-
Bug
-
Resolution: Not an Issue
-
P3
-
7
-
x86
-
linux
FULL PRODUCT VERSION :
java -version
java version "1.7.0"
Java(TM) SE Runtime Environment (build 1.7.0-b147)
Java HotSpot(TM) 64-Bit Server VM (build 21.0-b17, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
Linux linux-phqm 3.1.9-1.4-desktop #1 SMP PREEMPT Fri Jan 27 08:55:10 UTC 2012 (efb5ff4) x86_64 x86_64 x86_64 GNU/Linux
Also observed on Windows XP(32 bit)
EXTRA RELEVANT SYSTEM CONFIGURATION :
Browser used: Firefox
Http server: Jetty
A DESCRIPTION OF THE PROBLEM :
Java plug-in 1.7 does not load properly applets over HTTPs. The problem does not seem to occur over plain HTTP.
When trying to load an HTML page containing the following applet definition:
<object width="1" height="1" id="webClientApplet" classid="clsid:CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA">
<param name="code" value="com.xxxxxxxxx.xx.client.web.TransferManager"/>
<param name="codebase" value="/html/skin/iso1/C"/>
<param name="archive" value="WebClientAppletSigned-1.3.jar"/>
<param name="name" value="webClientApplet"/>
<param name="type" value="application/x-java-applet;version=1.5"/>
<param name="scriptable" value="true"/>
<param name="mayscript" value="true"/>
<param name="mode" value="binary"/>
<param name="bgcolor" value="DBE4EA"/>
<param name="loglevel" value="info"/>
<comment>
<embed
type="application/x-java-applet"
code="com.tumbleweed.st.client.web.TransferManager"
codebase="/html/skin/iso1/C"
archive="WebClientAppletSigned-1.3.jar"
name="webClientApplet"
id="webClientApplet"
width="1"
height="1"
mode="binary"
bgcolor="DBE4EA"
scriptable="true"
mayscript="true"
pluginspage = "http://java.sun.com/products/plugin/index.html#download"
loglevel="info" >
</embed>
</comment>
</object>
the following exception is thrown in the Java console:
java.lang.ClassNotFoundException: com.tumbleweed.st.client.web.TransferManager
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(ClassLoader.java:356)
at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)
at sun.plugin2.applet.Plugin2Manager.initAppletAdapter(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Thread.java:722)
The reason for that is because the the Java 1.7 plug-in fails to download the applet jar. When enabling trace level 5, you can observe the following log messages in the Java console:
network: Connecting https://10.232.2.230/html/skin/iso1/C/WebClientAppletSigned-1.3.jar with proxy=DIRECT
network: Connecting http://10.232.2.230:443/ with proxy=DIRECT
network: Connecting https://10.232.2.230/html/skin/iso1/C/WebClientAppletSigned-1.3.jar with cookie "stwebclient_home_for_fdx_afngymxko3wx1qf48gzkg2gj2=/; stwebclient_home_for_fdx_1tydecsf8k9g0o11vdthu98w5=/; stwebclient_home_for_fdx_1kr7p6e62ul5hy1u3kqmvrw97=/; stwebclient_home_for_fdx_10x7txa2r20pm1dz113wauwy8w=/; LVDIRSTATE=({selected:"[]",field:"[{name:\"name\"},{name:\"size\",width:120},{name:\"lastModified\",width:120}]",sort:"({fieldName:\"name\",sortDir:true})",open:"[\"/\"]"}); stwebclient_home_for_fdx_ow5194riobbh1mivahgh7rirf=/; stwebclient_home_for_fdx_18q10jnoexu1411kxapxrn34ux=/; stwebclient_home_for_fdx_13qjvqv79rfw31r17v7jzboej1=/; stwebclient_home_for_fdx_19gvzuzk4y9l1aly3lw6kioxd=/; stwebclient_home_for_fdx_1euo191gkr7ruzyfu29ssivr9=/; stwebclient_home_for_fdx_4vxnjsyccgk1kbt4vtc86zza=/; stwebclient_home_for_fdx_1b8ur7i9munt676akc0att3n=/; stwebclient_home_for_fdx_1ihwe2bdqzgfyfq5tanypdz54=/; stwebclient_home_for_fdx_5yjhl4ffe33s1gftyv1gdsz4j=/; stwebclient_home_for_fdx_1gxggfdwgy7eo1qf56pbw7jvpq=/; stwebclient_home_for_fdx_ri1sje97vn84mwz0wfkjt53e=/; stwebclient_home_for_fdx_ws705ckx3l38c154066la1lq=/; stwebclient_home_for_fdx_19fhu1znyn19f1rbxucxnay4r9=/; stwebclient_home_for_fdx_1ddi2e8bax26n1g3clo3we1how=/; stwebclient_home_for_fdx_188vxqaqvh2sqoptcq5wxk2rr=/; stwebclient_home_for_fdx_rgz564617mph160iopxulj7jz=/; stwebclient_home_for_fdx_22lf6xkzh4itpaw0koxuert=/; stwebclient_home_for_fdx_1cw8menlkai57d4yqs1z2uhla=/; stwebclient_home_for_fdx_qr3lufzvkkl811ui1q5cjr9t=/; stwebclient_home_for_fdx_ym9filgoph9s18bbvsn221x0x=/; stwebclient_home_for_fdx_1mimk93h2lsee1hab93czxogbq=/; stwebclient_home_for_fdx_vvs6ciwrjgfp1uh9cqlsteyi6=/; stwebclient_home_for_fdx_1hz70ithmumuevitqf2mvijsc=/; stwebclient_home_for_fdx_18orzn3inzux6d2huty0wr99e=/; stwebclient_home_for_fdx_1shjgzd09oh6l1ugbsyb7s4e2t=/; stwebclient_home_for_fdx_1l2mf2bmx07un1e9sjlycol2t9=/; stwebclient_home_for_fdx_77g9kmkml0fd1ljgok99uucwm=/; stwebclient_home_for_fdx_1f5fu7nxayl6k11rha24g51r1b=/; stwebclient_home_for_fdx_2cgdmfftcp8t1rt3lxrwqoxxp=/; stwebclient_home_for_fdx_1i7x775ta5jfv8en0k37tngss=/; stwebclient_home_for_fdx_1gwwewsx99guklieq8ik63n3e=/; stwebclient_home_for_fdx_1uxcks55ymsyq1vxhqdl9rjzyt=/; FDX=1cglxspfn74pw1ekj50se5l5sc; stwebclient_home_for_fdx_1njr53epql7fs10rmib16cl30s=/; loggedIn=yep; stwebclient_home_for_fdx_1cglxspfn74pw1ekj50se5l5sc=/"
network: Downloading resource: https://10.232.2.230/html/skin/iso1/C/WebClientAppletSigned-1.3.jar
Content-Length: 920,008
Content-Encoding: null
[... the same 4 network messages logged 2 more times and then ...]
network: Connecting https://10.232.2.230/html/skin/iso1/C/com/tumbleweed/st/client/web/TransferManager.class with proxy=DIRECT
network: Connecting http://10.232.2.230:443/ with proxy=DIRECT
network: Connecting https://10.232.2.230/html/skin/iso1/C/com/tumbleweed/st/client/web/TransferManager.class with cookie "stwebclient_home_for_fdx_afngymxko3wx1qf48gzkg2gj2=/; stwebclient_home_for_fdx_1tydecsf8k9g0o11vdthu98w5=/; stwebclient_home_for_fdx_1kr7p6e62ul5hy1u3kqmvrw97=/; stwebclient_home_for_fdx_10x7txa2r20pm1dz113wauwy8w=/; LVDIRSTATE=({selected:"[]",field:"[{name:\"name\"},{name:\"size\",width:120},{name:\"lastModified\",width:120}]",sort:"({fieldName:\"name\",sortDir:true})",open:"[\"/\"]"}); stwebclient_home_for_fdx_ow5194riobbh1mivahgh7rirf=/; stwebclient_home_for_fdx_18q10jnoexu1411kxapxrn34ux=/; stwebclient_home_for_fdx_13qjvqv79rfw31r17v7jzboej1=/; stwebclient_home_for_fdx_19gvzuzk4y9l1aly3lw6kioxd=/; stwebclient_home_for_fdx_1euo191gkr7ruzyfu29ssivr9=/; stwebclient_home_for_fdx_4vxnjsyccgk1kbt4vtc86zza=/; stwebclient_home_for_fdx_1b8ur7i9munt676akc0att3n=/; stwebclient_home_for_fdx_1ihwe2bdqzgfyfq5tanypdz54=/; stwebclient_home_for_fdx_5yjhl4ffe33s1gftyv1gdsz4j=/; stwebclient_home_for_fdx_1gxggfdwgy7eo1qf56pbw7jvpq=/; stwebclient_home_for_fdx_ri1sje97vn84mwz0wfkjt53e=/; stwebclient_home_for_fdx_ws705ckx3l38c154066la1lq=/; stwebclient_home_for_fdx_19fhu1znyn19f1rbxucxnay4r9=/; stwebclient_home_for_fdx_1ddi2e8bax26n1g3clo3we1how=/; stwebclient_home_for_fdx_188vxqaqvh2sqoptcq5wxk2rr=/; stwebclient_home_for_fdx_rgz564617mph160iopxulj7jz=/; stwebclient_home_for_fdx_22lf6xkzh4itpaw0koxuert=/; stwebclient_home_for_fdx_1cw8menlkai57d4yqs1z2uhla=/; stwebclient_home_for_fdx_qr3lufzvkkl811ui1q5cjr9t=/; stwebclient_home_for_fdx_ym9filgoph9s18bbvsn221x0x=/; stwebclient_home_for_fdx_1mimk93h2lsee1hab93czxogbq=/; stwebclient_home_for_fdx_vvs6ciwrjgfp1uh9cqlsteyi6=/; stwebclient_home_for_fdx_1hz70ithmumuevitqf2mvijsc=/; stwebclient_home_for_fdx_18orzn3inzux6d2huty0wr99e=/; stwebclient_home_for_fdx_1shjgzd09oh6l1ugbsyb7s4e2t=/; stwebclient_home_for_fdx_1l2mf2bmx07un1e9sjlycol2t9=/; stwebclient_home_for_fdx_77g9kmkml0fd1ljgok99uucwm=/; stwebclient_home_for_fdx_1f5fu7nxayl6k11rha24g51r1b=/; stwebclient_home_for_fdx_2cgdmfftcp8t1rt3lxrwqoxxp=/; stwebclient_home_for_fdx_1i7x775ta5jfv8en0k37tngss=/; stwebclient_home_for_fdx_1gwwewsx99guklieq8ik63n3e=/; stwebclient_home_for_fdx_1uxcks55ymsyq1vxhqdl9rjzyt=/; FDX=1cglxspfn74pw1ekj50se5l5sc; stwebclient_home_for_fdx_1njr53epql7fs10rmib16cl30s=/; loggedIn=yep; stwebclient_home_for_fdx_1cglxspfn74pw1ekj50se5l5sc=/"
After the 4 unsuccessful attempts to download the applet, the ClassNotFoundException above is thrown.
When debugging the server side, the following behavior is observed:
1. Upon entering the page URL, the HTML page itself is requested from the server (along with some images, etc...)
2. After the browser loads the page and parses the applet tag, the Java plug-in kicks in and tries to download the applet jar from the server.
3. The server receives the request for the applet and tries to send the jar file to the client.
4. When trying to send the applet jar to the client, an IOException is thrown on the server side with "Connection reset by peer" error message.
When enabling SSL debug on the client side, the following messages were seen in the Java console right after the request for the applet jar is sent and before the server has sent its response:
thread applet-com.tumbleweed.st.client.web.TransferManager-5, called close()
thread applet-com.tumbleweed.st.client.web.TransferManager-5, called closeInternal(true)
thread applet-com.tumbleweed.st.client.web.TransferManager-5, SEND TLSv1 ALERT: warning, description = close_notify
which is the probable cause of the "Connection reset by peer" I/O error.
When using the Java 1.6 plug-in for the same page (over HTTPs), the applet jar downloads and starts without any issues. Also, the Java 1.7 plug-in works correctly when the page is viewed over plain HTTP.
Additional info:
The applet is signed with a temporary generated self-signed certficate. The HTTP server also uses a temporary self-signed certificate.
The full trace log along with the SSL debug messages can be found in the Error Messages(s) section.
REGRESSION. Last worked in version 6u29
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1. Configure an HTTP server with SSL connector.
2. Create simple web page loading a simple applet.
3. Open the page over HTTPs with Java plug-in 1.7
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
The applet should download and start normally.
ACTUAL -
The applet can't download and a ClassNotFoundException is thrown.
ERROR MESSAGES/STACK TRACES THAT OCCUR :
Java Plug-in 10.0.0.147
Using JRE version 1.7.0-b147 Java HotSpot(TM) 64-Bit Server VM
User home directory = /home/krasi
----------------------------------------------------
c: clear console window
f: finalize objects on finalization queue
g: garbage collect
h: display this help message
l: dump classloader list
m: print memory usage
o: trigger logging
q: hide console
r: reload policy configuration
s: dump system and deployment properties
t: dump thread list
v: dump thread stack
x: clear classloader cache
0-5: set trace level to <n>
----------------------------------------------------
Dumping class loader cache...
Done.
basic: Added progress listener: sun.plugin.util.ProgressMonitorAdapter@796244fa
network: Connecting https://10.232.2.230/html/skin/iso1/C/WebClientAppletSigned-1.3.jar with proxy=DIRECT
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256
network: Connecting http://10.232.2.230:443/ with proxy=DIRECT
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
thread applet-com.tumbleweed.st.client.web.TransferManager-5, setSoTimeout(0) called
%% Client cached [Session-1, TLS_DHE_RSA_WITH_AES_128_CBC_SHA]
%% Try resuming [Session-1, TLS_DHE_RSA_WITH_AES_128_CBC_SHA] from port 45429
*** ClientHello, TLSv1
RandomCookie: GMT: 1331672111 bytes = { 31, 141, 73, 209, 121, 158, 236, 216, 19, 121, 150, 85, 17, 246, 158, 241, 215, 168, 243, 250, 177, 90, 186, 35, 150, 116, 192, 121 }
Session ID: {79, 96, 175, 93, 55, 57, 72, 18, 145, 191, 17, 150, 205, 26, 244, 219, 113, 132, 219, 167, 184, 21, 80, 115, 85, 147, 168, 222, 22, 146, 208, 124}
Cipher Suites: [TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA]
Compression Methods: { 0 }
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
***
[write] MD5 and SHA1 hashes: len = 181
0000: 01 00 00 B1 03 01 4F 60 B4 2F 1F 8D 49 D1 79 9E ......O`./..I.y.
0010: EC D8 13 79 96 55 11 F6 9E F1 D7 A8 F3 FA B1 5A ...y.U.........Z
0020: BA 23 96 74 C0 79 20 4F 60 AF 5D 37 39 48 12 91 .#.t.y O`.]79H..
0030: BF 11 96 CD 1A F4 DB 71 84 DB A7 B8 15 50 73 55 .......q.....PsU
0040: 93 A8 DE 16 92 D0 7C 00 2A 00 33 C0 04 00 16 00 ........*.3.....
0050: 05 C0 03 C0 11 C0 02 C0 07 C0 13 C0 08 C0 0C 00 ................
0060: FF C0 0D C0 0E C0 09 00 2F C0 12 00 04 00 32 00 ......../.....2.
0070: 13 00 0A 01 00 00 3E 00 0A 00 34 00 32 00 17 00 ......>...4.2...
0080: 01 00 03 00 13 00 15 00 06 00 07 00 09 00 0A 00 ................
0090: 18 00 0B 00 0C 00 19 00 0D 00 0E 00 0F 00 10 00 ................
00A0: 11 00 02 00 12 00 04 00 05 00 14 00 08 00 16 00 ................
00B0: 0B 00 02 01 00 .....
thread applet-com.tumbleweed.st.client.web.TransferManager-5, WRITE: TLSv1 Handshake, length = 181
[Raw write]: length = 186
0000: 16 03 01 00 B5 01 00 00 B1 03 01 4F 60 B4 2F 1F ...........O`./.
0010: 8D 49 D1 79 9E EC D8 13 79 96 55 11 F6 9E F1 D7 .I.y....y.U.....
0020: A8 F3 FA B1 5A BA 23 96 74 C0 79 20 4F 60 AF 5D ....Z.#.t.y O`.]
0030: 37 39 48 12 91 BF 11 96 CD 1A F4 DB 71 84 DB A7 79H.........q...
0040: B8 15 50 73 55 93 A8 DE 16 92
( This report has more than 16,000 characters and has been truncated. )
java -version
java version "1.7.0"
Java(TM) SE Runtime Environment (build 1.7.0-b147)
Java HotSpot(TM) 64-Bit Server VM (build 21.0-b17, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
Linux linux-phqm 3.1.9-1.4-desktop #1 SMP PREEMPT Fri Jan 27 08:55:10 UTC 2012 (efb5ff4) x86_64 x86_64 x86_64 GNU/Linux
Also observed on Windows XP(32 bit)
EXTRA RELEVANT SYSTEM CONFIGURATION :
Browser used: Firefox
Http server: Jetty
A DESCRIPTION OF THE PROBLEM :
Java plug-in 1.7 does not load properly applets over HTTPs. The problem does not seem to occur over plain HTTP.
When trying to load an HTML page containing the following applet definition:
<object width="1" height="1" id="webClientApplet" classid="clsid:CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA">
<param name="code" value="com.xxxxxxxxx.xx.client.web.TransferManager"/>
<param name="codebase" value="/html/skin/iso1/C"/>
<param name="archive" value="WebClientAppletSigned-1.3.jar"/>
<param name="name" value="webClientApplet"/>
<param name="type" value="application/x-java-applet;version=1.5"/>
<param name="scriptable" value="true"/>
<param name="mayscript" value="true"/>
<param name="mode" value="binary"/>
<param name="bgcolor" value="DBE4EA"/>
<param name="loglevel" value="info"/>
<comment>
<embed
type="application/x-java-applet"
code="com.tumbleweed.st.client.web.TransferManager"
codebase="/html/skin/iso1/C"
archive="WebClientAppletSigned-1.3.jar"
name="webClientApplet"
id="webClientApplet"
width="1"
height="1"
mode="binary"
bgcolor="DBE4EA"
scriptable="true"
mayscript="true"
pluginspage = "http://java.sun.com/products/plugin/index.html#download"
loglevel="info" >
</embed>
</comment>
</object>
the following exception is thrown in the Java console:
java.lang.ClassNotFoundException: com.tumbleweed.st.client.web.TransferManager
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(ClassLoader.java:356)
at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)
at sun.plugin2.applet.Plugin2Manager.initAppletAdapter(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Thread.java:722)
The reason for that is because the the Java 1.7 plug-in fails to download the applet jar. When enabling trace level 5, you can observe the following log messages in the Java console:
network: Connecting https://10.232.2.230/html/skin/iso1/C/WebClientAppletSigned-1.3.jar with proxy=DIRECT
network: Connecting http://10.232.2.230:443/ with proxy=DIRECT
network: Connecting https://10.232.2.230/html/skin/iso1/C/WebClientAppletSigned-1.3.jar with cookie "stwebclient_home_for_fdx_afngymxko3wx1qf48gzkg2gj2=/; stwebclient_home_for_fdx_1tydecsf8k9g0o11vdthu98w5=/; stwebclient_home_for_fdx_1kr7p6e62ul5hy1u3kqmvrw97=/; stwebclient_home_for_fdx_10x7txa2r20pm1dz113wauwy8w=/; LVDIRSTATE=({selected:"[]",field:"[{name:\"name\"},{name:\"size\",width:120},{name:\"lastModified\",width:120}]",sort:"({fieldName:\"name\",sortDir:true})",open:"[\"/\"]"}); stwebclient_home_for_fdx_ow5194riobbh1mivahgh7rirf=/; stwebclient_home_for_fdx_18q10jnoexu1411kxapxrn34ux=/; stwebclient_home_for_fdx_13qjvqv79rfw31r17v7jzboej1=/; stwebclient_home_for_fdx_19gvzuzk4y9l1aly3lw6kioxd=/; stwebclient_home_for_fdx_1euo191gkr7ruzyfu29ssivr9=/; stwebclient_home_for_fdx_4vxnjsyccgk1kbt4vtc86zza=/; stwebclient_home_for_fdx_1b8ur7i9munt676akc0att3n=/; stwebclient_home_for_fdx_1ihwe2bdqzgfyfq5tanypdz54=/; stwebclient_home_for_fdx_5yjhl4ffe33s1gftyv1gdsz4j=/; stwebclient_home_for_fdx_1gxggfdwgy7eo1qf56pbw7jvpq=/; stwebclient_home_for_fdx_ri1sje97vn84mwz0wfkjt53e=/; stwebclient_home_for_fdx_ws705ckx3l38c154066la1lq=/; stwebclient_home_for_fdx_19fhu1znyn19f1rbxucxnay4r9=/; stwebclient_home_for_fdx_1ddi2e8bax26n1g3clo3we1how=/; stwebclient_home_for_fdx_188vxqaqvh2sqoptcq5wxk2rr=/; stwebclient_home_for_fdx_rgz564617mph160iopxulj7jz=/; stwebclient_home_for_fdx_22lf6xkzh4itpaw0koxuert=/; stwebclient_home_for_fdx_1cw8menlkai57d4yqs1z2uhla=/; stwebclient_home_for_fdx_qr3lufzvkkl811ui1q5cjr9t=/; stwebclient_home_for_fdx_ym9filgoph9s18bbvsn221x0x=/; stwebclient_home_for_fdx_1mimk93h2lsee1hab93czxogbq=/; stwebclient_home_for_fdx_vvs6ciwrjgfp1uh9cqlsteyi6=/; stwebclient_home_for_fdx_1hz70ithmumuevitqf2mvijsc=/; stwebclient_home_for_fdx_18orzn3inzux6d2huty0wr99e=/; stwebclient_home_for_fdx_1shjgzd09oh6l1ugbsyb7s4e2t=/; stwebclient_home_for_fdx_1l2mf2bmx07un1e9sjlycol2t9=/; stwebclient_home_for_fdx_77g9kmkml0fd1ljgok99uucwm=/; stwebclient_home_for_fdx_1f5fu7nxayl6k11rha24g51r1b=/; stwebclient_home_for_fdx_2cgdmfftcp8t1rt3lxrwqoxxp=/; stwebclient_home_for_fdx_1i7x775ta5jfv8en0k37tngss=/; stwebclient_home_for_fdx_1gwwewsx99guklieq8ik63n3e=/; stwebclient_home_for_fdx_1uxcks55ymsyq1vxhqdl9rjzyt=/; FDX=1cglxspfn74pw1ekj50se5l5sc; stwebclient_home_for_fdx_1njr53epql7fs10rmib16cl30s=/; loggedIn=yep; stwebclient_home_for_fdx_1cglxspfn74pw1ekj50se5l5sc=/"
network: Downloading resource: https://10.232.2.230/html/skin/iso1/C/WebClientAppletSigned-1.3.jar
Content-Length: 920,008
Content-Encoding: null
[... the same 4 network messages logged 2 more times and then ...]
network: Connecting https://10.232.2.230/html/skin/iso1/C/com/tumbleweed/st/client/web/TransferManager.class with proxy=DIRECT
network: Connecting http://10.232.2.230:443/ with proxy=DIRECT
network: Connecting https://10.232.2.230/html/skin/iso1/C/com/tumbleweed/st/client/web/TransferManager.class with cookie "stwebclient_home_for_fdx_afngymxko3wx1qf48gzkg2gj2=/; stwebclient_home_for_fdx_1tydecsf8k9g0o11vdthu98w5=/; stwebclient_home_for_fdx_1kr7p6e62ul5hy1u3kqmvrw97=/; stwebclient_home_for_fdx_10x7txa2r20pm1dz113wauwy8w=/; LVDIRSTATE=({selected:"[]",field:"[{name:\"name\"},{name:\"size\",width:120},{name:\"lastModified\",width:120}]",sort:"({fieldName:\"name\",sortDir:true})",open:"[\"/\"]"}); stwebclient_home_for_fdx_ow5194riobbh1mivahgh7rirf=/; stwebclient_home_for_fdx_18q10jnoexu1411kxapxrn34ux=/; stwebclient_home_for_fdx_13qjvqv79rfw31r17v7jzboej1=/; stwebclient_home_for_fdx_19gvzuzk4y9l1aly3lw6kioxd=/; stwebclient_home_for_fdx_1euo191gkr7ruzyfu29ssivr9=/; stwebclient_home_for_fdx_4vxnjsyccgk1kbt4vtc86zza=/; stwebclient_home_for_fdx_1b8ur7i9munt676akc0att3n=/; stwebclient_home_for_fdx_1ihwe2bdqzgfyfq5tanypdz54=/; stwebclient_home_for_fdx_5yjhl4ffe33s1gftyv1gdsz4j=/; stwebclient_home_for_fdx_1gxggfdwgy7eo1qf56pbw7jvpq=/; stwebclient_home_for_fdx_ri1sje97vn84mwz0wfkjt53e=/; stwebclient_home_for_fdx_ws705ckx3l38c154066la1lq=/; stwebclient_home_for_fdx_19fhu1znyn19f1rbxucxnay4r9=/; stwebclient_home_for_fdx_1ddi2e8bax26n1g3clo3we1how=/; stwebclient_home_for_fdx_188vxqaqvh2sqoptcq5wxk2rr=/; stwebclient_home_for_fdx_rgz564617mph160iopxulj7jz=/; stwebclient_home_for_fdx_22lf6xkzh4itpaw0koxuert=/; stwebclient_home_for_fdx_1cw8menlkai57d4yqs1z2uhla=/; stwebclient_home_for_fdx_qr3lufzvkkl811ui1q5cjr9t=/; stwebclient_home_for_fdx_ym9filgoph9s18bbvsn221x0x=/; stwebclient_home_for_fdx_1mimk93h2lsee1hab93czxogbq=/; stwebclient_home_for_fdx_vvs6ciwrjgfp1uh9cqlsteyi6=/; stwebclient_home_for_fdx_1hz70ithmumuevitqf2mvijsc=/; stwebclient_home_for_fdx_18orzn3inzux6d2huty0wr99e=/; stwebclient_home_for_fdx_1shjgzd09oh6l1ugbsyb7s4e2t=/; stwebclient_home_for_fdx_1l2mf2bmx07un1e9sjlycol2t9=/; stwebclient_home_for_fdx_77g9kmkml0fd1ljgok99uucwm=/; stwebclient_home_for_fdx_1f5fu7nxayl6k11rha24g51r1b=/; stwebclient_home_for_fdx_2cgdmfftcp8t1rt3lxrwqoxxp=/; stwebclient_home_for_fdx_1i7x775ta5jfv8en0k37tngss=/; stwebclient_home_for_fdx_1gwwewsx99guklieq8ik63n3e=/; stwebclient_home_for_fdx_1uxcks55ymsyq1vxhqdl9rjzyt=/; FDX=1cglxspfn74pw1ekj50se5l5sc; stwebclient_home_for_fdx_1njr53epql7fs10rmib16cl30s=/; loggedIn=yep; stwebclient_home_for_fdx_1cglxspfn74pw1ekj50se5l5sc=/"
After the 4 unsuccessful attempts to download the applet, the ClassNotFoundException above is thrown.
When debugging the server side, the following behavior is observed:
1. Upon entering the page URL, the HTML page itself is requested from the server (along with some images, etc...)
2. After the browser loads the page and parses the applet tag, the Java plug-in kicks in and tries to download the applet jar from the server.
3. The server receives the request for the applet and tries to send the jar file to the client.
4. When trying to send the applet jar to the client, an IOException is thrown on the server side with "Connection reset by peer" error message.
When enabling SSL debug on the client side, the following messages were seen in the Java console right after the request for the applet jar is sent and before the server has sent its response:
thread applet-com.tumbleweed.st.client.web.TransferManager-5, called close()
thread applet-com.tumbleweed.st.client.web.TransferManager-5, called closeInternal(true)
thread applet-com.tumbleweed.st.client.web.TransferManager-5, SEND TLSv1 ALERT: warning, description = close_notify
which is the probable cause of the "Connection reset by peer" I/O error.
When using the Java 1.6 plug-in for the same page (over HTTPs), the applet jar downloads and starts without any issues. Also, the Java 1.7 plug-in works correctly when the page is viewed over plain HTTP.
Additional info:
The applet is signed with a temporary generated self-signed certficate. The HTTP server also uses a temporary self-signed certificate.
The full trace log along with the SSL debug messages can be found in the Error Messages(s) section.
REGRESSION. Last worked in version 6u29
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1. Configure an HTTP server with SSL connector.
2. Create simple web page loading a simple applet.
3. Open the page over HTTPs with Java plug-in 1.7
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
The applet should download and start normally.
ACTUAL -
The applet can't download and a ClassNotFoundException is thrown.
ERROR MESSAGES/STACK TRACES THAT OCCUR :
Java Plug-in 10.0.0.147
Using JRE version 1.7.0-b147 Java HotSpot(TM) 64-Bit Server VM
User home directory = /home/krasi
----------------------------------------------------
c: clear console window
f: finalize objects on finalization queue
g: garbage collect
h: display this help message
l: dump classloader list
m: print memory usage
o: trigger logging
q: hide console
r: reload policy configuration
s: dump system and deployment properties
t: dump thread list
v: dump thread stack
x: clear classloader cache
0-5: set trace level to <n>
----------------------------------------------------
Dumping class loader cache...
Done.
basic: Added progress listener: sun.plugin.util.ProgressMonitorAdapter@796244fa
network: Connecting https://10.232.2.230/html/skin/iso1/C/WebClientAppletSigned-1.3.jar with proxy=DIRECT
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256
network: Connecting http://10.232.2.230:443/ with proxy=DIRECT
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
thread applet-com.tumbleweed.st.client.web.TransferManager-5, setSoTimeout(0) called
%% Client cached [Session-1, TLS_DHE_RSA_WITH_AES_128_CBC_SHA]
%% Try resuming [Session-1, TLS_DHE_RSA_WITH_AES_128_CBC_SHA] from port 45429
*** ClientHello, TLSv1
RandomCookie: GMT: 1331672111 bytes = { 31, 141, 73, 209, 121, 158, 236, 216, 19, 121, 150, 85, 17, 246, 158, 241, 215, 168, 243, 250, 177, 90, 186, 35, 150, 116, 192, 121 }
Session ID: {79, 96, 175, 93, 55, 57, 72, 18, 145, 191, 17, 150, 205, 26, 244, 219, 113, 132, 219, 167, 184, 21, 80, 115, 85, 147, 168, 222, 22, 146, 208, 124}
Cipher Suites: [TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA]
Compression Methods: { 0 }
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
***
[write] MD5 and SHA1 hashes: len = 181
0000: 01 00 00 B1 03 01 4F 60 B4 2F 1F 8D 49 D1 79 9E ......O`./..I.y.
0010: EC D8 13 79 96 55 11 F6 9E F1 D7 A8 F3 FA B1 5A ...y.U.........Z
0020: BA 23 96 74 C0 79 20 4F 60 AF 5D 37 39 48 12 91 .#.t.y O`.]79H..
0030: BF 11 96 CD 1A F4 DB 71 84 DB A7 B8 15 50 73 55 .......q.....PsU
0040: 93 A8 DE 16 92 D0 7C 00 2A 00 33 C0 04 00 16 00 ........*.3.....
0050: 05 C0 03 C0 11 C0 02 C0 07 C0 13 C0 08 C0 0C 00 ................
0060: FF C0 0D C0 0E C0 09 00 2F C0 12 00 04 00 32 00 ......../.....2.
0070: 13 00 0A 01 00 00 3E 00 0A 00 34 00 32 00 17 00 ......>...4.2...
0080: 01 00 03 00 13 00 15 00 06 00 07 00 09 00 0A 00 ................
0090: 18 00 0B 00 0C 00 19 00 0D 00 0E 00 0F 00 10 00 ................
00A0: 11 00 02 00 12 00 04 00 05 00 14 00 08 00 16 00 ................
00B0: 0B 00 02 01 00 .....
thread applet-com.tumbleweed.st.client.web.TransferManager-5, WRITE: TLSv1 Handshake, length = 181
[Raw write]: length = 186
0000: 16 03 01 00 B5 01 00 00 B1 03 01 4F 60 B4 2F 1F ...........O`./.
0010: 8D 49 D1 79 9E EC D8 13 79 96 55 11 F6 9E F1 D7 .I.y....y.U.....
0020: A8 F3 FA B1 5A BA 23 96 74 C0 79 20 4F 60 AF 5D ....Z.#.t.y O`.]
0030: 37 39 48 12 91 BF 11 96 CD 1A F4 DB 71 84 DB A7 79H.........q...
0040: B8 15 50 73 55 93 A8 DE 16 92
( This report has more than 16,000 characters and has been truncated. )