8345414: Google CAInterop test failures #673
Conversation
|
👋 Welcome back andrew! A progress list of the required criteria for merging this PR into |
|
@gnu-andrew This change now passes all automated pre-integration checks. After integration, the commit message for the final commit will be: You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed. At the time when this comment was updated there had been no new commits pushed to the ➡️ To integrate this PR with the above commit message to the |
openjdk
bot
changed the title
|
This backport pull request has now been updated with issue from the original commit. |
openjdk
bot
added
backport
Webrevs
|
There was a problem hiding this comment.
Looks good. Only two more test failures in jdk/security_infra group (which is for another patch):
security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#digicerttlsrsarootg5
security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#quovadisrootca2g3
|
Linux additional build failure should go away if you merge master. The tier1 failure on Linux x86 (32 bit is intermittent). |
|
|
Those two seem to be caused by the revocation certificate site not serving a revoked cert. See: Both https://digicert-tls-rsa4096-root-g5-revoked.chain-demos.digicert.com and https://quovadis-root-ca-2-g3-revoked.chain-demos.digicert.com don't properly work (in my browser as well). |
Done. It hadn't yet been pushed when I posted this. |
Thanks for looking at these. Yes, I see a failure page in Firefox at first for those URLs, and then clicking 'Try Again' takes me to a page I'm apparently not meant to see. What I can't understand is why these pass in 11u. I don't see any relevant differences in the tests, which suggests it might be class library differences we might not want to alter. I'm tending towards filing bugs for these and excluding them, so we can have a clean run again at last. Let me know your thoughts. |
|
/approval request Fix for the CAcert test which cause a number of failing cases to now pass. No real risk - test only and test cases were already failing - and has been reviewed by Severin Gehwolf. |
|
@gnu-andrew |
openjdk
bot
added
the
approval
They don't fail in 11u since those tests ( |
openjdk
bot
added
ready
Besides, JDK 11u has https://bugs.openjdk.org/browse/JDK-8334441 (mark them manual). |
Just ran them manually on latest 11u and they also fail there. |
|
It appears the relevant tests no longer fail. Seems an intermittent issue. |
|
Either way, please integrate @gnu-andrew. |
Yes, I'm aware that they are manual but I thought they passed when I ran them all on 11u. Checking my logs again, it seems they don't. I guess I was just thinking of the diff on the 11u PR. Anyway, this is a better situation because it means it is a general issue with the test and not something specific to 8u. |
Ok, they did fail for me back when I did the 11u PR too. |
|
/integrate |
|
Going to push as commit 1b94cbf. |
openjdk
bot
removed
ready
|
@gnu-andrew Pushed as commit 1b94cbf. 💡 You may see a message that your pull request was closed with unmerged commits. This can be safely ignored. |
This fixes failing Google cacert tests. It should leave us with just two failing (
digicerttlsrsarootg5,quovadisrootca2g3), which we can fix or exclude separately. The backport applies cleanly from 11u after the paths are shuffled.Testing shows that the tests now pass:
Progress
Issue
Reviewers
Reviewing
Using
gitCheckout this PR locally:
$ git fetch https://git.openjdk.org/jdk8u-dev.git pull/673/head:pull/673$ git checkout pull/673Update a local copy of the PR:
$ git checkout pull/673$ git pull https://git.openjdk.org/jdk8u-dev.git pull/673/headUsing Skara CLI tools
Checkout this PR locally:
$ git pr checkout 673View PR using the GUI difftool:
$ git pr show -t 673Using diff file
Download this PR as a diff file:
https://git.openjdk.org/jdk8u-dev/pull/673.diff
Using Webrev
Link to Webrev Comment