On Wed, Oct 11, 2017 at 10:51:59AM +0200, Falko Matthies wrote: > I have a small issue. It looks like that the serf lib is the reason, why > subversion does not work anymore while > accessing HTTPS repositories. > > I am using > - the current debian testing (buster) amd64 > - subversion 1.9.7-2 (r1800392) with libserf 1.3.9-3 (no self compiled > packages, only distribution packages) and > - beanstalkapp as a repository provider > > I cant access (update/checkout/list/whatever) my subversion repository > anymore. > Everytime i call a subversion command i > get following error message: > > > svn: E170013: Unable to connect to a repository at URL > 'https://u...@company.svn.beanstalkapp.com/REPOSITORY/trunk' > > svn: E120171: Error running context: An error occurred during SSL > communication > > If i replace the package libserf-1.3.9-3 by libserf-1.3.9-1 (and nothing else) > everything works fine.
1.3.9-1 is linked against libssl1.0.2, but 1.3.9-3 is linked against libssl1.1. > I dont get any > errors anymore. Also curl works fine. curl is also linked against libssl1.0.2. > Maybe there is a bug in the current > libserf 1.3.9-3 version? Quoting libssl1.1's NEWS.Debian.gz: By default the minimum supported TLS version is 1.2. If you still need to talk to applications that only support TLS 1.0 you should configure the application to set the minimum supported version. Ideally, your beanstalk server could be reconfigured to support TLS1.2. However, I also don't see a way to tell svn or serf what TLS versions it will accept from the server. Cheers, -- James GPG Key: 4096R/91BF BF4D 6956 BD5D F7B7 2D23 DFE6 91AE 331B A3DB
