There are two possible solutions to this issue for users.
Anchor | ||||
---|---|---|---|---|
|
Recompile the subversion client
This script may serve as a starting point if you decide to recompile the subversion clients. It works on Ubuntu 9.04.
Code Block |
---|
#!/bin/sh echo "This script will reconfigure subversion to work with certs correctly." echo "Steps outlined by dcrooke and compiled into this script by Kalosaurusrex" echo "Please see the ubuntuforums.org thread for more information, questions or help." echo "http://ubuntuforums.org/showthread.php?p=6057983" echo "" echo "" echo "Please run this script as USER ONLY." echo "" echo "Press control-c to quit..else the script will start in 5 seconds." sleep 5 sudo apt-get update sudo apt-get install build-essential openssl ssh expat libexpat1-dev libxyssl-dev libssl-dev sudo apt-get remove subversion sudo dpkg --purge subversion wget http://subversion.tigris.org/downloads/subversion-1.6.12.tar.gz wget http://subversion.tigris.org/downloads/subversion-deps-1.6.12.tar.gz tar xvfz subversion-1.6.12.tar.gz tar xvfz subversion-deps-1.6.12.tar.gz cd subversion-1.6.12/neon/ ./configure --prefix=/usr/local --with-ssl --with-pic make sudo make install cd .. rm -rf neon ./configure --prefix=/usr/local --with-ssl --with-neon=/usr/local make sudo make install cd .. rm -rf subversion-1.6.12 rm subversion-1.6.12.tar.gz rm subversion-deps-1.6.12.tar.gz exit 0 |
Warning | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
This procedure does not appear to work under Ubuntu 10.04.
Install the Ubuntu openssl compiled Neon packageSince subversion encapsulates the SSL/encryption routines fully within the Neon package, by replacing this package it is possible trick subversion into using openssl without the need to recompile the subversion client. However, depending on how you implement this solution, you may effect all other Neon compiled packages on the system. Ubuntu has two versions of Neon available.
First you need to install the openssl version of Neon, assuming that it doesn't already exist on your system.
Then you need to set a special environment variable called LD_PRELOAD to point to the openssl compiled version of Neon.
Now when you try to execute anything compiled against the Neon library, the openssl version will be used. |
Credits
I would like to thank Professor Rixner and his graduate students who were instrumental in the testing of this problem and for coming up with these solutions.