Hi, Had a bit of spare time to investigate this one (almost end of Friday for me anyway, hooray!).
There are two unit tests in Sha512 hanging for me in Eclipse, testSha512CryptExplicitCall and testSha512CryptNullData. The code that the test uses and hangs in my JVM can be simplified to: ``` String salt = B64.getRandomSalt(8); System.out.println(salt); // never seen ``` Looking at B64, we have this: `SecureRandom.getInstanceStrong()`, which is the random object. Used to randomly pick a letter of the B64 alphabet. It appears this one may take a long time in some systems due to low entropy. i.e. it tries to gather more random data to give you a really strong random... only that it appears to take a long long time for my JVM. Cheers Bruno https://tersesystems.com/blog/2015/12/17/the-right-way-to-use-securerandom/ On Friday, 8 February 2019, 2:31:35 pm NZDT, Rob Tompkins <chtom...@gmail.com> wrote: > On Feb 7, 2019, at 8:17 PM, sebb <seb...@gmail.com> wrote: > > It builds fine on ubuntu trusty with Java 8 Agree > > https://builds.apache.org/view/A-D/view/Commons/job/Commons-Codec-Adhoc/ > > Maybe sprinkle the Sha2Crypt.sha2Crypt method with debug prints to see > where the code is hanging? > > Or can you run the test in an IDE that allows you to interrupt it if it hangs? > >> On Fri, 8 Feb 2019 at 01:05, Gary Gregory <garydgreg...@gmail.com> wrote: >> >>> On Thu, Feb 7, 2019 at 5:18 PM Gary Gregory <garydgreg...@gmail.com> wrote: >>> >>> On Thu, Feb 7, 2019 at 9:03 AM Gary Gregory <garydgreg...@gmail.com> >>> wrote: >>> >>>> +0 >>>> >>>> Testing RC from the git tag. >>>> >>>> Apache RAT check OK. >>>> Apache CLIRR check OK. >>>> >>>> Running 'mvn -V clean package site' using Oracle Java 8 and 11 on Windows >>>> 10.0.16299.904: >>>> >>>> Apache Maven 3.6.0 (97c98ec64a1fdfee7767ce5ffb20918da4f719f3; >>>> 2018-10-24T14:41:47-04:00) >>>> Maven home: C:\Java\apache-maven-3.6.0\bin\.. >>>> Java version: 1.8.0_202, vendor: Oracle Corporation, runtime: C:\Program >>>> Files\Java\jdk1.8.0_202\jre >>>> Default locale: en_US, platform encoding: Cp1252 >>>> OS name: "windows 10", version: "10.0", arch: "amd64", family: "windows" >>>> >>>> Apache Maven 3.6.0 (97c98ec64a1fdfee7767ce5ffb20918da4f719f3; >>>> 2018-10-24T14:41:47-04:00) >>>> Maven home: C:\Java\apache-maven-3.6.0\bin\.. >>>> Java version: 11.0.2, vendor: Oracle Corporation, runtime: C:\Program >>>> Files\Java\jdk-11.0.2 >>>> Default locale: en_US, platform encoding: Cp1252 >>>> OS name: "windows 10", version: "10.0", arch: "amd64", family: "windows" >>>> >>>> BUT on Ubuntu in a VirtualBox VM running 'mvn clean test' >>>> >>>> Apache Maven 3.5.2 >>>> Maven home: /usr/share/maven >>>> Java version: 1.8.0_191, vendor: Oracle Corporation >>>> Java home: /usr/lib/jvm/java-8-openjdk-amd64/jre >>>> Default locale: en_US, platform encoding: UTF-8 >>>> OS name: "linux", version: "4.15.0-45-generic", arch: "amd64", family: >>>> "unix" >>>> >>>> [INFO] Running org.apache.commons.codec.digest.Sha256CryptTest >>>> >>>> Never seems to come back. >>>> >>>> I tried to deactivate Jacoco like this: 'mvn clean test -P-jacoco' >>>> >>>> But it still hangs. >>>> >>>> Running the test by itself also hangs: 'mvn clean test -P-jacoco >>>> -Dtest=org.apache.commons.codec.digest.Sha256CryptTest' >>>> >>>> Since Bruno reported problems with the 512 version of this test, I ran >>>> 'mvn clean test -P-jacoco >>>> -Dtest=org.apache.commons.codec.digest.Sha512CryptTest' >>>> >>>> And that hangs as well. >>>> >>>> I thought Surefire might be bonky so I tried an older version: 'mvn clean >>>> test -P-jacoco -Dtest=Sha512CryptTest -Dcommons.surefire.version=2.19' >>>> >>>> Same result. The latest Surefire: 'mvn clean test -P-jacoco >>>> -Dtest=Sha512CryptTest -Dcommons.surefire.version=3.0.0-M3' >>>> >>>> Same hang. >>>> >>>> What is going on here? >>>> >>> >>> These work: >>> >>> Maven home: /usr/share/maven >>> Java version: 1.8.0_191, vendor: Oracle Corporation >>> Java home: /usr/lib/jvm/java-8-openjdk-amd64/jre >>> Default locale: en_US, platform encoding: UTF-8 >>> OS name: "linux", version: "4.15.0-45-generic", arch: "amd64", family: >>> "unix" >>> >>> - mvn test -P-jacoco -Dtest=Sha512CryptTest#ttestSha256LargetThanBlocksize >>> - mvn test -P-jacoco -Dtest=Sha512CryptTest#testSha2CryptRounds >>> - mvn test -P-jacoco -Dtest=Sha512CryptTest#testSha2CryptWrongSalt >>> - mvn test -P-jacoco -Dtest=Sha512CryptTest#testSha512CryptBytes >>> - mvn test -P-jacoco >>> -Dtest=Sha512CryptTest#testSha512CryptExplicitCallThreadLocalRandom >>> - mvn test -P-jacoco -Dtest=Sha512CryptTest#testSha512CryptStrings >>> - mvn test -P-jacoco -Dtest=testSha512CryptWithEmptySalt >>> >>> These hang: >>> >>> - mvn test -P-jacoco -Dtest=Sha512CryptTest#testSha512CryptExplicitCall >>> - mvn test -P-jacoco -Dtest=Sha512CryptTest#testSha512CryptNullData >>> >>> Gary >>> >> >> JVM dumps suggest that std out is corrupted. Not sure how. >> >> Gary >> >> >>> >>> >>>> >>>> Gary >>>> >>>>> On Wed, Feb 6, 2019 at 8:35 PM Rob Tompkins <chtom...@apache.org> wrote: >>>>> >>>>> We have fixed quite a few bugs and added some significant enhancements >>>>> since Apache Commons Codec 1.11 was released, so I would like to release >>>>> Apache Commons Codec 1.12. >>>>> >>>>> Apache Commons Codec 1.12 RC2 is available for review here: >>>>> https://dist.apache.org/repos/dist/dev/commons/codec/1.12-RC2 (svn >>>>> revision 32379) >>>>> >>>>> The Git tag commons-codec-1.12-RC2 commit for this RC is >>>>> 1884dc028bce8094e8ddd7a9fc192a107a64527a which you can browse here: >>>>> >>>>> https://github.com/apache/commons-codec/releases/tag/commons-codec-1.12-RC2 >>>>> >>>>> Maven artifacts are here: >>>>> >>>>> https://repository.apache.org/content/repositories/orgapachecommons-1422/commons-codec/commons-codec/1.12/ >>>>> >>>>> These are the Maven artifacts and their hashes in Nexus: >>>>> >>>>> #Nexus SHA-1s >>>>> >>>>> commons-codec-1.12-test-sources.jar=e1d0720914bfd0f66b1dcfbcdc8e9fe4fa0894e9 >>>>> commons-codec-1.12-sources.jar=0505647b6ed7596ded436a73182bf4cea54ce0e1 >>>>> commons-codec-1.12-tests.jar=21c1fbe4dff1e753d3e7a7c015ac53f2d2ee3362 >>>>> commons-codec-1.12-javadoc.jar=6f10d84b315b35279b91dbe06be126e39026fed7 >>>>> commons-codec-1.12.pom=b6ee2dbae68adfa3c773cf9c4f2b91c56ce1f43f >>>>> commons-codec-1.12.jar=47a2b4c44cccd9d7280cef418cd92a9ee4d43206 >>>>> >>>>> #Release SHA-512s >>>>> #Wed Feb 06 20:24:19 EST 2019 >>>>> >>>>> commons-codec-1.12-bin-tar.gz=18b28a924791cf6b40791b5130468d8ceee8d2bb60550ebb600cf448ab79ad14e64cd8d4c8e71ea8dedcc06e5a00247ee05e372ac4f3e10b34a2a56b29801d8f >>>>> >>>>> commons-codec-1.12-src-zip=bcc4640aa907dec8adc18f5e7b2249bba70ce10684b97ada77447d662305f4012a7b4829744442e05035b4f567cb29d3a74385073d8e3463e77301466622b8cd >>>>> >>>>> commons-codec-1.12-bin-zip=8e483cf13daadf6d8e0e3ee4245f9e604dec8c82632e70076247b59f1dfcb78423ae3eaf4cef71f6f655b20882851b30338542084af7c626efdfaf6c3331827a >>>>> >>>>> commons-codec-1.12-src-tar.gz=cb218aee53d6fe5d9680eea9fb374d1771900d0a76a23af404c21c169e3903b81fd03b4df20fdcfb16b8aa359d02d88298b04a9205ec94d2740934741dfb0143 >>>>> >>>>> >>>>> >>>>> I have tested this with ***'mvn clean install site'*** using: >>>>> Apache Maven 3.6.0 (97c98ec64a1fdfee7767ce5ffb20918da4f719f3; >>>>> 2018-10-24T14:41:47-04:00) >>>>> Maven home: /usr/local/Cellar/maven/3.6.0/libexec >>>>> Java version: 1.8.0_191, vendor: Oracle Corporation, runtime: >>>>> /Library/Java/JavaVirtualMachines/jdk1.8.0_191.jdk/Contents/Home/jre >>>>> Default locale: en_US, platform encoding: UTF-8 >>>>> OS name: "mac os x", version: "10.14.3", arch: "x86_64", family: "mac" >>>>> >>>>> Details of changes since 1.11 are in the release notes: >>>>> >>>>> https://dist.apache.org/repos/dist/dev/commons/codec/1.12-RC2/RELEASE-NOTES.txt >>>>> >>>>> https://dist.apache.org/repos/dist/dev/commons/codec/1.12-RC2/site/changes-report.html >>>>> >>>>> Site: >>>>> https://dist.apache.org/repos/dist/dev/commons/codec/1.12-RC2/site >>>>> (note some *relative* links are broken and the 1.12 directories are >>>>> not yet created - these will be OK once the site is deployed.) >>>>> >>>>> JApiCmp Report (compared to 1.11): >>>>> >>>>> https://dist.apache.org/repos/dist/dev/commons/codec/1.12-RC2/site/japicmp.html >>>>> >>>>> RAT Report: >>>>> >>>>> https://dist.apache.org/repos/dist/dev/commons/codec/1.12-RC2/site/rat-report.html >>>>> >>>>> KEYS: >>>>> https://www.apache.org/dist/commons/KEYS >>>>> >>>>> Please review the release candidate and vote. >>>>> This vote will close no sooner that 72 hours from now. >>>>> >>>>> [ ] +1 Release these artifacts >>>>> [ ] +0 OK, but... >>>>> [ ] -0 OK, but really should fix... >>>>> [ ] -1 I oppose this release because... >>>>> >>>>> Thank you, >>>>> >>>>> Rob Tompkins, >>>>> Release Manager (using key B6E73D84EA4FCC47166087253FAAD2CD5ECBB314) >>>>> >>>>> >>>>> --------------------------------------------------------------------- >>>>> To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org >>>>> For additional commands, e-mail: dev-h...@commons.apache.org >>>>> >>>>> > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org > For additional commands, e-mail: dev-h...@commons.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
