On Tue, Jun 18, 2024 at 9:36 AM Rainer Jung <rainer.j...@kippdata.de> wrote: > > Hi all, > > when testing 11.0.0-M21 and 10.1.25 I observe new failures in panama: > > Testcase: > testOpenSSLConfCmdCipher[org.apache.tomcat.util.net.openssl.panama.OpenSSLImplementation] > took 4.438 sec > FAILED > Wrong HostConfig ciphers > Expected: is ["AES256-SHA256"] > but: was ["TLS_AES_256_GCM_SHA384", > "TLS_CHACHA20_POLY1305_SHA256", "TLS_AES_128_GCM_SHA256", "AES256-SHA256"] > junit.framework.AssertionFailedError: Wrong HostConfig ciphers > Expected: is ["AES256-SHA256"] > but: was ["TLS_AES_256_GCM_SHA384", > "TLS_CHACHA20_POLY1305_SHA256", "TLS_AES_128_GCM_SHA256", "AES256-SHA256"] > at org.hamcrest.MatcherAssert.assertThat(MatcherAssert.java:20) > at > org.apache.tomcat.util.net.openssl.TestOpenSSLConf.testOpenSSLConfCmdCipher(TestOpenSSLConf.java:132) > at > java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103) > > The test was done with the recent releases of OpenSSL 3.0, 3.1, 3.2 and > 3.3. All of them fail in the same way.
I'm using OpenSSL 3.2.1 and the test was not failing for me. However, it was also not working. There are two issues that left errors on the stack and making the command check fail: - Setting a bad value for the random seed (fixed) - Then an error supposedly about use of the legacy provider somewhere (no idea where this happens, it's now logged [error:1E08010C:DECODER routines::unsupported]) Now the command check passes and I don't see any error processing the command. Rémy > Best regards, > > Rainer > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
