[External] : Re: test/jdk/sun/security/pkcs11/KeyStore/CertChainRemoval.java fails on Ubuntu 23.10 AMD64
Valerie Peng
valerie.peng at oracle.com
Fri Jun 9 18:03:33 UTC 2023
Thanks for the notice.
Matthias Baesken already filed a separate bug on this (https://bugs.openjdk.org/browse/JDK-8309214 : https://bugs.openjdk.org/browse/JDK-8309214) and we started exchange info as I can't reproduce the test failure.
So you are observing this with NSS 3.89 but Francisco isn't? Hmm...
Valerie
-----Original Message-----
From: Vladimir Petko <vladimir.petko at canonical.com>
Sent: Friday, June 9, 2023 5:31 AM
To: Francisco Ferrari Bihurriet <fferrari at redhat.com>
Cc: security-dev at openjdk.org; Valerie Peng <valerie.peng at oracle.com>
Subject: [External] : Re: test/jdk/sun/security/pkcs11/KeyStore/CertChainRemoval.java fails on Ubuntu 23.10 AMD64
Hi,
I have run the test in Mantic, which has NSS 3.89[1], and got the same failure.
Best Regards,
Vladimir.
[1] https://urldefense.com/v3/__https://launchpad.net/ubuntu/*source/nss/2:3.89-2__;Kw!!ACWV5N9M2RV99hQ!PKfA6sQzU8HWMkUYTo49Jp2jma9JaGEg_74UdCHZFC2Va_DgCThkBd2IJk6D1JVbplZpSroctT5oRUzYvoiwJPmohjyfxg$
On Fri, Jun 9, 2023 at 10:09 PM Francisco Ferrari Bihurriet <fferrari at redhat.com> wrote:
>
> Hi Vladimir,
>
> This seems to be the same that is reported in a JDK-8301154 comment
> [1], we incidentally hit this when fixing JDK-8309569 [2].
>
> It was failing on Martin Balao's Fedora machine with an older NSS
> version and working on my newer Fedora with NSS 3.89.
>
> Copying Valerie for awareness just in case she missed the Jira comment.
>
> [1]
> https://bugs.openjdk.org/browse/JDK-8301154?focusedCommentId=14585577&
> page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#
> comment-14585577 [2] https://bugs.openjdk.org/browse/JDK-8309569
>
> On 6/9/23 11:09, Vladimir Petko wrote:
> > Hi,
> >
> > test/jdk/sun/security/pkcs11/KeyStore/CertChainRemoval.java[1] fails
> > on Ubuntu Lunar (amd64) with CKR_GENERAL_ERROR .
> > Reordering certificate addition
> > (0001-CertChainRemoval-reorder-certificates.patch) allows the test
> > to pass, but it may indicate a more serious underlying problem with
> > library compatibility.
> >
> > Best Regards,
> > Vladimir.
>
> Regards,
> --
> Francisco
>
More information about the security-dev
mailing list