GitHub-Spring/spring-boot
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-boot.git synced 2026-05-02 19:30:23 +01:00
Code Issues Projects Releases Wiki Activity
Files
af2e363252f1221facb77c4e046de0b65f4fbdd3
spring-boot/spring-boot-project/spring-boot-tools/spring-boot-gradle-plugin
T
History
Phillip Webb 33c5e1269a Write signature files to uber jars to for Oracle Java 17 verification 
Update Gradle and Maven plugins to write an empty `META-INF/BOOT.SF`
file whenever there is a nested signed jar.

This update allows Oracle Java 17 to correctly verify the nested JARs.
The file is required because `JarVerifier` has code roughly equivalent
to:

	if (!jarManifestNameChecked && SharedSecrets
			.getJavaUtilZipFileAccess().getManifestName(jf, true) == null) {
    	throw new JarException("The JCE Provider " + jarURL.toString() +
    		" is not signed.");
	}

The `SharedSecrets.getJavaUtilZipFileAccess().getManifestName(jf, true)`
call ends up in `ZipFile.getManifestName(onlyIfSignatureRelatedFiles)`
which is a private method that we cannot override in our `NestedJarFile`
subclass. By writing an empty `.SF` file we ensure that the `Manifest`
is always returned because there are always "signature related files".

Fixes gh-28837
2023-10-16 16:19:16 -07:00
..
src
Write signature files to uber jars to for Oracle Java 17 verification
2023-10-16 16:19:16 -07:00
.gitignore
build.gradle
Merge branch '3.1.x'
2023-09-01 14:18:23 +01:00