View previous topic :: View next topic |
Author |
Message |
Dragonlord Guru
Joined: 22 Aug 2004 Posts: 446 Location: Switzerland
|
Posted: Tue Nov 02, 2010 4:23 pm Post subject: layman -a fails with SSL error |
|
|
Tried to add the Pentoo overlay, in vain. Trying to run
I get
Code: | * Running command "/usr/bin/svn co "https://www.pentoo.ch/svn/portage/trunk//@" "/var/lib/layman/pentoo""...
svn: OPTIONS of 'https://www.pentoo.ch/svn/portage/trunk': SSL handshake failed: SSL error: A TLS warning alert has been received. (https://www.pentoo.ch)
* Deleting _empty_ directory "/var/lib/layman/pentoo"
* Failed to add overlay "pentoo".
* Error was: Adding overlay "pentoo" failed! |
Solutions? _________________ DragonDreams: Leader and Head Programmer |
|
Back to top |
|
|
Grimmlin n00b
Joined: 15 Mar 2005 Posts: 32
|
Posted: Tue Nov 02, 2010 10:13 pm Post subject: |
|
|
Hi,
This happened when we upgraded openssl.
Just upgrade yours and follow the revdep-rebuild guidelines.
You can also go with unstable neon 0.29.5, first option is much more clean _________________ http://www.pentoo.ch |
|
Back to top |
|
|
Dragonlord Guru
Joined: 22 Aug 2004 Posts: 446 Location: Switzerland
|
Posted: Tue Nov 02, 2010 10:24 pm Post subject: |
|
|
I have already the newest OpenSSL (as I upgrade my server weekly and connecting there works without a problem). Any other problems? _________________ DragonDreams: Leader and Head Programmer |
|
Back to top |
|
|
Grimmlin n00b
Joined: 15 Mar 2005 Posts: 32
|
Posted: Tue Nov 02, 2010 10:32 pm Post subject: |
|
|
Ok, but did you ran revdep-rebuild --library libcrypto.0.9.8.so ?
Also it's a known bug in neon, you can eventually upgrade it to 0.29.5 _________________ http://www.pentoo.ch |
|
Back to top |
|
|
Dragonlord Guru
Joined: 22 Aug 2004 Posts: 446 Location: Switzerland
|
Posted: Wed Nov 03, 2010 1:11 pm Post subject: |
|
|
Already done but did I again for this problem here:
Code: | # revdep-rebuild --library libcrypto.0.9.8.so
* Configuring search environment for revdep-rebuild
* Checking reverse dependencies
* Packages containing binaries and libraries using libcrypto.0.9.8.so
* will be emerged.
* Collecting system binaries and libraries
* Generated new 1_files.rr
* Checking dynamic linking
[ 100% ]
* There are no dynamic links to libcrypto.0.9.8.so... All done. |
As expected no problems there. Any other ideas? It only doesn't work with the Pentoo server so far hence I'm inclined to believe it could be a configuration issue of some sort but the error is not really telling much. _________________ DragonDreams: Leader and Head Programmer |
|
Back to top |
|
|
SamuliSuominen Retired Dev
Joined: 30 Sep 2005 Posts: 2133 Location: Finland
|
Posted: Wed Nov 03, 2010 3:07 pm Post subject: |
|
|
Dragonlord wrote: | Already done but did I again for this problem here:
Code: | # revdep-rebuild --library libcrypto.0.9.8.so
* Configuring search environment for revdep-rebuild
* Checking reverse dependencies
* Packages containing binaries and libraries using libcrypto.0.9.8.so
* will be emerged.
* Collecting system binaries and libraries
* Generated new 1_files.rr
* Checking dynamic linking
[ 100% ]
* There are no dynamic links to libcrypto.0.9.8.so... All done. |
As expected no problems there. Any other ideas? It only doesn't work with the Pentoo server so far hence I'm inclined to believe it could be a configuration issue of some sort but the error is not really telling much. |
libcrypto.0.9.8.so is not the same thing as libcrypto.so.0.9.8, you have typing error there.
# revdep-rebuild --library libcrypto.so.0.9.8
# revdep-rebuild --library libssl.so.0.9.8
( add net-libs/neon to /etc/portage/package.keywords )
# emerge ">=net-libs/neon-0.29.5" |
|
Back to top |
|
|
Grimmlin n00b
Joined: 15 Mar 2005 Posts: 32
|
Posted: Wed Nov 03, 2010 3:41 pm Post subject: |
|
|
You're right, it's libcrypto.so.0.9.8 (mindfail)
Anyway, it's working fine here with subversion-1.6.13 and neon-0.29.3 on openssl-1.0.0a-r3
Even on openssl-0.9.8 it works fine with neon-0.29.5 _________________ http://www.pentoo.ch |
|
Back to top |
|
|
Dragonlord Guru
Joined: 22 Aug 2004 Posts: 446 Location: Switzerland
|
Posted: Sat Nov 06, 2010 6:20 pm Post subject: |
|
|
Sorry for the delay but scheduled update today got in the way as rev-deprebuild causing OO to be rebuild (urks). Anyways I did all the rebuilds you mentioned. Although a bunch of packages including openssl had been updated the error persists (and it only exists with Pentoo server no other servers I hook up with):
Code: | layman -a pentoo
* Running... # /usr/bin/svn co https://www.pentoo.ch/svn/portage/trunk//@ /var/lib/layman/pentoo
svn: OPTIONS of 'https://www.pentoo.ch/svn/portage/trunk': SSL handshake failed: SSL error: A TLS warning alert has been received. (https://www.pentoo.ch)
* Deleting _empty_ directory "/var/lib/layman/pentoo"
* Failed to add overlay "pentoo".
* Error was: Adding overlay "pentoo" failed! |
_________________ DragonDreams: Leader and Head Programmer |
|
Back to top |
|
|
mv Watchman
Joined: 20 Apr 2005 Posts: 6747
|
Posted: Sat Nov 06, 2010 6:52 pm Post subject: |
|
|
After every update of openssl you must update neon and/or serf (depending on what you are using) (probably this was done already) and after this update you must reemerge subversion. The reason is that openssl, neon, and serf have the policy to do ABI changes without changing the version number of the libraries, so that these problems cannot be found be revdep-rebuild. |
|
Back to top |
|
|
Dragonlord Guru
Joined: 22 Aug 2004 Posts: 446 Location: Switzerland
|
Posted: Sun Nov 07, 2010 1:29 pm Post subject: |
|
|
I did that, but will try it again. Also why should it fail only on "this" server? I have a SSL SVN running myself without any problems. But let's see... _________________ DragonDreams: Leader and Head Programmer |
|
Back to top |
|
|
Dragonlord Guru
Joined: 22 Aug 2004 Posts: 446 Location: Switzerland
|
Posted: Sun Nov 07, 2010 3:10 pm Post subject: |
|
|
Did what you said, same problem:
Code: | # layman -a pentoo
* Running... # /usr/bin/svn co https://www.pentoo.ch/svn/portage/trunk//@ /var/lib/layman/pentoo
svn: OPTIONS of 'https://www.pentoo.ch/svn/portage/trunk': SSL handshake failed: SSL error: A TLS warning alert has been received. (https://www.pentoo.ch)
* Deleting _empty_ directory "/var/lib/layman/pentoo"
* Failed to add overlay "pentoo".
* Error was: Adding overlay "pentoo" failed! |
_________________ DragonDreams: Leader and Head Programmer |
|
Back to top |
|
|
mv Watchman
Joined: 20 Apr 2005 Posts: 6747
|
Posted: Sun Nov 07, 2010 3:53 pm Post subject: |
|
|
Then perhaps it is a problem of that server. Perhaps on the server openssl was updated without reemerging subversion... |
|
Back to top |
|
|
Dragonlord Guru
Joined: 22 Aug 2004 Posts: 446 Location: Switzerland
|
Posted: Sun Nov 07, 2010 9:30 pm Post subject: |
|
|
Is Grimmlin connected to Pentoo or is he just a user? _________________ DragonDreams: Leader and Head Programmer |
|
Back to top |
|
|
idella4 Retired Dev
Joined: 09 Jun 2006 Posts: 1600 Location: Australia, Perth
|
Posted: Mon Nov 08, 2010 10:29 am Post subject: |
|
|
ssuominen wrote: |
# revdep-rebuild --library libcrypto.so.0.9.8
# revdep-rebuild --library libssl.so.0.9.8
( add net-libs/neon to /etc/portage/package.keywords )
# emerge ">=net-libs/neon-0.29.5"
|
I attempted layman -a pentoo and got your error.
I just followed as above, emerged neon as above and then the pentoo overlay went straight in.
Code: |
idella@genny /mnt/gentoo $ layman -a pentoo
A /var/lib/layman/pentoo/app-misc/ovaldi/Manifest
A /var/lib/layman/pentoo/app-misc/ovaldi/ovaldi-5.8.1-r100.ebuild
A /var/lib/layman/pentoo/app-misc/ovaldi/ovaldi-5.8.2.ebuild
A /var/lib/layman/pentoo/eclass
A /var/lib/layman/pentoo/eclass/mozextension-2.eclass
Checked out revision 1889.
* Successfully added overlay "pentoo".
|
To clarify, have you done this? _________________ idella4@aus |
|
Back to top |
|
|
mv Watchman
Joined: 20 Apr 2005 Posts: 6747
|
Posted: Mon Nov 08, 2010 10:34 am Post subject: |
|
|
Just now I have also run into a problem with subversion after the serf update (I was using webdav-serf): Most things work correctly, but for an external copy operation, I received reproducable (and after reemerging serf and subversion several times with several CFLAGS) an internal error that subversion cannot get the context. (I did not try with the downgraded serf or with neon.) So perhaps, the new version of serf has broken something... |
|
Back to top |
|
|
chias Tux's lil' helper
Joined: 06 Nov 2009 Posts: 77 Location: everywhere
|
Posted: Fri Nov 12, 2010 2:35 am Post subject: |
|
|
I was having the identical problem as OP. However, following the instructions by ssuominen and quoted by idella4 solved the problem. Thank you! |
|
Back to top |
|
|
Grimmlin n00b
Joined: 15 Mar 2005 Posts: 32
|
Posted: Fri Nov 12, 2010 8:39 am Post subject: |
|
|
Dragonlord wrote: | Is Grimmlin connected to Pentoo or is he just a user? |
Yes, I'm a pentoo developer.
For the record, this is only happening when having USE="gnutls" set:
Code: |
pentoo ~ # USE="gnutls" emerge --quiet '<neon-0.29.5'
>>> Verifying ebuild manifests
>>> Emerging (1 of 1) net-libs/neon-0.29.3
>>> Installing (1 of 1) net-libs/neon-0.29.3
pentoo ~ # svn update /var/svn/pentoo/
svn: OPTIONS of 'https://www.pentoo.ch/svn': SSL handshake failed: SSL error: A TLS warning alert has been received. (https://www.pentoo.ch)
pentoo ~ # USE="-gnutls" emerge --quiet '<neon-0.29.5'
>>> Verifying ebuild manifests
>>> Emerging (1 of 1) net-libs/neon-0.29.3
>>> Installing (1 of 1) net-libs/neon-0.29.3
pentoo ~ # !svn
svn update /var/svn/pentoo/
At revision 1893.
pentoo ~ #
|
Also going on neon's website http://www.webdav.org/neon/:
Quote: |
Changes in release neon 0.29.5, 14 October 2010 (PGP signature)
* Fix GnuTLS handshakes failures with 'TLS warning alert' (Bryan Cain)
* Further fix for SSPI support on Win32 (Danil Shopyrin) |
_________________ http://www.pentoo.ch |
|
Back to top |
|
|
Dragonlord Guru
Joined: 22 Aug 2004 Posts: 446 Location: Switzerland
|
Posted: Fri Nov 12, 2010 4:56 pm Post subject: |
|
|
So what does this mean now? It's not working so something is wrong somewhere and I doubt it's on my end if it works not with one server but others. _________________ DragonDreams: Leader and Head Programmer |
|
Back to top |
|
|
Grimmlin n00b
Joined: 15 Mar 2005 Posts: 32
|
Posted: Fri Nov 12, 2010 11:04 pm Post subject: |
|
|
What aren't you understanding?
/var/svn/pentoo is a checkout from https://www.pentoo.ch/svn/, it's the same server both times.
It's a neon/gnutls bug. Either re-emerge neon without gnutls or upgrade to a fixed version.
Go to their website and read it by yourself if you don't believe me. _________________ http://www.pentoo.ch |
|
Back to top |
|
|
Dragonlord Guru
Joined: 22 Aug 2004 Posts: 446 Location: Switzerland
|
Posted: Sat Nov 13, 2010 1:08 pm Post subject: |
|
|
That's not the problem. If I have >1 servers which such an SSL access (including mine at home and the office) and only "one" such server has a problem (with all other servers updated regularly), then to my understanding something is wrong with this "one" server not the "client" trying to connect. I did ALL that has been suggested in and it did NOT change the error. Unless you have another solution for a potential "client side error" I start to doubt a lot it's a client side error. Don't get me wrong, I'm not one looking for the error always in other places but the situation right now does not look to me like this would be the case. I'm also sure I'm not the only one but others might just have given up without voicing their problem. Problems unsolved now for me are future system breakage which is why I tend to solve problems instead of ignoring them otherwise they suddenly come back biting you hard (been there done that, no need for that again). _________________ DragonDreams: Leader and Head Programmer |
|
Back to top |
|
|
lalebarde Guru
Joined: 03 Sep 2006 Posts: 464 Location: France, Haute-Garonne
|
Posted: Thu Jan 17, 2013 9:24 am Post subject: |
|
|
Sorry to re-open this old topic, but I have the same problem with more recent versions :
Code: | dev-libs/openssl Installed versions: 0.9.8x(0.9.8)(19:21:37 16/01/2013)(kerberos sse2 zlib -bindist -gmp -test) 1.0.0j(11:19:20 12/06/2012)(kerberos sse2 test zlib -bindist -gmp -rfc3779 -static-libs)
net-libs/neon Installed versions: 0.29.6-r2^t(10:57:54 17/01/2013)(kerberos linguas_fr nls ssl zlib -doc -expat -gnutls -libproxy -linguas_cs -linguas_de -linguas_ja -linguas_nn -linguas_pl -linguas_ru -linguas_tr -linguas_zh_CN -pkcs11 -static-libs)
net-libs/serf Installed versions: 1.1.1(1)(10:57:43 17/01/2013)(-static-libs)
dev-vcs/subversion Installed versions: 1.7.7(11:01:41 17/01/2013)(apache2 berkdb dso nls webdav-neon -ctypes-python -debug -doc -elibc_FreeBSD -extras -gnome-keyring -java -kde -perl -python -ruby -sasl -vim-syntax -webdav-serf) |
I updated/re-emerged in the order specified in this thread. Still :
Code: | # layman -a pentoo
* Running... # /usr/bin/svn co https://www.pentoo.ch/svn/portage/trunk//@ /usr/local/portage/layman/pentoo
svn: E175002: Unable to connect to a repository at URL 'https://www.pentoo.ch/svn/portage/trunk'
svn: E175002: The OPTIONS request returned invalid XML in the response: XML parse error at line 1: Extra content at the end of the document
(https://www.pentoo.ch/svn/portage/trunk)
* Deleting _empty_ directory "/usr/local/portage/layman/pentoo"
* Failed to add overlay "pentoo".
* Error was: Adding overlay "pentoo" failed! |
I also updated
Code: | dev-libs/cyrus-sasl Installed versions: 2.1.25-r3(2)(11:28:38 17/01/2013)(berkdb gdbm kerberos mysql pam ssl -authdaemond -elibc_FreeBSD -java -ldapdb -openldap -postgres -sample -sqlite -srp -static-libs -urandom)
|
with no more success.
Any idea please ? |
|
Back to top |
|
|
|