Uploaded image for project: 'Solr'
  1. Solr
  2. SOLR-5776 Look at speeding up using SSL with tests.
  3. SOLR-9068

BadPaddingException when running SSL test using NullSecureRandom

    XMLWordPrintableJSON

Details

    • Sub-task
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 6.1, 7.0
    • None
    • None

    Description

      In parent issue SOLR-5776, NullSecureRandom was introduced and SSLTestConfig was refactored so that both client & server would use it to prevent blocked threads waiting for entropy.

      Since those commits to master & branch_6x, all Solaris jenkins builds got failures at the same spots in TestMiniSolrCloudClusterSSL.testSslAndNoClientAuth - and looking at the logs the root cause appears to be intranode communication failures due to "javax.crypto.BadPaddingException"

      Initial speculation was that perhaps the Solaris SSL impl has bugs in it's padding code that are tickled when the SecureRandom instance returns long strings of null bytes, but subsequently we got reports of similar, less frequently occuring, bugs on other OSs (see SOLR-9082).

      Attachments

        1. SOLR-9068.Lucene-Solr-6.x-Solaris_110.log
          2.10 MB
          Chris M. Hostetter
        2. SOLR-9068.Lucene-Solr-master-Solaris_558.log
          4.74 MB
          Chris M. Hostetter
        3. SOLR-9068.patch
          2 kB
          Chris M. Hostetter
        4. SOLR-9068.patch
          2 kB
          Chris M. Hostetter

        Issue Links

          Activity

            People

              Unassigned Unassigned
              hossman Chris M. Hostetter
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: