Open norbertroamsys opened 1 year ago
We are facing a similar problem while using java 8/Tomcat 9. We have been able to get around this by restarting production tomcats but users and us are looking for a more permanent solution. Here is our error.
2024-04-22 10:06:49,561 ERROR - [https-jsse-nio-7010-exec-421] concurrent.Promise (Promise.java:174) - [<kex done]> woke to:
net.schmizz.sshj.transport.TransportException: class configured for KeyPairGenerator (provider: BC) cannot be found.
2024-04-22 10:06:49,554 ERROR - [reader] transport.TransportImpl (TransportImpl.java:612) - Dying because - class configured for
KeyPairGenerator (provider: BC) cannot be found. net.schmizz.sshj.common.SSHRuntimeException: class configured for
KeyPairGenerator (provider: BC) cannot be found. at net.schmizz.sshj.transport.kex.DHBase.[init](DHBase.java:41) ~[sshj-0.31.0.jar:0.31.0]
SSHJ version
<groupId>com.hierynomus</groupId>
<artifactId>sshj</artifactId>
<version>0.31.0</version>
This seems to only happen when using SFTP.
Any tips on how to fix this or a permanent solution would be greatly appreciated.
We use the sshj library in our Java 11/Tomcat 9 environment and it works quite fine! But after a redeploy of the web application in Tomcat we ran into the following classloader problem reported by the Tomcat Webapp classloader:
We found some information in Stack Overflow, but no acceptable solution.
The reason for this behavior is the current implementation in
SecurityUtils
:registerSecurityProvider(className)
resolves the Class byClass.forName(className)
using the calling class classloaderSecurity.addProvider(provider)
We are not sure how to fix the problem in an acceptable way.
What we do as a workaround is cleaning JDK's
Security
using the following code in a static initializer of ourSSHClient
factory:This is ok in our Use Case because SSHJ is the only library that makes usage of BouncyCastle provider.
A solution that should work maybe an addition setter in
SecurityUtils
:Than the using code is able to set the provider from outside:
SecurityUtils.setProvider(new BouncyCastleProvider());
The using code has to define a direct dependency to the bouncy castle lib instead of using resolving at runtime by
Class.forName()
.Maybe the issue https://github.com/hierynomus/sshj/issues/782 is somehow related to this and the code change suggested can solve both problems?
Used version:
Thanks for your assistants! If our solution is acceptable for you we can also provide a pull request for changing the code ;-).