You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cloudstack.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2015/08/28 12:29:45 UTC
[jira] [Commented] (CLOUDSTACK-8783) MockServerTest fail on Ubuntu
12.04 if kerberos is not configured
[ https://issues.apache.org/jira/browse/CLOUDSTACK-8783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14718331#comment-14718331 ]
ASF GitHub Bot commented on CLOUDSTACK-8783:
--------------------------------------------
GitHub user ustcweizhou opened a pull request:
https://github.com/apache/cloudstack/pull/759
CLOUDSTACK-8783: specify ciphersuite SSL_DH_anon_WITH_3DES_EDE_CBC_SHA in MockServerTest.java
The ciphersuite could be different on os.
Sometimes the MockServerTest fails due to the ciphersuite does not work (for instance misconfiguration).
SSL_DH_anon_WITH_3DES_EDE_CBC_SHA has 168-bit encryption and anonymous auth, which is suitable for SSL testing.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/ustcweizhou/cloudstack CLOUDSTACK-8783
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/cloudstack/pull/759.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #759
----
commit 0f70833dd82ac6953f2aab4a9d1bf7d3eea9bf1d
Author: Wei Zhou <w....@tech.leaseweb.com>
Date: 2015-08-28T10:25:00Z
CLOUDSTACK-8783: specify ciphersuite SSL_DH_anon_WITH_3DES_EDE_CBC_SHA in MockServerTest.java
----
> MockServerTest fail on Ubuntu 12.04 if kerberos is not configured
> -----------------------------------------------------------------
>
> Key: CLOUDSTACK-8783
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8783
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the default.)
> Affects Versions: 4.6.0
> Reporter: Wei Zhou
> Assignee: Wei Zhou
> Fix For: 4.6.0
>
>
> project services/console-proxy-rdp/rdpconsole build failed in the testing on Ubuntu 12.04 with the following error message
> -------------------------------------------------------
> T E S T S
> -------------------------------------------------------
> Running common.ClientTest
> Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.144 sec - in common.ClientTest
> Running streamer.ByteBufferTest
> Tests run: 400, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.241 sec - in streamer.ByteBufferTest
> Running streamer.BaseElementTest
> Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0 sec - in streamer.BaseElementTest
> Running rdpclient.MockServerTest
> Error in mock server: Received fatal alert: unexpected_message
> javax.net.ssl.SSLException: Received fatal alert: unexpected_message
> at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
> at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
> at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1991)
> at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1098)
> at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1344)
> at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1371)
> at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1355)
> at streamer.debug.MockServer.run(MockServer.java:123)
> at java.lang.Thread.run(Thread.java:745)
> Tests run: 2, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 0.478 sec <<< FAILURE! - in rdpclient.MockServerTest
> testIsMockServerCanUpgradeConnectionToSsl(rdpclient.MockServerTest) Time elapsed: 0.474 sec <<< ERROR!
> java.io.IOException: Failed to find any kerberos service ticket for host/buildbox@buildbox
> at sun.security.ssl.krb5.KerberosClientKeyExchangeImpl.getServiceTicket(KerberosClientKeyExchangeImpl.java:338)
> at sun.security.ssl.krb5.KerberosClientKeyExchangeImpl.init(KerberosClientKeyExchangeImpl.java:112)
> at sun.security.ssl.KerberosClientKeyExchange.init(KerberosClientKeyExchange.java:122)
> at sun.security.ssl.KerberosClientKeyExchange.<init>(KerberosClientKeyExchange.java:80)
> at sun.security.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:963)
> at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:345)
> at sun.security.ssl.Handshaker.processLoop(Handshaker.java:901)
> at sun.security.ssl.Handshaker.process_record(Handshaker.java:837)
> at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1035)
> at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1344)
> at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1371)
> at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1355)
> at rdpclient.MockServerTest.testIsMockServerCanUpgradeConnectionToSsl(MockServerTest.java:167)
> However , it succeed on CentOS 6.5
> After enabling the debug, the cipher of SSL are different on CentOS 6.X and Ubuntu 12.04.
> CentOS 6.5:
> %% Initialized: [Session-1, SSL_NULL_WITH_NULL_NULL]
> %% Negotiating: [Session-1, TLS_DH_anon_WITH_AES_256_CBC_SHA]
> Ubuntu 12.04:
> %% Initialized: [Session-1, SSL_NULL_WITH_NULL_NULL]
> %% Negotiating: [Session-1, TLS_KRB5_WITH_3DES_EDE_CBC_MD5]
> this is fixed by specifying the cipher in MockServerTest.java
> sslSocket.setEnabledCipherSuites(new String[] { "TLS_DH_anon_WITH_AES_256_CBC_SHA" });
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)