Re: Bug report: Regression SVN Client, SSL, Serf 1.3.9-3, SSLVerifyClient require

From: Philip Martin <philip_at_codematters.co.uk>
Date: Tue, 31 Jul 2018 20:09:13 +0100

Daniel Shahaf <d.s_at_daniel.shahaf.name> writes:

> Subversion uses Serf, which uses OpenSSL, which talks to an SSL implementation
> on the server. The root cause of the error is known to the SSL implementation
> on the server (that's why you see it in the error log). It's not obvious that
> OpenSSL on the client side even knows what the root cause is.

In this case the client knows exactly what is wrong, it's the one
closing the connection because:

140258270184704:error:140AB18E:SSL routines:SSL_CTX_use_certificate:ca md too weak:../ssl/ssl_rsa.c:303:

Could we get our client to show that error? We would need a new serf
API to marshal the error message back to Subversion.

-- 
Philip

Received on 2018-07-31 21:09:29 CEST

This message: [ Message body ]
Next message: Daniel Shahaf: "Re: svn commit: r1837159 - /subversion/site/publish/docs/release-notes/1.11.html"
Previous message: Daniel Shahaf: "Re: Bug report: Regression SVN Client, SSL, Serf 1.3.9-3, SSLVerifyClient require"
In reply to: Daniel Shahaf: "Re: Bug report: Regression SVN Client, SSL, Serf 1.3.9-3, SSLVerifyClient require"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]