Uploaded image for project: 'Subversion'
  1. Subversion
  2. SVN-4271

ra_neon fails to properly handle newly introduced Neon error codes

VotersWatch issueWatchersLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Won't Fix
    • Affects Version/s: 1.6.x
    • Fix Version/s: 1.7.x
    • Component/s: libsvn_ra_neon
    • Labels:
      None
    • Environment:

      Linux

      Description

      subversion is not compatible with neon which configures with gnutls for SSL
      support( using gnutls default on rhel6/centos6).
      neon, since 0.29.0. Addd "NE_SSL_BADCHAIN" for SSL verification failure(value as
      0x10).
      neon changelogs :
      "SSL verification failure bits extended by NE_SSL_BADCHAIN and NE_SSL_REVOKED"
      
      To subversion, could not remap this new failures values(0x18) if SSL
      certification chain is broken(eg. selfsign CA), and  treats as SVN_AUTH_SSL_OTHER.
      
      However, there is no problem if neon configures openssl for SSL support, because
      there no check_chain_expiry() for openssl in neon。
      
      how to reproduce:
      
      [chapmanou@warehouse ~]$ svn list https://xxxxx
      Error validating server certificate for 'https://xxxxx:443':
       - The certificate is not issued by a trusted authority. Use the
         fingerprint to validate the certificate manually!
       - The certificate has an unknown error.
      Certificate information:
       - Hostname: xxxxx
       - Valid: from Mon, 10 Sep 2012 01:38:06 GMT until Wed, 10 Sep 2014 01:38:06 GMT
       - Issuer: xxxxx
       - Fingerprint: 65:a6:ef:7a:3a:3b:34:cb:78:4b:85:1f:0f:2f:d0:69:75:48:89:e9
      

      Original issue reported by ochapman

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              subversion-importer Subversion Importer

              Dates

              • Created:
                Updated:
                Resolved:

                Issue deployment