Jar conflict with Bouncy Castle library
1,699 views
Skip to first unread message
Khiem Tang
Feb 7, 2022, 6:52:51 AM2/7/22
to gat...@googlegroups.com
I have been facing this issue when I launch my simulation on Gatling Enterprise controller Version: 1.16.1
Gatling Version: 3.7.4.FL-M1
Gatling Version: 3.7.4.FL-M1
My Bouncy Castle dependency
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bc-fips</artifactId>
<version>1.0.2.1</version>
</dependency>
| [01:59:10,132] | Cloning git repository |
| [01:59:10,134] | Cloning into '/tmp/frontline-12514680640818791245'... |
| [01:59:11,895] | Start deploying pool 2XL-AZ2-Priv-West with 1 instance |
| [01:59:11,895] | Start compiling project in '/tmp/frontline-12514680640818791245/system-tests/performance-tests' |
| [01:59:23,561] | Pool 2XL-AZ2-Priv-West deployed successfully: (2XL-AZ2-Priv-West/10.87.220.169 [public IP: 10.87.220.169]). |
| [01:59:25,865] | WARNING: An illegal reflective access operation has occurred |
| [01:59:25,865] | WARNING: Illegal reflective access by com.intellij.util.ReflectionUtil (file:/home/ec2-user/.m2/repository/org/jetbrains/kotlin/kotlin-compiler/1.4.32/kotlin-compiler-1.4.32.jar) to method java.util.ResourceBundle.setParent(java.util.ResourceBundle) |
| [01:59:25,865] | WARNING: Please consider reporting this to the maintainers of com.intellij.util.ReflectionUtil |
| [01:59:25,865] | WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations |
| [01:59:25,865] | WARNING: All illegal access operations will be denied in a future release |
| [01:59:41,917] | Compilation completed successfully. |
| [01:59:41,919] | Collected jar (/tmp/frontline-12514680640818791245/system-tests/performance-tests/target/user-orchestration-performance-tests-1.0.0-SNAPSHOT-shaded.jar) |
| [01:59:41,924] | Packages successfully collected and instances successfully spawned. Proceeding with ssh checks. |
| [01:59:42,078] | Connected over ssh to 2XL-AZ2-Priv-West/10.87.220.169 [public IP: 10.87.220.169]. |
| [01:59:42,078] | All instances could be connected over ssh. Proceeding with Upload. |
| [01:59:42,521] | All uploads to 2XL-AZ2-Priv-West/10.87.220.169 [public IP: 10.87.220.169] successful. |
| [01:59:42,521] | All uploads successful. Proceeding with instance checking. |
| [01:59:42,743] | Instance 2XL-AZ2-Priv-West/10.87.220.169 [public IP: 10.87.220.169] check successful. |
| [01:59:42,743] | All instances check successful. Proceeding with starting injectors. |
| [01:59:42,847] | Injector on instance 2XL-AZ2-Priv-West/10.87.220.169 [public IP: 10.87.220.169] successfully booted. |
| [01:59:42,847] | All injectors successfully booted. |
| [01:59:43,863] | Couldn't connect over HTTP to 2XL-AZ2-Priv-West/10.87.220.169 [public IP: 10.87.220.169] on port 9999: j.n.ConnectException: Connection refused (Connection refused). 59 remaining tries, please wait. |
| [01:59:44,883] | Couldn't connect over HTTP to 2XL-AZ2-Priv-West/10.87.220.169 [public IP: 10.87.220.169] on port 9999: j.n.ConnectException: Connection refused (Connection refused). 58 remaining tries, please wait. |
| [01:59:45,904] | Couldn't connect over HTTP to 2XL-AZ2-Priv-West/10.87.220.169 [public IP: 10.87.220.169] on port 9999: j.n.ConnectException: Connection refused (Connection refused). 57 remaining tries, please wait. |
| [01:59:46,924] | Couldn't connect over HTTP to 2XL-AZ2-Priv-West/10.87.220.169 [public IP: 10.87.220.169] on port 9999: j.n.ConnectException: Connection refused (Connection refused). 56 remaining tries, please wait. |
| ... ... | |
| 02:00:40,983] | Couldn't connect over HTTP to 2XL-AZ2-Priv-West/10.87.220.169 [public IP: 10.87.220.169] on port 9999: j.n.ConnectException: Connection refused (Connection refused). 3 remaining tries, please wait. |
| [02:00:42,003] | Couldn't connect over HTTP to 2XL-AZ2-Priv-West/10.87.220.169 [public IP: 10.87.220.169] on port 9999: j.n.ConnectException: Connection refused (Connection refused). 2 remaining tries, please wait. |
| [02:00:43,024] | Couldn't connect over HTTP to 2XL-AZ2-Priv-West/10.87.220.169 [public IP: 10.87.220.169] on port 9999: j.n.ConnectException: Connection refused (Connection refused). 1 remaining tries, please wait. |
| [02:00:43,025] | Couldn't connect over HTTP to 2XL-AZ2-Priv-West/10.87.220.169 [public IP: 10.87.220.169] on port 9999: j.n.ConnectException: Connection refused (Connection refused). Stopping. |
| [02:00:43,025] | Injector on instance 2XL-AZ2-Priv-West/10.87.220.169 [public IP: 10.87.220.169] crashed. Gatling Enterprise will now try to check if the injector process is still running and kill it. |
| [02:00:43,147] | Injector process crashed on instance 2XL-AZ2-Priv-West/10.87.220.169 [public IP: 10.87.220.169]. Proceeding with fetching JVM crash log. |
| [02:00:43,259] | Didn't find any JVM crash log |
| [02:00:43,372] | Injector log successfully retrieved: 2022-02-07 09:59:43,330 [INFO ] i.g.c.c.GatlingConfiguration$ - Gatling will try to load 'gatling.conf' config file as ClassLoader resource. 2022-02-07 09:59:44,034 [ERROR] i.g.a.Gatling$ - Run crashed java.lang.NoSuchMethodError: 'boolean org.bouncycastle.crypto.CryptoServicesRegistrar.isInApprovedOnlyMode()' at org.bouncycastle.jcajce.provider.ProvSecureHash$MD5.configure(Unknown Source) at org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider.(Unknown Source) at org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider.(Unknown Source) at org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider.(Unknown Source) at com.intuit.idps.core.utils.BcUtils.init(BcUtils.java:16) at com.intuit.idps.domain.crypto.LocalCryptoService.(LocalCryptoService.java:56) at com.intuit.idps.service.rest.IdpsProperties$PropertiesNames.(IdpsProperties.java:115) at common.utils.ConfigResolver.(ConfigResolver.kt:22) at umo.simulations.BaselineSimulation.(BaselineSimulation.kt:20) at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source) at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source) at java.base/java.lang.reflect.Constructor.newInstance(Unknown Source) at java.base/java.lang.Class.newInstance(Unknown Source) at io.gatling.app.SimulationClass$Java.params(SimulationClass.scala:35) at io.gatling.app.Runner.$anonfun$run0$1(Runner.scala:62) at io.gatling.frontline.probe.FrontLineRunner.handleSimulationInstantiation(FrontLineRunner.scala:65) at io.gatling.app.Runner.run0(Runner.scala:62) at io.gatling.app.Runner.run(Runner.scala:49) at io.gatling.app.Gatling$.start(Gatling.scala:87) at io.gatling.app.Gatling$.fromArgs(Gatling.scala:49) at io.gatling.app.Gatling$.main(Gatling.scala:38) at io.gatling.app.Gatling.main(Gatling.scala) |
| [02:00:43,372] | Stopping. |
| [02:00:43,569] | 2XL-AZ2-Priv-West: instances successfully stopped |
| [02:00:43,570] | Cleaning build directory /tmp/frontline-12514680640818791245 |
Stéphane LANDELLE
Feb 7, 2022, 8:02:11 AM2/7/22
to gat...@googlegroups.com
Hi,
I see several issues with this bc-fips library:
It looks like bc-fips was either released against an old version of core BouncyCastle core modules, or that an incompatible change was introduced in the BouncyCastle core modules.
- The pom published on maven central is broken. It doesn't declare any dependency while it obviously depends on other bc modules: the org.bouncycastle.crypto.CryptoServicesRegistrar is shipped in the bcprov-jdk15on library. There's no way to tell which version of bcprov-jdk15on this library depends on.
- It was last published on 29-Apr-2021. The last release of bcprov-jdk15on was on 01-Dec-2021, which is the version you have with Gatling Enterprise 1.16.1.
It looks like bc-fips was either released against an old version of core BouncyCastle core modules, or that an incompatible change was introduced in the BouncyCastle core modules.
There's nothing we can do on our side, that's something that has to get fixed on the bc-fips side where you need a release that's compiled against modern versions of the core modules. Ideally, this pom issue should get fixed too.
The project page says they are looking for maintenance sponsorship. If this library is important for you, you might want to consider sponsoring.
Another possibility is to contribute a fix yourself on GitHub: https://github.com/tashiscool/bc-fips
Cheers,
--
You received this message because you are subscribed to the Google Groups "Gatling User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gatling+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/gatling/CACzGBENsZdO_kTkhWrYrO6MZw9AVw7fWVwiycvWCOwhO06dFyA%40mail.gmail.com.
Stéphane LANDELLE
Feb 9, 2022, 9:11:38 AM2/9/22
to gat...@googlegroups.com
So actually, bc-fips contains classes that are forked from the standard BouncyCastle libs (same Fully Qualified Class Name, different methods, here org.bouncycastle.crypto.CryptoServicesRegistrar) so both can't properly co-exist in the same classpath.
Stéphane Landelle
Feb 15, 2022, 7:59:33 AM2/15/22
to Gatling User Group
In 3.8, I think we'll shadow the BouncyCastle we use in the recorder to avoid this kind of conflicts.
Khiem Tang
Feb 16, 2022, 2:34:18 AM2/16/22
to gat...@googlegroups.com
Thanks, Stéphane! I will look for that release.
To view this discussion on the web visit https://groups.google.com/d/msgid/gatling/ca785763-b239-4532-9de9-006adea90285n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages