Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-4972255

HttpsURLConnection.getLocalPrincipal returns null for certificate-based suite

    Details

    • Type: Bug
    • Status: Closed
    • Priority: P3
    • Resolution: Not an Issue
    • Affects Version/s: 5.0
    • Fix Version/s: None
    • Component/s: security-libs
    • Labels:

      Description



      Name: mtR10145 Date: 12/23/2003

      The spec of HttpsURLConnection.getServerCertificates
      states:
      ...using it with non-certificate-based cipher suites, such as Kerberos, will throw an SSLPeerUnverifiedException.

      and HttpsURLConnection.getLocalPrincipal javadoc reads:
      ...return null for non-certificate based ciphersuites, such as Kerberos.

      However, the code below illustrates that dispite of
      SSLPeerUnverifiedException is not thrown by getServerCertificates
      (according to the spec, apparently certificate-based suite is used),
      getLocalPrincipal unexpectedly returns null. Since null output is
      allowed only for non-certificate based ciphersuites, this behavior is
      incorrect (whether javadoc or implementation should be updated).
      =================== Test22.java ======================
      import javax.net.ssl.*;
      import java.net.*;
      import java.security.cert.Certificate;
      import java.io.IOException;

      public class Test22 {

          public static void main(String argv[]) {
              HttpsURLConnection connection = null;
              URL url = null;
              InetAddress address = null;

              try {
                  address = InetAddress.getByName("proxy");
              } catch (UnknownHostException e) {
                  System.out.println("Unexpected: " + e);
              }
              InetSocketAddress isa = new InetSocketAddress(address, 3128);
              Proxy proxy = new Proxy(Proxy.Type.HTTP, isa);
          
              try {
                  connection = (HttpsURLConnection) new URL("https://www.sun.com").openConnection(proxy);
                  connection.connect();
                  System.out.println("Connected...");
              } catch(SecurityException se) {
                  System.out.println("Unexpected: " + se);
              } catch(java.io.IOException ioe) {
                  System.out.println("Unexpected: " + ioe);
              }

              try {
                  Certificate[] servCert = connection.getServerCertificates();

                  if (connection.getLocalPrincipal() == null)
                      System.out.println("Unexpected behavior: getServerCertificates didn't trow SSLPUE, " +
                                  "but getLocalPrincipal unexpectedly returned null.");
                  
              } catch (SSLPeerUnverifiedException e) {
                  System.out.println("Thrown: " + e);
              }

          }
      }
      ============== Test output with JSE 1.5.0-beta-b32 ==========
      Connected...
      Unexpected behavior: getServerCertificates didn't trow SSLPUE, but getLocalPrincipal unexpectedly returned null.
      ======================================================================

        Attachments

          Activity

            People

            • Assignee:
              smalkanisunw Seema Malkani (Inactive)
              Reporter:
              cmssunw Cms Cms (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Imported:
                Indexed: