Hello, I am experiencing issues when trying to use a subversion client = 1.14.2 (libserf 1.3.10) against an svn server running
Debian bookworm apache 2.4.57 subversion 1.14.2 openssl 3.0.9 with ssl client auth. I have now spent about some days searching through old ssl client auth errors in the openssl issues, subversion maillinglist Whenever I use the subversion clients I receive the following error on the client side svn: E170013: Unable to connect to a repository at URL 'https://studio.ovunque-si.it/svn/ovunque/php/decana-ig/trunk' (https://studio.ovunque-si.it/svn/ovunque/php/decana-ig/trunk') svn: E120171: Errore durante l'esecuzione del contesto: An error occurred during SSL communication after I have recompiled libserf with VERBOSE actived I have this log: 2134:mirko@idea ~/codici/siti/decana $ svn update Updating '.': [2023-10-01T02:44:14.120744+02] outgoing.c: created connection 0x46b7b028 [2023-10-01T02:44:14.438549+02] buckets/ssl_buckets.c: ssl_encrypt: begin 8000 [2023-10-01T02:44:14.438606+02] buckets/ssl_buckets.c: ssl_encrypt: bucket read 538 bytes; status 0 [2023-10-01T02:44:14.438616+02] buckets/ssl_buckets.c: --- OPTIONS /svn/ovunque/php/decana-ig/trunk HTTP/1.1 Host: studio.ovunque-si.it User-Agent: SVN/1.14.2 (x86_64-pc-linux-gnu) serf/1.3.10 Content-Type: text/xml Connection: keep-alive Accept-Encoding: gzip DAV: http://subversion.tigris.org/xmlns/dav/svn/depth (http://subversion.tigris.org/xmlns/dav/svn/depth) DAV: http://subversion.tigris.org/xmlns/dav/svn/mergeinfo (http://subversion.tigris.org/xmlns/dav/svn/mergeinfo) DAV: http://subversion.tigris.org/xmlns/dav/svn/log-revprops (http://subversion.tigris.org/xmlns/dav/svn/log-revprops) Content-Length: 131 <?xml version="1.0" encoding="utf-8"?><D:options xmlns:D="DAV:"><D:activity-collection-set></D:activity-collection-set></D:options> -(538)- [2023-10-01T02:44:14.438731+02] buckets/ssl_buckets.c: SSL_connect:before SSL initialization [2023-10-01T02:44:14.439067+02] buckets/ssl_buckets.c: bio_bucket_write called for 517 bytes [2023-10-01T02:44:14.439097+02] buckets/ssl_buckets.c: SSL_connect:SSLv3/TLS write client hello [2023-10-01T02:44:14.439110+02] buckets/ssl_buckets.c: bio_bucket_read called for 5 bytes [2023-10-01T02:44:14.439122+02] buckets/ssl_buckets.c: bio_bucket_read received 0 bytes (70014) [2023-10-01T02:44:14.439139+02] buckets/ssl_buckets.c: SSL_connect:error in SSLv3/TLS write client hello [2023-10-01T02:44:14.439150+02] buckets/ssl_buckets.c: ssl_encrypt: SSL write: -1 [2023-10-01T02:44:14.439169+02] buckets/ssl_buckets.c: ssl_encrypt: SSL write error: 2 [2023-10-01T02:44:14.439181+02] buckets/ssl_buckets.c: ssl_encrypt: SSL write error: 120103 0 [2023-10-01T02:44:14.439191+02] buckets/ssl_buckets.c: ssl_encrypt read agg: 120103 70014 0 517 [2023-10-01T02:44:14.439206+02] buckets/ssl_buckets.c: ssl_encrypt finished: 120103 517 (8 1 9) [2023-10-01T02:44:14.446893+02] buckets/ssl_buckets.c: ssl_decrypt: begin 8000 [2023-10-01T02:44:14.446934+02] buckets/ssl_buckets.c: bio_bucket_read called for 5 bytes [2023-10-01T02:44:14.446944+02] buckets/ssl_buckets.c: bio_bucket_read waiting: (8 1 9) [2023-10-01T02:44:14.446956+02] buckets/ssl_buckets.c: bio_bucket_read received 0 bytes (70014) [2023-10-01T02:44:14.446967+02] buckets/ssl_buckets.c: SSL_connect:error in SSLv3/TLS write client hello [2023-10-01T02:44:14.446995+02] buckets/ssl_buckets.c: ssl_decrypt: read 3278 bytes (8000); status: 0 [2023-10-01T02:44:14.447025+02] buckets/ssl_buckets.c: bio_bucket_read called for 5 bytes [2023-10-01T02:44:14.447038+02] buckets/ssl_buckets.c: bio_bucket_read waiting: (8 1 9) [2023-10-01T02:44:14.447051+02] buckets/ssl_buckets.c: bio_bucket_read received 5 bytes (0) [2023-10-01T02:44:14.447065+02] buckets/ssl_buckets.c: bio_bucket_read called for 122 bytes [2023-10-01T02:44:14.447075+02] buckets/ssl_buckets.c: bio_bucket_read received 122 bytes (0) [2023-10-01T02:44:14.447089+02] buckets/ssl_buckets.c: SSL_connect:SSLv3/TLS write client hello [2023-10-01T02:44:14.447638+02] buckets/ssl_buckets.c: bio_bucket_read called for 5 bytes [2023-10-01T02:44:14.447655+02] buckets/ssl_buckets.c: bio_bucket_read received 5 bytes (0) [2023-10-01T02:44:14.447669+02] buckets/ssl_buckets.c: bio_bucket_read called for 1 bytes [2023-10-01T02:44:14.447681+02] buckets/ssl_buckets.c: bio_bucket_read received 1 bytes (0) [2023-10-01T02:44:14.447694+02] buckets/ssl_buckets.c: bio_bucket_read called for 5 bytes [2023-10-01T02:44:14.447707+02] buckets/ssl_buckets.c: bio_bucket_read received 5 bytes (0) [2023-10-01T02:44:14.447717+02] buckets/ssl_buckets.c: bio_bucket_read called for 27 bytes [2023-10-01T02:44:14.447730+02] buckets/ssl_buckets.c: bio_bucket_read received 27 bytes (0) [2023-10-01T02:44:14.447752+02] buckets/ssl_buckets.c: SSL_connect:SSLv3/TLS read server hello [2023-10-01T02:44:14.447772+02] buckets/ssl_buckets.c: bio_bucket_read called for 5 bytes [2023-10-01T02:44:14.447785+02] buckets/ssl_buckets.c: bio_bucket_read received 5 bytes (0) [2023-10-01T02:44:14.447796+02] buckets/ssl_buckets.c: bio_bucket_read called for 260 bytes [2023-10-01T02:44:14.447808+02] buckets/ssl_buckets.c: bio_bucket_read received 260 bytes (0) [2023-10-01T02:44:14.447826+02] buckets/ssl_buckets.c: SSL_connect:TLSv1.3 read encrypted extensions [2023-10-01T02:44:14.447921+02] buckets/ssl_buckets.c: bio_bucket_read called for 5 bytes [2023-10-01T02:44:14.447933+02] buckets/ssl_buckets.c: bio_bucket_read received 5 bytes (0) [2023-10-01T02:44:14.447948+02] buckets/ssl_buckets.c: bio_bucket_read called for 2483 bytes [2023-10-01T02:44:14.447961+02] buckets/ssl_buckets.c: bio_bucket_read received 2483 bytes (0) [2023-10-01T02:44:14.447985+02] buckets/ssl_buckets.c: SSL_connect:SSLv3/TLS read server certificate request [2023-10-01T02:44:14.449945+02] buckets/ssl_buckets.c: bio_bucket_read called for 5 bytes [2023-10-01T02:44:14.449968+02] buckets/ssl_buckets.c: bio_bucket_read received 5 bytes (0) [2023-10-01T02:44:14.449981+02] buckets/ssl_buckets.c: bio_bucket_read called for 281 bytes [2023-10-01T02:44:14.449994+02] buckets/ssl_buckets.c: bio_bucket_read received 281 bytes (0) [2023-10-01T02:44:14.450016+02] buckets/ssl_buckets.c: SSL_connect:SSLv3/TLS read server certificate [2023-10-01T02:44:14.504824+02] buckets/ssl_buckets.c: bio_bucket_read called for 5 bytes [2023-10-01T02:44:14.504847+02] buckets/ssl_buckets.c: bio_bucket_read received 5 bytes (0) [2023-10-01T02:44:14.504856+02] buckets/ssl_buckets.c: bio_bucket_read called for 69 bytes [2023-10-01T02:44:14.504864+02] buckets/ssl_buckets.c: bio_bucket_read received 69 bytes (70014) [2023-10-01T02:44:14.504885+02] buckets/ssl_buckets.c: SSL_connect:TLSv1.3 read server certificate verify [2023-10-01T02:44:14.505019+02] buckets/ssl_buckets.c: SSL_connect:SSLv3/TLS read finished [2023-10-01T02:44:14.505041+02] buckets/ssl_buckets.c: SSL_connect:SSLv3/TLS write change cipher spec [2023-10-01T02:44:14.505111+02] buckets/ssl_buckets.c: SSL_connect:SSLv3/TLS write client certificate [2023-10-01T02:44:14.505142+02] buckets/ssl_buckets.c: bio_bucket_write called for 110 bytes [2023-10-01T02:44:14.505152+02] buckets/ssl_buckets.c: bio_bucket_write waiting: (0 0 0) [2023-10-01T02:44:14.505211+02] buckets/ssl_buckets.c: SSL_connect:SSLv3/TLS write finished [2023-10-01T02:44:14.505231+02] buckets/ssl_buckets.c: bio_bucket_read called for 5 bytes [2023-10-01T02:44:14.505244+02] buckets/ssl_buckets.c: bio_bucket_read received 0 bytes (70014) [2023-10-01T02:44:14.505259+02] buckets/ssl_buckets.c: ssl_decrypt: 120171 0 9 [2023-10-01T02:44:14.506678+02] outgoing.c: reset connection 0x46b7b028 [2023-10-01T02:44:14.506700+02] outgoing.c: cleaning up connection 0x46b7b028 [2023-10-01T02:44:14.506712+02] outgoing.c: closed connection 0x46b7b028 svn: E170013: Unable to connect to a repository at URL 'https://studio.ovunque-si.it/svn/ovunque/php/decana-ig/trunk' (https://studio.ovunque-si.it/svn/ovunque/php/decana-ig/trunk') svn: E120171: Errore durante l'esecuzione del contesto: An error occurred during SSL communication 2135:mirko@idea ~/codici/siti/decana $ on server side I receive this error: [Sun Oct 01 02:44:14.505491 2023] [ssl:trace4] [pid 2940614] ssl_engine_io.c(2411): [client 192.168.160.13:57474] OpenSSL: I/O error, 5 bytes expected to read on BIO#564742779c20 [mem: 564742795d43] [Sun Oct 01 02:44:14.505577 2023] [ssl:trace4] [pid 2940614] ssl_engine_io.c(2401): [client 192.168.160.13:57474] OpenSSL: write 24/24 bytes to BIO#56474277b340 [mem: 56474279d970] (BIO dump follows) [Sun Oct 01 02:44:14.505588 2023] [ssl:trace7] [pid 2940614] ssl_engine_io.c(2331): [client 192.168.160.13:57474] +-------------------------------------------------------------------------+ [Sun Oct 01 02:44:14.505599 2023] [ssl:trace7] [pid 2940614] ssl_engine_io.c(2368): [client 192.168.160.13:57474] | 0000: 17 03 03 00 13 c8 42 8e-25 51 2e b7 f5 33 b8 49 ......B.%Q...3.I | [Sun Oct 01 02:44:14.505608 2023] [ssl:trace7] [pid 2940614] ssl_engine_io.c(2368): [client 192.168.160.13:57474] | 0010: d2 6d 73 85 03 1e 82 c2- .ms..... | [Sun Oct 01 02:44:14.505614 2023] [ssl:trace7] [pid 2940614] ssl_engine_io.c(2373): [client 192.168.160.13:57474] +-------------------------------------------------------------------------+ [Sun Oct 01 02:44:14.505733 2023] [ssl:info] [pid 2940614] [client 192.168.160.13:57474] AH01998: Connection closed to child 1 with abortive shutdown (server studio.ovunque-si.it:443) If I comment this directives on apache configuraton all works: SSLVerifyClient require SSLRequire %{SSL_CLIENT_S_DN_O} in {"***********"} Can someone help me? thanks in advance, Mirko