[gnutls-help] gnutls and libtasn1 causing SSL issues with SVN

Ben Mohamoodally bennyboysmith at gmail.com
Thu Jun 5 16:28:48 CEST 2014


Hello,

Linux machines (SL6.1 to 6.4) on my estate use GnuTLS to securely connect
to our SVN server.

However over the last two days I've noticed that an updated version of
gnutls was installed on a the Linux machines.

(/var/log/yum.log)

Jun 04 05:10:12 Updated: gnutls-2.8.5-14.el6_5.x86_64

The odd thing I noticed was that an additional package was also installed
for the first time from core-0 repo.

Jun 04 05:10:11 Updated: libtasn1-2.3-6.el6_5.x86_64

I am trying to understand the link between the two packages. I understand
that libtasn1 is a library suite that GnuTLS uses.

Since this update occurred, all Linux servers weren't able to connect to
the SVN server.

I was seeing the following error depending on the machine:

svn: OPTIONS of 'https://svn.xxxxxxx.co.uk/xxxxxx': SSL handshake failed,
client certificate was requested: SSL socket write failed (
https://svn.xxxxxx.co.uk)

Or

SSL handshake failed, client certificate was requested: SSL error: GnuTLS
internal error.

The only way to fix this was to run 'yum downgrade libtasn1' which removed
the package.

This resolved the issue and everything is OK again even with the
gnutls-2.8.5-14.el6_5.x86_64 left as is. i,e not downgrading gnutls!

My question is what part of libtasn1 would cause SSL connections to to svn
to break?
Second question is, is it ok to not have libtasn1 installed?

I appreciate any advice you can give.

Best Regards,

Ben
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20140605/3cbf7976/attachment.html>


More information about the Gnutls-help mailing list