[jboss-jira] [JBoss JIRA] (WFCORE-4730) Include the wildfly-openssl s390 binding
Ken Wills (Jira)
issues at jboss.org
Thu May 14 18:57:51 EDT 2020
[ https://issues.redhat.com/browse/WFCORE-4730?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14098656#comment-14098656 ]
Ken Wills edited comment on WFCORE-4730 at 5/14/20 6:56 PM:
------------------------------------------------------------
I've installed 1.1.1g in /usr/local, and the job is a bit better, but there is some weirdness :(
https://ci.wildfly.org/buildConfiguration/WildflyOpenSSL_S390build/204524?
Failed tests:
SslCiphersTest.testCipherSuiteConverter:53 TLS_AES_128_GCM_SHA256
I suspect what is happening here is that I've installed the updated openssl in /usr/local/lib64 etc, but the default RHEL one is still in /usr/lib64, along with the default headers, and it is finding these. I've tried setting CLFAGS etc, but so far that hasn't worked. (I'm assuming CFLAGS="-I/usr/local/include" should allow it to find the updated OpenSSL headers first.)
Tests in error:
BasicOpenSSLEngineTest.openSslLotsOfDataTest:315 » Bind Address already in use...
BasicOpenSSLSocketTest.basicOpenSSLTest1:40 » Bind Address already in use (Bin...
BasicOpenSSLSocketTest.basicOpenSSLTest2:65 » Bind Address already in use (Bin...
These fail reliably, due to the sockets being in TIME_WAIT. If i allow reuse, using:
sysctl -w net.ipv4.tcp_timestamps=1
sysctl -w net.ipv4.tcp_tw_recycle=1
Then i can reduce it to just:
Tests in error:
BasicOpenSSLEngineTest.openSslLotsOfDataTest:315 » Bind Address already in use...
I'll add a config for the artifacts so you can download them.
was (Author: luck3y):
I've installed 1.1.1g in /usr/local, and the job is a bit better, but there is some weirdness :(
https://ci.wildfly.org/buildConfiguration/WildflyOpenSSL_S390build/204524?
Failed tests:
SslCiphersTest.testCipherSuiteConverter:53 TLS_AES_128_GCM_SHA256
I suspect what is happening here is that I've installed the updated openssl in /usr/local/lib64 etc, but the default RHEL one is still in /usr/lib64, along with the default headers, and it is finding these. I've tried setting CLFAGS etc, but so far that hasn't worked.
Tests in error:
BasicOpenSSLEngineTest.openSslLotsOfDataTest:315 » Bind Address already in use...
BasicOpenSSLSocketTest.basicOpenSSLTest1:40 » Bind Address already in use (Bin...
BasicOpenSSLSocketTest.basicOpenSSLTest2:65 » Bind Address already in use (Bin...
These fail reliably, due to the sockets being in TIME_WAIT. If i allow reuse, using:
sysctl -w net.ipv4.tcp_timestamps=1
sysctl -w net.ipv4.tcp_tw_recycle=1
Then i can reduce it to just:
Tests in error:
BasicOpenSSLEngineTest.openSslLotsOfDataTest:315 » Bind Address already in use...
I'll add a config for the artifacts so you can download them.
> Include the wildfly-openssl s390 binding
> ----------------------------------------
>
> Key: WFCORE-4730
> URL: https://issues.redhat.com/browse/WFCORE-4730
> Project: WildFly Core
> Issue Type: Enhancement
> Components: Build System, Security
> Reporter: Brian Stansberry
> Assignee: Farah Juma
> Priority: Major
>
> The wildfly-openssl project include s390 bindings; we should include them.
> https://github.com/wildfly/wildfly-openssl/tree/1.0.8.Final/linux-s390x
> The code was there for the 1.0.8 release but it doesn't look like that variant was built and pushed to nexus:
> https://repository.jboss.org/org/wildfly/openssl/
--
This message was sent by Atlassian Jira
(v7.13.8#713008)
More information about the jboss-jira
mailing list