karaf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sam Hendley (JIRA)" <j...@apache.org>
Subject [jira] [Created] (KARAF-816) Wrapper feature doesn't load security libraries
Date Tue, 16 Aug 2011 14:13:29 GMT
Wrapper feature doesn't load security libraries
-----------------------------------------------

                 Key: KARAF-816
                 URL: https://issues.apache.org/jira/browse/KARAF-816
             Project: Karaf
          Issue Type: Bug
          Components: karaf-os-integration
    Affects Versions: 2.2.2
         Environment: Ubunutu 10.04 LTS
OpenJDK, HotSpot
            Reporter: Sam Hendley


Using the wrapper feature to create an init.d script on ubunutu with either Java version appears
to be broken in the current karaf distribution. When we try to use the generated script karaf
starts correctly but none of the security packages are loaded. This manifests in a number
of ways when trying to use any SSL. The easiest manifestation of this bug is that the SSH
server doesn't have access to any ciphers for login. I see the following error in the log.

AbstractSession  253 | 16 - sshd-core - 0.5.0 | Exception caught
java.lang.IllegalStateException: Unable to negociate key exchange for item 2
        at org.apache.sshd.common.session.AbstractSession.negociate(AbstractSession.java:886)
        at org.apache.sshd.server.session.ServerSession.handleMessage(ServerSession.java:151)
        at org.apache.sshd.common.session.AbstractSession.decode(AbstractSession.java:522)
        at org.apache.sshd.common.session.AbstractSession.messageReceived(AbstractSession.java:225)

This (misspelled) function appears to be catching and suppressing the root cause exception
which is a lack of the cipher suites, I get the full set of errors when running trying to
connect to an AMQP broker using SSL. The cause of these errors is that the cipher suites are
not on the classpath. The libraries in question are in JAVA_HOME/jre/ext/lib, which both the
regular ./bin/karaf scripts and the wrapper code appear to be configured to put on the classpath.
However there must be some misconfiguration or expected system variable for the wrapper generation
or script because it doesn't work.

The simplest reproduction case I can come up with is:

- download and untar karaf 2.2.2
- start with ./bin/karaf
  - features:install wrapper
  - wrapper:install -s AUTO_START -n Test
  - logout
- start with ./bin/start
- verify we can connect with ./bin/client
- stop server with ./bin/stop
- now try using wrapper script (still in same shell with same user): ./bin/Test-service start
- try connecting using ./bin/client, should see "error to negotatie errors on both sides"


--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message