[jboss-jira] [JBoss JIRA] (WFCORE-3171) Untrusted SSL certificate used for client authentication leads to Broken pipe IOException intermittently

Jan Kalina (JIRA) issues at jboss.org
Wed Aug 9 08:45:00 EDT 2017 

     [ https://issues.jboss.org/browse/WFCORE-3171?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jan Kalina moved JBEAP-12649 to WFCORE-3171:
--------------------------------------------

              Project: WildFly Core  (was: JBoss Enterprise Application Platform)
                  Key: WFCORE-3171  (was: JBEAP-12649)
             Workflow: GIT Pull Request workflow   (was: CDW with loose statuses v1)
          Component/s: Security
                       Test Suite
                           (was: Security)
                           (was: Test Suite)
    Affects Version/s: 3.0.0.Beta30
                           (was: 7.1.0.ER3)


> Untrusted SSL certificate used for client authentication leads to Broken pipe IOException  intermittently
> ---------------------------------------------------------------------------------------------------------
>
>                 Key: WFCORE-3171
>                 URL: https://issues.jboss.org/browse/WFCORE-3171
>             Project: WildFly Core
>          Issue Type: Bug
>          Components: Security, Test Suite
>    Affects Versions: 3.0.0.Beta30
>            Reporter: Jan Kalina
>            Assignee: Jan Kalina
>            Priority: Blocker
>
> Untrusted SSL certificate used for authentication leads to "IOException: Broken pipe" intermittently.
> *Description of problem:*
> ExternalMgmtSaslTestCase from wf-core fails intermittently  (80%) on pure-ipv6 RHEL6 machines. 
> The test configures two-way-SSL and try to use untrusted client certificate. IOException comes and the test checks if the cause is an SSLException (which is expected), but in some cases "IOException: Broken pipe" comes as the cause instead.
> *How reproducible:*
> 80% on pure-ipv6 RHEL6 machines
> *Steps to Reproduce:*
> {code}
> cd testsuite/elytron
> export PROXY_PARAMS="-DproxySet=true -DproxyHost=proxy-01-ipv6.mw.lab.eng.bos.redhat.com -DproxyPort=3128 -Dhttp.proxyHost=proxy-01-ipv6.mw.lab.eng.bos.redhat.com -Dhttp.proxyPort=3128 -Dhttps.proxyHost=proxy-01-ipv6.mw.lab.eng.bos.redhat.com -Dhttps.proxyPort=3128"
> mvn install -B  -fae -llr -Dipv6 $PROXY_PARAMS  -Dts.timeout.factor=300 -Dtimeout.factor=300 -Dtest=ExternalMgmtSaslTestCase
> {code}
> Failing test is *testUntrustedCertFails*, but looks like not reproducible without running whole testcase.
> *Actual results:*
> StackTrace:
> {noformat}
> 17:03:12 java.lang.AssertionError: SSLException was expected as the second cause when certificate authentication fails
> 17:03:12 Expected: is an instance of javax.net.ssl.SSLException
> 17:03:12      but: <java.io.IOException: Broken pipe> is a java.io.IOException
> 17:03:12 	at org.hamcrest.MatcherAssert.assertThat(MatcherAssert.java:20)
> 17:03:12 	at org.junit.Assert.assertThat(Assert.java:956)
> 17:03:12 	at org.wildfly.test.integration.elytron.sasl.mgmt.ExternalMgmtSaslTestCase.assertCertAuthenticationFails(ExternalMgmtSaslTestCase.java:216)
> 17:03:12 	at org.wildfly.test.integration.elytron.sasl.mgmt.ExternalMgmtSaslTestCase.lambda$testUntrustedCertFails$3(ExternalMgmtSaslTestCase.java:201)
> {noformat}
> Standard output:
> {noformat}
> [0m15:03:10,908 INFO  [org.jboss.as] (MSC service thread 1-2) WFLYSRV0050: WildFly Core 3.0.0.Beta30-redhat-1 "Kenny" stopped in 39ms
> [0m[0m15:03:10,910 INFO  [org.jboss.as] (MSC service thread 1-2) WFLYSRV0049: WildFly Core 3.0.0.Beta30-redhat-1 "Kenny" starting
> [0m[0m15:03:11,057 INFO  [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0039: Creating http management service using socket-binding (management-http)
> [0m[33m15:03:11,132 WARN  [org.jboss.as.domain.http.api.undertow] (MSC service thread 1-1) WFLYDMHTTP0003: Unable to load console module for slot main, disabling console
> [0m[0m15:03:11,146 INFO  [org.jboss.as.patching] (MSC service thread 1-4) WFLYPAT0050: WildFly cumulative patch ID is: base, one-off patches include: none
> [0m[33m15:03:11,147 WARN  [org.jboss.as.domain.management.security] (MSC service thread 1-4) WFLYDM0111: Keystore /mnt/hudson_workspace/eap-7x-as-testsuite-test-core-rhel-ipv6-broken-pipe/7a0f50f2/testsuite/elytron/target/wildfly-core/standalone/configuration/application.keystore not found, it will be auto generated on first use with a self signed certificate for host localhost
> [0m[0m15:03:11,252 INFO  [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0212: Resuming server
> [0m[0m15:03:11,256 INFO  [org.jboss.as] (Controller Boot Thread) WFLYSRV0060: Http management interface listening on http://[::1]:9990/management
> [0m[0m15:03:11,256 INFO  [org.jboss.as] (Controller Boot Thread) WFLYSRV0051: Admin console listening on http://[::1]:9990
> [0m[0m15:03:11,260 INFO  [org.jboss.as] (Controller Boot Thread) WFLYSRV0025: WildFly Core 3.0.0.Beta30-redhat-1 "Kenny" started in 345ms - Started 83 of 86 services (17 services are lazy, passive or on-demand)
> [0m[0m15:03:11,369 INFO  [org.jboss.as.server] (management-handler-thread - 3) WFLYSRV0236: Suspending server with no timeout.
> [0m[0m15:03:11,399 INFO  [org.jboss.as.server] (Management Triggered Shutdown) WFLYSRV0241: Shutting down in response to management operation 'shutdown'
> [0m[0m15:03:11,474 INFO  [org.jboss.as] (MSC service thread 1-1) WFLYSRV0050: WildFly Core 3.0.0.Beta30-redhat-1 "Kenny" stopped in 45ms
> [0m
> {noformat}



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list