[jira] [Commented] (CLOUDSTACK-8783) MockServerTest fail on Ubuntu 12.04 if kerberos is not configured

Fri, 28 Aug 2015 03:30:09 -0700 

    [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-8783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14718331#comment-14718331
 ] 

ASF GitHub Bot commented on CLOUDSTACK-8783:
--------------------------------------------

GitHub user ustcweizhou opened a pull request:

    https://github.com/apache/cloudstack/pull/759

    CLOUDSTACK-8783: specify ciphersuite SSL_DH_anon_WITH_3DES_EDE_CBC_SHA in 
MockServerTest.java

    The ciphersuite could be different on os. 
    Sometimes the MockServerTest fails due to the ciphersuite does not work 
(for instance misconfiguration).
    SSL_DH_anon_WITH_3DES_EDE_CBC_SHA has 168-bit encryption and anonymous 
auth, which is suitable for SSL testing.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/ustcweizhou/cloudstack CLOUDSTACK-8783

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/cloudstack/pull/759.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #759
    
----
commit 0f70833dd82ac6953f2aab4a9d1bf7d3eea9bf1d
Author: Wei Zhou <w.z...@tech.leaseweb.com>
Date:   2015-08-28T10:25:00Z

    CLOUDSTACK-8783: specify ciphersuite SSL_DH_anon_WITH_3DES_EDE_CBC_SHA in 
MockServerTest.java

----


> MockServerTest fail on Ubuntu 12.04 if kerberos is not configured
> -----------------------------------------------------------------
>
>                 Key: CLOUDSTACK-8783
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8783
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>    Affects Versions: 4.6.0
>            Reporter: Wei Zhou
>            Assignee: Wei Zhou
>             Fix For: 4.6.0
>
>
> project services/console-proxy-rdp/rdpconsole build failed in the testing on 
> Ubuntu 12.04  with the following error message
> -------------------------------------------------------
>  T E S T S
> -------------------------------------------------------
> Running common.ClientTest
> Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.144 sec - 
> in common.ClientTest
> Running streamer.ByteBufferTest
> Tests run: 400, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.241 sec - 
> in streamer.ByteBufferTest
> Running streamer.BaseElementTest
> Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0 sec - in 
> streamer.BaseElementTest
> Running rdpclient.MockServerTest
> Error in mock server: Received fatal alert: unexpected_message
> javax.net.ssl.SSLException: Received fatal alert: unexpected_message
>         at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
>         at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
>         at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1991)
>         at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1098)
>         at 
> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1344)
>         at 
> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1371)
>         at 
> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1355)
>         at streamer.debug.MockServer.run(MockServer.java:123)
>         at java.lang.Thread.run(Thread.java:745)
> Tests run: 2, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 0.478 sec <<< 
> FAILURE! - in rdpclient.MockServerTest
> testIsMockServerCanUpgradeConnectionToSsl(rdpclient.MockServerTest)  Time 
> elapsed: 0.474 sec  <<< ERROR!
> java.io.IOException: Failed to find any kerberos service ticket for 
> host/buildbox@buildbox
>         at 
> sun.security.ssl.krb5.KerberosClientKeyExchangeImpl.getServiceTicket(KerberosClientKeyExchangeImpl.java:338)
>         at 
> sun.security.ssl.krb5.KerberosClientKeyExchangeImpl.init(KerberosClientKeyExchangeImpl.java:112)
>         at 
> sun.security.ssl.KerberosClientKeyExchange.init(KerberosClientKeyExchange.java:122)
>         at 
> sun.security.ssl.KerberosClientKeyExchange.<init>(KerberosClientKeyExchange.java:80)
>         at 
> sun.security.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:963)
>         at 
> sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:345)
>         at sun.security.ssl.Handshaker.processLoop(Handshaker.java:901)
>         at sun.security.ssl.Handshaker.process_record(Handshaker.java:837)
>         at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1035)
>         at 
> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1344)
>         at 
> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1371)
>         at 
> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1355)
>         at 
> rdpclient.MockServerTest.testIsMockServerCanUpgradeConnectionToSsl(MockServerTest.java:167)
> However , it succeed on CentOS 6.5
> After enabling the debug, the cipher of SSL are different on CentOS 6.X and 
> Ubuntu 12.04.
>     CentOS 6.5:
>     %% Initialized:  [Session-1, SSL_NULL_WITH_NULL_NULL]
>     %% Negotiating:  [Session-1, TLS_DH_anon_WITH_AES_256_CBC_SHA]
>     Ubuntu 12.04:
>     %% Initialized:  [Session-1, SSL_NULL_WITH_NULL_NULL]
>     %% Negotiating:  [Session-1, TLS_KRB5_WITH_3DES_EDE_CBC_MD5]
> this is fixed by specifying the cipher in MockServerTest.java
> sslSocket.setEnabledCipherSuites(new String[] { 
> "TLS_DH_anon_WITH_AES_256_CBC_SHA" });



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to