Hack the JDK

Have you ever been in a situation where you wished the core java code for a specific class in JDK would have been slightly different from what it is now?
I ran into a situation where SSLContext implementation in the JSSE package was not helping me at all. My server certificate validation was failing due to algorithm constraints. Asking the host to install new certificate was not in my control. I trust the host and wanted the SSL connection to work. After some struggle, I was able to hack the core SSLContextImpl to make it work for my host. You can do this for any core java class and your version of the class will supercede the core java version of the class.

The basic steps are –
Get the source code for your class.
You can get the source code by unzipping the src.zip file located in the JDK home directory. In Mac, it’s located at:
/Library/Java/JavaVirtualMachines/jdk1.8.0_60.jdk/Contents/Home
For some of the classes like JSSE, the java code is not open source. For this I had to get the source code from OpenJDK –
http://grepcode.com/project/repository.grepcode.com/java/root/jdk/openjdk/

1. Create a basic java project using Eclipse or any other editor.

2. Now copy the source code for the class you want to hack and make the necessary changes.
Make sure the package names are the same as those in the JDK.

3. Create Jar file. In Eclipse, you can simply export the project jar.

4. Now when you run any java application, prepend the jar file to Java boot jars.
To do this, you have to use the VM Option: -Xbootclasspath/p:
e.g. I was using IntelliJ IDE and I wanted to use a custom Java SSLContextImpl. So I packaged it in a custom.jar project and Used the following option to start IntelliJ –

In the file /Applications/IntelliJ IDEA 14-default.app/Contents/bin/idea.vmoptions
Add this line –
-Xbootclasspath/p:/Users/apatta2/MyData/software/java/custom-lib/java-utils.jar

That’s it. Now Java will use your customized version of the class instead of the default java version of it.

2 thoughts on “Hack the JDK

Leave a Reply

Your email address will not be published. Required fields are marked *

Answer this * Time limit is exhausted. Please reload CAPTCHA.