search

AlmasB / FXGL

Java / JavaFX / Kotlin Game Library (Engine)
http://almasb.github.io/FXGL/
MIT License
4.38k stars 551 forks source link

UpdaterService fails due to handshake failure #910

Open sormuras opened 3 years ago

sormuras commented 3 years ago

Using jlink to create a custom runtime image may lead to following output.

.bach\workspace\image\bin\bach-fxgl
22:34:48.332 [JavaFX Application Thread] INFO  Engine               - FXGL-11.11 (08.09.2020 18.00) on WINDOWS (J:16-ea FX:16-ea)
22:34:48.333 [JavaFX Application Thread] INFO  Engine               - Source code and latest versions at: https://github.com/AlmasB/FXGL
22:34:48.333 [JavaFX Application Thread] INFO  Engine               -              Join the FXGL chat at: https://gitter.im/AlmasB/FXGL
22:34:48.710 [FXGL Background Thread 1 ] INFO  FXGLApplication      - FXGL initialization took: 0.245 sec
22:34:48.778 [FXGL Background Thread 1 ] INFO  FXGLApplication      - Game initialization took: 0.020 sec
22:34:48.945 [FXGL Background Thread 2 ] WARN  UpdaterService       - Failed to find updates: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

See https://github.com/sormuras/bach-fxgl/actions/runs/403066229 for an example and a reproducer.

If one adds requires jdk.crypto.ec; to a module description (or add it to linked modules manually), the handshake_failure is no longer issued.

...
22:35:53.250 [FXGL Background Thread 2 ] INFO  UpdaterService       - Your current version:  11.11
22:35:53.250 [FXGL Background Thread 2 ] INFO  UpdaterService       - Latest stable version: dev-SNAPSHOT
sormuras commented 3 years ago

I guess, FXGL uses module java.net.http, which in turn gets some https-related bits from module jdk.crypto.ec.

See also https://stackoverflow.com/questions/55439599/sslhandshakeexception-with-jlink-created-runtime

AlmasB commented 3 years ago

Nice, many thanks.

AlmasB commented 3 years ago

fxgl-net is the module that deals with networking stuff. UpdaterService (and any other code) calls fxgl-net to deal with networking. So, I suppose jdk.crypto.ec should go to the module-info.java in fxgl-net? If so, you are welcome to send a PR.

sormuras commented 3 years ago

I'd be happy to provide a PR, Almas.

Yet, module com.almasb.fxgl.net doesn't read module java.net.http as I expected. Perhaps, the standard "java.net" API from module java.base already reads that crypto-related module ... via META-INF/services? Do you want (me) to figure out the underlying reason before adding requires jdk.crypto.ec;?

AlmasB commented 3 years ago

Yeah, I don't remember adding java.net.http...

There is no rush with this as it doesn't crash the engine. The good news is that you already have a fix. So if you have time, a quick investigation would be much appreciated!

sormuras commented 5 months ago

Meanwhile...

warning: [removal] module jdk.crypto.ec has been deprecated and marked for removal requires jdk.crypto.ec; // https://github.com/AlmasB/FXGL/issues/910

That's due to https://bugs.openjdk.org/browse/JDK-8308398 "Move SunEC crypto provider into java.base" in Java 22.