On Fri, Aug 28, 2015 at 05:48:29PM +0200, Andreas Korsten wrote: > after the recent security upgrade, kerberos authentication no longer > works with libapache2-mod-auth-kerb (it never worked with > libapache2-mod-auth-gssapi). > > Output of the svn client: > > % svn ls https://${FQDN}/svn-krb/${REPO} > svn: E175002: Unable to connect to a repository at URL > 'https://${FQDN}/svn-krb/${REPO}' > svn: E175002: Server sent unexpected return value (401 Unauthorized) in > response to OPTIONS request for 'https://${FQDN}/svn-krb/${REPO}' > > Apache access log (error log is empty): > > ${CLIENT_IP} - - [28/Aug/2015:16:41:42 +0200] "OPTIONS /svn-krb/${REPO} > HTTP/1.1" 401 5906 "-" "SVN/1.7.19 neon/0.29.6"
As shown in the working example, an initial 401 is expected. The client should retry with the auth. The question is why that isn't happening. What does “svn --version” show? Would you be able to perform tests on both the upgraded libapache2-mod-svn and the pre-upgrade version? Cheers, -- James GPG Key: 4096R/331BA3DB 2011-12-05 James McCoy <james...@debian.org>
signature.asc
Description: Digital signature
