Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-4061723

hotjava/SSL throws an exception when trying to serialize an SSL certificate

XMLWordPrintable


      charlie.lai@Eng 1997-06-26

      when trying to connect to: https://www.rsa.com
      using hotjava/SSL with jdk1.1.2 and jdk1.1.3, i get
      the following exception:

      > java.lang.StackOverflowError
      > at java.io.ObjectOutputStream.outputObject(ObjectOutputStream.java)
      > at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java)
      > at sun.hotjava.security.SSLTrustMgr.apply(SSLTrustMgr.java:72)
      > at sun.hotjava.security.SSLTrustUI.isTrustedFor(SSLTrustUI.java:159)
      > at sun.security.ssl.Handshaker.peerCertificate(Handshaker.java:621)
      > at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:104)
      > at sun.security.ssl.Handshaker.process_record(Handshaker.java:228)
      > at sun.security.ssl.SSLSocket.clearPipeline(SSLSocket.java:573)
      > at sun.security.ssl.SSLSocket.write(SSLSocket.java:448)
      > at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:71)
      > at java.io.OutputStream.write(OutputStream.java)
      > at sun.net.www.https.HttpsClient.doConnect(HttpsClient.java:261)
      > at sun.net.www.http.HttpClient.openServer(HttpClient.java:267)
      > at sun.net.www.http.HttpClient.openServer(HttpClient.java:312)
      > at sun.net.www.http.HttpClient.<init>(HttpClient.java:210)
      > at sun.net.www.http.HttpClient.<init>(HttpClient.java:214)
      > at sun.net.www.https.HttpsClient.<init>(HttpsClient.java:168)
      > at sun.net.www.https.HttpsClient.New(HttpsClient.java:181)
      > at
      sun.net.www.protocol.https.HttpsURLConnection.connect(HttpsURLConnection.java:80
      )
      > at
      sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.jav
      a:313)
      > at sun.hotjava.doc.DocParser.run(DocParser.java:310)
      > at java.lang.Thread.run(Thread.java)

      it appears that all hotjava is doing is writing an object (an SSL certificate)
      to a file using object serialization:

                  ObjectOutputStream out = new ObjectOutputStream(stream);
       
                  if (out == null) {
                      // this doesn't quite seem right
                      System.out.println("Couldn't save SSL certificates");
                      return;
                  }
       
      --> out.writeObject(savedCerts);

      the way i produced the problem was by invoking:
      /home/charlie/bin/hotjava.sh

      inside of this script, set JDK_HOME to the appropriate version of the jdk.
      note that hotjava/ssl works fine with jdk1.1 and jdk1.1.1.


            Unassigned Unassigned
            claisunw Charlie Lai (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved:
              Imported:
              Indexed: