Re: Code review request: 7184815 (was Re: OpenJDK krb5 ignore /etc/krb5.conf?)

Webrev updated at http://cr.openjdk.java.net/~weijun/7184815/webrev.01/ Add comments before toString and inside toStringIndented. With the new impl, the responsibility for doing indention when printing out the String 'obj' is the caller's responsibility. Well, not really. The indentation

Re: (2nd round) Proposed API Changes for JEP 114: TLS Server Name Indication (SNI) Extension

On 8/10/2012 8:17 AM, Weijun Wang wrote: > > > On 08/10/2012 12:04 AM, Xuelei Fan wrote: >> The new webrev: >>http://cr.openjdk.java.net./~xuelei/7068321/webrev_spec.02/ >> >> Diffs from the previous webrev: >> 1. changed the method names >> setServername->setAccessibleServerName >> g

Re: (2nd round) Proposed API Changes for JEP 114: TLS Server Name Indication (SNI) Extension

Hi Xuelei, I like this style much better than your earlier versions. Thanks for considering them. We should still do a little more wordsmithing, some of the passages are a little awkward. The following are mainly content questions. ExtendedSSLSession.java === 91: Hav

Re: (2nd round) Proposed API Changes for JEP 114: TLS Server Name Indication (SNI) Extension

On 08/10/2012 12:04 AM, Xuelei Fan wrote: The new webrev: http://cr.openjdk.java.net./~xuelei/7068321/webrev_spec.02/ Diffs from the previous webrev: 1. changed the method names setServername->setAccessibleServerName getServername->getAccessibleServerNames setServernamePattern->

Re: Code review request: 7184815 (was Re: OpenJDK krb5 ignore /etc/krb5.conf?)

Max, Please find my comments in line. On 08/08/12 19:33, Weijun Wang wrote: On 08/09/2012 10:10 AM, Valerie (Yu-Ching) Peng wrote: Max, The new ordering for reading the config files sounds reasonable. However, I have questions on scenarios where the various config files don't exist and the c

Re: JDK 8 Code Review Request: 7187962: sun.security.pkcs11.P11DSAKeyFactory.implTranslatePublicKey doesn't check if params is null

On 8/9/12 4:09 PM, Valerie (Yu-Ching) Peng wrote: > > Yes, various places assume that the params being non-null since they are > needed for crypto operations. > I think what you have here is the right fix for the particular test failure. > Do you know if Certificate.getPublicKey() is called on a

Re: JDK 8 Code Review Request: 7187962: sun.security.pkcs11.P11DSAKeyFactory.implTranslatePublicKey doesn't check if params is null

Yes, various places assume that the params being non-null since they are needed for crypto operations. I think what you have here is the right fix for the particular test failure. Do you know if Certificate.getPublicKey() is called on a certificate contains a DSA key whose DSA params should be

hg: jdk8/tl/jdk: 7189363: Regex Pattern compilation buggy for special sequences

Changeset: 717ed00b7787 Author:sherman Date: 2012-08-09 10:15 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/717ed00b7787 7189363: Regex Pattern compilation buggy for special sequences Summary: fixed the incorrect implementation in expr(...) Reviewed-by: psandoz, alanb ! src

Re: (2nd round) Proposed API Changes for JEP 114: TLS Server Name Indication (SNI) Extension

The new webrev: http://cr.openjdk.java.net./~xuelei/7068321/webrev_spec.02/ Diffs from the previous webrev: 1. changed the method names setServername->setAccessibleServerName getServername->getAccessibleServerNames setServernamePattern->setRecognizableServername getServernamePatterns

Re: JDK 8 Code Review Request: 7187962: sun.security.pkcs11.P11DSAKeyFactory.implTranslatePublicKey doesn't check if params is null

I have re-worked this fix so that our PKIX CertPathValidator implementation detects if a TrustAnchor's DSA key has no parameters *before* using it to verify a signature. This is a cleaner fix, as it turns out there is quite a bit of existing code in JCE that already assumes a DSA key has parameters