tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <ma...@apache.org>
Subject Re: SSL Unit Tests Failing
Date Tue, 02 Oct 2018 13:36:17 GMT
On 02/10/18 06:58, Igal Sapir wrote:
> When trying to run the unit test cases with `ant clean test` on the current
> trunk [1] I am getting two (per connector) failures:
> 
>     org.apache.tomcat.util.net.openssl.ciphers.TestCipher FAILED [2]
> 
> org.apache.tomcat.util.net.openssl.ciphers.TestOpenSSLCipherConfigurationParser
> FAILED [3]
> 
>     Server version: Apache Tomcat/9.0.13-dev
>     Server built:   Oct 2 2018 05:24:55 UTC
>     Server number:  9.0.13.0
>     OS Name:        Linux
>     OS Version:     4.18.9-200.fc28.x86_64
>     Architecture:   amd64
>     JVM Version:    1.8.0_181-b13
>     JVM Vendor:     Oracle Corporation
> 
> Am I missing something?  Other than the obvious "missing ciphers", that is.

These tests are all particularly sensitive to the versions of OpenSSL,
Java and the implementation of Java used.

Generally, those tests are there to ensure that the code that translates
between JSSE cipher definitions and OpenSSL definitions is correct.

If you see a failure it may indicate that:

- the test has a bug

- you are running with an older version of OpenSSL that behaves
  differently from the latest version (we try and keep pace with the
  latest)

- OpenSSL has changed behaviour and we need to update our translation
  code to align with it (unusual)

- OpenSSL has changed behaviour and we need to update our tests to align
  with it (most frequent).

There is overlap between some of the above cases.

I see different failures when I run locally. Your question has made me
curious to find out why.

Gump is usually very good at catching changes. I normally don;t worry
unless I see a failure in these tests on Gump. Expanding the
combinations of Tomcat and OpenSSL that we test with there is still on
the TODO list.

Mark


> 
> Thanks,
> 
> Igal
> 
> [1] git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@1842498
> 13f79535-47bb-0310-9956-ffa450edef68
> 
> [2] Testsuite: org.apache.tomcat.util.net.openssl.ciphers.TestCipher
> Tests run: 3, Failures: 2, Errors: 0, Skipped: 0, Time elapsed: 0.697 sec
> 
> Testcase: testNames took 0.168 sec
> Testcase: testAllOpenSSLCiphersMapped took 0.361 sec
>     FAILED
> No mapping found in IBM's JSSE implementation for
> ECDHE-PSK-3DES-EDE-CBC-SHA+TLSv1 when one was expected
> 
> junit.framework.AssertionFailedError: No mapping found in IBM's JSSE
> implementation for ECDHE-PSK-3DES-EDE-CBC-SHA+TLSv1 when one was expected
> 
>     at
> org.apache.tomcat.util.net.openssl.ciphers.TestCipher.testAllOpenSSLCiphersMapped(TestCipher.java:66)
> 
> Testcase: testOpenSSLCipherAvailability took 0.06 sec
>     FAILED
> ECDHE-ARIA128-GCM-SHA256+TLSv1.2 DHE-RSA-ARIA128-GCM-SHA256+TLSv1.2
> DHE-DSS-ARIA256-GCM-SHA384+TLSv1.2 ECDHE-ECDSA-ARIA128-GCM-SHA256+TLSv1.2
> ARIA256-GCM-SHA384+TLSv1.2 ECDHE-ARIA256-GCM-SHA384+TLSv1.2
> DHE-RSA-ARIA256-GCM-SHA384+TLSv1.2 RSA-PSK-ARIA256-GCM-SHA384+TLSv1.2
> ECDHE-ECDSA-ARIA256-GCM-SHA384+TLSv1.2 ARIA128-GCM-SHA256+TLSv1.2
> DHE-PSK-ARIA128-GCM-SHA256+TLSv1.2 RSA-PSK-ARIA128-GCM-SHA256+TLSv1.2
> DHE-DSS-ARIA128-GCM-SHA256+TLSv1.2 PSK-ARIA256-GCM-SHA384+TLSv1.2
> DHE-PSK-ARIA256-GCM-SHA384+TLSv1.2 PSK-ARIA128-GCM-SHA256+TLSv1.2
> expected:<0> but was:<16>
> junit.framework.AssertionFailedError: ECDHE-ARIA128-GCM-SHA256+TLSv1.2
> DHE-RSA-ARIA128-GCM-SHA256+TLSv1.2 DHE-DSS-ARIA256-GCM-SHA384+TLSv1.2
> ECDHE-ECDSA-ARIA128-GCM-SHA256+TLSv1.2 ARIA256-GCM-SHA384+TLSv1.2
> ECDHE-ARIA256-GCM-SHA384+TLSv1.2 DHE-RSA-ARIA256-GCM-SHA384+TLSv1.2
> RSA-PSK-ARIA256-GCM-SHA384+TLSv1.2 ECDHE-ECDSA-ARIA256-GCM-SHA384+TLSv1.2
> ARIA128-GCM-SHA256+TLSv1.2 DHE-PSK-ARIA128-GCM-SHA256+TLSv1.2
> RSA-PSK-ARIA128-GCM-SHA256+TLSv1.2 DHE-DSS-ARIA128-GCM-SHA256+TLSv1.2
> PSK-ARIA256-GCM-SHA384+TLSv1.2 DHE-PSK-ARIA256-GCM-SHA384+TLSv1.2
> PSK-ARIA128-GCM-SHA256+TLSv1.2  expected:<0> but was:<16>
>     at
> org.apache.tomcat.util.net.openssl.ciphers.TestCipher.testOpenSSLCipherAvailability(TestCipher.java:100)
> 
> [3] Testsuite:
> org.apache.tomcat.util.net.openssl.ciphers.TestOpenSSLCipherConfigurationParser
> Tests run: 86, Failures: 40, Errors: 0, Skipped: 1, Time elapsed: 5.473 sec
> ------------- Standard Error -----------------
> Error in cipher list
> 140015003477824:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no
> cipher match:ssl/ssl_lib.c:2193:
> 
> Error in cipher list
> 140182557382464:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no
> cipher match:ssl/ssl_lib.c:2193:
> 
> Error in cipher list
> 140372866819904:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no
> cipher match:ssl/ssl_lib.c:2193:
> 
> Error in cipher list
> 139680405661504:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no
> cipher match:ssl/ssl_lib.c:2193:
> 
> Error in cipher list
> 140699554305856:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no
> cipher match:ssl/ssl_lib.c:2193:
> 
> Error in cipher list
> 139897177433920:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no
> cipher match:ssl/ssl_lib.c:2193:
> 
> Error in cipher list
> 139891985295168:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no
> cipher match:ssl/ssl_lib.c:2193:
> 
> Error in cipher list
> 140442752255808:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no
> cipher match:ssl/ssl_lib.c:2193:
> 
> Error in cipher list
> 139855064180544:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no
> cipher match:ssl/ssl_lib.c:2193:
> 
> Error in cipher list
> 140598129956672:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no
> cipher match:ssl/ssl_lib.c:2193:
> 
> Error in cipher list
> 139768227612480:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no
> cipher match:ssl/ssl_lib.c:2193:
> 
> Error in cipher list
> 139839666202432:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no
> cipher match:ssl/ssl_lib.c:2193:
> 
> Error in cipher list
> 140216997062464:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no
> cipher match:ssl/ssl_lib.c:2193:
> 
> Error in cipher list
> 140194450589504:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no
> cipher match:ssl/ssl_lib.c:2193:
> 
> Error in cipher list
> 140636605155136:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no
> cipher match:ssl/ssl_lib.c:2193:
> 
> <snip/>
> 
> Testcase: testARIA128 took 0.535 sec
>     FAILED
> Expected 8 ciphers but got 0 for the specification 'ARIA128'
> expected:<[TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
> TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256, TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
> TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
> TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256, TLS_PSK_WITH_ARIA_128_GCM_SHA256,
> TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256, TLS_RSA_WITH_ARIA_128_GCM_SHA256]>
> but was:<[]>
> junit.framework.AssertionFailedError: Expected 8 ciphers but got 0 for the
> specification 'ARIA128' expected:<[TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
> TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256, TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
> TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
> TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256, TLS_PSK_WITH_ARIA_128_GCM_SHA256,
> TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256, TLS_RSA_WITH_ARIA_128_GCM_SHA256]>
> but was:<[]>
>     at
> org.apache.tomcat.util.net.openssl.ciphers.TestOpenSSLCipherConfigurationParser.testSpecification(TestOpenSSLCipherConfigurationParser.java:588)
>     at
> org.apache.tomcat.util.net.openssl.ciphers.TestOpenSSLCipherConfigurationParser.testARIA128(TestOpenSSLCipherConfigurationParser.java:541)
> 
> Testcase: testARIA256 took 0.063 sec
>     FAILED
> Expected 8 ciphers but got 0 for the specification 'ARIA256'
> expected:<[TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
> TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384, TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
> TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
> TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384, TLS_PSK_WITH_ARIA_256_GCM_SHA384,
> TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384, TLS_RSA_WITH_ARIA_256_GCM_SHA384]>
> but was:<[]>
> junit.framework.AssertionFailedError: Expected 8 ciphers but got 0 for the
> specification 'ARIA256' expected:<[TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
> TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384, TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
> TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
> TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384, TLS_PSK_WITH_ARIA_256_GCM_SHA384,
> TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384, TLS_RSA_WITH_ARIA_256_GCM_SHA384]>
> but was:<[]>
>     at
> org.apache.tomcat.util.net.openssl.ciphers.TestOpenSSLCipherConfigurationParser.testSpecification(TestOpenSSLCipherConfigurationParser.java:588)
>     at
> org.apache.tomcat.util.net.openssl.ciphers.TestOpenSSLCipherConfigurationParser.testARIA256(TestOpenSSLCipherConfigurationParser.java:547)
> 
> Testcase: testkECDHE took 0.068 sec
>     FAILED
> Expected 31 ciphers but got 30 for the specification 'kECDHE'
> expected:<[TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
> TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
> TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
> TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
> TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
> TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
> TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
> TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
> TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
> TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
> TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
> TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
> TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
> TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
> TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
> TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, TLS_ECDHE_RSA_WITH_NULL_SHA,
> TLS_ECDH_anon_WITH_AES_128_CBC_SHA, TLS_ECDH_anon_WITH_AES_256_CBC_SHA,
> TLS_ECDH_anon_WITH_NULL_SHA]> but
> was:<[TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
> TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
> TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
> TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
> TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
> TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
> TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
> TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
> TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
> TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
> TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
> TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, TLS_ECDHE_RSA_WITH_NULL_SHA,
> TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_anon_WITH_AES_128_CBC_SHA,
> TLS_ECDH_anon_WITH_AES_256_CBC_SHA, TLS_ECDH_anon_WITH_NULL_SHA]>
> junit.framework.AssertionFailedError: Expected 31 ciphers but got 30 for
> the specification 'kECDHE' expected:<[TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
> TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
> TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
> TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
> TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
> TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
> TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
> TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
> TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
> TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
> TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
> TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
> TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
> TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
> TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
> TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, TLS_ECDHE_RSA_WITH_NULL_SHA,
> TLS_ECDH_anon_WITH_AES_128_CBC_SHA, TLS_ECDH_anon_WITH_AES_256_CBC_SHA,
> TLS_ECDH_anon_WITH_NULL_SHA]> but
> was:<[TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
> TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
> TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
> TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
> TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
> TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
> TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
> TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
> TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
> TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
> TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
> TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, TLS_ECDHE_RSA_WITH_NULL_SHA,
> TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_anon_WITH_AES_128_CBC_SHA,
> TLS_ECDH_anon_WITH_AES_256_CBC_SHA, TLS_ECDH_anon_WITH_NULL_SHA]>
>     at
> org.apache.tomcat.util.net.openssl.ciphers.TestOpenSSLCipherConfigurationParser.testSpecification(TestOpenSSLCipherConfigurationParser.java:588)
>     at
> org.apache.tomcat.util.net.openssl.ciphers.TestOpenSSLCipherConfigurationParser.testkECDHE(TestOpenSSLCipherConfigurationParser.java:202)
> 
> Testcase: testkECDHe took 0.072 sec
> Testcase: testkECDHr took 0.036 sec
> Testcase: testkEECDH took 0.057 sec
>     FAILED
> Expected 31 ciphers but got 30 for the specification 'kEECDH'
> expected:<[TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
> TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
> TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
> TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
> TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
> TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
> TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
> TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
> TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
> TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
> TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
> TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
> TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
> TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
> TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
> TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, TLS_ECDHE_RSA_WITH_NULL_SHA,
> TLS_ECDH_anon_WITH_AES_128_CBC_SHA, TLS_ECDH_anon_WITH_AES_256_CBC_SHA,
> TLS_ECDH_anon_WITH_NULL_SHA]> but
> was:<[TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
> TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
> TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
> TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
> TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
> TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
> TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
> TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
> TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
> TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
> TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
> TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, TLS_ECDHE_RSA_WITH_NULL_SHA,
> TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_anon_WITH_AES_128_CBC_SHA,
> TLS_ECDH_anon_WITH_AES_256_CBC_SHA, TLS_ECDH_anon_WITH_NULL_SHA]>
> junit.framework.AssertionFailedError: Expected 31 ciphers but got 30 for
> the specification 'kEECDH' expected:<[TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
> TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
> TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
> TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
> TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
> TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
> TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
> TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
> TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
> TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
> TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
> TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
> TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
> TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
> TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
> TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, TLS_ECDHE_RSA_WITH_NULL_SHA,
> TLS_ECDH_anon_WITH_AES_128_CBC_SHA, TLS_ECDH_anon_WITH_AES_256_CBC_SHA,
> TLS_ECDH_anon_WITH_NULL_SHA]> but
> was:<[TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
> TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
> TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
> TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
> TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
> TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
> TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
> TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
> TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
> TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
> TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
> TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, TLS_ECDHE_RSA_WITH_NULL_SHA,
> TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_anon_WITH_AES_128_CBC_SHA,
> TLS_ECDH_anon_WITH_AES_256_CBC_SHA, TLS_ECDH_anon_WITH_NULL_SHA]>
>     at
> org.apache.tomcat.util.net.openssl.ciphers.TestOpenSSLCipherConfigurationParser.testSpecification(TestOpenSSLCipherConfigurationParser.java:588)
>     at
> org.apache.tomcat.util.net.openssl.ciphers.TestOpenSSLCipherConfigurationParser.testkEECDH(TestOpenSSLCipherConfigurationParser.java:190)
> 
> Testcase: testGOST89MAC took 0.06 sec
> Testcase: testCHACHA20 took 0.061 sec
> Testcase: testADH took 0.033 sec
>     FAILED
> Expected 11 ciphers but got 13 for the specification 'ADH'
> expected:<[TLS_DH_anon_WITH_AES_128_CBC_SHA,
> TLS_DH_anon_WITH_AES_128_CBC_SHA256, TLS_DH_anon_WITH_AES_128_GCM_SHA256,
> TLS_DH_anon_WITH_AES_256_CBC_SHA, TLS_DH_anon_WITH_AES_256_CBC_SHA256,
> TLS_DH_anon_WITH_AES_256_GCM_SHA384, TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA,
> TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256,
> TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA,
> TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256, TLS_DH_anon_WITH_SEED_CBC_SHA]>
> but was:<[SSL_DH_anon_WITH_3DES_EDE_CBC_SHA,
> TLS_DH_anon_WITH_3DES_EDE_CBC_SHA, TLS_DH_anon_WITH_AES_128_CBC_SHA,
> TLS_DH_anon_WITH_AES_128_CBC_SHA256, TLS_DH_anon_WITH_AES_128_GCM_SHA256,
> TLS_DH_anon_WITH_AES_256_CBC_SHA, TLS_DH_anon_WITH_AES_256_CBC_SHA256,
> TLS_DH_anon_WITH_AES_256_GCM_SHA384, TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA,
> TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256,
> TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA,
> TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256, TLS_DH_anon_WITH_SEED_CBC_SHA]>
> junit.framework.AssertionFailedError: Expected 11 ciphers but got 13 for
> the specification 'ADH' expected:<[TLS_DH_anon_WITH_AES_128_CBC_SHA,
> TLS_DH_anon_WITH_AES_128_CBC_SHA256, TLS_DH_anon_WITH_AES_128_GCM_SHA256,
> TLS_DH_anon_WITH_AES_256_CBC_SHA, TLS_DH_anon_WITH_AES_256_CBC_SHA256,
> TLS_DH_anon_WITH_AES_256_GCM_SHA384, TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA,
> TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256,
> TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA,
> TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256, TLS_DH_anon_WITH_SEED_CBC_SHA]>
> but was:<[SSL_DH_anon_WITH_3DES_EDE_CBC_SHA,
> TLS_DH_anon_WITH_3DES_EDE_CBC_SHA, TLS_DH_anon_WITH_AES_128_CBC_SHA,
> TLS_DH_anon_WITH_AES_128_CBC_SHA256, TLS_DH_anon_WITH_AES_128_GCM_SHA256,
> TLS_DH_anon_WITH_AES_256_CBC_SHA, TLS_DH_anon_WITH_AES_256_CBC_SHA256,
> TLS_DH_anon_WITH_AES_256_GCM_SHA384, TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA,
> TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256,
> TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA,
> TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256, TLS_DH_anon_WITH_SEED_CBC_SHA]>
>     at
> org.apache.tomcat.util.net.openssl.ciphers.TestOpenSSLCipherConfigurationParser.testSpecification(TestOpenSSLCipherConfigurationParser.java:588)
>     at
> org.apache.tomcat.util.net.openssl.ciphers.TestOpenSSLCipherConfigurationParser.testADH(TestOpenSSLCipherConfigurationParser.java:325)
> 
> <snip/>
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message