On 2019-06-10 16:23, David Holmes wrote:
Hi Erik,
On 11/06/2019 5:37 am, Erik Joelsson wrote:
Since JDK-8193255, when we started generating the cacerts file in the
build, the build compare baseline builds have started failing. It
seems the cacerts binary file has some non determinism built in so it
doesn't get generated exactly the same given the same input. This
patch adds special handling when comparing that file by comparing the
output of "keytool -list" on the files instead.
Seems a reasonable approach.
Bug: https://bugs.openjdk.java.net/browse/JDK-8225392
Webrev: http://cr.openjdk.java.net/~erikj/8225392/webrev.01/
Code changes seem fine.
Thanks!
I'm assuming this formulation doesn't run into the:
Warning: use -cacerts option to access cacerts keystore
that you get if you actually point keytool to the cacerts files in the
JDK image:
> ./build/linux-x64-debug/images/jdk/bin/keytool -list -keystore
build/linux-x64-debug/images/jdk/lib/security/cacerts -storepass
changeit > certs.1
Warning: use -cacerts option to access cacerts keystore
I did not see that. I would guess it's because I'm not running keytool
from the images/jdk/bin dir, but in most cases from the jdk/bin dir (the
exploded image), or in the cross compilation case, it's running from the
buildjdk. I just tried it manually, and it seems the warning is only
printed if trying to list the cacerts file from the same image.
/Erik
Thanks,
David
-----
/Erik