[jira] [Comment Edited] (HADOOP-16016) TestSSLFactory#testServerWeakCiphers sporadically fails in precommit builds

Sun, 06 Jan 2019 19:04:59 -0800 


    [ 
https://issues.apache.org/jira/browse/HADOOP-16016?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16735400#comment-16735400
 ] 

Akira Ajisaka edited comment on HADOOP-16016 at 1/7/19 3:03 AM:
----------------------------------------------------------------

Thanks [~jojochuang] and [~Jack-Lee] for the comments.
Removing the DES ciphers does not fix the test. Rethinking this issue, I found 
the test failed because all of the {{excludeCiphers}} are regarded as weak and 
there are no cipher suite which can pass the client-side verification after 
JDK-8208350. Adding a strong cipher suite to {{excludeCiphers}} fixes this test 
failure.


was (Author: ajisakaa):
Thanks [~jojochuang] and [~Jack-Lee] for the comments.
Removing the DES ciphers does not fix the test. This test fails because after 
JDK-8208350, all of the {{excludeCiphers}} are regarded as weak and there are 
no cipher suite which can pass the client-side verification. Adding a strong 
cipher suite to {{excludeCiphers}} fixes this test failure.

> TestSSLFactory#testServerWeakCiphers sporadically fails in precommit builds
> ---------------------------------------------------------------------------
>
>                 Key: HADOOP-16016
>                 URL: https://issues.apache.org/jira/browse/HADOOP-16016
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: security, test
>         Environment: Java 1.8.0_191 or upper
>            Reporter: Jason Lowe
>            Assignee: Akira Ajisaka
>            Priority: Major
>         Attachments: HADOOP-16016-002.patch, HADOOP-16016.01.patch, 
> HADOOP-16016.03.patch
>
>
> I have seen a couple of precommit builds across JIRAs fail in 
> TestSSLFactory#testServerWeakCiphers with the error:
> {noformat}
> [ERROR]   TestSSLFactory.testServerWeakCiphers:240 Expected to find 'no 
> cipher suites in common' but got unexpected 
> exception:javax.net.ssl.SSLHandshakeException: No appropriate protocol 
> (protocol is disabled or cipher suites are inappropriate)
> {noformat}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to