-
Notifications
You must be signed in to change notification settings - Fork 3.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remove bouncy castle shaded module to avoid bring error of verifySingleJar #7453
Conversation
/pulsarbot run-failure-checks |
/pulsarbot run-failure-checks |
/pulsarbot run-failure-checks |
4 similar comments
/pulsarbot run-failure-checks |
/pulsarbot run-failure-checks |
/pulsarbot run-failure-checks |
/pulsarbot run-failure-checks |
ping @jiazhai |
461d80d
to
34e9cfc
Compare
rebased with latest master |
/pulsarbot run-failure-checks |
1 similar comment
/pulsarbot run-failure-checks |
c63aef3
to
8a545e7
Compare
/pulsarbot run-failure-checks |
1 similar comment
/pulsarbot run-failure-checks |
/pulsarbot run-failure-checks |
d61e0a0
to
9ced015
Compare
In #8270 with the BK upgrade we will bring in BouncyCastle again. |
86e53ff
to
368b2e9
Compare
368b2e9
to
264ac78
Compare
/pulsarbot run-failure-checks |
1 similar comment
/pulsarbot run-failure-checks |
/pulsarbot run-failure-checks |
/pulsarbot run-failure-checks |
would like to remove the 2.6.2 tag, since this pr changed some pom files |
### Motivation The docs of bc need an update after merge PR #7453, also we could include bc in the pulsar client to avoid reference it in other modules. ### Modifications - fix the docs after fix PR 7453; - make pulsar client include bc module; avoid other modules to include bc. - fix the pulsar-function bc jar issue. ### Verifying this change all the tests passed.
…leJar (apache#7453) ### Motivation shade bouncy castle will cause some signature errors, this PR tries to remove the bouncy castle shaded module. Here is the related error stack: ``` 10:01:34.257 [pulsar-client-io-33-1] ERROR org.apache.pulsar.client.impl.ConsumerImpl - MessageCryptoBc may not included in the jar. e: java.lang.SecurityException: JCE cannot authenticate the provider BC at javax.crypto.Cipher.getInstance(Cipher.java:657) ~[?:1.8.0_121] at javax.crypto.Cipher.getInstance(Cipher.java:596) ~[?:1.8.0_121] at org.apache.pulsar.client.impl.crypto.MessageCryptoBc.<init>(MessageCryptoBc.java:147) ~[classes/:?] at org.apache.pulsar.client.impl.ConsumerImpl.<init>(ConsumerImpl.java:270) ~[classes/:?] at org.apache.pulsar.client.impl.ConsumerImpl.newConsumerImpl(ConsumerImpl.java:209) ~[classes/:?] at org.apache.pulsar.client.impl.PulsarClientImpl.lambda$doSingleTopicSubscribeAsync$5(PulsarClientImpl.java:364) ~[classes/:?] at java.util.concurrent.CompletableFuture.uniAccept(CompletableFuture.java:656) ~[?:1.8.0_131] at java.util.concurrent.CompletableFuture$UniAccept.tryFire(CompletableFuture.java:632) ~[?:1.8.0_131] ... Caused by: java.util.jar.JarException: file:/Users/jia/.m2/repository/org/apache/pulsar/bouncy-castle-bc-shaded/2.7.0-SNAPSHOT/bouncy-castle-bc-shaded-2.7.0-SNAPSHOT.jar has unsigned entries - org/bouncycastle/cert/AttributeCertificateHolder.class at javax.crypto.JarVerifier.verifySingleJar(JarVerifier.java:500) ~[?:1.8.0_121] at javax.crypto.JarVerifier.verifyJars(JarVerifier.java:361) ~[?:1.8.0_121] at javax.crypto.JarVerifier.verify(JarVerifier.java:289) ~[?:1.8.0_121] at javax.crypto.JceSecurity.verifyProviderJar(JceSecurity.java:159) ~[?:1.8.0_121] at javax.crypto.JceSecurity.getVerificationResult(JceSecurity.java:185) ~[?:1.8.0_121] at javax.crypto.Cipher.getInstance(Cipher.java:653) ~[?:1.8.0_121] ``` ### Modifications - Remove bouncy castle shaded module, avoid package bouncy castle into a dependency jar. - enhance test case to identify this error. ### Verifying this change ut passed. * remove dep of bc-shaded from other module * remove bc-shaded module * enhance testECDSAEncryption and testRSAEncryption to cover error case * fix license check * remove bc-shaded module * build a jar in jar to avoid break bc signature * use new bc dependency by classifier in maven * build pulsar-all docker image instead of pull from dockerhub in integration tests * remove nar * fix licence, fix error brings in apache#7640 * add bc when broker/client is referenced in pom * add missing bc reference in pom * change ci back to not build docker image
…leJar (apache#7453) ### Motivation shade bouncy castle will cause some signature errors, this PR tries to remove the bouncy castle shaded module. Here is the related error stack: ``` 10:01:34.257 [pulsar-client-io-33-1] ERROR org.apache.pulsar.client.impl.ConsumerImpl - MessageCryptoBc may not included in the jar. e: java.lang.SecurityException: JCE cannot authenticate the provider BC at javax.crypto.Cipher.getInstance(Cipher.java:657) ~[?:1.8.0_121] at javax.crypto.Cipher.getInstance(Cipher.java:596) ~[?:1.8.0_121] at org.apache.pulsar.client.impl.crypto.MessageCryptoBc.<init>(MessageCryptoBc.java:147) ~[classes/:?] at org.apache.pulsar.client.impl.ConsumerImpl.<init>(ConsumerImpl.java:270) ~[classes/:?] at org.apache.pulsar.client.impl.ConsumerImpl.newConsumerImpl(ConsumerImpl.java:209) ~[classes/:?] at org.apache.pulsar.client.impl.PulsarClientImpl.lambda$doSingleTopicSubscribeAsync$5(PulsarClientImpl.java:364) ~[classes/:?] at java.util.concurrent.CompletableFuture.uniAccept(CompletableFuture.java:656) ~[?:1.8.0_131] at java.util.concurrent.CompletableFuture$UniAccept.tryFire(CompletableFuture.java:632) ~[?:1.8.0_131] ... Caused by: java.util.jar.JarException: file:/Users/jia/.m2/repository/org/apache/pulsar/bouncy-castle-bc-shaded/2.7.0-SNAPSHOT/bouncy-castle-bc-shaded-2.7.0-SNAPSHOT.jar has unsigned entries - org/bouncycastle/cert/AttributeCertificateHolder.class at javax.crypto.JarVerifier.verifySingleJar(JarVerifier.java:500) ~[?:1.8.0_121] at javax.crypto.JarVerifier.verifyJars(JarVerifier.java:361) ~[?:1.8.0_121] at javax.crypto.JarVerifier.verify(JarVerifier.java:289) ~[?:1.8.0_121] at javax.crypto.JceSecurity.verifyProviderJar(JceSecurity.java:159) ~[?:1.8.0_121] at javax.crypto.JceSecurity.getVerificationResult(JceSecurity.java:185) ~[?:1.8.0_121] at javax.crypto.Cipher.getInstance(Cipher.java:653) ~[?:1.8.0_121] ``` ### Modifications - Remove bouncy castle shaded module, avoid package bouncy castle into a dependency jar. - enhance test case to identify this error. ### Verifying this change ut passed. * remove dep of bc-shaded from other module * remove bc-shaded module * enhance testECDSAEncryption and testRSAEncryption to cover error case * fix license check * remove bc-shaded module * build a jar in jar to avoid break bc signature * use new bc dependency by classifier in maven * build pulsar-all docker image instead of pull from dockerhub in integration tests * remove nar * fix licence, fix error brings in apache#7640 * add bc when broker/client is referenced in pom * add missing bc reference in pom * change ci back to not build docker image
### Motivation The docs of bc need an update after merge PR apache#7453, also we could include bc in the pulsar client to avoid reference it in other modules. ### Modifications - fix the docs after fix PR 7453; - make pulsar client include bc module; avoid other modules to include bc. - fix the pulsar-function bc jar issue. ### Verifying this change all the tests passed.
Motivation
shade bouncy castle will cause some signature errors, this PR tries to remove the bouncy castle shaded module.
Here is the related error stack:
Modifications
Verifying this change
ut passed.
documentation
put doc changes in a separate PR #7454. so it is easier for the release manager to cherry-pick this PR.