[
https://issues.apache.org/jira/browse/MRESOLVER-123?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17148603#comment-17148603
]
Michael Osipov commented on MRESOLVER-123:
------------------------------------------
At least for the storage attributes, there is not SHA-256 downloaded or
generated in this file. Thanks for the logfile.
I see:
{noformat}
[main] [DEBUG] http-outgoing-45 >> "GET
/nexus/content/groups/releases/org/apache/apache/19/apache-19.pom.sha256
HTTP/1.1[\r][\n]"
[main] [DEBUG] http-outgoing-45 >> "Cache-control: no-cache[\r][\n]"
[main] [DEBUG] http-outgoing-45 >> "Cache-store: no-store[\r][\n]"
[main] [DEBUG] http-outgoing-45 >> "Pragma: no-cache[\r][\n]"
[main] [DEBUG] http-outgoing-45 >> "User-Agent: Apache-Maven/3.6.3 (Java
11.0.5; Linux 5.3.0-61-generic)[\r][\n]"
[main] [DEBUG] http-outgoing-45 >> "Host: nexus-mirror.acme.com[\r][\n]"
[main] [DEBUG] http-outgoing-45 >> "Connection: Keep-Alive[\r][\n]"
[main] [DEBUG] http-outgoing-45 >> "Accept-Encoding: gzip,deflate[\r][\n]"
[main] [DEBUG] http-outgoing-45 >> "[\r][\n]"
[main] [DEBUG] http-outgoing-45 << "HTTP/1.1 200 OK[\r][\n]"
[main] [DEBUG] http-outgoing-45 << "Server: nginx/1.16.1[\r][\n]"
[main] [DEBUG] http-outgoing-45 << "Date: Tue, 30 Jun 2020 10:12:39 GMT[\r][\n]"
[main] [DEBUG] http-outgoing-45 << "Content-Type:
application/octet-stream[\r][\n]"
[main] [DEBUG] http-outgoing-45 << "Content-Length: 64[\r][\n]"
[main] [DEBUG] http-outgoing-45 << "Connection: close[\r][\n]"
[main] [DEBUG] http-outgoing-45 << "X-Frame-Options: SAMEORIGIN[\r][\n]"
[main] [DEBUG] http-outgoing-45 << "X-Content-Type-Options: nosniff[\r][\n]"
[main] [DEBUG] http-outgoing-45 << "Accept-Ranges: bytes[\r][\n]"
[main] [DEBUG] http-outgoing-45 << "ETag:
"{SHA1{bf300ccb33a85ea7dafda571a48fd77d4efaac76}}"[\r][\n]"
[main] [DEBUG] http-outgoing-45 << "Last-Modified: Tue, 30 Jun 2020 06:16:15
GMT[\r][\n]"
[main] [DEBUG] http-outgoing-45 << "Strict-Transport-Security:
max-age=63072000[\r][\n]"
[main] [DEBUG] http-outgoing-45 << "X-Frame-Options: DENY[\r][\n]"
[main] [DEBUG] http-outgoing-45 << "X-Content-Type-Options: nosniff[\r][\n]"
[main] [DEBUG] http-outgoing-45 << "[\r][\n]"
[main] [DEBUG] http-outgoing-45 <<
"cd622094264b0868aeb108cb3adec4201c6e9af8f50e29a28bb13a5e9d9279a8"
[main] [DEBUG] http-outgoing-45 << HTTP/1.1 200 OK
[main] [DEBUG] http-outgoing-45 << Server: nginx/1.16.1
[main] [DEBUG] http-outgoing-45 << Date: Tue, 30 Jun 2020 10:12:39 GMT
[main] [DEBUG] http-outgoing-45 << Content-Type: application/octet-stream
[main] [DEBUG] http-outgoing-45 << Content-Length: 64
[main] [DEBUG] http-outgoing-45 << Connection: close
[main] [DEBUG] http-outgoing-45 << X-Frame-Options: SAMEORIGIN
[main] [DEBUG] http-outgoing-45 << X-Content-Type-Options: nosniff
[main] [DEBUG] http-outgoing-45 << Accept-Ranges: bytes
[main] [DEBUG] http-outgoing-45 << ETag:
"{SHA1{bf300ccb33a85ea7dafda571a48fd77d4efaac76}}"
[main] [DEBUG] http-outgoing-45 << Last-Modified: Tue, 30 Jun 2020 06:16:15 GMT
[main] [DEBUG] http-outgoing-45 << Strict-Transport-Security: max-age=63072000
[main] [DEBUG] http-outgoing-45 << X-Frame-Options: DENY
[main] [DEBUG] http-outgoing-45 << X-Content-Type-Options: nosniff
[main] [DEBUG] http-outgoing-45: Close connection
[main] [DEBUG] Connection discarded
[main] [DEBUG] Connection released: [id: 45][route:
{s}->https://nexus-mirror.acme.com:443][total kept alive: 0; route allocated: 0
of 20; total allocated: 0 of 40]
[main] [WARNING] Checksum validation failed, expected
cd622094264b0868aeb108cb3adec4201c6e9af8f50e29a28bb13a5e9d9279a8 but is
91f7a33096ea69bac2cbaf6d01feb934cac002c48d8c8cfa9c240b40f1ec21df from
central-cm-mirror for
https://nexus-mirror.acme.com/nexus/content/groups/releases/org/apache/apache/19/apache-19.pom
{noformat}
but
{noformat}
$ curl -sq
https://repo.maven.apache.org/maven2/org/apache/apache/19/apache-19.pom | sha256
91f7a33096ea69bac2cbaf6d01feb934cac002c48d8c8cfa9c240b40f1ec21df
{noformat}
So we have two problems here:
1. You have problem with your Nexus instance. It generates wrong checksums. You
didn't see this before because SHA-2 family has been added recently. Talk to
your admin to resolve this issue. Meanwhile do
{{-Daether.checksums.algorithms=SHA-1}} and reupload the log with headers only.
2. Output
{noformat}
[main] [WARNING] Checksum validation failed, expected
cd622094264b0868aeb108cb3adec4201c6e9af8f50e29a28bb13a5e9d9279a8 but is
91f7a33096ea69bac2cbaf6d01feb934cac002c48d8c8cfa9c240b40f1ec21df from
central-cm-mirror for
https://nexus-mirror.acme.com/nexus/content/groups/releases/org/apache/apache/19/apache-19.pom
{noformat}
seems to be wrong. It should read switched. We expected
{{91f7a33096ea69bac2cbaf6d01feb934cac002c48d8c8cfa9c240b40f1ec21df}}, but Nexus
delivered {{91f7a33096ea69bac2cbaf6d01feb934cac002c48d8c8cfa9c240b40f1ec21df}}.
I will investigate this one.
> Concurrency issues
> ------------------
>
> Key: MRESOLVER-123
> URL: https://issues.apache.org/jira/browse/MRESOLVER-123
> Project: Maven Resolver
> Issue Type: Bug
> Components: resolver
> Affects Versions: 1.4.2
> Reporter: Michael Osipov
> Priority: Critical
> Attachments: checksum-error-debug.log
>
>
> This is an umbrella ticket for a long standing issue with Maven Resolver: Our
> concurrency support is mediocre in a way that if two or more threads try to
> download the same file and fail to queue those write actions nicely. The
> problem is that The {{SyncContext}} and the its factory provided by Maven
> Resolver does not employ any locking at all. As layed out in detail in
> MRESOLVER-114 we need striped read write locks on artifacts and its metadata.
> This issue shall track progress on it. Even Takari Concurrent Repository
> extension does not help because it is only intended to synchronize concurrent
> access by multple JVMs and not threads.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
