Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-10683

SVN authentication fails when using https with broken SSL certificate

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Cannot Reproduce
    • Icon: Major Major
    • subversion-plugin
    • None
    • RHEL 5 64bit

      issue:
      When defining a subversion repository url that uses https with username/password authentication, in case the repository is using a bad ssl certificate (im my case expired certificate) i get the following error :

      Error

FAILED: org.tmatesoft.svn.core.SVNErrorMessage: svn: OPTIONS /svn/oqa/frm/trunk failed
org.tmatesoft.svn.core.SVNException: svn: OPTIONS /svn/ORCA/frm/trunk failed
	at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.request(HTTPConnection.java:291)
	at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.request(HTTPConnection.java:276)
	at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.request(HTTPConnection.java:264)
	at org.tmatesoft.svn.core.internal.io.dav.DAVConnection.exchangeCapabilities(DAVConnection.java:516)
	at org.tmatesoft.svn.core.internal.io.dav.DAVConnection.open(DAVConnection.java:98)
	at org.tmatesoft.svn.core.internal.io.dav.DAVRepository.openConnection(DAVRepository.java:1001)
	at org.tmatesoft.svn.core.internal.io.dav.DAVRepository.testConnection(DAVRepository.java:97)
	at hudson.scm.SubversionSCM$DescriptorImpl.postCredential(SubversionSCM.java:1790)
	at hudson.scm.SubversionSCM$DescriptorImpl.doPostCredential(SubversionSCM.java:1735)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
	at java.lang.reflect.Method.invoke(Unknown Source)
	at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:282)
	at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:149)
	at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:88)
	at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:104)
	at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53)
	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:561)
	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:646)
	at org.kohsuke.stapler.MetaClass$6.doDispatch(MetaClass.java:234)
	at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53)
	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:561)
	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:646)
	at org.kohsuke.stapler.MetaClass$6.doDispatch(MetaClass.java:234)
	at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53)
	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:561)
	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:646)
	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:477)
	at org.kohsuke.stapler.Stapler.service(Stapler.java:159)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:45)
	at winstone.ServletConfiguration.execute(ServletConfiguration.java:249)
	at winstone.RequestDispatcher.forward(RequestDispatcher.java:335)
	at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:378)
	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:94)
	at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:86)
	at winstone.FilterConfiguration.execute(FilterConfiguration.java:195)
	at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:368)
	at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:47)
	at winstone.FilterConfiguration.execute(FilterConfiguration.java:195)
	at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:368)
	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
	at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
	at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164)
	at winstone.FilterConfiguration.execute(FilterConfiguration.java:195)
	at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:368)
	at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81)
	at winstone.FilterConfiguration.execute(FilterConfiguration.java:195)
	at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:368)
	at winstone.RequestDispatcher.forward(RequestDispatcher.java:333)
	at winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:244)
	at winstone.RequestHandlerThread.run(RequestHandlerThread.java:150)
	at java.lang.Thread.run(Unknown Source)
Caused by: org.tmatesoft.svn.core.SVNErrorMessage: svn: OPTIONS /svn/oqa/frm/trunk failed
	at org.tmatesoft.svn.core.SVNErrorMessage.create(SVNErrorMessage.java:200)
	at org.tmatesoft.svn.core.SVNErrorMessage.create(SVNErrorMessage.java:146)
	at org.tmatesoft.svn.core.SVNErrorMessage.create(SVNErrorMessage.java:89)
	... 53 more
Caused by: org.tmatesoft.svn.core.SVNException: svn: OPTIONS request failed on '/svn/oqa/frm/trunk'
svn: OPTIONS of /svn/oqa/frm/trunk: 500 Internal Server Error (https://vo-svn.viaccess.fr)
	at org.tmatesoft.svn.core.internal.wc.SVNErrorManager.error(SVNErrorManager.java:64)
	at org.tmatesoft.svn.core.internal.wc.SVNErrorManager.error(SVNErrorManager.java:51)
	at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection._request(HTTPConnection.java:644)
	at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.request(HTTPConnection.java:285)
	... 52 more
Caused by: org.tmatesoft.svn.core.SVNErrorMessage: svn: OPTIONS request failed on '/svn/oqa/frm/trunk'
	at org.tmatesoft.svn.core.SVNErrorMessage.create(SVNErrorMessage.java:200)
	at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection._request(HTTPConnection.java:642)
	... 53 more
Caused by: org.tmatesoft.svn.core.SVNErrorMessage: svn: OPTIONS of /svn/oqa/frm/trunk: 500 Internal Server Error (https://myserver.com)
	at org.tmatesoft.svn.core.SVNErrorMessage.create(SVNErrorMessage.java:200)
	at org.tmatesoft.svn.core.SVNErrorMessage.create(SVNErrorMessage.java:181)
	at org.tmatesoft.svn.core.SVNErrorMessage.create(SVNErrorMessage.java:133)
	at org.tmatesoft.svn.core.internal.io.dav.http.HTTPRequest.createDefaultErrorMessage(HTTPRequest.java:430)
	at org.tmatesoft.svn.core.internal.io.dav.http.HTTPRequest.readError(HTTPRequest.java:286)
	at org.tmatesoft.svn.core.internal.io.dav.http.HTTPRequest.dispatch(HTTPRequest.java:207)
	at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection._request(HTTPConnection.java:364)
	... 53 more

      expected behavior:
      jenkins should probably warn me about the site's bad certificate and ask me if i want to accept it anyway.

      workaround:
      what i did to overcome this is use the RHEL built in svn client on the jenkins machine to connect to the site. the svn client had no problem connecting and it placed the necessary keys in the .subversion dir that jenkins client also uses. it is also described here: https://software.sandia.gov/trac/fast/wiki/Hudson/FAQ

            Unassigned Unassigned
            miked michael d
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: