[rfc][icedtea-web] https probing
Jiri Vanek
jvanek at redhat.com
Tue Aug 26 11:02:55 UTC 2014
On 08/26/2014 12:29 PM, helpcrypto helpcrypto wrote:
> Ok, heres what I have done:
>
> -get src from https://bugzilla.redhat.com/show_bug.cgi?id=1089130#c1, patch, build and run
>
> this is what the console says:
>
>
> at java.lang.Thread.run(Thread.java:745)
> at
> net.sourceforge.jnlp.security.SecurityDialogMessageHandler.run(SecurityDialogMessageHandler.java:81)
> at
> net.sourceforge.jnlp.security.SecurityDialogMessageHandler.handleMessage(SecurityDialogMessageHandler.java:102)
>
> at net.sourceforge.jnlp.security.SecurityDialog. (SecurityDialog.java:129)
> at net.sourceforge.jnlp.security.SecurityDialog.initDialog(SecurityDialog.java:255)
> at net.sourceforge.jnlp.security.SecurityDialog.installPanel(SecurityDialog.java:307)
> at net.sourceforge.jnlp.security.dialogs.CertWarningPane. (CertWarningPane.java:116)
> at net.sourceforge.jnlp.security.dialogs.CertWarningPane.addComponents(CertWarningPane.java:124)
> at net.sourceforge.jnlp.security.dialogs.CertWarningPane.addButtons(CertWarningPane.java:238)
> at net.sourceforge.jnlp.security.dialogs.TemporaryPermissionsButton.
> (TemporaryPermissionsButton.java:79)
> at java.util.Objects.requireNonNull(Objects.java:201)
> Exception in thread "NetxSecurityThread" java.lang.NullPointerException
Looking to this,
http://icedtea.classpath.org/hg/icedtea-web/file/b4363c984e1b/netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissionsButton.java#l79
=>
http://icedtea.classpath.org/hg/icedtea-web/annotate/d87ee4e6e81a/netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissionsButton.java#78
looks like bug unrelated to the https patch itrself. Looks like bug in head :( blame==Lukas and
Andrew :)
Are you willing to try the https path on older itw?
eg: http://icedtea.classpath.org/hg/icedtea-web/rev/ea0ccfeeed06
But the file itself (except above changeset) is in 1.5 anyway....
J.
> plugin_in_pipe_callback return
> plugin_send_message_to_appletviewer return
...snip...
> 2: /run/user/1000/icedteaplugin-user-ZCicv3/20191-icedteanp-plugin-debug-to-appletviewer
> 1: /run/user/1000/icedteaplugin-user-ZCicv3/20191-icedteanp-appletviewer-to-plugin
> 0: /run/user/1000/icedteaplugin-user-ZCicv3/20191-icedteanp-plugin-to-appletviewer
> startup arguments:
>
>
> This normally works.
> Is this what you are looking for?
No. If it was working, then it should work also now. Is it working with that revision without the
patch? /me guess yes:((
>
>
>
>
> On Tue, Aug 26, 2014 at 11:27 AM, helpcrypto helpcrypto <helpcrypto at gmail.com
> <mailto:helpcrypto at gmail.com>> wrote:
>
> On Tue, Aug 26, 2014 at 10:27 AM, Jacob Wisor <gitne at gmx.de <mailto:gitne at gmx.de>> wrote:
>
> On 08/26/2014 09:28 AM, helpcrypto helpcrypto wrote:
>
> I have some legacy servers here at work, which are having trouble with Oracle
> Java 8 (with TLS1.1/2.0 enabled by default).
>
>
> Are those servers publicly accessible? If so I could use them for testing too, well at least
> after Jiri has applied basic fixes to his patch.
>
> You know, it is quite difficult to find insecure SSL 2.0 servers to setup today, mostly
> because they have been replaced by secure servers.
>
> Some of them are. Dont know if those are affected.
> I'll let you know.
>
> Anyhow, even if those servers are on the internet only you really should update them to
> support SSL 3.0 or later. ;-)
>
>
> Is there any chance this issue is somewhat related to this? (i havent tested
> this on Icedtea)
>
> Will it help you if I test something? (Perhaps I'm able to reproduce something)
>
>
> Oh certainly, the more testers the better! ;-) So, testers are always welcome.
>
> Jacob
>
> Going to try https://bugzilla.redhat.com/show_bug.cgi?id=1089130#c16 with our applet.
>
>
More information about the distro-pkg-dev
mailing list