Fix: Adds some more transitive dependency exclusions to fix a bug tha…

…t prevented the ACME client to fail with a NoClassDefFoundError and NoSuchFieldError: id_RSASSA_PSS_SHAKE128.
structr · Feb 13, 2024 · 72e9903 · 72e9903
1 parent d35a086
commit 72e9903
Show file tree

Hide file tree

Showing 5 changed files with 67 additions and 13 deletions.
diff --git a/structr-base/pom.xml b/structr-base/pom.xml
@@ -239,6 +239,24 @@
 		<dependency>
 			<groupId>org.apache.tika</groupId>
 			<artifactId>tika-parsers-standard-package</artifactId>
+			<exclusions>
+				<exclusion>
+					<groupId>org.bouncycastle</groupId>
+					<artifactId>bcmail-jdk18on</artifactId>
+				</exclusion>
+				<exclusion>
+					<groupId>org.bouncycastle</groupId>
+					<artifactId>bcutil-jdk18on</artifactId>
+				</exclusion>
+				<exclusion>
+					<groupId>org.bouncycastle</groupId>
+					<artifactId>bcpkix-jdk18on</artifactId>
+				</exclusion>
+				<exclusion>
+					<groupId>org.bouncycastle</groupId>
+					<artifactId>bcprov-jdk18on</artifactId>
+				</exclusion>
+			</exclusions>
 		</dependency>
 		<dependency>
 			<groupId>com.drewnoakes</groupId>

diff --git a/structr-modules/structr-messaging-engine-module/pom.xml b/structr-modules/structr-messaging-engine-module/pom.xml
@@ -11,7 +11,7 @@
 	<packaging>jar</packaging>
 
 	<properties>
-		<pulsar.version>2.11.0</pulsar.version>
+		<pulsar.version>3.2.0</pulsar.version>
 	</properties>
 
 	<dependencies>
@@ -58,6 +58,24 @@
 			<groupId>org.apache.pulsar</groupId>
 			<artifactId>pulsar-client</artifactId>
 			<version>${pulsar.version}</version>
+			<exclusions>
+				<exclusion>
+					<groupId>org.bouncycastle</groupId>
+					<artifactId>bcpkix-jdk18on</artifactId>
+				</exclusion>
+				<exclusion>
+					<groupId>org.bouncycastle</groupId>
+					<artifactId>bcprov-jdk18on</artifactId>
+				</exclusion>
+				<exclusion>
+					<groupId>org.bouncycastle</groupId>
+					<artifactId>bcutil-jdk18on</artifactId>
+				</exclusion>
+				<exclusion>
+					<groupId>org.bouncycastle</groupId>
+					<artifactId>bcprov-ext-jdk18on</artifactId>
+				</exclusion>
+			</exclusions>
 		</dependency>
 
 		<!-- Tests -->

diff --git a/structr-modules/structr-security-module/pom.xml b/structr-modules/structr-security-module/pom.xml
@@ -20,12 +20,12 @@
 		<dependency>
 			<groupId>org.shredzone.acme4j</groupId>
 			<artifactId>acme4j-client</artifactId>
-			<version>2.11</version>
+			<version>3.1.1</version>
 		</dependency>
 		<dependency>
 			<groupId>org.shredzone.acme4j</groupId>
 			<artifactId>acme4j-utils</artifactId>
-			<version>2.11</version>
+			<version>2.16</version>
 			<exclusions>
 				<exclusion>
 					<groupId>org.bouncycastle</groupId>

diff --git a/...ecurity-module/src/main/java/org/structr/security/service/RetrieveCertificateCommand.java b/...ecurity-module/src/main/java/org/structr/security/service/RetrieveCertificateCommand.java
@@ -633,14 +633,14 @@ private void cleanUpChallengeFiles() {
 
 	private Challenge httpChallenge(final Authorization auth) throws FrameworkException {
 
-		final Http01Challenge challenge = auth.findChallenge(Http01Challenge.class);
+		final Optional<Http01Challenge> challenge = auth.findChallenge(Http01Challenge.class);
 
-		if (challenge == null) {
+		if (challenge.isEmpty()) {
 			error("No " + Http01Challenge.TYPE + " challenge found, aborting.");
 		}
 
-		final String uriPath = "/.well-known/acme-challenge/" + challenge.getToken();
-		final String content = challenge.getAuthorization();
+		final String uriPath = "/.well-known/acme-challenge/" + challenge.get().getToken();
+		final String content = challenge.get().getAuthorization();
 
 		try {
 
@@ -696,7 +696,7 @@ public void handle(HttpExchange he) throws IOException {
 					parentFolder.setProperties(adminContext, props);
 					parentFolder.getParent().setProperties(adminContext, props);
 
-					org.structr.web.entity.File challengeFile = FileHelper.createFile(adminContext, new ByteArrayInputStream(content.getBytes()), "text/plain", SchemaHelper.getEntityClassForRawType("File"), challenge.getToken(), parentFolder);
+					org.structr.web.entity.File challengeFile = FileHelper.createFile(adminContext, new ByteArrayInputStream(content.getBytes()), "text/plain", SchemaHelper.getEntityClassForRawType("File"), challenge.get().getToken(), parentFolder);
 
 					props = new PropertyMap();
 					props.put(StructrApp.key(org.structr.web.entity.File.class, "visibleToPublicUsers"), true);
@@ -733,7 +733,7 @@ public void handle(HttpExchange he) throws IOException {
 			}
 		}
 
-		return challenge;
+		return challenge.get();
 	}
 
 	private Challenge dnsChallenge(final Authorization auth) throws FrameworkException {
@@ -743,14 +743,14 @@ private Challenge dnsChallenge(final Authorization auth) throws FrameworkExcepti
 
 	private Challenge dnsChallenge(final Authorization auth, final Integer wait) throws FrameworkException {
 
-		final Dns01Challenge challenge = auth.findChallenge(Dns01Challenge.TYPE);
-		if (challenge == null) {
+		final Optional<Dns01Challenge> challenge = auth.findChallenge(Dns01Challenge.TYPE);
+		if (challenge.isEmpty()) {
 			error("No " + Dns01Challenge.TYPE + " challenge found, aborting.");
 		}
 
 		final String domain = auth.getIdentifier().getDomain();
 		final String record = ACME_DNS_CHALLENGE_PREFIX + domain + ACME_DNS_CHALLENGE_SUFFIX;
-		final String digest = challenge.getDigest();
+		final String digest = challenge.get().getDigest();
 
 		final Object result = Actions.callWithSecurityContext("onAcmeChallenge", SecurityContext.getSuperUserInstance(), Map.of("type", "dns", "domain", domain, "record", record, "digest", digest));
 		if (result == null) {
@@ -769,7 +769,7 @@ private Challenge dnsChallenge(final Authorization auth, final Integer wait) thr
 			logger.info("{} IN TXT {}", record, digest);
 		}
 
-		return challenge;
+		return challenge.get();
 	}
 
 	private KeyPair getOrCreateUserKey() throws IOException {

diff --git a/structr-modules/structr-text-search-module/pom.xml b/structr-modules/structr-text-search-module/pom.xml
@@ -46,6 +46,24 @@
 		<dependency>
 			<groupId>org.apache.tika</groupId>
 			<artifactId>tika-parsers-standard-package</artifactId>
+			<exclusions>
+				<exclusion>
+					<groupId>org.bouncycastle</groupId>
+					<artifactId>bcmail-jdk18on</artifactId>
+				</exclusion>
+				<exclusion>
+					<groupId>org.bouncycastle</groupId>
+					<artifactId>bcutil-jdk18on</artifactId>
+				</exclusion>
+				<exclusion>
+					<groupId>org.bouncycastle</groupId>
+					<artifactId>bcpkix-jdk18on</artifactId>
+				</exclusion>
+				<exclusion>
+					<groupId>org.bouncycastle</groupId>
+					<artifactId>bcprov-jdk18on</artifactId>
+				</exclusion>
+			</exclusions>
 		</dependency>
 		<dependency>
 			<groupId>org.apache.tika</groupId>