How to fix SVN + Apache + SSL Breakage on OS X

If you use SVN on OSX with an SSL repository you may have run into SSL errors similar to this when doing complex operations like large diffs: SSL negotiation failed: SSL error: parse tlsext

This is caused by a bug in the libneon that is bundled with OS X — libneon is the WebDAV client used to negotiate with SVN.

There are two options to solve this:

  1. Upgrade the system libneon (bad idea, as OS X can overwrite it in any update)
  2. Compile SVN/Neon from scratch
  3. Wait for the binaries to be updated
  4. Switch to SVN+SSH

Of all of these, these most feasible it to compile SVN/Neon from scratch, but how to do it such that it doesn’t break anything, and co-exists nicely with your system.

Enter: Homebrew

Homebrew is a simple tool for compiling stuff from source without needing complex ebuilds, custom patches, etc. And it co-exists with the current OSX system — utilizing
in every case possible, the system libraries instead of doing everything from scratch like macports.

Install homebrew then do the following:

$ brew edit neon

Then change the neon version to 0.29.3 and remove the md5sum (it’ll bitch on install, but still work).

Then you should be able to just do:

$ brew install svn

Note: I installed 1.6.6, and it’s currently at 1.6.9, if 1.6.6 doesn’t work, follow the instructions above for neon, and switch to any version you like.

Next, you likely have a /usr/bin/svn (symlink? I didn’t check, perhaps it’s the xcode version?) just move that out of the way using:

$ sudo mv /usr/bin/svn /usr/bin/svn.bak

Finally, like me, you probably already have svn installed in /opt/subversion, go ahead and rename this directory, and check /opt/local/bin for another copy.

That should do it :)

– Davey