提交 793c2f43 编写于 作者: W weijun

8035963: The failed Kerberos tests due to timeouts

Reviewed-by: alanb, xuelei
上级 a2daec0c
......@@ -229,15 +229,6 @@ sun/security/pkcs11/sslecc/ClientJSSEServerJSSE.java solaris-all
java/security/KeyPairGenerator/SolarisShortDSA.java solaris-all
sun/security/tools/keytool/standard.sh solaris-all
# 8000439: NPG: REGRESSION : sun/security/krb5/auto/MaxRetries.java fails with timeout
sun/security/krb5/auto/MaxRetries.java solaris-sparcv9
# 8006690: sun/security/krb5/auto/BadKdc1.java fails intermittently
sun/security/krb5/auto/BadKdc1.java solaris-sparcv9
sun/security/krb5/auto/BadKdc2.java solaris-sparcv9
sun/security/krb5/auto/BadKdc3.java solaris-sparcv9
sun/security/krb5/auto/BadKdc4.java solaris-sparcv9
############################################################################
# jdk_sound
......
......@@ -39,7 +39,29 @@ public class BadKdc {
// ^ kdc# ^ timeout
static final Pattern re = Pattern.compile(
">>> KDCCommunication: kdc=kdc.rabbit.hole UDP:(\\d)...., " +
"timeout=(\\d)000,");
"timeout=(\\d+),");
// Ratio for timeout values of all timeout tests. Not final so that
// each test can choose their own.
static float ratio = 2f;
static void setRatio(float ratio) {
BadKdc.ratio = ratio;
}
static float getRatio() {
return ratio;
}
// Gets real timeout value. This method is called when writing krb5.conf
static int toReal(int from) {
return (int)(from * ratio + .5);
}
// De-ratio a millisecond value to second
static int toSymbolicSec(int from) {
return (int)(from / ratio / 1000f + 0.5);
}
/*
* There are several cases this test fails:
......@@ -101,7 +123,7 @@ public class BadKdc {
fw.write("[libdefaults]\n" +
"default_realm = " + OneKDC.REALM + "\n" +
"kdc_timeout = 2000\n");
"kdc_timeout = " + toReal(2000) + "\n");
fw.write("[realms]\n" + OneKDC.REALM + " = {\n" +
"kdc = " + OneKDC.KDCHOST + ":" + p1 + "\n" +
"kdc = " + OneKDC.KDCHOST + ":" + p2 + "\n" +
......@@ -184,7 +206,8 @@ public class BadKdc {
Matcher m = re.matcher(line);
if (m.find()) {
System.out.println(line);
sb.append(m.group(1)).append(m.group(2));
sb.append(m.group(1))
.append(toSymbolicSec(Integer.parseInt(m.group(2))));
}
}
if (failed) sb.append('-');
......
......@@ -28,14 +28,21 @@
* @summary krb5 should not try to access unavailable kdc too often
*/
import java.io.*;
import java.security.Security;
public class BadKdc1 {
public static void main(String[] args)
throws Exception {
Security.setProperty("krb5.kdc.bad.policy", "tryLess");
// 5 sec is default timeout for tryLess
if (BadKdc.getRatio() > 2.5) {
Security.setProperty("krb5.kdc.bad.policy",
"tryLess:1," + BadKdc.toReal(2000));
} else {
Security.setProperty("krb5.kdc.bad.policy", "tryLess");
}
BadKdc.go(
"121212222222(32){1,2}1222(32){1,2}", // 1 2
// The above line means try kdc1 for 2 seconds then kdc1
......
......@@ -35,7 +35,12 @@ public class BadKdc2 {
public static void main(String[] args)
throws Exception {
Security.setProperty("krb5.kdc.bad.policy", "tryLess:2,1000");
// 1 sec is too short.
BadKdc.setRatio(3.0f);
Security.setProperty(
"krb5.kdc.bad.policy", "tryLess:2," + BadKdc.toReal(1000));
BadKdc.go(
"121212222222(32){1,2}11112121(32){1,2}", // 1 2
"11112121(32){1,2}11112121(32){1,2}", // 1 2
......
......@@ -60,7 +60,7 @@ public class MaxRetries {
test1(5000, 2); // 2 2
// For tryLess
Security.setProperty("krb5.kdc.bad.policy", "tryless");
Security.setProperty("krb5.kdc.bad.policy", "tryless:1," + BadKdc.toReal(5000));
rewriteMaxRetries(4);
test1(4000, 7); // 1 1 1 1 2 1 2
test1(4000, 4); // 1 2 1 2
......@@ -94,7 +94,7 @@ public class MaxRetries {
* @param count the expected total try
*/
private static void test1(int timeout, int count) throws Exception {
String timeoutTag = "timeout=" + timeout;
String timeoutTag = "timeout=" + BadKdc.toReal(timeout);
ByteArrayOutputStream bo = new ByteArrayOutputStream();
PrintStream oldout = System.out;
System.setOut(new PrintStream(bo));
......@@ -192,12 +192,12 @@ public class MaxRetries {
if (s.startsWith("[realms]")) {
// Reconfig global setting
fw.write("max_retries = 2\n");
fw.write("kdc_timeout = 5000\n");
fw.write("kdc_timeout = " + BadKdc.toReal(5000) + "\n");
} else if (s.trim().startsWith("kdc = ")) {
if (value != -1) {
// Reconfig for realm
fw.write(" max_retries = " + value + "\n");
fw.write(" kdc_timeout = " + (value*1000) + "\n");
fw.write(" kdc_timeout = " + BadKdc.toReal(value*1000) + "\n");
}
// Add a bad KDC as the first candidate
fw.write(" kdc = localhost:33333\n");
......
......@@ -63,7 +63,7 @@ public class TcpTimeout {
"udp_preference_limit = 1\n" +
"max_retries = 2\n" +
"default_realm = " + OneKDC.REALM + "\n" +
"kdc_timeout = 5000\n");
"kdc_timeout = " + BadKdc.toReal(5000) + "\n");
fw.write("[realms]\n" + OneKDC.REALM + " = {\n" +
"kdc = " + OneKDC.KDCHOST + ":" + p1 + "\n" +
"kdc = " + OneKDC.KDCHOST + ":" + p2 + "\n" +
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册