search

icyphy / ptII

Ptolemy II is an open-source software framework supporting experimentation with actor-oriented design.
https://ptolemy.eecs.berkeley.edu/ptolemyII
Other
99 stars 43 forks source link

https://accessors.org redirects to a host that does not have a cert for accessors.org #338

Closed cxbrooks closed 3 years ago

cxbrooks commented 3 years ago

One of the tests fails because https://accessors.org redirects to https://ptolemy.berkeley.edu/accessors/ yet that host does not have a cert for accessors.org.

dig any accessors.org shows that accessors.org has a CNAME to eecs-haproxy-vip.EECS.Berkeley.EDU

We probably won't fix this any time soon.

Here's how to reproduce:

bash-3.2$ cd $PTII/org/terraswarm/accessor/test
bash-3.2$ $PTII/bin/ptjacl JSAccessor.tcl 
...
==== $PTII/org/terraswarm/accessor/test/JSAccessor.tcl: JSAccessor-2.6 getResource(): get https://accessors.org
==== Contents of test case:

    set accessors [$accessor getResource https://accessors.org [java::new {Object[]} 0]]
    list [expr {[string length $accessors] > 0}]

==== Test generated error:
    while executing
ptolemy.kernel.util.IllegalActionException: Failed to read URI: https://accessors.org
  in .top.TestAccessor
Because:
No subject alternative DNS name matching accessors.org found.
        at ptolemy.actor.lib.jjs.JavaScript.getResource(JavaScript.java:1401)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.base/java.lang.reflect.Method.invoke(Method.java:564)
        at tcl.lang.reflect.PkgInvoker.invokeMethod(PkgInvoker.java:129)
        at tcl.lang.JavaInvoke.call(JavaInvoke.java:253)
        at tcl.lang.JavaInvoke.callMethod(JavaInvoke.java:116)
        at tcl.lang.ReflectObject.cmdProc(ReflectObject.java:727)
        at tcl.lang.Parser.evalObjv(Parser.java:740)
        at tcl.lang.Parser.eval2(Parser.java:1138)
        at tcl.lang.Parser.evalTokens(Parser.java:930)
        at tcl.lang.Parser.eval2(Parser.java:1125)
        at tcl.lang.Interp.eval(Interp.java:1782)
        at tcl.lang.Interp.eval(Interp.java:1841)
        at tcl.lang.UplevelCmd.cmdProc(UplevelCmd.java:93)
        at tcl.lang.Parser.evalObjv(Parser.java:740)
        at tcl.lang.Parser.eval2(Parser.java:1138)
        at tcl.lang.Interp.eval(Interp.java:1782)
        at tcl.lang.Interp.eval(Interp.java:1841)
        at tcl.lang.CatchCmd.cmdProc(CatchCmd.java:42)
        at tcl.lang.Parser.evalObjv(Parser.java:740)
        at tcl.lang.Parser.eval2(Parser.java:1138)
        at tcl.lang.Parser.evalTokens(Parser.java:930)
        at tcl.lang.Parser.eval2(Parser.java:1125)
        at tcl.lang.Procedure.cmdProc(Procedure.java:175)
        at tcl.lang.Parser.evalObjv(Parser.java:740)
        at tcl.lang.Parser.eval2(Parser.java:1138)
        at tcl.lang.Interp.eval(Interp.java:1782)
        at tcl.lang.Interp.evalFile(Interp.java:1880)
        at tcl.lang.Shell.main(Shell.java:110)
Caused by: javax.net.ssl.SSLHandshakeException: No subject alternative DNS name matching accessors.org found.
        at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
        at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:325)
        at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:268)
        at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:263)
        at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:\
645)
        at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(CertificateMessage.java:464\
)
    at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(CertificateMessage.java:360)
        at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396)
        at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:445)
    at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:423)
        at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:182)
        at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:171)
    at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1475)
        at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1381)
        at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:441)
        at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:412)
        at java.base/sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:567)
        at java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnec\
tion.java:171)
        at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1600)
        at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1528)
        at java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:224)
        at java.base/java.net.URL.openStream(URL.java:1167)
        at ptolemy.actor.lib.jjs.JavaScript.getResource(JavaScript.java:1386)
        ... 30 more
Caused by: java.security.cert.CertificateException: No subject alternative DNS name matching accessors.org found.
        at java.base/sun.security.util.HostnameChecker.matchDNS(HostnameChecker.java:212)
        at java.base/sun.security.util.HostnameChecker.match(HostnameChecker.java:103)
        at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:452)
        at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:412)
        at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:238)
        at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:132)
        at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:\
629)
        ... 48 more
Caused by: javax.net.ssl.SSLHandshakeException: No subject alternative DNS name matching accessors.org found.
        at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
        at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:325)
        at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:268)
        at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:263)
        at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:\
645)
        at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(CertificateMessage.java:464\
)
        at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(CertificateMessage.java:360)
        at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396)
        at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:445)
        at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:423)
        at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:182)
        at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:171)
    at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1475)
        at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1381)
        at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:441)
        at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:412)
        at java.base/sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:567)
        at java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnec\
tion.java:171)
        at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1600)
        at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1528)
        at java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:224)
        at java.base/java.net.URL.openStream(URL.java:1167)
        at ptolemy.actor.lib.jjs.JavaScript.getResource(JavaScript.java:1386)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.base/java.lang.reflect.Method.invoke(Method.java:564)
        at tcl.lang.reflect.PkgInvoker.invokeMethod(PkgInvoker.java:129)
        at tcl.lang.JavaInvoke.call(JavaInvoke.java:253)
        at tcl.lang.JavaInvoke.callMethod(JavaInvoke.java:116)
        at tcl.lang.ReflectObject.cmdProc(ReflectObject.java:727)
        at tcl.lang.Parser.evalObjv(Parser.java:740)
        at tcl.lang.Parser.eval2(Parser.java:1138)
        at tcl.lang.Parser.evalTokens(Parser.java:930)
        at tcl.lang.Parser.eval2(Parser.java:1125)
        at tcl.lang.Interp.eval(Interp.java:1782)
        at tcl.lang.Interp.eval(Interp.java:1841)
        at tcl.lang.UplevelCmd.cmdProc(UplevelCmd.java:93)
        at tcl.lang.Parser.evalObjv(Parser.java:740)
        at tcl.lang.Parser.eval2(Parser.java:1138)
        at tcl.lang.Interp.eval(Interp.java:1782)
        at tcl.lang.Interp.eval(Interp.java:1841)
        at tcl.lang.CatchCmd.cmdProc(CatchCmd.java:42)
        at tcl.lang.Parser.evalObjv(Parser.java:740)
        at tcl.lang.Parser.eval2(Parser.java:1138)
        at tcl.lang.Parser.evalTokens(Parser.java:930)
        at tcl.lang.Parser.eval2(Parser.java:1125)
        at tcl.lang.Procedure.cmdProc(Procedure.java:175)
        at tcl.lang.Parser.evalObjv(Parser.java:740)
        at tcl.lang.Parser.eval2(Parser.java:1138)
        at tcl.lang.Interp.eval(Interp.java:1782)
        at tcl.lang.Interp.evalFile(Interp.java:1880)
        at tcl.lang.Shell.main(Shell.java:110)
Caused by: java.security.cert.CertificateException: No subject alternative DNS name matching accessors.org found.
        at java.base/sun.security.util.HostnameChecker.matchDNS(HostnameChecker.java:212)
        at java.base/sun.security.util.HostnameChecker.match(HostnameChecker.java:103)
        at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:452)
        at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:412)
        at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:238)
        at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:132)
        at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:\
629)
        ... 48 more

    while executing
ptolemy.kernel.util.IllegalActionException: Failed to read URI: https://accessors.org
  in .top.TestAccessor
Because:
No subject alternative DNS name matching accessors.org found.
    while executing
"$accessor getResource https://accessors.org [java::new {Object[]} 0]"
    invoked from within
"set accessors [$accessor getResource https://accessors.org [java::new {Object[]} 0]]"
    ("uplevel" body line 2)
    invoked from within
"uplevel $contents_of_test"
bash-3.2$
cxbrooks commented 3 years ago

Fixed! accessors.org is now hosted at Google Domains, so the test passes.