Name: nt126004 Date: 07/25/2002


FULL PRODUCT VERSION :
java version "1.4.0_01-ea"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.0_01-ea-b02)
Java HotSpot(TM) Client VM (build 1.4.0_01-ea-b02, mixed mode)

FULL OPERATING SYSTEM VERSION :
Microsoft Windows 2000 [Version 5.00.2195]

ADDITIONAL OPERATING SYSTEMS :
Also occurs on an NT 4 PC. The problem doesnt appear
to be related to the OS.


EXTRA RELEVANT SYSTEM CONFIGURATION :
The client PCs use a proxy server to get to the IIS server
sending the applet.

A DESCRIPTION OF THE PROBLEM :
An attempt to read a DOD x509 certificate forces an
exception using either Netscape 7 or Internet Explorer 6
browsers. The problem occurs in Internet Explorer 6 after
installing the Netscape 7 browser which causes the Java 2
Advanced option to be set by default.

The code generating the exception:
URL url = new URL(getCodeBase(), "xxx.dat");
System.out.println("trying "+url);
InputStream is = url.openStream();

The resulting output displayed:
trying https://xxxx.xxx.xxx.xxx/graphicsapp/classes/xxx.dat
Connecting
https://xxxx.xxx.xxx.xxx/graphicsapp/classes/xxx.dat with
proxy=xxx.xx.xx.xxx:yyyy
Exception occured:
java.io.IOException: Incorrect AVA format
            at sun.security.x509.AVA.<init>(Unknown Source)
            at sun.security.x509.AVA.<init>(Unknown Source)
            at sun.security.x509.RDN.<init>(Unknown Source)
            at sun.security.x509.X500Name.parseDN(Unknown
Source)
            at sun.security.x509.X500Name.<init>(Unknown
Source)
            at sun.net.www.protocol.https.HttpsClient.b
(DashoA6275)
            at
sun.net.www.protocol.https.HttpsClient.afterConnect
(DashoA6275)
            at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnectio
n.setProxiedClient(DashoA6275)
            at
sun.net.www.protocol.https.PluginDelegateHttpsURLConnection.
superConnect(Unknown Source)
            at
sun.net.www.protocol.https.PluginDelegateHttpsURLConnection.
access$100(Unknown Source)
            at
sun.net.www.protocol.https.PluginDelegateHttpsURLConnection$
2.run(Unknown Source)
            at java.security.AccessController.doPrivileged
(Native Method)
            at
sun.net.www.protocol.https.PluginDelegateHttpsURLConnection.
connect(Unknown Source)
            at
sun.net.www.protocol.https.PluginDelegateHttpsURLConnection.
getInputStream(Unknown Source)
            at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputSt
ream(DashoA6275)
            at java.net.URL.openStream(Unknown Source)
            at LTest.start(LTest.java:12)
            at sun.applet.AppletPanel.run(Unknown Source)
            at java.lang.Thread.run(Unknown Source)


REGRESSION. Last worked in version 1.3

STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1. This problem occurs using DOD PKI x509 certificates on
an IIS server when running the applet in an IE 6 or
Netscape 7 browser. After installing the Netscape 7
browser, the Java 2 advanced option in Internet Explorer 6
is set on which causes it to have the same problem. When
the Advanced option is unchecked, the applet works properly.
2.
3.

EXPECTED VERSUS ACTUAL BEHAVIOR :
Expected the .dat file to be parsed properly without the
exception thrown as it does in previous versions.

Actual results give "java.io.IOException: Incorrect AVA
format "

ERROR MESSAGES/STACK TRACES THAT OCCUR :
Trying https://xxxx.xxx.xxx.xxx/graphicsapp/classes/xxx.dat
Connecting https://xxxx.xxx.xxx.xxx/graphicsapp/classes/xxx.dat with
proxy=xxx.xx.xx.xxx:yyyy
Exception occured:
java.io.IOException: Incorrect AVA format
            at sun.security.x509.AVA.<init>(Unknown Source)
            at sun.security.x509.AVA.<init>(Unknown Source)
            at sun.security.x509.RDN.<init>(Unknown Source)
            at sun.security.x509.X500Name.parseDN(Unknown Source)
            at sun.security.x509.X500Name.<init>(Unknown Source)
            at sun.net.www.protocol.https.HttpsClient.b(DashoA6275)
            at sun.net.www.protocol.https.HttpsClient.afterConnect(DashoA6275)
            at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.setProxiedClient
(DashoA6275)
            at
sun.net.www.protocol.https.PluginDelegateHttpsURLConnection.superConnect
(Unknown Source)
            at
sun.net.www.protocol.https.PluginDelegateHttpsURLConnection.access$100(Unknown
Source)
            at sun.net.www.protocol.https.PluginDelegateHttpsURLConnection$2.run
(Unknown Source)
            at java.security.AccessController.doPrivileged(Native Method)
            at
sun.net.www.protocol.https.PluginDelegateHttpsURLConnection.connect(Unknown
Source)
            at
sun.net.www.protocol.https.PluginDelegateHttpsURLConnection.getInputStream
(Unknown Source)
            at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream
(DashoA6275)
            at java.net.URL.openStream(Unknown Source)
            at LTest.start(LTest.java:12)
            at sun.applet.AppletPanel.run(Unknown Source)
            at java.lang.Thread.run(Unknown Source)


REPRODUCIBILITY :
This bug can be reproduced always.

---------- BEGIN SOURCE ----------
/*
 * Here is a standalone app which also generates the error.
 */
//import java.applet.*;
import java.net.*;
import java.net.*;
import java.io.*;
//import java.awt.Graphics;

class NetTest
{

public static void main(String args[])

   throws MalformedURLException, IOException
   {
        URL url;
        int ch;

        // Display extensive debug information about certificate handshake
        System.setProperty("javax.net.debug","all");

        try
        {
           url = new URL(args[0]);
        }

        catch (ArrayIndexOutOfBoundsException e)
        {
           url = new URL("https://xxxxxx.xxx.xxx.xxx/testjava/aaa.txt");
           System.out.println("Opening aaa.txt");
        }

        InputStream urlIn = url.openStream();

        if (urlIn != null)
        {
           System.out.println("Reading...");
           do
           {
                ch = urlIn.read();
                if (ch != -1)
                   System.out.print((char)ch);
           } while (ch != -1);
           System.out.println();
           urlIn.close();
        }
   }
}

/*
 * This is the original Applet.
 */
import java.applet.*;
import java.net.*;
import java.io.*;

public class LTest extends Applet
{
        public void start()
        {
                try {
                        URL url = new URL(getCodeBase(), "xxx.dat");
                        System.out.println("trying "+url);
                        InputStream is = url.openStream();
                        System.out.println("Opened stream. is="+is);
                        System.out.println("Reading:");
                        int data = -1;
                        while((data=is.read())!=-1)
                        {
                                System.out.print((char)data);
                        }
                        System.out.println("Done Reading");
                        System.out.println("Closing");
                        is.close();
                        System.out.println("Done");
                } catch (Throwable t) {
                        System.out.println("Exception occured:");
                        t.printStackTrace();
                }
        }
}
  

<applet width="1" height="1" code="LTest" codebase="classes">
</applet>

---------- END SOURCE ----------

CUSTOMER WORKAROUND :
In Internet Explorer 6, the user can disable the Advanced
option checkbox for using Java 2.
Netscape 7 doesnt appear to have a similar solution.
(Review ID: 158438)
======================================================================