Folker Schamel wrote on Tue, Jul 31, 2018 at 17:42:10 +0200: > On 2018-07-31 17:04, Philip Martin wrote: > > Folker Schamel <schame...@spinor.com> writes: > > > For the broken setup, the client reports: > > > svn: E120171: Error running context: An error occurred during SSL > > > communication > > > And the server Apache log reports: > > > ssl_engine_io.c(1308): (70014)End of file found: [client xxxxx:xxxxx] > > > AH02007: SSL handshake interrupted by system [Hint: Stop button > > > pressed in browser?!] > > Maybe a hint in the svn release notes could be useful, since the svn error > messages are not very useful.
Subversion uses Serf, which uses OpenSSL, which talks to an SSL implementation on the server. The root cause of the error is known to the SSL implementation on the server (that's why you see it in the error log). It's not obvious that OpenSSL on the client side even knows what the root cause is. It could be that only the server-side SSL implementation knows the root cause; it could be that the client-side SSL implementation also knows the root cause, but the ball of relaying that information up the stack (openssl->serf->libsvn->stderr) was dropped. The error code in question (E120171, SERF_ERROR_SSL_COMM_FAILED) does appear to be somewhat of a catchall, i.e., a code to which several openssl errors are mapped; but nevertheless, I wouldn't be surprised if the openssl client-side error message were less detailed than the server-side one. For what it's worth, the only part of the quoted error message that Subversion controls is the text "Error running context". The remainder, both the number prefixed andthe error suffixed, is generated by the serf library, based on an error returned by the openssl library. That said, I do agree that "Error running context" isn't the best phrasing. "Context", here, is the name of an internal API. Something like "HTTP request failed" would be better, wouldn't it? > Thanks a lot! > And sorry for bothering on the dev list. I should have posted to user. > Also thanks for your other SNI and DEFLATE tips! Cheers, Daniel
