On 9/15/2016 9:45 AM, Artem Smotrakov wrote:
Well, in this particular case it's not clear that it has the same issue
with free port (at least to me). The exception occurred on client side,
so it's not the case where we don't know where the handshake came from.
;-) Yeh, you catch the point. But
Well, in this particular case it's not clear that it has the same issue
with free port (at least to me). The exception occurred on client side,
so it's not the case where we don't know where the handshake came from.
I can make this enhancement, but like I said I don't think it's going to
On 9/15/2016 9:36 AM, Wang Weijun wrote:
I see. But krb5 cipher suites is just a very small part of TLS. Maybe we can
tweak the tests a little so that they can work without JGSS.
Agreed. I don't like the dependence, too. Let's consider an
enhancement later in a separate enhancement.
On 9/15/2016 9:23 AM, Artem Smotrakov wrote:
Hi Xuelei,
For this one, I am not sure that it would help here since the test
failed after it already had started handshaking.
It has the same issue as a free-port is used. We don't actually know
the handshake is coming from the right client.
I see. But krb5 cipher suites is just a very small part of TLS. Maybe we can
tweak the tests a little so that they can work without JGSS.
I am fine with the change at the moment.
Thanks
Max
> On Sep 15, 2016, at 7:39 AM, Xuelei Fan wrote:
>
> I did some research
Hi Xuelei,
For this one, I am not sure that it would help here since the test
failed after it already had started handshaking. I would prefer to have
it as a separate enhancement.
Artem
On 09/14/2016 06:19 PM, Xuelei Fan wrote:
As you were already there, I would suggest to consider the
As you were already there, I would suggest to consider the
SSLSocketSample.java template as the comment in JDK-8163924 review thread.
Thanks,
Xuelei
On 9/15/2016 9:13 AM, Artem Smotrakov wrote:
Not urgent, but I would appreciate if someone can get a chance to look
at this.
Artem
On
Not urgent, but I would appreciate if someone can get a chance to look
at this.
Artem
On 09/07/2016 03:17 PM, Artem Smotrakov wrote:
Sending to net-...@openjdk.java.net as well.
Artem
On 09/07/2016 12:28 PM, Artem Smotrakov wrote:
Hello,
Please review the following patch for
Hi Xuelei,
Sure, I am fine to use the approach which is implemented in
SSLSocketSample.java. But please note that
SSLEngineBadBufferArrayAccess.java test uses ServerSocket+SSEngine on
server side, so I applied the approach from SSLSocketSample.java to the
test:
Hi,
Please review this fix:
http://cr.openjdk.java.net/~xuelei/8146600/webrev.00/
The Normalizer.Form.NFKD is used to normalize attribute-value assertion
in X.509 certificate processing. The normalizer may convert some UTF-8
character into ASCII code. For example, ","(two bytes) will be
I did some research yesterday. The "/javax/net/ssl/TLSCommon" lib
depends on krb5. For example, BufferOverflowUnderflowTest need to set
up KDC and test krb5 cipher suites.
Xuelei
On 9/15/2016 6:21 AM, Wang Weijun wrote:
Confusing. This does not show why jgss is needed. I'll do some
Confusing. This does not show why jgss is needed. I'll do some investigation.
Thanks
Max
> 在 2016年9月14日,23:57,Sergei Kovalev 写道:
>
> java.lang.module.ResolutionException: Module java.naming not found, required
> by java.security.jgss
Thanks for the information. It would be very useful if you could add
that additional information as an example into the bug report for future
reference.
--Sean
On 09/14/2016 11:26 AM, Sergei Kovalev wrote:
Hi Sean,
I'm working for testing minimal JRE image. If I create custom JRE with
Answered in other thread
14.09.16 18:54, Wang Weijun wrote:
Sorry I was thinking about another bug on TLS tests -- 8166032. What
exception is thrown there if the jgss module is missing?
Thanks
Max
在 2016年9月14日,23:44,Wang Weijun > 写道:
here it is an example
jtreg -verbose:all -jdk /home/skovalev/TRASH/jdk-9
-javaoptions:"--limit-modules java.base"
/home/skovalev/repos/jdk9-dev/jdk/test/javax/net/ssl/TLSv11/TLSHandshakeTest.java
STDOUT:
Error occurred during initialization of VM
java.lang.module.ResolutionException:
Sorry I was thinking about another bug on TLS tests -- 8166032. What exception
is thrown there if the jgss module is missing?
Thanks
Max
> 在 2016年9月14日,23:44,Wang Weijun 写道:
>
> The example shows jdk.crypto.pkcs11 is needed, but I still don't know why
>
The example shows jdk.crypto.pkcs11 is needed, but I still don't know why
java.security.jgss is. Can you give another example where jgss must be present?
Thanks
Max
> 在 2016年9月14日,23:26,Sergei Kovalev 写道:
>
> Hi Sean,
>
> I'm working for testing minimal JRE image.
Hi Sean,
I'm working for testing minimal JRE image. If I create custom JRE with
java.base only - the tests fail. To emulate such behavior we can use
"--limit-modules java.base" option. In case if we have no module
declaration in tests header the test fails with, e.g. ClassNotFound
exception
Looks fine to me, but can you explain in more detail why the extra
dependencies are needed, or an example using --limit-modules? These
tests are not failing regularly now, so when do the missing dependencies
cause failures?
Thanks,
Sean
On 09/13/2016 08:34 AM, Sergei Kovalev wrote:
Hello
OK. Looks fine to me.
Thanks,
Xuelei
On 9/14/2016 9:58 PM, Sergei Kovalev wrote:
Hi Xuelei,
I discovered 53 tests in javax/net/ssl folder that refer to
/sun/security/krb5/auto. In general it is about 10 unique tests. All the
tests depends on KDC class. In other places the tests repeated with
14.09.16 16:56, Wang Weijun wrote:
I also have no idea why these are needed:
+ * @modules java.security.jgss
+ * jdk.security.auth
Do the test uses KRB5-related cipher suites?
The tests using /sun/security/krb5/auto. Looks like it is the root cause.
Thanks
Max
On Sep 14, 2016,
Hi Xuelei,
I discovered 53 tests in javax/net/ssl folder that refer to
/sun/security/krb5/auto. In general it is about 10 unique tests. All the
tests depends on KDC class. In other places the tests repeated with
different set of environment variable. e.g.
"-Dtest.security.protocol=TLSv1.1",
I also have no idea why these are needed:
+ * @modules java.security.jgss
+ * jdk.security.auth
Do the test uses KRB5-related cipher suites?
Thanks
Max
> On Sep 14, 2016, at 8:54 PM, Xuelei Fan wrote:
>
> Hi Sergei,
>
> Thanks for the update. The fix looks
Hi Sergei,
Thanks for the update. The fix looks fine to me. However, I'm not sure
why some tests need the "/sun/security/krb5/auto" libraries and the
related modules. As you were already there, would you mind help to test
whether the "/sun/security/krb5/auto" library can be removed for
Hello Team,
Could you please review below fix for
Bug ID: https://bugs.openjdk.java.net/browse/JDK-8166032
Code review: http://cr.openjdk.java.net/~skovalev/8166032/webrev.00/
Issue: The test should be able to pass or skipped by JTreg test suite if
required modules have not been included in
I see PKCS11 tests fail on my Windows 10 after JDK-8165946 [1]. After
discussing with John (who worked on the bug) I found my NSS DLLs do not
have the execute permission bit and his have.
Mine is -rw-r--r--, and his is -rwxrwx---+.
I am using cygwin on Windows 10 64-bit, and I use hg inside
After some thinking, I am OK with the change now. Please remove the keyword.
Thanks
Max
On 9/13/2016 19:11, Weijun Wang wrote:
Is there a criteria on when to add and when to remove this keyword? Due
to the characteristics (timeout, ICMP) of these tests, they still have a
chance to fail.
If we
Hi,
On 2016/9/14 14:59, Weijun Wang wrote:
Hi John
I just noticed this webrev request.
After syncing with jdk9/dev, the PKCS11 tests still fail on my 64-bit
Windows 10 machine. I had always thought [1] the failure is due to the
DLLs without the executable bit. In fact, after I chmod a+x
Hi John
I just noticed this webrev request.
After syncing with jdk9/dev, the PKCS11 tests still fail on my 64-bit
Windows 10 machine. I had always thought [1] the failure is due to the
DLLs without the executable bit. In fact, after I chmod a+x them, the
tests pass.
How did you confirm
29 matches
Mail list logo