Severity 2 - Major
Importing repositories from Bitbucket Cloud / Github fails on Bitbucket Server running on Java 11. Additionally, it causes abnormal CPU utilization on the server and queues up additional import requests.
Java 11 (Even the latest version, `11.0.3`)
$java -version openjdk version "11.0.3" 2019-04-16 OpenJDK Runtime Environment AdoptOpenJDK (build 11.0.3+7) OpenJDK 64-Bit Server VM AdoptOpenJDK (build 11.0.3+7, mixed mode)
Steps to Reproduce
- Use Java 11 JRE to run bitbucket server (any version >= 6.0)
- Try to import a repository from github/bitbucket cloud
No errors are found in the server logs and the UI
In the server logs,
2019-06-06 14:38:51,984 WARN [http-nio-7990-exec-2] admin @1BEE1W4x878x6x0 ovgau 0:0:0:0:0:0:0:1 "POST /rest/importer/latest/external-source/owners HTTP/1.1" c.a.b.i.i.r.ExternalRepositoryResource Error making external request: Request to the external repository source failed with error: 'peer not authenticated'
Attaching the screenshot of what happens on the UI.
Additionally, subsequent import requests start getting queued on the server and they get timed out on the UI (504- Gateway error). Also, on the server side, cpu utilization goes to crazy high levels and never comes down till the app is restarted.
1) Run Bitbucket Server with Java 8; or
2) Run Bitbucket Server with Java 11.0.8 or later; or
2) The issue is observed with Java 11 that uses TLS v3. Using TLS v2 works fine and doesn't cause this issue. This can be done by setting the following JVM parameter: -Dhttps.protocols=TLSv1.2 while starting bitbucket server up.
This might also effect other functionalities of the app that use the HttpClient , most notably webhooks and some third party apps.