Tag search

Subversion server is down

The subversion server is down. There is a problem with mod_gnutls that causes Apache to use 100% CPU and never finish any request. It started around 5 AM this morning (European time) and nothing I do seems to work.

#apache on irc.freenode.net isn'table to help either, so I am forced to take the SSL domains on the server offline while I investigate this issue.

I am getting really, really fed up with mod_gnutls. It is causing way more trouble that it's worth. Unfortunately it's the only way to have multiple SSL virtual hosts with just one IP address. The server that hosts subversion also hosts a few other websites which require SSL to work.

I will try to get the server back online as soon as possible.

Update 12:22h: The Subversion server is back. It turns out that there is a bug in libdb which causes gnutls to lock up when trying to write session cache data in some rare circumstances. I tried replacing libdb with memcached but unfortunately gnutls is built without memcached support on Debian Lenny.

Subversion upgraded to GnuTLS

Our Subversion server has been upgraded to use mod_gnutls instead of mod_ssl for SSL/TLS encryption. GnuTLS supports Server Name Indication (SNI) which means we can run multiple virtual hosts with SSL/TLS enabled on the same IP address and port.

Unfortunately for you this means that you cannot access our Subversion repository anymore if you use a client that does not support SNI. The standard subversion client as well as all major browsers support SNI these days. The only notable exception is Microsoft Internet Explorer 6 on Windows XP. So, if you use IE6 then you can no longer browse our repositories directly. Use the ViewVC interface instead.