Spring/spring-boot
Spring/spring-boot
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-boot.git synced 2024-07-05 00:56:58 +08:00
Code Issues Packages Projects Releases Wiki Activity

Work around https://bugs.openjdk.java.net/browse/JDK-8156584

Browse Source 
sun.security.x509.AlgorithmId.get(String) isn't thread-safe and can
lead to null be returned for an algorithm that should be present.

This commit aims to work around this problem by avoiding the call
to AlgorithmId.get(String). It does so by configuring the
PKCS12 key protection algorithm to one that starts with
pbewithhmacsha (case insensitive). This short-circuits the logic
in PKCS12KeyStore.mapPBEAlgorithmToOID(String) and avoids the call to
AlgorithmId.get(String). Thanks again to @dreis2211 for the
suggestion.

The work around is only used when building with Java 8 as the problem
was fixed in Java 9.

Closes gh-26252
This commit is contained in:
Andy Wilkinson 2021-04-27 16:53:06 +01:00
parent a470c1af3a
commit 912c82e50d
2 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
buildSrc/src/main/java/org/springframework/boot/build/JavaConventions.java
View File

@ -28,6 +28,7 @@ import java.util.stream.Collectors;
import io.spring.javaformat.gradle.FormatTask;
import io.spring.javaformat.gradle.SpringJavaFormatPlugin;
import org.gradle.api.JavaVersion;
import org.gradle.api.Project;
import org.gradle.api.artifacts.Configuration;
import org.gradle.api.artifacts.ConfigurationContainer;
@ -141,6 +142,10 @@ class JavaConventions {
withOptionalBuildJavaHome(project, (javaHome) -> test.setExecutable(javaHome + "/bin/java"));
test.useJUnitPlatform();
test.setMaxHeapSize("1024M");
if (buildingWithJava8(project)) {
test.systemProperty("java.security.properties",
getClass().getClassLoader().getResource("jdk-8156584-security.properties"));
}
});
project.getPlugins().withType(JavaPlugin.class, (javaPlugin) -> project.getDependencies()
.add(JavaPlugin.TEST_RUNTIME_ONLY_CONFIGURATION_NAME, "org.junit.platform:junit-platform-launcher"));
@ -153,6 +158,10 @@ class JavaConventions {
}));
}
private boolean buildingWithJava8(Project project) {
return (!project.hasProperty("buildJavaHome")) && JavaVersion.current() == JavaVersion.VERSION_1_8;
}
private boolean isCi() {
return Boolean.parseBoolean(System.getenv("CI"));
}

1
buildSrc/src/main/resources/jdk-8156584-security.properties Normal file
View File

@ -0,0 +1 @@
keystore.pkcs12.keyProtectionAlgorithm=PBEWithHmacSHA256AndAES_256