FULL PRODUCT VERSION :
java version "1.6.0_20"
Java(TM) SE Runtime Environment (build 1.6.0_20-b02)
Java HotSpot(TM) Server VM (build 16.3-b01, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
Linux smlwx010 2.6.32-21-generic #32-Ubuntu SMP Fri Apr 16 08:10:02 UTC 2010 i686 GNU/Linux
EXTRA RELEVANT SYSTEM CONFIGURATION :
Ubuntu provided SUN JDK packages
A DESCRIPTION OF THE PROBLEM :
Signing a jar file with MANIFEST.MF not as first entry or containing INDEX.LIST without the manifest in there causes all manifest information to be lost after siging. This was not the case in java 1.6.0_16
I have found similar issues but none describe this regression.
This issue causes some of our legacy OSGi-compatible jars to be broken after signing.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Create a jar file using a zip tool and cause the META-INF/MANIFEST.MF not to be the first file.
Compare initial MANIFEST.MF with signed MANIFEST.MF
EXPECTED VERSUS ACTUAL BEHAVIOR :
no difference (except for signing info)
Only signing info in signed manifest, all initial info lost
This bug can be reproduced always.
CUSTOMER SUBMITTED WORKAROUND :
reassemble the incorrectly packaged jar