Hey,
On 26.07.2013 11:14, Lieven Govaerts wrote:> This renegotiation issue
was solved on serf trunk in r2078, details in
> the ticket you opened:
> https://code.google.com/p/serf/issues/detail?id=114
>
> r2078 applies cleanly to the serf 1.3.x branch, so if you can validate
> the fix before I backport it to 1.3.x that'd be much appreciated!
that was fast - thanks alot!
I just recompiled the complete subversion client because my installed
one was built against libserf-v1.2 and would not work with LD_PRELOAD
with the newer 1.3 libserf. Results look fine
bernd@myhost:~$ /usr/local/bin/svn ls https://example.com/svn/testrepos
README
...but...
This only works in an optimal client auth environment, meaning
* The path to the client certificate is specified in ~
/.subversion/servers in the correct section. Otherwise the following
error will occur:
bernd@myhost:~$ /usr/local/bin/svn ls https://example.com/svn/testrepos
subversion/svn/list-cmd.c:383,
subversion/libsvn_client/list.c:578,
subversion/libsvn_client/list.c:368,
subversion/libsvn_client/ra.c:516,
subversion/libsvn_client/ra.c:393,
subversion/libsvn_ra/ra_loader.c:482: (apr_err=120171)
svn: E120171: Unable to connect to a repository at URL
'https://example.com/svn/testrepos'
subversion/libsvn_ra_serf/serf.c:528,
subversion/libsvn_ra_serf/options.c:508,
subversion/libsvn_ra_serf/util.c:814,
subversion/libsvn_ra_serf/util.c:781: (apr_err=120171)
svn: E120171: Error running context: An error occurred during SSL
communication
* The ~/.subversion/servers file is readable, otherwise svn will segfault:
bernd@myhost:~$ /usr/local/bin/svn ls https://example.com/svn/testrepos
svn: warning: W000013: Can't open file
'/home/bernd/.subversion/servers': Permission denied
Segmentation fault
* When having activated the 'ssl-client-cert-file-prompt=yes' option in
the ~/.subversion/config [auth] section one has to provide a certificate
in pkcs12 format. Otherwise, e.g. when using a PEM encoded cert, one
receives this error:
bernd@myhost:~$ /usr/local/bin/svn ls https://example.com/svn/testrepos
Authentication realm: https://example.com:443
Client certificate filename: /home/bernd/workspace/svn/bernd.pem
OpenSSL cert error: 13 104 168
Authentication realm: https://example.com:443
Client certificate filename: /home/bernd/.subversion/certs/bernd.p12
README
I guess all of them need to be reported to the subversion people though.
I assume they are not directly related to libserf.
Thanks again for the fast help, hope to see that fix in downstream
packes soon :)
--
Technische Universität Berlin - FGINET
Bernd May
System Administration
Sekr. TEL 16
Ernst-Reuter-Platz 7
10587 BERLIN
GERMANY
Mobile: 0160/90257737
E-Mail: bernd_at_inet.tu-berlin.de
WWW: inet.tu-berlin.de
Received on 2013-07-29 17:05:06 CEST