Make built-in bouncycastle actually work

This change fixes the following issues: * server needs bcpkix for parsing public/private keys. * do not special-case "jdk15on" in pkg_war. We only have these in the BC jars. * remove BC specific license checking exceptions. * remove language about requiring BC installed separately. * remove BC special-casing from eclipse setup. Tested: rm bin/* lib/* in testsite ran 141 -> 142 schema upgrade successfully ran daemon successfully LICENSE.txt in war file has an entry for the BC license Loaded new project in eclipse; verified that BouncyCastleUtil.java loads. Change-Id: I80c2b0c038ada8397b44373194bd199f491a39c3
2017-02-20 13:32:52 +01:00
parent 2634933198
commit 8dfc795649
5 changed files with 6 additions and 36 deletions
--- a/gerrit-server/BUILD
+++ b/gerrit-server/BUILD
@@ -55,6 +55,8 @@ java_library(
        "//lib:velocity",
        "//lib/antlr:java_runtime",
        "//lib/auto:auto-value",
+        "//lib/bouncycastle:bcpkix",
+        "//lib/bouncycastle:bcprov",
        "//lib/commons:codec",
        "//lib/commons:compress",
        "//lib/commons:dbcp",
--- a/tools/bzl/license-map.py
+++ b/tools/bzl/license-map.py
@@ -10,11 +10,6 @@ from shutil import copyfileobj
 from sys import stdout, stderr
 import xml.etree.ElementTree as ET

-KNOWN_PROVIDED_DEPS = [
-  "//lib/bouncycastle:bcpg",
-  "//lib/bouncycastle:bcpkix",
-  "//lib/bouncycastle:bcprov",
-]

 DO_NOT_DISTRIBUTE = "//lib:LICENSE-DO_NOT_DISTRIBUTE"

@@ -46,9 +41,6 @@ for xml in args.xmls:

      license_name = c.attrib["name"]
      if LICENSE_PREFIX in license_name:
-        if rule_name in KNOWN_PROVIDED_DEPS:
-          continue
-
        entries[rule_name].append(license_name)
        graph[license_name].append(rule_name)

@@ -97,12 +89,6 @@ Gerrit includes an SSH client (JSch), to support authenticated
 replication of changes to remote systems, such as for automatic
 updates of mirror servers, or realtime backups.

-For either feature to function, Gerrit requires the
-link:http://java.sun.com/javase/technologies/security/[Java Cryptography extensions]
-and/or the
-link:http://www.bouncycastle.org/java.html[Bouncy Castle Crypto API]
-to be installed by the end-user.
-
 == Licenses
 """)

--- a/tools/bzl/pkg_war.bzl
+++ b/tools/bzl/pkg_war.bzl
@@ -40,10 +40,6 @@ def _add_file(in_file, output):
  short_path = in_file.short_path
  n = in_file.basename

-  # TODO(davido): Drop this when provided_deps added to java_library
-  if n.find('-jdk15on-') != -1:
-    return []
-
  if short_path.startswith('gerrit-'):
    n = short_path.split('/')[0] + '-' + n

--- a/tools/bzl/test_license.sh
+++ b/tools/bzl/test_license.sh
@@ -1,16 +1,8 @@
 #!/bin/sh

-filtered="$1.filtered"
-
-cat $1 \
-  | grep -v "//lib/bouncycastle:bcpg" \
-  | grep -v "//lib/bouncycastle:bcpkix" \
-  | grep -v "//lib/bouncycastle:bcprov" \
-  > $filtered
-
-if test -s $filtered
+if test -s $1
 then
-  echo "$filtered not empty:"
-  cat $filtered
+  echo "$1 not empty:"
+  cat "$1"
  exit 1
 fi
--- a/tools/eclipse/BUILD
+++ b/tools/eclipse/BUILD
@@ -6,12 +6,6 @@ load(
    "CUSTOM_PLUGINS",
 )

-PROVIDED_DEPS = [
-    "//lib/bouncycastle:bcprov",
-    "//lib/bouncycastle:bcpg",
-    "//lib/bouncycastle:bcpkix",
-]
-
 TEST_DEPS = [
    "//gerrit-gpg:gpg_tests",
    "//gerrit-gwtui:ui_tests",
@@ -54,7 +48,7 @@ java_library(
 classpath_collector(
    name = "main_classpath_collect",
    testonly = 1,
-    deps = LIBS + PGMLIBS + DEPS + TEST_DEPS + PROVIDED_DEPS +
+    deps = LIBS + PGMLIBS + DEPS + TEST_DEPS +
           ["//plugins/%s:%s__plugin" % (n, n) for n in CORE_PLUGINS + CUSTOM_PLUGINS],
 )