[TS-847] Forward proxy: Can't create SSL connection to older Subversion Servers. - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 3.1.0, 3.0.0
Fix Version/s: 3.1.0, 3.0.1
Component/s: None
Labels:
None

Description

When trying to access older Subversion (1.6.9, 1.5.1 verified) servers through SSL via the Forward proxy, I'll get a failure such as:

igalic@knock ~/src % svn co https://gar.svn.sourceforge.net/svnroot/gar/csw/mgar/gar/
svn: PROPFIND of '/svnroot/gar/!svn/bln/14844': Could not create SSL connection through proxy server: 502 Tunnel Connection Failed (https://gar.svn.sourceforge.net)
1 igalic@knock ~/src %

The squid.blog says:

1308609250.117 1004 127.0.0.1 TCP_MISS/200 4664 CONNECT gar.svn.sourceforge.net:443/ - DIRECT/gar.svn.sourceforge.net - -
1308609250.642 524 127.0.0.1 TCP_MISS/200 1335 CONNECT gar.svn.sourceforge.net:443/ - DIRECT/gar.svn.sourceforge.net - -
1308609251.167 525 127.0.0.1 TCP_MISS/200 1031 CONNECT gar.svn.sourceforge.net:443/ - DIRECT/gar.svn.sourceforge.net - -
1308609251.689 522 127.0.0.1 TCP_MISS/200 1095 CONNECT gar.svn.sourceforge.net:443/ - DIRECT/gar.svn.sourceforge.net - -
1308609252.231 541 127.0.0.1 TCP_MISS/200 1335 CONNECT gar.svn.sourceforge.net:443/ - DIRECT/gar.svn.sourceforge.net - -
1308609252.756 524 127.0.0.1 TCP_MISS/200 1031 CONNECT gar.svn.sourceforge.net:443/ - DIRECT/gar.svn.sourceforge.net - -
1308609253.285 528 127.0.0.1 TCP_MISS/200 1095 CONNECT gar.svn.sourceforge.net:443/ - DIRECT/gar.svn.sourceforge.net - -
1308609253.814 528 127.0.0.1 TCP_MISS/200 1335 CONNECT gar.svn.sourceforge.net:443/ - DIRECT/gar.svn.sourceforge.net - -
1308609254.345 530 127.0.0.1 TCP_MISS/200 1111 CONNECT gar.svn.sourceforge.net:443/ - DIRECT/gar.svn.sourceforge.net - -
1308609254.416 70 127.0.0.1 ERR_CONNECT_FAIL/502 454 CONNECT gar.svn.sourceforge.net:443/ - DIRECT/gar.svn.sourceforge.net text/html -

While the error log says:

20110621.00h25m14s RESPONSE: sent 127.0.0.1 status 502 (Tunnel Connection Failed) for 'gar.svn.sourceforge.net:443/'

With newer versions of the Subversion server this works out fine, example the ASF's server:

igalic@knock ~/src % svn co https://svn.apache.org/repos/asf/trafficserver/plugins/header_filter/
A    header_filter/example.conf
A    header_filter/rules.h
A    header_filter/NOTICE
A    header_filter/header_filter.cc
A    header_filter/LICENSE
A    header_filter/STATUS
A    header_filter/lulu.h
A    header_filter/CHANGES
A    header_filter/Makefile
A    header_filter/README
A    header_filter/rules.cc
Checked out revision 1137808.
igalic@knock ~/src %

I wouldn't submit this bug in the first place, if it didn't work with Squid either. Alas Squid passes with flying colours! Attatched you can find wireshark captures for the four scenarios:

Failure with ATS (old subversion server: sf.net)
Success with Squid (same old subversion server: sf.net)
Success with ATS (new Subversion server: ASF)
Success with Squid (same new Subversion server: ASF)

To force subversion through a proxy you need to edit ~/.subversion/servers

[global]
http-proxy-host = localhost
http-proxy-port = 8080

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

01_fail_ats_sfnet.cap
20/Jun/11 22:47
19 kB
Igor Galić
02_pass_squid_sfnet.cap
20/Jun/11 22:47
4.87 MB
Igor Galić
03_pass_ats_asf.cap
20/Jun/11 22:47
72 kB
Igor Galić
04_pass_squid_asf.cap
20/Jun/11 22:47
70 kB
Igor Galić
TS-847.diff
21/Jun/11 02:00
0.5 kB
Leif Hedstrom

Activity

People

Assignee:: Unassigned

Reporter:: Igor Galić

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 20/Jun/11 22:45

Updated:: 19/Aug/11 01:19

Resolved:: 21/Jun/11 10:51