SSL Handshake Failure in 1.6.12, SSLv2 vs. TLSv1

[Thompson, Michael]

SVN was working fine until I upgraded to V1.6.12. After the upgrade an SVN Update gets the error "handshake failed: An existing connection was forcibly closed by the remote host.". After lots of experimentation I found that the repo-browser would work with the URL "https://svn.domain.com" but would not work with the URL "https://192.168.0.1". The command nslookup shows that the IP address for svn.domain.com is 192.168.0.1. The .svn/entries files all have the URL "https://192.168.0.1". If I change the URL in the .svn/entries file to "https://svn.domain.com" SVN Update works OK. I watched the communication with SVN server with WireShark and found that TLSv1 authentication is used with the URL "https://svn.domain.com" and SSLv2 authentication is used with the URL "https://192.168.0.1".

How can I get this to work again without editing hundreds of ./svn/entries files?

The server is running SVN V1.4.6.

Michael Thompson

------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2696533

To unsubscribe from this discussion, e-mail: [users-un...@tortoisesvn.tigris.org].

[Andreas Stieger]

Hi,

On Friday 07 Jan 2011 20:54:14 you wrote:
> Update gets the error "handshake failed: An existing connection was
> forcibly closed by the remote host.". After lots of experimentation I
> found that the repo-browser would work with the URL
> "https://svn.domain.com" but would not work with the URL
> "https://192.168.0.1". The command nslookup shows that the IP address for
> svn.domain.com is 192.168.0.1. The .svn/entries files all have the URL
> "https://192.168.0.1". If I change the URL in the .svn/entries file to
> "https://svn.domain.com" SVN Update works OK. I watched the communication
> with SVN server with WireShark and found that TLSv1 authentication is used
> with the URL "https://svn.domain.com" and SSLv2 authentication is used
> with the URL "https://192.168.0.1".
>
> How can I get this to work again without editing hundreds of ./svn/entries
> files?

svn switch --relocate \
https://192.168.0.1/svn/foo \
https://svn.example.com/svn/bar

with kind regards,
Andreas Stieger

------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2696538

[Thompson, Michael]

> How can I get this to work again without editing hundreds of ./svn/entries
> files?

svn switch --relocate \
https://192.168.0.1/svn/foo \
https://svn.example.com/svn/bar

with kind regards,
Andreas Stieger

------------------------------------------------------

Unfortunately I am using Windows XP.

Can you recommend a command line SVN for Windows XP?

------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2696539

[Andreas Stieger]

On Friday 07 Jan 2011 21:42:09 Thompson, Michael wrote:
> Can you recommend a command line SVN for Windows XP?

http://subversion.apache.org/packages.html#windows

With kind regards,
Andreas Stieger

------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2696541

[Andreas Stieger]

On Friday 07 Jan 2011 21:33:29 Andreas Stieger wrote:

> On Friday 07 Jan 2011 20:54:14 Thompson, Michael wrote:
> > Update gets the error "handshake failed: An existing connection was
> > forcibly closed by the remote host.". After lots of experimentation I
> > found that the repo-browser would work with the URL
> > "https://svn.domain.com" but would not work with the URL
> > "https://192.168.0.1". The command nslookup shows that the IP address for
> > svn.domain.com is 192.168.0.1. The .svn/entries files all have the URL
> > "https://192.168.0.1". If I change the URL in the .svn/entries file to
> > "https://svn.domain.com" SVN Update works OK. I watched the communication
> > with SVN server with WireShark and found that TLSv1 authentication is
> > used with the URL "https://svn.domain.com" and SSLv2 authentication is
> > used with the URL "https://192.168.0.1".
> >
> > How can I get this to work again without editing hundreds of
> > ./svn/entries files?
>
> svn switch --relocate \
> https://192.168.0.1/svn/foo \
> https://svn.example.com/svn/bar

This is also supported by TortoiseSVN and TortoiseProc as well. So the answer
is: Use the "relocate" functionality of whichever subversion client
implementation you happen to have.
http://tortoisesvn.net/docs/release/TortoiseSVN_en/tsvn-dug-relocate.html
http://tortoisesvn.net/docs/release/TortoiseSVN_en/tsvn-automation.html

With kind regards,
Andreas Stieger

------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2696542

[Thompson, Michael]

> > How can I get this to work again without editing hundreds of
> > ./svn/entries files?
>
> svn switch --relocate \
> https://192.168.0.1/svn/foo \
> https://svn.example.com/svn/bar

This is also supported by TortoiseSVN and TortoiseProc as well. So the answer
is: Use the "relocate" functionality of whichever subversion client
implementation you happen to have.
http://tortoisesvn.net/docs/release/TortoiseSVN_en/tsvn-dug-relocate.html
http://tortoisesvn.net/docs/release/TortoiseSVN_en/tsvn-automation.html

Thanks, that works great!

Any idea why one URL is using TLSv1 authentication and the other is using SSLv2?

------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2696544