From owner-freebsd-current@freebsd.org  Wed Feb  3 16:34:29 2021
Return-Path: <owner-freebsd-current@freebsd.org>
Delivered-To: freebsd-current@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 74F1F53C1D3
 for <freebsd-current@mailman.nyi.freebsd.org>;
 Wed,  3 Feb 2021 16:34:29 +0000 (UTC)
 (envelope-from mad@madpilot.net)
Received: from mail.madpilot.net (vogon.madpilot.net [159.69.1.99])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 4DW6hj1fllz4rFX;
 Wed,  3 Feb 2021 16:34:28 +0000 (UTC)
 (envelope-from mad@madpilot.net)
Received: from mail (mail [192.168.254.3])
 by mail.madpilot.net (Postfix) with ESMTP id 4DW6hg1Z9qz6dQR;
 Wed,  3 Feb 2021 17:34:27 +0100 (CET)
Received: from mail.madpilot.net ([192.168.254.3])
 by mail (mail.madpilot.net [192.168.254.3]) (amavisd-new, port 10026)
 with ESMTP id VCf_qEvjQezM; Wed,  3 Feb 2021 17:34:24 +0100 (CET)
Subject: Re: (n244517-f17fc5439f5) svn stuck forever in /usr/ports?
To: John Baldwin <jhb@FreeBSD.org>, "Hartmann, O." <ohartmann@walstatt.org>,
 Rick Macklem <rmacklem@uoguelph.ca>
Cc: FreeBSD CURRENT <freebsd-current@freebsd.org>,
 "junchoon@dec.sakura.ne.jp" <junchoon@dec.sakura.ne.jp>
References: <20210130073923.0b2a80c1@hermann.fritz.box>
 <20210130192520.e7cf7f680c0abd31b0771107@dec.sakura.ne.jp>
 <18e15d74-d95b-76b7-59a4-64a8f338ba73@madpilot.net>
 <a5e18e3b-181c-c094-b98c-7e233cdac972@madpilot.net>
 <20210131103510.30d9a322@hermann.fritz.box>
 <86a368dc-f118-79fb-2ed8-af461041198a@madpilot.net>
 <YQXPR0101MB0968D09A38D0A8E244D8C2C6DDB79@YQXPR0101MB0968.CANPRD01.PROD.OUTLOOK.COM>
 <YQXPR0101MB09685FEFF739DDD3BB1E957EDDB69@YQXPR0101MB0968.CANPRD01.PROD.OUTLOOK.COM>
 <20210203071608.1c2118b6@hermann.fritz.box>
 <fe30c41c-1e79-d814-1567-e61e3881641b@FreeBSD.org>
From: Guido Falsi <mad@madpilot.net>
Message-ID: <0b93d9bb-a0be-e37f-ae94-d4e31f74491d@madpilot.net>
Date: Wed, 3 Feb 2021 17:34:24 +0100
In-Reply-To: <fe30c41c-1e79-d814-1567-e61e3881641b@FreeBSD.org>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: 4DW6hj1fllz4rFX
X-Spamd-Bar: ----
X-Spamd-Result: default: False [-4.00 / 15.00];
	 REPLY(-4.00)[]
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
 <freebsd-current.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current/>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Feb 2021 16:34:29 -0000

On 03/02/21 17:02, John Baldwin wrote:
> On 2/2/21 10:16 PM, Hartmann, O. wrote:
>> On Mon, 1 Feb 2021 03:24:45 +0000
>> Rick Macklem <rmacklem@uoguelph.ca> wrote:
>>
>>> Rick Macklem wrote:
>>>> Guido Falsi wrote:
>>>> [good stuff snipped]
>>>>> Performed a full bisect. Tracked it down to commit aa906e2a4957, 
>>>>> adding
>>>>> KTLS support to embedded OpenSSL.
>>>>>
>>>>> I filed a bug report about this:
>>>>>
>>>>> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253135
>>>>>
>>>>>
>>>>> Apart from switching to svn:// scheme, another workaround is to build
>>>>> base using WITHOUT_OPENSSL_KTLS.
>>>> Just fyi, when I tested the daemons I have for nfs-over-tls (which 
>>>> use ktls),
>>>> they acted like things were ok (no handshake problems), but the data
>>>> ended up on the wire unencrypted (nfs-over-tls doesn't do a 
>>>> SSL_write(),
>>>> so it depends on ktls to do the encryption).
>>>>
>>>> Since these daemons work fine with openssl3 in 
>>>> ports/security/openssl-devel,
>>>> I suspect the ktls backport is not quite right. I've sent jhb@ email.
>>> I was wrong on the above. I did a full buildworld/installworld and 
>>> the daemons
>>> now seem to work with the openssl in head/main.
>>>
>>> Btw, did anyone try rebuilding svn from sources after doing
>>> the system upgrade?
>>> (The openssl library calls and .h files definitely changed.)
>>
>> Yes, I did, on all boxes and its a pain in the a..., we had to rebuild 
>> EVERY port (at
>> least, I did, to avoid further problem). Yesterday, on of our fastes 
>> boxes got ready and
>> even with a full rebuild of the system AND a full rebuild of the ports 
>> (no poudriere,
>> traditional way via make), the Apache 2.4 webservice doesn't work, and 
>> so does subversion
>> not (Firefox reports problems with SSL handshake, subversion is 
>> stuck/frozen forever).
>> I will run today another full world build today, hopefully finishing 
>> on friday (portmaster
>> -dfR doesn't get everything in line on some ports, I assume).
>>
>> oh
> 
> I tracked the subversion hang down to a bug in serf (an Apache library 
> used by
> subversion).  It would also affect any other software using serf.  The 
> serf in
> ports will also have to be patched.
> 

I submitted your patch as a bug report to the serf port:

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253214

-- 
Guido Falsi <mad@madpilot.net>