWvSWTDpDT74zJ
Content-Type: text/plain; charset=us-ascii
Content-
Content-
[Thomas Petazzoni]
> > Since you have a ready test case for this, can you try the neon
> > package at
> > http://
> > mentioned in Bug #335574?
>=20
> With a Debian sid updated yesterday and your package, it still doesn't
> work:
Oh, doh! /usr/bin/svn will not use libneon25, so that accomplished
nothing.
I'll build a new set of packages that use libneon25 instead, and place
them in http://
should be there within about 2 hours. Can you test this again with
those packages?
Thanks,
Peter
--jYUWvSWTDpDT74zJ
Content-Type: application/
Content-
Content-
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDcRTeXk7
AbA6r+tdiYjZBLw
=GPR1
-----END PGP SIGNATURE-----
--jYUWvSWTDpDT7
In Debian Bug tracker #336373, Peter Samuelson (peter-p12n) wrote : | #11 |
[Peter Samuelson]
> Oh, doh! /usr/bin/svn will not use libneon25, so that accomplished
> nothing.
>
> I'll build a new set of packages that use libneon25 instead
Well, now I see why Debian ships both neon24 and neon25. subversion
won't yet compile against neon25, and I don't have the time or
inclination right now to hack it so it does.
Laszlo, could you provide a libneon24{,-dev} compiled against ssl0.9.8,
please?
Thanks,
Peter
Debian Bug Importer (debzilla) wrote : | #12 |
Message-ID: <email address hidden>
Date: Tue, 8 Nov 2005 17:44:11 -0600
From: Peter Samuelson <email address hidden>
To: Thomas Petazzoni <email address hidden>
Cc: <email address hidden>, <email address hidden>
Subject: Re: Bug#336373: subversion: svn MKCOL ssl error
--b/1LfoxmgmdMg2Yp
Content-Type: text/plain; charset=us-ascii
Content-
Content-
[Peter Samuelson]
> Oh, doh! /usr/bin/svn will not use libneon25, so that accomplished
> nothing.
>=20
> I'll build a new set of packages that use libneon25 instead
Well, now I see why Debian ships both neon24 and neon25. subversion
won't yet compile against neon25, and I don't have the time or
inclination right now to hack it so it does.
Laszlo, could you provide a libneon24{,-dev} compiled against ssl0.9.8,
please?
Thanks,
Peter
--b/1LfoxmgmdMg2Yp
Content-Type: application/
Content-
Content-
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDcThLXk7
Po/Tbdd7Y3/
=qCK4
-----END PGP SIGNATURE-----
--b/1LfoxmgmdMg
In Debian Bug tracker #336373, Peter Samuelson (peter-p12n) wrote : | #13 |
[Peter Samuelson]
> Oh, doh! /usr/bin/svn will not use libneon25, so that accomplished
> nothing.
I came up with several ways around this - the latest is to use
libneon24 but *not* link libssl0.9.8. There was never any reason for
us to link to openssl at all; this was a packaging bug.
Can you please retest with my packages at
http://
Thanks!
Peter
Debian Bug Importer (debzilla) wrote : | #14 |
Message-ID: <email address hidden>
Date: Wed, 9 Nov 2005 06:00:01 -0600
From: Peter Samuelson <email address hidden>
To: Thomas Petazzoni <email address hidden>
Cc: <email address hidden>
Subject: Re: Bug#336373: subversion: svn MKCOL ssl error
--PFhoI1KhOsYPpkJR
Content-Type: text/plain; charset=us-ascii
Content-
[Peter Samuelson]
> Oh, doh! /usr/bin/svn will not use libneon25, so that accomplished
> nothing.
I came up with several ways around this - the latest is to use
libneon24 but *not* link libssl0.9.8. There was never any reason for
us to link to openssl at all; this was a packaging bug.
Can you please retest with my packages at
http://
Thanks!
Peter
--PFhoI1KhOsYPpkJR
Content-Type: application/
Content-
Content-
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDceTBXk7
appgRbJc15lMz6h
=hp+R
-----END PGP SIGNATURE-----
--PFhoI1KhOsYPp
In Debian Bug tracker #336373, Sven-Haegar Koch (haegar-sdinet) wrote : | #15 |
Peter Samuelson wrote:
> I came up with several ways around this - the latest is to use
> libneon24 but *not* link libssl0.9.8. There was never any reason for
> us to link to openssl at all; this was a packaging bug.
>
> Can you please retest with my packages at
> http://
Having had the same problem, your test-packages recompiled locally (just
decreased the version number, I want the official one to upgrade the test
one when its released) fixes it for me.
Thanks a lot.
c'ya
sven
--
The Internet treats censorship as a routing problem, and routes around it.
(John Gilmore on http://
Debian Bug Importer (debzilla) wrote : | #16 |
Message-ID: <email address hidden>
Date: Wed, 9 Nov 2005 15:21:35 +0100 (CET)
From: Sven-Haegar Koch <email address hidden>
To: Peter Samuelson <email address hidden>
cc: <email address hidden>
Subject: Re: Bug#336373: subversion: svn MKCOL ssl error
Peter Samuelson wrote:
> I came up with several ways around this - the latest is to use
> libneon24 but *not* link libssl0.9.8. There was never any reason for
> us to link to openssl at all; this was a packaging bug.
>
> Can you please retest with my packages at
> http://
Having had the same problem, your test-packages recompiled locally (just
decreased the version number, I want the official one to upgrade the test
one when its released) fixes it for me.
Thanks a lot.
c'ya
sven
--
The Internet treats censorship as a routing problem, and routes around it.
(John Gilmore on http://
In Debian Bug tracker #336373, Peters-guest (peters-guest) wrote : subversion Debian ci: r422 - trunk/debian | #17 |
tags 336373 pending
thanks
Author: peters-guest
Date: 2005-11-09 18:02:27 +0000 (Wed, 09 Nov 2005)
New Revision: 422
Modified:
trunk/
trunk/
Log:
Someone confirmed that #336373 is now fixed.
Also, prune some {build-,}depends now that we're no longer linking to
the whole world.
Modified: trunk/debian/
=======
--- trunk/debian/
+++ trunk/debian/
@@ -13,9 +13,11 @@
* debian/control: build-depends on libapr0-dev (>= 2.0.55-3).
Earlier versions of libapr0 will try to make us link to libdb4.2.
* subversion.NEWS, README.db4.3: document db4.2 -> db4.3 upgrade.
- * patches/
- of bogus libraries. (Might fix #336373 (confirmation needed), by
- virtue of not linking to libssl0.9.8.)
+ * patches/
+ unneeded libraries. (Closes: #336373, which was caused by linking to
+ libssl0.9.8.)
+ - debian/control: Remove several depends and build-depends we are no
+ longer using because of this
[ Adam Conrad ]
* Switch to using DB4.3 instead of DB4.2, as libapr0 has (closes: #335455)
Modified: trunk/debian/
=======
--- trunk/debian/
+++ trunk/debian/
@@ -3,7 +3,7 @@
Priority: optional
Maintainer: Guilherme de S. Pastore <email address hidden>
Uploaders: Al Stone <email address hidden>, David Kimdon <email address hidden>, Troy Heber <email address hidden>, Peter Samuelson <email address hidden>
-Build-Depends: debhelper, libneon24-dev, apache2-
+Build-Depends: debhelper, libneon24-dev, apache2-
Build-Conflicts: libsvn0 (<< 1.2)
Standards-Version: 3.6.2.1
@@ -47,7 +47,7 @@
Section: libdevel
Priority: extra
Architecture: any
-Depends: libsvn0 (= ${Source-Version}), libapr0-dev, libdb4.3-dev, libexpat1-dev, libneon24-dev, libxml2-dev, zlib1g-dev
+Depends: libsvn0 (= ${Source-Version}), libapr0-dev, libdb4.3-dev, libneon24-dev
Description: development files for Subversion (aka. svn) libraries
Subversion is a version control system much like the Concurrent
Versions System (CVS). Version control systems allow many
Debian Bug Importer (debzilla) wrote : | #18 |
Message-Id: <email address hidden>
Date: Wed, 09 Nov 2005 18:02:28 +0000
From: <email address hidden>
To: <email address hidden>
Cc: <email address hidden>
Subject: subversion Debian ci: r422 - trunk/debian
tags 336373 pending
thanks
Author: peters-guest
Date: 2005-11-09 18:02:27 +0000 (Wed, 09 Nov 2005)
New Revision: 422
Modified:
trunk/
trunk/
Log:
Someone confirmed that #336373 is now fixed.
Also, prune some {build-,}depends now that we're no longer linking to
the whole world.
Modified: trunk/debian/
=======
--- trunk/debian/
+++ trunk/debian/
@@ -13,9 +13,11 @@
* debian/control: build-depends on libapr0-dev (>= 2.0.55-3).
Earlier versions of libapr0 will try to make us link to libdb4.2.
* subversion.NEWS, README.db4.3: document db4.2 -> db4.3 upgrade.
- * patches/
- of bogus libraries. (Might fix #336373 (confirmation needed), by
- virtue of not linking to libssl0.9.8.)
+ * patches/
+ unneeded libraries. (Closes: #336373, which was caused by linking to
+ libssl0.9.8.)
+ - debian/control: Remove several depends and build-depends we are no
+ longer using because of this
[ Adam Conrad ]
* Switch to using DB4.3 instead of DB4.2, as libapr0 has (closes: #335455)
Modified: trunk/debian/
=======
--- trunk/debian/
+++ trunk/debian/
@@ -3,7 +3,7 @@
Priority: optional
Maintainer: Guilherme de S. Pastore <email address hidden>
Uploaders: Al Stone <email address hidden>, David Kimdon <email address hidden>, Troy Heber <email address hidden>, Peter Samuelson <email address hidden>
-Build-Depends: debhelper, libneon24-dev, apache2-
+Build-Depends: debhelper, libneon24-dev, apache2-
Build-Conflicts: libsvn0 (<< 1.2)
Standards-Version: 3.6.2.1
@@ -47,7 +47,7 @@
Section: libdevel
Priority: extra
Architecture: any
-Depends: libsvn0 (= ${Source-Version}), libapr0-dev, libdb4.3-dev, libexpat1-dev, libneon24-dev, libxml2-dev, zlib1g-dev
+Depends: libsvn0 (= ${Source-Version}), libapr0-dev, libdb4.3-dev, libneon24-dev
Description: development files for Subversion (aka. svn) libraries
Subversion is a version control system much like the Concurrent
Versions System (CVS). Version ...
In Debian Bug tracker #336373, Peter Samuelson (peter-p12n) wrote : Re: Bug#336373: subversion: svn MKCOL ssl error | #19 |
[Sven-Haegar Koch]
> Having had the same problem, your test-packages recompiled locally
> (just decreased the version number, I want the official one to
> upgrade the test one when its released) fixes it for me.
Great! We'll close the bug on the next upload, then, unless Thomas
reports that this actually isn't fixed.
> Thanks a lot.
Thank you for the testing!
Peter
Debian Bug Importer (debzilla) wrote : | #20 |
Message-ID: <email address hidden>
Date: Wed, 9 Nov 2005 16:52:26 -0600
From: Peter Samuelson <email address hidden>
To: Sven-Haegar Koch <email address hidden>,
Thomas Petazzoni <email address hidden>
Cc: <email address hidden>
Subject: Re: Bug#336373: subversion: svn MKCOL ssl error
--4cokgWgqjr3t8EL1
Content-Type: text/plain; charset=us-ascii
Content-
[Sven-Haegar Koch]
> Having had the same problem, your test-packages recompiled locally
> (just decreased the version number, I want the official one to
> upgrade the test one when its released) fixes it for me.
Great! We'll close the bug on the next upload, then, unless Thomas
reports that this actually isn't fixed.
> Thanks a lot.
Thank you for the testing!
Peter
--4cokgWgqjr3t8EL1
Content-Type: application/
Content-
Content-
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDcn2qXk7
mzaMWTU3wCuk6j7
=nAhn
-----END PGP SIGNATURE-----
--4cokgWgqjr3t8
In Debian Bug tracker #336373, Thomas Petazzoni (thomas-petazzoni) wrote : | #21 |
Hi,
On Wed, 9 Nov 2005 06:00:01 -0600
Peter Samuelson <email address hidden> wrote:
> Can you please retest with my packages at
> http://
I've tested them, and I've been able to import the whole uClibc source
code through https:// without any problem (while it was previously
failing after a couple of files). So I think it's fixed.
BTW, your Packages.gz doesn't match the packages themselves: it
contains wrong sizes.
Thanks for the bug fix !
Sincerly,
Thomas
--
PETAZZONI Thomas - <email address hidden>
http://{thomas,
http://{agenda,
Fingerprint : 0BE1 4CF3 CEA4 AC9D CC6E 1624 F653 CB30 98D3 F7A7
Debian Bug Importer (debzilla) wrote : | #22 |
Message-ID: <email address hidden>
Date: Thu, 10 Nov 2005 00:57:38 +0100
From: Thomas Petazzoni <email address hidden>
To: Peter Samuelson <email address hidden>
Cc: <email address hidden>
Subject: Re: Bug#336373: subversion: svn MKCOL ssl error
--Signature_
Content-Type: text/plain; charset=US-ASCII
Content-
Hi,
On Wed, 9 Nov 2005 06:00:01 -0600
Peter Samuelson <email address hidden> wrote:
> Can you please retest with my packages at
> http://
I've tested them, and I've been able to import the whole uClibc source
code through https:// without any problem (while it was previously
failing after a couple of files). So I think it's fixed.
BTW, your Packages.gz doesn't match the packages themselves: it
contains wrong sizes.
Thanks for the bug fix !
Sincerly,
Thomas
--=20
PETAZZONI Thomas - <email address hidden>=20
http://{thomas,
http://{agenda,
Fingerprint : 0BE1 4CF3 CEA4 AC9D CC6E 1624 F653 CB30 98D3 F7A7
--Signature_
Content-Type: application/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDcoz49lP
AKFIeQAbGefu/
=J/5K
-----END PGP SIGNATURE-----
--Signature_
In Debian Bug tracker #336373, Peter Samuelson (peter-p12n) wrote : Bug#336373: fixed in subversion 1.2.3dfsg1-3 | #23 |
Source: subversion
Source-Version: 1.2.3dfsg1-3
We believe that the bug you reported is fixed in the latest version of
subversion, which is due to be installed in the Debian FTP archive:
libapache2-
to pool/main/
libsvn-
to pool/main/
libsvn-
to pool/main/
libsvn0-
to pool/main/
libsvn0_
to pool/main/
python2.
to pool/main/
subversion-
to pool/main/
subversion_
to pool/main/
subversion_
to pool/main/
subversion_
to pool/main/
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to <email address hidden>,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Peter Samuelson <email address hidden> (supplier of updated subversion package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing <email address hidden>)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 2 Dec 2005 16:22:44 -0600
Source: subversion
Binary: libsvn-core-perl libapache2-svn libsvn0 libsvn-javahl python2.
Architecture: source i386 all
Version: 1.2.3dfsg1-3
Distribution: unstable
Urgency: low
Maintainer: Guilherme de S. Pastore <email address hidden>
Changed-By: Peter Samuelson <email address hidden>
Description:
libapache2-svn - apache modules for Subversion (aka. svn)
libsvn-core-perl - perl bindings for Subversion (aka. svn)
libsvn-javahl - java bindings for Subversion (aka. svn)
libsvn0 - shared libraries used by Subversion (aka. svn)
libsvn0-dev - development files for Subversion (aka. svn) libraries
python2.
subversion - advanced version control system (aka. svn)
subversion-tools - assorted tools related to Subversion (aka. svn)
Closes: 285708 298822 310777 316097 335438 335455 336373 336781
Changes:
subversion (1.2.3dfsg1-3) unstable; urgency=low
.
[ Peter Samuelson ]
* rules: Remove the unwritten requirement that /usr/bin/python be
specifically version 2.3:
- derive python version from debian/control, not from dpkg -l
- pass PYTHON=python2.3 explicitly into configure
* rules: clean rule: Seek and destroy _all_ *.pyc files. There were
a few we didn't catch before...
Debian Bug Importer (debzilla) wrote : | #24 |
Message-Id: <email address hidden>
Date: Sat, 03 Dec 2005 22:02:09 -0800
From: Peter Samuelson <email address hidden>
To: <email address hidden>
Subject: Bug#336373: fixed in subversion 1.2.3dfsg1-3
Source: subversion
Source-Version: 1.2.3dfsg1-3
We believe that the bug you reported is fixed in the latest version of
subversion, which is due to be installed in the Debian FTP archive:
libapache2-
to pool/main/
libsvn-
to pool/main/
libsvn-
to pool/main/
libsvn0-
to pool/main/
libsvn0_
to pool/main/
python2.
to pool/main/
subversion-
to pool/main/
subversion_
to pool/main/
subversion_
to pool/main/
subversion_
to pool/main/
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to <email address hidden>,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Peter Samuelson <email address hidden> (supplier of updated subversion package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing <email address hidden>)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 2 Dec 2005 16:22:44 -0600
Source: subversion
Binary: libsvn-core-perl libapache2-svn libsvn0 libsvn-javahl python2.
Architecture: source i386 all
Version: 1.2.3dfsg1-3
Distribution: unstable
Urgency: low
Maintainer: Guilherme de S. Pastore <email address hidden>
Changed-By: Peter Samuelson <email address hidden>
Description:
libapache2-svn - apache modules for Subversion (aka. svn)
libsvn-core-perl - perl bindings for Subversion (aka. svn)
libsvn-javahl - java bindings for Subversion (aka. svn)
libsvn0 - shared libraries used by Subversion (aka. svn)
libsvn0-dev - development files for Subversion (aka. svn) libraries
python2.
subversion - advanced version control system (aka. svn)
subversion-tools - assorted tools related to Subversion (aka. svn)
Closes: 285708 298822 310777 316097 335438 335455 336373 336781
Changes:
subversion (1.2.3dfsg1-3) unstable; urgency=low
.
[ Peter Samuelson ]
* rules: Remove the unwritten requirement that /usr/bin/python be
specifically version 2.3:
- derive...
In Debian Bug tracker #336373, Daniel Pittman (daniel-rimspace) wrote : subversion: svn MKCOL ssl error | #25 |
Package: subversion
Version: 1.2.3dfsg1-3
Severity: grave
G'day.
I have run into a problem where I can't commit a change to my subversion
repository via HTTP/SSL.
The problem seems identical to the one described in this bug report, but
my issues continue despite running the version that claims to have fixed
the problem.
The server is running an up-to-date version of unstable as well, and I
have verified that the same version of subversion and all appropriate
modules are installed and running on both sides.
The error I see is:
svn: Commit failed (details follow):
svn: MKCOL of '/svn/general/
There are, annoyingly enough, no errors at all in the Apache logs on the
server side, which makes tracking this down much more annoying.
The commit in question is fairly large, as it adds 8.2MB of files,
representing 662 individual files.
Other commits seem to work just fine, but they are much smaller.
I have run into this once before -- but it was a much smaller commit, a
long time ago, and not at all reproducible. At the time I couldn't
identify any particular cause...
I wonder if perhaps this is some sort of SSL renegotiation bug that
triggers when submitting a sufficiently large commit or something?
Daniel
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (990, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-2-686
Locale: LANG=en_AU.UTF-8, LC_CTYPE=
Versions of packages subversion depends on:
ii db4.3-util 4.3.29-3 Berkeley v4.3 Database Utilities
ii libapr0 2.0.55-3 the Apache Portable Runtime
ii libc6 2.3.5-9 GNU C Library: Shared libraries an
ii libneon24 0.24.7.dfsg-3 An HTTP and WebDAV client library
ii libsvn0 1.2.3dfsg1-3 shared libraries used by Subversio
ii patch 2.5.9-2 Apply a diff file to an original
subversion recommends no packages.
-- no debconf information
Debian Bug Importer (debzilla) wrote : | #26 |
Message-ID: <email address hidden>
Date: Mon, 02 Jan 2006 20:28:30 +1100
From: Daniel Pittman <email address hidden>
To: <email address hidden>
Subject: subversion: svn MKCOL ssl error
Package: subversion
Version: 1.2.3dfsg1-3
Severity: grave
G'day.
I have run into a problem where I can't commit a change to my subversion
repository via HTTP/SSL.
The problem seems identical to the one described in this bug report, but
my issues continue despite running the version that claims to have fixed
the problem.
The server is running an up-to-date version of unstable as well, and I
have verified that the same version of subversion and all appropriate
modules are installed and running on both sides.
The error I see is:
svn: Commit failed (details follow):
svn: MKCOL of '/svn/general/
There are, annoyingly enough, no errors at all in the Apache logs on the
server side, which makes tracking this down much more annoying.
The commit in question is fairly large, as it adds 8.2MB of files,
representing 662 individual files.
Other commits seem to work just fine, but they are much smaller.
I have run into this once before -- but it was a much smaller commit, a
long time ago, and not at all reproducible. At the time I couldn't
identify any particular cause...
I wonder if perhaps this is some sort of SSL renegotiation bug that
triggers when submitting a sufficiently large commit or something?
Daniel
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (990, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-2-686
Locale: LANG=en_AU.UTF-8, LC_CTYPE=
Versions of packages subversion depends on:
ii db4.3-util 4.3.29-3 Berkeley v4.3 Database Utilities
ii libapr0 2.0.55-3 the Apache Portable Runtime
ii libc6 2.3.5-9 GNU C Library: Shared libraries an
ii libneon24 0.24.7.dfsg-3 An HTTP and WebDAV client library
ii libsvn0 1.2.3dfsg1-3 shared libraries used by Subversio
ii patch 2.5.9-2 Apply a diff file to an original
subversion recommends no packages.
-- no debconf information
In Debian Bug tracker #336373, Jim Paris (jim-jtan) wrote : Same issue | #27 |
I've just found the same problem on my server. I haven't tried a big
commit, but I hit it when doing a svn diff of two large trees:
$ svn diff https:/
svn: PROPFIND request failed on '/svn/jim/
svn: PROPFIND of '/svn/jim/
All subversion packages are 1.2.3dfsg1-3, libneon is 0.24.7.dfsg-3.
No client certs are being used. Large https transfers from this host
work fine, so it's not a network or general Apache issue.
-jim
Debian Bug Importer (debzilla) wrote : | #28 |
Message-ID: <email address hidden>
Date: Tue, 3 Jan 2006 13:24:55 -0500
From: Jim Paris <email address hidden>
To: <email address hidden>
Subject: Same issue
I've just found the same problem on my server. I haven't tried a big
commit, but I hit it when doing a svn diff of two large trees:
$ svn diff https:/
svn: PROPFIND request failed on '/svn/jim/
svn: PROPFIND of '/svn/jim/
All subversion packages are 1.2.3dfsg1-3, libneon is 0.24.7.dfsg-3.
No client certs are being used. Large https transfers from this host
work fine, so it's not a network or general Apache issue.
-jim
In Debian Bug tracker #336373, Jim Paris (jim-jtan) wrote : bug | #29 |
I suppose this is just bug #338006 ...
-jim
Debian Bug Importer (debzilla) wrote : | #30 |
Message-ID: <email address hidden>
Date: Fri, 6 Jan 2006 19:46:11 -0500
From: Jim Paris <email address hidden>
To: <email address hidden>
Subject: bug
I suppose this is just bug #338006 ...
-jim
In Debian Bug tracker #336373, Jim Paris (jim-jtan) wrote : workaround | #31 |
Sorry for all the spam..
This is definitely the openssl bug. It appears that the fix in
subversion 1.2.3dfsg1-3 only postponed the problem until libneon24
upgraded to openssl 0.9.8.
I found that a workaround is to limit the ciphers on the Apache end.
Removing all SSLv3 ciphers except RC4 seems to do the trick. For
example, my apache2 configuration now has:
SSLCipherSuite SSLv2:-
and subversion works again. This is a drastic measure, of course, but
I need my subversion repository to work.
I didn't reopen this bug because it's really a problem with openssl,
but maybe it's worth keeping this around so other people can find it.
-jim
Debian Bug Importer (debzilla) wrote : | #32 |
Message-ID: <email address hidden>
Date: Fri, 6 Jan 2006 21:12:02 -0500
From: Jim Paris <email address hidden>
To: <email address hidden>
Subject: workaround
Sorry for all the spam..
This is definitely the openssl bug. It appears that the fix in
subversion 1.2.3dfsg1-3 only postponed the problem until libneon24
upgraded to openssl 0.9.8.
I found that a workaround is to limit the ciphers on the Apache end.
Removing all SSLv3 ciphers except RC4 seems to do the trick. For
example, my apache2 configuration now has:
SSLCipherSuite SSLv2:-
and subversion works again. This is a drastic measure, of course, but
I need my subversion repository to work.
I didn't reopen this bug because it's really a problem with openssl,
but maybe it's worth keeping this around so other people can find it.
-jim
In Debian Bug tracker #336373, Peter Samuelson (peter-p12n) wrote : Re: Bug#336373: workaround | #33 |
[Jim Paris]
> This is definitely the openssl bug. It appears that the fix in
> subversion 1.2.3dfsg1-3 only postponed the problem until libneon24
> upgraded to openssl 0.9.8.
That seems unlikely since libneon24 in unstable uses openssl 0.9.8.
...Errrr, wait, are you saying openssl 0.9.7 has the bug, or 0.9.8?
I will ask people to retest with subversion 1.3.0-1, which uses
libneon25 and (opensel 0.9.8), as soon as our 1.3.0-1 gets through NEW
processing and into experimental.
> I found that a workaround is to limit the ciphers on the Apache end.
> Removing all SSLv3 ciphers except RC4 seems to do the trick. For
> example, my apache2 configuration now has:
>
> SSLCipherSuite SSLv2:-
Thanks for the workaround!
Peter
In Debian Bug tracker #336373, Jim Paris (jim-jtan) wrote : | #34 |
> > This is definitely the openssl bug. It appears that the fix in
> > subversion 1.2.3dfsg1-3 only postponed the problem until libneon24
> > upgraded to openssl 0.9.8.
>
> That seems unlikely since libneon24 in unstable uses openssl 0.9.8.
> ...Errrr, wait, are you saying openssl 0.9.7 has the bug, or 0.9.8?
I'm not quite sure what you mean. I'm using 0.9.8 all around. As far
as I can tell, the bug was introduced in openssl 0.9.8, and only shows
up when both client and server are 0.9.8.
-jim
In Debian Bug tracker #336373, Peter Samuelson (peter-p12n) wrote : | #35 |
[Peter Samuelson]
> That seems unlikely since libneon24 in unstable uses openssl 0.9.8.
> ...Errrr, wait, are you saying openssl 0.9.7 has the bug, or 0.9.8?
Never mind. Having read #338006, all is clear now. Thanks again for
the information.
Peter
Debian Bug Importer (debzilla) wrote : | #36 |
Message-ID: <email address hidden>
Date: Fri, 6 Jan 2006 22:10:38 -0600
From: Peter Samuelson <email address hidden>
To: Jim Paris <email address hidden>, <email address hidden>
Subject: Re: Bug#336373: workaround
--apbmkPN6Hu/1dI3g
Content-Type: text/plain; charset=us-ascii
Content-
Content-
[Jim Paris]
> This is definitely the openssl bug. It appears that the fix in
> subversion 1.2.3dfsg1-3 only postponed the problem until libneon24
> upgraded to openssl 0.9.8.
That seems unlikely since libneon24 in unstable uses openssl 0.9.8.
=2E..Errrr, wait, are you saying openssl 0.9.7 has the bug, or 0.9.8?
I will ask people to retest with subversion 1.3.0-1, which uses
libneon25 and (opensel 0.9.8), as soon as our 1.3.0-1 gets through NEW
processing and into experimental.
> I found that a workaround is to limit the ciphers on the Apache end.
> Removing all SSLv3 ciphers except RC4 seems to do the trick. For
> example, my apache2 configuration now has:
>=20
> SSLCipherSuite SSLv2:-
Thanks for the workaround!
Peter
--apbmkPN6Hu/1dI3g
Content-Type: application/
Content-
Content-
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDvz8+
3S++dByG8ou1HLL
=4i49
-----END PGP SIGNATURE-----
--apbmkPN6Hu/
Debian Bug Importer (debzilla) wrote : | #37 |
Message-ID: <email address hidden>
Date: Fri, 6 Jan 2006 23:19:08 -0500
From: Jim Paris <email address hidden>
To: Peter Samuelson <email address hidden>
Cc: <email address hidden>
Subject: Re: Bug#336373: workaround
> > This is definitely the openssl bug. It appears that the fix in
> > subversion 1.2.3dfsg1-3 only postponed the problem until libneon24
> > upgraded to openssl 0.9.8.
>
> That seems unlikely since libneon24 in unstable uses openssl 0.9.8.
> ...Errrr, wait, are you saying openssl 0.9.7 has the bug, or 0.9.8?
I'm not quite sure what you mean. I'm using 0.9.8 all around. As far
as I can tell, the bug was introduced in openssl 0.9.8, and only shows
up when both client and server are 0.9.8.
-jim
Debian Bug Importer (debzilla) wrote : | #38 |
Message-ID: <email address hidden>
Date: Fri, 6 Jan 2006 22:22:49 -0600
From: Peter Samuelson <email address hidden>
To: Jim Paris <email address hidden>, <email address hidden>
Subject: Re: Bug#336373: workaround
--KjSGHOmKKB2VUiQn
Content-Type: text/plain; charset=us-ascii
Content-
[Peter Samuelson]
> That seems unlikely since libneon24 in unstable uses openssl 0.9.8.
> ...Errrr, wait, are you saying openssl 0.9.7 has the bug, or 0.9.8?
Never mind. Having read #338006, all is clear now. Thanks again for
the information.
Peter
--KjSGHOmKKB2VUiQn
Content-Type: application/
Content-
Content-
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDv0IYXk7
Pk71J84/
=rQSu
-----END PGP SIGNATURE-----
--KjSGHOmKKB2VU
Changed in subversion: | |
assignee: | nobody → adconrad |
Adam Conrad (adconrad) wrote : | #39 |
This was a libssl bug which has since been fixed, and the fixed version is in dapper.
Changed in subversion: | |
status: | Unconfirmed → Fix Released |
In Debian Bug tracker #336373, Erik Rose (psucorp) wrote : #336373 - subversion: svn MKCOL ssl error - Debian Bug report logs | #40 |
I still get this error dependably in Testing (and I just dist-
upgraded and restarted everything a few minutes ago). On the server,
I have subversion 1.3.2-5+b1 and libssl0.9.8b-3. On my 2 failing
clients, I have...
1. DarwinPorts PowerPC builds of openssl 0.9.8a and svn 1.2.3
2. DarwinPorts Intel builds of openssl 0.9.8b and svn 1.4.0
To trigger the error, I do an "svn list -R". Big checkouts and
updates work fine; I've seen this error only when doing a "list".
Client 1 errors out immediately, while client 2 gets through half the
repository first. Fun!
In Debian Bug tracker #336373, Peter Samuelson (peter-p12n) wrote : Re: Bug#336373: #336373 - subversion: svn MKCOL ssl error - Debian Bug report logs | #41 |
[Erik Rose]
> I still get this error dependably in Testing (and I just dist-
> upgraded and restarted everything a few minutes ago). On the server,
> I have subversion 1.3.2-5+b1 and libssl0.9.8b-3.
This bug report is about a client error related to libssl. We know the
two things that caused it and both of them are fixed. Please see
Debian bug #338006 for details on the openssl bug, and please verify
that it is also fixed in your DarwinPorts build of openssl.
If you have reason to believe you've found a bug in Debian's subversion
_server_, rather than the DarwinPorts openssl, please file that as a
separate bug. (As an aside, if you do know of a bug in the
libapache2-svn Debian package, I'd appreciate if you could verify that
it also occurs in the unstable version, currently 1.4.0-2.)
Peter
In Debian Bug tracker #336373, Erik Rose (psucorp) wrote : | #42 |
> This bug report is about a client error related to libssl.
Ah, right you are. I had read #338006 but managed to miss that
detail. Sorry, and thanks.
I tried my "svn list -R" with a build of Subversion linked against OS
X's native libssl, and all went swimmingly. I'll file a bug with
DarwinPorts.
Thanks again!
Automatically imported from Debian bug report #336373 http:// bugs.debian. org/336373