On Thu, 30 Apr 2026 15:58:25 GMT, SendaoYan <[email protected]> wrote:
>> Hi all, >> >> ## Problem tobe fixed >> >> The `empty` ssub-test of javax/net/ssl/ciphersuites/DisabledAlgorithms.java >> could hang util the jtreg timeout expires when the TLS handshake stalled >> after an error (e.g. server reports "Unsupported or unrecognized SSL >> message" while the client blocks in the handshake/read path). The stack >> trace and the detial test log shows in the JBS issue. >> >> In addition, the `default` subtest (failure path) contains a flaky assertion >> which required the server to observe an SSL exception. In some runs the >> client fails early (as expected) before the server get far enough to throw >> an SSL handshake exception, cause intermittent failres like "Expected SSL >> exception not thrown on server side". >> >> ## Fix solution in this PR >> >> - Make the handshake bounded and deteministic: >> - Configure `SOCKET_TIMEOUT` on both client and server SSLSocket instances >> - Explicitly call `SSlSocket.startHandShake()` on both sides. >> - Avoid cross-connection interference: >> - Run each ciper suite against it's own server instance congifured with >> that single suite. >> - Remove the extra application-data exho exchange, this test only needs >> the handshake and negotiated cipher suite. >> - Fix the flaky expectations in the failure path: >> - Accept the expected handshake failure if it is observed by either the >> client or the server. >> >> ## Additonal testing: >> >> - [ ] Run the test 10k times on linux-x64 >> >> >> >> --------- >> - [x] I confirm that I make this contribution in accordance with the >> [OpenJDK Interim AI Policy](https://openjdk.org/legal/ai). > > SendaoYan has updated the pull request incrementally with one additional > commit since the last revision: > > Revert the read/write change LGTM. ------------- Marked as reviewed by djelinski (Reviewer). PR Review: https://git.openjdk.org/jdk/pull/30995#pullrequestreview-4217935613
