Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package netty3 for openSUSE:Factory checked in at 2022-03-23 20:18:32 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/netty3 (Old) and /work/SRC/openSUSE:Factory/.netty3.new.25692 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "netty3" Wed Mar 23 20:18:32 2022 rev:7 rq:964188 version:3.10.6 Changes: -------- --- /work/SRC/openSUSE:Factory/netty3/netty3.changes 2022-02-23 19:07:09.227289743 +0100 +++ /work/SRC/openSUSE:Factory/.netty3.new.25692/netty3.changes 2022-03-23 20:20:25.398532175 +0100 @@ -1,0 +2,10 @@ +Wed Mar 23 08:49:24 UTC 2022 - Fridrich Strba <[email protected]> + +- Build with java source and target levels 8 +- Added patch: + * x509certificate.patch + + Reimplement the OpenJdkSelfSignedCertGenerator class so that + it does not use removed classes. + + This adds new bouncycastle dependency + +------------------------------------------------------------------- New: ---- x509certificate.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ netty3.spec ++++++ --- /var/tmp/diff_new_pack.ehlVg2/_old 2022-03-23 20:20:26.042532539 +0100 +++ /var/tmp/diff_new_pack.ehlVg2/_new 2022-03-23 20:20:26.050532544 +0100 @@ -28,7 +28,9 @@ Source0: https://github.com/netty/netty/archive/netty-%{namedversion}.tar.gz Patch0: netty-3.10.6-port-to-jzlib-1.1.0.patch Patch1: disableNPN.patch +Patch2: x509certificate.patch BuildRequires: fdupes +BuildRequires: java-devel >= 1.8 BuildRequires: maven-local BuildRequires: mvn(ant-contrib:ant-contrib) BuildRequires: mvn(com.google.protobuf:protobuf-java) @@ -42,6 +44,7 @@ BuildRequires: mvn(org.apache.maven.plugins:maven-antrun-plugin) BuildRequires: mvn(org.apache.tomcat:tomcat-jni) BuildRequires: mvn(org.bouncycastle:bcpkix-jdk15on) +BuildRequires: mvn(org.bouncycastle:bcprov-jdk16) BuildRequires: mvn(org.jboss.logging:jboss-logging) BuildRequires: mvn(org.jboss.marshalling:jboss-marshalling) BuildRequires: mvn(org.osgi:osgi.cmpn) @@ -49,6 +52,9 @@ BuildRequires: mvn(org.slf4j:slf4j-api) BuildRequires: mvn(org.sonatype.oss:oss-parent:pom:) BuildArch: noarch +%if 0%{?suse_version} > 1500 +BuildRequires: mvn(javax.activation:activation) +%endif %description Netty is a NIO client server framework which enables quick and easy @@ -82,7 +88,9 @@ %pom_remove_plugin :animal-sniffer-maven-plugin %pom_remove_plugin :maven-enforcer-plugin +%if 0%{?suse_version} <= 1500 %pom_remove_dep javax.activation:activation +%endif %pom_remove_dep :npn-api %pom_xpath_remove "pom:extension[pom:artifactId[text()='os-maven-plugin']]" %pom_xpath_remove "pom:execution[pom:id[text()='remove-examples']]" @@ -92,8 +100,8 @@ # Set scope of optional compile dependencies to 'provided' %pom_xpath_set "pom:dependency[pom:scope[text()='compile'] and pom:optional[text()='true']]/pom:scope" provided -%pom_xpath_set "pom:plugin[pom:artifactId[text()='maven-compiler-plugin']]/pom:configuration/pom:source" "6" -%pom_xpath_set "pom:plugin[pom:artifactId[text()='maven-compiler-plugin']]/pom:configuration/pom:target" "6" +%pom_xpath_set "pom:plugin[pom:artifactId[text()='maven-compiler-plugin']]/pom:configuration/pom:source" "8" +%pom_xpath_set "pom:plugin[pom:artifactId[text()='maven-compiler-plugin']]/pom:configuration/pom:target" "8" # Force use servlet 3.1 apis %pom_change_dep :servlet-api javax.servlet:javax.servlet-api:3.1.0 @@ -120,6 +128,12 @@ %patch0 -p1 %patch1 -p1 +# Reimplement the OpenJdkSelfSignedCertGenerator class +# so that it does not use removed classes. This adds the +# bouncycastle dependency +%patch2 -p1 +%pom_add_dep org.bouncycastle:bcprov-jdk16 + # adapting to excluded dep rm -v src/main/java/org/jboss/netty/handler/ssl/JettyNpnSslEngine.java @@ -128,7 +142,11 @@ %{mvn_file} : %{name} %build -%{mvn_build} -f -- -Dsource=6 +%{mvn_build} -f -- \ +%if %{?pkg_vcmp:%pkg_vcmp java-devel >= 9}%{!?pkg_vcmp:0} + -Dmaven.compiler.release=8 \ +%endif + -Dsource=8 %install %mvn_install ++++++ x509certificate.patch ++++++ diff -urEbwB netty-netty-3.10.6.Final.orig/src/main/java/org/jboss/netty/handler/ssl/util/OpenJdkSelfSignedCertGenerator.java netty-netty-3.10.6.Final/src/main/java/org/jboss/netty/handler/ssl/util/OpenJdkSelfSignedCertGenerator.java --- netty-netty-3.10.6.Final.orig/src/main/java/org/jboss/netty/handler/ssl/util/OpenJdkSelfSignedCertGenerator.java 2022-03-23 08:54:18.118666914 +0100 +++ netty-netty-3.10.6.Final/src/main/java/org/jboss/netty/handler/ssl/util/OpenJdkSelfSignedCertGenerator.java 2022-03-23 09:40:43.063658922 +0100 @@ -16,24 +16,22 @@ package org.jboss.netty.handler.ssl.util; -import sun.security.x509.AlgorithmId; -import sun.security.x509.CertificateAlgorithmId; -import sun.security.x509.CertificateIssuerName; -import sun.security.x509.CertificateSerialNumber; -import sun.security.x509.CertificateSubjectName; -import sun.security.x509.CertificateValidity; -import sun.security.x509.CertificateVersion; -import sun.security.x509.CertificateX509Key; -import sun.security.x509.X500Name; -import sun.security.x509.X509CertImpl; -import sun.security.x509.X509CertInfo; - import java.math.BigInteger; import java.security.KeyPair; import java.security.PrivateKey; import java.security.SecureRandom; import java.security.cert.CertificateException; +import java.security.InvalidKeyException; +import java.security.NoSuchProviderException; +import java.security.SignatureException; +import java.security.cert.CertificateEncodingException; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; +import javax.security.auth.x500.X500Principal; +import org.bouncycastle.x509.X509V1CertificateGenerator; + import static org.jboss.netty.handler.ssl.util.SelfSignedCertificate.*; /** @@ -42,39 +40,24 @@ final class OpenJdkSelfSignedCertGenerator { static String[] generate(String fqdn, KeyPair keypair, SecureRandom random) throws Exception { - PrivateKey key = keypair.getPrivate(); // Prepare the information required for generating an X.509 certificate. - X509CertInfo info = new X509CertInfo(); - X500Name owner = new X500Name("CN=" + fqdn); - info.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3)); - info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(new BigInteger(64, random))); - try { - info.set(X509CertInfo.SUBJECT, new CertificateSubjectName(owner)); - } catch (CertificateException ignore) { - info.set(X509CertInfo.SUBJECT, owner); - } - try { - info.set(X509CertInfo.ISSUER, new CertificateIssuerName(owner)); - } catch (CertificateException ignore) { - info.set(X509CertInfo.ISSUER, owner); - } - info.set(X509CertInfo.VALIDITY, new CertificateValidity(NOT_BEFORE, NOT_AFTER)); - info.set(X509CertInfo.KEY, new CertificateX509Key(keypair.getPublic())); - info.set(X509CertInfo.ALGORITHM_ID, - new CertificateAlgorithmId(new AlgorithmId(AlgorithmId.sha1WithRSAEncryption_oid))); - - // Sign the cert to identify the algorithm that's used. - X509CertImpl cert = new X509CertImpl(info); - cert.sign(key, "SHA1withRSA"); - - // Update the algorithm and sign again. - info.set(CertificateAlgorithmId.NAME + '.' + CertificateAlgorithmId.ALGORITHM, cert.get(X509CertImpl.SIG_ALG)); - cert = new X509CertImpl(info); - cert.sign(key, "SHA1withRSA"); + X509V1CertificateGenerator certGen = new X509V1CertificateGenerator(); + X500Principal dnName = new X500Principal("CN=" + fqdn); + + certGen.setSerialNumber(new BigInteger(64, random)); + certGen.setIssuerDN(dnName); + certGen.setNotBefore(NOT_BEFORE); + certGen.setNotAfter(NOT_AFTER); + certGen.setSubjectDN(dnName); + certGen.setPublicKey(keypair.getPublic()); + certGen.setSignatureAlgorithm("SHA1withRSA"); + + X509Certificate cert = certGen.generate(keypair.getPrivate()); + cert.verify(keypair.getPublic()); - return newSelfSignedCertificate(fqdn, key, cert); + return newSelfSignedCertificate(fqdn, keypair.getPrivate(), cert); } private OpenJdkSelfSignedCertGenerator() { }
