Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-8274

wildfly-openssl - wfssl lib does not load on Solaris 10

XMLWordPrintable

      As we currently don't know about any other solution, customer will have to set up LD_LIBRARY_PATH appropriatelly for EAP to find location of propper libgcc library in case he wants to use OpenSSL based security in EAP. As we build only 64b version of wildfly-openssl libraries for Solaris, customer should add /usr/sfw/lib/64 into LD_LIBRARY_PATH so appropriate system libraries are utilized during the OpenSSL initialization and EAP boot. This modification is neccessary only for Solaris 10 platform. Solaris 11 seems to work just fine even without such modification.


      Original description of this jira follows:

      On Solaris 10 (both x86_64 and SPARC) it is not possible to load 'wfssl' library.

      Steps to reproduce:

      1. unzip EAP
      2. start with path to OpenSSL libraries ./standalone.sh -Dorg.wildfly.openssl.path=<path>
      3. set up openssl provider: /core-service=management/security-realm=ApplicationRealm/server-identity=ssl:write-attribute(name=protocol,value=openssl.TLS)
      4. reload and see following error 
        2017-01-13 08:26:06,672 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-8) MSC000001: Failed to start service jboss.server.controller.management.security_realm.ApplicationRealm.ssl-context: org.jboss.msc.service.StartException in service jboss.server.controller.management.security_realm.ApplicationRealm.ssl-context: WFLYDM0018: Unable to start service
        at org.jboss.as.domain.management.security.SSLContextService.start(SSLContextService.java:108)
        at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1963)
        at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1896)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
        at java.lang.Thread.run(Thread.java:745)
Caused by: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: openssl.TLS, provider: openssl, class: org.wildfly.openssl.OpenSSLContextSPI$OpenSSLTLSContextSpi)
        at java.security.Provider$Service.newInstance(Provider.java:1617)
        at sun.security.jca.GetInstance.getInstance(GetInstance.java:236)
        at sun.security.jca.GetInstance.getInstance(GetInstance.java:164)
        at javax.net.ssl.SSLContext.getInstance(SSLContext.java:156)
        at org.jboss.as.domain.management.security.SSLContextService.start(SSLContextService.java:97)
        ... 5 more
Caused by: java.lang.RuntimeException: java.lang.reflect.InvocationTargetException
        at org.wildfly.openssl.SSL.init(SSL.java:86)
        at org.wildfly.openssl.OpenSSLContextSPI.<init>(OpenSSLContextSPI.java:119)
        at org.wildfly.openssl.OpenSSLContextSPI$OpenSSLTLSContextSpi.<init>(OpenSSLContextSPI.java:427)
        at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
        at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
        at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
        at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
        at java.security.Provider$Service.newInstance(Provider.java:1595)
        ... 9 more
Caused by: java.lang.reflect.InvocationTargetException
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.wildfly.openssl.SSL.init(SSL.java:81)
        ... 16 more
Caused by: java.lang.UnsatisfiedLinkError: no wfssl in java.library.path
        at java.lang.ClassLoader.loadLibrary(ClassLoader.java:1867)
        at java.lang.Runtime.loadLibrary0(Runtime.java:870)
        at java.lang.System.loadLibrary(System.java:1122)
        at org.wildfly.openssl.SSL$LibraryLoader.load(SSL.java:221)
        ... 21 more

      When I tried to select path to 'wfssl' manually, I got different error:

      ./standalone.sh -Dorg.wildfly.openssl.path=<path> -Dorg.wildfly.openssl.libwfssl.path=<EAP_HOME>/modules/system/layers/base/org/wildfly/openssl/main/lib/solaris-x86_64/libwfssl.so

2017-01-13 09:10:20,959 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-1) MSC000001: Failed to start service jboss.server.controller.management.security_realm.ApplicationRealm.ssl-context: org.jboss.msc.service.StartException in service jboss.server.controller.management.security_realm.ApplicationRealm.ssl-context: WFLYDM0018: Unable to start service
        at org.jboss.as.domain.management.security.SSLContextService.start(SSLContextService.java:108)
        at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1963)
        at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1896)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
        at java.lang.Thread.run(Thread.java:745)
Caused by: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: openssl.TLS, provider: openssl, class: org.wildfly.openssl.OpenSSLContextSPI$OpenSSLTLSContextSpi)
        at java.security.Provider$Service.newInstance(Provider.java:1617)
        at sun.security.jca.GetInstance.getInstance(GetInstance.java:236)
        at sun.security.jca.GetInstance.getInstance(GetInstance.java:164)
        at javax.net.ssl.SSLContext.getInstance(SSLContext.java:156)
        at org.jboss.as.domain.management.security.SSLContextService.start(SSLContextService.java:97)
        ... 5 more
Caused by: java.lang.UnsatisfiedLinkError: /mnt/hudson_workspace/workspace/eap-7x-undertow-wildfly-openssl-tests/85466bbf/workspace/jboss-eap-7.1/modules/system/layers/base/org/wildfly/openssl/main/lib/solaris-x86_64/libwfssl.so: ld.so.1: java: fatal: /usr/local/lib/libgcc_s.so.1: wrong ELF class: ELFCLASS32
        at java.lang.ClassLoader$NativeLibrary.load(Native Method)
        at java.lang.ClassLoader.loadLibrary0(ClassLoader.java:1941)
        at java.lang.ClassLoader.loadLibrary(ClassLoader.java:1824)
        at java.lang.Runtime.load0(Runtime.java:809)
        at java.lang.Runtime.load(Runtime.java:797)
        at org.wildfly.openssl.SSL.init(SSL.java:90)
        at org.wildfly.openssl.OpenSSLContextSPI.<init>(OpenSSLContextSPI.java:119)
        at org.wildfly.openssl.OpenSSLContextSPI$OpenSSLTLSContextSpi.<init>(OpenSSLContextSPI.java:427)
        at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
        at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
        at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
        at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
        at java.security.Provider$Service.newInstance(Provider.java:1595)
        ... 9 more

      Solaris 11 (both x86_64 and SPARC) seem to be working just fine.

      Marking this as a blocker as we have to fix wfssl loading on Solaris 10 as it is part of our certification matrix with direct impact to customers that would need to use wildfly-openssl on such machines.

              rhn-support-pnag Priyanka Nag
              jstourac@redhat.com Jan Stourac
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: