Bug 677772
| Summary: | NoSuchAlgorithmException using SSL/TLS in javaws | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Robert Marcano <robert> |
| Component: | java-1.6.0-openjdk | Assignee: | Omair Majid <omajid> |
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | high | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 14 | CC: | ahughes, dbhole, jvanek, langel, lkundrak, mjw, mmatejov, omajid, ptisnovs |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | icedtea-web-1.0.2-2.fc15 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2011-04-05 21:40:56 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Robert Marcano
2011-02-15 19:36:28 UTC
Correction, "desktop icon of the application" We need to know which algorithm is being requested. It may be elliptic curve cryptography which can't be shipped in Fedora due to possible patent issues. (In reply to comment #2) > We need to know which algorithm is being requested. It may be elliptic curve > cryptography which can't be shipped in Fedora due to possible patent issues. I am sure it is not related to patents, let me detail more: the following fails (after granting access to my self signed certificate): javaws http://marcanoonline.com/downloads/fedora/bugs/javaws_ssl/test.jnlp the following works: javaws -nosecurity http://marcanoonline.com/downloads/fedora/bugs/javaws_ssl/test.jnlp the sample code only do this: new URL("https://www.redhat.com/").getContent(); a simple HTTPS request, no fancy crypto. I think the bugs is related to the latest changes to netx and must be a classloader problem when the security manager is active (see above, with option -nosecurity works) Sample is at http://www.marcanoonline.com/downloads/fedora/bugs/javaws_ssl/src/com/example/BugTestcase.java, example provided as a binary in order to be able to sign it and grant all permissions (In reply to comment #2) > We need to know which algorithm is being requested. It may be elliptic curve > cryptography which can't be shipped in Fedora due to possible patent issues. it's SHA1withDSA, at least for IcedTea6-1.7.5 There was a similar bug a while back: https://bugzilla.redhat.com/show_bug.cgi?id=524387. I have a potential fix; let me check first with Deepak if it makes sense to him. Fixed upstream: http://icedtea.classpath.org/hg/icedtea-web/rev/11a9a305dd44 icedtea-web-1.0.2-2.fc15 has been submitted as an update for Fedora 15. https://admin.fedoraproject.org/updates/icedtea-web-1.0.2-2.fc15 icedtea-web-1.0.2-2.fc15 has been pushed to the Fedora 15 stable repository. If problems still persist, please make note of it in this bug report. No plans to update Fedora 14? this is an awful bug that kills all the advantages of distribute Java applications using JNLP. adding the need to define a local icon with command line arguments to bypass the sandbox, even if the app does not requires full privileges |