harmony-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Michael Simpson (JIRA)" <j...@apache.org>
Subject [jira] Commented: (HARMONY-5751) Ant's get task fails against https sites.
Date Wed, 02 Jun 2010 17:23:36 GMT

    [ https://issues.apache.org/jira/browse/HARMONY-5751?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12874677#action_12874677
] 

Michael Simpson commented on HARMONY-5751:
------------------------------------------

I had the same issue with a self-signed certificate and I have a work-around. Use the following
Java class to turn off all SSL errors in the running ANT JVM. Use the java task to call the
class. 

    <!--  This is required to allow ANT GET task to ignore HTTP SSL Errors from Hudson's
self-signed-cert -->
    <target name="set-ssl-trust" description="Ignore HTTP SSL Errors">
        <java classname="SSLUtils"
              failonerror="true"
              fork="false">
            <classpath>
                <pathelement location="${compile.output.dir}"/>
            </classpath>
        </java>
    </target>




import javax.net.ssl.*;
import java.security.GeneralSecurityException;
import java.security.cert.X509Certificate;

public class SSLUtils {

    public static void main(final String[] args) throws GeneralSecurityException {
        trustAllSslCertificates();
    }

    /**
     * Make the application ignore all SSL Certification problems
     * @throws java.security.GeneralSecurityException (should not occur)
     */
    public static void trustAllSslCertificates() throws GeneralSecurityException {
        // Create a trust manager that does not validate certificate chains like the default
TrustManager
        final TrustManager[] trustAllCerts = new TrustManager[]{
                new X509TrustManager() {
                    public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                        return null;
                    }

                    public void checkClientTrusted(final X509Certificate[] certs, final String
authType) {
                        //No need to implement.
                    }

                    public void checkServerTrusted(final X509Certificate[] certs, final String
authType) {
                        //No need to implement.
                    }
                }
        };

        final SSLContext sc = SSLContext.getInstance("SSL");
        sc.init(null, trustAllCerts, new java.security.SecureRandom());
        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());

        // Do not validate the certificates hostname, avoiding exceptions for "HTTPS hostname
wrong"
        HttpsURLConnection.setDefaultHostnameVerifier(
                new HostnameVerifier() {
                    public boolean verify(final String s, final SSLSession sslSession) {
                        return true;
                    }
                }
        );
    }

}


> Ant's get task fails against https sites.
> -----------------------------------------
>
>                 Key: HARMONY-5751
>                 URL: https://issues.apache.org/jira/browse/HARMONY-5751
>             Project: Harmony
>          Issue Type: Bug
>          Components: Classlib
>            Reporter: Davanum Srinivas
>
> ============== build.xml ================
> <?xml version="1.0"?>
> <project name="xjc" default="get-libs">
>     <target name="get-libs">
>         <mkdir dir="${basedir}/lib"/>
>         <get dest="${basedir}/lib/activation-1.1.jar" src="https://maven-repository.dev.java.net/nonav/repository/javax.activation/jars/activation-1.1.jar"/>
>     </target>
> </project>
> ============== Stack Trace ==============
> [dims@dims-desktop test]$ant -verbose
> Apache Ant version 1.7.0 compiled on December 13 2006
> Buildfile: build.xml
> Detected Java version: 1.5 in: /home/dims/harmony/target/hdk/jdk/jre
> Detected OS: Linux
> parsing buildfile /home/dims/harmony/test/build.xml with URI = file:/home/dims/harmony/test/build.xml
> Project base dir set to: /home/dims/harmony/test
> Build sequence for target(s) `get-libs' is [get-libs]
> Complete build sequence is [get-libs, ]
> get-libs:
> [antlib:org.apache.tools.ant] Could not load definitions from resource org/apache/tools/ant/antlib.xml.
It could not be found.
>     [mkdir] Skipping /home/dims/harmony/test/lib because it already exists.
>       [get] Getting: https://maven-repository.dev.java.net/nonav/repository/javax.activation/jars/activation-1.1.jar
>       [get] To: /home/dims/harmony/test/lib/activation-1.1.jar
>       [get] Error getting https://maven-repository.dev.java.net/nonav/repository/javax.activation/jars/activation-1.1.jar
to /home/dims/harmony/test/lib/activation-1.1.jar
> BUILD FAILED
> /home/dims/harmony/test/build.xml:5: javax.net.ssl.SSLException: Not trusted server certificate
>         at org.apache.tools.ant.taskdefs.Get.execute(Get.java:80)
>         at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:288)
>         at java.lang.reflect.VMReflection.invokeMethod(VMReflection.java)
>         at java.lang.reflect.Method.invoke(Method.java:317)
>         at org.apache.tools.ant.dispatch.DispatchUtils.execute(DispatchUtils.java:105)
>         at org.apache.tools.ant.Task.perform(Task.java:348)
>         at org.apache.tools.ant.Target.execute(Target.java:357)
>         at org.apache.tools.ant.Target.performTasks(Target.java:385)
>         at org.apache.tools.ant.Project.executeSortedTargets(Project.java:1329)
>         at org.apache.tools.ant.Project.executeTarget(Project.java:1298)
>         at org.apache.tools.ant.helper.DefaultExecutor.executeTargets(DefaultExecutor.java:41)
>         at org.apache.tools.ant.Project.executeTargets(Project.java:1181)
>         at org.apache.tools.ant.Main.runBuild(Main.java:698)
>         at org.apache.tools.ant.Main.startAnt(Main.java:199)
>         at org.apache.tools.ant.launch.Launcher.run(Launcher.java:257)
>         at org.apache.tools.ant.launch.Launcher.main(Launcher.java:104)
> Caused by: javax.net.ssl.SSLException: Not trusted server certificate
>         at org.apache.harmony.xnet.provider.jsse.HandshakeProtocol.fatalAlert(HandshakeProtocol.java:324)
>         at org.apache.harmony.xnet.provider.jsse.ClientHandshakeImpl.verifyServerCert(ClientHandshakeImpl.java:580)
>         at org.apache.harmony.xnet.provider.jsse.ClientHandshakeImpl.processServerHelloDone(ClientHandshakeImpl.java:378)
>         at org.apache.harmony.xnet.provider.jsse.ClientHandshakeImpl.unwrap(ClientHandshakeImpl.java:295)
>         at org.apache.harmony.xnet.provider.jsse.SSLRecordProtocol.unwrap(SSLRecordProtocol.java:419)
>         at org.apache.harmony.xnet.provider.jsse.SSLSocketImpl.doHandshake(SSLSocketImpl.java:719)
>         at org.apache.harmony.xnet.provider.jsse.SSLSocketImpl.startHandshake(SSLSocketImpl.java:438)
>         at org.apache.harmony.luni.internal.net.www.protocol.http.HttpConnection.getSecureSocket(HttpConnection.java:168)
>         at org.apache.harmony.luni.internal.net.www.protocol.https.HttpsURLConnection$HttpsEngine.connect(HttpsURLConnection.java:398)
>         at org.apache.harmony.luni.internal.net.www.protocol.https.HttpsURLConnection.connect(HttpsURLConnection.java:146)
>         at org.apache.tools.ant.taskdefs.Get.doGet(Get.java:158)
>         at org.apache.tools.ant.taskdefs.Get.execute(Get.java:76)
>         at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:288)
>         ... 14 more
> Caused by: java.security.cert.CertificateException: java.security.InvalidAlgorithmParameterException:
the trust anchors set is empty
>         at org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:121)
>         at org.apache.harmony.xnet.provider.jsse.ClientHandshakeImpl.verifyServerCert(ClientHandshakeImpl.java:577)
>         at org.apache.harmony.xnet.provider.jsse.ClientHandshakeImpl.processServerHelloDone(ClientHandshakeImpl.java:378)
>         ... 24 more
> Caused by: java.security.InvalidAlgorithmParameterException: the trust anchors set is
empty
>         at java.security.cert.PKIXParameters.checkTrustAnchors(PKIXParameters.java:481)
>         at java.security.cert.PKIXParameters.<init>(PKIXParameters.java:80)
>         at org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.<init>(TrustManagerImpl.java:80)
>         at org.apache.harmony.xnet.provider.jsse.TrustManagerFactoryImpl.engineGetTrustManagers(TrustManagerFactoryImpl.java:124)
>         at javax.net.ssl.TrustManagerFactory.getTrustManagers(TrustManagerFactory.java:168)
>         at org.apache.harmony.xnet.provider.jsse.SSLParameters.<init>(SSLParameters.java:152)
>         at org.apache.harmony.xnet.provider.jsse.SSLParameters.getDefault(SSLParameters.java:193)
>         at org.apache.harmony.xnet.provider.jsse.SSLSocketFactoryImpl.<init>(SSLSocketFactoryImpl.java:49)
>         at java.lang.reflect.VMReflection.newClassInstance(VMReflection.java)
>         at java.lang.reflect.Constructor.newInstance(Constructor.java:283)
>         at java.lang.Class.newInstance(Class.java:702)
>         at javax.net.ssl.SSLSocketFactory$1.run(SSLSocketFactory.java:62)
>         at java.security.AccessController.doPrivilegedImpl(AccessController.java:171)
>         at java.security.AccessController.doPrivileged(AccessController.java:53)
>         at javax.net.ssl.SSLSocketFactory.getDefault(SSLSocketFactory.java:53)
>         at javax.net.ssl.HttpsURLConnection.<clinit>(HttpsURLConnection.java:39)
>         at org.apache.harmony.luni.internal.net.www.protocol.https.Handler.openConnection(Handler.java:35)
>         at java.net.URL.openConnection(URL.java:683)
>         at org.apache.tools.ant.taskdefs.Get.doGet(Get.java:138)
>         at org.apache.tools.ant.taskdefs.Get.execute(Get.java:76)
>         ... 15 more
> --- Nested Exception ---
> javax.net.ssl.SSLException: Not trusted server certificate
>         at org.apache.harmony.xnet.provider.jsse.HandshakeProtocol.fatalAlert(HandshakeProtocol.java:324)
>         at org.apache.harmony.xnet.provider.jsse.ClientHandshakeImpl.verifyServerCert(ClientHandshakeImpl.java:580)
>         at org.apache.harmony.xnet.provider.jsse.ClientHandshakeImpl.processServerHelloDone(ClientHandshakeImpl.java:378)
>         at org.apache.harmony.xnet.provider.jsse.ClientHandshakeImpl.unwrap(ClientHandshakeImpl.java:295)
>         at org.apache.harmony.xnet.provider.jsse.SSLRecordProtocol.unwrap(SSLRecordProtocol.java:419)
>         at org.apache.harmony.xnet.provider.jsse.SSLSocketImpl.doHandshake(SSLSocketImpl.java:719)
>         at org.apache.harmony.xnet.provider.jsse.SSLSocketImpl.startHandshake(SSLSocketImpl.java:438)
>         at org.apache.harmony.luni.internal.net.www.protocol.http.HttpConnection.getSecureSocket(HttpConnection.java:168)
>         at org.apache.harmony.luni.internal.net.www.protocol.https.HttpsURLConnection$HttpsEngine.connect(HttpsURLConnection.java:398)
>         at org.apache.harmony.luni.internal.net.www.protocol.https.HttpsURLConnection.connect(HttpsURLConnection.java:146)
>         at org.apache.tools.ant.taskdefs.Get.doGet(Get.java:158)
>         at org.apache.tools.ant.taskdefs.Get.execute(Get.java:76)
>         at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:288)
>         at java.lang.reflect.VMReflection.invokeMethod(VMReflection.java)
>         at java.lang.reflect.Method.invoke(Method.java:317)
>         at org.apache.tools.ant.dispatch.DispatchUtils.execute(DispatchUtils.java:105)
>         at org.apache.tools.ant.Task.perform(Task.java:348)
>         at org.apache.tools.ant.Target.execute(Target.java:357)
>         at org.apache.tools.ant.Target.performTasks(Target.java:385)
>         at org.apache.tools.ant.Project.executeSortedTargets(Project.java:1329)
>         at org.apache.tools.ant.Project.executeTarget(Project.java:1298)
>         at org.apache.tools.ant.helper.DefaultExecutor.executeTargets(DefaultExecutor.java:41)
>         at org.apache.tools.ant.Project.executeTargets(Project.java:1181)
>         at org.apache.tools.ant.Main.runBuild(Main.java:698)
>         at org.apache.tools.ant.Main.startAnt(Main.java:199)
>         at org.apache.tools.ant.launch.Launcher.run(Launcher.java:257)
>         at org.apache.tools.ant.launch.Launcher.main(Launcher.java:104)
> Caused by: java.security.cert.CertificateException: java.security.InvalidAlgorithmParameterException:
the trust anchors set is empty
>         at org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:121)
>         at org.apache.harmony.xnet.provider.jsse.ClientHandshakeImpl.verifyServerCert(ClientHandshakeImpl.java:577)
>         at org.apache.harmony.xnet.provider.jsse.ClientHandshakeImpl.processServerHelloDone(ClientHandshakeImpl.java:378)
>         ... 24 more
> Caused by: java.security.InvalidAlgorithmParameterException: the trust anchors set is
empty
>         at java.security.cert.PKIXParameters.checkTrustAnchors(PKIXParameters.java:481)
>         at java.security.cert.PKIXParameters.<init>(PKIXParameters.java:80)
>         at org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.<init>(TrustManagerImpl.java:80)
>         at org.apache.harmony.xnet.provider.jsse.TrustManagerFactoryImpl.engineGetTrustManagers(TrustManagerFactoryImpl.java:124)
>         at javax.net.ssl.TrustManagerFactory.getTrustManagers(TrustManagerFactory.java:168)
>         at org.apache.harmony.xnet.provider.jsse.SSLParameters.<init>(SSLParameters.java:152)
>         at org.apache.harmony.xnet.provider.jsse.SSLParameters.getDefault(SSLParameters.java:193)
>         at org.apache.harmony.xnet.provider.jsse.SSLSocketFactoryImpl.<init>(SSLSocketFactoryImpl.java:49)
>         at java.lang.reflect.VMReflection.newClassInstance(VMReflection.java)
>         at java.lang.reflect.Constructor.newInstance(Constructor.java:283)
>         at java.lang.Class.newInstance(Class.java:702)
>         at javax.net.ssl.SSLSocketFactory$1.run(SSLSocketFactory.java:62)
>         at java.security.AccessController.doPrivilegedImpl(AccessController.java:171)
>         at java.security.AccessController.doPrivileged(AccessController.java:53)
>         at javax.net.ssl.SSLSocketFactory.getDefault(SSLSocketFactory.java:53)
>         at javax.net.ssl.HttpsURLConnection.<clinit>(HttpsURLConnection.java:39)
>         at org.apache.harmony.luni.internal.net.www.protocol.https.Handler.openConnection(Handler.java:35)
>         at java.net.URL.openConnection(URL.java:683)
>         at org.apache.tools.ant.taskdefs.Get.doGet(Get.java:138)
>         at org.apache.tools.ant.taskdefs.Get.execute(Get.java:76)
>         ... 15 more
> Total time: 1 second

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message