Ubuntu
subversion package

  1. Bug #294648
  2. Comment #32

Comment 32 for bug 294648

Revision history for this message
Tony Bayley (tony-bayleyfamily) wrote : RE: [Bug 294648] Re: svn over https with client certificates broken(regression in intrepid)

My SVN problems were fixed when I changed from a self-generated SSL
certificate to one obtained from a certification authority (Free SSL
certificate obtained from StartCom: http://www.startssl.com/?app=39 )

I am not sure why this made a difference, but it might be worth trying if
you have run out of ideas!

Regards
Tony.

-----Original Message-----
From: <email address hidden> [mailto:<email address hidden>] On Behalf Of gero
Sent: 05 September 2010 13:26
To: <email address hidden>
Subject: [Bug 294648] Re: svn over https with client certificates
broken(regression in intrepid)

Hi, I've had problems since upgrading from Hardy to Lucid:

$ svn update
svn: OPTIONS of 'https://svn.example.com/path/to/svn/trunk': SSL handshake
failed: SSL error: A TLS warning alert has been received.
(https://svn.example.com)

I assume the old svn client version was 1.4.6:
http://packages.ubuntu.com/hardy/subversion The new version is 1.6.6.

The repository has other users for whom it continues to work.

Could this be the same problem? Using libneon instead of libneon-gnutls
has not helped, only changed the error message slightly:

svn: OPTIONS of 'https://svn.example.com/path/to/svn/trunk': SSL
handshake failed: SSL error code -1/1/336032856
(https://svn.example.com)

Any other ideas?

--
svn over https with client certificates broken (regression in intrepid)
https://bugs.launchpad.net/bugs/294648
You received this bug notification because you are a direct subscriber
of the bug.

Status in subversion: New
Status in "subversion" package in Ubuntu: Confirmed

Bug description:
Binary package hint: subversion

After upgrading from hardy to intrepid, svn with https client certificates
authentication stopped working, giving the following error:

user@testhost:~$ svn info https://svn.example.org/svn/main/
svn: OPTIONS of 'https://svn.example.org/svn/main': Could not read status
line: SSL error: Rehandshake was requested by the peer.
(https://svn.example.org)

This is against an apache2 server with
<Location /svn>
          SSLVerifyClient require
...

If I set "SSLVerifyClient none" everything just works, hence the conclusion
that this is related to client certificate verification. I have configured
my svn client to use a pkcs#12 file.

This may be related to http://bugs.debian.org/480041

Version info:
subversion 1.5.1dfsg1-1ubuntu2
libneon27-gnutls 0.28.2-2build1

To unsubscribe from this bug, go to:
https://bugs.launchpad.net/subversion/+bug/294648/+subscribe