On Fri, 2005-09-09 at 10:37 +1000, Adam Conrad wrote: > Andreas Jellinghaus wrote: > > >Package: apache2 > >Version: 2.0.54-5 > >Severity: critical > > > >After upgrading 2.0.54-4 to 2.0.54-5 svn+ssl is broken: > > > >subversion client (e.g. checkout): > >svn: PROPFIND request failed on '/svn/test' > >svn: PROPFIND of '/svn/test': Could not read status line: SSL error: sslv3 > >alert unexpected message (https://www.opensc.org) > > > >apache error log: > >[Thu Sep 08 20:47:39 2005] [error] Re-negotiation handshake failed: Not > >accepted by client!? > > > >downgrade to 2.0.54-4 and everything is fine again. > > > >debian gnu linux / sarge / kernel 2.6.11.11 vanilla, i386, > >apache2 on 80 and 443, ssl with self signed certificate, > >accepting a list of self signed certificates, svn repository > >needs those for write access only. > > > >more configuration and any detail you need available on request. > > > > > I would like a tarball of your /etc/apache2/, if that's not too much > inconvenience. I suspect a combination of a longstanding subversion bug > and a (mis)configuration of apache2 are biting you, and the recent > apache2 bugfix just exposed the issue. I need to see how you have your > sites set up to confirm this, though.
After reading the initial bug report I checked with my upgraded SVN servers (no client certs involved). "Fresh" checkouts seem to work flawless but checkouts from user accounts that had allready checked out from the server hang. Doing a 'svn co --no-auth-cache' from these accounts seems to have fixed the problem (i.e. afterwards checkouts work even without the '--no-auth-cache' option). Maybe there's a problem with SVNs cert cache? HTH Ralf Mattes > ... Adam > > > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
