Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 315399

Summary: client certificate not used in SVNKit/Helios
Product: [Technology] Subversive Reporter: Christoph Caks <ccaks>
Component: CoreAssignee: Igor Burilo <igor.burilo>
Status: RESOLVED NOT_ECLIPSE QA Contact:
Severity: normal    
Priority: P3    
Version: unspecified   
Target Milestone: ---   
Hardware: PC   
OS: Linux-GTK   
Whiteboard:

Description Christoph Caks CLA 2010-06-02 10:20:51 EDT 
Observations:
When connecting to an ssl client certificate protected server, no error appears and eclipse is retries forever. If this happens in foreground (eg when you select "Validate Repository Location on finish" in the Edit Repostiory Location dialog) eclipse freezes and the only remaining option is to kill it.

I also tried:
 a public http repository: worked fine
 a password protected http repository: worked also fine

As mentioned i get zero information on whats happening, nothing in the svn console, nothing in the error log, nothing in the osgi console (Side Question: Is there a way to set subversive into a debug mode to get logging information?)

On the server side every attempt fails with:
[Wed Jun 02 15:53:59 2010] [error] Re-negotiation handshake failed: Not accepted by client!?
[Wed Jun 02 15:53:59 2010] [error] Re-negotiation handshake failed: Not accepted by client!?
[Wed Jun 02 15:53:59 2010] [error] Re-negotiation handshake failed: Not accepted by client!?
[Wed Jun 02 15:53:59 2010] [error] Re-negotiation handshake failed: Not accepted by client!?
[Wed Jun 02 15:53:59 2010] [error] Re-negotiation handshake failed: Not accepted by client!?
[Wed Jun 02 15:54:00 2010] [error] Re-negotiation handshake failed: Not accepted by client!?

As you can see it tries to connect several times per second.
I experienced the same effects in the past whenever i forgot to provide the ssl client certificate and password or when the certificate expired. 
But this time it seems to me that the provided ssl information is ignored.

Eclipse:
S-3.6RC3-201005271700

Used Bundles:
org.eclipse.team.svn.core_0.7.9.I20100512-1900
org.eclipse.team.svn.ui_0.7.9.I20100512-1900
org.polarion.eclipse.team.svn.connector_2.2.2.I20100512-1900
org.polarion.eclipse.team.svn.connector.svnkit16_2.2.2.I20100512-1900
Comment 1 Christoph Caks CLA 2010-06-08 08:44:01 EDT 
i just made a new discovery i'd like to share:
i used for for the above sun's jdk 1.6_20 x64
today i tried it with sun's jdk 1.6_10 x64 and it works flawless!!!

it seems to me that something changed within the jdk and broke the ssl authentication
Comment 2 Igor Burilo CLA 2010-06-21 08:53:53 EDT 
As it seems that problem is with JDK but not Subversive I close the bug; also I can't reproduce the bug. Feel free to reopen the bug with detailed steps how to reproduce it if it happens again.
Comment 3 Christoph Caks CLA 2010-06-21 09:01:55 EDT 
for me it is reproduceable whenever i try to use the new jdk (1.6.0 u20), but i do not longer think that the bug belongs here. I can also reproduce the same issue with the current svnkit version and sun jdk1.6.0 u20 but without using eclipse/subversive at all.

-> hence i'm setting the status to NOT_ECLIPSE