search

tls-attacker / TLS-Attacker

TLS-Attacker is a Java-based framework for analyzing TLS libraries. It can be used to manually test TLS clients and servers or as as a software library for more advanced tools.
Apache License 2.0
789 stars 136 forks source link

Won't work with Java 9 #40

Closed strangeloveBsc closed 3 years ago

strangeloveBsc commented 6 years ago

Hi, so I wanted to try out this tool of yours (more specific: the TLS-Scanner module) and while it compiles just fine (Scanner throws error in some tests, but that's another issue) it won't run on my machine:

`

@:~/tools/TLS-Attacker$ java -jar apps/Attacks.jar padding_oracle -connect localhost:443 Exception in thread "main" java.lang.NoClassDefFoundError: javax/xml/bind/JAXB at de.rub.nds.tlsattacker.core.config.ConfigIO.read(ConfigIO.java:42) at de.rub.nds.tlsattacker.core.config.Config.createConfig(Config.java:78) at de.rub.nds.tlsattacker.core.config.TLSDelegateConfig.createConfig(TLSDelegateConfig.java:71) at de.rub.nds.tlsattacker.attacks.config.PaddingOracleCommandConfig.createConfig(PaddingOracleCommandConfig.java:67) at de.rub.nds.tlsattacker.attacks.impl.PaddingOracleAttacker.(PaddingOracleAttacker.java:55) at de.rub.nds.tlsattacker.attacks.Main.main(Main.java:126) Caused by: java.lang.ClassNotFoundException: javax.xml.bind.JAXB at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(BuiltinClassLoader.java:582) at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:185) at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:496) ... 6 more ` Which according to [Stackoverflow](https://stackoverflow.com/questions/43574426/how-to-resolve-java-lang-noclassdeffounderror-javax-xml-bind-jaxbexception-in-j) this issue is based on the latest Java-Version (Java 9). Which matches my observation: ` java --version openjdk 9.0.4 OpenJDK Runtime Environment (build 9.0.4+12-Debian-4) OpenJDK 64-Bit Server VM (build 9.0.4+12-Debian-4, mixed mode) ` **Edits: Readability**
ic0ns commented 6 years ago

Hey strangeloveBsc, I personally did not try java 9 yet (since it is still very fresh) and probably some of our dependencys are very likely not compatible with it yet. I recommend Java 8. We are currently not trying to move to Java 9 in the near future. cheers robert

strangeloveBsc commented 6 years ago

Hi Robert, thank you for your quick reply. If you don't mind I'll leave this open (unless you're graded / paid for being issue-free) so I know when to try again and not being misleading about this "issue" being solved.

Best Regards

Mike

ic0ns commented 6 years ago

sure :)

fxa commented 4 years ago

After some hours playing with TLS-Attacker, maven and java 12 I finally got it to work by adding the following dependencies to the pom. Hope that helps

jakarta.xml.bind jakarta.xml.bind-api 2.3.2 org.glassfish.jaxb jaxb-runtime 2.3.2
ApolloLV commented 4 years ago

I ran into this issue today and was not able to resolve it without downgrading to java 8. @fxa I tried variations of the jakarta xml fix, but that only moved the issues from compile time to run time.

fxa commented 4 years ago

@ApolloLV for me that worked compile time and runtime I can neather add a pom file here nor does the mark down support that. Shall I email my pom to you?

jurajsomorovsky commented 3 years ago

should be fixed with the newest versions, it now supports java 11