Сергей Скурлаев suggested to me that there is newer version of jdk in updates-testing.
I had updated java-1.8.0-openjdk to 1:1.8.0.121-1.b14.fc24 and I was able to add host properly. On Fri, Jan 27, 2017 at 2:57 PM, Piotr Kliczewski <[email protected]> wrote: > I downgraded jdk and it did not help. > > My dnf says when I attempt to install as in the link: > > No package nss-3.27.0-1.1.fc25.x86_64 available. > No package nss-softokn-3.27.0-1.0.fc25.x86_64 available. > No package nss-softokn-freebl-3.27.0-1.0.fc25.x86_64 available. > No package nss-sysinit-3.27.0-1.1.fc25.x86_64 available. > No package nss-tools-3.27.0-1.1.fc25.x86_64 available. > No package nss-util-3.27.0-1.0.fc25.x86_64 available. > > I am not able to downgrade nss due to conflicts with other packages.: > > > On Fri, Jan 27, 2017 at 2:23 PM, Benny Zlotnik <[email protected]> wrote: >> You can also try downgrading the nss packages, see: >> https://bugzilla.redhat.com/show_bug.cgi?id=1415137#c15 >> >> On Fri, Jan 27, 2017 at 3:18 PM, Piotr Kliczewski >> <[email protected]> wrote: >>> >>> I was too fast to send the update. I am able to login now but I see >>> core dump during host add: >>> >>> 2017-01-27 14:14:01,906+01 ERROR >>> [org.ovirt.engine.core.bll.hostdeploy.AddVdsCommand] (default task-58) >>> [20086bed-e76d-42ef-9ab1-30c8e965374b] Failed to establish session >>> with host 'fedora': SSH session closed during connection >>> '[email protected]' >>> 2017-01-27 14:14:01,907+01 WARN >>> [org.ovirt.engine.core.bll.hostdeploy.AddVdsCommand] (default task-58) >>> [20086bed-e76d-42ef-9ab1-30c8e965374b] Validation of action 'AddVds' >>> failed for user admin@internal-authz. Reasons: >>> VAR__ACTION__ADD,VAR__TYPE__HOST,$server >>> 192.168.1.102,VDS_CANNOT_CONNECT_TO_SERVER >>> # >>> # A fatal error has been detected by the Java Runtime Environment: >>> # >>> # SIGSEGV (0xb) at pc=0x00007f7c9d773734, pid=20890, >>> tid=0x00007f7c6c148700 >>> # >>> # JRE version: OpenJDK Runtime Environment (8.0_111-b16) (build >>> 1.8.0_111-b16) >>> # Java VM: OpenJDK 64-Bit Server VM (25.111-b16 mixed mode linux-amd64 >>> compressed oops) >>> # Problematic frame: >>> # C [libc.so.6+0x14a734] __memcpy_avx_unaligned+0x2c4 >>> # >>> # Failed to write core dump. Core dumps have been disabled. To enable >>> core dumping, try "ulimit -c unlimited" before starting Java again >>> # >>> # An error report file with more information is saved as: >>> # /tmp/hs_err_pid20890.log >>> # >>> # If you would like to submit a bug report, please visit: >>> # http://bugreport.java.com/bugreport/crash.jsp >>> # >>> ovirt-engine[20848] ERROR run:554 Error: process terminated with status >>> code -6 >>> >>> 2017-01-27 14:14:01,756+01 INFO >>> [org.apache.sshd.common.util.SecurityUtils] (default task-58) >>> BouncyCastle not registered, using the default JCE provider >>> 2017-01-27 14:14:01,870+01 INFO >>> [org.apache.sshd.client.session.ClientSessionImpl] >>> (sshd-SshClient[26c9f7da]-nio2-thread-1) Client session created >>> 2017-01-27 14:14:01,885+01 INFO >>> [org.apache.sshd.client.session.ClientSessionImpl] >>> (sshd-SshClient[26c9f7da]-nio2-thread-1) Server version string: >>> SSH-2.0-OpenSSH_7.2 >>> 2017-01-27 14:14:01,886+01 INFO >>> [org.apache.sshd.client.session.ClientSessionImpl] >>> (sshd-SshClient[26c9f7da]-nio2-thread-1) Kex: server->client >>> aes128-ctr hmac-sha2-256 none >>> 2017-01-27 14:14:01,886+01 INFO >>> [org.apache.sshd.client.session.ClientSessionImpl] >>> (sshd-SshClient[26c9f7da]-nio2-thread-1) Kex: client->server >>> aes128-ctr hmac-sha2-256 none >>> 2017-01-27 14:14:01,896+01 WARN >>> [org.apache.sshd.client.session.ClientSessionImpl] >>> (sshd-SshClient[26c9f7da]-nio2-thread-1) Exception caught: >>> java.security.ProviderException: java.lang.NegativeArraySizeException >>> at >>> sun.security.ec.ECKeyPairGenerator.generateKeyPair(ECKeyPairGenerator.java:147) >>> at >>> java.security.KeyPairGenerator$Delegate.generateKeyPair(KeyPairGenerator.java:703) >>> [rt.jar:1.8.0_111] >>> at org.apache.sshd.common.kex.ECDH.getE(ECDH.java:59) >>> at >>> org.apache.sshd.client.kex.AbstractDHGClient.init(AbstractDHGClient.java:78) >>> at >>> org.apache.sshd.common.session.AbstractSession.doHandleMessage(AbstractSession.java:359) >>> at >>> org.apache.sshd.common.session.AbstractSession.handleMessage(AbstractSession.java:295) >>> at >>> org.apache.sshd.client.session.ClientSessionImpl.handleMessage(ClientSessionImpl.java:256) >>> at >>> org.apache.sshd.common.session.AbstractSession.decode(AbstractSession.java:731) >>> at >>> org.apache.sshd.common.session.AbstractSession.messageReceived(AbstractSession.java:277) >>> at >>> org.apache.sshd.common.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:54) >>> at >>> org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:187) >>> at >>> org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:173) >>> at >>> org.apache.sshd.common.io.nio2.Nio2CompletionHandler$1.run(Nio2CompletionHandler.java:32) >>> at java.security.AccessController.doPrivileged(Native Method) >>> [rt.jar:1.8.0_111] >>> at >>> org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:30) >>> at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126) [rt.jar:1.8.0_111] >>> at sun.nio.ch.Invoker.invokeDirect(Invoker.java:157) [rt.jar:1.8.0_111] >>> at >>> sun.nio.ch.UnixAsynchronousSocketChannelImpl.implRead(UnixAsynchronousSocketChannelImpl.java:553) >>> [rt.jar:1.8.0_111] >>> at >>> sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:276) >>> [rt.jar:1.8.0_111] >>> at >>> sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:297) >>> [rt.jar:1.8.0_111] >>> at >>> java.nio.channels.AsynchronousSocketChannel.read(AsynchronousSocketChannel.java:420) >>> [rt.jar:1.8.0_111] >>> at >>> org.apache.sshd.common.io.nio2.Nio2Session.startReading(Nio2Session.java:173) >>> at >>> org.apache.sshd.common.io.nio2.Nio2Connector$1.onCompleted(Nio2Connector.java:53) >>> at >>> org.apache.sshd.common.io.nio2.Nio2Connector$1.onCompleted(Nio2Connector.java:46) >>> at >>> org.apache.sshd.common.io.nio2.Nio2CompletionHandler$1.run(Nio2CompletionHandler.java:32) >>> at java.security.AccessController.doPrivileged(Native Method) >>> [rt.jar:1.8.0_111] >>> at >>> org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:30) >>> at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126) [rt.jar:1.8.0_111] >>> at sun.nio.ch.Invoker$2.run(Invoker.java:218) [rt.jar:1.8.0_111] >>> at >>> sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112) >>> [rt.jar:1.8.0_111] >>> at >>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) >>> [rt.jar:1.8.0_111] >>> at >>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) >>> [rt.jar:1.8.0_111] >>> at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_111] >>> Caused by: java.lang.NegativeArraySizeException >>> at sun.security.ec.ECKeyPairGenerator.generateECKeyPair(Native Method) >>> at >>> sun.security.ec.ECKeyPairGenerator.generateKeyPair(ECKeyPairGenerator.java:128) >>> ... 32 more >>> >>> On Fri, Jan 27, 2017 at 1:56 PM, Piotr Kliczewski >>> <[email protected]> wrote: >>> > Thank you Juan, It fixed my issue >>> > >>> > I updated java.security and changed: >>> > >>> > from >>> > >>> > jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768 >>> > >>> > to >>> > >>> > jdk.tls.disabledAlgorithms=SSLv3, DH keySize < 768, EC, ECDHE, ECDH >>> > >>> > Thanks, >>> > Piotr >>> > >>> > On Fri, Jan 27, 2017 at 1:42 PM, Juan Hernández <[email protected]> >>> > wrote: >>> >> See this Piotr: >>> >> >>> >> >>> >> >>> >> http://post-office.corp.redhat.com/archives/rhev-devel/2017-January/msg00269.html >>> >> >>> >> Benny, may be worth publishing it to the upstream devel list. >>> >> >>> >> On 01/27/2017 01:35 PM, Piotr Kliczewski wrote: >>> >>> All, >>> >>> >>> >>> I pulled the latest source from master and rebuilt my engine. Every >>> >>> time I attempt to login I see: >>> >>> >>> >>> 2017-01-27 13:22:51,403+01 INFO >>> >>> [org.ovirt.engine.core.sso.utils.AuthenticationUtils] (default >>> >>> task-54) [] User admin@internal successfully logged in with scopes: >>> >>> ovirt-app-admin ovirt-app-api ovirt-app-portal >>> >>> ovirt-ext=auth:sequence-priority=~ ovirt-ext=revoke:revoke-all >>> >>> ovirt-ext=token-info:authz-search >>> >>> ovirt-ext=token-info:public-authz-search ovirt-ext=token-info:validate >>> >>> ovirt-ext=token:password-access >>> >>> # >>> >>> # A fatal error has been detected by the Java Runtime Environment: >>> >>> # >>> >>> # SIGSEGV (0xb) at pc=0x00007f514eb45734, pid=2519, >>> >>> tid=0x00007f51119a6700 >>> >>> # >>> >>> # JRE version: OpenJDK Runtime Environment (8.0_111-b16) (build >>> >>> 1.8.0_111-b16) >>> >>> # Java VM: OpenJDK 64-Bit Server VM (25.111-b16 mixed mode linux-amd64 >>> >>> compressed oops) >>> >>> # Problematic frame: >>> >>> # C [libc.so.6+0x14a734] __memcpy_avx_unaligned+0x2c4 >>> >>> # >>> >>> # Failed to write core dump. Core dumps have been disabled. To enable >>> >>> core dumping, try "ulimit -c unlimited" before starting Java again >>> >>> # >>> >>> # An error report file with more information is saved as: >>> >>> # /tmp/hs_err_pid2519.log >>> >>> # >>> >>> # If you would like to submit a bug report, please visit: >>> >>> # http://bugreport.java.com/bugreport/crash.jsp >>> >>> # >>> >>> ovirt-engine[2471] ERROR run:554 Error: process terminated with status >>> >>> code -6 >>> >>> >>> >>> I enabled ssl debug to find: >>> >>> >>> >>> 2017-01-27 13:22:37,641+01 INFO [stdout] (default I/O-2) default >>> >>> I/O-2, fatal error: 80: problem unwrapping net record >>> >>> 2017-01-27 13:22:37,642+01 INFO [stdout] (default I/O-2) >>> >>> java.lang.RuntimeException: java.lang.NegativeArraySizeException >>> >>> 2017-01-27 13:22:37,642+01 INFO [stdout] (default I/O-2) %% >>> >>> Invalidated: [Session-1, SSL_NULL_WITH_NULL_NULL] >>> >>> 2017-01-27 13:22:37,643+01 INFO [stdout] (default I/O-2) default >>> >>> I/O-2, SEND TLSv1.2 ALERT: fatal, description = internal_error >>> >>> 2017-01-27 13:22:37,643+01 INFO [stdout] (default I/O-2) default >>> >>> I/O-2, WRITE: TLSv1.2 Alert, length = 2 >>> >>> 2017-01-27 13:22:37,643+01 INFO [stdout] (default I/O-2) default >>> >>> I/O-2, called closeInbound() >>> >>> 2017-01-27 13:22:37,643+01 INFO [stdout] (default I/O-2) default >>> >>> I/O-2, fatal: engine already closed. Rethrowing >>> >>> javax.net.ssl.SSLException: Inbound closed before receiving peer's >>> >>> close_notify: possible truncation attack? >>> >>> 2017-01-27 13:22:37,643+01 INFO [stdout] (default I/O-2) default >>> >>> I/O-2, called closeOutbound() >>> >>> 2017-01-27 13:22:37,643+01 INFO [stdout] (default I/O-2) default >>> >>> I/O-2, closeOutboundInternal() >>> >>> 2017-01-27 13:22:37,644+01 INFO [stdout] (default task-1) default >>> >>> task-1, received EOFException: error >>> >>> 2017-01-27 13:22:37,644+01 INFO [stdout] (default task-1) default >>> >>> task-1, handling exception: javax.net.ssl.SSLHandshakeException: >>> >>> Remote host closed connection during handshake >>> >>> 2017-01-27 13:22:37,645+01 INFO [stdout] (default task-1) default >>> >>> task-1, SEND TLSv1.2 ALERT: fatal, description = handshake_failure >>> >>> 2017-01-27 13:22:37,645+01 INFO [stdout] (default task-1) default >>> >>> task-1, WRITE: TLSv1.2 Alert, length = 2 >>> >>> 2017-01-27 13:22:37,645+01 INFO [stdout] (default task-1) [Raw >>> >>> write]: length = 7 >>> >>> 2017-01-27 13:22:37,647+01 INFO [stdout] (default task-1) 0000: 15 03 >>> >>> 03 00 02 02 28 ......( >>> >>> 2017-01-27 13:22:37,647+01 INFO [stdout] (default task-1) default >>> >>> task-1, called closeSocket() >>> >>> 2017-01-27 13:22:37,644+01 ERROR [org.xnio.nio] (default I/O-2) >>> >>> XNIO000011: Task io.undertow.protocols.ssl.SslConduit$5$1@6d665208 >>> >>> failed with an exception: java.lang.RuntimeException: >>> >>> java.lang.NegativeArraySizeException >>> >>> at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1429) >>> >>> [jsse.jar:1.8.0_111] >>> >>> at >>> >>> sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:535) >>> >>> [jsse.jar:1.8.0_111] >>> >>> at >>> >>> sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:813) >>> >>> [jsse.jar:1.8.0_111] >>> >>> at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:781) >>> >>> [jsse.jar:1.8.0_111] >>> >>> at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624) >>> >>> [rt.jar:1.8.0_111] >>> >>> at io.undertow.protocols.ssl.SslConduit.doUnwrap(SslConduit.java:742) >>> >>> at >>> >>> io.undertow.protocols.ssl.SslConduit.doHandshake(SslConduit.java:639) >>> >>> at io.undertow.protocols.ssl.SslConduit.access$900(SslConduit.java:63) >>> >>> at io.undertow.protocols.ssl.SslConduit$5$1.run(SslConduit.java:1035) >>> >>> at org.xnio.nio.WorkerThread.safeRun(WorkerThread.java:588) >>> >>> [xnio-nio-3.4.0.Final.jar:3.4.0.Final] >>> >>> at org.xnio.nio.WorkerThread.run(WorkerThread.java:468) >>> >>> [xnio-nio-3.4.0.Final.jar:3.4.0.Final] >>> >>> Caused by: java.security.ProviderException: >>> >>> java.lang.NegativeArraySizeException >>> >>> at >>> >>> sun.security.ec.ECKeyPairGenerator.generateKeyPair(ECKeyPairGenerator.java:147) >>> >>> at >>> >>> java.security.KeyPairGenerator$Delegate.generateKeyPair(KeyPairGenerator.java:703) >>> >>> [rt.jar:1.8.0_111] >>> >>> at sun.security.ssl.ECDHCrypt.<init>(ECDHCrypt.java:64) >>> >>> [jsse.jar:1.8.0_111] >>> >>> at >>> >>> sun.security.ssl.ServerHandshaker.setupEphemeralECDHKeys(ServerHandshaker.java:1432) >>> >>> [jsse.jar:1.8.0_111] >>> >>> at >>> >>> sun.security.ssl.ServerHandshaker.trySetCipherSuite(ServerHandshaker.java:1219) >>> >>> [jsse.jar:1.8.0_111] >>> >>> at >>> >>> sun.security.ssl.ServerHandshaker.chooseCipherSuite(ServerHandshaker.java:1023) >>> >>> [jsse.jar:1.8.0_111] >>> >>> at >>> >>> sun.security.ssl.ServerHandshaker.clientHello(ServerHandshaker.java:738) >>> >>> [jsse.jar:1.8.0_111] >>> >>> at >>> >>> sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:221) >>> >>> [jsse.jar:1.8.0_111] >>> >>> at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979) >>> >>> [jsse.jar:1.8.0_111] >>> >>> at sun.security.ssl.Handshaker$1.run(Handshaker.java:919) >>> >>> [jsse.jar:1.8.0_111] >>> >>> at sun.security.ssl.Handshaker$1.run(Handshaker.java:916) >>> >>> [jsse.jar:1.8.0_111] >>> >>> at java.security.AccessController.doPrivileged(Native Method) >>> >>> [rt.jar:1.8.0_111] >>> >>> at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1369) >>> >>> [jsse.jar:1.8.0_111] >>> >>> at io.undertow.protocols.ssl.SslConduit$5.run(SslConduit.java:1023) >>> >>> at >>> >>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) >>> >>> [rt.jar:1.8.0_111] >>> >>> at >>> >>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) >>> >>> [rt.jar:1.8.0_111] >>> >>> at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_111] >>> >>> Caused by: java.lang.NegativeArraySizeException >>> >>> at sun.security.ec.ECKeyPairGenerator.generateECKeyPair(Native Method) >>> >>> at >>> >>> sun.security.ec.ECKeyPairGenerator.generateKeyPair(ECKeyPairGenerator.java:128) >>> >>> ... 16 more >>> >>> >>> >>> Are we aware of the issue? Is there any workaround? >>> >>> >>> >>> I am using fedora 24 with all recent updates applied. >>> >>> >>> >>> Thanks, >>> >>> Piotr >>> >>> >>> >>> >>> >>> >>> >>> _______________________________________________ >>> >>> Devel mailing list >>> >>> [email protected] >>> >>> http://lists.ovirt.org/mailman/listinfo/devel >>> >>> >>> >> >> >> _______________________________________________ Devel mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/devel
