# [Resolved] Unable to browse subversion repository

## eric__1234

Hello,

I recently upgraded Apache and since then itś not possible to browse my subversion repository online though itś still possible to do an svn checkout at the command line.

In file /etc/apache2/modules.d/47_mod_dav_svn.conf I have

        <Location /svn>

                DAV svn

                SVNParentPath /var/svn/repos

                SVNListParentPath on

                AuthType Basic

                AuthName "Subversion repository"

                AuthUserFile /var/svn/conf/svnusers

                Require valid-user

                AuthzSVNAccessFile /var/svn/conf/svnpolicy

                SSLRequireSSL 

        </Location>

If I disable SSL, by commenting out all but the DAV/SVNParentPath lines above, then itś possible to browse the repository online.  With the lines uncommented, when you try to browse the repository, it prompts you for your username and password (which I set up on the server with htpasswd2), then the browser (Firefox) shows the error message

www.mydomain.tld has sent an incorrect or unexpected message.  Error Code: -12263

Here is the error message that appears in the Apache log file:

    [client ip address] - - [09/Oct/2007:21:32:50 +0000] "\x16\x03\x01" 501 281

What am I doing wrong?

Thanks,

EricLast edited by eric__1234 on Wed Oct 10, 2007 4:02 pm; edited 1 time in total

----------

## gerdesj

 *eric__1234 wrote:*   

> Hello,
> 
> I recently upgraded Apache and since then itś not possible to browse my subversion repository online though itś still possible to do an svn checkout at the command line.
> 
> ...
> ...

 

Not reporting what the versions of the software you have!

Apache

SVN

SVN Client

Cheers

Jon

----------

## eric__1234

Hi Jon,

Many thanks for getting back to me, your help is much appreciated.

 *gerdesj wrote:*   

>  *eric__1234 wrote:*   Hello,
> 
> I recently upgraded Apache and since then itś not possible to browse my subversion repository online though itś still possible to do an svn checkout at the command line.
> 
> ...
> ...

 

Apache

version 2.2.6

SVN

version 1.3.2

SVN Client

? The problem in question occurs when I attempt to browse the repository online with a web browser.  In that case there is no SVN client in use.

As mentioned in my original post, normal svn checkout/checkin works fine.  I have tested this both at the Linux command line and on Windows using TortoiseSVN.

Visiting the svn URL with a web browser used to work, now it fails.  The error message described in my original post was displayed by Firefox version 2.0.0.4.  If I visit the same URL with IE version 6.0.2900.2180.xpsp.050329-1536, the error message is "The page cannot be displayed."

Regards,

Eric

----------

## gerdesj

I've just done a quick check on my SVN system.

apache-2.2.6

subversion-1.3.2-r4

So near enough the same as you and mine works - that's handy!

In my case I use LDAP to authenticate and the whole virtual server is only accessible via SSL.

Some ideas:

Could you check your /etc/conf.d/apache2:

APACHE_OPTS -D DAV -D SVN -D SVN_AUTHZ  

Let's eliminate/implicate SVN: Create a test area on your web server, verify browsing through http and then https.  Then add in an authuserfile.  Does that work?

Cheers

Jon

----------

## eric__1234

 *gerdesj wrote:*   

> Some ideas:
> 
> Could you check your /etc/conf.d/apache2:
> 
> APACHE_OPTS -D DAV -D SVN -D SVN_AUTHZ  
> ...

 

Here's what I have:

```
APACHE2_OPTS="-D DEFAULT_VHOST -D SVN -D SVN_AUTHZ -D DAV -D DAV_FS -D SSL -D SSL_DEFAULT_VHOST -D PHP5 -D MAILMAN"
```

 *gerdesj wrote:*   

> Let's eliminate/implicate SVN: Create a test area on your web server, verify browsing through http and then https.  Then add in an authuserfile.  Does that work?

 

Yes, that's already in place.  In file

```
  /etc/apache2/vhosts.d/default_vhost.include
```

I have e.g.

```
  <Directory "/var/www/localhost/htdocs/foo">

     AuthType Basic

     AuthName "Restricted Files"

     #AuthUserFile /usr/local/apache/passwd/passwords

     AuthUserFile /var/svn/conf/svnusers

     Require valid-user

    </Directory>
```

And when I go to http://www.mydomain.tld/foo/ the browser authenticates me as expected then displays the page.  If I preface the URL with "https" instead of "http", the browser displays a message about a certificate, then authenticates me as before.

You asked to see it with/without an authuserfile, so I comment out the entire <Directory>...</Directory> stanza above, then I am able to visit...

```
    http://www.mydomain.tld/foo/

    https://www.mydomain.tld/foo/
```

...without authentication.

----------

## gerdesj

HTTP error 501 is "Not implemented".  I'm having a think about that.

Cheers

Jon

----------

## eric__1234

OK here's something weird.  From my Linux machine, where I'm running Firefox 1.5.0.12, it works after an initial glitch.  From Windows it always fails, using the Firefox and IE versions mentioned previously.

From Firefox on Linux I visit (where abc is the name of my repository):

https://www.mydomain.tld/svn/abc

The browser displays the message about a certificate, then prompts me for my credentials.  At this point on Windows the browser displays the popup with the "Error Code: -12263" but here on Linux the browser address bar changes to

https://www.mydomain.tld:80/svn/abc/

And the browser window displays the following error message:

The connection was interrupted

The connection to www.mydomain.tld:80 was interrupted while the page was loading.

The same error message as before is written to the Apache log file:

[client ip address] - - [10/Oct/2007:15:38:56 +0000] "\x80g\x01\x03" 501 282

Then I go to the address bar and delete the :80 to get back to the original URL, and voila my repository appears and I can browse it online just as I was able to do before my upgrade.

Regards,

EricLast edited by eric__1234 on Wed Oct 10, 2007 4:00 pm; edited 1 time in total

----------

## eric__1234

At the moment of the unsuccessful request, here are the log messages I get:

In access_log:

[client ip address] - - [10/Oct/2007:17:11:24 +0000] "\x16\x03\x01" 501 281

In error_log:

[Wed Oct 10 17:11:24 2007] [error] [client ip address] Invalid method in request \x16\x03\x01

In ssl_error_log

[Wed Oct 10 17:11:24 2007] [error] [client ip address] Could not fetch resource information.  [301, #0]

[Wed Oct 10 17:11:24 2007] [error] [client ip address] (2)No such file or directory: Requests for a collection must have a trailing slash on the URI.  [301, #0]

I get the following log messages when Apache starts:

In error_log:

[Wed Oct 10 16:39:51 2007] [warn] Init: (www.mydomain.tld:80) You configured HTTPS(443) on the standard HTTP(80) port!

In ssl_error_log:

[Wed Oct 10 16:39:51 2007] [warn] RSA server certificate CommonName (CN) `localhost' does NOT match server name!?

Regards,

Eric

----------

## eric__1234

OK I think I figured it out.  I had a bookmark to...

https://www.mydomain.tld/svn/abc

...without the trailing slash.  That bookmark was working up until my latest "emerge", which updated I-don't-know-what.  Since the emerge, if I omit the trailing slash I get the behavior described previously, if I add the trailing slash it seems to work again.

Jon thanks again for your help, I owe you a beer.

Should I be worried about that log message "You configured HTTPS(443) on the standard HTTP(80) port!" ?  I haven't knowingly configured anything at all, I'm just using the config files out of the box.

Thanks,

Eric

----------

## gerdesj

 *eric__1234 wrote:*   

> OK I think I figured it out.  I had a bookmark to...
> 
> https://www.mydomain.tld/svn/abc
> 
> ...without the trailing slash.  That bookmark was working up until my latest "emerge", which updated I-don't-know-what.  Since the emerge, if I omit the trailing slash I get the behavior described previously, if I add the trailing slash it seems to work again.
> ...

 

Glad to hear you are sorted at last - it's so often trivia that gets in the way!

It does sound a little weird that you are getting that error.  You probably need to move the config for your SVN repo to your :443 virtual server.  The requiressl is probably causing https over port 80 to happen.

If the SVN stuff is only listening on the SSL VS then that can't happen.

As for a beer, if you ever happen to be in Somerset ...

Cheers

Jon

----------

