[jira] [Commented] (DERBY-6998) Make it possible to build Derby cleanly using JDK 10

Rick Hillegas (JIRA) Tue, 02 Oct 2018 13:16:19 -0700


    [ 
https://issues.apache.org/jira/browse/DERBY-6998?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16636065#comment-16636065
 ]


Rick Hillegas commented on DERBY-6998:
--------------------------------------

Attaching sslHandshake.tar. The is a compact repro for the failure in SSLTest 
which is seen when you run under JDK 11. To reproduce the problem, unpack the 
tarball, cd to the root directory where you unpacked it, and following the 
instructions in the README file. Those instructions follow:

SSL handshake succeeds under JDK 9 but not under JDK 11.

To reproduce the bug, do the following:

1) Cd to the directory where you unpacked this tarball.

2) Set your environment to use JDK 9.

3) Build the program as follows:

{noformat}
   ant jar
{noformat}

4) Now run the program successfully under JDK 9:

{noformat}
   ant runClientAndServer
{noformat}

5) Now switch your environment to use JDK 11.

6) Observe that the program fails under JDK 11:

{noformat}
   ant runClientAndServer
{noformat}


Here is the successful output of the program under JDK 9:

{noformat}
     [java] Startup args = [startServer, startClient]
     [java] ServerThread starting...
     [java] Host address = localhost/127.0.0.1
     [java] ClientThread starting...
     [java] Host address = localhost/127.0.0.1
     [java] ServerThread successfully accepted connection request 0
     [java] ClientThread initiating handshake...
     [java] Hooray! Successfully shook the server's hand!
     [java] ClientThread exiting...
     [java] ServerThread read 'Hello, world!' from the socket!
     [java] ServerThread exiting...
{noformat}

Here is the output of the failed run under JDK 11:

{noformat}
     [java] Startup args = [startServer, startClient]
     [java] ServerThread starting...
     [java] Host address = localhost/127.0.0.1
     [java] ClientThread starting...
     [java] Host address = localhost/127.0.0.1
     [java] ServerThread successfully accepted connection request 0
     [java] ClientThread initiating handshake...
     [java] Oops! Handshake failed!
     [java] Oops! Socket failed!javax.net.ssl.SSLHandshakeException: Received 
fatal alert: handshake_failure
     [java] 
     [java] ClientThread exiting...
     [java]     at 
java.base/sun.security.ssl.Alert.createSSLException(Alert.java:128)
     [java] ServerThread exiting...
     [java]     at 
java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
     [java]     at 
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:308)
     [java]     at 
java.base/sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:279)
     [java]     at 
java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:181)
     [java]     at 
java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:164)
     [java]     at 
java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1152)
     [java]     at 
java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1063)
     [java]     at 
java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402)
     [java]     at tests.Test$ClientThread.run(Test.java:141)
     [java] javax.net.ssl.SSLHandshakeException: No available authentication 
scheme
     [java]     at 
java.base/sun.security.ssl.Alert.createSSLException(Alert.java:128)
     [java]     at 
java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
     [java]     at 
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:308)
     [java]     at 
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:264)
     [java]     at 
java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:255)
     [java]     at 
java.base/sun.security.ssl.CertificateMessage$T13CertificateProducer.onProduceCertificate(CertificateMessage.java:945)
     [java]     at 
java.base/sun.security.ssl.CertificateMessage$T13CertificateProducer.produce(CertificateMessage.java:934)
     [java]     at 
java.base/sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:436)
     [java]     at 
java.base/sun.security.ssl.ClientHello$T13ClientHelloConsumer.goServerHello(ClientHello.java:1189)
     [java]     at 
java.base/sun.security.ssl.ClientHello$T13ClientHelloConsumer.consume(ClientHello.java:1125)
     [java]     at 
java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.onClientHello(ClientHello.java:831)
     [java]     at 
java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.consume(ClientHello.java:792)
     [java]     at 
java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
     [java]     at 
java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:444)
     [java]     at 
java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:421)
     [java]     at 
java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:178)
     [java]     at 
java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:164)
     [java]     at 
java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1152)
     [java]     at 
java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1063)
     [java]     at 
java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402)
     [java]     at 
java.base/sun.security.ssl.SSLSocketImpl.ensureNegotiated(SSLSocketImpl.java:716)
     [java]     at 
java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:799)
     [java]     at tests.Test$ServerThread.run(Test.java:105)
{noformat}

----------------------------------------

The keystore/SSLTestServerKey.key file was generated as follows, using the JDK 
9 keytool
program:

{noformat}
keystore (1.9) > keytool -keystore SSLTestServerKey.key -genkey -alias mykey 
-startdate 2018/06/01 -validity 365000
keytool -keystore SSLTestServerKey.key -genkey -alias mykey -startdate 
2018/06/01 -validity 365000
Enter keystore password:  qwerty

Re-enter new password: 
What is your first and last name?
  [Unknown]:  Rick Hillegas
Rick Hillegas
What is the name of your organizational unit?
  [Unknown]:  Apache Derby
Apache Derby
What is the name of your organization?
  [Unknown]:  Apache Derby
Apache Derby
What is the name of your City or Locality?
  [Unknown]:  San Francisco
San Francisco
What is the name of your State or Province?
  [Unknown]:  California
California
What is the two-letter country code for this unit?
  [Unknown]:  US
US
Is CN=Rick Hillegas, OU=Apache Derby, O=Apache Derby, L=San Francisco, 
ST=California, C=US correct?
  [no]:  yes
yes
{noformat}

> Make it possible to build Derby cleanly using JDK 10
> ----------------------------------------------------
>
>                 Key: DERBY-6998
>                 URL: https://issues.apache.org/jira/browse/DERBY-6998
>             Project: Derby
>          Issue Type: Bug
>          Components: Build tools
>    Affects Versions: 10.15.0.0
>            Reporter: Rick Hillegas
>            Priority: Major
>         Attachments: derby-6998-01-ab-tightenReturnType.diff, 
> derby-6998-02-aa-supportForJDK11.diff, 
> derby-6998-03-aa-reenableEncryptionTestsOnJDK11.diff, sslHandshake.tar
>
>
> When I build Derby using JDK 10, I get the following warning:
> {noformat}
>     [javac] 
> /Users/rhillegas/derby/mainline/trunk/java/engine/org/apache/derby/iapi/types/SqlXmlUtil.java:728:
>  warning: [unchecked] getPrefixes(String) in NullNamespaceContext implements 
> getPrefixes(String) in NamespaceContext
>     [javac]         public Iterator getPrefixes(String namespaceURI) {
>     [javac]                         ^
>     [javac]   return type requires unchecked conversion from Iterator to 
> Iterator<String>
>     [javac] 1 warning
> {noformat}
> I will clean this up.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (DERBY-6998) Make it possible to build Derby cleanly using JDK 10

Reply via email to