You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@commons.apache.org by sebb <se...@gmail.com> on 2021/07/27 00:17:27 UTC

Re: [commons-net] 03/04: Some resources created with Java 8 cannot be used in Java 16. Provide scripts to create keystores for Java 8 up to Java 15, and for Java 16 and up. The FTPSClientTest class still fails on Java 16 though, but, we're getting closer.

On Tue, 27 Jul 2021 at 00:35, <gg...@apache.org> wrote:
>
> This is an automated email from the ASF dual-hosted git repository.
>
> ggregory pushed a commit to branch master
> in repository https://gitbox.apache.org/repos/asf/commons-net.git
>
> commit bdfbd0cc7294d9d7d494f4148722f5c5dce43eaa
> Author: Gary Gregory <ga...@gmail.com>
> AuthorDate: Mon Jul 26 19:34:58 2021 -0400
>
>     Some resources created with Java 8 cannot be used in Java 16. Provide
>     scripts to create keystores for Java 8 up to Java 15, and for Java 16
>     and up. The FTPSClientTest class still fails on Java 16 though, but,
>     we're getting closer.

There are several issues with this commit:
- the cmd files cause RAT failures
- they are OS-specific
- they generate the same output file
- there is no explanation as to why the contents are different

Given that recreating the jks files should be a relatively rare event,
the simplest solution to the above issues would be to include
instructions in the FTPSClientTest.java file instead.

- java 11 now fails when testing
- ftpserver.jks.old should be deleted

> ---
>  pom.xml                                                  |   6 ++++++
>  .../java/org/apache/commons/net/ftp/FTPSClientTest.java  |  15 ++++++++++-----
>  .../commons/net/ftpsserver/createkeystore-jre16.cmd      |   1 +
>  .../commons/net/ftpsserver/createkeystore-jre8.cmd       |   1 +
>  .../apache/commons/net/ftpsserver/ftpserver-jre16.jks    | Bin 0 -> 2462 bytes
>  .../org/apache/commons/net/ftpsserver/ftpserver-jre8.jks | Bin 0 -> 2309 bytes
>  .../net/ftpsserver/{ftpserver.jks => ftpserver.jks.old}  | Bin
>  7 files changed, 18 insertions(+), 5 deletions(-)
>
> diff --git a/pom.xml b/pom.xml
> index 9f8397e..df598d2 100644
> --- a/pom.xml
> +++ b/pom.xml
> @@ -109,6 +109,12 @@ Supported protocols include: Echo, Finger, FTP, NNTP, NTP, POP3(S), SMTP(S), Tel
>              <version>2.11.0</version>
>              <scope>test</scope>
>          </dependency>
> +        <dependency>
> +            <groupId>org.apache.commons</groupId>
> +            <artifactId>commons-lang3</artifactId>
> +            <version>3.12.0</version>
> +            <scope>test</scope>
> +        </dependency>
>      </dependencies>
>
>      <build>
> diff --git a/src/test/java/org/apache/commons/net/ftp/FTPSClientTest.java b/src/test/java/org/apache/commons/net/ftp/FTPSClientTest.java
> index e224b96..1984b3a 100644
> --- a/src/test/java/org/apache/commons/net/ftp/FTPSClientTest.java
> +++ b/src/test/java/org/apache/commons/net/ftp/FTPSClientTest.java
> @@ -31,6 +31,8 @@ import java.util.Calendar;
>
>  import org.apache.commons.io.FileUtils;
>  import org.apache.commons.io.output.NullOutputStream;
> +import org.apache.commons.lang3.JavaVersion;
> +import org.apache.commons.lang3.SystemUtils;
>  import org.apache.ftpserver.FtpServer;
>  import org.apache.ftpserver.FtpServerFactory;
>  import org.apache.ftpserver.ftplet.FtpException;
> @@ -73,7 +75,9 @@ public class FTPSClientTest {
>
>      private static final String USER_PROPS_RES = "org/apache/commons/net/ftpsserver/users.properties";
>
> -    private static final String SERVER_JKS_RES = "org/apache/commons/net/ftpsserver/ftpserver.jks";
> +    private static final String SERVER_JKS_RES_JRE_8 = "org/apache/commons/net/ftpsserver/ftpserver-jre8.jks";
> +
> +    private static final String SERVER_JKS_RES_JRE_16 = "org/apache/commons/net/ftpsserver/ftpserver-jre16.jks";
>
>      private static final boolean IMPLICIT = false;
>
> @@ -99,8 +103,6 @@ public class FTPSClientTest {
>
>      @BeforeClass
>      public static void setUpClass() throws Exception {
> -        TlsProtocols = System.getProperty(JDK_TLS_CLIENT_PROTOCOLS);
> -        //System.setProperty(JDK_TLS_CLIENT_PROTOCOLS, "TLSv1");
>          setUpClass(IMPLICIT);
>      }
>
> @@ -133,8 +135,11 @@ public class FTPSClientTest {
>          factory.setPort(SocketPort);
>
>          // define SSL configuration
> -        final URL serverJksResource = ClassLoader.getSystemClassLoader().getResource(SERVER_JKS_RES);
> -        Assert.assertNotNull(SERVER_JKS_RES, serverJksResource);
> +        final URL serverJksResource = SystemUtils.isJavaVersionAtLeast(JavaVersion.JAVA_16)
> +            ? ClassLoader.getSystemClassLoader().getResource(SERVER_JKS_RES_JRE_16)
> +            : ClassLoader.getSystemClassLoader().getResource(SERVER_JKS_RES_JRE_8);
> +        System.out.println("Loading " + serverJksResource);
> +        Assert.assertNotNull(SERVER_JKS_RES_JRE_8, serverJksResource);
>          final SslConfigurationFactory sllConfigFactory = new SslConfigurationFactory();
>          final File keyStoreFile = FileUtils.toFile(serverJksResource);
>          Assert.assertTrue(keyStoreFile.toString(), keyStoreFile.exists());
> diff --git a/src/test/resources/org/apache/commons/net/ftpsserver/createkeystore-jre16.cmd b/src/test/resources/org/apache/commons/net/ftpsserver/createkeystore-jre16.cmd
> new file mode 100644
> index 0000000..14d2e8d
> --- /dev/null
> +++ b/src/test/resources/org/apache/commons/net/ftpsserver/createkeystore-jre16.cmd
> @@ -0,0 +1 @@
> +keytool -genkeypair -dname "cn=localhost, ou=ApacheCommons, o=ApacheSoftwareFoundation, c=US" -alias ftpserver -keypass password -keystore ftpserver.jks -storepass password -validity 1000 -deststoretype pkcs12 -keyalg "DSA"
> \ No newline at end of file
> diff --git a/src/test/resources/org/apache/commons/net/ftpsserver/createkeystore-jre8.cmd b/src/test/resources/org/apache/commons/net/ftpsserver/createkeystore-jre8.cmd
> new file mode 100644
> index 0000000..7228e8d
> --- /dev/null
> +++ b/src/test/resources/org/apache/commons/net/ftpsserver/createkeystore-jre8.cmd
> @@ -0,0 +1 @@
> +keytool -genkeypair -dname "cn=localhost, ou=ApacheCommons, o=ApacheSoftwareFoundation, c=US" -alias ftpserver -keypass password -keystore ftpserver.jks -storepass password -validity 1000 -deststoretype pkcs12
> \ No newline at end of file
> diff --git a/src/test/resources/org/apache/commons/net/ftpsserver/ftpserver-jre16.jks b/src/test/resources/org/apache/commons/net/ftpsserver/ftpserver-jre16.jks
> new file mode 100644
> index 0000000..a7ed334
> Binary files /dev/null and b/src/test/resources/org/apache/commons/net/ftpsserver/ftpserver-jre16.jks differ
> diff --git a/src/test/resources/org/apache/commons/net/ftpsserver/ftpserver-jre8.jks b/src/test/resources/org/apache/commons/net/ftpsserver/ftpserver-jre8.jks
> new file mode 100644
> index 0000000..2d2c94b
> Binary files /dev/null and b/src/test/resources/org/apache/commons/net/ftpsserver/ftpserver-jre8.jks differ
> diff --git a/src/test/resources/org/apache/commons/net/ftpsserver/ftpserver.jks b/src/test/resources/org/apache/commons/net/ftpsserver/ftpserver.jks.old
> similarity index 100%
> rename from src/test/resources/org/apache/commons/net/ftpsserver/ftpserver.jks
> rename to src/test/resources/org/apache/commons/net/ftpsserver/ftpserver.jks.old

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@commons.apache.org
For additional commands, e-mail: dev-help@commons.apache.org

Re: [commons-net] 03/04: Some resources created with Java 8 cannot be used in Java 16. Provide scripts to create keystores for Java 8 up to Java 15, and for Java 16 and up. The FTPSClientTest class still fails on Java 16 though, but, we're getting closer.

Posted by sebb <se...@gmail.com>.

On Tue, 27 Jul 2021 at 01:17, sebb <se...@gmail.com> wrote:
>
> On Tue, 27 Jul 2021 at 00:35, <gg...@apache.org> wrote:
> >
> > This is an automated email from the ASF dual-hosted git repository.
> >
> > ggregory pushed a commit to branch master
> > in repository https://gitbox.apache.org/repos/asf/commons-net.git
> >
> > commit bdfbd0cc7294d9d7d494f4148722f5c5dce43eaa
> > Author: Gary Gregory <ga...@gmail.com>
> > AuthorDate: Mon Jul 26 19:34:58 2021 -0400
> >
> >     Some resources created with Java 8 cannot be used in Java 16. Provide
> >     scripts to create keystores for Java 8 up to Java 15, and for Java 16
> >     and up. The FTPSClientTest class still fails on Java 16 though, but,
> >     we're getting closer.
>
> There are several issues with this commit:
> - the cmd files cause RAT failures
> - they are OS-specific
> - they generate the same output file
> - there is no explanation as to why the contents are different
>
> Given that recreating the jks files should be a relatively rare event,
> the simplest solution to the above issues would be to include
> instructions in the FTPSClientTest.java file instead.
>
> - java 11 now fails when testing
> - ftpserver.jks.old should be deleted

java 15 also fails for me, with:
javax.net.ssl.SSLHandshakeException: Remote host terminated the handshake


I have just tried AOJ 16, and that fails as well, with:
javax.net.ssl.SSLHandshakeException: Remote host terminated the handshake

For me, AOJ 16 works fine with ftpserver.jks.old, as do all the other
versions mentioned above.

It looks like the new JKS files only have a single entry, whereas the
original had two.

> > ---
> >  pom.xml                                                  |   6 ++++++
> >  .../java/org/apache/commons/net/ftp/FTPSClientTest.java  |  15 ++++++++++-----
> >  .../commons/net/ftpsserver/createkeystore-jre16.cmd      |   1 +
> >  .../commons/net/ftpsserver/createkeystore-jre8.cmd       |   1 +
> >  .../apache/commons/net/ftpsserver/ftpserver-jre16.jks    | Bin 0 -> 2462 bytes
> >  .../org/apache/commons/net/ftpsserver/ftpserver-jre8.jks | Bin 0 -> 2309 bytes
> >  .../net/ftpsserver/{ftpserver.jks => ftpserver.jks.old}  | Bin
> >  7 files changed, 18 insertions(+), 5 deletions(-)
> >
> > diff --git a/pom.xml b/pom.xml
> > index 9f8397e..df598d2 100644
> > --- a/pom.xml
> > +++ b/pom.xml
> > @@ -109,6 +109,12 @@ Supported protocols include: Echo, Finger, FTP, NNTP, NTP, POP3(S), SMTP(S), Tel
> >              <version>2.11.0</version>
> >              <scope>test</scope>
> >          </dependency>
> > +        <dependency>
> > +            <groupId>org.apache.commons</groupId>
> > +            <artifactId>commons-lang3</artifactId>
> > +            <version>3.12.0</version>
> > +            <scope>test</scope>
> > +        </dependency>
> >      </dependencies>
> >
> >      <build>
> > diff --git a/src/test/java/org/apache/commons/net/ftp/FTPSClientTest.java b/src/test/java/org/apache/commons/net/ftp/FTPSClientTest.java
> > index e224b96..1984b3a 100644
> > --- a/src/test/java/org/apache/commons/net/ftp/FTPSClientTest.java
> > +++ b/src/test/java/org/apache/commons/net/ftp/FTPSClientTest.java
> > @@ -31,6 +31,8 @@ import java.util.Calendar;
> >
> >  import org.apache.commons.io.FileUtils;
> >  import org.apache.commons.io.output.NullOutputStream;
> > +import org.apache.commons.lang3.JavaVersion;
> > +import org.apache.commons.lang3.SystemUtils;
> >  import org.apache.ftpserver.FtpServer;
> >  import org.apache.ftpserver.FtpServerFactory;
> >  import org.apache.ftpserver.ftplet.FtpException;
> > @@ -73,7 +75,9 @@ public class FTPSClientTest {
> >
> >      private static final String USER_PROPS_RES = "org/apache/commons/net/ftpsserver/users.properties";
> >
> > -    private static final String SERVER_JKS_RES = "org/apache/commons/net/ftpsserver/ftpserver.jks";
> > +    private static final String SERVER_JKS_RES_JRE_8 = "org/apache/commons/net/ftpsserver/ftpserver-jre8.jks";
> > +
> > +    private static final String SERVER_JKS_RES_JRE_16 = "org/apache/commons/net/ftpsserver/ftpserver-jre16.jks";
> >
> >      private static final boolean IMPLICIT = false;
> >
> > @@ -99,8 +103,6 @@ public class FTPSClientTest {
> >
> >      @BeforeClass
> >      public static void setUpClass() throws Exception {
> > -        TlsProtocols = System.getProperty(JDK_TLS_CLIENT_PROTOCOLS);
> > -        //System.setProperty(JDK_TLS_CLIENT_PROTOCOLS, "TLSv1");
> >          setUpClass(IMPLICIT);
> >      }
> >
> > @@ -133,8 +135,11 @@ public class FTPSClientTest {
> >          factory.setPort(SocketPort);
> >
> >          // define SSL configuration
> > -        final URL serverJksResource = ClassLoader.getSystemClassLoader().getResource(SERVER_JKS_RES);
> > -        Assert.assertNotNull(SERVER_JKS_RES, serverJksResource);
> > +        final URL serverJksResource = SystemUtils.isJavaVersionAtLeast(JavaVersion.JAVA_16)
> > +            ? ClassLoader.getSystemClassLoader().getResource(SERVER_JKS_RES_JRE_16)
> > +            : ClassLoader.getSystemClassLoader().getResource(SERVER_JKS_RES_JRE_8);
> > +        System.out.println("Loading " + serverJksResource);
> > +        Assert.assertNotNull(SERVER_JKS_RES_JRE_8, serverJksResource);
> >          final SslConfigurationFactory sllConfigFactory = new SslConfigurationFactory();
> >          final File keyStoreFile = FileUtils.toFile(serverJksResource);
> >          Assert.assertTrue(keyStoreFile.toString(), keyStoreFile.exists());
> > diff --git a/src/test/resources/org/apache/commons/net/ftpsserver/createkeystore-jre16.cmd b/src/test/resources/org/apache/commons/net/ftpsserver/createkeystore-jre16.cmd
> > new file mode 100644
> > index 0000000..14d2e8d
> > --- /dev/null
> > +++ b/src/test/resources/org/apache/commons/net/ftpsserver/createkeystore-jre16.cmd
> > @@ -0,0 +1 @@
> > +keytool -genkeypair -dname "cn=localhost, ou=ApacheCommons, o=ApacheSoftwareFoundation, c=US" -alias ftpserver -keypass password -keystore ftpserver.jks -storepass password -validity 1000 -deststoretype pkcs12 -keyalg "DSA"
> > \ No newline at end of file
> > diff --git a/src/test/resources/org/apache/commons/net/ftpsserver/createkeystore-jre8.cmd b/src/test/resources/org/apache/commons/net/ftpsserver/createkeystore-jre8.cmd
> > new file mode 100644
> > index 0000000..7228e8d
> > --- /dev/null
> > +++ b/src/test/resources/org/apache/commons/net/ftpsserver/createkeystore-jre8.cmd
> > @@ -0,0 +1 @@
> > +keytool -genkeypair -dname "cn=localhost, ou=ApacheCommons, o=ApacheSoftwareFoundation, c=US" -alias ftpserver -keypass password -keystore ftpserver.jks -storepass password -validity 1000 -deststoretype pkcs12
> > \ No newline at end of file
> > diff --git a/src/test/resources/org/apache/commons/net/ftpsserver/ftpserver-jre16.jks b/src/test/resources/org/apache/commons/net/ftpsserver/ftpserver-jre16.jks
> > new file mode 100644
> > index 0000000..a7ed334
> > Binary files /dev/null and b/src/test/resources/org/apache/commons/net/ftpsserver/ftpserver-jre16.jks differ
> > diff --git a/src/test/resources/org/apache/commons/net/ftpsserver/ftpserver-jre8.jks b/src/test/resources/org/apache/commons/net/ftpsserver/ftpserver-jre8.jks
> > new file mode 100644
> > index 0000000..2d2c94b
> > Binary files /dev/null and b/src/test/resources/org/apache/commons/net/ftpsserver/ftpserver-jre8.jks differ
> > diff --git a/src/test/resources/org/apache/commons/net/ftpsserver/ftpserver.jks b/src/test/resources/org/apache/commons/net/ftpsserver/ftpserver.jks.old
> > similarity index 100%
> > rename from src/test/resources/org/apache/commons/net/ftpsserver/ftpserver.jks
> > rename to src/test/resources/org/apache/commons/net/ftpsserver/ftpserver.jks.old

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@commons.apache.org
For additional commands, e-mail: dev-help@commons.apache.org