RFR: 8300939: sun/security/provider/certpath/OCSP/OCSPNoContentLength.java fails due to network errors [v2]
Mark Powers
mpowers at openjdk.org
Fri Feb 3 17:17:54 UTC 2023
On Thu, 2 Feb 2023 18:33:23 GMT, Jamil Nimeh <jnimeh at openjdk.org> wrote:
>> Hello all,
>>
>> This addresses a test bug where the SimpleOCSPServer would reset the connections made by a client CertPathValidator. I've made some minor changes to how the network data is read and sent from OCSP HTTP GET URLs and on responses, respectively. This will take the test off the problem list as well.
>>
>> This has been taken through hundreds of test runs and does not see the failure any longer where there used to be intermittent failures. Also multiple tier2 runs have been executed with no failures.
>>
>> - JBS: https://bugs.openjdk.org/browse/JDK-8300939
>
> Jamil Nimeh has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains 10 commits:
>
> - merge with main
> - 8300939: sun/security/provider/certpath/OCSP/OCSPNoContentLength.java fails due to network errors
> - Merge with main
> - Restore policy Root.java lost during merge
> - Merge with main
> - 8300946: Add sun/security/provider/certpath/OCSP/OCSPNoContentLength to ProblemList
> - Remove dead commented code
> - Throw exception directly from non 200 HTTP response codes
> - Moved SimpleOCSPServer to use CountdownLatch for ready state, updated tests
> - 8296343: CPVE thrown on missing content-length in OCSP response
It's not clear to me what is causing this test failure, but your fix is to drain the input stream and flush the output?
test/jdk/sun/security/provider/certpath/OCSP/OCSPNoContentLength.java line 59:
> 57:
> 58: // Enable debugging for additional output
> 59: static final boolean debug = true;
Do you intend to leave this `true`?
-------------
PR: https://git.openjdk.org/jdk/pull/12370
More information about the security-dev
mailing list