[jira] [Commented] (SOLR-9028) fix bugs in (add sanity checks for) SSL clientAuth testing
[ https://issues.apache.org/jira/browse/SOLR-9028?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15294069#comment-15294069 ] ASF subversion and git services commented on SOLR-9028: --- Commit 9645d4213292121d2f011f5440684ea25d7beaa3 in lucene-solr's branch refs/heads/branch_6_0 from Chris Hostetter [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=9645d42 ] SOLR-9028: Fixed some test related bugs preventing SSL + ClientAuth from ever being tested (cherry picked from commit 791d1e7) Conflicts: solr/core/src/test/org/apache/solr/cloud/SSLMigrationTest.java solr/solrj/src/java/org/apache/solr/client/solrj/impl/HttpClientUtil.java solr/test-framework/src/java/org/apache/solr/SolrTestCaseJ4.java solr/test-framework/src/java/org/apache/solr/util/SSLTestConfig.java Conflicts: solr/core/src/test/org/apache/solr/cloud/TestMiniSolrCloudClusterSSL.java For branch_6_0: Since SOLR-8097 will land in 6.1, remove calls in TestMiniSolrCloudClusterSSL to SolrTestCaseJ4.getHttpSolrClient(). > fix bugs in (add sanity checks for) SSL clientAuth testing > -- > > Key: SOLR-9028 > URL: https://issues.apache.org/jira/browse/SOLR-9028 > Project: Solr > Issue Type: Bug >Reporter: Hoss Man >Assignee: Hoss Man > Fix For: 6.0.1, 6.1 > > Attachments: > SOLR-9028-branch_6_0-remove-httpclient-builder-method.patch, SOLR-9028.patch, > SOLR-9028.patch, SOLR-9028.patch, SOLR-9028.patch, SOLR-9028.patch, > SOLR-9028.patch, os.x.failure.txt > > > While looking into SOLR-8970 i realized there was a whole heap of problems > with how clientAuth was being handled in tests. Notably: it wasn't actaully > being used when the randomization selects it (aparently due to a copy/paste > mistake in SOLR-7166). But there are few other misc issues (improper usage > of sysprops overrides for tests, missuage of keystore/truststore in test > clients, etc..) > I'm working up a patch to fix all of this, and add some much needed tests to > *explicitly* verify both SSL and clientAuth that will include some "false > positive" verifications, and some "test the test" checks. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-9028) fix bugs in (add sanity checks for) SSL clientAuth testing
[ https://issues.apache.org/jira/browse/SOLR-9028?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15294071#comment-15294071 ] ASF subversion and git services commented on SOLR-9028: --- Commit fdd8d17af4e78ebb65159d74c5cb7a7d46bc2f80 in lucene-solr's branch refs/heads/branch_6_0 from Chris Hostetter [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=fdd8d17 ] SOLR-9028: Fix 2 SSL test related bugs... 1) SolrTestCaseJ4 should always reset the HttpClientConfigurer in afterClass, regardless of wether ssl was used (when SSL is not used, the active configurer explicitly excludes SSL) 2) HttpClientUtilTest.testSSLSystemProperties made no sense as written. setSSLSystemProperties() didn't have any effect on what was being tested, even if it was useful it would only have affected what keystore/truststore were used, not wether HTTPS was supported or not. > fix bugs in (add sanity checks for) SSL clientAuth testing > -- > > Key: SOLR-9028 > URL: https://issues.apache.org/jira/browse/SOLR-9028 > Project: Solr > Issue Type: Bug >Reporter: Hoss Man >Assignee: Hoss Man > Fix For: 6.0.1, 6.1 > > Attachments: > SOLR-9028-branch_6_0-remove-httpclient-builder-method.patch, SOLR-9028.patch, > SOLR-9028.patch, SOLR-9028.patch, SOLR-9028.patch, SOLR-9028.patch, > SOLR-9028.patch, os.x.failure.txt > > > While looking into SOLR-8970 i realized there was a whole heap of problems > with how clientAuth was being handled in tests. Notably: it wasn't actaully > being used when the randomization selects it (aparently due to a copy/paste > mistake in SOLR-7166). But there are few other misc issues (improper usage > of sysprops overrides for tests, missuage of keystore/truststore in test > clients, etc..) > I'm working up a patch to fix all of this, and add some much needed tests to > *explicitly* verify both SSL and clientAuth that will include some "false > positive" verifications, and some "test the test" checks. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-9028) fix bugs in (add sanity checks for) SSL clientAuth testing
[ https://issues.apache.org/jira/browse/SOLR-9028?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15265617#comment-15265617 ] ASF subversion and git services commented on SOLR-9028: --- Commit 8e8f6c1fa8b40dc6a7385551a79fdcdd240f5427 in lucene-solr's branch refs/heads/branch_6x from [~hossman_luc...@fucit.org] [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=8e8f6c1 ] SOLR-9028: Fix 2 SSL test related bugs... 1) SolrTestCaseJ4 should always reset the HttpClientConfigurer in afterClass, regardless of wether ssl was used (when SSL is not used, the active configurer explicitly excludes SSL) 2) HttpClientUtilTest.testSSLSystemProperties made no sense as written. setSSLSystemProperties() didn't have any effect on what was being tested, even if it was useful it would only have affected what keystore/truststore were used, not wether HTTPS was supported or not. > fix bugs in (add sanity checks for) SSL clientAuth testing > -- > > Key: SOLR-9028 > URL: https://issues.apache.org/jira/browse/SOLR-9028 > Project: Solr > Issue Type: Bug >Reporter: Hoss Man >Assignee: Hoss Man > Attachments: SOLR-9028.patch, SOLR-9028.patch, SOLR-9028.patch, > SOLR-9028.patch, SOLR-9028.patch, SOLR-9028.patch, os.x.failure.txt > > > While looking into SOLR-8970 i realized there was a whole heap of problems > with how clientAuth was being handled in tests. Notably: it wasn't actaully > being used when the randomization selects it (aparently due to a copy/paste > mistake in SOLR-7166). But there are few other misc issues (improper usage > of sysprops overrides for tests, missuage of keystore/truststore in test > clients, etc..) > I'm working up a patch to fix all of this, and add some much needed tests to > *explicitly* verify both SSL and clientAuth that will include some "false > positive" verifications, and some "test the test" checks. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-9028) fix bugs in (add sanity checks for) SSL clientAuth testing
[ https://issues.apache.org/jira/browse/SOLR-9028?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15264382#comment-15264382 ] Hoss Man commented on SOLR-9028: bq. Maybe SOLR-4509 will be backported to 6.x? If so, couldn't backporting this issue wait for that? That doesn't seem likely - it involves a lot of incompatible changes to the solrj level client APIs (completely eliminated HttpConfigurer for the new Builder stuff). I've already got the 6x changes for SOLR-9028 ready (just hammering tests locally) so i'd rather go ahead and commit so we have the tests in place -- if SOLR-4509 does get backported it should be fairly easy to just revert the 6x commits for this issue & re-merge the master commits. (I'll make a note to that effect in SOLR-4509 once i commit) > fix bugs in (add sanity checks for) SSL clientAuth testing > -- > > Key: SOLR-9028 > URL: https://issues.apache.org/jira/browse/SOLR-9028 > Project: Solr > Issue Type: Bug >Reporter: Hoss Man >Assignee: Hoss Man > Attachments: SOLR-9028.patch, SOLR-9028.patch, SOLR-9028.patch, > SOLR-9028.patch, SOLR-9028.patch, SOLR-9028.patch, os.x.failure.txt > > > While looking into SOLR-8970 i realized there was a whole heap of problems > with how clientAuth was being handled in tests. Notably: it wasn't actaully > being used when the randomization selects it (aparently due to a copy/paste > mistake in SOLR-7166). But there are few other misc issues (improper usage > of sysprops overrides for tests, missuage of keystore/truststore in test > clients, etc..) > I'm working up a patch to fix all of this, and add some much needed tests to > *explicitly* verify both SSL and clientAuth that will include some "false > positive" verifications, and some "test the test" checks. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-9028) fix bugs in (add sanity checks for) SSL clientAuth testing
[ https://issues.apache.org/jira/browse/SOLR-9028?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15264374#comment-15264374 ] ASF subversion and git services commented on SOLR-9028: --- Commit 7aecf344b15fb7f1a3136198ca590efd9eec7164 in lucene-solr's branch refs/heads/branch_6x from [~hossman_luc...@fucit.org] [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=7aecf34 ] SOLR-9028: Fixed some test related bugs preventing SSL + ClientAuth from ever being tested (cherry picked from commit 791d1e7) Conflicts: solr/core/src/test/org/apache/solr/cloud/SSLMigrationTest.java solr/solrj/src/java/org/apache/solr/client/solrj/impl/HttpClientUtil.java solr/test-framework/src/java/org/apache/solr/SolrTestCaseJ4.java solr/test-framework/src/java/org/apache/solr/util/SSLTestConfig.java > fix bugs in (add sanity checks for) SSL clientAuth testing > -- > > Key: SOLR-9028 > URL: https://issues.apache.org/jira/browse/SOLR-9028 > Project: Solr > Issue Type: Bug >Reporter: Hoss Man >Assignee: Hoss Man > Attachments: SOLR-9028.patch, SOLR-9028.patch, SOLR-9028.patch, > SOLR-9028.patch, SOLR-9028.patch, SOLR-9028.patch, os.x.failure.txt > > > While looking into SOLR-8970 i realized there was a whole heap of problems > with how clientAuth was being handled in tests. Notably: it wasn't actaully > being used when the randomization selects it (aparently due to a copy/paste > mistake in SOLR-7166). But there are few other misc issues (improper usage > of sysprops overrides for tests, missuage of keystore/truststore in test > clients, etc..) > I'm working up a patch to fix all of this, and add some much needed tests to > *explicitly* verify both SSL and clientAuth that will include some "false > positive" verifications, and some "test the test" checks. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-9028) fix bugs in (add sanity checks for) SSL clientAuth testing
[ https://issues.apache.org/jira/browse/SOLR-9028?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15264331#comment-15264331 ] ASF subversion and git services commented on SOLR-9028: --- Commit 48f2b2a3bbfacd5d2a6d2b395ab573305e8c6612 in lucene-solr's branch refs/heads/master from [~hossman_luc...@fucit.org] [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=48f2b2a ] SOLR-9028: relax the SSLHandshakeException expectation - in some platforms/java# diff IOExceptions are thrown > fix bugs in (add sanity checks for) SSL clientAuth testing > -- > > Key: SOLR-9028 > URL: https://issues.apache.org/jira/browse/SOLR-9028 > Project: Solr > Issue Type: Bug >Reporter: Hoss Man >Assignee: Hoss Man > Attachments: SOLR-9028.patch, SOLR-9028.patch, SOLR-9028.patch, > SOLR-9028.patch, SOLR-9028.patch, SOLR-9028.patch, os.x.failure.txt > > > While looking into SOLR-8970 i realized there was a whole heap of problems > with how clientAuth was being handled in tests. Notably: it wasn't actaully > being used when the randomization selects it (aparently due to a copy/paste > mistake in SOLR-7166). But there are few other misc issues (improper usage > of sysprops overrides for tests, missuage of keystore/truststore in test > clients, etc..) > I'm working up a patch to fix all of this, and add some much needed tests to > *explicitly* verify both SSL and clientAuth that will include some "false > positive" verifications, and some "test the test" checks. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-9028) fix bugs in (add sanity checks for) SSL clientAuth testing
[ https://issues.apache.org/jira/browse/SOLR-9028?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15263218#comment-15263218 ] Steve Rowe commented on SOLR-9028: -- bq. Working on backport now ... some significant changes in the HttpClient config stuff between 6x and master due to SOLR-4509, so this won't be trivial. Maybe SOLR-4509 will be backported to 6.x? If so, couldn't backporting this issue wait for that? > fix bugs in (add sanity checks for) SSL clientAuth testing > -- > > Key: SOLR-9028 > URL: https://issues.apache.org/jira/browse/SOLR-9028 > Project: Solr > Issue Type: Bug >Reporter: Hoss Man >Assignee: Hoss Man > Attachments: SOLR-9028.patch, SOLR-9028.patch, SOLR-9028.patch, > SOLR-9028.patch, SOLR-9028.patch, SOLR-9028.patch, os.x.failure.txt > > > While looking into SOLR-8970 i realized there was a whole heap of problems > with how clientAuth was being handled in tests. Notably: it wasn't actaully > being used when the randomization selects it (aparently due to a copy/paste > mistake in SOLR-7166). But there are few other misc issues (improper usage > of sysprops overrides for tests, missuage of keystore/truststore in test > clients, etc..) > I'm working up a patch to fix all of this, and add some much needed tests to > *explicitly* verify both SSL and clientAuth that will include some "false > positive" verifications, and some "test the test" checks. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-9028) fix bugs in (add sanity checks for) SSL clientAuth testing
[ https://issues.apache.org/jira/browse/SOLR-9028?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15262910#comment-15262910 ] Hoss Man commented on SOLR-9028: Note: one small diff between the last patch and this commit is that in the patch i had cranked up the odds of randomizing the trySslClientAuth boolean in in SolrTestCaseJ4 ... i dialed that back down to the existing odds before committing. Working on backport now ... some significant changes in the HttpClient config stuff between 6x and master due to SOLR-4509, so this won't be trivial. > fix bugs in (add sanity checks for) SSL clientAuth testing > -- > > Key: SOLR-9028 > URL: https://issues.apache.org/jira/browse/SOLR-9028 > Project: Solr > Issue Type: Bug >Reporter: Hoss Man >Assignee: Hoss Man > Attachments: SOLR-9028.patch, SOLR-9028.patch, SOLR-9028.patch, > SOLR-9028.patch, SOLR-9028.patch, SOLR-9028.patch, os.x.failure.txt > > > While looking into SOLR-8970 i realized there was a whole heap of problems > with how clientAuth was being handled in tests. Notably: it wasn't actaully > being used when the randomization selects it (aparently due to a copy/paste > mistake in SOLR-7166). But there are few other misc issues (improper usage > of sysprops overrides for tests, missuage of keystore/truststore in test > clients, etc..) > I'm working up a patch to fix all of this, and add some much needed tests to > *explicitly* verify both SSL and clientAuth that will include some "false > positive" verifications, and some "test the test" checks. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-9028) fix bugs in (add sanity checks for) SSL clientAuth testing
[ https://issues.apache.org/jira/browse/SOLR-9028?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15262906#comment-15262906 ] ASF subversion and git services commented on SOLR-9028: --- Commit 791d1e73933a88ef78a06a529d5dcb2fd9e01807 in lucene-solr's branch refs/heads/master from [~hossman_luc...@fucit.org] [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=791d1e7 ] SOLR-9028: Fixed some test related bugs preventing SSL + ClientAuth from ever being tested > fix bugs in (add sanity checks for) SSL clientAuth testing > -- > > Key: SOLR-9028 > URL: https://issues.apache.org/jira/browse/SOLR-9028 > Project: Solr > Issue Type: Bug >Reporter: Hoss Man >Assignee: Hoss Man > Attachments: SOLR-9028.patch, SOLR-9028.patch, SOLR-9028.patch, > SOLR-9028.patch, SOLR-9028.patch, SOLR-9028.patch, os.x.failure.txt > > > While looking into SOLR-8970 i realized there was a whole heap of problems > with how clientAuth was being handled in tests. Notably: it wasn't actaully > being used when the randomization selects it (aparently due to a copy/paste > mistake in SOLR-7166). But there are few other misc issues (improper usage > of sysprops overrides for tests, missuage of keystore/truststore in test > clients, etc..) > I'm working up a patch to fix all of this, and add some much needed tests to > *explicitly* verify both SSL and clientAuth that will include some "false > positive" verifications, and some "test the test" checks. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-9028) fix bugs in (add sanity checks for) SSL clientAuth testing
[
https://issues.apache.org/jira/browse/SOLR-9028?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15262643#comment-15262643
]
Steve Rowe commented on SOLR-9028:
--
On OS X from {{solr/}}, {{ant test}} passes for me with the latest patch on
master. I also ran the other new test {{TestSSLRandomization}} by itself, and
it passed.
> fix bugs in (add sanity checks for) SSL clientAuth testing
> --
>
> Key: SOLR-9028
> URL: https://issues.apache.org/jira/browse/SOLR-9028
> Project: Solr
> Issue Type: Bug
>Reporter: Hoss Man
>Assignee: Hoss Man
> Attachments: SOLR-9028.patch, SOLR-9028.patch, SOLR-9028.patch,
> SOLR-9028.patch, SOLR-9028.patch, SOLR-9028.patch, os.x.failure.txt
>
>
> While looking into SOLR-8970 i realized there was a whole heap of problems
> with how clientAuth was being handled in tests. Notably: it wasn't actaully
> being used when the randomization selects it (aparently due to a copy/paste
> mistake in SOLR-7166). But there are few other misc issues (improper usage
> of sysprops overrides for tests, missuage of keystore/truststore in test
> clients, etc..)
> I'm working up a patch to fix all of this, and add some much needed tests to
> *explicitly* verify both SSL and clientAuth that will include some "false
> positive" verifications, and some "test the test" checks.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-9028) fix bugs in (add sanity checks for) SSL clientAuth testing
[
https://issues.apache.org/jira/browse/SOLR-9028?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15262532#comment-15262532
]
Steve Rowe commented on SOLR-9028:
--
Rerunning on OS X, when I apply the latest patch on master and run {{ant
-Dtestcase=TestMiniSolrCloudClusterSSL}}, I get {{BUILD SUCCESSFUL}}.
> fix bugs in (add sanity checks for) SSL clientAuth testing
> --
>
> Key: SOLR-9028
> URL: https://issues.apache.org/jira/browse/SOLR-9028
> Project: Solr
> Issue Type: Bug
>Reporter: Hoss Man
>Assignee: Hoss Man
> Attachments: SOLR-9028.patch, SOLR-9028.patch, SOLR-9028.patch,
> SOLR-9028.patch, SOLR-9028.patch, SOLR-9028.patch, os.x.failure.txt
>
>
> While looking into SOLR-8970 i realized there was a whole heap of problems
> with how clientAuth was being handled in tests. Notably: it wasn't actaully
> being used when the randomization selects it (aparently due to a copy/paste
> mistake in SOLR-7166). But there are few other misc issues (improper usage
> of sysprops overrides for tests, missuage of keystore/truststore in test
> clients, etc..)
> I'm working up a patch to fix all of this, and add some much needed tests to
> *explicitly* verify both SSL and clientAuth that will include some "false
> positive" verifications, and some "test the test" checks.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
