from:"Sean Mullan"

Re: RFR: 8283092: JMX subclass permission check redundant with strong encapsulation

2022-03-17 Thread Sean Mullan

On Tue, 15 Mar 2022 20:22:16 GMT, Kevin Walls  wrote:

> Removing permission checks which, in the presence of a Security Manager, 
> would check for a RuntimePermission "className.subclass".  This was to 
> prevent subclassing these classes, but is no longer necessary with strong 
> encapsulation from modules.

I think you also need to update this test such that it checks that the module 
access restrictions prevent subclassing instead of the permission check: 
test/jdk/sun/management/PlatformMBeanProviderConstructorCheck.java

Also, it looks like this permission was never publicly documented and was only 
used internally, so it probably doesn't need a CSR, but I don't know for sure.

-

PR: https://git.openjdk.java.net/jdk/pull/7827

Re: RFR: 8279918: Fix various doc typos

2022-01-13 Thread Sean Mullan

On Thu, 13 Jan 2022 10:30:07 GMT, Pavel Rappo  wrote:

> - Most of the typos are of a trivial kind: missing whitespace.
> - If any of the typos should be fixed in the upstream projects instead, 
> please say so; I will drop those typos from the patch.
> - As I understand it, ` ` in ImageInputStream and DataInput is an irrelevant 
> formatting artefact and thus can be removed.
> - `'` is an apostrophe, which does not require to be encoded.

The change in the one security class (KeyStoreLoginModule) looks fine.

-

Marked as reviewed by mullan (Reviewer).

PR: https://git.openjdk.java.net/jdk/pull/7063

Re: [jdk18] RFR: 8279007: jstatd fails to start because SecurityManager is disabled [v2]

2021-12-21 Thread Sean Mullan

On Tue, 21 Dec 2021 20:28:52 GMT, Kevin Walls  wrote:

>> jstatd now in jdk18 fails to start unless we specifically allow or set a 
>> SecurityManager.
>> This update to the launcher makefile adds JAVA_ARGS to permit a 
>> SecurityManager.
>
> Kevin Walls has updated the pull request incrementally with one additional 
> commit since the last revision:
> 
>   Remove security manager property from jstatd tests.

Marked as reviewed by mullan (Reviewer).

-

PR: https://git.openjdk.java.net/jdk18/pull/53

Re: [jdk18] RFR: 8279007: jstatd fails to start because SecurityManager is disabled

2021-12-21 Thread Sean Mullan

On Tue, 21 Dec 2021 13:00:26 GMT, Kevin Walls  wrote:

> jstatd now in jdk18 fails to start unless we specifically allow or set a 
> SecurityManager.
> This update to the launcher makefile adds JAVA_ARGS to permit a 
> SecurityManager.

You should also remove `-Djava.security.manager=allow` from the jstatd test 
(`test/jdk/sun/tools/jstatd/JstatdTest.java`) as it is not needed now.

-

PR: https://git.openjdk.java.net/jdk18/pull/53

Re: RFR: 8269130: Replace usages of Collection.toArray() with Collection.toArray(T[]) to avoid redundant array copying

2021-07-26 Thread Sean Mullan

On Mon, 14 Jun 2021 17:00:29 GMT, Andrey Turbanov 
 wrote:

> I found few places, where code initially perform `Object[] 
> Colleciton.toArray()` call and then manually copy array into another array 
> with required type.
> This PR cleanups such places to more shorter call `T[] 
> Collection.toArray(T[])`.

The changes to the security classes look good.

-

Marked as reviewed by mullan (Reviewer).

PR: https://git.openjdk.java.net/jdk/pull/4487

Re: RFR: 8267543: Post JEP 411 refactoring: security [v2]

2021-05-25 Thread Sean Mullan

On Tue, 25 May 2021 16:20:35 GMT, Weijun Wang  wrote:

>> For all modified files in #4073 having "security", "crypto", or "ssl" in 
>> their names. Codes are refactored to bring a `@SuppressWarning` annotation 
>> nearer to the deprecated API usage and also shrink the size of its target.
>> 
>> I'll add a copyright year update commit before integration.
>
> Weijun Wang has updated the pull request incrementally with one additional 
> commit since the last revision:
> 
>   one more change

Marked as reviewed by mullan (Reviewer).

-

PR: https://git.openjdk.java.net/jdk/pull/4172

Re: RFR: 8267543: Post JEP 411 refactoring: security [v2]

2021-05-25 Thread Sean Mullan

On Tue, 25 May 2021 16:20:35 GMT, Weijun Wang  wrote:

>> For all modified files in #4073 having "security", "crypto", or "ssl" in 
>> their names. Codes are refactored to bring a `@SuppressWarning` annotation 
>> nearer to the deprecated API usage and also shrink the size of its target.
>> 
>> I'll add a copyright year update commit before integration.
>
> Weijun Wang has updated the pull request incrementally with one additional 
> commit since the last revision:
> 
>   one more change

Update copyright dates to 2021, if applicable.

-

PR: https://git.openjdk.java.net/jdk/pull/4172

Re: RFR: 8267543: Post JEP 411 refactoring: security

2021-05-25 Thread Sean Mullan

On Mon, 24 May 2021 20:23:27 GMT, Weijun Wang  wrote:

> For all modified files in #4073 having "security", "crypto", or "ssl" in 
> their names. Codes are refactored to bring a `@SuppressWarning` annotation 
> nearer to the deprecated API usage and also shrink the size of its target.

src/java.security.jgss/share/classes/sun/security/jgss/krb5/Krb5Context.java 
line 709:

> 707: }
> 708: if (GSSUtil.useSubjectCredsOnly(caller)) {
> 709: @SuppressWarnings("removal")

It looks like you missed removing the @SuppressWarnings("removal") from the 
initSecContext method above.

-

PR: https://git.openjdk.java.net/jdk/pull/4172

Re: RFR: 8266459: Implement JEP 411: Deprecate the Security Manager for Removal [v3]

2021-05-23 Thread Sean Mullan

On Fri, 21 May 2021 15:27:39 GMT, Daniel Fuchs  wrote:

>> Weijun Wang has updated the pull request incrementally with one additional 
>> commit since the last revision:
>> 
>>   fixing awt/datatransfer/DataFlavor/DataFlavorRemoteTest.java
>
> src/java.base/share/classes/java/lang/SecurityManager.java line 104:
> 
>> 102:  * method will throw an {@code UnsupportedOperationException}). If the
>> 103:  * {@systemProperty java.security.manager} system property is set to the
>> 104:  * special token "{@code allow}", then a security manager will not be 
>> set at
> 
> Can/should the `{@systemProperty ...}` tag be used more than once for a given 
> system property? I thought it should be used only once, at the place where 
> the system property is defined. Maybe @jonathan-gibbons can offer some more 
> guidance on this.

Good point. I would remove the extra @systemProperty tags on lines 103, 106, 
and 113. Also, in `System.setSecurityManager` there are 3 @systemProperty 
java.security.manager tags, I would just keep the first one. (I think it's ok 
to have more than one, if they are defined in different APIs).

-

PR: https://git.openjdk.java.net/jdk/pull/4073

Re: RFR: 8267184: JEP 411: Add -Djava.security.manager=allow to tests calling System.setSecurityManager [v2]

2021-05-19 Thread Sean Mullan

On Tue, 18 May 2021 21:44:43 GMT, Weijun Wang  wrote:

>> Please review the test changes for [JEP 
>> 411](https://openjdk.java.net/jeps/411).
>> 
>> With JEP 411 and the default value of `-Djava.security.manager` becoming 
>> `disallow`, tests calling `System.setSecurityManager()`  need 
>> `-Djava.security.manager=allow` when launched. This PR covers such changes 
>> for tier1 to tier3 (except for the JCK tests).
>> 
>> To make it easier to focus your review on the tests in your area, this PR is 
>> divided into multiple commits for different areas (~~serviceability~~, 
>> ~~hotspot-compiler~~, ~~i18n~~, ~~rmi~~, ~~javadoc~~, swing, 2d, 
>> ~~security~~, ~~hotspot-runtime~~, ~~nio~~, ~~xml~~, ~~beans~~, 
>> ~~core-libs~~, ~~net~~, ~~compiler~~, ~~hotspot-gc~~). Mostly the rule is 
>> the same as how Skara adds labels, but there are several small tweaks:
>> 
>> 1. When a file is covered by multiple labels, only one is chosen. I make my 
>> best to avoid putting too many tests into `core-libs`. If a file is covered 
>> by `core-libs` and another label, I categorized it into the other label.
>> 2. If a file is in `core-libs` but contains `/xml/` in its name, it's in the 
>> `xml` commit.
>> 3. If a file is in `core-libs` but contains `/rmi/` in its name, it's in the 
>> `rmi` commit.
>> 4. One file not covered by any label -- 
>> `test/jdk/com/sun/java/accessibility/util/8051626/Bug8051626.java` -- is in 
>> the `swing` commit.
>> 
>> Due to the size of this PR, no attempt is made to update copyright years for 
>> all files to minimize unnecessary merge conflict.
>> 
>> Please note that this PR can be integrated before the source changes for JEP 
>> 411, as the possible values of this system property was already defined long 
>> time ago in JDK 9.
>> 
>> Most of the change in this PR is a simple adding of 
>> `-Djava.security.manager=allow` to the `@run main/othervm` line. Sometimes 
>> it was not `othervm` and we add one. Sometimes there's no `@run` at all and 
>> we add the line.
>> 
>> There are several tests that launch another Java process that needs to call 
>> the `System.setSecurityManager()` method, and the system property is added 
>> to `ProcessBuilder`, `ProcessTools`, or the java command line (if the test 
>> is a shell test).
>> 
>> 3 langtools tests are added into problem list due to 
>> [JDK-8265611](https://bugs.openjdk.java.net/browse/JDK-8265611).
>> 
>> 2 SQL tests are moved because they need different options on the `@run` line 
>> but they are inside a directory that has a `TEST.properties`:
>> 
>> rename test/jdk/java/sql/{testng/test/sql/othervm => 
>> permissionTests}/DriverManagerPermissionsTests.java (93%)
>> rename test/jdk/javax/sql/{testng/test/rowset/spi => 
>> permissionTests}/SyncFactoryPermissionsTests.java (95%)
>>  ```
>> 
>> The source change for JEP 411 is at https://github.com/openjdk/jdk/pull/4073.
>
> Weijun Wang has updated the pull request incrementally with one additional 
> commit since the last revision:
> 
>   adjust order of VM options

The changes to the security tests look good.

-

Marked as reviewed by mullan (Reviewer).

PR: https://git.openjdk.java.net/jdk/pull/4071

Re: RFR: 8266459: Implement JEP 411: Deprecate the Security Manager for Removal

2021-05-18 Thread Sean Mullan

On Tue, 18 May 2021 15:19:21 GMT, Alan Bateman  wrote:

>> It includes both:
>> ![Screen Shot 2021-05-18 at 8 41 11 
>> AM](https://user-images.githubusercontent.com/35072269/118652730-dfb35400-b7b4-11eb-83ee-92be9136fea2.jpg)
>
> Thanks for checking, I assumed that was the case so wondering if it should be 
> dropped from the deprecation text to avoid the repeated sentence.

My feeling is that it is better to be more specific than the generic removal 
text as this is the most significant class that is being deprecated for 
removal. Also, this says "the Security Manager" (note the space between) which 
really encompasses more than the `java.lang.SecurityManager` API and which is 
explained more completely in the JEP.

-

PR: https://git.openjdk.java.net/jdk/pull/4073

Re: RFR: 8266459: Implement JEP 411: Deprecate the Security Manager for Removal

2021-05-18 Thread Sean Mullan

On Tue, 18 May 2021 06:31:06 GMT, Alan Bateman  wrote:

>> Please review this implementation of [JEP 
>> 411](https://openjdk.java.net/jeps/411).
>> 
>> The code change is divided into 3 commits. Please review them one by one.
>> 
>> 1. 
>> https://github.com/openjdk/jdk/commit/576161d15423f58281e384174d28c9f9be7941a1
>>  The essential change for this JEP, including the `@Deprecate` annotations 
>> and spec change. It also update the default value of the 
>> `java.security.manager` system property to "disallow", and necessary test 
>> change following this update.
>> 2. 
>> https://github.com/openjdk/jdk/commit/26a54a835e9f84aa528740a7c5c35d07355a8a66
>>  Manual changes to several files so that the next commit can be generated 
>> programatically.
>> 3. 
>> https://github.com/openjdk/jdk/commit/eb6c566ff9207974a03a53335e0e697cffcf0950
>>  Automatic changes to other source files to avoid javac warnings on 
>> deprecation for removal
>> 
>> The 1st and 2nd commits should be reviewed carefully. The 3rd one is 
>> generated programmatically, see the comment below for more details. If you 
>> are only interested in a portion of the 3rd commit and would like to review 
>> it as a separate file, please comment here and I'll generate an individual 
>> webrev.
>> 
>> Due to the size of this PR, no attempt is made to update copyright years for 
>> any file to minimize unnecessary merge conflict.
>> 
>> Furthermore, since the default value of `java.security.manager` system 
>> property is now "disallow", most of the tests calling 
>> `System.setSecurityManager()` need to launched with 
>> `-Djava.security.manager=allow`. This is covered in a different PR at 
>> https://github.com/openjdk/jdk/pull/4071.
>
> src/java.base/share/classes/java/lang/SecurityManager.java line 315:
> 
>> 313:  *
>> 314:  * @since   1.0
>> 315:  * @deprecated The Security Manager is deprecated and subject to 
>> removal in a
> 
> Javadoc will prefix, in bold, "Deprecated, for removal: This API element is 
> subject to removal in a future version". I'm just wondering if the sentence 
> will be repeated here, can you check?

It includes both:
![Screen Shot 2021-05-18 at 8 41 11 
AM](https://user-images.githubusercontent.com/35072269/118652730-dfb35400-b7b4-11eb-83ee-92be9136fea2.jpg)

-

PR: https://git.openjdk.java.net/jdk/pull/4073

Re: RFR: 8080272 Refactor I/O stream copying to use InputStream.transferTo/readAllBytes and Files.copy [v11]

2021-02-19 Thread Sean Mullan

On Fri, 19 Feb 2021 08:05:06 GMT, Andrey Turbanov 
 wrote:

>> src/java.base/share/classes/sun/security/provider/certpath/X509CertPath.java 
>> line 228:
>> 
>>> 226: try {
>>> 227: if (is.markSupported() == false) {
>>> 228: // Copy the entire input stream into an InputStream 
>>> that does
>> 
>> I don't think you should remove lines 228-232. These methods are called by 
>> methods of CertificateFactory that take InputStream (which may contain a 
>> stream of security data) and they are designed such that they try to read 
>> one Certificate, CRL, or CertPath from the InputStream and leave the 
>> InputStream ready to parse the next structure instead of consuming all of 
>> the bytes. Thus they check if the InputStream supports mark in order to try 
>> to preserve that behavior. If mark is not supported, then it's ok to use 
>> InputStream.readAllBytes, otherwise, leave the stream as-is.
>
> As I can see only ByteArrayInputStream is actually passed in `InputStream` in 
> current JDK code:
> 
> PKCS7 pkcs7 = new PKCS7(is.readAllBytes());
> private static List parsePKCS7(InputStream is)
> certs = parsePKCS7(is);
> public X509CertPath(InputStream is, String encoding)
> return new X509CertPath(new ByteArrayInputStream(data), 
> encoding);
> 
> PKCS7 pkcs7 = new PKCS7(is.readAllBytes());
> private static List parsePKCS7(InputStream is)
> certs = parsePKCS7(is);
> public X509CertPath(InputStream is, String encoding)
> this(is, PKIPATH_ENCODING);
> public X509CertPath(InputStream is) throws 
> CertificateException {
> return new X509CertPath(new 
> ByteArrayInputStream(encoding));
> 
> ![изображение](https://user-images.githubusercontent.com/741251/108475587-f4f61080-72a1-11eb-91e0-ac2b98c7c490.png)
> 
> Perhaps original marking approach was lost during refactoring?

You are right, the code was refactored (way back in 2010) [1] to read one block 
at a time, so this check on mark can be removed. So, in this case, I think it 
is probably safe to just pass the InputStream as-is to PKCS7(InputStream), but 
maybe you can add a comment that says this should always be a 
ByteArrayInputStream. We can look at refactoring this code and clean it up a 
bit more later.

[1] https://hg.openjdk.java.net/jdk/jdk/rev/337ae296b6d6

-

PR: https://git.openjdk.java.net/jdk/pull/1853

Re: RFR: 8080272 Refactor I/O stream copying to use InputStream.transferTo/readAllBytes and Files.copy [v11]

2021-02-18 Thread Sean Mullan

On Mon, 15 Feb 2021 19:47:00 GMT, Andrey Turbanov 
 wrote:

>> 8080272  Refactor I/O stream copying to use 
>> InputStream.transferTo/readAllBytes and Files.copy
>
> Andrey Turbanov has updated the pull request incrementally with one 
> additional commit since the last revision:
> 
>   8080272: Refactor I/O stream copying to use java.io.InputStream.transferTo
>   remove unnecessary file.exists() check

src/java.base/share/classes/sun/security/provider/certpath/X509CertPath.java 
line 228:

> 226: try {
> 227: if (is.markSupported() == false) {
> 228: // Copy the entire input stream into an InputStream that 
> does

I don't think you should remove lines 228-232. These methods are called by 
methods of CertificateFactory that take InputStream (which may contain a stream 
of security data) and they are designed such that they try to read one 
Certificate, CRL, or CertPath from the InputStream and leave the InputStream 
ready to parse the next structure instead of consuming all of the bytes. Thus 
they check if the InputStream supports mark in order to try to preserve that 
behavior. If mark is not supported, then it's ok to use 
InputStream.readAllBytes, otherwise, leave the stream as-is.

-

PR: https://git.openjdk.java.net/jdk/pull/1853

Re: RFR 8072932: Test fails with java.security.AccessControlException: access denied ("java.security.SecurityPermission" "getDomainCombiner")

2015-02-12 Thread Sean Mullan


Looks fine to me. Can you add a noreg-trivial label to the bug?

--Sean

On 02/11/2015 11:10 AM, Jaroslav Bachorik wrote:

Please, review the following simple change.

Issue : https://bugs.openjdk.java.net/browse/JDK-8072932
Webrev: http://cr.openjdk.java.net/~jbachorik/8072932/webrev.00

This patch is about replacing the
j.s.AccessControlContext.getDomainCombiner() with the package-private
version j.s.AccessControlContext.getCombiner() to prevent the
unnecessary privilege check done by the public getDomainCombiner() method.

Thanks,

-JB-

Re: 8034856/8034857: More gcc warnings

2014-02-13 Thread Sean Mullan


Looks fine to me.

--Sean

On 02/13/2014 08:18 AM, Alan Bateman wrote:


The number of native code warnings in the build is annoying so this is
another drive-by fix that eliminates a few of them in the serviceability
and security areas. The webrev with the changes is here:

http://cr.openjdk.java.net/~alanb/8034856+8034857/webrev/

In the pkcs11 code the issue is the function prototypes for the throwXXX
functions aren't included. This is fixed by including pkcs11wrapper.h
but that exposes another issue with the header file includes that needed
to be fixed.

In JarFacade the issue is that it uses isspace but doesn't include the
ctype.h

For LinuxOperatingSystem.c then there are 12 warnings related to fscanf
usages where the format specifier is %lld and the code wants to read
into a uint64_t. I've changed the format specifier to"%"SCNd64 so that
it matches uint64_t and should be okay on both 32 and 64-bit.

Thanks,
Alan.

hg: jdk8/tl/jdk: 8031825: OCSP client can't find responder cert if it uses a different subject key id algorithm than responderID

2014-01-22 Thread sean . mullan

Changeset: 57c26829deb6
Author:mullan
Date:  2014-01-22 19:06 -0500
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/57c26829deb6

8031825: OCSP client can't find responder cert if it uses a different subject 
key id algorithm than responderID
Reviewed-by: vinnie, xuelei

! src/share/classes/sun/security/provider/certpath/OCSPResponse.java

hg: jdk8/tl/jdk: 2 new changesets

2013-12-23 Thread sean . mullan

Changeset: aef6c726810e
Author:mullan
Date:  2013-12-23 14:03 -0500
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/aef6c726810e

8030813: Signed applet fails to load when CRLs are stored in an LDAP directory
Summary: Skip JNDI application resource lookup to avoid recursive JAR validation
Reviewed-by: vinnie, herrick

! src/share/classes/com/sun/naming/internal/ResourceManager.java
! src/share/classes/sun/security/provider/certpath/ldap/LDAPCertStore.java

Changeset: f3c714eeef6c
Author:mullan
Date:  2013-12-23 14:05 -0500
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f3c714eeef6c

Merge

- src/share/classes/sun/util/resources/pt/LocaleNames_pt_BR.properties
- test/sun/security/ssl/javax/net/ssl/SSLContextVersion.java

Re: RFR(L) - 2nd round: 8024854: Basic changes and files to build the class library on AIX

2013-11-25 Thread Sean Mullan


Hi Volker,

The security changes look fine. I'm not crazy that we now have to 
maintain one additional java.security file which is the exact same as 
java.security-linux, but this is really an existing issue with 
duplicated content across the java.security files which I will try to 
fix early in JDK 9: https://bugs.openjdk.java.net/browse/JDK-6997010


Thanks,
Sean

On 11/20/2013 01:26 PM, Volker Simonis wrote:

Hi,

this is the second review round for "8024854: Basic changes and files to
build the class library on
AIX<https://bugs.openjdk.java.net/browse/JDK-8024854>".
The previous reviews can be found at the end of this mail in the references
section.

I've tried to address all the comments and suggestions from the first round
and to further streamline the patch (it perfectly builds on Linux/x86_64,
Linux/PPC664, AIX, Solaris/SPARC and Windows/x86_64). The biggest change
compared to the first review round is the new "aix/" subdirectory which
I've now created under "jdk/src" and which contains AIX-only code.

The webrev is against our
http://hg.openjdk.java.net/ppc-aix-port/stagerepository which has been
recently synchronised with the jdk8 master:

http://cr.openjdk.java.net/~simonis/webrevs/8024854.v2/

Below (and in the webrev) you can find some comments which explain the
changes to each file. In order to be able to push this big change, I need
the approval of reviewers from the lib, net, svc, 2d, awt and sec groups.
So please don't hesitate to jump at it - there are enough changes for
everybody:)

Thank you and best regards,
Volker

*References:*

The following reviews have been posted so far (thanks Iris for collecting
them :)

- Alan Bateman (lib): Initial comments (16 Sep [2])
- Chris Hegarty (lib/net): Initial comments (20 Sep [3])
- Michael McMahon (net): Initial comments (20 Sept [4])
- Steffan Larsen (svc): APPROVED (20 Sept [5])
- Phil Race (2d): Initial comments  (18 Sept [6]); Additional comments (15
Oct [7])
- Sean Mullan (sec): Initial comments (26 Sept [8])

[2]:
http://mail.openjdk.java.net/pipermail/ppc-aix-port-dev/2013-September/001045.html
[3]:
http://mail.openjdk.java.net/pipermail/ppc-aix-port-dev/2013-September/001078.html
[4]:
http://mail.openjdk.java.net/pipermail/ppc-aix-port-dev/2013-September/001079.html
[5]:
http://mail.openjdk.java.net/pipermail/ppc-aix-port-dev/2013-September/001077.html
[6]:
http://mail.openjdk.java.net/pipermail/ppc-aix-port-dev/2013-September/001069.html
[7]: http://mail.openjdk.java.net/pipermail/2d-dev/2013-October/003826.html
[8]:
http://mail.openjdk.java.net/pipermail/ppc-aix-port-dev/2013-September/001081.html


*Detailed change description:*

The new "jdk/src/aix" subdirectory contains the following new and
AIX-specific files for now:

  src/aix/classes/sun/awt/fontconfigs/aix.fontconfig.properties
  src/aix/classes/sun/nio/ch/AixAsynchronousChannelProvider.java
  src/aix/classes/sun/nio/ch/AixPollPort.java
  src/aix/classes/sun/nio/fs/AixFileStore.java
  src/aix/classes/sun/nio/fs/AixFileSystem.java
  src/aix/classes/sun/nio/fs/AixFileSystemProvider.java
  src/aix/classes/sun/nio/fs/AixNativeDispatcher.java
  src/aix/classes/sun/tools/attach/AixAttachProvider.java
  src/aix/classes/sun/tools/attach/AixVirtualMachine.java
  src/aix/native/java/net/aix_close.c
  src/aix/native/sun/nio/ch/AixPollPort.c
  src/aix/native/sun/nio/fs/AixNativeDispatcher.c
  src/aix/native/sun/tools/attach/AixVirtualMachine.c
  src/aix/porting/porting_aix.c
  src/aix/porting/porting_aix.h

src/aix/porting/porting_aix.c
src/aix/porting/porting_aix.h

- Added these two files for AIX relevant utility code.
- Currently these files only contain an implementation of dladdr which
is not available on AIX.
- In the first review round the existing dladdr users in the code either
called the version from the HotSpot on AIX (
src/solaris/native/sun/awt/awt_LoadLibrary.c) or had a private copy of
the whole implementation (src/solaris/demo/jvmti/hprof/hprof_md.c). This
is now not necessary any more.

  The new file layout required some small changes to the makefiles to make
them aware of the new directory locations:

makefiles/CompileDemos.gmk

- Add an extra argument to SetupJVMTIDemo which can be used to pass
additional source locations.
- Currently this is only used on AIX for the AIX porting utilities which
are required by hprof.

makefiles/lib/Awt2dLibraries.gmk
makefiles/lib/ServiceabilityLibraries.gmk

- On AIX add the sources of the AIX porting utilities to the build. They
are required by src/solaris/native/sun/awt/awt_LoadLibrary.c and
src/solaris/demo/jvmti/hprof/hprof_md.c because dladdr is not available
on AIX.

makefiles/lib/NioLibraries.gmk

- Make the AIX-build aware of the new NIO source locations under
src/aix/native/sun/nio/.

makefiles/lib/NetworkingLibraries.gmk

- Make the AIX-build aware of the new aix_close.c source loca

hg: jdk8/tl/jdk: 2 new changesets

2013-10-22 Thread sean . mullan

Changeset: fc7a6fa3589a
Author:ascarpino
Date:  2013-10-22 19:37 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/fc7a6fa3589a

8025763: Provider does not override new Hashtable methods
Reviewed-by: mullan

! src/share/classes/java/security/Provider.java

Changeset: b065de1700d3
Author:mullan
Date:  2013-10-22 19:43 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/b065de1700d3

Merge

- src/share/demo/jfc/Notepad/resources/Notepad_fr.properties
- src/share/demo/jfc/Notepad/resources/Notepad_sv.properties

hg: jdk8/tl/jdk: 3 new changesets

2013-10-22 Thread sean . mullan

Changeset: 5f4aecd73caa
Author:mullan
Date:  2013-10-22 08:03 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/5f4aecd73caa

8021191: Add isAuthorized check to limited doPrivileged methods
Reviewed-by: weijun, xuelei

! src/share/classes/java/security/AccessControlContext.java
! src/share/classes/java/security/AccessController.java

Changeset: 948b390b6952
Author:mullan
Date:  2013-10-22 08:17 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/948b390b6952

Merge

- make/sun/awt/FILES_c_macosx.gmk
- make/sun/awt/FILES_export_macosx.gmk
- makefiles/GendataBreakIterator.gmk
- makefiles/GendataFontConfig.gmk
- makefiles/GendataHtml32dtd.gmk
- makefiles/GendataTZDB.gmk
- makefiles/GendataTimeZone.gmk
- makefiles/GenerateJavaSources.gmk
- makefiles/GensrcBuffer.gmk
- makefiles/GensrcCLDR.gmk
- makefiles/GensrcCharacterData.gmk
- makefiles/GensrcCharsetCoder.gmk
- makefiles/GensrcCharsetMapping.gmk
- makefiles/GensrcExceptions.gmk
- makefiles/GensrcIcons.gmk
- makefiles/GensrcJDWP.gmk
- makefiles/GensrcJObjC.gmk
- makefiles/GensrcLocaleDataMetaInfo.gmk
- makefiles/GensrcMisc.gmk
- makefiles/GensrcProperties.gmk
- makefiles/GensrcSwing.gmk
- makefiles/GensrcX11Wrappers.gmk
- src/macosx/classes/com/apple/resources/MacOSXResourceBundle.java
- src/macosx/native/com/apple/resources/MacOSXResourceBundle.m
- src/share/classes/java/lang/invoke/MagicLambdaImpl.java
- src/share/classes/java/net/HttpURLPermission.java
- src/solaris/doc/sun/man/man1/ja/javaws.1
- src/solaris/doc/sun/man/man1/javaws.1
- test/java/net/HttpURLPermission/HttpURLPermissionTest.java
- test/java/net/HttpURLPermission/URLTest.java
- test/java/net/HttpURLPermission/policy.1
- test/java/net/HttpURLPermission/policy.2
- test/java/net/HttpURLPermission/policy.3

Changeset: 3ea9af449b36
Author:mullan
Date:  2013-10-22 09:06 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/3ea9af449b36

Merge

- test/java/net/NetworkInterface/MemLeakTest.java

hg: jdk8/tl/jdk: 3 new changesets

2013-10-17 Thread sean . mullan

Changeset: 5d866df64ae3
Author:mullan
Date:  2013-10-17 10:18 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/5d866df64ae3

8026346: test/java/lang/SecurityManager/CheckPackageAccess.java failing
Reviewed-by: vinnie

! src/share/lib/security/java.security-macosx
! test/java/lang/SecurityManager/CheckPackageAccess.java

Changeset: 04e8b8fc6906
Author:mullan
Date:  2013-10-17 10:37 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/04e8b8fc6906

Merge

- make/sun/awt/FILES_c_macosx.gmk
- make/sun/awt/FILES_export_macosx.gmk
- src/macosx/classes/com/apple/resources/MacOSXResourceBundle.java
- src/macosx/native/com/apple/resources/MacOSXResourceBundle.m
- src/share/classes/java/net/HttpURLPermission.java
- test/java/net/HttpURLPermission/HttpURLPermissionTest.java
- test/java/net/HttpURLPermission/URLTest.java
- test/java/net/HttpURLPermission/policy.1
- test/java/net/HttpURLPermission/policy.2
- test/java/net/HttpURLPermission/policy.3

Changeset: 85a73ad28c53
Author:mullan
Date:  2013-10-17 11:34 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/85a73ad28c53

Merge

hg: jdk8/tl/jdk: 2 new changesets

2013-10-11 Thread sean . mullan

Changeset: 4ad76262bac8
Author:mullan
Date:  2013-10-11 08:43 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/4ad76262bac8

8007292: Add JavaFX internal packages to package.access
Summary: build hooks to allow closed restricted packages to be added to 
java.security file
Reviewed-by: erikj, dholmes, tbell

! make/java/security/Makefile
! make/tools/Makefile
+ make/tools/addtorestrictedpkgs/Makefile
+ make/tools/src/build/tools/addtorestrictedpkgs/AddToRestrictedPkgs.java
! makefiles/CopyFiles.gmk
! makefiles/Tools.gmk
! test/java/lang/SecurityManager/CheckPackageAccess.java

Changeset: 76df579c0b93
Author:mullan
Date:  2013-10-11 09:17 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/76df579c0b93

Merge

! makefiles/Tools.gmk
- src/macosx/classes/sun/lwawt/SelectionClearListener.java
- src/macosx/classes/sun/lwawt/macosx/CMouseInfoPeer.java
- src/share/classes/com/sun/jdi/connect/package.html
- src/share/classes/com/sun/jdi/connect/spi/package.html
- src/share/classes/com/sun/jdi/event/package.html
- src/share/classes/com/sun/jdi/package.html
- src/share/classes/com/sun/jdi/request/package.html
- src/share/classes/com/sun/management/package.html
- src/share/classes/com/sun/tools/attach/package.html
- src/share/classes/com/sun/tools/attach/spi/package.html
- src/share/classes/com/sun/tools/jconsole/package.html
- src/share/classes/java/lang/invoke/InvokeGeneric.java
- src/share/classes/java/time/chrono/ChronoDateImpl.java
- test/com/oracle/security/ucrypto/TestAES.java
- test/com/oracle/security/ucrypto/TestDigest.java
- test/com/oracle/security/ucrypto/TestRSA.java
- test/com/oracle/security/ucrypto/UcryptoTest.java
- test/com/sun/jdi/Solaris32AndSolaris64Test.sh
- 
test/java/nio/channels/spi/SelectorProvider/inheritedChannel/lib/solaris-i586/libLauncher.so
- 
test/java/nio/channels/spi/SelectorProvider/inheritedChannel/lib/solaris-sparc/libLauncher.so
- test/java/time/tck/java/time/chrono/TCKChronologySerialization.java

Re: 8008662: Add @jdk.Exported to JDK-specific/exported APIs

2013-10-07 Thread Sean Mullan


On 10/07/2013 08:58 AM, Alan Bateman wrote:

On 07/10/2013 13:36, Sean Mullan wrote:


We have only started removing some deprecated things in JDK, so it
just was never thought about until now. Marking these as supported
going forward strikes me as a bit strange, since we don't really want
anyone using these anymore.

As a guide, I think we should plan to address these anomalies for 9 so
that we can export APIs on a per API package basis. I'm okay to change
these to @jdk.Exported(false) if we can flag them for removal (like we
did for DialogCallbackHandler).


Sure. I'll file a bug to have these deprecated classes removed in 9.

--Sean

Re: 8008662: Add @jdk.Exported to JDK-specific/exported APIs

2013-10-07 Thread Sean Mullan


On 10/07/2013 08:28 AM, Alan Bateman wrote:

On 07/10/2013 13:26, Sean Mullan wrote:

7 classes in com.sun.security.auth have been deprecated for several
major releases now. Should they still have this annotation?

--Sean

I know but aren't they still exported and supported?


They have all had API replacements since JDK 1.4 or 1.5. There has been 
plenty of time to transition.



DialogCallbackHandler is the only one with its name on a bullet.


We have only started removing some deprecated things in JDK, so it just 
was never thought about until now. Marking these as supported going 
forward strikes me as a bit strange, since we don't really want anyone 
using these anymore.


--Sean

Re: 8008662: Add @jdk.Exported to JDK-specific/exported APIs

2013-10-07 Thread Sean Mullan

7 classes in com.sun.security.auth have been deprecated for several 
major releases now. Should they still have this annotation?


--Sean

On 10/06/2013 04:03 PM, Alan Bateman wrote:


As a follow-up to Joe Darcy's rename of jdk.Supported to jdk.Exported,
I'd like to have another attempt at adding the annotation to a number of
JDK specific APIs that are long standing exported, documented and
supported APIs. Specifically, the following APIs:

- Java Debug Interface (com.sun.jdi)
- Attach API (com.sun.tools.attach)
- SCTP API (com.sun.nio.sctp)
- HTTP server API (com.sun.net.httpserver)
- Management extensions (com.sun.management)
- JConsole Plugin API (com.sun.tools.jconsole)
- JDK-specific API to JAAS (com.sun.security.auth)
- JDK-specific JGSS API (com.sun.security.jgss)

(The javadoc for each of these APIs is currently generated in the build)

The webrev with the proposed update is here:
   http://cr.openjdk.java.net/~alanb/8008662/webrev.02/

As per the original webrev, I've added package-info.java to a number of
packages that didn't have any description. In a few cases, I've had to
rename the legacy package.html to package-info.java.

For the review then the intention is that @jdk.Exported be added to the
package-info and all public/protected types in these APIs. The only
exceptions are two cases where I've added @jdk.Exported(false),
specifically:

- com.sun.management.OSMBeanFactory as it clearly documents to stay away
- com.sun.security.auth.callback.DialogCallbackHandler as it for the
chop (see JEP 162)

Thanks,

Alan.

Re: RFR(L): 8024854: Basic changes and files to build the class library on AIX

2013-09-26 Thread Sean Mullan


On 09/16/2013 12:30 PM, Volker Simonis wrote:

src/share/lib/security/java.security-aix

- Provide default java.security-aix for AIX.


The login.configuration.provider property should be set to:

sun.security.provider.ConfigFile

See 8016848 for more info.

After you make this change, java.security-aix will be identical to 
java.security-linux. It would be nice if you could just use the 
java.security-linux file, so that we would have one less file to modify 
when making platform-independent changes to the java.security file, but 
I understand that might be odd, since AIX is not linux.


Ideally, the content for the java.security-* files needs to be revamped 
so there is less duplication across the (now) 5 platform-specific files 
but we probably won't have time to get to this for JDK 8.


--Sean

hg: jdk8/tl/jdk: 2 new changesets

2013-09-06 Thread sean . mullan

Changeset: 0aba8b6232af
Author:mullan
Date:  2013-09-06 12:04 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0aba8b6232af

8023362: Don't allow soft-fail behavior if OCSP responder returns "unauthorized"
Reviewed-by: vinnie, xuelei

! src/share/classes/java/security/cert/PKIXRevocationChecker.java
! src/share/classes/sun/security/provider/certpath/OCSPResponse.java
+ test/java/security/cert/PKIXRevocationChecker/OcspUnauthorized.java

Changeset: f23a84a1cf8e
Author:mullan
Date:  2013-09-06 12:10 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f23a84a1cf8e

Merge

- src/share/classes/java/util/stream/CloseableStream.java
- src/share/classes/java/util/stream/DelegatingStream.java
- test/java/util/Map/TreeBinSplitBackToEntries.java
- test/sun/tools/jconsole/ImmutableResourceTest.java
- test/sun/tools/jconsole/ImmutableResourceTest.sh

hg: jdk8/tl/jdk: 2 new changesets

2013-08-27 Thread sean . mullan

Changeset: 6a1bfcde4d4d
Author:mullan
Date:  2013-08-27 12:04 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/6a1bfcde4d4d

8019830: Add com.sun.media.sound to the list of restricted package
Reviewed-by: vinnie

! src/share/lib/security/java.security-linux
! src/share/lib/security/java.security-macosx
! src/share/lib/security/java.security-solaris
! src/share/lib/security/java.security-windows
! test/java/lang/SecurityManager/CheckPackageAccess.java

Changeset: 3575263eefab
Author:mullan
Date:  2013-08-27 12:27 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/3575263eefab

Merge

- src/share/classes/com/sun/security/auth/PolicyParser.java
- src/share/classes/com/sun/security/auth/SubjectCodeSource.java
- src/share/classes/sun/misc/Compare.java
- src/share/classes/sun/misc/Sort.java

hg: jdk8/tl/jdk: 8023769: JDK-8016850 broke the old build

2013-08-27 Thread sean . mullan

Changeset: 134283a88499
Author:mullan
Date:  2013-08-27 10:46 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/134283a88499

8023769: JDK-8016850 broke the old build
Summary: remove files that were moved/removed from 
com/sun/security/auth/FILES_java.gmk
Reviewed-by: chegar, xuelei

! make/com/sun/security/auth/FILES_java.gmk

hg: jdk8/tl/jdk: 8016850: JCK javax.security.auth.Policy tests fail when run in Profiles mode

2013-08-19 Thread sean . mullan

Changeset: f120e2c4b4b1
Author:mullan
Date:  2013-08-19 17:17 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f120e2c4b4b1

8016850: JCK javax.security.auth.Policy tests fail when run in Profiles mode
Summary: Move default javax.security.auth.Policy implementation to compact1 
profile
Reviewed-by: vinnie

! src/share/classes/com/sun/security/auth/PolicyFile.java
- src/share/classes/com/sun/security/auth/PolicyParser.java
- src/share/classes/com/sun/security/auth/SubjectCodeSource.java
! src/share/classes/javax/security/auth/Policy.java
+ src/share/classes/sun/security/provider/AuthPolicyFile.java
+ src/share/classes/sun/security/provider/SubjectCodeSource.java

hg: jdk8/tl/jdk: 2 new changesets

2013-08-19 Thread sean . mullan

Changeset: bce5205dbe84
Author:ascarpino
Date:  2013-08-14 10:50 -0700
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/bce5205dbe84

8022669: OAEPParameterSpec does not work if MGF1ParameterSpec is set to SHA2 
algorithms
Reviewed-by: mullan

! src/share/classes/sun/security/rsa/RSAPadding.java
! test/com/sun/crypto/provider/Cipher/RSA/TestOAEPPadding.java

Changeset: b40d246d4d81
Author:ascarpino
Date:  2013-08-16 12:31 -0700
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/b40d246d4d81

8022896: test/com/sun/crypto/provider/Cipher/RSA/TestOAEPPadding.java fails
Reviewed-by: mullan

! test/ProblemList.txt

hg: jdk8/tl/jdk: 2 new changesets

2013-08-13 Thread sean . mullan

Changeset: 412b2f0950a9
Author:mullan
Date:  2013-08-13 10:06 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/412b2f0950a9

8022897: Add test/com/sun/crypto/provider/Cipher/RSA/TestOAEPPadding.java to 
ProblemList
Reviewed-by: vinnie, chegar

! test/ProblemList.txt

Changeset: 19133b3af95f
Author:mullan
Date:  2013-08-13 10:07 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/19133b3af95f

Merge

! test/ProblemList.txt

hg: jdk8/tl/jdk: 8020081: Cipher with OAEPPadding and OAEPParameterSpec can't be created

2013-08-13 Thread sean . mullan

Changeset: 5b14d702b0b8
Author:ascarpino
Date:  2013-08-12 11:25 -0700
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/5b14d702b0b8

8020081: Cipher with OAEPPadding and OAEPParameterSpec can't be created
Reviewed-by: mullan

! src/share/classes/com/sun/crypto/provider/SunJCE.java
+ test/com/sun/crypto/provider/Cipher/RSA/TestOAEPPadding.java

hg: jdk8/tl/jdk: 2 new changesets

2013-08-12 Thread sean . mullan

Changeset: ffacf3e7a130
Author:mullan
Date:  2013-08-12 09:03 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/ffacf3e7a130

8016848: javax_security/auth/login tests fail in compact 1 and 2 profiles
Summary: Change the default value of the "login.configuration.provider" 
security property to sun.security.provider.ConfigFile
Reviewed-by: xuelei

! src/share/classes/com/sun/security/auth/login/ConfigFile.java
! src/share/classes/javax/security/auth/login/Configuration.java
+ src/share/classes/sun/security/provider/ConfigFile.java
- src/share/classes/sun/security/provider/ConfigSpiFile.java
! src/share/classes/sun/security/provider/SunEntries.java
! src/share/lib/security/java.security-linux
! src/share/lib/security/java.security-macosx
! src/share/lib/security/java.security-solaris
! src/share/lib/security/java.security-windows

Changeset: d73fbf005f5f
Author:mullan
Date:  2013-08-12 09:29 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/d73fbf005f5f

Merge

- src/share/classes/java/net/package.html
- test/java/lang/System/MacJNUEncoding/ExpectedEncoding.java
- test/java/lang/System/MacJNUEncoding/MacJNUEncoding.sh

hg: jdk8/tl/jdk: 2 new changesets

2013-08-06 Thread sean . mullan

Changeset: 1f4af3e0447e
Author:mullan
Date:  2013-08-06 08:31 -0700
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/1f4af3e0447e

8022120: JCK test api/javax_xml/crypto/dsig/TransformService/index_ParamMethods 
fails
Summary: TransformService.init and marshalParams must throw 
NullPointerException when parent parameter is null
Reviewed-by: xuelei

! src/share/classes/org/jcp/xml/dsig/internal/dom/ApacheCanonicalizer.java
! src/share/classes/org/jcp/xml/dsig/internal/dom/ApacheTransform.java
+ test/javax/xml/crypto/dsig/TransformService/NullParent.java

Changeset: ba634b53f53a
Author:mullan
Date:  2013-08-06 08:34 -0700
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/ba634b53f53a

Merge

hg: jdk8/tl/jdk: 3 new changesets

2013-08-02 Thread sean . mullan

Changeset: 42b786f2fb99
Author:mullan
Date:  2013-08-02 08:30 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/42b786f2fb99

8001319: Add SecurityPermission "insertProvider" target name
Reviewed-by: vinnie

! src/share/classes/java/security/Security.java
! src/share/classes/java/security/SecurityPermission.java
+ test/java/security/Security/AddProvider.java
+ test/java/security/Security/AddProvider.policy.1
+ test/java/security/Security/AddProvider.policy.2
+ test/java/security/Security/AddProvider.policy.3

Changeset: 7bbc6c2351d7
Author:mullan
Date:  2013-08-02 08:37 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/7bbc6c2351d7

Merge

- src/share/classes/java/net/package.html
- src/share/classes/java/util/stream/StreamBuilder.java
- src/share/classes/javax/security/auth/callback/package.html
- src/share/classes/javax/security/auth/kerberos/package.html
- src/share/classes/javax/security/auth/login/package.html
- src/share/classes/javax/security/auth/package.html
- src/share/classes/javax/security/auth/spi/package.html
- src/share/classes/javax/security/auth/x500/package.html
- src/share/classes/javax/security/cert/package.html
- src/share/classes/javax/security/sasl/package.html
- test/java/util/Collections/EmptySortedSet.java

Changeset: 0a778e487a73
Author:mullan
Date:  2013-08-02 09:38 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0a778e487a73

Merge

hg: jdk8/tl/jdk: 2 new changesets

2013-07-25 Thread sean . mullan

Changeset: 1744a32d3db3
Author:mullan
Date:  2013-07-25 20:12 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/1744a32d3db3

8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
Reviewed-by: xuelei

! src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyValue.java
! src/share/classes/org/jcp/xml/dsig/internal/dom/DOMManifest.java
! src/share/classes/org/jcp/xml/dsig/internal/dom/DOMReference.java
! src/share/classes/org/jcp/xml/dsig/internal/dom/DOMRetrievalMethod.java
! src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignatureProperties.java
! src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignedInfo.java
! src/share/classes/org/jcp/xml/dsig/internal/dom/DOMUtils.java
! src/share/classes/org/jcp/xml/dsig/internal/dom/DOMX509IssuerSerial.java
! src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignature.java

Changeset: 4100ab44ba4f
Author:mullan
Date:  2013-07-25 20:30 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/4100ab44ba4f

Merge

hg: jdk8/tl/jdk: 2 new changesets

2013-07-25 Thread sean . mullan

Changeset: a834ab2c1354
Author:mullan
Date:  2013-07-25 10:58 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/a834ab2c1354

8010748: Add PKIXRevocationChecker NO_FALLBACK option and improve SOFT_FAIL 
option
Reviewed-by: vinnie

! src/share/classes/java/security/cert/PKIXRevocationChecker.java
! src/share/classes/sun/security/provider/certpath/OCSP.java
! src/share/classes/sun/security/provider/certpath/OCSPResponse.java
! src/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java
! src/share/classes/sun/security/provider/certpath/ReverseState.java
! src/share/classes/sun/security/provider/certpath/RevocationChecker.java
! src/share/classes/sun/security/provider/certpath/SunCertPathBuilder.java
! test/java/security/cert/PKIXRevocationChecker/UnitTest.java

Changeset: 22a391706a0b
Author:mullan
Date:  2013-07-25 11:09 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/22a391706a0b

Merge

- make/sun/xawt/ToBin.java
- makefiles/sun/awt/X11/ToBin.java
- 
src/share/classes/com/sun/org/apache/xml/internal/security/resource/log4j.properties
- 
src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/FuncHereContext.java
- 
src/share/classes/com/sun/org/apache/xml/internal/security/utils/CachedXPathAPIHolder.java
- 
src/share/classes/com/sun/org/apache/xml/internal/security/utils/CachedXPathFuncHereAPI.java
- 
src/share/classes/com/sun/org/apache/xml/internal/security/utils/XPathFuncHereAPI.java
- src/share/classes/java/security/acl/package.html
- src/share/classes/java/security/cert/package.html
- src/share/classes/java/security/interfaces/package.html
- src/share/classes/java/security/package.html
- src/share/classes/java/security/spec/package.html
- src/share/classes/java/util/stream/StreamBuilder.java
- src/share/classes/javax/security/auth/callback/package.html
- src/share/classes/javax/security/auth/kerberos/package.html
- src/share/classes/javax/security/auth/login/package.html
- src/share/classes/javax/security/auth/package.html
- src/share/classes/javax/security/auth/spi/package.html
- src/share/classes/javax/security/auth/x500/package.html
- src/share/classes/javax/security/cert/package.html
- src/share/classes/javax/security/sasl/package.html
- src/share/classes/sun/misc/Hashing.java
- src/share/classes/sun/security/krb5/internal/rcache/CacheTable.java
- src/share/classes/sun/security/krb5/internal/rcache/ReplayCache.java
! src/share/classes/sun/security/provider/certpath/RevocationChecker.java
- src/solaris/classes/sun/awt/X11/XIconInfo.java
- src/solaris/classes/sun/awt/X11/security-icon-bw16.png
- src/solaris/classes/sun/awt/X11/security-icon-bw24.png
- src/solaris/classes/sun/awt/X11/security-icon-bw32.png
- src/solaris/classes/sun/awt/X11/security-icon-bw48.png
- src/solaris/classes/sun/awt/X11/security-icon-interim16.png
- src/solaris/classes/sun/awt/X11/security-icon-interim24.png
- src/solaris/classes/sun/awt/X11/security-icon-interim32.png
- src/solaris/classes/sun/awt/X11/security-icon-interim48.png
- src/solaris/classes/sun/awt/X11/security-icon-yellow16.png
- src/solaris/classes/sun/awt/X11/security-icon-yellow24.png
- src/solaris/classes/sun/awt/X11/security-icon-yellow32.png
- src/solaris/classes/sun/awt/X11/security-icon-yellow48.png
- src/solaris/classes/sun/awt/fontconfigs/linux.fontconfig.Fedora.properties
- src/solaris/classes/sun/awt/fontconfigs/linux.fontconfig.SuSE.properties
- src/solaris/classes/sun/awt/fontconfigs/linux.fontconfig.Ubuntu.properties
- src/solaris/classes/sun/awt/fontconfigs/linux.fontconfig.properties
- test/java/lang/invoke/7196190/MHProxyTest.java
- test/java/util/Collections/EmptySortedSet.java
- test/java/util/Comparators/BasicTest.java
- test/sun/misc/Hashing.java
- test/sun/security/krb5/auto/ReplayCache.java

hg: jdk8/tl/jdk: 2 new changesets

2013-07-05 Thread sean . mullan

Changeset: 028ef97797c1
Author:mullan
Date:  2013-07-05 15:54 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/028ef97797c1

8011547: Update XML Signature implementation to Apache Santuario 1.5.4
Reviewed-by: xuelei

! 
src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/Algorithm.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/JCEMapper.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/MessageDigestAlgorithm.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithm.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithmSpi.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/IntegrityHmac.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureBaseRSA.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureDSA.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureECDSA.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/c14n/CanonicalizationException.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/c14n/Canonicalizer.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/c14n/CanonicalizerSpi.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/c14n/InvalidCanonicalizerException.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/c14n/helper/AttrCompare.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/c14n/helper/C14nHelper.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11_OmitComments.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11_WithComments.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315Excl.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315ExclOmitComments.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315ExclWithComments.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315OmitComments.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315WithComments.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/CanonicalizerBase.java
+ 
src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/CanonicalizerPhysical.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/NameSpaceSymbTable.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/UtfHelpper.java
+ 
src/share/classes/com/sun/org/apache/xml/internal/security/encryption/AbstractSerializer.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/encryption/AgreementMethod.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/encryption/CipherData.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/encryption/CipherReference.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/encryption/CipherValue.java
+ 
src/share/classes/com/sun/org/apache/xml/internal/security/encryption/DocumentSerializer.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptedData.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptedKey.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptedType.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptionMethod.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptionProperties.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptionProperty.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/encryption/Reference.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/encryption/ReferenceList.java
+ 
src/share/classes/com/sun/org/apache/xml/internal/security/encryption/Serializer.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/encryption/Transforms.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipher.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipherInput.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipherParameters.java
! 
src/share/classes/com/sun/org/apache/xml/internal/s

hg: jdk8/tl/jdk: 8014307: Memory leak ... security/jgss/wrapper/GSSLibStub.c

2013-06-14 Thread sean . mullan

Changeset: f695f447f6b7
Author:jzavgren
Date:  2013-06-14 09:13 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f695f447f6b7

8014307: Memory leak ... security/jgss/wrapper/GSSLibStub.c
Summary: I modified the native procedure: 
Java_sun_security_jgss_wrapper_GSSLibStub_initContext() so that allocated 
memory is freed when errors occur.
Reviewed-by: chegar, valeriep

! src/share/native/sun/security/jgss/wrapper/GSSLibStub.c

hg: jdk8/tl/jdk: 2 new changesets

2013-03-01 Thread sean . mullan

Changeset: 1652ac7b4bfd
Author:mullan
Date:  2013-03-01 16:12 -0500
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/1652ac7b4bfd

8008908: Access denied when invoking Subject.doAsPrivileged()
Summary: wildcard principal names are not processed correctly
Reviewed-by: xuelei

! src/share/classes/sun/security/provider/PolicyFile.java
+ test/sun/security/provider/PolicyFile/WildcardPrincipalName.java
+ test/sun/security/provider/PolicyFile/wildcard.policy

Changeset: 1ca712765acb
Author:mullan
Date:  2013-03-01 16:15 -0500
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/1ca712765acb

Merge

Re: 8008662: Add @jdk.Supported to JDK-specific/supported API

2013-02-22 Thread Sean Mullan


The security related ones look ok to me.

--Sean

On 02/21/2013 01:46 PM, Alan Bateman wrote:


Joe Darcy recently added @jdk.Supported [1] to make it possible to
identify JDK-specific APIs.

I'd like to add this to a number of APIs in the com.sun namespace to
make it obvious these are "supported".  Specifically I'm proposing to
add it to:

- Java Debug Interface (com.sun.jdi)
- Attach API (com.sun.tools.attach)
- SCTP API (com.sun.nio.sctp)
- HTTP server API (com.sun.net.httpserver)
- Management extensions (com.sun.management)
- JDK-specific API to JAAS (com.sun.security.auth)
- JDK-specific JGSS API (com.sun.security.jgss)

The javadoc for all of these is generated as part of the regular JDK
"docs" build and so shouldn't be controversial. There are a number of
other candidates in com.sun with murkier status that I've stayed clear
of for now.

The webrev with the changes is here:

http://cr.openjdk.java.net/~alanb/8008662/webrev/

In a couple of cases the package description is legacy package.html so
I've had to move/convert them to package-info.java.

In all but one case I've added the annotation to the package-info, the
one exception is com.sun.management where there is at least one type
that is documented as "not supported". Joe Darcy might have suggestions
on that.

Otherwise this is mostly mechanical and the patch file is easier to
review that the webrev.

-Alan

[1] http://hg.openjdk.java.net/jdk8/tl/langtools/rev/55cca2f38ee6

hg: jdk8/tl/jdk: 8008107: [parfait] Use after free of pointer in jdk/src/share/native/sun/security/pkcs11/wrapper/p11_convert.c

2013-02-19 Thread sean . mullan

Changeset: 267bca6af07e
Author:jzavgren
Date:  2013-02-19 15:31 -0500
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/267bca6af07e

8008107: [parfait] Use after free of pointer in 
jdk/src/share/native/sun/security/pkcs11/wrapper/p11_convert.c
Reviewed-by: mullan, chegar

! src/share/native/sun/security/pkcs11/wrapper/p11_convert.c

hg: jdk8/tl/jdk: 8006813: Compilation error in PKCS12KeyStore.java

2013-01-23 Thread sean . mullan

Changeset: 89f37f7188df
Author:mullan
Date:  2013-01-23 20:46 -0500
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/89f37f7188df

8006813: Compilation error in PKCS12KeyStore.java
Reviewed-by: valeriep

! src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java

hg: jdk8/tl/jdk: 8005939: sun/security/x509/{X509CRLImplX509CertImpl}/Verify.java fail in confusing way when some providers not present

2013-01-16 Thread sean . mullan

Changeset: f7f77bdf248b
Author:juh
Date:  2013-01-16 13:35 -0500
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f7f77bdf248b

8005939: sun/security/x509/{X509CRLImplX509CertImpl}/Verify.java fail in 
confusing way when some providers not present
Reviewed-by: mullan, weijun

! test/sun/security/x509/X509CRLImpl/Verify.java
! test/sun/security/x509/X509CertImpl/Verify.java

hg: jdk8/tl/jdk: 8005389: Backout fix for JDK-6500133

2013-01-16 Thread sean . mullan

Changeset: c7d54f93d3e5
Author:juh
Date:  2013-01-16 09:51 -0500
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/c7d54f93d3e5

8005389: Backout fix for JDK-6500133
Reviewed-by: mullan

! src/share/classes/sun/security/x509/URIName.java
! test/sun/security/x509/URIName/Parse.java

hg: jdk8/tl/jdk: 3 new changesets

2013-01-09 Thread sean . mullan

Changeset: 86828e84654f
Author:mullan
Date:  2013-01-08 19:00 -0500
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/86828e84654f

7019834: Eliminate dependency from PolicyFile to 
com.sun.security.auth.PrincipalComparator
Summary: Add new java.security.Principal.implies method
Reviewed-by: alanb

! src/share/classes/java/security/Principal.java
! src/share/classes/sun/security/provider/PolicyFile.java
! src/share/classes/sun/security/provider/PolicyParser.java
! src/share/classes/sun/security/tools/policytool/PolicyTool.java
+ test/java/security/Principal/Implies.java
! test/sun/security/provider/PolicyFile/Comparator.java

Changeset: bf6d0bca5ea7
Author:mullan
Date:  2013-01-08 19:02 -0500
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/bf6d0bca5ea7

Merge

- make/jdk/asm/Makefile
- src/share/classes/sun/awt/TextureSizeConstraining.java
- src/share/lib/security/java.security
- test/java/rmi/server/Unmarshal/checkUnmarshalOnStopThread/CheckUnmarshall.java

Changeset: f0ed9ef84637
Author:mullan
Date:  2013-01-09 08:59 -0500
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f0ed9ef84637

Merge

hg: jdk8/tl/jdk: 2 new changesets

2012-12-26 Thread sean . mullan

Changeset: 4d28776d7007
Author:mullan
Date:  2012-12-26 10:07 -0500
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/4d28776d7007

8005117: Eliminate dependency from ConfigSpiFile to 
com.sun.security.auth.login.ConfigFile
Reviewed-by: alanb, mchung, weijun

! src/share/classes/com/sun/security/auth/login/ConfigFile.java
! src/share/classes/sun/security/provider/ConfigSpiFile.java

Changeset: d9cab18f326a
Author:mullan
Date:  2012-12-26 10:08 -0500
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/d9cab18f326a

Merge

- make/jdk/asm/Makefile

hg: jdk8/tl/jdk: 2 new changesets

2012-12-13 Thread sean . mullan

Changeset: c97618a3c8c2
Author:juh
Date:  2012-12-13 09:35 -0500
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/c97618a3c8c2

7193792: sun/security/pkcs11/ec/TestECDSA.java failing intermittently
Reviewed-by: vinnie, wetmore

! test/ProblemList.txt
! test/sun/security/pkcs11/ec/TestECDSA.java

Changeset: 7b697da6626a
Author:mullan
Date:  2012-12-13 09:37 -0500
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/7b697da6626a

Merge

hg: jdk8/tl/jdk: 8004188: Rename src/share/lib/security/java.security to java.security-linux

2012-12-04 Thread sean . mullan

Changeset: 44ae777564eb
Author:mullan
Date:  2012-12-04 17:40 -0500
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/44ae777564eb

8004188: Rename src/share/lib/security/java.security to java.security-linux
Reviewed-by: mullan, mchung
Contributed-by: jason...@oracle.com

! make/java/security/Makefile
- src/share/lib/security/java.security
+ src/share/lib/security/java.security-linux

hg: jdk8/tl/jdk: 7199143: RFE: OCSP revocation checker should provide possibility to specify connection timeout

2012-12-03 Thread sean . mullan

Changeset: ee9846f351d7
Author:mullan
Date:  2012-12-03 11:07 -0500
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/ee9846f351d7

7199143: RFE: OCSP revocation checker should provide possibility to specify 
connection timeout
Summary: Added com.sun.security.ocsp.timeout system property to control timeout
Reviewed-by: mullan, vinnie
Contributed-by: jason...@oracle.com

! src/share/classes/sun/security/provider/certpath/OCSP.java

hg: jdk8/tl/jdk: 7198416: CertificateIssuerName and CertificateSubjectName are redundant

2012-11-08 Thread sean . mullan

Changeset: 1e7dd9e05ce2
Author:mullan
Date:  2012-11-08 12:51 -0500
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/1e7dd9e05ce2

7198416: CertificateIssuerName and CertificateSubjectName are redundant
Reviewed-by: mullan
Contributed-by: jason...@oracle.com

! src/share/classes/sun/security/pkcs/PKCS7.java
! src/share/classes/sun/security/tools/jarsigner/Main.java
! src/share/classes/sun/security/tools/keytool/CertAndKeyGen.java
! src/share/classes/sun/security/tools/keytool/Main.java
! src/share/classes/sun/security/x509/X509CertImpl.java
! src/share/classes/sun/security/x509/X509CertInfo.java
! src/share/classes/sun/security/x509/certAttributes.html
! test/sun/security/pkcs11/rsa/GenKeyStore.java
! test/sun/security/provider/X509Factory/BigCRL.java
! test/sun/security/rsa/GenKeyStore.java

hg: jdk8/tl/jdk: 7195409: CertPath/CertPathValidatorTest/KeyParamsInheritanceTest fails with NullPointerException

2012-09-16 Thread sean . mullan

Changeset: 17881ebf811c
Author:mullan
Date:  2012-09-16 13:29 -0700
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/17881ebf811c

7195409: CertPath/CertPathValidatorTest/KeyParamsInheritanceTest fails with 
NullPointerException
Reviewed-by: xuelei

! src/share/classes/sun/security/provider/certpath/AlgorithmChecker.java
! src/share/classes/sun/security/provider/certpath/BasicChecker.java
! src/share/classes/sun/security/provider/certpath/ForwardBuilder.java
! src/share/classes/sun/security/provider/certpath/ForwardState.java
! src/share/classes/sun/security/provider/certpath/PKIX.java
! src/share/classes/sun/security/provider/certpath/ReverseState.java
! src/share/classes/sun/security/provider/certpath/RevocationChecker.java
! src/share/classes/sun/security/provider/certpath/SunCertPathBuilder.java

hg: jdk8/tl/jdk: 3 new changesets

2012-09-14 Thread sean . mullan

Changeset: eae1384cff39
Author:mullan
Date:  2012-09-14 10:13 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/eae1384cff39

7176627: CertPath/jep124/PreferCRL_SoftFail test fails (Could not determine 
revocation status)
Reviewed-by: xuelei

! src/share/classes/sun/security/provider/certpath/CertStoreHelper.java
! src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java
! src/share/classes/sun/security/provider/certpath/ForwardBuilder.java
! src/share/classes/sun/security/provider/certpath/OCSP.java
! src/share/classes/sun/security/provider/certpath/PKIX.java
! src/share/classes/sun/security/provider/certpath/RevocationChecker.java
! src/share/classes/sun/security/provider/certpath/URICertStore.java
! src/share/classes/sun/security/provider/certpath/ldap/LDAPCertStoreHelper.java
! 
src/share/classes/sun/security/provider/certpath/ssl/SSLServerCertStoreHelper.java

Changeset: 34bcbb110bb0
Author:mullan
Date:  2012-09-14 10:14 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/34bcbb110bb0

Merge

- make/sun/beans/Makefile
- src/share/classes/sun/beans/editors/BooleanEditor.java
- src/share/classes/sun/beans/editors/ByteEditor.java
- src/share/classes/sun/beans/editors/ColorEditor.java
- src/share/classes/sun/beans/editors/DoubleEditor.java
- src/share/classes/sun/beans/editors/EnumEditor.java
- src/share/classes/sun/beans/editors/FloatEditor.java
- src/share/classes/sun/beans/editors/FontEditor.java
- src/share/classes/sun/beans/editors/IntegerEditor.java
- src/share/classes/sun/beans/editors/LongEditor.java
- src/share/classes/sun/beans/editors/NumberEditor.java
- src/share/classes/sun/beans/editors/ShortEditor.java
- src/share/classes/sun/beans/editors/StringEditor.java
- src/share/classes/sun/beans/infos/ComponentBeanInfo.java
- src/share/classes/sun/security/x509/CertificateIssuerUniqueIdentity.java
- src/share/classes/sun/security/x509/CertificateSubjectUniqueIdentity.java
- src/solaris/classes/sun/awt/X11/XTextTransferHelper.java
- test/javax/swing/JColorChooser/Test4380468.html
- test/javax/swing/JColorChooser/Test4380468.java
- test/sun/net/www/httptest/HttpServer.java
- test/sun/security/ssl/sun/net/www/httpstest/HttpServer.java

Changeset: c11cec5a9306
Author:mullan
Date:  2012-09-14 10:30 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/c11cec5a9306

Merge

- test/sun/misc/URLClassPath/ClassnameCharTest.sh

hg: jdk8/tl/jdk: 2 new changesets

2012-09-12 Thread sean . mullan

Changeset: 7a16cd3bd2d9
Author:mullan
Date:  2012-09-12 15:20 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/7a16cd3bd2d9

7196593: java.security.debug=help doesn't list certpath option
Reviewed-by: mullan, wetmore, valeriep
Contributed-by: jason...@oracle.com

! src/share/classes/sun/security/util/Debug.java

Changeset: f8c1cf072ba6
Author:mullan
Date:  2012-09-12 15:21 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f8c1cf072ba6

Merge

hg: jdk8/tl/jdk: 3 new changesets

2012-09-10 Thread sean . mullan

Changeset: a51f86e2dce9
Author:mullan
Date:  2012-09-10 08:57 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/a51f86e2dce9

7195301: XML Signature DOM implementation should not use instanceof to 
determine type of Node
Reviewed-by: xuelei

! src/share/classes/com/sun/org/apache/xml/internal/security/Init.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/CanonicalizerBase.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipher.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/RetrievalMethodResolver.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/utils/IdResolver.java

Changeset: a14d41fd6f51
Author:mullan
Date:  2012-09-10 09:00 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/a14d41fd6f51

Merge

- make/sun/beans/Makefile
- src/share/classes/sun/beans/editors/BooleanEditor.java
- src/share/classes/sun/beans/editors/ByteEditor.java
- src/share/classes/sun/beans/editors/ColorEditor.java
- src/share/classes/sun/beans/editors/DoubleEditor.java
- src/share/classes/sun/beans/editors/EnumEditor.java
- src/share/classes/sun/beans/editors/FloatEditor.java
- src/share/classes/sun/beans/editors/FontEditor.java
- src/share/classes/sun/beans/editors/IntegerEditor.java
- src/share/classes/sun/beans/editors/LongEditor.java
- src/share/classes/sun/beans/editors/NumberEditor.java
- src/share/classes/sun/beans/editors/ShortEditor.java
- src/share/classes/sun/beans/editors/StringEditor.java
- src/share/classes/sun/beans/infos/ComponentBeanInfo.java
- src/share/classes/sun/security/x509/CertificateIssuerUniqueIdentity.java
- src/share/classes/sun/security/x509/CertificateSubjectUniqueIdentity.java
- src/solaris/classes/sun/awt/X11/XTextTransferHelper.java
- test/javax/swing/JColorChooser/Test4380468.html
- test/javax/swing/JColorChooser/Test4380468.java
- test/sun/net/www/httptest/HttpServer.java
- test/sun/security/ssl/sun/net/www/httpstest/HttpServer.java

Changeset: 657f7cb0da7e
Author:mullan
Date:  2012-09-10 09:18 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/657f7cb0da7e

Merge

hg: jdk8/tl/jdk: 4647343: IDENT variable in sun.security.x509 classes not used

2012-09-07 Thread sean . mullan

Changeset: 7f081e14364e
Author:mullan
Date:  2012-09-07 12:49 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/7f081e14364e

4647343: IDENT variable in sun.security.x509 classes not used
Reviewed-by: mullan
Contributed-by: jason...@oracle.com

- src/share/classes/sun/security/x509/CertificateIssuerUniqueIdentity.java
- src/share/classes/sun/security/x509/CertificateSubjectUniqueIdentity.java
! src/share/classes/sun/security/x509/X509CertImpl.java
! src/share/classes/sun/security/x509/X509CertInfo.java

hg: jdk8/tl/jdk: 2 new changesets

2012-08-30 Thread sean . mullan

Changeset: 0a2565113920
Author:mullan
Date:  2012-08-30 14:40 -0700
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0a2565113920

6995421: Eliminate the static dependency to sun.security.ec.ECKeyFactory
Reviewed-by: mullan, vinnie
Contributed-by: stephen.flo...@oracle.com

! make/sun/security/ec/Makefile
! make/sun/security/other/Makefile
! src/share/classes/sun/security/ec/ECKeyFactory.java
! src/share/classes/sun/security/ec/ECParameters.java
! src/share/classes/sun/security/ec/ECPublicKeyImpl.java
! src/share/classes/sun/security/ec/SunECEntries.java
! src/share/classes/sun/security/pkcs11/P11ECKeyFactory.java
! src/share/classes/sun/security/x509/AlgorithmId.java
! test/sun/security/ec/TestEC.java
! test/sun/security/pkcs11/ec/ReadCertificates.java
! test/sun/security/pkcs11/ec/ReadPKCS12.java
! test/sun/security/pkcs11/ec/TestECDH.java
! test/sun/security/pkcs11/ec/TestECDSA.java

Changeset: 47f8ba39265c
Author:mullan
Date:  2012-08-30 14:42 -0700
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/47f8ba39265c

Merge

hg: jdk8/tl/jdk: 2 new changesets

2012-08-28 Thread sean . mullan

Changeset: 8b90182f2b33
Author:mullan
Date:  2012-08-28 08:43 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/8b90182f2b33

7192896: Reason of CertPathValidatorException should be 
UNDETERMINED_REVOCATION_STATUS if OCSP request failed
Reviewed-by: xuelei

! src/share/classes/sun/security/provider/certpath/OCSP.java

Changeset: ca7f914b5fea
Author:mullan
Date:  2012-08-28 08:46 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/ca7f914b5fea

Merge

hg: jdk8/tl/jdk: 6500133: REGRESSION: CertificateParsingException for CRL Distribution Point with blank

2012-08-17 Thread sean . mullan

Changeset: 6b2ebf3c4964
Author:mullan
Date:  2012-08-17 14:32 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/6b2ebf3c4964

6500133: REGRESSION: CertificateParsingException for CRL Distribution Point 
with blank
Reviewed-by: mullan
Contributed-by: jason...@oracle.com

! src/share/classes/sun/security/x509/URIName.java
+ test/sun/security/x509/URIName/Parse.java

hg: jdk8/tl/jdk: 2 new changesets

2012-08-10 Thread sean . mullan

Changeset: 57b5025548d6
Author:mullan
Date:  2012-08-10 09:12 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/57b5025548d6

7187962: sun.security.pkcs11.P11DSAKeyFactory.implTranslatePublicKey doesn't 
check if params is null
Reviewed-by: valeriep

! src/share/classes/sun/security/provider/certpath/BasicChecker.java

Changeset: 629f357fc17b
Author:mullan
Date:  2012-08-10 09:17 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/629f357fc17b

Merge

hg: jdk8/tl/jdk: 2 new changesets

2012-08-02 Thread sean . mullan

Changeset: b0bfa441d70f
Author:mullan
Date:  2012-08-02 10:40 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/b0bfa441d70f

7026347: Certificate and X509CRL should have verify(PublicKey key, Provider 
sigProvider)
Reviewed-by: mullan, xuelei, weijun
Contributed-by: jason...@oracle.com

! src/share/classes/java/security/cert/Certificate.java
! src/share/classes/java/security/cert/X509CRL.java
! src/share/classes/java/security/cert/X509Certificate.java
! src/share/classes/sun/security/x509/X509CRLImpl.java
! src/share/classes/sun/security/x509/X509CertImpl.java
+ test/sun/security/x509/X509CRLImpl/Verify.java
+ test/sun/security/x509/X509CertImpl/Verify.java

Changeset: 4e8bafdcefda
Author:mullan
Date:  2012-08-02 10:42 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/4e8bafdcefda

Merge

hg: jdk8/tl/jdk: 2 new changesets

2012-08-01 Thread sean . mullan

Changeset: 21c590fdc8cb
Author:mullan
Date:  2012-08-01 11:06 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/21c590fdc8cb

7179715: OCSP revocation checking fails if the signer certificate is identified 
using the key ID
Reviewed-by: vinnie

! src/share/classes/sun/security/provider/certpath/OCSPResponse.java

Changeset: 9a5a3741bac9
Author:mullan
Date:  2012-08-01 11:08 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/9a5a3741bac9

Merge

- makefiles/LegacyMakefiles.gmk
- makefiles/OldImages.gmk
- makefiles/com/sun/crypto/provider/Makefile
- makefiles/common/Classes.gmk
- makefiles/common/Cscope.gmk
- makefiles/common/Defs-embedded.gmk
- makefiles/common/Defs-linux.gmk
- makefiles/common/Defs-macosx.gmk
- makefiles/common/Defs-solaris.gmk
- makefiles/common/Defs-windows.gmk
- makefiles/common/Defs.gmk
- makefiles/common/Demo.gmk
- makefiles/common/Library.gmk
- makefiles/common/Mapfile-vers.gmk
- makefiles/common/Modules.gmk
- makefiles/common/Program.gmk
- makefiles/common/Release-embedded.gmk
- makefiles/common/Release-macosx.gmk
- makefiles/common/Release.gmk
- makefiles/common/Rules.gmk
- makefiles/common/Subdirs.gmk
- makefiles/common/internal/Defs-corba.gmk
- makefiles/common/internal/Defs-jaxp.gmk
- makefiles/common/internal/Defs-jaxws.gmk
- makefiles/common/internal/Defs-langtools.gmk
- makefiles/common/internal/ImportComponents.gmk
- makefiles/common/internal/NativeCompileRules.gmk
- makefiles/common/internal/Resources.gmk
- makefiles/common/shared/Compiler-gcc.gmk
- makefiles/common/shared/Compiler-llvm.gmk
- makefiles/common/shared/Compiler-msvc.gmk
- makefiles/common/shared/Compiler-sun.gmk
- makefiles/common/shared/Defs-control.gmk
- makefiles/common/shared/Defs-java.gmk
- makefiles/common/shared/Defs-javadoc.gmk
- makefiles/common/shared/Defs-linux.gmk
- makefiles/common/shared/Defs-macosx.gmk
- makefiles/common/shared/Defs-solaris.gmk
- makefiles/common/shared/Defs-versions.gmk
- makefiles/common/shared/Defs-windows.gmk
- makefiles/common/shared/Defs.gmk
- makefiles/common/shared/Platform.gmk
- makefiles/common/shared/PrivateDefs.gmk-example
- makefiles/common/shared/Sanity-Settings.gmk
- makefiles/java/Makefile
- makefiles/java/invoke/Makefile
- makefiles/java/redist/Makefile
- makefiles/java/redist/sajdi/Makefile
- makefiles/javax/crypto/Defs-jce.gmk
- makefiles/javax/crypto/Makefile
- makefiles/javax/crypto/policy/limited/LIMITED
- makefiles/javax/crypto/policy/limited/default_local.policy
- makefiles/javax/crypto/policy/limited/exempt_local.policy
- makefiles/javax/crypto/policy/unlimited/UNLIMITED
- makefiles/javax/crypto/policy/unlimited/default_US_export.policy
- makefiles/javax/crypto/policy/unlimited/default_local.policy
- makefiles/mkdemo/Makefile
- makefiles/mkdemo/jni/Makefile
- makefiles/mkdemo/jni/Poller/Makefile
- makefiles/mkdemo/jvmti/Makefile
- makefiles/mkdemo/jvmti/README.txt
- makefiles/mkdemo/jvmti/hprof/Makefile
- makefiles/mkdemo/jvmti/mapfile-vers
- makefiles/mkdemo/management/README.txt
- makefiles/sun/jkernel/Makefile
- makefiles/sun/security/ec/Makefile
- makefiles/sun/security/pkcs11/FILES_c.gmk
- makefiles/sun/security/pkcs11/Makefile
- makefiles/sun/security/pkcs11/mapfile-vers
- src/share/classes/sun/nio/cs/SingleByteDecoder.java
- src/share/classes/sun/nio/cs/SingleByteEncoder.java
- src/share/classes/sun/nio/cs/ext/DoubleByteDecoder.java
- src/share/classes/sun/nio/cs/ext/JIS_X_0201.java
- src/share/classes/sun/nio/cs/ext/JIS_X_0208.java
- src/share/classes/sun/nio/cs/ext/JIS_X_0208_Decoder.java
- src/share/classes/sun/nio/cs/ext/JIS_X_0208_Encoder.java
- src/share/classes/sun/nio/cs/ext/JIS_X_0208_MS5022X_Decoder.java
- src/share/classes/sun/nio/cs/ext/JIS_X_0208_MS5022X_Encoder.java
- src/share/classes/sun/nio/cs/ext/JIS_X_0208_MS932_Decoder.java
- src/share/classes/sun/nio/cs/ext/JIS_X_0208_MS932_Encoder.java
- src/share/classes/sun/nio/cs/ext/JIS_X_0208_Solaris_Decoder.java
- src/share/classes/sun/nio/cs/ext/JIS_X_0208_Solaris_Encoder.java
- src/share/classes/sun/nio/cs/ext/JIS_X_0212.java
- src/share/classes/sun/nio/cs/ext/JIS_X_0212_Decoder.java
- src/share/classes/sun/nio/cs/ext/JIS_X_0212_Encoder.java
- src/share/classes/sun/nio/cs/ext/JIS_X_0212_MS5022X_Decoder.java
- src/share/classes/sun/nio/cs/ext/JIS_X_0212_MS5022X_Encoder.java
- src/share/classes/sun/nio/cs/ext/JIS_X_0212_Solaris_Decoder.java
- src/share/classes/sun/nio/cs/ext/JIS_X_0212_Solaris_Encoder.java
- src/share/classes/sun/nio/cs/ext/PCK.java
- src/share/classes/sun/nio/cs/ext/SJIS.java
- src/share/classes/sun/security/krb5/ServiceName.java
- test/sun/security/krb5/ServiceNameClone.java
- test/sun/security/mscapi/ShortRSAKey512.sh
- test/sun/security/mscapi/ShortRSAKey768.sh

hg: jdk8/tl/jdk: 7133344: Document the java.security.properties system property feature in the java.security file

2012-07-03 Thread sean . mullan

Changeset: d375ea39ce9c
Author:mullan
Date:  2012-07-03 14:56 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/d375ea39ce9c

7133344: Document the java.security.properties system property feature in the 
java.security file
Reviewed-by: hawtin, mullan, weijun
Contributed-by: jason...@oracle.com

! src/share/lib/security/java.security
! src/share/lib/security/java.security-macosx
! src/share/lib/security/java.security-solaris
! src/share/lib/security/java.security-windows

hg: jdk8/tl/jdk: 3 new changesets

2012-06-15 Thread sean . mullan

Changeset: 8deec0d1fc6f
Author:mullan
Date:  2012-06-15 08:43 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/8deec0d1fc6f

7176326: CertPath/CertPathBuilderTest failures after webrev 
6854712_6637288_7126011
Reviewed-by: xuelei

! src/share/classes/sun/security/provider/certpath/BasicChecker.java
+ test/java/security/cert/CertPathBuilder/zeroLengthPath/ZeroLengthPath.java

Changeset: 0e382512610f
Author:mullan
Date:  2012-06-15 08:47 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0e382512610f

Merge


Changeset: e01b47409e37
Author:mullan
Date:  2012-06-15 09:16 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/e01b47409e37

Merge

hg: jdk8/tl/jdk: 3 new changesets

2012-05-31 Thread sean . mullan

Changeset: 0c6830e7241f
Author:mullan
Date:  2012-05-30 17:19 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0c6830e7241f

6854712: Revocation checking enhancements (JEP-124)
6637288: Add OCSP support to PKIX CertPathBuilder implementation
7126011: ReverseBuilder.getMatchingCACerts may throws NPE
Reviewed-by: xuelei

! src/share/classes/java/security/cert/CertPathBuilder.java
! src/share/classes/java/security/cert/CertPathBuilderSpi.java
+ src/share/classes/java/security/cert/CertPathChecker.java
! src/share/classes/java/security/cert/CertPathValidator.java
! src/share/classes/java/security/cert/CertPathValidatorSpi.java
! src/share/classes/java/security/cert/PKIXCertPathChecker.java
+ src/share/classes/java/security/cert/PKIXRevocationChecker.java
! src/share/classes/java/security/cert/package.html
! src/share/classes/sun/security/provider/certpath/AdjacencyList.java
! src/share/classes/sun/security/provider/certpath/BasicChecker.java
! src/share/classes/sun/security/provider/certpath/BuildStep.java
! src/share/classes/sun/security/provider/certpath/Builder.java
! src/share/classes/sun/security/provider/certpath/CertStoreHelper.java
! src/share/classes/sun/security/provider/certpath/CollectionCertStore.java
! src/share/classes/sun/security/provider/certpath/ConstraintsChecker.java
- src/share/classes/sun/security/provider/certpath/CrlRevocationChecker.java
! src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java
! src/share/classes/sun/security/provider/certpath/ForwardBuilder.java
! src/share/classes/sun/security/provider/certpath/ForwardState.java
! 
src/share/classes/sun/security/provider/certpath/IndexedCollectionCertStore.java
! src/share/classes/sun/security/provider/certpath/KeyChecker.java
! src/share/classes/sun/security/provider/certpath/OCSP.java
- src/share/classes/sun/security/provider/certpath/OCSPChecker.java
! src/share/classes/sun/security/provider/certpath/OCSPRequest.java
! src/share/classes/sun/security/provider/certpath/OCSPResponse.java
+ src/share/classes/sun/security/provider/certpath/PKIX.java
! src/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java
! 
src/share/classes/sun/security/provider/certpath/PKIXMasterCertPathValidator.java
! src/share/classes/sun/security/provider/certpath/PolicyChecker.java
! src/share/classes/sun/security/provider/certpath/PolicyNodeImpl.java
! src/share/classes/sun/security/provider/certpath/ReverseBuilder.java
! src/share/classes/sun/security/provider/certpath/ReverseState.java
+ src/share/classes/sun/security/provider/certpath/RevocationChecker.java
! src/share/classes/sun/security/provider/certpath/SunCertPathBuilder.java
! 
src/share/classes/sun/security/provider/certpath/SunCertPathBuilderParameters.java
! src/share/classes/sun/security/provider/certpath/URICertStore.java
! src/share/classes/sun/security/provider/certpath/Vertex.java
! src/share/classes/sun/security/provider/certpath/X509CertPath.java
! src/share/classes/sun/security/provider/certpath/X509CertificatePair.java
! src/share/classes/sun/security/x509/X509CRLEntryImpl.java
+ test/java/security/cert/PKIXRevocationChecker/UnitTest.java

Changeset: 3192e73394fe
Author:mullan
Date:  2012-05-31 17:07 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/3192e73394fe

Merge

- src/share/classes/sun/security/provider/certpath/CrlRevocationChecker.java
! src/share/classes/sun/security/provider/certpath/ForwardBuilder.java
! src/share/classes/sun/security/provider/certpath/ForwardState.java
- src/share/classes/sun/security/provider/certpath/OCSPChecker.java
! src/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java
! src/share/classes/sun/security/provider/certpath/ReverseBuilder.java
! src/share/classes/sun/security/provider/certpath/ReverseState.java
! src/share/classes/sun/security/provider/certpath/SunCertPathBuilder.java

Changeset: 48dfc0df61d0
Author:mullan
Date:  2012-05-31 17:10 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/48dfc0df61d0

Merge

Re: Review Request: 7164376 Replace use of sun.security.action.LoadLibraryAction

2012-04-26 Thread Sean Mullan


Looks fine, just a couple of nits.

src/macosx/classes/com/apple/concurrent/LibDispatchNative.java,

  - the closing static brace is not indented the same as the open brace.

src/solaris/classes/sun/management/FileSystemImpl.java
src/windows/classes/sun/management/FileSystemImpl.java

  - line-break coding style is different from all others; probably 
better to be consistent


--Sean

On 04/26/2012 02:49 PM, Mandy Chung wrote:

7164376 Replace use of sun.security.action.LoadLibraryAction with
direct call of System.loadLibrary

Webrev:
http://cr.openjdk.java.net/~mchung/jdk8/webrevs/7164376/webrev.00/

This change is required for jdk modularization. High level summary:
it replaces the use of LoadLibraryAction:

FROM: java.security.AccessController.doPrivileged(new
LoadLibraryAction("net"));

TO: AccessController.doPrivileged( new
java.security.PrivilegedAction() { public Void run() {
System.loadLibrary("net"); return null; } });

It touches files in awt, security and serviceability area (cc'ed).
For this type of simple change, I think 1-2 reviewers can review all
files (simpler to review jdk.patch) and no need for all teams to do
the reviews.

System.loadLibrary and Runtime.loadLibrary loads a system library of
the given library name that requires
RuntimePermission("loadLibrary."+lib) permission. Many places in the
JDK code loading a system native library is using the
sun.security.action.LoadLibraryAction convenient class that will load
the system library as a privileged action:
java.security.AccessController.doPrivileged(new
LoadLibraryAction("net"));

The search path of native libraries are coupled with an associated
class loader. For example, the application class loader uses the path
specified in the "java.library.path" system property for native
library lookup. The loadLibrary implementation uses the caller's
class loader for finding the native library being requested. For
system libraries, the class loader is null and the system library
lookup is handled as a special case. When the
sun.security.action.LoadLibraryAction class is used that is the
caller of System.loadLibrary, the caller's class loader in this case
is "null" loader and thus it always finds the native library from the
system library path.

In a modular world, JDK modules may be loaded by multiple different
module class loader. The following code would not work if it is
expected to load a native library from a module which is not the
module where the sun.security.action.LoadLibraryAction lives.

For example, the management module is trying to load
libmanagement.so. Calling the following will fail to find
libmanagement.so because the caller of System.loadLibrary is the
LoadLibraryAction which is in the base module and search the library
from the base module only. To prepare for jdk modularization, the use
of LoadLibraryAction should be replaced with a direct call of
System.loadLibrary.

This patch also removes sun.security.action.LoadLibraryAction class
to avoid regression.

Thanks Mandy

hg: jdk8/tl/jdk: 2 new changesets

2012-04-13 Thread sean . mullan

Changeset: fa26ac92b29e
Author:mullan
Date:  2012-04-13 09:46 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/fa26ac92b29e

7152564: Improve CodeSource.matchLocation(CodeSource) performance
7155693: CodeSource.matchLocation getPort test can be improved
Reviewed-by: chegar

! src/share/classes/java/security/CodeSource.java
! test/java/security/CodeSource/Implies.java

Changeset: edf10d16af25
Author:mullan
Date:  2012-04-13 09:49 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/edf10d16af25

Merge

hg: jdk8/tl/jdk: 2 new changesets

2012-02-27 Thread sean . mullan

Changeset: 805fc337bbe8
Author:mullan
Date:  2012-02-27 11:44 -0500
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/805fc337bbe8

7147830: NullPointerException in java.security.Policy.implies() when the 
ProtectionDomain has a null code sou
Reviewed-by: vinnie

! src/share/classes/sun/security/provider/PolicyFile.java
+ test/sun/security/provider/PolicyFile/NullCodeSource.java

Changeset: cdf6184a7d5c
Author:mullan
Date:  2012-02-27 13:53 -0500
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/cdf6184a7d5c

Merge

hg: jdk8/tl/jdk: 2 new changesets

2012-02-15 Thread sean . mullan

Changeset: 0720542d6c1e
Author:mullan
Date:  2012-02-15 07:45 -0500
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0720542d6c1e

7024604: OID.1 causes IAE in X500Principal constructor
Reviewed-by: vinnie

! src/share/classes/javax/security/auth/x500/X500Principal.java
! src/share/classes/javax/security/auth/x500/package.html
! test/javax/security/auth/x500/X500Principal/Parse.java

Changeset: 3207b3e271f2
Author:mullan
Date:  2012-02-15 07:52 -0500
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/3207b3e271f2

Merge

hg: jdk8/tl/jdk: 2 new changesets

2012-01-23 Thread sean . mullan

Changeset: 3df0bd3ed880
Author:mullan
Date:  2012-01-23 12:17 -0500
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/3df0bd3ed880

7131084: XMLDSig XPathFilter2Transform regression involving intersect filter
Reviewed-by: xuelei

! 
src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformXPath2Filter.java
! test/javax/xml/crypto/dsig/KeySelectors.java
! test/javax/xml/crypto/dsig/ValidationTests.java
! test/javax/xml/crypto/dsig/X509KeySelector.java
+ test/javax/xml/crypto/dsig/data/xmldsig-xfilter2.xml

Changeset: 5e1ad6ad41b7
Author:mullan
Date:  2012-01-23 13:23 -0500
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/5e1ad6ad41b7

Merge

hg: jdk8/tl/jdk: 3 new changesets

2011-11-22 Thread sean . mullan

Changeset: 1945abeb82a0
Author:mullan
Date:  2011-11-22 08:58 -0500
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/1945abeb82a0

7093090: Reduce synchronization in java.security.Policy.getPolicyNoCheck
Reviewed-by: valeriep

! src/share/classes/java/security/Policy.java

Changeset: bb8f19b80557
Author:mullan
Date:  2011-11-22 09:00 -0500
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/bb8f19b80557

Merge

- test/java/io/FileDescriptor/FileChannelFDTest.java
- test/java/io/etc/FileDescriptorSharing.java

Changeset: b4d7020c2a40
Author:mullan
Date:  2011-11-22 09:17 -0500
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/b4d7020c2a40

Merge

hg: jdk8/tl/jdk: 2 new changesets

2011-10-27 Thread sean . mullan

Changeset: 56cc907fc8dc
Author:mullan
Date:  2011-10-27 10:57 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/56cc907fc8dc

7094155: JSR105 code throws javax.xml.crypto.URIReferenceException when running 
into Java 7 VM
Reviewed-by: xuelei

! 
src/share/classes/com/sun/org/apache/xml/internal/security/utils/IdResolver.java
! test/javax/xml/crypto/dsig/GenerationTests.java

Changeset: 8cd2e3b8127a
Author:mullan
Date:  2011-10-27 11:01 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/8cd2e3b8127a

Merge

- make/sun/rmi/rmi/mapfile-vers
- src/share/native/sun/awt/libpng/pnggccrd.c
- src/share/native/sun/awt/libpng/pngvcrd.c
- src/share/native/sun/rmi/server/MarshalInputStream.c

hg: jdk8/tl/jdk: 2 new changesets

2011-10-19 Thread sean . mullan

Changeset: 57eb9136b73b
Author:mullan
Date:  2011-10-19 10:15 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/57eb9136b73b

7102686: Restructure timestamp code so that jars and modules can more easily 
share the same code
Reviewed-by: mchung

! src/share/classes/sun/security/pkcs/PKCS7.java
! src/share/classes/sun/security/pkcs/SignerInfo.java
! src/share/classes/sun/security/timestamp/HttpTimestamper.java
! src/share/classes/sun/security/timestamp/TSRequest.java
! src/share/classes/sun/security/timestamp/TSResponse.java
! src/share/classes/sun/security/tools/JarSigner.java
! src/share/classes/sun/security/tools/TimestampedSigner.java
! src/share/classes/sun/security/util/Debug.java
! src/share/classes/sun/security/util/SignatureFileVerifier.java

Changeset: 15078025eed9
Author:mullan
Date:  2011-10-19 10:16 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/15078025eed9

Merge

hg: jdk8/tl/jdk: 2 new changesets

2011-10-18 Thread sean . mullan

Changeset: 9bf526cc4046
Author:mullan
Date:  2011-10-18 10:12 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/9bf526cc4046

7092897: sun.security.util.Cache should be generified
Reviewed-by: xuelei

! src/share/classes/sun/security/pkcs11/KeyCache.java
! src/share/classes/sun/security/provider/X509Factory.java
! src/share/classes/sun/security/provider/certpath/CertStoreHelper.java
! src/share/classes/sun/security/provider/certpath/URICertStore.java
! src/share/classes/sun/security/provider/certpath/X509CertificatePair.java
! src/share/classes/sun/security/provider/certpath/ldap/LDAPCertStore.java
! src/share/classes/sun/security/ssl/SSLSessionContextImpl.java
! src/share/classes/sun/security/util/Cache.java

Changeset: f566cd364a90
Author:mullan
Date:  2011-10-18 10:15 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f566cd364a90

Merge

! src/share/classes/sun/security/provider/X509Factory.java

hg: jdk8/tl/jdk: 2 new changesets

2011-10-13 Thread sean . mullan

Changeset: 01615d3e74ed
Author:mullan
Date:  2011-10-13 13:50 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/01615d3e74ed

6953295: Move few sun.security.{util, x509, pkcs} classes used by 
keytool/jarsigner to another package
Reviewed-by: mchung

! make/sun/security/other/Makefile
- src/share/classes/sun/security/pkcs/EncodingException.java
- src/share/classes/sun/security/pkcs/PKCS10.java
- src/share/classes/sun/security/pkcs/PKCS10Attribute.java
- src/share/classes/sun/security/pkcs/PKCS10Attributes.java
+ src/share/classes/sun/security/pkcs10/PKCS10.java
+ src/share/classes/sun/security/pkcs10/PKCS10Attribute.java
+ src/share/classes/sun/security/pkcs10/PKCS10Attributes.java
! src/share/classes/sun/security/provider/certpath/CertStoreHelper.java
! src/share/classes/sun/security/provider/certpath/URICertStore.java
! src/share/classes/sun/security/provider/certpath/ldap/LDAPCertStore.java
! src/share/classes/sun/security/provider/certpath/ldap/LDAPCertStoreHelper.java
+ src/share/classes/sun/security/provider/certpath/ssl/SSLServerCertStore.java
+ 
src/share/classes/sun/security/provider/certpath/ssl/SSLServerCertStoreHelper.java
+ src/share/classes/sun/security/tools/CertAndKeyGen.java
! src/share/classes/sun/security/tools/KeyTool.java
+ src/share/classes/sun/security/tools/PathList.java
- src/share/classes/sun/security/util/BigInt.java
- src/share/classes/sun/security/util/PathList.java
- src/share/classes/sun/security/x509/CertAndKeyGen.java
- test/sun/security/util/BigInt/BigIntEqualsHashCode.java

Changeset: 04ecbd2bcf5a
Author:mullan
Date:  2011-10-13 13:53 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/04ecbd2bcf5a

Merge

hg: jdk8/tl/jdk: 7088502: Security libraries don't build with javac -Werror

2011-09-27 Thread sean . mullan

Changeset: 62e1389fdb0a
Author:mullan
Date:  2011-09-26 17:20 -0700
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/62e1389fdb0a

7088502: Security libraries don't build with javac -Werror
Summary: Changes to files in 
src/share/classes/com/sun/org/apache/xml/internal/security and its subpackages 
to remove warnings
Reviewed-by: mullan
Contributed-by: kurchi.subhra.ha...@oracle.com

! make/com/sun/org/apache/xml/Makefile
! src/share/classes/com/sun/org/apache/xml/internal/security/Init.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/JCEMapper.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/MessageDigestAlgorithm.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithm.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/c14n/Canonicalizer.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/c14n/CanonicalizerSpi.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/c14n/helper/AttrCompare.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315Excl.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/CanonicalizerBase.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/NameSpaceSymbTable.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/UtfHelpper.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/encryption/AgreementMethod.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptionMethod.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptionProperties.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptionProperty.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/encryption/Reference.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/encryption/ReferenceList.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipher.java
! src/share/classes/com/sun/org/apache/xml/internal/security/keys/KeyInfo.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolver.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolverSpi.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/RetrievalMethodResolver.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/StorageResolver.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/StorageResolverSpi.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/implementations/CertsInFilesystemDirectoryResolver.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/implementations/KeyStoreResolver.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/implementations/SingleCertificateResolver.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/signature/Manifest.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/signature/Reference.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignatureInput.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignatureInputDebugger.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transform.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/transforms/TransformSpi.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/FuncHere.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformXPath2Filter.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformXSLT.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/transforms/params/InclusiveNamespaces.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/utils/CachedXPathAPIHolder.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/utils/CachedXPathFuncHereAPI.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/utils/ElementProxy.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/utils/HelperNodeList.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/utils/IdResolver.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/utils/UnsyncBufferedOutputStream.java
! 
src/share/classes/com/sun/org/apache/xml/internal/security/utils/UnsyncByteArrayOutputStream.java
! src/share/classes/com/sun/org/apache/xml/internal/se

hg: jdk8/tl/jdk: 2 new changesets

2011-08-29 Thread sean . mullan

Changeset: d1c04dac850d
Author:mullan
Date:  2011-08-29 12:22 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/d1c04dac850d

7024771: "\\<>" in attribute value part of X500Principal constructor parameter 
makes strange effect
Reviewed-by: vinnie

! src/share/classes/sun/security/x509/AVA.java
! src/share/classes/sun/security/x509/X500Name.java
+ test/javax/security/auth/x500/X500Principal/Parse.java

Changeset: c2b4e0ea3ab9
Author:mullan
Date:  2011-08-29 12:23 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/c2b4e0ea3ab9

Merge

! src/share/classes/sun/security/x509/X500Name.java

hg: jdk8/tl/jdk: 7054969: Null-check-in-finally pattern in java/security documentation

2011-07-06 Thread sean . mullan

Changeset: f68d30c0a2e3
Author:mullan
Date:  2011-07-06 11:08 -0400
URL:   http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f68d30c0a2e3

7054969: Null-check-in-finally pattern in java/security documentation
Reviewed-by: vinnie

! src/share/classes/java/security/KeyStore.java
! src/share/classes/java/security/cert/X509CRL.java
! src/share/classes/java/security/cert/X509Certificate.java
! src/share/classes/java/security/cert/X509Extension.java

hg: jdk7/tl/jdk: 2 new changesets

2011-06-04 Thread sean . mullan

Changeset: 49aef5a5416e
Author:mullan
Date:  2011-06-04 06:45 -0700
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/49aef5a5416e

7050329: test/java/security/Policy/GetPermissions/JarURL.java fails on Windows
Reviewed-by: alanb

! test/java/security/Policy/GetPermissions/JarURL.java
+ test/java/security/Policy/GetPermissions/JarURL.policy

Changeset: 1f39ca0b9598
Author:mullan
Date:  2011-06-04 06:52 -0700
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/1f39ca0b9598

Merge

hg: jdk7/tl/jdk: 2 new changesets

2011-05-24 Thread sean . mullan

Changeset: 0a80650409e1
Author:mullan
Date:  2011-05-24 14:15 -0700
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/0a80650409e1

703: Permissions resolved incorrectly for jar protocol (Patch from 
bugs.openjdk.java.net)
Reviewed-by: alanb, chegar
Contributed-by: dbh...@redhat.com

! src/share/classes/sun/security/provider/PolicyFile.java
+ test/java/security/Policy/GetPermissions/JarURL.java

Changeset: ace2dfdecda1
Author:mullan
Date:  2011-05-24 14:32 -0700
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/ace2dfdecda1

Merge

hg: jdk7/tl/jdk: 2 new changesets

2011-04-21 Thread sean . mullan

Changeset: 2c46bf0a462c
Author:mullan
Date:  2011-04-21 17:39 -0400
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/2c46bf0a462c

7038175: Expired PKITS certificates causing CertPathBuilder and 
CertPathValidator regression test failures
Reviewed-by: xuelei

! src/share/classes/sun/security/provider/certpath/CrlRevocationChecker.java
! src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java

Changeset: 34b2c8e0ac85
Author:mullan
Date:  2011-04-21 17:44 -0400
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/34b2c8e0ac85

Merge

hg: jdk7/tl/jdk: 2 new changesets

2011-03-29 Thread sean . mullan

Changeset: b8259e08543b
Author:mullan
Date:  2011-03-29 10:39 -0400
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/b8259e08543b

7019937: Translatability bug - Remove Unused String - String ID , read end of 
file
7019938: Translatability bug - Remove Unused String - String ID can not specify 
Principal with a
7019940: Translatability bug - Remove unused string - String ID: provided null 
name
7019942: Translatability bug - String ID: trustedCertEntry,
7019945: Translatability bug - Translatability issue - String ID: * has NOT 
been verified! In order to veri
7019947: Translatability bug - Translatability issue - String ID: * The 
integrity of the information stored i
7019949: Translatability bug - Translatability issue - String ID: * you must 
provide your keystore password.
Reviewed-by: weijun, wetmore

! src/share/classes/com/sun/security/auth/PolicyParser.java
! src/share/classes/sun/security/tools/JarSigner.java
! src/share/classes/sun/security/tools/JarSignerResources.java
! src/share/classes/sun/security/tools/KeyTool.java
! src/share/classes/sun/security/util/AuthResources.java
! src/share/classes/sun/security/util/Resources.java

Changeset: 77077940fad6
Author:mullan
Date:  2011-03-29 11:37 -0400
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/77077940fad6

Merge

hg: jdk7/tl/jdk: 2 new changesets

2011-03-07 Thread sean . mullan

Changeset: bc0c58d65e97
Author:mullan
Date:  2011-03-07 13:20 -0500
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/bc0c58d65e97

7022467: SecretKeyFactory doesn't support algorithm "AES" on Windows and Linux
Reviewed-by: wetmore, valeriep

! src/share/classes/javax/crypto/SecretKeyFactory.java

Changeset: 62b0337d1369
Author:mullan
Date:  2011-03-07 13:44 -0500
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/62b0337d1369

Merge

hg: jdk7/tl/jdk: 4 new changesets

2011-01-25 Thread sean . mullan

Changeset: ae38d1374e31
Author:mullan
Date:  2011-01-24 14:56 -0500
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/ae38d1374e31

5001004: Required Security Algorithms need to be defined
Reviewed-by: wetmore

! src/share/classes/java/security/AlgorithmParameterGenerator.java
! src/share/classes/java/security/AlgorithmParameters.java
! src/share/classes/java/security/KeyFactory.java
! src/share/classes/java/security/KeyPairGenerator.java
! src/share/classes/java/security/KeyStore.java
! src/share/classes/java/security/MessageDigest.java
! src/share/classes/java/security/Policy.java
! src/share/classes/java/security/SecureRandom.java
! src/share/classes/java/security/Security.java
! src/share/classes/java/security/Signature.java
! src/share/classes/java/security/cert/CertPath.java
! src/share/classes/java/security/cert/CertPathBuilder.java
! src/share/classes/java/security/cert/CertPathValidator.java
! src/share/classes/java/security/cert/CertStore.java
! src/share/classes/java/security/cert/Certificate.java
! src/share/classes/java/security/cert/CertificateFactory.java
! src/share/classes/java/security/cert/CertificateFactorySpi.java
! src/share/classes/java/security/cert/package.html
! src/share/classes/java/security/package.html
! src/share/classes/javax/crypto/Cipher.java
! src/share/classes/javax/crypto/ExemptionMechanism.java
! src/share/classes/javax/crypto/KeyAgreement.java
! src/share/classes/javax/crypto/KeyGenerator.java
! src/share/classes/javax/crypto/Mac.java
! src/share/classes/javax/crypto/SecretKeyFactory.java
! src/share/classes/javax/crypto/package.html
! src/share/classes/javax/net/ssl/SSLContext.java
! src/share/classes/javax/net/ssl/package.html
! src/share/classes/javax/security/auth/login/Configuration.java
! src/share/classes/javax/security/auth/login/package.html

Changeset: b33e9b15835e
Author:mullan
Date:  2011-01-24 15:08 -0500
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/b33e9b15835e

Merge

- make/common/internal/BinaryPlugs.gmk
- make/java/hpi/Makefile
- make/java/hpi/hpi_common.gmk
- make/java/hpi/native/Makefile
- make/java/hpi/native/mapfile-vers
- make/java/hpi/native/reorder-i586
- make/java/hpi/native/reorder-sparc
- make/java/hpi/native/reorder-sparcv9
- make/java/hpi/windows/Makefile
- src/share/classes/java/dyn/JavaMethodHandle.java
- src/share/classes/java/dyn/LinkagePermission.java
- src/share/classes/java/nio/channels/AsynchronousDatagramChannel.java
! src/share/classes/java/security/Security.java
! src/share/classes/javax/net/ssl/SSLContext.java
- src/share/classes/sun/java2d/pisces/LineSink.java
- src/share/classes/sun/net/httpserver/SelectorCache.java
- src/share/classes/sun/nio/ch/SimpleAsynchronousDatagramChannelImpl.java
- src/share/classes/sun/security/krb5/KrbKdcReq.java
- src/share/classes/sun/security/krb5/internal/TCPClient.java
- src/share/classes/sun/security/krb5/internal/UDPClient.java
- 
src/share/demo/nio/zipfs/META-INF/services/java.nio.file.spi.FileSystemProvider
- src/share/demo/nio/zipfs/com/sun/nio/zipfs/JarFileSystemProvider.java
- src/share/demo/nio/zipfs/com/sun/nio/zipfs/ZipCoder.java
- src/share/demo/nio/zipfs/com/sun/nio/zipfs/ZipConstants.java
- src/share/demo/nio/zipfs/com/sun/nio/zipfs/ZipDirectoryStream.java
- src/share/demo/nio/zipfs/com/sun/nio/zipfs/ZipFileAttributeView.java
- src/share/demo/nio/zipfs/com/sun/nio/zipfs/ZipFileAttributes.java
- src/share/demo/nio/zipfs/com/sun/nio/zipfs/ZipFileStore.java
- src/share/demo/nio/zipfs/com/sun/nio/zipfs/ZipFileSystem.java
- src/share/demo/nio/zipfs/com/sun/nio/zipfs/ZipFileSystemProvider.java
- src/share/demo/nio/zipfs/com/sun/nio/zipfs/ZipInfo.java
- src/share/demo/nio/zipfs/com/sun/nio/zipfs/ZipPath.java
- src/share/demo/nio/zipfs/com/sun/nio/zipfs/ZipUtils.java
- src/share/hpi/export/bool.h
- src/share/hpi/export/dll.h
- src/share/hpi/export/hpi.h
- src/share/hpi/include/hpi_impl.h
- src/share/hpi/include/vm_calls.h
- src/share/hpi/src/hpi.c
- src/share/native/sun/font/layout/HebrewLigatureData.cpp
- src/share/native/sun/font/layout/HebrewShaping.cpp
- src/share/native/sun/font/layout/HebrewShaping.h
- src/solaris/classes/sun/net/www/protocol/http/NTLMAuthentication.java
- src/solaris/hpi/export/byteorder_md.h
- src/solaris/hpi/export/hpi_md.h
- src/solaris/hpi/export/io_md.h
- src/solaris/hpi/export/path_md.h
- src/solaris/hpi/export/timeval_md.h
- src/solaris/hpi/include/hpi_init.h
- src/solaris/hpi/include/interrupt.h
- src/solaris/hpi/include/largefile.h
- src/solaris/hpi/include/largefile_linux.h
- src/solaris/hpi/include/largefile_solaris.h
- src/solaris/hpi/native_threads/include/condvar_md.h
- src/solaris/hpi/native_threads/include/monitor_md.h
- src/solaris/hpi/native_threads/include/mutex_md.h
- src/solaris/hpi/native_threads/include/np.h
- src/solaris/hpi/native_threads/include/porting.h
- src/solaris/hpi/native_threads/include/threads_md.h
- src/solaris/hpi/native_threads/src/condvar_md.c
- src/solaris/hpi/native_threads/src/interrupt_md.c
-

hg: jdk7/tl/jdk: 6998860: Signed jar file verification is currently creating many extra new Sun providers.

2010-12-08 Thread sean . mullan

Changeset: 291128e77395
Author:mullan
Date:  2010-12-08 10:21 -0800
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/291128e77395

6998860: Signed jar file verification is currently creating many extra new Sun 
providers.
Reviewed-by: mchung

! src/share/classes/sun/security/util/ManifestEntryVerifier.java

hg: jdk7/tl/jdk: 3 new changesets

2010-11-22 Thread sean . mullan

Changeset: 951db417fc3c
Author:mullan
Date:  2010-11-22 10:16 -0500
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/951db417fc3c

6995424: Eliminate dependency to a deprecated API 
com.sun.security.auth.PolicyFile
Reviewed-by: mchung

! src/share/classes/javax/security/auth/Policy.java
! src/share/classes/javax/security/auth/SubjectDomainCombiner.java

Changeset: 83d08a3e4e04
Author:mullan
Date:  2010-11-22 10:18 -0500
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/83d08a3e4e04

Merge

- src/share/classes/sun/net/httpserver/SelectorCache.java

Changeset: 8aa383f37420
Author:mullan
Date:  2010-11-22 11:27 -0500
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/8aa383f37420

Merge

hg: jdk7/tl/jdk: 6994717: expired certificate in test ValidateCertPath

2010-11-08 Thread sean . mullan

Changeset: 34faa22a8ce8
Author:mullan
Date:  2010-11-08 11:33 -0500
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/34faa22a8ce8

6994717: expired certificate in test ValidateCertPath
Reviewed-by: vinnie

! 
test/java/security/cert/CertPathValidator/nameConstraintsRFC822/ValidateCertPath.java

hg: jdk7/tl/jdk: 2 new changesets

2010-10-18 Thread sean . mullan

Changeset: 0f5bab573e01
Author:mullan
Date:  2010-10-18 09:00 -0400
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/0f5bab573e01

6988599: CertificateRevokedException specifies name of authority but interacts 
with authority instance
Reviewed-by: vinnie

! src/share/classes/java/security/cert/CertificateRevokedException.java

Changeset: 537cf89b2f74
Author:mullan
Date:  2010-10-18 09:05 -0400
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/537cf89b2f74

Merge

hg: jdk7/tl/jdk: 2 new changesets

2010-10-15 Thread sean . mullan

Changeset: 0fc51ca3467d
Author:mullan
Date:  2010-10-15 10:55 -0400
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/0fc51ca3467d

6954275: XML signatures with reference data larger 16KB and cacheRef on fails 
to validate
Reviewed-by: xuelei

! 
src/share/classes/com/sun/org/apache/xml/internal/security/utils/UnsyncByteArrayOutputStream.java
+ 
test/com/sun/org/apache/xml/internal/security/utils/UnsyncByteArrayOutputStream/BufferOverflowTest.java

Changeset: bca7bd9ebf10
Author:mullan
Date:  2010-10-15 10:59 -0400
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/bca7bd9ebf10

Merge

hg: jdk7/tl/jdk: 2 new changesets

2010-08-03 Thread sean . mullan

Changeset: a21c46dac6cf
Author:mullan
Date:  2010-08-03 09:39 -0400
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/a21c46dac6cf

6653372: Error in java.security.KeyStore example code
Reviewed-by: weijun

! src/share/classes/java/security/KeyStore.java

Changeset: 2feeefb45a44
Author:mullan
Date:  2010-08-03 09:55 -0400
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/2feeefb45a44

Merge

hg: jdk7/tl/jdk: 6870553: X509Certificate.getSigAlgName method description uses non-standard algorithm name as example

2010-07-20 Thread sean . mullan

Changeset: 9d1994d53a67
Author:mullan
Date:  2010-07-20 10:41 -0400
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/9d1994d53a67

6870553: X509Certificate.getSigAlgName method description uses non-standard 
algorithm name as example
Reviewed-by: xuelei

! src/share/classes/java/security/cert/X509CRL.java
! src/share/classes/java/security/cert/X509Certificate.java

hg: jdk7/tl/jdk: 2 new changesets

2010-07-01 Thread sean . mullan

Changeset: 9bffc32b645d
Author:mullan
Date:  2010-07-01 15:20 -0400
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/9bffc32b645d

6782979: Add JNLPAppletLauncher (6618105) to blacklist
Reviewed-by: ohair

! make/java/security/Makefile

Changeset: c0d2a097eb99
Author:mullan
Date:  2010-07-01 15:30 -0400
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/c0d2a097eb99

Merge

hg: jdk7/tl/jdk: 6909281: 6u19 b99(pit):Error loading first applet in browser session( both FF && IE, windows ): NPE is thrown

2010-04-09 Thread sean . mullan

Changeset: 710c4493902f
Author:mullan
Date:  2010-04-09 07:21 -0700
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/710c4493902f

6909281: 6u19 b99(pit):Error loading first applet in browser session( both FF 
&& IE, windows ): NPE is thrown
Summary: Fix for 6633872 causes NPE due to uninitialised ProtectionDomain class
Reviewed-by: andrew

! src/share/classes/sun/misc/SharedSecrets.java

hg: jdk7/tl/jdk: 2 new changesets

2010-01-15 Thread sean . mullan

Changeset: 51d62db10c93
Author:mullan
Date:  2010-01-15 09:48 -0500
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/51d62db10c93

6915939: Exception should be thrown if OCSP SingleResponses contain unresolved 
critical extensions
Reviewed-by: xuelei

! src/share/classes/sun/security/provider/certpath/OCSPResponse.java

Changeset: 074f79397dda
Author:mullan
Date:  2010-01-15 09:58 -0500
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/074f79397dda

Merge

hg: jdk7/tl/jdk: 2 new changesets

2009-12-10 Thread sean . mullan

Changeset: 7c9be6c9385a
Author:mullan
Date:  2009-12-10 11:31 -0500
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/7c9be6c9385a

6867348: Digest Value of References inside Manifest - calculation order problem
Reviewed-by: xuelei

! src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignature.java
! test/javax/xml/crypto/dsig/GenerationTests.java

Changeset: 421e652f00c7
Author:mullan
Date:  2009-12-10 11:34 -0500
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/421e652f00c7

Merge

hg: jdk7/tl/jdk: 2 new changesets

2009-11-23 Thread sean . mullan

Changeset: 5d2e63dad298
Author:mullan
Date:  2009-11-23 12:36 -0500
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/5d2e63dad298

6899503: Security code issue using Verisign root certificate
Summary: Add support for reordering out-of-order certificate chains
Reviewed-by: vinnie, xuelei

! src/share/classes/sun/security/validator/PKIXValidator.java

Changeset: 38960b705c30
Author:mullan
Date:  2009-11-23 13:57 -0500
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/38960b705c30

Merge

hg: jdk7/tl/jdk: 6894461: OCSP Checker should not wrap all Exception as "Unable to send OCSP request."(introduced by #6885667)

2009-11-18 Thread sean . mullan

Changeset: 6fac6e5fdf0c
Author:mullan
Date:  2009-11-18 12:34 -0500
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/6fac6e5fdf0c

6894461: OCSP Checker should not wrap all Exception as "Unable to send OCSP 
request."(introduced by #6885667)
Reviewed-by: vinnie, xuelei

! src/share/classes/sun/security/provider/certpath/OCSPChecker.java

hg: jdk7/tl/jdk: 2 new changesets

2009-10-14 Thread sean . mullan

Changeset: 5f326176855d
Author:mullan
Date:  2009-10-14 09:36 -0400
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/5f326176855d

6885667: CertPath/CertPathValidatorTest/bugs/bug6383078 fails on jdk6u18/b02, 
jdk7/pit/b73 and passes on b72.
Summary: Wrap all OCSP exceptions in CertPathValidatorException so that we can 
fallback to CRLs, if enabled.
Reviewed-by: dgu, xuelei

! src/share/classes/sun/security/provider/certpath/OCSP.java
! src/share/classes/sun/security/provider/certpath/OCSPChecker.java

Changeset: edeb687e2d9a
Author:mullan
Date:  2009-10-14 09:47 -0400
URL:   http://hg.openjdk.java.net/jdk7/tl/jdk/rev/edeb687e2d9a

Merge

1 2 >

1 - 100 of 109 matches

Mail list logo