[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

SSL renegotiation

From: Martin v. L÷wis <martin_at_v.loewis.de>
Date: 2003-05-13 00:05:37 CEST

It seems I can't get SSL handshake renegotiation to work. In my
httpd.conf, I have

<Location /playground>
  SSLVerifyClient require
  DAV svn
  SVNPath /export/svn/playground

  SVNAutoversioning on
</Location>

i.e. I only require a client certificate for this repository, not for
the entire server. When I activate SSLVerifyClient globally, it works
fine. If I activate it as shown, I get

svn: RA layer request failed
svn: The path was not part of a repository
svn: PROPFIND of /: 405 Method Not Allowed

Setting neon-debug-mask=1023 reveals the following output, among other:

Sending request headers:
PROPFIND /payground HTTP/1.1
...
Doing SSL negotiation.
...
Request sent; retry is 0
[status-line] < HTTP/1.1 405 Method Not Allowed
[hdr] Date: Mon, 12 May 2003 21:30:46 GMT
...
Sending request headers:
PROPFIND / HTTP/1.1
[...]
Request sent; retry is 1
[status-line] < HTTP/1.1 405 Method Not Allowed

My interpretation is that the server, when the client asks for
/playground, offers to renegotiate SSL options. Subversion rejects
this, then the server rejects the request.

Any idea on how I could get this to work, or what else to try?

Regards,
Martin

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue May 13 00:07:17 2003

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.