[JIRA] (JENKINS-13763) subversion https-client authentication doesn't work with correct parameters
[ https://issues.jenkins-ci.org/browse/JENKINS-13763?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=162732#comment-162732 ] Marco Borm commented on JENKINS-13763: -- Ok, the mistake was a missing password character. So the workaround works also under linux, but: The error message was wrong again. "No credential to try" -> "found credentials wrong" > subversion https-client authentication doesn't work with correct parameters > --- > > Key: JENKINS-13763 > URL: https://issues.jenkins-ci.org/browse/JENKINS-13763 > Project: Jenkins > Issue Type: Bug > Components: subversion >Affects Versions: current > Environment: Windows Server 2003, Java 1.6.0.31, Jenkins 1.463, > Subversion Plugin 1.39 >Reporter: Marco Borm > Attachments: emptycertificate.png, emptycertificate.png, > subversionException.txt, subversionException.txt > > > The subversion authentication module currently doesn't work, even with > correct parameters. The behavior is identical to the already created bug due > the not validating input parameters. The exception gives no hint what the > problem / reason is. > The authentication works perfectly if the same certificate (p12) file and the > same password is configured manually within the subversion "Application > Data\Subversion\servers" file. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jenkins-ci.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira
[JIRA] (JENKINS-13763) subversion https-client authentication doesn't work with correct parameters
[ https://issues.jenkins-ci.org/browse/JENKINS-13763?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=162730#comment-162730 ] Marco Borm edited comment on JENKINS-13763 at 5/14/12 1:14 PM: --- Unfortunately the workaround with the "servers"-file doesn't work under linux. I can checkout successfully using the plain svn tools using the same user as jenkins, but jenkins itself fails with an exception. Due the problem that I can't store the authentication data within jenkins, we can't checkout using jenkins under linux now. Exception: "Caused by: org.tmatesoft.svn.core.SVNCancelException: svn: E200015: No credential to try. Authentication failed at org.tmatesoft.svn.core.internal.wc.SVNErrorManager.cancel(SVNErrorManager.java:37) at org.tmatesoft.svn.core.internal.wc.SVNErrorManager.cancel(SVNErrorManager.java:32) at org.tmatesoft.svn.core.internal.wc.DefaultSVNAuthenticationManager.getNextAuthentication(DefaultSVNAuthenticationManager.java:223) at org.tmatesoft.svn.core.internal.io.dav.http.HTTPSSLKeyManager.initialize(HTTPSSLKeyManager.java:426) at org.tmatesoft.svn.core.internal.io.dav.http.HTTPSSLKeyManager.initializeNoException(HTTPSSLKeyManager.java:406) at org.tmatesoft.svn.core.internal.io.dav.http.HTTPSSLKeyManager.chooseClientAlias(HTTPSSLKeyManager.java:302) at sun.security.ssl.AbstractWrapper.chooseClientAlias(SSLContextImpl.java:282) at sun.security.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:629) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:228) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:610) at sun.security.ssl.Handshaker.process_record(Handshaker.java:546) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:945) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1190) at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:657) at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:108) at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82) at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140) at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.sendData(HTTPConnection.java:238) at org.tmatesoft.svn.core.internal.io.dav.http.HTTPRequest.dispatch(HTTPRequest.java:168) at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection._request(HTTPConnection.java:385) at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.request(HTTPConnection.java:298) ... 35 more Caused by: svn: E200015: No credential to try. Authentication failed at org.tmatesoft.svn.core.SVNErrorMessage.create(SVNErrorMessage.java:208) at org.tmatesoft.svn.core.SVNErrorMessage.create(SVNErrorMessage.java:154) at org.tmatesoft.svn.core.SVNErrorMessage.create(SVNErrorMessage.java:97) ... 56 more" was (Author: mborm): Unfortunately the workaround with the "servers"-file doesn't work under linux. I can checkout successfully using the plain svn tools using the sam user as jenkins, but jenkins itself fails with an exception. Due the problem that I can't store the authentication data within jenkins, we can't checkout using jenkins under linux now. Exception: "Caused by: org.tmatesoft.svn.core.SVNCancelException: svn: E200015: No credential to try. Authentication failed at org.tmatesoft.svn.core.internal.wc.SVNErrorManager.cancel(SVNErrorManager.java:37) at org.tmatesoft.svn.core.internal.wc.SVNErrorManager.cancel(SVNErrorManager.java:32) at org.tmatesoft.svn.core.internal.wc.DefaultSVNAuthenticationManager.getNextAuthentication(DefaultSVNAuthenticationManager.java:223) at org.tmatesoft.svn.core.internal.io.dav.http.HTTPSSLKeyManager.initialize(HTTPSSLKeyManager.java:426) at org.tmatesoft.svn.core.internal.io.dav.http.HTTPSSLKeyManager.initializeNoException(HTTPSSLKeyManager.java:406) at org.tmatesoft.svn.core.internal.io.dav.http.HTTPSSLKeyManager.chooseClientAlias(HTTPSSLKeyManager.java:302) at sun.security.ssl.AbstractWrapper.chooseClientAlias(SSLContextImpl.java:282) at sun.security.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:629) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:228) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:610) at sun.security.ssl.Handshaker.process_record(Handshaker.java:546) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:945) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1190) at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:657) at sun.se
[JIRA] (JENKINS-13763) subversion https-client authentication doesn't work with correct parameters
[ https://issues.jenkins-ci.org/browse/JENKINS-13763?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=162730#comment-162730 ] Marco Borm commented on JENKINS-13763: -- Unfortunately the workaround with the "servers"-file doesn't work under linux. I can checkout successfully using the plain svn tools using the sam user as jenkins, but jenkins itself fails with an exception. Due the problem that I can't store the authentication data within jenkins, we can't checkout using jenkins under linux now. Exception: "Caused by: org.tmatesoft.svn.core.SVNCancelException: svn: E200015: No credential to try. Authentication failed at org.tmatesoft.svn.core.internal.wc.SVNErrorManager.cancel(SVNErrorManager.java:37) at org.tmatesoft.svn.core.internal.wc.SVNErrorManager.cancel(SVNErrorManager.java:32) at org.tmatesoft.svn.core.internal.wc.DefaultSVNAuthenticationManager.getNextAuthentication(DefaultSVNAuthenticationManager.java:223) at org.tmatesoft.svn.core.internal.io.dav.http.HTTPSSLKeyManager.initialize(HTTPSSLKeyManager.java:426) at org.tmatesoft.svn.core.internal.io.dav.http.HTTPSSLKeyManager.initializeNoException(HTTPSSLKeyManager.java:406) at org.tmatesoft.svn.core.internal.io.dav.http.HTTPSSLKeyManager.chooseClientAlias(HTTPSSLKeyManager.java:302) at sun.security.ssl.AbstractWrapper.chooseClientAlias(SSLContextImpl.java:282) at sun.security.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:629) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:228) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:610) at sun.security.ssl.Handshaker.process_record(Handshaker.java:546) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:945) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1190) at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:657) at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:108) at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82) at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140) at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.sendData(HTTPConnection.java:238) at org.tmatesoft.svn.core.internal.io.dav.http.HTTPRequest.dispatch(HTTPRequest.java:168) at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection._request(HTTPConnection.java:385) at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.request(HTTPConnection.java:298) ... 35 more Caused by: svn: E200015: No credential to try. Authentication failed at org.tmatesoft.svn.core.SVNErrorMessage.create(SVNErrorMessage.java:208) at org.tmatesoft.svn.core.SVNErrorMessage.create(SVNErrorMessage.java:154) at org.tmatesoft.svn.core.SVNErrorMessage.create(SVNErrorMessage.java:97) ... 56 more" > subversion https-client authentication doesn't work with correct parameters > --- > > Key: JENKINS-13763 > URL: https://issues.jenkins-ci.org/browse/JENKINS-13763 > Project: Jenkins > Issue Type: Bug > Components: subversion >Affects Versions: current > Environment: Windows Server 2003, Java 1.6.0.31, Jenkins 1.463, > Subversion Plugin 1.39 >Reporter: Marco Borm > Attachments: emptycertificate.png, emptycertificate.png, > subversionException.txt, subversionException.txt > > > The subversion authentication module currently doesn't work, even with > correct parameters. The behavior is identical to the already created bug due > the not validating input parameters. The exception gives no hint what the > problem / reason is. > The authentication works perfectly if the same certificate (p12) file and the > same password is configured manually within the subversion "Application > Data\Subversion\servers" file. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jenkins-ci.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira
[JIRA] (JENKINS-13763) subversion https-client authentication doesn't work with correct parameters
[ https://issues.jenkins-ci.org/browse/JENKINS-13763?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Marco Borm updated JENKINS-13763: - Summary: subversion https-client authentication doesn't work with correct parameters (was: subversion authentication doesn't work on correct certificate parameters) Attachment: emptycertificate.png subversionException.txt Description: The subversion authentication module currently doesn't work, even with correct parameters. The behavior is identical to the already created bug due the not validating input parameters. The exception gives no hint what the problem / reason is. The authentication works perfectly if the same certificate (p12) file and the same password is configured manually within the subversion "Application Data\Subversion\servers" file. was: The subversion authentication module accepts any file as certificate and anything as password. A failure always results in the same not helpful exception "SSL handshake failed: 'Received fatal alert: handshake_failure'" after the subversion client send a empty client certificate send to the server on the TLS connection. I am not sure if is allowed to send a empty client certificate message to the server. Due the complexity of the software chain and configuration parameters used for HTTPS authentication, it is very annoying to find the real problem if no component returns a usable error message. The expected behavior is to validate the input parameters and do not try to establish a connection with obvious invalid parameters. > subversion https-client authentication doesn't work with correct parameters > --- > > Key: JENKINS-13763 > URL: https://issues.jenkins-ci.org/browse/JENKINS-13763 > Project: Jenkins > Issue Type: Bug > Components: subversion >Affects Versions: current > Environment: Windows Server 2003, Java 1.6.0.31, Jenkins 1.463, > Subversion Plugin 1.39 >Reporter: Marco Borm > Attachments: emptycertificate.png, emptycertificate.png, > subversionException.txt, subversionException.txt > > > The subversion authentication module currently doesn't work, even with > correct parameters. The behavior is identical to the already created bug due > the not validating input parameters. The exception gives no hint what the > problem / reason is. > The authentication works perfectly if the same certificate (p12) file and the > same password is configured manually within the subversion "Application > Data\Subversion\servers" file. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jenkins-ci.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira
