November 2016 - jboss-jira - Jboss List Archives

[JBoss JIRA] (JGRP-2135) OOM with JGroups 3.6.11.

by Zoltan Farkas (JIRA)

[ https://issues.jboss.org/browse/JGRP-2135?page=com.atlassian.jira.plugin.... ] Zoltan Farkas commented on JGRP-2135: ------------------------------------- While looking further at the TcpConnection code, I noticed a dead local store at line 265: {code} short addr_len=in.readShort(); // only needed by NioConnection {code} My understanding of the code is zero, but worth taking a look at this. > OOM with JGroups 3.6.11. > ------------------------ > > Key: JGRP-2135 > URL: https://issues.jboss.org/browse/JGRP-2135 > Project: JGroups > Issue Type: Bug > Affects Versions: 3.6.11 > Reporter: Zoltan Farkas > Assignee: Bela Ban > Fix For: 3.6.12, 4.0 > > > We are running our JVMs with : -XX:OnOutOfMemoryError="kill -9 %p" > we have been experiencing OOMs fairly often, and the OOMs happen at: > {code} > Object / Stack Frame |Name | Shallow Heap | Retained Heap |Context Class Loader |Is Daemon > --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- > java.lang.Thread @ 0x81bdf838 |Connection.Receiver [144.77.77.53:50363 - 144.77.77.53:50363],sis-cluster.service,prodpmwsv5-6461| 120 | 456 |sun.misc.Launcher$AppClassLoader @ 0x800175a8|false > |- at java.lang.OutOfMemoryError.<init>()V (OutOfMemoryError.java:48) | | | | | > |- at org.jgroups.blocks.cs.TcpConnection$Receiver.run()V (TcpConnection.java:310)| | | | | > |- at java.lang.Thread.run()V (Thread.java:745) | | | | | > --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- > {code} > the Code where it happens is in TcpConnection.java: > {code} > while(canRun()) { > try { > int len=in.readInt(); > if(buffer == null || buffer.length < len) > buffer=new byte[len]; > in.readFully(buffer, 0, len); > updateLastAccessed(); > server.receive(peer_addr, buffer, 0, len); > } > catch(OutOfMemoryError mem_ex) { > t=mem_ex; > break; // continue; > } > catch(IOException io_ex) { > t=io_ex; > break; > } > catch(Throwable e) { > } > } > {code} > when allocating: buffer=new byte[len]; > it looks to me that some invalid large value is received and the process OOMs when allocating a huge byte array > Running JVMs without kill on OOM would make this issue "dissapear" in the sense that it is swallowed by: > {code} > catch(OutOfMemoryError mem_ex) { > t=mem_ex; > break; // continue; > } > {code} > Handling OutOfMemoryError is a strange implementation choice... > instead a size limit should be employed to protect from receiving invalid sizes... > My heap limit is 1GB and my heap dumps are 50Mb so the attempted allocation size is huge... -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-787) SASL mechanisms are not IANA registered and specifications are not provided

by Josef Cacek (JIRA)

Josef Cacek created ELY-787: ------------------------------- Summary: SASL mechanisms are not IANA registered and specifications are not provided Key: ELY-787 URL: https://issues.jboss.org/browse/ELY-787 Project: WildFly Elytron Issue Type: Bug Reporter: Josef Cacek Assignee: Darran Lofthouse Priority: Critical Elytron comes with set of SASL mechanisms (as requested by EAP7-530), but they don't fit SASL requirements. New mechanisms has to be registered by IANA as requested by [SASL RFC 4422 section 5|https://tools.ietf.org/html/rfc4422#section-5] and Java [SaslClientFactory|http://docs.oracle.com/javase/8/docs/api/javax/security...] and [SaslServerFactory|http://docs.oracle.com/javase/8/docs/api/javax/security...] contracts. Current list of mechanisms provided by Elytron, which are not IANA registered: * DIGEST-SHA * DIGEST-SHA-256 * DIGEST-SHA-512 * JBOSS-LOCAL-USER *Suggestion for improvement:* Provide specifications for the new mechanisms and register the names by IANA (see [section 7 in RFC-4422|https://tools.ietf.org/html/rfc4422#section-7]). -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-477) XmlConfigurationTest.testWrongRuleOrder fails with IBM JDK

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-477?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-477: --------------------------------- Fix Version/s: 1.1.0.Beta16 (was: 1.1.0.Beta15) > XmlConfigurationTest.testWrongRuleOrder fails with IBM JDK > ---------------------------------------------------------- > > Key: ELY-477 > URL: https://issues.jboss.org/browse/ELY-477 > Project: WildFly Elytron > Issue Type: Bug > Components: Testsuite > Affects Versions: 1.1.0.Beta4 > Reporter: Ondrej Lukas > Fix For: 1.1.0.Beta16 > > > Test XmlConfigurationTest.testWrongRuleOrder fails with IBM JDK with: > {code} > expected:<-1> but was:<7> > and stacktrace: > java.lang.AssertionError: expected:<-1> but was:<7> > at org.junit.Assert.fail(Assert.java:88) > at org.junit.Assert.failNotEquals(Assert.java:743) > at org.junit.Assert.assertEquals(Assert.java:118) > at org.junit.Assert.assertEquals(Assert.java:555) > at org.junit.Assert.assertEquals(Assert.java:542) > at org.wildfly.security.auth.client.XmlConfigurationTest.testWrongRuleOrder(XmlConfigurationTest.java:96) > ... > {code} > It is caused by undefined line number of XML parsing failure for IBM JDK. > Stacktrace of checked XMLStreamException for IBM JDK: > {code} > org.wildfly.client.config.ConfigXMLParseException: > CONF000005: Unexpected element "{urn:elytron:1.0}match-host" encountered > at authentication-client.xml: > at org.wildfly.client.config.ConfigurationXMLStreamReader.unexpectedElement(ConfigurationXMLStreamReader.java:257) > at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientRuleType(ElytronXmlParser.java:341) > at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientRulesType(ElytronXmlParser.java:238) > at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientType(ElytronXmlParser.java:181) > at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:118) > at org.wildfly.security.auth.client.XmlConfigurationTest.testWrongRuleOrder(XmlConfigurationTest.java:93) > ... > {code} > Stacktrace of checked XMLStreamException for Oracle JDK: > {code} > org.wildfly.client.config.ConfigXMLParseException: > CONF000005: Unexpected element "{urn:elytron:1.0}match-host" encountered > at authentication-client.xml:7:39: > at org.wildfly.client.config.ConfigurationXMLStreamReader.unexpectedElement(ConfigurationXMLStreamReader.java:257) > at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientRuleType(ElytronXmlParser.java:341) > at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientRulesType(ElytronXmlParser.java:238) > at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientType(ElytronXmlParser.java:181) > at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:118) > at org.wildfly.security.auth.client.XmlConfigurationTest.testWrongRuleOrder(XmlConfigurationTest.java:93) > ... > {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-455) OAuth2 Credential Store

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-455?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-455: --------------------------------- Fix Version/s: 1.1.0.Beta16 (was: 1.1.0.Beta15) > OAuth2 Credential Store > ----------------------- > > Key: ELY-455 > URL: https://issues.jboss.org/browse/ELY-455 > Project: WildFly Elytron > Issue Type: Feature Request > Components: Credential Store > Reporter: David Lloyd > Assignee: Pedro Igor > Fix For: 1.1.0.Beta16 > > > Need an OAuth2 credential store which can acquire a cached OAuth2 token or instigate a new authentication. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-433) Support verification of a users certificate against an LDAP Server

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-433?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-433: --------------------------------- Fix Version/s: 1.1.0.Beta16 (was: 1.1.0.Beta15) > Support verification of a users certificate against an LDAP Server > ------------------------------------------------------------------ > > Key: ELY-433 > URL: https://issues.jboss.org/browse/ELY-433 > Project: WildFly Elytron > Issue Type: Feature Request > Components: Realms, SSL > Reporter: Darran Lofthouse > Assignee: Jan Kalina > Fix For: 1.1.0.Beta16 > > > LDAP realm should be able to authenticate user using user certificate. > This is specifically for authentication - NOT for general TrustManager requirements - another Jira issue is tracking looking into a KeyStore implementation backed by LDAP. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-449) Add CredentialStore support to Elytron client configuration

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-449?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-449: --------------------------------- Fix Version/s: 1.1.0.Beta16 (was: 1.1.0.Beta15) > Add CredentialStore support to Elytron client configuration > ----------------------------------------------------------- > > Key: ELY-449 > URL: https://issues.jboss.org/browse/ELY-449 > Project: WildFly Elytron > Issue Type: Feature Request > Components: Authentication Client, Credential Store > Reporter: Darran Lofthouse > Fix For: 1.1.0.Beta16 > > -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-298) load-from/uri keystore xsd/parser mismatch

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-298?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-298: --------------------------------- Fix Version/s: 1.1.0.Beta16 (was: 1.1.0.Beta15) > load-from/uri keystore xsd/parser mismatch > ------------------------------------------ > > Key: ELY-298 > URL: https://issues.jboss.org/browse/ELY-298 > Project: WildFly Elytron > Issue Type: Bug > Components: Authentication Client > Reporter: Kabir Khan > Assignee: Darran Lofthouse > Fix For: 1.1.0.Beta16 > > > The xsd has > {code} > <xsd:complexType name="key-store-type"> > <xsd:sequence minOccurs="1" maxOccurs="1"> >  > <xsd:choice minOccurs="1" maxOccurs="1"> > <xsd:element name="file" type="name-type" minOccurs="1" maxOccurs="1"/> > <xsd:element name="load-from" type="uri-type" minOccurs="1" maxOccurs="1"/> > <xsd:element name="resource" type="name-type" minOccurs="1" maxOccurs="1"/> > {code} > The parser seems to look for 'uri' rather than 'load-from' -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-211) Client-side trust store configuration

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-211?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-211: --------------------------------- Fix Version/s: 1.1.0.Beta16 (was: 1.1.0.Beta15) > Client-side trust store configuration > ------------------------------------- > > Key: ELY-211 > URL: https://issues.jboss.org/browse/ELY-211 > Project: WildFly Elytron > Issue Type: Task > Components: Authentication Client > Reporter: David Lloyd > Assignee: David Lloyd > Fix For: 1.1.0.Beta16 > > > Lest I forget. The client needs the ability to supplement the default trust store, to restrict the set of acceptable peer certificates/signers, for mutual authentication purposes. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-181) Review JACC in Servlet and EJB subsystems

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-181?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-181: --------------------------------- Fix Version/s: 1.1.0.Beta16 (was: 1.1.0.Beta15) > Review JACC in Servlet and EJB subsystems > ----------------------------------------- > > Key: ELY-181 > URL: https://issues.jboss.org/browse/ELY-181 > Project: WildFly Elytron > Issue Type: Sub-task > Components: API / SPI > Reporter: Pedro Igor > Assignee: Pedro Igor > Fix For: 1.1.0.Beta16 > > -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-662) Eliminate CredentialStore interaction from within SASL mechanisms.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-662?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-662: --------------------------------- Fix Version/s: 1.1.0.Beta16 (was: 1.1.0.Beta15) > Eliminate CredentialStore interaction from within SASL mechanisms. > ------------------------------------------------------------------ > > Key: ELY-662 > URL: https://issues.jboss.org/browse/ELY-662 > Project: WildFly Elytron > Issue Type: Enhancement > Components: Credential Store, SASL > Reporter: Darran Lofthouse > Assignee: Peter Skopek > Priority: Critical > Fix For: 1.1.0.Beta16 > > > The conversion between callbacks and credential store should be handled centrally within the callback handler and not within the mechanism. > This way all mechanisms can use the core integration including mechanisms that may not be Elytron aware just using standard Java callbacks. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira November 2016