You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by pe...@apache.org on 2021/11/26 13:10:24 UTC
[pulsar] 13/14: Use JDK default security provider when Conscrypt isn't available (#12938)
This is an automated email from the ASF dual-hosted git repository.
penghui pushed a commit to branch branch-2.8
in repository https://gitbox.apache.org/repos/asf/pulsar.git
commit affd256a645e97ce4e05038b057e85cd772032ec
Author: Lari Hotari <lh...@users.noreply.github.com>
AuthorDate: Thu Nov 25 15:29:24 2021 +0200
Use JDK default security provider when Conscrypt isn't available (#12938)
- fixes issue with ARM64 platform where Conscrypt isn't available
(cherry picked from commit 4f2d52edfbb53f043ed5640ccde694b60707eea3)
---
.../java/org/apache/pulsar/common/util/SecurityUtility.java | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/pulsar-common/src/main/java/org/apache/pulsar/common/util/SecurityUtility.java b/pulsar-common/src/main/java/org/apache/pulsar/common/util/SecurityUtility.java
index fb6c835..30f019d 100644
--- a/pulsar-common/src/main/java/org/apache/pulsar/common/util/SecurityUtility.java
+++ b/pulsar-common/src/main/java/org/apache/pulsar/common/util/SecurityUtility.java
@@ -116,6 +116,16 @@ public class SecurityUtility {
}
private static Provider loadConscryptProvider() {
+ Class<?> conscryptClazz;
+
+ try {
+ conscryptClazz = Class.forName("org.conscrypt.Conscrypt");
+ conscryptClazz.getMethod("checkAvailability").invoke(null);
+ } catch (Throwable e) {
+ log.warn("Conscrypt isn't available. Using JDK default security provider.", e);
+ return null;
+ }
+
Provider provider;
try {
provider = (Provider) Class.forName(CONSCRYPT_PROVIDER_CLASS).newInstance();
@@ -143,7 +153,6 @@ public class SecurityUtility {
// contains the workaround.
try {
HostnameVerifier hostnameVerifier = new TlsHostnameVerifier();
- Class<?> conscryptClazz = Class.forName("org.conscrypt.Conscrypt");
Object wrappedHostnameVerifier = conscryptClazz
.getMethod("wrapHostnameVerifier",
new Class[]{HostnameVerifier.class}).invoke(null, hostnameVerifier);