[jbosstools-issues] [JBoss JIRA] (JBIDE-17284) OpenJDK seem to have issues with SSL/TLS handshakes when using URLConnection

Snjezana Peco (JIRA) issues at jboss.org
Fri Jun 13 08:04:38 EDT 2014 

    [ https://issues.jboss.org/browse/JBIDE-17284?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12975978#comment-12975978 ] 

Snjezana Peco commented on JBIDE-17284:
---------------------------------------

{quote}
 I don't think the problem is manifested when using VPE, but instead when JBDS tries to establish a TLS connection.
{quote}

Does it mean the issue happens only in JBDS when JVM loads both of the libraries?
If a TLS connection works fine without JBDS, we could add the LD_LIBRARY_PATH option when starting JBDS.

{quote}
Is it possible for JBDS to not bundle these native libraries and instead rely on the underlying linux installation libraries (which are updated)? RHEL 6 includes a xulrunner package that provides:
{quote}

JBDS includes its own XULRunner because we have had a lot of issues with the OS's XULRunner.
Firefox and Thunderbird also have their own NSS libraries.

{quote}
This removes each .so and .chk (checksum files for NSS shared libs) file from the jbdevstudio installation if it is already installed by RHEL in either /lib64 or /usr/lib64.
{quote}

Could you check if the VPE editor works?
Anyway, this isn't a solution because maybe the VPE editor won't work on every distribution.

> OpenJDK seem to have issues with SSL/TLS handshakes when using URLConnection
> ----------------------------------------------------------------------------
>
>                 Key: JBIDE-17284
>                 URL: https://issues.jboss.org/browse/JBIDE-17284
>             Project: Tools (JBoss Tools)
>          Issue Type: Bug
>          Components: common/jst/core, openshift, upstream
>            Reporter: Max Rydahl Andersen
>            Assignee: Snjezana Peco
>            Priority: Critical
>             Fix For: 4.2.0.Beta3
>
>
> We've received multiple reports about instant crashes of users running JBoss Tools and Developer Studio.
> The common issue is that it happens when they use OpenJDK vm, not Oracle.
> The crash log normally contains something similar to:
> Java frames: (J=compiled Java code, j=interpreted, Vv=VM code)
> j  sun.security.pkcs11.wrapper.PKCS11.C_CreateObject(J[Lsun/security/pkcs11/wrapper/CK_ATTRIBUTE;)J+0
> j  sun.security.pkcs11.P11ECKeyFactory.generatePublic(Ljava/security/spec/ECPoint;Ljava/security/spec/ECParameterSpec;)Ljava/security/PublicKey;+170
> j  sun.security.pkcs11.P11ECKeyFactory.engineGeneratePublic(Ljava/security/spec/KeySpec;)Ljava/security/PublicKey;+80
> j  java.security.KeyFactory.generatePublic(Ljava/security/spec/KeySpec;)Ljava/security/PublicKey;+25
> j  sun.security.ssl.HandshakeMessage$ECDH_ServerKeyExchange.<init>(Lsun/security/ssl/HandshakeInStream;Ljava/security/PublicKey;[B[BLjava/util/Collection;Lsun/security/ssl/ProtocolVersion;)V+228
> Opening this bug to collect and use a key issue for hunting down the cause.
> Note: This issue is *not* specific to JBoss Tools as far as I can see, but it does affect us since we lookup a file located behind https url at key times which seem to trigger the crash.



--
This message was sent by Atlassian JIRA
(v6.2.6#6264)

More information about the jbosstools-issues mailing list