[#1011095] SSLSocketFactory throws IOException on Linux

View Trackers | Bugs | Download .csv | Monitor

Date:
2011-09-24 06:51
Priority:
3
State:
Open
Submitted by:
chris vorarlberger (vorarlberger)
Assigned to:
Nobody (None)
Category:
PL/Java
Group:
Summary:
SSLSocketFactory throws IOException on Linux

Detailed description
With reference to this thread, I would like to file a bug: http://postgresql.1045698.n5.nabble.com/Strange-error-on-linux-but-not-on-windows-td4818296.html

To reproduce the issue please compile this small java code:
package net.sourceforge.pgbsh;

import java.io.*;
import javax.net.ssl.*;

public class Test {
public static boolean testSSL() throws IOException {
int port = 443;
String hostName = "www.sun.com" ;

SSLSocketFactory sslFact = (SSLSocketFactory) SSLSocketFactory.getDefault ();
SSLSocket socket = (SSLSocket) sslFact.createSocket(hostName, port);
InputStream in = socket . getInputStream ();
OutputStream out = socket . getOutputStream ();

// la la la ...

in.close ();
out.close ();

return true;
}

public static void main(String[] args) throws IOException {
boolean useless = testSSL();
}
}

And create the corresponding SQL function:
CREATE OR REPLACE FUNCTION test_ssl()
RETURNS boolean
AS 'net.sourceforge.pgbsh.Test.testSSL'
LANGUAGE javau;


If you want to execute the sql code on a linux host, you will catch an IOException:

postgres@ubuntu:~$ psql -Upostgres -c "select test_SSL();"
ERROR: java.io.IOException


But you can successfully execute the sql on windows:

D:\> psql -Upostgres -c "select test_SSL();"
test_ssl
----------
t
(1 Zeile)


Finally, you can also successfully execute from a standard linux console:

postgres@ubuntu:~/pgnetted/pgnetted-svn/PgNetted/PgBsh$ java -cp "lib/bsh-2.1b2.jar:lib/pljava.jar:lib/postgresql-8.4-702.jdbc4.jar:pgbsh.jar" net.sourceforge.pgbsh.Test
postgres@ubuntu:~/pgnetted/pgnetted-svn/PgNetted/PgBsh$


So there must be a security constraint somewhere on linux. Could you please provide a fix or a workaround.

Followup

Message
Date: 2012-03-30 17:51
Sender: Johann Oskarsson

Proposed fix in CVS commit

src/java/pljava/org/postgresql/pljava/internal/Backend.java 1.18
Date: 2011-11-13 14:31
Sender: Johann Oskarsson

Thank you for the test case.

This is very likely the same issue as 1010737:

http://pgfoundry.org/tracker/index.php?func=detail&aid=1010737&group_id=1000038&atid=335

When you look at

http://www.java2s.com/Open-Source/Java-Document/6.0-JDK-Platform/solaris/sun/security/provider/NativePRNG.java.htm

you see that it's trying to open /dev/random and /dev/urandom as privileged actions.

I'll investigate this further in the near future.

Attached Files:

Changes:

No Changes Have Been Made to This Item

Powered By FusionForge