get svn command line client do with TSL 1.0 in buster?

If none of the more specific forums is the right place to ask

get svn command line client do with TSL 1.0 in buster?

Postby axkibe » 2019-07-23 14:19

Recently upgraded everything to buster. Now can no longer use an external svn server using https which seems to only use TSL 1.0.

I really know they shouldn't and I already wrote them an Email to pleeeeeease upgrade to TSL 1.2 but the server is outside my control and in case they don't reasonably soon (as within about 48 hours and it's holiday season) I'll need to figure out a way to get it working again from client side, with not so secure 1.0

I read that libssl has an option the client needs to invoke to enable TSL 1.2, but can't find in the subversion command line or options where.
axkibe
 
Posts: 11
Joined: 2013-11-28 07:28

Re: get svn command line client do with TSL 1.0 in buster?

Postby axkibe » 2019-07-23 18:58

Solved, I compiled a custom libserf with TSL forced to 1 and using LD_LIBRARY_PATH to override the default when connecting to that server. Oh well.
axkibe
 
Posts: 11
Joined: 2013-11-28 07:28

Re: get svn command line client do with TSL 1.0 in buster?

Postby axkibe » 2019-07-26 09:15

For the record changing "/etc/ssl/openssl.cnf"

MinProtocol = TLSv1.2

To

MinProtocol = TLSv1

works as well.

I find this funny, googling the problem and hitting on discussions about the drop of TLSv1 compatiblity it was explicitly mentioned a global systemwide switch was not desirable and each and every application should have one. Subversion at least the one packaged has none, but there is a global switch :)
axkibe
 
Posts: 11
Joined: 2013-11-28 07:28


Return to General Questions

Who is online

Users browsing this forum: No registered users and 10 guests

fashionable