Remove bouncy castle shaded module to avoid bring error of verifySingleJar #7453
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
codelipenghui
approved these changes
Jul 5, 2020
|
/pulsarbot run-failure-checks |
|
/pulsarbot run-failure-checks |
sijie
approved these changes
Jul 6, 2020
|
/pulsarbot run-failure-checks |
4 similar comments
|
/pulsarbot run-failure-checks |
|
/pulsarbot run-failure-checks |
|
/pulsarbot run-failure-checks |
|
/pulsarbot run-failure-checks |
|
ping @jiazhai |
jiazhai
force-pushed
the
remove_bc_shaded_module
branch
from
461d80d
to
34e9cfc
Compare
|
rebased with latest master |
|
/pulsarbot run-failure-checks |
1 similar comment
|
/pulsarbot run-failure-checks |
jiazhai
force-pushed
the
remove_bc_shaded_module
branch
from
c63aef3
to
8a545e7
Compare
|
/pulsarbot run-failure-checks |
1 similar comment
|
/pulsarbot run-failure-checks |
|
/pulsarbot run-failure-checks |
jiazhai
force-pushed
the
remove_bc_shaded_module
branch
from
d61e0a0
to
9ced015
Compare
jiazhai
changed the title
|
In #8270 with the BK upgrade we will bring in BouncyCastle again. |
jiazhai
force-pushed
the
remove_bc_shaded_module
branch
2 times, most recently
from
86e53ff
to
368b2e9
Compare
jiazhai
force-pushed
the
remove_bc_shaded_module
branch
from
368b2e9
to
264ac78
Compare
|
/pulsarbot run-failure-checks |
1 similar comment
|
/pulsarbot run-failure-checks |
|
/pulsarbot run-failure-checks |
jiazhai
changed the title
|
/pulsarbot run-failure-checks |
|
would like to remove the 2.6.2 tag, since this pr changed some pom files |
sijie
pushed a commit
that referenced
this pull request
Nov 10, 2020
### Motivation The docs of bc need an update after merge PR #7453, also we could include bc in the pulsar client to avoid reference it in other modules. ### Modifications - fix the docs after fix PR 7453; - make pulsar client include bc module; avoid other modules to include bc. - fix the pulsar-function bc jar issue. ### Verifying this change all the tests passed.
huangdx0726
pushed a commit
to huangdx0726/pulsar
that referenced
this pull request
Nov 13, 2020
…leJar (apache#7453) ### Motivation shade bouncy castle will cause some signature errors, this PR tries to remove the bouncy castle shaded module. Here is the related error stack: ``` 10:01:34.257 [pulsar-client-io-33-1] ERROR org.apache.pulsar.client.impl.ConsumerImpl - MessageCryptoBc may not included in the jar. e: java.lang.SecurityException: JCE cannot authenticate the provider BC at javax.crypto.Cipher.getInstance(Cipher.java:657) ~[?:1.8.0_121] at javax.crypto.Cipher.getInstance(Cipher.java:596) ~[?:1.8.0_121] at org.apache.pulsar.client.impl.crypto.MessageCryptoBc.<init>(MessageCryptoBc.java:147) ~[classes/:?] at org.apache.pulsar.client.impl.ConsumerImpl.<init>(ConsumerImpl.java:270) ~[classes/:?] at org.apache.pulsar.client.impl.ConsumerImpl.newConsumerImpl(ConsumerImpl.java:209) ~[classes/:?] at org.apache.pulsar.client.impl.PulsarClientImpl.lambda$doSingleTopicSubscribeAsync$5(PulsarClientImpl.java:364) ~[classes/:?] at java.util.concurrent.CompletableFuture.uniAccept(CompletableFuture.java:656) ~[?:1.8.0_131] at java.util.concurrent.CompletableFuture$UniAccept.tryFire(CompletableFuture.java:632) ~[?:1.8.0_131] ... Caused by: java.util.jar.JarException: file:/Users/jia/.m2/repository/org/apache/pulsar/bouncy-castle-bc-shaded/2.7.0-SNAPSHOT/bouncy-castle-bc-shaded-2.7.0-SNAPSHOT.jar has unsigned entries - org/bouncycastle/cert/AttributeCertificateHolder.class at javax.crypto.JarVerifier.verifySingleJar(JarVerifier.java:500) ~[?:1.8.0_121] at javax.crypto.JarVerifier.verifyJars(JarVerifier.java:361) ~[?:1.8.0_121] at javax.crypto.JarVerifier.verify(JarVerifier.java:289) ~[?:1.8.0_121] at javax.crypto.JceSecurity.verifyProviderJar(JceSecurity.java:159) ~[?:1.8.0_121] at javax.crypto.JceSecurity.getVerificationResult(JceSecurity.java:185) ~[?:1.8.0_121] at javax.crypto.Cipher.getInstance(Cipher.java:653) ~[?:1.8.0_121] ``` ### Modifications - Remove bouncy castle shaded module, avoid package bouncy castle into a dependency jar. - enhance test case to identify this error. ### Verifying this change ut passed. * remove dep of bc-shaded from other module * remove bc-shaded module * enhance testECDSAEncryption and testRSAEncryption to cover error case * fix license check * remove bc-shaded module * build a jar in jar to avoid break bc signature * use new bc dependency by classifier in maven * build pulsar-all docker image instead of pull from dockerhub in integration tests * remove nar * fix licence, fix error brings in apache#7640 * add bc when broker/client is referenced in pom * add missing bc reference in pom * change ci back to not build docker image
flowchartsman
pushed a commit
to flowchartsman/pulsar
that referenced
this pull request
Nov 17, 2020
…leJar (apache#7453) ### Motivation shade bouncy castle will cause some signature errors, this PR tries to remove the bouncy castle shaded module. Here is the related error stack: ``` 10:01:34.257 [pulsar-client-io-33-1] ERROR org.apache.pulsar.client.impl.ConsumerImpl - MessageCryptoBc may not included in the jar. e: java.lang.SecurityException: JCE cannot authenticate the provider BC at javax.crypto.Cipher.getInstance(Cipher.java:657) ~[?:1.8.0_121] at javax.crypto.Cipher.getInstance(Cipher.java:596) ~[?:1.8.0_121] at org.apache.pulsar.client.impl.crypto.MessageCryptoBc.<init>(MessageCryptoBc.java:147) ~[classes/:?] at org.apache.pulsar.client.impl.ConsumerImpl.<init>(ConsumerImpl.java:270) ~[classes/:?] at org.apache.pulsar.client.impl.ConsumerImpl.newConsumerImpl(ConsumerImpl.java:209) ~[classes/:?] at org.apache.pulsar.client.impl.PulsarClientImpl.lambda$doSingleTopicSubscribeAsync$5(PulsarClientImpl.java:364) ~[classes/:?] at java.util.concurrent.CompletableFuture.uniAccept(CompletableFuture.java:656) ~[?:1.8.0_131] at java.util.concurrent.CompletableFuture$UniAccept.tryFire(CompletableFuture.java:632) ~[?:1.8.0_131] ... Caused by: java.util.jar.JarException: file:/Users/jia/.m2/repository/org/apache/pulsar/bouncy-castle-bc-shaded/2.7.0-SNAPSHOT/bouncy-castle-bc-shaded-2.7.0-SNAPSHOT.jar has unsigned entries - org/bouncycastle/cert/AttributeCertificateHolder.class at javax.crypto.JarVerifier.verifySingleJar(JarVerifier.java:500) ~[?:1.8.0_121] at javax.crypto.JarVerifier.verifyJars(JarVerifier.java:361) ~[?:1.8.0_121] at javax.crypto.JarVerifier.verify(JarVerifier.java:289) ~[?:1.8.0_121] at javax.crypto.JceSecurity.verifyProviderJar(JceSecurity.java:159) ~[?:1.8.0_121] at javax.crypto.JceSecurity.getVerificationResult(JceSecurity.java:185) ~[?:1.8.0_121] at javax.crypto.Cipher.getInstance(Cipher.java:653) ~[?:1.8.0_121] ``` ### Modifications - Remove bouncy castle shaded module, avoid package bouncy castle into a dependency jar. - enhance test case to identify this error. ### Verifying this change ut passed. * remove dep of bc-shaded from other module * remove bc-shaded module * enhance testECDSAEncryption and testRSAEncryption to cover error case * fix license check * remove bc-shaded module * build a jar in jar to avoid break bc signature * use new bc dependency by classifier in maven * build pulsar-all docker image instead of pull from dockerhub in integration tests * remove nar * fix licence, fix error brings in apache#7640 * add bc when broker/client is referenced in pom * add missing bc reference in pom * change ci back to not build docker image
flowchartsman
pushed a commit
to flowchartsman/pulsar
that referenced
this pull request
Nov 17, 2020
### Motivation The docs of bc need an update after merge PR apache#7453, also we could include bc in the pulsar client to avoid reference it in other modules. ### Modifications - fix the docs after fix PR 7453; - make pulsar client include bc module; avoid other modules to include bc. - fix the pulsar-function bc jar issue. ### Verifying this change all the tests passed.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Motivation
shade bouncy castle will cause some signature errors, this PR tries to remove the bouncy castle shaded module.
Here is the related error stack:
Modifications
Verifying this change
ut passed.
documentation
put doc changes in a separate PR #7454. so it is easier for the release manager to cherry-pick this PR.