More:
You can see that I simply added "-keyalg rsa". Most of these tests are
not designed to test on any algorithm, instead, they test various
functions/commands of the tool. Maybe this change will reveal some RSA
problems. Who knows? :)
(I admit if it really finds out any, I don't know what my next change
should be)
For a few tests that do test key algorithms, I have not changed them.
For example, in KeyToolTest.java, some lines check the matching of
-keyalg and -sigalg. Those still have a chance to fail on Solaris but I
haven't removed them.
Thanks
Max
On 08/31/2011 04:23 PM, Weijun Wang wrote:
My personal view was not faraway from yours -- I am not so frightened by
test failures.
However, zero tolerance of any test failure is becoming a common sense
of the team and the whole JPG [1]. Evaluating test failures is consuming
too much time for both release engineers, SQE and us. Especially in this
case, other people might not easily find out it's the Solaris DSA bug
that causes the failure.
Therefore, my current opinion is that once the reason of a test failure
is known, we should take actions immediately. Either fix it if we can,
or fix the test (or problem list it) if we cannot fix the bug. There is
no benefit in leaving them there making noises from time to time.
In this case, I certainly do not want to add all of them to problems
list. Also, since the changeset is there, we always have a chance to
backout the changes when we want to bring the old tests back.
In fact, if you are worried that changing the tests might hide the bug,
I can add a new test that detects this bug. I'll make sure the test
always fails on Solaris.
Thanks
Max
[1] http://wiki.se.oracle.com/display/JPG/Home
On 08/30/2011 10:36 PM, Xuelei Fan wrote:
The update, in both open and closed repositories, looks fine to me.
However, the following reason cannot convince me of the necessity to
make the change.
Because of the Solaris DSA bug described in 7041639, we keep seeing
tests generating DSA key pairs failing. Therefore I'm changing most
keypair generation to use RSA instead.
Most of the updated tests using the default key algorithm ("DSA"). I'm
thinking, shall we replace "RSA" back with "DSA" again when there is a
RSA bug in the native libraries in the future? It may be not a good
choice to cut the tests to fit problematic platform. These tests are
also very good test to find the potential problems, right? When we
change the test to be able to passed on all platform, the test may lost
it function to find potential issues partially.
Just my very personal view.
Thanks,
Xuelei
On 8/30/2011 8:26 PM, Weijun Wang wrote:
Hi All
7081411: Change more keytool -genkeypair to RSA
http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7081411
Webrev at http://cr.openjdk.java.net/~weijun/7081411/webrev.01/
Because of the Solaris DSA bug described in 7041639, we keep seeing
tests generating DSA key pairs failing. Therefore I'm changing most
keypair generation to use RSA instead.
In all code changes, KeyToolTest.java is called by standard.sh, which
makes so many "keytool -genkeypair" calls that I decide to add "-keysize
512" to make it fast. Please note that in this test there are still
explicit calls to "-genkeypair -keyalg dsa". These still have a chance
to fail on Solaris, but I like to keep them there to make the test
complete.
Code changes in the closed repo will be sent in another mail.
Thanks
Max
