The SVN server in our company, which is self setup and hosted on EC2, is pretty slow. The setup is based on Apache and mod_dav_svn. There is also a svnserve running that seems to be used by the CI system. We can access the repositories using SSL with server and client certificates and I noticed a strange thing while monitoring a commit with Wireshark.
I would have expected that there is a SSL handshake to establish the connection and that that connection is reused over the session. However it seems that every 200ms/10kb there is a new TCP connection with new SSL handshake (which due to the certificates procuses a higher payload than SVN traffic itself).
Conversations during an SVN commit. Please note that for each connection there is at most 10kb of data transferred.
Begin of the commit as packets. As far as I can tell the server sends an encrypted alert to close the SSL connection. Then you see the next handshake...
Apache ssl.conf:
LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule authz_svn_module modules/mod_authz_svn.so
SSLVerifyClient optional
SSLUserName SSL_CLIENT_S_DN_CN
SSLCARevocationFile /etc/httpd/ssl/xxx-revoke.pem
<Location /svn/repos>
DAV svn
SVNPath /path/svn/repos
SSLRequireSSL
SSLRequire (%{SSL_CLIENT_S_DN_O} in {"c1", "c2"}) and !(%{SSL_CLIENT_S_DN_CN} in {"old1", "old2"})
# Allow large files
LimitXMLRequestBody 0
LimitRequestBody 0
</Location>
I am using TortoiseSVN GUI/cli clients. My assumption it that there is a wrong configuration at server side, do you agree? Any hints?
