Re: RFR: JDK-8058845 : Update JCE environment for build improvements
javax/crypto/JceSecurity.java line 79: this could be (PrivilegedExceptionAction) as the return value is ignored Good catch. It may be better to rename URLVerifier to ProviderVerifier as it verifies the security provider of the given codebase. URLVerifier might give an interpretation of verifying the given URL. Similarly, the verifyProviderJar method can be renamed to verifyProvider. Done. javax/crypto/URLVerifier.java line 117: should it be pae.getCause()? Yes, that would be a better one. Thanks for the review. brad
Re: RFR: JDK-8058845 : Update JCE environment for build improvements
On 9/21/14 3:51 PM, Bradford Wetmore wrote: Hi Sean/Mandy/Erik/Magnus/Alan/David/others, Please review: JDK-8058845 : Update JCE environment for build improvements http://cr.openjdk.java.net/~wetmore/8058845/ The change looks fine in general. Some minor comments: javax/crypto/Cipher.java line 264: this is not part of your change but caught my attention. I wonder if you want to include some descriptive message in NPE to help diagnosing the problem especially in jdk9 where future changes will be made to support modules. javax/crypto/JceSecurity.java line 79: this could be (PrivilegedExceptionAction) as the return value is ignored It may be better to rename URLVerifier to ProviderVerifier as it verifies the security provider of the given codebase. URLVerifier might give an interpretation of verifying the given URL. Similarly, the verifyProviderJar method can be renamed to verifyProvider. javax/crypto/URLVerifier.java line 117: should it be pae.getCause()? Mandy
Re: RFR: JDK-8058845 : Update JCE environment for build improvements
On 21/09/2014 23:51, Bradford Wetmore wrote: Hi Sean/Mandy/Erik/Magnus/Alan/David/others, Please review: JDK-8058845 : Update JCE environment for build improvements http://cr.openjdk.java.net/~wetmore/8058845/ This change is to alleviate some of the overly-complicated steps we (Oracle) have in building and maintaining the JCE jar files in JDK 9. The overall change is very welcome. I'm not an expert in this area but I have looked through the changes. In JceSecurity maybe verifyProviderJar could be renamed to verifyProvider or something better as it should not be limited to JAR files. I also wonder about the name URLVerifier. With the current implementation then JarVerifier is more obvious but of course that will change very soon when we have security providers linked into the image. Just mentioning it as renaming this to ProviderVerifier or something better might make it a bit clearer. -Alan.
Re: RFR: JDK-8058845 : Update JCE environment for build improvements
Hi Brad, Approved, changes look fine. Thanks for simplifying the JCE jar file builds. Dave On 9/21/2014 3:51 PM, Bradford Wetmore wrote: Hi Sean/Mandy/Erik/Magnus/Alan/David/others, Please review: JDK-8058845 : Update JCE environment for build improvements http://cr.openjdk.java.net/~wetmore/8058845/ This change is to alleviate some of the overly-complicated steps we (Oracle) have in building and maintaining the JCE jar files in JDK 9. Besides the Makefiles and a class rename, there is very little change to the Open code for the OpenJDK Security folks. The OpenJDK build folks shouldn't really notice any difference. I do wish we could completely do away with this code completely, but we (Oracle and closed licensees) do still need to follow the regulations. For the Iced Tea maintainers, this will necessitate a small incremental change to your JCE patch. Thanks, Brad
RFR: JDK-8058845 : Update JCE environment for build improvements
Hi Sean/Mandy/Erik/Magnus/Alan/David/others, Please review: JDK-8058845 : Update JCE environment for build improvements http://cr.openjdk.java.net/~wetmore/8058845/ This change is to alleviate some of the overly-complicated steps we (Oracle) have in building and maintaining the JCE jar files in JDK 9. Besides the Makefiles and a class rename, there is very little change to the Open code for the OpenJDK Security folks. The OpenJDK build folks shouldn't really notice any difference. I do wish we could completely do away with this code completely, but we (Oracle and closed licensees) do still need to follow the regulations. For the Iced Tea maintainers, this will necessitate a small incremental change to your JCE patch. Thanks, Brad
