Please review the following simple changeset to identify the offending JAR file
following a signature verification error.
Previously, only the offending entry in the JAR was identified.
This helps during troubleshooting when several JAR files being processed.
The request was originally submitted
I shortened the output to display only the JAR filename to avoid leaking
filesystem information.
I’ve updated the webrev in-place.
Thanks.
On 19 Jun 2014, at 17:59, Vincent Ryan wrote:
> Please review the following simple changeset to identify the offending JAR
> file following a signature
Hello,
I'd prefer to see the CheckJarSigError.sh as a Java program.
Cheers,
-Joe
On 06/19/2014 02:21 PM, Vincent Ryan wrote:
I shortened the output to display only the JAR filename to avoid leaking
filesystem information.
I’ve updated the webrev in-place.
Thanks.
On 19 Jun 2014, at 17:59,
Hello Aaron,
I considered using your testcase that manually generates the necessary
malformed JAR
but as there was a suitable signed JAR already in the test suite I decided to
re-use that.
I think it makes sense to re-work the test as a Java program. Unfortunately
I’ll be on vacation
from toda
There is precedence for revealing the full pathname only when a security
manager is not running.
Would that be acceptable?
On 20 Jun 2014, at 13:21, Vincent Ryan wrote:
> Hello Aaron,
>
> I considered using your testcase that manually generates the necessary
> malformed JAR
> but as there wa
Am Donnerstag, 19. Juni 2014 23:49 CEST, Joe Darcy
schrieb:
> I'd prefer to see the CheckJarSigError.sh as a Java program.
There original bug report contains a full self-contained test case in Java. Why
was that split into several files?
I'm also a bit uneasy about the "just show the file nam
