Problems with SVN and old SSL protocols on

Added by Ian Walker over 2 years ago

There are issues when attempting to do an svn update:

root@redmine:/var/www/redmine# svn update
Updating '.':
svn: E170013: Unable to connect to a repository at URL ''
svn: E120171: Error running context: An error occurred during SSL communication

this currently happens on systems with updated SSL libraries libssl1.1 as well as libserf-1-1, and thus means nobody can connect to Scanning, shows that only supports older SSL protocols, instead of newer ones, eg: TLS 1.1 or TLS 1.2. This could be resolved by fixing the server running to utilise upgraded SSL protocols instead of older ones which are being deprecated.

The server supports only older protocols, but not the current best TLS 1.2. Grade capped to C.

whilst this can be solved for everyone to downgrade OpenSSL libraries/libserf on the server where they are attempting to connect from, this isn't an ideal solution as not all Linux distributions provide the ability to easily downgrade. Servers should be utilising the newer TLS/SSL protocols for security than utilising older protocols, which potentially could be a security risk.

It would be best, for to have the web server reconfigured to utilise these newer SSL/TLS protocols.

This currently affects the upcoming Debian Buster release. Possibly other distros also.

Replies (1)

RE: Problems with SVN and old SSL protocols on - Added by Karel Pičman almost 2 years ago


A workaround (switch to HTTP protocol):

$ svn switch --relocate