Details
-
Bug
-
Resolution: Known Error
-
Major
-
2.8.5
-
Security Level: Public
-
None
-
JAK 59
-
1
Description
Lauren Nguyen, Pasin Suriyentrakorn and I have all seen nearly all of the URLEndpointListener tests fail, repeatably, for some period of time. Then they stop failing and all seems well for a while. And back and forth. Here is the failure:
com.couchbase.lite.URLEndpointListenerTest > testTLSPinnedCertClientAuthenticatorWithChainedServerCredentials FAILED
|
CouchbaseLiteException{CouchbaseLite,1,'Assertion failed: mbedtls_pk_check_pair(cert->subjectPublicKey()->context(), privateKey->context()) == 0
|
(CouchbaseLite Java v3.1.0-SNAPSHOT (EE/release Build/SNAPSHOT Commit/unofficial@HQ-Rename0337 Core/0.0.0-EE (28a5bd11+1e2fa432+)) Java 1.8.0_291; Mac OS X)'}
|
at com.couchbase.lite.CouchbaseLiteException.toCouchbaseLiteException(CouchbaseLiteException.java:100)
|
at com.couchbase.lite.CouchbaseLiteException.convertException(CouchbaseLiteException.java:47)
|
at com.couchbase.lite.internal.core.C4Listener.createTlsListenerPasswordAuth(C4Listener.java:216)
|
at com.couchbase.lite.URLEndpointListener.startLocked(URLEndpointListener.java:235)
|
at com.couchbase.lite.URLEndpointListener.start(URLEndpointListener.java:158)
|
at com.couchbase.lite.URLEndpointListenerTest.listenTls(URLEndpointListenerTest.kt:1207)
|
at com.couchbase.lite.URLEndpointListenerTest.listenTls$default(URLEndpointListenerTest.kt:1197)
|
at com.couchbase.lite.URLEndpointListenerTest.testTLSPinnedCertClientAuthenticatorWithChainedServerCredentials(URLEndpointListenerTest.kt:355) Caused by:
|
LiteCoreException{1, 1, "Assertion failed: mbedtls_pk_check_pair(cert->subjectPublicKey()->context(), privateKey->context()) == 0"}
|
at com.couchbase.lite.LiteCoreException.throwException(LiteCoreException.java:26)
|
at com.couchbase.lite.internal.core.impl.NativeC4Listener.startTls(Native Method)
|
at com.couchbase.lite.internal.core.impl.NativeC4Listener.nStartTls(NativeC4Listener.java:81)
|
at com.couchbase.lite.internal.core.C4Listener.createTlsListenerPasswordAuth(C4Listener.java:198)
|
Pasin Suriyentrakorn seems to have tracked the problem to garbage in the parameter `data`, calling the method `sign`, in this code: https://github.com/couchbaselabs/couchbase-lite-java-ee-root/blob/java/release/hyd[]…n/java/com/couchbase/lite/internal/KeyStoreManagerDelegate.java
It seems likely that the underlying array is being freed, somehow.