On 2018-08-03 12:46, Daniel Shahaf wrote:
Folker Schamel wrote on Thu, 02 Aug 2018 15:34 +0200:
On 2018-08-01 19:19, Daniel Shahaf wrote:
Folker Schamel wrote on Wed, 01 Aug 2018 17:51 +0200:
Hi Julian,
Draft which may save you some time:
First patch against trunk:
[[[
*
Folker Schamel wrote on Thu, 02 Aug 2018 15:34 +0200:
> On 2018-08-01 19:19, Daniel Shahaf wrote:
> > Folker Schamel wrote on Wed, 01 Aug 2018 17:51 +0200:
> >> Hi Julian,
> >>
> >> Draft which may save you some time:
> >>
> >> First patch against trunk:
> >> [[[
> >> * site/staging/faq.html:
> >>
Folker Schamel wrote:
> Daniel Shahaf wrote:
>> Folker Schamel wrote:
>>> * site/staging/faq.html:
>>>Add entry for "An error occurred during SSL communication" error.
>>> * site/staging/docs/release-notes/1.10.html:
>>>Add entry for an OpenSSL upgrade causing "An error occurred during
On 2018-08-01 19:19, Daniel Shahaf wrote:
Folker Schamel wrote on Wed, 01 Aug 2018 17:51 +0200:
Hi Julian,
Draft which may save you some time:
First patch against trunk:
[[[
* site/staging/faq.html:
Add entry for "An error occurred during SSL communication" error.
]]]
Second patch
Folker Schamel wrote on Wed, 01 Aug 2018 17:51 +0200:
> Hi Julian,
>
> Draft which may save you some time:
>
> First patch against trunk:
> [[[
> * site/staging/faq.html:
>Add entry for "An error occurred during SSL communication" error.
> ]]]
>
> Second patch against trunk:
> [[[
> *
Hi Julian,
Draft which may save you some time:
First patch against trunk:
[[[
* site/staging/faq.html:
Add entry for "An error occurred during SSL communication" error.
]]]
Second patch against trunk:
[[[
* site/staging/docs/release-notes/1.10.html:
Add entry for an OpenSSL upgrade causing
Folker Schamel wrote:
> Hi Stefan,
>> That's the catch here. Subversion does not ship with OpenSSL by
>> itself. From Subversion's point of view this is a 3rd-party
>> dependency. [...] It could be something worthwhile adding to the FAQ
>> however, though then in a more general manner like:
Hi Stefan,
That's the catch here. Subversion does not ship with OpenSSL by
itself. From Subversion's point of view this is a 3rd-party
dependency. You can easily build Subversion 1.9.x/1.10.x with OpenSSL
1.0.x. Whether or not you run into this issue therefore is outside the
scope of
On 8/1/2018 9:25 AM, Folker Schamel wrote:
On 2018-07-31 21:09, Philip Martin wrote:
Daniel Shahaf writes:
Subversion uses Serf, which uses OpenSSL, which talks to an SSL implementation
on the server. The root cause of the error is known to the SSL implementation
on the server (that's why
On 2018-07-31 21:09, Philip Martin wrote:
Daniel Shahaf writes:
Subversion uses Serf, which uses OpenSSL, which talks to an SSL implementation
on the server. The root cause of the error is known to the SSL implementation
on the server (that's why you see it in the error log). It's not
Daniel Shahaf writes:
> Subversion uses Serf, which uses OpenSSL, which talks to an SSL implementation
> on the server. The root cause of the error is known to the SSL implementation
> on the server (that's why you see it in the error log). It's not obvious that
> OpenSSL on the client side
Folker Schamel wrote on Tue, Jul 31, 2018 at 17:42:10 +0200:
> On 2018-07-31 17:04, Philip Martin wrote:
> > Folker Schamel writes:
> > > For the broken setup, the client reports:
> > > svn: E120171: Error running context: An error occurred during SSL
> > > communication
> > > And the server
Hi Philip,
this solved it!
Using "openssl s_client" as you described it reported:
error setting certificate
140258270184704:error:140AB18E:SSL routines:SSL_CTX_use_certificate:ca
md too weak:../ssl/ssl_rsa.c:303:
So we created new certificates with sha256 (default in openssl 1.1)
instead of
Folker Schamel writes:
> After upgrading, Subversion SSL connections with "SSLVerifyClient
> require" seem to be broken.
>
> Broken: SVN Client 1.9.5, Serf 1.3.9-3, Server "SSLVerifyClient require"
> Works: SVN Client 1.9.5, Serf 1.3.9-3, Server "SSLVerifyClient off"
> Works: SVN Client 1.9.5,
Hello everyone,
After upgrading, Subversion SSL connections with "SSLVerifyClient
require" seem to be broken.
Broken: SVN Client 1.9.5, Serf 1.3.9-3, Server "SSLVerifyClient require"
Works: SVN Client 1.9.5, Serf 1.3.9-3, Server "SSLVerifyClient off"
Works: SVN Client 1.9.5, Serf 1.3.8-1,
15 matches
Mail list logo