mirror of
https://github.com/gogrlx/nats-server.git
synced 2026-04-16 19:14:41 -07:00
832dcc9246
Cert Store (aka wincert) feature wasn't properly handling TLS 1.2 handshake with TLS 1.2 clients that do not support RSA signature with PSS padding. With this update, Cert Store will perform either PKCS#1 v1.5 or PSS padding for RSA signature depending on what type is negotiated by the TLS 1.2 client. Issue surfaces with the NATS .NET v1 client which supports TLS 1.2 only (.NET 4.6.2 dependency) only when the client application was hosted on Windows 10 Enterprise LTSC 2019 (equivalent also to Windows 10 1809 and Windows Server 2019). If the same client was executed on a more modern Windows 10 release, RSA signature with PSS padding was negotiated and succeeded normally. The Go NATS client as well as any client operating at TLS 1.3 level would not exhibit the issue as TLS 1.3 requires PSS. Fix tested good on Windows 10 Enterprise LTSC 2019 host and in confirmed fixed in user's Windows environment where the issue was originally detected.
Tests
Tests that run on Travis have been split into jobs that run in their own VM in parallel. This reduces the overall running time but also is allowing recycling of a job when we get a flapper as opposed to have to recycle the whole test suite.
JetStream Tests
For JetStream tests, we need to observe a naming convention so that no tests are omitted when running on Travis.
The script runTestsOnTravis.sh will run a given job based on the definition found in ".travis.yml".
As for the naming convention:
- All JetStream tests name should start with
TestJetStream - Cluster tests should go into
jetstream_cluster_test.goand start withTestJetStreamCluster - Super-cluster tests should go into
jetstream_super_cluster_test.goand start withTestJetStreamSuperCluster
Not following this convention means that some tests may not be executed on Travis.