[Bug 1057249] New: java.lang.SecurityException: Can't read cryptographic policy directory: unlimited
http://bugzilla.suse.com/show_bug.cgi?id=1057249 Bug ID: 1057249 Summary: java.lang.SecurityException: Can't read cryptographic policy directory: unlimited Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Java Assignee: bnc-team-java@forge.provo.novell.com Reporter: jslaby@suse.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- josm cannot be started due to java packaging bug. This is a reproducer: class H { static public void main(String args[]) { javax.net.ssl.SSLSocketFactory.getDefault(); } } leading to: Exception in thread "main" java.lang.ExceptionInInitializerError at java.base/javax.crypto.JceSecurityManager.<clinit>(Unknown Source) at java.base/javax.crypto.Cipher.getConfiguredPermission(Unknown Source) at java.base/javax.crypto.Cipher.getMaxAllowedKeyLength(Unknown Source) at java.base/sun.security.ssl.CipherSuite$BulkCipher.isUnlimited(Unknown Source) at java.base/sun.security.ssl.CipherSuite$BulkCipher.<init>(Unknown Source) at java.base/sun.security.ssl.CipherSuite$BulkCipher.<clinit>(Unknown Source) at java.base/sun.security.ssl.CipherSuite.<clinit>(Unknown Source) at java.base/sun.security.ssl.SSLContextImpl.getApplicableSupportedCipherSuiteList(Unknown Source) at java.base/sun.security.ssl.SSLContextImpl.access$100(Unknown Source) at java.base/sun.security.ssl.SSLContextImpl$AbstractTLSContext.<clinit>(Unknown Source) at java.base/java.lang.Class.forName0(Native Method) at java.base/java.lang.Class.forName(Unknown Source) at java.base/java.security.Provider$Service.getImplClass(Unknown Source) at java.base/java.security.Provider$Service.newInstance(Unknown Source) at java.base/sun.security.jca.GetInstance.getInstance(Unknown Source) at java.base/sun.security.jca.GetInstance.getInstance(Unknown Source) at java.base/javax.net.ssl.SSLContext.getInstance(Unknown Source) at java.base/javax.net.ssl.SSLContext.getDefault(Unknown Source) at java.base/javax.net.ssl.SSLSocketFactory.getDefault(Unknown Source) at H.main(H.java:3) Caused by: java.lang.SecurityException: Can not initialize cryptographic mechanism at java.base/javax.crypto.JceSecurity.<clinit>(Unknown Source) ... 20 more Caused by: java.lang.SecurityException: Can't read cryptographic policy directory: unlimited at java.base/javax.crypto.JceSecurity.setupJurisdictionPolicies(Unknown Source) at java.base/javax.crypto.JceSecurity.access$000(Unknown Source) at java.base/javax.crypto.JceSecurity$1.run(Unknown Source) at java.base/javax.crypto.JceSecurity$1.run(Unknown Source) at java.base/java.security.AccessController.doPrivileged(Native Method) ... 21 more There are few other bugs like: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866924 And according to strace, it really looks for $JAVA_HOME/jre/conf/security/policy/unlimited: stat("/usr/lib64/jvm/java-9-openjdk-9/jre/conf/security/policy/unlimited", 0x7f902817ff50) = -1 ENOENT (No such file or directory) which cannot be found. I believe the conf files should be packaged somehow. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1057249 http://bugzilla.suse.com/show_bug.cgi?id=1057249#c1 Jiri Slaby <jslaby@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |DUPLICATE --- Comment #1 from Jiri Slaby <jslaby@suse.com> --- . *** This bug has been marked as a duplicate of bug 1047842 *** -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com