Re: RFR 8059313: Enable keytool NSS test on Mac
I'll use your libs. Why is DYLD_LIBRARY_PATH not needed here? Some different linking method? Thanks Max On Oct 6, 2014, at 23:54, Vincent Ryan wrote: > JDK-8059627 now bundles NSS with our PKCS11 testsuite (just like on Windows) > > I know you have implemented a different solution for locating NSS on Max OSX > for your keytool tests. > FYI if you switch to using the bundled NSS then you no longer need to set > DYLD_LIBRARY_PATH. > It’s not a big saving but I thought I’d let you know.
Re: [9] RFR: 8037550: Update RFC references in javadoc to RFC 5280
Looks good to me. --Sean On 09/18/2014 06:27 PM, Jason Uh wrote: Please review this changeset, which updates references to RFC 3280 to RFC 5280. RFC 5280 has obsoleted 3280. http://cr.openjdk.java.net/~juh/8037550/webrev.03/ Thanks, Jason
Re: Linux getrandom() support
Hello, I think this here is a good start. It shows good the background: http://lwn.net/Articles/605828/ the details have changed meanwhile, so the new proposed manpage has it: http://www.spinics.net/lists/linux-man/msg07010.html The biggie is, that you can use urandom semantic (i.e. not specify GRND_RANDOM) but still only get bytes if the machine was seeded at boot (and block or fail in those cases). Greetings Bernd 2014-10-06 18:26 GMT+02:00 Bradford Wetmore : > > Worth looking into, but no plans at the moment. > > Do you have a link? > > Brad > > > > > On 10/5/2014 7:44 PM, Bernd wrote: > >> Hello, >> >> Is there already support for the upcoming getrandom() syscall in Linux >> 3.17 kernel planned? I guess this would be a good feature for SSL and >> the strong SecureRandom variant (by setting the 128bit entropy required >> flag). >> >> It would be good if this is supported out of the box, especially to >> avoid problems when the dev files are missing in some >> container/virtualisation systems. >> >> Greetings >> Bernd >> >>
Re: Linux getrandom() support
Worth looking into, but no plans at the moment. Do you have a link? Brad On 10/5/2014 7:44 PM, Bernd wrote: Hello, Is there already support for the upcoming getrandom() syscall in Linux 3.17 kernel planned? I guess this would be a good feature for SSL and the strong SecureRandom variant (by setting the 128bit entropy required flag). It would be good if this is supported out of the box, especially to avoid problems when the dev files are missing in some container/virtualisation systems. Greetings Bernd
Re: RFR 8059313: Enable keytool NSS test on Mac
JDK-8059627 now bundles NSS with our PKCS11 testsuite (just like on Windows) I know you have implemented a different solution for locating NSS on Max OSX for your keytool tests. FYI if you switch to using the bundled NSS then you no longer need to set DYLD_LIBRARY_PATH. It’s not a big saving but I thought I’d let you know. On 27 Sep 2014, at 10:32, Vincent Ryan wrote: > Your fix looks good Max. I’ll examine the issue with PKCS11Test.java on > Monday. > Thanks. > > > On 27 Sep 2014, at 10:13, Wang Weijun wrote: > >> Hi Vinnie >> >> Can you review the fix at >> >> http://cr.openjdk.java.net/~weijun/8059313/webrev.00/ >> >> The test will try several places to look for NSS libs. If the machine has no >> Firefox or Thunderbird installed the NSS part won't run. At least this >> enables myself running NSS-related tests on my machine. >> >> I tried to do the same for PKCS11Test.java but cannot find a way to set >> DYLD_LIBRARY_PATH (or equivalent settings in Java) inside the test. If you >> know how to do that, I'll be happy to include it as well. BTW, I added the >> environment variable on jtreg command line and among 62 pkcs11 tests, 54 >> pass and 8 fail. There seems to be some extra work. >> >> Thanks >> Max >> >