(n244517-f17fc5439f5) svn stuck forever in /usr/ports?
John Baldwin
jhb at FreeBSD.org
Wed Feb 3 16:02:05 UTC 2021
On 2/2/21 10:16 PM, Hartmann, O. wrote:
> On Mon, 1 Feb 2021 03:24:45 +0000
> Rick Macklem <rmacklem at uoguelph.ca> wrote:
>
>> Rick Macklem wrote:
>>> Guido Falsi wrote:
>>> [good stuff snipped]
>>>> Performed a full bisect. Tracked it down to commit aa906e2a4957, adding
>>>> KTLS support to embedded OpenSSL.
>>>>
>>>> I filed a bug report about this:
>>>>
>>>> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253135
>>>>
>>>>
>>>> Apart from switching to svn:// scheme, another workaround is to build
>>>> base using WITHOUT_OPENSSL_KTLS.
>>> Just fyi, when I tested the daemons I have for nfs-over-tls (which use ktls),
>>> they acted like things were ok (no handshake problems), but the data
>>> ended up on the wire unencrypted (nfs-over-tls doesn't do a SSL_write(),
>>> so it depends on ktls to do the encryption).
>>>
>>> Since these daemons work fine with openssl3 in ports/security/openssl-devel,
>>> I suspect the ktls backport is not quite right. I've sent jhb@ email.
>> I was wrong on the above. I did a full buildworld/installworld and the daemons
>> now seem to work with the openssl in head/main.
>>
>> Btw, did anyone try rebuilding svn from sources after doing
>> the system upgrade?
>> (The openssl library calls and .h files definitely changed.)
>
> Yes, I did, on all boxes and its a pain in the a..., we had to rebuild EVERY port (at
> least, I did, to avoid further problem). Yesterday, on of our fastes boxes got ready and
> even with a full rebuild of the system AND a full rebuild of the ports (no poudriere,
> traditional way via make), the Apache 2.4 webservice doesn't work, and so does subversion
> not (Firefox reports problems with SSL handshake, subversion is stuck/frozen forever).
> I will run today another full world build today, hopefully finishing on friday (portmaster
> -dfR doesn't get everything in line on some ports, I assume).
>
> oh
I tracked the subversion hang down to a bug in serf (an Apache library used by
subversion). It would also affect any other software using serf. The serf in
ports will also have to be patched.
--
John Baldwin
More information about the freebsd-current
mailing list