[
https://issues.apache.org/jira/browse/ARTEMIS-5340?focusedWorklogId=960599&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-960599
]
ASF GitHub Bot logged work on ARTEMIS-5340:
-------------------------------------------
Author: ASF GitHub Bot
Created on: 06/Mar/25 17:27
Start Date: 06/Mar/25 17:27
Worklog Time Spent: 10m
Work Description: gemmellr commented on code in PR #5547:
URL: https://github.com/apache/activemq-artemis/pull/5547#discussion_r1983756559
##########
artemis-core-client/src/test/java/org/apache/activemq/artemis/core/remoting/impl/netty/PemProviderTest.java:
##########
@@ -0,0 +1,64 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.activemq.artemis.core.remoting.impl.netty;
+
+import java.util.Arrays;
+
+import de.dentrassi.crypto.pem.PemKeyStoreProvider;
+import org.apache.activemq.artemis.core.remoting.impl.ssl.SSLSupport;
+import org.junit.jupiter.api.Assumptions;
+import org.junit.jupiter.api.MethodOrderer.OrderAnnotation;
+import org.junit.jupiter.api.Order;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.TestMethodOrder;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertNull;
+
+/**
+ * Order is important here because we don't want to load the PEM provider
class before we test that it isn't loaded.
+ */
+@TestMethodOrder(OrderAnnotation.class)
+public class PemProviderTest {
+
+ static final String PEM_PROVIDER_PACKAGE = "de.dentrassi.crypto.pem";
+
+ @Test
+ @Order(1)
+ public void testPemProviderNotLoaded() {
+ // ensure the PEM provider wasn't already loaded by some other test
+
Assumptions.assumeFalse(Arrays.stream(ClassLoader.getSystemClassLoader().getDefinedPackages()).anyMatch(pkg
-> PEM_PROVIDER_PACKAGE.equals(pkg.getName())));
Review Comment:
Would be better to make it an _assertion_ and let it fail when it needs to,
to serve as notice the two tests are clashing and need to be ordered or
isolated from each other to fix the problem.
With an assumption, if some other new test is created and runs first, then
this test will just start skipping and the 'dont load it to let it be removed
if not used' effect the test verifies could be broken without noticing, unless
someone spots the extra skip beginning to occur. Might as well not have a test
at that point.
Its a requirement for the test to exist that it be run before the first
other test in the module to use it, bit its not a reason to optionally run the
test or not. We always want to run it, but should check the requirement was
satisfied at the start, the same way the test checks it at the end currently.
##########
artemis-core-client/src/test/java/org/apache/activemq/artemis/core/remoting/impl/netty/PemProviderTest.java:
##########
@@ -0,0 +1,64 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.activemq.artemis.core.remoting.impl.netty;
+
+import java.util.Arrays;
+
+import de.dentrassi.crypto.pem.PemKeyStoreProvider;
+import org.apache.activemq.artemis.core.remoting.impl.ssl.SSLSupport;
+import org.junit.jupiter.api.Assumptions;
+import org.junit.jupiter.api.MethodOrderer.OrderAnnotation;
+import org.junit.jupiter.api.Order;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.TestMethodOrder;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertNull;
+
+/**
+ * Order is important here because we don't want to load the PEM provider
class before we test that it isn't loaded.
+ */
+@TestMethodOrder(OrderAnnotation.class)
+public class PemProviderTest {
+
+ static final String PEM_PROVIDER_PACKAGE = "de.dentrassi.crypto.pem";
+
+ @Test
+ @Order(1)
+ public void testPemProviderNotLoaded() {
+ // ensure the PEM provider wasn't already loaded by some other test
+
Assumptions.assumeFalse(Arrays.stream(ClassLoader.getSystemClassLoader().getDefinedPackages()).anyMatch(pkg
-> PEM_PROVIDER_PACKAGE.equals(pkg.getName())));
+
+ // use a method from SSLSupport to force the JVM to load it as well as
any hard dependencies it has
+ SSLSupport.parseCommaSeparatedListIntoArray("");
+
+ // verify the actual PEM provider class is not loaded; using a literal
to avoid loading the actual package/class
+
assertNull(ClassLoader.getSystemClassLoader().getDefinedPackage(PEM_PROVIDER_PACKAGE));
+ }
+
+ /**
+ * This test simply verifies that we're using the right literal for the PEM
provider implementation and that it does
+ * actually get loaded when referenced.
+ */
+ @Test
+ @Order(2)
+ public void testPemProviderPackageName() {
+ assertEquals(PEM_PROVIDER_PACKAGE,
PemKeyStoreProvider.class.getPackageName());
+
assertNotNull(ClassLoader.getSystemClassLoader().getDefinedPackage(PEM_PROVIDER_PACKAGE));
+ }
Review Comment:
I think a better test would be loading the provider the way its normally to
be loaded, by using SSLSupport to load a pem keystore (the other test could
also load a non-pem keystore to similarly check that does not load the pem
provider), instead of just directly loading the class.
The 'check the correct package is looked for' could still be done, just as
the last thing the test does as a form of confirmation. Or it could be a third
test.
Issue Time Tracking
-------------------
Worklog Id: (was: 960599)
Time Spent: 1h 10m (was: 1h)
> PEM provider not actually optional
> ----------------------------------
>
> Key: ARTEMIS-5340
> URL: https://issues.apache.org/jira/browse/ARTEMIS-5340
> Project: ActiveMQ Artemis
> Issue Type: Bug
> Reporter: Justin Bertram
> Assignee: Justin Bertram
> Priority: Major
> Labels: pull-request-available
> Time Spent: 1h 10m
> Remaining Estimate: 0h
>
> Work was done via ARTEMIS-4710 to make the dependencies for the PEM security
> provider optional. However, that work was not complete.
> The provider class still has to be loaded by the JVM the first time any
> reference to {{SSLSupport}} is made which is done when enabling SSL on any
> acceptor, e.g.:
> {noformat}
> Caused by: java.lang.NoClassDefFoundError:
> de/dentrassi/crypto/pem/PemKeyStoreProvider
> at
> org.apache.activemq.artemis.core.remoting.impl.netty.NettyAcceptor.<init>(NettyAcceptor.java:294){noformat}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information, visit: https://activemq.apache.org/contact
