libneon can't find SSLv2_server_method

For me, complilation of subversion works if I install libneon27-gnutls-dev and make distclean and then configure again.

(If the package mentioned above is installed, neon uses gnutls, I guess.)

Status changed to 'Confirmed' because the bug affects multiple users.

I'm using libneon for url parsing in an application that also links against libssl (on the release version of 11.10). When linking my application, I get the same error as above.

As a workaround I added the following to my application:

#if defined(OPENSSL_NO_SSL2)
// backport to make neon happy with only OpenSSL 1.0.0 available
extern "C" const SSL_METHOD *
SSLv2_server_method(void)
{
    // use SSL v2 and v3 even if only v2 is requested
    return SSLv23_server_method();
}
#endif

I meet the same problem when building svn, could you give me more detail steps to resolve this problem ? Thanks or send me email to icehong at gmail dot com

for me it only compiles if I have neither libneon27-dev nor libneon27-gnutls-dev installed.

need to correct myself:
it works with libneon27-gnutls-dev when doing the make distclean first

This hits people who are trying to compile libmusicbrainz in jhbuild. The problem goes away if you install the gnutls version (libneon27-gnutls-dev) and redo the build from scratch.

Probably this bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622140

Since SVN has problems using mit certificate using libneon-gnutls I also need to recompile subversion. But this bug hinders me here and subversion (and therefore Ubuntu 12.04 as a developer) is unusable for me.

This seems to be working on quantal now, but a SRU in precise would be nice.

This got fixed in debian with this patch (which we also now have in quantal).

http://patch-tracker.debian.org/patch/series/view/neon27/0.29.6-3/disabled_SSLv2_support.patch

A good testcase: try to compile libmusicbrainz 5.0.1 with the non-gnutls version of the library (libneon27-dev) installed.

I uploaded that patch to precise-proposed, thanks!

Hello Hyrum, or anyone else affected,

Accepted neon27 into precise-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/neon27/0.29.6-1ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

libneon27-dev/precise-proposed fixes the bug for me. I was using it to build wdfs 1.4.2.

Can confirm that pre installing pre proposed package.

/usr/lib/gcc/x86_64-linux-gnu/4.6/../../../../lib/libneon.so: undefined reference to `SSLv2_server_method'
collect2: ld returned 1 exit status
make[2]: *** [tests/ctest] Error 1
make[1]: *** [tests/CMakeFiles/ctest.dir/all] Error 2
make: *** [all] Error 2

After installing the proposed package for precise the package libmusicbrainz compiles correctly.

This bug was fixed in the package neon27 - 0.29.6-1ubuntu1

---------------
neon27 (0.29.6-1ubuntu1) precise-proposed; urgency=low

  * Make Neon recognize that SSLv2 functions were disabled. Backport from
    Quantal / Debian. Fixes compilation against non-gnutls libneon27-dev. (LP:
    #845901)
 -- Iain Lane <email address hidden> Wed, 12 Dec 2012 09:47:06 +0000

The verification of this Stable Release Update has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regresssions.

[ Compilation Error ]
Subversion version 1.7.9 (r1462340) compiled with:
$ ./configure --with-ssl
$ make

Following error during installation of subversion occured:

cd subversion/libsvn_ra_neon && /bin/bash /home/xxx/subversion-1.7.9/libtool --tag=CC --silent --mode=link gcc -g -O2 -pthread -D_LARGEFILE64_SOURCE -DNE_LFS -Werror=implicit-function-declaration -rpath /usr/local/lib -version-info 0 -Wl,--no-undefined -o libsvn_ra_neon-1.la commit.lo fetch.lo file_revs.lo get_dated_rev.lo get_deleted_rev.lo get_location_segments.lo get_locations.lo get_locks.lo lock.lo log.lo merge.lo mergeinfo.lo options.lo props.lo replay.lo session.lo util.lo ../../subversion/libsvn_delta/libsvn_delta-1.la ../../subversion/libsvn_subr/libsvn_subr-1.la -laprutil-1 -lapr-1 -L/usr/local/lib -lneon -lz -lssl -lcrypto -L/usr/lib/i386-linux-gnu -Wl,-Bsymbolic-functions -Wl,-z,relro -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err -lexpat
/usr/local/lib/libneon.a(ne_openssl.o): In function `ne_ssl_context_create':
/home/xxx/neon-0.29.6/src/ne_openssl.c:572: undefined reference to `SSLv2_server_method'
collect2: ld returned 1 exit status
make: *** [subversion/libsvn_ra_neon/libsvn_ra_neon-1.la] Error 1

[ Solution ]
In directory src of neon project locate ne_openssl.c file [example: ~/neon-0.29.6/src/ne_openssl.c] and update following function "ne_ssl_context_create" as follows:

ne_ssl_context *ne_ssl_context_create(int mode)
{
    ne_ssl_context *ctx = ne_calloc(sizeof *ctx);
    if (mode == NE_SSL_CTX_CLIENT) {
        ctx->ctx = SSL_CTX_new(SSLv23_client_method());
        ctx->sess = NULL;
        /* set client cert callback. */
        SSL_CTX_set_client_cert_cb(ctx->ctx, provide_client_cert);
        /* enable workarounds for buggy SSL server implementations */
        SSL_CTX_set_options(ctx->ctx, SSL_OP_ALL);
        SSL_CTX_set_verify(ctx->ctx, SSL_VERIFY_PEER, verify_callback);
    } else {
        ctx->ctx = SSL_CTX_new(SSLv23_server_method());
        SSL_CTX_set_session_cache_mode(ctx->ctx, SSL_SESS_CACHE_CLIENT);
    }
    return ctx;
}

Rem.: A part with elseif were deleted and SSLv23_server_method() is used instead of SSLv2_server_method().