-
Bug
-
Resolution: Cannot Reproduce
-
P3
-
None
-
1.1.2
-
generic
-
solaris_2.5.1
charlie.lai@Eng 1997-06-26
when trying to connect to: https://www.rsa.com
using hotjava/SSL with jdk1.1.2 and jdk1.1.3, i get
the following exception:
> java.lang.StackOverflowError
> at java.io.ObjectOutputStream.outputObject(ObjectOutputStream.java)
> at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java)
> at sun.hotjava.security.SSLTrustMgr.apply(SSLTrustMgr.java:72)
> at sun.hotjava.security.SSLTrustUI.isTrustedFor(SSLTrustUI.java:159)
> at sun.security.ssl.Handshaker.peerCertificate(Handshaker.java:621)
> at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:104)
> at sun.security.ssl.Handshaker.process_record(Handshaker.java:228)
> at sun.security.ssl.SSLSocket.clearPipeline(SSLSocket.java:573)
> at sun.security.ssl.SSLSocket.write(SSLSocket.java:448)
> at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:71)
> at java.io.OutputStream.write(OutputStream.java)
> at sun.net.www.https.HttpsClient.doConnect(HttpsClient.java:261)
> at sun.net.www.http.HttpClient.openServer(HttpClient.java:267)
> at sun.net.www.http.HttpClient.openServer(HttpClient.java:312)
> at sun.net.www.http.HttpClient.<init>(HttpClient.java:210)
> at sun.net.www.http.HttpClient.<init>(HttpClient.java:214)
> at sun.net.www.https.HttpsClient.<init>(HttpsClient.java:168)
> at sun.net.www.https.HttpsClient.New(HttpsClient.java:181)
> at
sun.net.www.protocol.https.HttpsURLConnection.connect(HttpsURLConnection.java:80
)
> at
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.jav
a:313)
> at sun.hotjava.doc.DocParser.run(DocParser.java:310)
> at java.lang.Thread.run(Thread.java)
it appears that all hotjava is doing is writing an object (an SSL certificate)
to a file using object serialization:
ObjectOutputStream out = new ObjectOutputStream(stream);
if (out == null) {
// this doesn't quite seem right
System.out.println("Couldn't save SSL certificates");
return;
}
--> out.writeObject(savedCerts);
the way i produced the problem was by invoking:
/home/charlie/bin/hotjava.sh
inside of this script, set JDK_HOME to the appropriate version of the jdk.
note that hotjava/ssl works fine with jdk1.1 and jdk1.1.1.