Following up to make note of how I finally solved this. I don't recall the precise details, but I was specifying the following in the wrong place: -Dsvnkit.http.sslProtocols=SSLv3
For the Ubuntu/Debian native package, the place I needed to specify it was in the JAVA_ARGS line in the file /etc/default/jenkins. Previously, I was using the Jenkins WAR in Tomcat 7. Passing system properties to a webapp--yeah, I realize, pretty basic stuff... On Sat, Dec 8, 2012 at 8:23 PM, Mitch Gitman <mgit...@gmail.com> wrote: > I'm bumping up this old thread because I encountered precisely the same > problem John Cary did and I wanted to add a few data points. > > > John was seeing this with Jenkins 1.478. I'm seeing it with the latest > Jenkins, 1.492 as of this writing, which comes with version 1.39 of the > Subversion plugin and which can be upgraded to 1.43. I verified that the > problem arose with both 1.39 and 1.43 of the Subversion plugin. > > > Like John, I tried the -Dsvnkit.http.sslProtocols=SSLv3 system property to > no avail. > > > Ultimately, the workaround that worked for me was to install an older > version of Jenkins, 1.464, which was released back in May. This comes with > version 1.34 of the Subversion plugin. (I recognize the apparent reality > that Jenkins doesn't let you upgrade or downgrade a plugin to an arbitrary > version, for what I can imagine are understandable reasons.) > > > I still want to try modifying the Subversion server configuration to use > the following: > > SSLProtocol -all +SSLv3 +TLSv1 > > I don't maintain the Subversion host, though, so I don't know if that's an > option for me. The Subversion server I'm consuming is version 1.6.5. > > > I welcome any further insights. As far as I can tell, this is a bug that > was introduced recently in the SVNKit Subversion client, which the plugin > uses. > > > On Thu, Sep 6, 2012 at 5:53 PM, John R. Cary <c...@txcorp.com> wrote: > >> Answering my own question: >> >> I could not get jenkins to use sslv3, but by modifying my >> server to also allow tlsv1 on the SSLProtocol definition, I >> got the Jenkins subversion plugin to work. The magic line >> appears to be >> >> SSLProtocol -all +SSLv3 +TLSv1 >> >> John Cary >> >> >> On 9/6/12 11:57 AM, John R. Cary wrote: >> >>> I have been trying to get jenkins (v1.478) to svn checkout >>> my repos. I keep getting the error >>> >>> org.tmatesoft.svn.core.**SVNErrorMessage: svn: OPTIONS ... >>> ... >>> bad_record_mac >>> >>> Intensive searching has not found the answer to this >>> problem. From >>> http://issues.tmatesoft.com/**issue/SVNKIT-176<http://issues.tmatesoft.com/issue/SVNKIT-176> >>> I tried >>> JENKINS_JAVA_OPTIONS="-Djava.**awt.headless=true >>> -Dsvnkit.http.sslProtocols=**SSLv3" >>> to no avail. >>> >>> If anyone has any hints on how to fix this problem, I would >>> be most grateful, but in the absence of that... >>> >>> The last time I had this working was with the svn plugin >>> 1.34, so I would like to try downgrading to that, but >>> the jenkins GUI does not appear to give me that option. >>> The plugin manager gives me the update to 1.42 or the >>> downgrade to 1.39. >>> >>> Is there a way to downgrade the subversion server >>> to version 1.42 in jenkins 1.478? >>> >>> Thx.....John Cary >>> >>> >> >
