Bug 1906862

Summary: java test in selftest fails
Product: Red Hat Enterprise Linux 8 Reporter: Ondrej Moriš <omoris>
Component: java-1.8.0-openjdkAssignee: Andrew John Hughes <ahughes>
Status: CLOSED ERRATA QA Contact: OpenJDK QA <java-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 8.4CC: ahughes, dapospis, jandrlik, jvanek, lkonno, mbalao, rlucente, sgehwolf
Target Milestone: rcKeywords: Triaged, ZStream
Target Release: 8.0   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: java-1.8.0-openjdk-1.8.0.282.b02-0.2.ea.el8 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1908784 (view as bug list) Environment:
Last Closed: 2021-05-18 15:31:11 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1903942, 1908784    

Description Ondrej Moriš 2020-12-11 15:48:58 UTC 
Description of problem:

Subtest java.pl fails in the self-test.

Version-Release number of selected component (if applicable):

crypto-policies-20200713-1.git51d1222.el8

How reproducible:

100%

Steps to Reproduce:

1. Build the source rpm and run make check.

Actual results:

tests/java.pl
Java ciphersuites per policy
Checking the Java configuration
Checking policy DEFAULT
Exception in thread "main" java.security.NoSuchAlgorithmException: Default SSLContext not available
	at sun.security.jca.GetInstance.getInstance(GetInstance.java:159)
	at javax.net.ssl.SSLContext.getInstance(SSLContext.java:156)
	at javax.net.ssl.SSLContext.getDefault(SSLContext.java:96)
	at CipherList.main(CipherList.java:10)
Could not find TLS_EMPTY_RENEGOTIATION_INFO_SCSV in DEFAULT
make[1]: *** [Makefile:47: check] Error 1

Expected results:

Passed test.

Additional info:

FYI, default ciphers in openjdk changed. It was working in 8.3.
Comment 1 Andrew John Hughes 2020-12-14 19:41:25 UTC 
You don't seem to list the Java version above, but from IRC, it was java-1.8.0-openjdk-1:1.8.0.272.b06-0.1.el8

8u272 introduced a new TLS stack, with TLSv1.3 support: https://bugs.openjdk.java.net/browse/JDK-8245468
Comment 3 Severin Gehwolf 2020-12-15 14:53:32 UTC 
I had a look at the test. CipherList.java looks like:

import java.net.URL;
import java.io.*;
import javax.net.ssl.*;

public class CipherList
{
  public static void main(String[] args)
  throws Exception
  {
    SSLContext context = SSLContext.getDefault();
    int i;
    SSLSocketFactory sf = context.getSocketFactory();
    String[] cipherSuites = sf.getDefaultCipherSuites();

    for (i=0;i<cipherSuites.length;i++)
    {
      System.out.println(cipherSuites[i]);
    }

    System.exit(0);
  }
}

And it's failing at line 10, which is this:

SSLContext context = SSLContext.getDefault();

with:
Exception in thread "main" java.security.NoSuchAlgorithmException: Default SSLContext not available
	at sun.security.jca.GetInstance.getInstance(GetInstance.java:159)
	at javax.net.ssl.SSLContext.getInstance(SSLContext.java:156)
	at javax.net.ssl.SSLContext.getDefault(SSLContext.java:96)
	at CipherList.main(CipherList.java:10)


Note that this output is a red herring:
Could not find TLS_EMPTY_RENEGOTIATION_INFO_SCSV in DEFAULT
Comment 14 jiri vanek 2020-12-17 15:29:22 UTC 
 Test is to try initialising SSL with -Djava.security.disableSystemPropertiesFile
Comment 21 Martin Balao 2021-01-12 15:08:16 UTC 
*** Bug 1915071 has been marked as a duplicate of this bug. ***
Comment 34 errata-xmlrpc 2021-05-18 15:31:11 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (java-1.8.0-openjdk bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2021:1795