Spark 2.9.4 hanging in "Authorization" after update to Fedora 36

bastischubert · May 12, 2022, 7:56pm

Hi there,

just updated my Workstation to Fedora 36 from 35 and now Spark (2.9.4) is hanging after starting.
Just showing the spinner and “Authentifizierung” below that.
The Other Spark 2.9.4 on MacOS has no issues and connects to that Server (Openfire 4.7.1) withouth problems…
Throwing away the .Spark directory and creating the account from scratch also gets stuck at the same point, but this time i can open the debug windows and grab some informations (see screenshots)

Any Help is appreciated

bastischubert · May 12, 2022, 7:56pm

and this is the starting screen which is hanging …
Bildschirmfoto vom 2022-05-12 21-50-36

guus · May 18, 2022, 8:08am

Hi Sebastian. That’s weird. I can’t think of much that would be affected by the operating system that Spark is using.

Are there any clues in the logfiles of either Spark (these are in your .Spark directory) or Openfire?

bastischubert · May 23, 2022, 3:06pm

the only thing i can find in the logs is that it complains about certificates…

Mai 23, 2022 4:46:39 PM org.jivesoftware.spark.util.log.Log warning
WARNUNG: Cannot build certificate chain
java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
	at java.base/java.security.cert.PKIXParameters.setTrustAnchors(PKIXParameters.java:200)
	at java.base/java.security.cert.PKIXParameters.<init>(PKIXParameters.java:157)
	at java.base/java.security.cert.PKIXBuilderParameters.<init>(PKIXBuilderParameters.java:130)
	at org.jivesoftware.sparkimpl.certificates.SparkExceptionsTrustManager.validatePath(SparkExceptionsTrustManager.java:94)
	at org.jivesoftware.sparkimpl.certificates.SparkExceptionsTrustManager.checkServerTrusted(SparkExceptionsTrustManager.java:44)
	at org.jivesoftware.sparkimpl.certificates.SparkTrustManager.doTheChecks(SparkTrustManager.java:111)
	at org.jivesoftware.sparkimpl.certificates.SparkTrustManager.checkServerTrusted(SparkTrustManager.java:92)
	at java.base/sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:1471)
	at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:638)
	at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(CertificateMessage.java:473)
	at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(CertificateMessage.java:369)
	at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396)
	at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:480)
	at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:458)
	at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:201)
	at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
	at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1505)
	at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1420)
	at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:455)
	at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:426)
	at org.jivesoftware.smack.tcp.XMPPTCPConnection.proceedTLSReceived(XMPPTCPConnection.java:856)
	at org.jivesoftware.smack.tcp.XMPPTCPConnection.access$2000(XMPPTCPConnection.java:155)
	at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPConnection.java:1171)
	at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$1000(XMPPTCPConnection.java:1092)
	at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnection.java:1112)
	at java.base/java.lang.Thread.run(Thread.java:833)

Debug output here: Looking at the certs presented by the server: ✘ basti@basti-nuc  /etc/pki/c - Pastebin.com since i’m only allowed to input 2 Links into a posting …

Any idea on how to get more info which cert chain actually is br0ke or any other hints?

bastischubert · May 23, 2022, 3:14pm

Ok, downgrading java to 1.8 instead of 17 did the trick… it’s now working…

ilyaHlevnoy · May 23, 2022, 6:26pm

Hi!
Yes, I can confirm that since Java 16 there is a login issue.

guus · May 24, 2022, 7:33am

Ah, I was unaware of this. I have created a new placeholder issue for this problem: [SPARK-2270] - Ignite Realtime Jira

ilyaHlevnoy · May 24, 2022, 10:04am

If I remove all plugins from Spark(
installation folder and appdata folder) then I can login. I think there is a bug somewhere.

ilyaHlevnoy · May 24, 2022, 1:44pm

I think this is the source of the problem, Java 11-15 talks about it

github.com

igniterealtime/Spark/blob/1f103a80fc1d62fba522da118ef391f8b9fc61f5/core/src/main/java/org/jivesoftware/spark/util/URLFileSystem.java#L593

      
        
                    //  implementation to address the problems above, we may be able
                    //  to change the internal mechanism to use the regular URL
                    //  constructors.  For the time being, after having weighed the
                    //  various other alternatives and even tried some of them (and
                    //  encountered other problems), our decision is to force our way
                    //  through to the URL.set(...) method, taking care to invoke
                    //  it method exactly once per URL object with the exactly the
                    //  right arguments.
                    //
                    //  --jdijamco  March 14, 2001
                    urlSet.setAccessible(true);
                }
                catch (NoSuchMethodException e) {
                    //!jdijamco -- Have some fallback option so that <clinit> doesn't
                    //!jdijamco -- just totally barf and prevent the IDE from starting?
                    throw new IllegalStateException();
                }
            }
            
            
public static File url2File(URL url) {
                final String path = url.getPath();