Hi AFAIR, there was an issue in OSGi header in BC bundles. What version are you using?
Regards JB On Wed, Nov 13, 2024 at 12:50 AM Schulze, Jan <jan.schu...@uni-tuebingen.de> wrote: > > Hi, > > first of all, many thanks for the new releases of camel-karaf supporting > Camel 4 and congratulations on the good work. > > I am currently moving a project from Karaf 4.4.3/Camel 3.x to Karaf > 4.4.6/Camel 4.8.1 and noticed the following problem, that is hard to > reproduce: > After installing the feature camel-ssh, it is *sometimes* no longer possible > to log into the Karaf shell via ssh. In that case, I get the following > exception: > > --- > 2024-11-12 20:08:17,219 | WARN | rverSessionImpl | 48 | pache.sshd.osgi | > resolveAvailableSignaturesProposal(ServerSessionImpl[null@/134.2.44.70:49706]) > failed (NoClassDefFoundError) to get key types: > org/bouncycastle/util/io/pem/PemReader > java.lang.NoClassDefFoundError: org/bouncycastle/util/io/pem/PemReader > at > org.apache.karaf.shell.ssh.keygenerator.KeyPairLoader.getKeyPair(KeyPairLoader.java:74) > ~[?:?] > at > org.apache.karaf.shell.ssh.keygenerator.OpenSSHKeyPairProvider.loadKeys(OpenSSHKeyPairProvider.java:83) > ~[?:?] > at > org.apache.sshd.common.keyprovider.KeyPairProvider.getKeyTypes(KeyPairProvider.java:139) > ~[!/:2.12.1] > at > org.apache.sshd.server.session.AbstractServerSession.resolveAvailableSignaturesProposal(AbstractServerSession.java:385) > ~[!/:2.12.1] > at > org.apache.sshd.common.session.helpers.SessionHelper.resolveAvailableSignaturesProposal(SessionHelper.java:959) > ~[!/:2.12.1] > at > org.apache.sshd.common.session.helpers.SessionHelper.getKexProposal(SessionHelper.java:984) > ~[!/:2.12.1] > at > org.apache.sshd.common.session.helpers.AbstractSession.sendKexInit(AbstractSession.java:2654) > ~[!/:2.12.1] > at > org.apache.sshd.server.session.AbstractServerSession.readIdentification(AbstractServerSession.java:510) > ~[!/:2.12.1] > at > org.apache.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:499) > ~[!/:2.12.1] > at > org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:64) > ~[!/:2.12.1] > at > org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:409) > ~[!/:2.12.1] > at > org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:382) > ~[!/:2.12.1] > at > org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:377) > ~[!/:2.12.1] > at > org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38) > ~[!/:2.12.1] > at > java.security.AccessController.doPrivileged(AccessController.java:318) [?:?] > at > org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37) > ~[!/:2.12.1] > at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:129) ~[?:?] > at sun.nio.ch.Invoker.invokeDirect(Invoker.java:160) ~[?:?] > at > sun.nio.ch.UnixAsynchronousSocketChannelImpl.implRead(UnixAsynchronousSocketChannelImpl.java:573) > ~[?:?] > at > sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:276) > ~[?:?] > at > sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:297) > ~[?:?] > at > org.apache.sshd.common.io.nio2.Nio2Session.doReadCycle(Nio2Session.java:494) > ~[!/:2.12.1] > at > org.apache.sshd.common.io.nio2.Nio2Session.doReadCycle(Nio2Session.java:372) > ~[!/:2.12.1] > at > org.apache.sshd.common.io.nio2.Nio2Session.startReading(Nio2Session.java:365) > ~[!/:2.12.1] > at > org.apache.sshd.common.io.nio2.Nio2Session.startReading(Nio2Session.java:361) > ~[!/:2.12.1] > at > org.apache.sshd.common.io.nio2.Nio2Session.startReading(Nio2Session.java:357) > ~[!/:2.12.1] > at > org.apache.sshd.common.io.nio2.Nio2Session.startReading(Nio2Session.java:353) > ~[!/:2.12.1] > at > org.apache.sshd.common.io.nio2.Nio2Session.startReading(Nio2Session.java:349) > ~[!/:2.12.1] > at > org.apache.sshd.common.io.nio2.Nio2Acceptor$AcceptCompletionHandler.onCompleted(Nio2Acceptor.java:308) > ~[!/:2.12.1] > at > org.apache.sshd.common.io.nio2.Nio2Acceptor$AcceptCompletionHandler.onCompleted(Nio2Acceptor.java:263) > ~[!/:2.12.1] > at > org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38) > ~[!/:2.12.1] > at > java.security.AccessController.doPrivileged(AccessController.java:318) [?:?] > at > org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37) > [!/:2.12.1] > at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:129) [?:?] > at sun.nio.ch.Invoker$2.run(Invoker.java:221) [?:?] > at > sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:113) > [?:?] > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136) > [?:?] > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635) > [?:?] > at java.lang.Thread.run(Thread.java:840) [?:?] > Caused by: java.lang.ClassNotFoundException: > org.bouncycastle.util.io.pem.PemReader not found by bcpkix-jdk18on [215] > ... 39 more > --- > > I think, the problem is caused by two different versions of the bundle bcpkix: > > bundle:list -t 0 | grep bcpkix > 20 x Active x 30 x 1.77 x bcpkix > 222 x Active x 80 x 1.78.0 x bcpkix-jdk18on > > The bundle bcpkix 1.77 is included in Karaf. > When installing the feature camel-ssh, the bundle bcpkix-jdk18on 1.78.0 is > added. > > The bundle bcpkix 1.77 is importing org.bouncycastle.util.io.pem (from bundle > bcprov 1.77.0). > The bundle bcpkix-jdk18on 1.78.0 is NOT importing > org.bouncycastle.util.io.pem: > > package:imports| grep pem > org.bouncycastle.util.io.pem x [1.72.0,) > x x 20 x bcpkix > org.bouncycastle.util.io.pem x [1.77.0,2.0.0) > x x 46 x org.apache.karaf.shell.ssh > > As mentioned at https://github.com/bcgit/bc-java/issues/1621, the bundle > bcpkix-jdk18on 1.78.0 is missing multiple Import-Package entries from it's > manifest. > > However, as seen above, the Karaf Shell uses any version of > org.bouncycastle.util.io.pem in the version range [1.77.0,2.0.0): > Because both bcpkix 1.77.0 and bcpkix-jdk18on 1.78.0 are within that version > range, it seems to be random, which bundle is used. > When bcpkix 1.77.0 is picked up, connecting to the Karaf Shell is possible. > When bcpkix-jdk18on 1.78.0 is picked up, the exception listed above is thrown. > > I hope, I was able to make it clear, what I mean. > > Is there any way to force the Karaf Shell (org.apache.karaf.shell.ssh) to use > bcpkix 1.77 every time? > Or is there any other workaround? > > I would be grateful for any help. > > > Thanks > -- > Jan Schulze
