subject:"Bug#702888\: openssl 1.0.1e\-1 upgrade breaks subversion client\/server"

Bug#702888: openssl 1.0.1e-1 upgrade breaks subversion client/server

2013-03-12 Thread Patrick Matthäi

Package: openssl
Version: 1.0.1c-4
Severity: serious

Hello,

I had some curious problems on commiting data at my subversion repository, where
the server (apache with libapache2-svn) is also the client (I am working on this
server).

Here are some snippets of my history which will show you the problem:

-- snip 1
me@srv1:~/pkg-svn/otrs2/trunk$ svn st
M   debian/patches/02-cron.diff
M   debian/patches/03-postmaster.diff
M   debian/patches/04-backup.diff

me@srv1:~/pkg-svn/otrs2/trunk$ dch

me@srv1:~/pkg-svn/otrs2/trunk$ svn ci
svn: Übertragen schlug fehl (Details folgen):
svn: OPTIONS von »https://svn.linux-dev.org/svn/pkg/otrs2/trunk/debian«: Could 
not read status line: SSL alert received: Bad record MAC 
(https://svn.linux-dev.org)
svn: Ihre Logmeldung wurde in einer Temporärdatei abgelegt:
svn:'/home/me/pkg-svn/otrs2/svn-commit.tmp'

me@srv1:~/pkg-svn/otrs2/trunk$ svn up
Revision 4372.

me@srv1:~/pkg-svn/otrs2/trunk$ svn ci
svn: Übertragen schlug fehl (Details folgen):
svn: OPTIONS von »https://svn.linux-dev.org/svn/pkg/otrs2/trunk/debian«: Could 
not read status line: SSL alert received: Bad record MAC 
(https://svn.linux-dev.org)
svn: Ihre Logmeldung wurde in einer Temporärdatei abgelegt:
svn:'/home/me/pkg-svn/otrs2/svn-commit.2.tmp'

me@srv1:~/pkg-svn/otrs2/trunk$ svn st
M   debian/patches/02-cron.diff
M   debian/patches/03-postmaster.diff
M   debian/patches/04-backup.diff
M   debian/changelog

me@srv1:~/pkg-svn/otrs2/trunk$ svn ci
svn: Übertragen schlug fehl (Details folgen):
svn: OPTIONS von »https://svn.linux-dev.org/svn/pkg/otrs2/trunk/debian«: Could 
not read status line: SSL alert received: Bad record MAC 
(https://svn.linux-dev.org)
svn: Ihre Logmeldung wurde in einer Temporärdatei abgelegt:
svn:'/home/me/pkg-svn/otrs2/svn-commit.3.tmp'

me@srv1:~/pkg-svn/otrs2/trunk$ curl https://svn.linux-dev.org
curl: (51) SSL: certificate subject name 'www.linux-dev.org' does not match 
target host name 'svn.linux-dev.org'

me@srv1:~/pkg-svn/otrs2/trunk$ svn ci
svn: Übertragen schlug fehl (Details folgen):
svn: OPTIONS von »https://svn.linux-dev.org/svn/pkg/otrs2/trunk/debian«: Could 
not read status line: SSL alert received: Bad record MAC 
(https://svn.linux-dev.org)
svn: Ihre Logmeldung wurde in einer Temporärdatei abgelegt:
svn:'/home/me/pkg-svn/otrs2/svn-commit.4.tmp'

me@srv1:~/pkg-svn/otrs2/trunk$ svn up
Fehler bei der Validierung des Serverzertifikats für 
»https://svn.linux-dev.org:443«:
 - Der Hostname des Zertifikats stimmt nicht überein.
Zertifikats-Informationen:
 - Hostname: www.linux-dev.org
 - Gültig: von Mon, 21 Mar 2011 21:16:18 GMT bis Wed, 20 Mar 2013 21:16:18 GMT
 - Aussteller: http://www.CAcert.org, CAcert Inc.
 - Fingerabdruck: 1c:bb:d0:50:62:0a:eb:0f:e7:03:5b:91:87:40:8c:99:d1:77:c9:b7
Ve(r)werfen, (t)emporär akzeptieren oder (p)ermanent akzeptieren? p
Anmeldebereich: https://svn.linux-dev.org:443 Linux-Dev Subversion
Passwort für »me«:
Anmeldebereich: https://svn.linux-dev.org:443 Linux-Dev Subversion
Benutzername: the-me
Passwort für »the-me«:

-
Revision 4372.


me@srv1:~/pkg-svn/otrs2/trunk$ svn ci
svn: Übertragen schlug fehl (Details folgen):
svn: OPTIONS von »https://svn.linux-dev.org/svn/pkg/otrs2/trunk/debian«: Could 
not read status line: SSL alert received: Bad record MAC 
(https://svn.linux-dev.org)
svn: Ihre Logmeldung wurde in einer Temporärdatei abgelegt:
svn:'/home/me/pkg-svn/otrs2/svn-commit.5.tmp'

me@srv1:~/pkg-svn/otrs2/trunk$ svn ci debian/changelog
Sende  debian/changelog
Übertrage Daten .
Revision 4373 übertragen.

me@srv1:~/pkg-svn/otrs2/trunk$ svn ci debian/patches/
Sende  debian/patches/02-cron.diff
Sende  debian/patches/03-postmaster.diff
Sende  debian/patches/04-backup.diff
Übertrage Daten ...
Revision 4374 übertragen.
me@srv1:~/pkg-svn/otrs2/trunk$
-


As you can see I were unable to commit files in debian/patches/ and 
debian/changelog at the same time.
Apache error log only gives me:
[12/Mar/2013:14:12:42 +0100] OPTIONS /svn/pkg/otrs2/trunk/debian HTTP/1.1 401 
2412 - SVN/1.6.17 (r1128011) neon/0.29.6

This fault is reproduceable, also one of our customers had got a problem on 
recursive adding files and directories, also
another people spotted this problem on Wheezy here:
http://svn.haxx.se/users/archive-2013-03/index.shtml#10 (Possible bug: 
Bad record MAC)

After downgrading several packages, which were updated in the past weeks 
(apache, libgcrypt, gnutls, curl etc)
it works again if I downgrade openssl and libssl1.0.0 from 1.0.1e-1 to 1.0.1c-4.

Here is another snippet:

--- snip 2
me@srv1:~/pkg-svn$ cd tools/
me@srv1:~/pkg-svn/tools$ svn mkdir test
A test
me@srv1:~/pkg-svn/tools$ svn ci test -m 'test folder'
Hinzufügen test

Revision 4375 übertragen.
me@srv1:~/pkg-svn/tools$ touch foo test/bar
me@srv1:~/pkg-svn/tools$ svn add foo test/bar
A foo
A test/bar
me@srv1:~/pkg-svn/tools$ svn ci -m 'test add'

Bug#702888: [Pkg-openssl-devel] Bug#702888: openssl 1.0.1e-1 upgrade breaks subversion client/server

2013-03-12 Thread Kurt Roeckx

On Tue, Mar 12, 2013 at 03:36:22PM +0100, Patrick Matthäi wrote:
 Package: openssl
 Version: 1.0.1c-4
 Severity: serious
 
 Hello,
 
 I had some curious problems on commiting data at my subversion repository, 
 where
 the server (apache with libapache2-svn) is also the client (I am working on 
 this
 server).

Yes, there are already various bug reports about this issue.  See
#701868 for instance.


Kurt


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#702888: openssl 1.0.1e-1 upgrade breaks subversion client/server

Bug#702888: [Pkg-openssl-devel] Bug#702888: openssl 1.0.1e-1 upgrade breaks subversion client/server

2 matches

Site Navigation

Mail list logo

Footer information