-
Bug
-
Resolution: Fixed
-
P2
-
6, 6u1, 6u2
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-2149586 | 6u4 | Dennis Gu | P2 | Resolved | Fixed | b01 |
FULL PRODUCT VERSION :
java version "1.6.0"
Java(TM) SE Runtime Environment (build 1.6.0-b105)
Java HotSpot(TM) Client VM (build 1.6.0-b105, mixed mode, sharing)
ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows XP [Version 5.1.2600]
A DESCRIPTION OF THE PROBLEM :
When an application started with JWS tries to establish a HTTPS connection, a NullPointerException is thrown. I have found out, that the bug only occurs, if you specify a custom HostnameVerifier.
ERROR MESSAGES/STACK TRACES THAT OCCUR :
javax.net.ssl.SSLException: java.lang.NullPointerException
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at de.igel.rm.ServerConnection.connect(ServerConnection.java:1400)
at de.igel.rm.ServerConnection.getServerVersion(ServerConnection.java:431)
at de.igel.rm.gui.MainFrame$ConnectThread.work(MainFrame.java:914)
at de.igel.util.WorkerThread.run(WorkerThread.java:32)
Caused by: java.lang.NullPointerException
at com.sun.deploy.security.X509ExtendedDeployTrustManager.isSupportedAlgorithm(Unknown Source)
at com.sun.deploy.security.X509ExtendedDeployTrustManager.checkServerTrusted(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
... 10 more
---------- BEGIN SOURCE ----------
package de.igel;
import javax.net.ssl.*;
import java.net.URL;
import java.io.InputStream;
import java.io.IOException;
public class HttpsTest
{
public static final String httpsUrl = "https://scgi.ebay.com/ws/eBayISAPI.dll?RegisterEnterInfo" ;
public static void main( String[] args )
{
HttpsURLConnection.setDefaultHostnameVerifier( new NoHostnameVerify() );
try
{
URL u = new URL( httpsUrl );
HttpsURLConnection con = (HttpsURLConnection)u.openConnection();
InputStream in = con.getInputStream();
int c = 0;
while( ( c = in.read() ) != -1 )
{
System.out.print( (char)c );
}
}
catch( IOException e )
{
e.printStackTrace();
}
}
}
class NoHostnameVerify implements HostnameVerifier
{
public boolean verify(String parm1, SSLSession parm2)
{
return true;
}
}
I have used the following JNLP descriptor:
<jnlp spec="1.0+" codebase="http://localhost:8080/" href="http://localhost:8080/test/httpstest.jnlp">
<information>
<title>HTTPS test</title>
<vendor>IGEL Technology GmbH</vendor>
<homepage href="http://www.igel.de"/>
<description>Trys to open a HTTPS connection</description>
<offline-allowed/>
</information>
<security>
<all-permissions/>
</security>
<resources>
<j2se href="http://java.sun.com/products/autodl/j2se" version="1.5+"/>
<jar href="http://localhost:8080/test/test.jar" download="eager"/>
</resources>
<application-desc main-class="de.igel.HttpsTest"/>
</jnlp>
---------- END SOURCE ----------
REPRODUCIBILITY :
This bug can be reproduced always.
java version "1.6.0"
Java(TM) SE Runtime Environment (build 1.6.0-b105)
Java HotSpot(TM) Client VM (build 1.6.0-b105, mixed mode, sharing)
ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows XP [Version 5.1.2600]
A DESCRIPTION OF THE PROBLEM :
When an application started with JWS tries to establish a HTTPS connection, a NullPointerException is thrown. I have found out, that the bug only occurs, if you specify a custom HostnameVerifier.
ERROR MESSAGES/STACK TRACES THAT OCCUR :
javax.net.ssl.SSLException: java.lang.NullPointerException
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at de.igel.rm.ServerConnection.connect(ServerConnection.java:1400)
at de.igel.rm.ServerConnection.getServerVersion(ServerConnection.java:431)
at de.igel.rm.gui.MainFrame$ConnectThread.work(MainFrame.java:914)
at de.igel.util.WorkerThread.run(WorkerThread.java:32)
Caused by: java.lang.NullPointerException
at com.sun.deploy.security.X509ExtendedDeployTrustManager.isSupportedAlgorithm(Unknown Source)
at com.sun.deploy.security.X509ExtendedDeployTrustManager.checkServerTrusted(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
... 10 more
---------- BEGIN SOURCE ----------
package de.igel;
import javax.net.ssl.*;
import java.net.URL;
import java.io.InputStream;
import java.io.IOException;
public class HttpsTest
{
public static final String httpsUrl = "https://scgi.ebay.com/ws/eBayISAPI.dll?RegisterEnterInfo" ;
public static void main( String[] args )
{
HttpsURLConnection.setDefaultHostnameVerifier( new NoHostnameVerify() );
try
{
URL u = new URL( httpsUrl );
HttpsURLConnection con = (HttpsURLConnection)u.openConnection();
InputStream in = con.getInputStream();
int c = 0;
while( ( c = in.read() ) != -1 )
{
System.out.print( (char)c );
}
}
catch( IOException e )
{
e.printStackTrace();
}
}
}
class NoHostnameVerify implements HostnameVerifier
{
public boolean verify(String parm1, SSLSession parm2)
{
return true;
}
}
I have used the following JNLP descriptor:
<jnlp spec="1.0+" codebase="http://localhost:8080/" href="http://localhost:8080/test/httpstest.jnlp">
<information>
<title>HTTPS test</title>
<vendor>IGEL Technology GmbH</vendor>
<homepage href="http://www.igel.de"/>
<description>Trys to open a HTTPS connection</description>
<offline-allowed/>
</information>
<security>
<all-permissions/>
</security>
<resources>
<j2se href="http://java.sun.com/products/autodl/j2se" version="1.5+"/>
<jar href="http://localhost:8080/test/test.jar" download="eager"/>
</resources>
<application-desc main-class="de.igel.HttpsTest"/>
</jnlp>
---------- END SOURCE ----------
REPRODUCIBILITY :
This bug can be reproduced always.
- backported by
-
JDK-2149586 A NullPointerException is throw when HTTPS connection is established
-
- Resolved
-
- duplicates
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
- relates to
-
-
- Closed
-
(1 duplicates, 1 relates to)