Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

8300939: sun/security/provider/certpath/OCSP/OCSPNoContentLength.java fails due to network errors #12370

Closed
wants to merge 11 commits into from

Conversation

jnimeh
Copy link
Member

@jnimeh jnimeh commented Feb 1, 2023

Hello all,

This addresses a test bug where the SimpleOCSPServer would reset the connections made by a client CertPathValidator. I've made some minor changes to how the network data is read and sent from OCSP HTTP GET URLs and on responses, respectively. This will take the test off the problem list as well.

This has been taken through hundreds of test runs and does not see the failure any longer where there used to be intermittent failures. Also multiple tier2 runs have been executed with no failures.


Progress

  • Change must be properly reviewed (1 review required, with at least 1 Reviewer)
  • Change must not contain extraneous whitespace
  • Commit message must refer to an issue

Issue

  • JDK-8300939: sun/security/provider/certpath/OCSP/OCSPNoContentLength.java fails due to network errors

Reviewers

Reviewing

Using git

Checkout this PR locally:
$ git fetch https://git.openjdk.org/jdk pull/12370/head:pull/12370
$ git checkout pull/12370

Update a local copy of the PR:
$ git checkout pull/12370
$ git pull https://git.openjdk.org/jdk pull/12370/head

Using Skara CLI tools

Checkout this PR locally:
$ git pr checkout 12370

View PR using the GUI difftool:
$ git pr show -t 12370

Using diff file

Download this PR as a diff file:
https://git.openjdk.org/jdk/pull/12370.diff

@jnimeh
Copy link
Member Author

jnimeh commented Feb 1, 2023

/label security

@jnimeh
Copy link
Member Author

jnimeh commented Feb 1, 2023

/issue 8300939

@bridgekeeper
Copy link

bridgekeeper bot commented Feb 1, 2023

👋 Welcome back jnimeh! A progress list of the required criteria for merging this PR into master will be added to the body of your pull request. There are additional pull request commands available for use with this pull request.

@openjdk openjdk bot added rfr Pull request is ready for review security security-dev@openjdk.org labels Feb 1, 2023
@openjdk
Copy link

openjdk bot commented Feb 1, 2023

@jnimeh
The security label was successfully added.

@openjdk
Copy link

openjdk bot commented Feb 1, 2023

@jnimeh This issue is referenced in the PR title - it will now be updated.

@mlbridge
Copy link

mlbridge bot commented Feb 1, 2023

Webrevs

Copy link
Contributor

@mcpowers mcpowers left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's not clear to me what is causing this test failure, but your fix is to drain the input stream and flush the output?

@@ -56,7 +56,7 @@ public class OCSPNoContentLength {
static String EE_ALIAS = "endentity";

// Enable debugging for additional output
static final boolean debug = false;
static final boolean debug = true;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you intend to leave this true?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, I would like to leave this in the off chance this does rear its ugly head again. I've done hundreds upon hundreds of iterations of this test both by itself and as part of tier2 runs and no failures occur. If it did fail though, I'd like to have the extra logging. It doesn't add very much to the output, but the info is useful.

@jnimeh
Copy link
Member Author

jnimeh commented Feb 3, 2023

It's not clear to me what is causing this test failure, but your fix is to drain the input stream and flush the output?

Yes, that's the gist of it. I didn't realize originally that I was leaving unread data in the input stream, so draining that and making sure everything was flushed definitely improved things. The other changes were just minor extras (additional logging, etc.) that made sense while I was in this class.

@openjdk
Copy link

openjdk bot commented Feb 17, 2023

@jnimeh this pull request can not be integrated into master due to one or more merge conflicts. To resolve these merge conflicts and update this pull request you can run the following commands in the local repository for your personal fork:

git checkout JDK-8300939
git fetch https://git.openjdk.org/jdk master
git merge FETCH_HEAD
# resolve conflicts and follow the instructions given by git merge
git commit -m "Merge master"
git push

@openjdk openjdk bot added the merge-conflict Pull request has merge conflict with target branch label Feb 17, 2023
Copy link
Member

@djelinski djelinski left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Draining the input stream is the right fix.

@openjdk openjdk bot removed the rfr Pull request is ready for review label Mar 14, 2023
@openjdk openjdk bot added rfr Pull request is ready for review and removed merge-conflict Pull request has merge conflict with target branch labels Mar 14, 2023
Copy link
Contributor

@wangweij wangweij left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks fine. Just one comment.

private static String dumpHexBytes(byte[] data, int itemsPerLine,
String lineDelim, String itemDelim) {
private static String dumpHexBytes(byte[] data, int dataLen,
int itemsPerLine, String lineDelim, String itemDelim) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You always call with dataLen = data.length. Is it still necessary to add this argument?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, I would prefer to keep this. I made the change in order to help me debug draining the input stream and I felt it prudent to leave it in place, along with the main test's debug flag just in case.

@openjdk
Copy link

openjdk bot commented Mar 14, 2023

@jnimeh This change now passes all automated pre-integration checks.

ℹ️ This project also has non-automated pre-integration requirements. Please see the file CONTRIBUTING.md for details.

After integration, the commit message for the final commit will be:

8300939: sun/security/provider/certpath/OCSP/OCSPNoContentLength.java fails due to network errors

Reviewed-by: djelinski, weijun

You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed.

At the time when this comment was updated there had been 1 new commit pushed to the master branch:

  • c466cdf: 8299546: C2: MulLNode::mul_ring() wrongly returns bottom type due to casting errors with large numbers

Please see this link for an up-to-date comparison between the source branch of this pull request and the master branch.
As there are no conflicts, your changes will automatically be rebased on top of these commits when integrating. If you prefer to avoid this automatic rebasing, please check the documentation for the /integrate command for further details.

➡️ To integrate this PR with the above commit message to the master branch, type /integrate in a new comment.

@openjdk openjdk bot added the ready Pull request is ready to be integrated label Mar 14, 2023
@jnimeh
Copy link
Member Author

jnimeh commented Mar 14, 2023

/integrate

@openjdk
Copy link

openjdk bot commented Mar 14, 2023

Going to push as commit da044dd.
Since your change was applied there has been 1 commit pushed to the master branch:

  • c466cdf: 8299546: C2: MulLNode::mul_ring() wrongly returns bottom type due to casting errors with large numbers

Your commit was automatically rebased without conflicts.

@openjdk openjdk bot added the integrated Pull request has been integrated label Mar 14, 2023
@openjdk openjdk bot closed this Mar 14, 2023
@openjdk openjdk bot removed ready Pull request is ready to be integrated rfr Pull request is ready for review labels Mar 14, 2023
@openjdk
Copy link

openjdk bot commented Mar 14, 2023

@jnimeh Pushed as commit da044dd.

💡 You may see a message that your pull request was closed with unmerged commits. This can be safely ignored.

@jnimeh jnimeh deleted the JDK-8300939 branch December 12, 2023 19:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
integrated Pull request has been integrated security security-dev@openjdk.org
Development

Successfully merging this pull request may close these issues.

4 participants