Hi Enrico,
Here is the info you are requesting:
*Java version*
$ java -version
java version "1.8.0_152"
Java(TM) SE Runtime Environment (build 1.8.0_152-b16)
Java HotSpot(TM) 64-Bit Server VM (build 25.152-b16, mixed mode)
*Test case errors*
I won’t post all of them, I get a good number of errors:
================================
[ERROR] Tests run: 64, Failures: 0, Errors: 16, Skipped: 0, Time elapsed: 9.21
s <<< FAILURE! - in org.apache.zookeeper.util.PemReaderTest
[ERROR]
testLoadCertificateFromKeyStore[1](org.apache.zookeeper.util.PemReaderTest)
Time elapsed: 1.593 s <<< ERROR!
java.io.IOException: org.bouncycastle.operator.OperatorCreationException:
Illegal key size or default parameters
at
org.apache.zookeeper.util.PemReaderTest.testLoadCertificateFromKeyStore(PemReaderTest.java:125)
Caused by: org.bouncycastle.operator.OperatorCreationException: Illegal key
size or default parameters
at
org.apache.zookeeper.util.PemReaderTest.testLoadCertificateFromKeyStore(PemReaderTest.java:125)
Caused by: java.security.InvalidKeyException: Illegal key size or default
parameters
at
org.apache.zookeeper.util.PemReaderTest.testLoadCertificateFromKeyStore(PemReaderTest.java:125)
[ERROR]
testLoadEncryptedPrivateKeyFromKeyStoreWithWrongPassword[1](org.apache.zookeeper.util.PemReaderTest)
Time elapsed: 0.004 s <<< ERROR!
java.lang.Exception: Unexpected exception,
expected<java.security.GeneralSecurityException> but was<java.io.IOException>
at
org.apache.zookeeper.util.PemReaderTest.testLoadEncryptedPrivateKeyFromKeyStoreWithWrongPassword(PemReaderTest.java:93)
Caused by: org.bouncycastle.operator.OperatorCreationException: Illegal key
size or default parameters
at
org.apache.zookeeper.util.PemReaderTest.testLoadEncryptedPrivateKeyFromKeyStoreWithWrongPassword(PemReaderTest.java:93)
Caused by: java.security.InvalidKeyException: Illegal key size or default
parameters
at
org.apache.zookeeper.util.PemReaderTest.testLoadEncryptedPrivateKeyFromKeyStoreWithWrongPassword(PemReaderTest.java:93)
...
================================
*Crypto policy*
If I uncomment this configuration option:
# Please see the JCA documentation for additional information on these
# files and formats.
# crypto.policy=unlimited
in:
$JAVA_HOME/jre/lib/security/java.security
then it all works and I get no error at all. This option controls cryptographic
strengths according to the documentation, and is present because of crypto
regulations in different countries.
Thanks,
-Flavio
> On 27 Apr 2019, at 15:52, Enrico Olivelli <[email protected]> wrote:
>
> Il sab 27 apr 2019, 14:18 Flavio Junqueira <[email protected]> ha scritto:
>
>> I have a clarification question about the RC. To build the RC, I had to
>> enable crypto.policy unlimited in the jre (I'm using build 1.8.0_152-b16).
>
>
> Flavio
> What do you mean with 'build' ?
> Make tests pass?
> AFAIK we are not using tweaked jdks in CI builds, so in theory there is no
> need.
>
> Can you please share your error?
>
> Enrico
>
>
> I'm wondering if this is going to be an issue for some users as this option
>> is related to import/export regulation. Has anyone looked into it and could
>> clarify it to me, please?
>>
>> Thanks,
>> -Flavio
>>
>>
>>> On 25 Apr 2019, at 15:10, Andor Molnar <[email protected]> wrote:
>>>
>>> This is the first stable release of 3.5 branch: 3.5.5. It resolves 117
>> issues, including Maven migration, Quorum TLS, TTL nodes and lots of other
>> performance and stability improvements.
>>>
>>> The full release notes is available at:
>>>
>>>
>> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310801&version=12343268
>>>
>>> *** Please download, test and vote by May 3rd 2019, 23:59 UTC+0. ***
>>>
>>> Source files:
>>> https://dist.apache.org/repos/dist/dev/zookeeper/zookeeper-3.5.5-rc5/
>>>
>>> Maven staging repos:
>>>
>> https://repository.apache.org/content/groups/staging/org/apache/zookeeper/parent/3.5.5/
>>>
>> https://repository.apache.org/content/groups/staging/org/apache/zookeeper/zookeeper-jute/3.5.5/
>>>
>> https://repository.apache.org/content/groups/staging/org/apache/zookeeper/zookeeper/3.5.5/
>>>
>>> The release candidate tag in git to be voted upon: release-3.5.5-rc5
>>>
>>> ZooKeeper's KEYS file containing PGP keys we use to sign the release:
>>> http://www.apache.org/dist/zookeeper/KEYS
>>>
>>> Should we release this candidate?
>>>
>>
>>
