Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Cannot Reproduce
Priority: P3
Fix Version/s: None
Affects Version/s: 1.1.2
Component/s: core-libs
Labels:
- SSL
- exception
- hotjava
- jdk
- serialization

Subcomponent:
java.io:serialization
CPU:

generic
OS:

solaris_2.5.1

Description

charlie.lai@Eng 1997-06-26

when trying to connect to: https://www.rsa.com
using hotjava/SSL with jdk1.1.2 and jdk1.1.3, i get
the following exception:

> java.lang.StackOverflowError
> at java.io.ObjectOutputStream.outputObject(ObjectOutputStream.java)
> at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java)
> at sun.hotjava.security.SSLTrustMgr.apply(SSLTrustMgr.java:72)
> at sun.hotjava.security.SSLTrustUI.isTrustedFor(SSLTrustUI.java:159)
> at sun.security.ssl.Handshaker.peerCertificate(Handshaker.java:621)
> at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:104)
> at sun.security.ssl.Handshaker.process_record(Handshaker.java:228)
> at sun.security.ssl.SSLSocket.clearPipeline(SSLSocket.java:573)
> at sun.security.ssl.SSLSocket.write(SSLSocket.java:448)
> at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:71)
> at java.io.OutputStream.write(OutputStream.java)
> at sun.net.www.https.HttpsClient.doConnect(HttpsClient.java:261)
> at sun.net.www.http.HttpClient.openServer(HttpClient.java:267)
> at sun.net.www.http.HttpClient.openServer(HttpClient.java:312)
> at sun.net.www.http.HttpClient.<init>(HttpClient.java:210)
> at sun.net.www.http.HttpClient.<init>(HttpClient.java:214)
> at sun.net.www.https.HttpsClient.<init>(HttpsClient.java:168)
> at sun.net.www.https.HttpsClient.New(HttpsClient.java:181)
> at
sun.net.www.protocol.https.HttpsURLConnection.connect(HttpsURLConnection.java:80
)
> at
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.jav
a:313)
> at sun.hotjava.doc.DocParser.run(DocParser.java:310)
> at java.lang.Thread.run(Thread.java)

it appears that all hotjava is doing is writing an object (an SSL certificate)
to a file using object serialization:

            ObjectOutputStream out = new ObjectOutputStream(stream);

            if (out == null) {
                // this doesn't quite seem right
                System.out.println("Couldn't save SSL certificates");
                return;
            }

--> out.writeObject(savedCerts);

the way i produced the problem was by invoking:
/home/charlie/bin/hotjava.sh

inside of this script, set JDK_HOME to the appropriate version of the jdk.
note that hotjava/ssl works fine with jdk1.1 and jdk1.1.1.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Charlie Lai (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 1997-06-26 13:20

Updated:: 1997-08-25 13:43

Resolved:: 1997-08-25 13:43

Imported:: 16/Sep/12 6:41 PM

Indexed:: 18/Jul/12 1:21 PM