hg: jdk8/tl/nashorn: 8010117: Annotate jdk caller sensitive methods with @sun.reflect.CallerSensitive

Changeset: 222a72df2f42 Author:mchung Date: 2013-04-16 22:11 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/nashorn/rev/222a72df2f42 8010117: Annotate jdk caller sensitive methods with @sun.reflect.CallerSensitive Reviewed-by: jrose, alanb, twisti, sundar ! src/jdk/nashorn/api/scrip

hg: jdk8/tl/jdk: 8010117: Annotate jdk caller sensitive methods with @sun.reflect.CallerSensitive

Changeset: da6addef956e Author:mchung Date: 2013-04-16 21:39 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/da6addef956e 8010117: Annotate jdk caller sensitive methods with @sun.reflect.CallerSensitive Reviewed-by: jrose, alanb, twisti ! make/java/java/FILES_c.gmk ! make/jav

hg: jdk8/tl/jdk: 8011124: Make KerberosTime immutable

Changeset: a3cc4b8e217a Author:weijun Date: 2013-04-17 10:15 +0800 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/a3cc4b8e217a 8011124: Make KerberosTime immutable Reviewed-by: xuelei ! src/share/classes/sun/security/krb5/KrbApReq.java ! src/share/classes/sun/security/krb5/KrbAppM

Re: Code review request: 8005523: Unbound krb5 for TLS

Webrev updated: http://cr.openjdk.java.net/~weijun/8005523/webrev.02/ Changes since webrev.01: 1. Add a isRelated() Krb5Helper method to find out if a Subject can provide creds for a service principal. 2. Server check permission at initialization if bound 3. Only check permission again a

Re: Code review request JDK-8006935: Need to take care of long secret keys in HMAC/PRF compuation

On 4/17/2013 9:07 AM, Weijun Wang wrote: >>> No new regression test (noreg-hard). The fix can be tested by manually >>> running the attached test case in the bug. > > By noreg-hard, do you mean that it's not easy to write a jdk7 client > talking to a jdk8 server in regression test? I recommend you

Re: Code review request JDK-8006935: Need to take care of long secret keys in HMAC/PRF compuation

No new regression test (noreg-hard). The fix can be tested by manually running the attached test case in the bug. By noreg-hard, do you mean that it's not easy to write a jdk7 client talking to a jdk8 server in regression test? I recommend you asking SQE to include some interop tests in their

Re: Code review request JDK-8006935: Need to take care of long secret keys in HMAC/PRF compuation

The fixes look fine. Thanks, Valerie On 04/16/13 05:30, Xuelei Fan wrote: Hi Valerie, Are you available to review the HAMC impl update in JCE/TLS? Webrev: http://cr.openjdk.java.net./~xuelei/8006935/webrev.00/ The issue comes from the practice that the industry starts to use large Diffie-Hel

Re: Code review request: 8011124: Make KerberosTime immutable

Changes look good, don't forget to update the copyright years though. Thanks, Valerie On 04/03/13 04:31, Weijun Wang wrote: http://cr.openjdk.java.net/~weijun/8011124/webrev.00/ KerberosTime is a very basic data type and it is nice to be immutable. One test is updated. No new regression test f

hg: jdk8/tl/jdk: 37 new changesets

Changeset: c5ead5aa2e13 Author:bae Date: 2013-02-07 19:15 +0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/c5ead5aa2e13 8007014: Improve image handling Reviewed-by: prr, mschoene, jgodinez ! src/share/classes/sun/awt/image/ByteComponentRaster.java ! src/share/classes/sun/awt/i

hg: jdk8/tl/jaxp: 2 new changesets

Changeset: 10db50a26b39 Author:joehw Date: 2013-02-18 11:33 -0800 URL: http://hg.openjdk.java.net/jdk8/tl/jaxp/rev/10db50a26b39 6657673: Issues with JAXP Reviewed-by: alanb, lancea, ahgross, mullan ! src/com/sun/org/apache/bcel/internal/classfile/JavaClass.java ! src/com/sun/org/ap

hg: jdk8/tl/hotspot: 2 new changesets

Changeset: 3d641132f83b Author:twisti Date: 2013-02-26 16:16 -0800 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/3d641132f83b 8004336: Better handling of method handle intrinsic frames Reviewed-by: kvn, jrose, ahgross ! src/share/vm/opto/library_call.cpp Changeset: 124ca2243

hg: jdk8/tl/jdk: 8004518: Add in-place operations to Map; ...

Changeset: e4e9f6455f3c Author:mduigou Date: 2013-04-16 11:17 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/e4e9f6455f3c 8004518: Add in-place operations to Map 8010122: Add defaults for ConcurrentMap operations to Map Reviewed-by: darcy, briangoetz, mduigou, dholmes, ulfzib

Re: Code review request: 8005523: Unbound krb5 for TLS

On 4/16/13 8:18 PM, Xuelei Fan wrote: On 4/16/2013 5:44 PM, Weijun Wang wrote: I am not sure how to do that. Can I just skip this check and whenever subject != null always set resumingSession to true? This is not very correct but is it possible to detect the mismatch later and "resume" the fu

hg: jdk8/tl/jdk: 8012244: java/net/Socket/asyncClose/Race.java fails intermittently on Windows

Changeset: 6135c60e77e5 Author:chegar Date: 2013-04-16 13:26 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/6135c60e77e5 8012244: java/net/Socket/asyncClose/Race.java fails intermittently on Windows Reviewed-by: alanb, dsamersoff ! src/windows/classes/java/net/DualStackPlain

Code review request JDK-8006935: Need to take care of long secret keys in HMAC/PRF compuation

Hi Valerie, Are you available to review the HAMC impl update in JCE/TLS? Webrev: http://cr.openjdk.java.net./~xuelei/8006935/webrev.00/ The issue comes from the practice that the industry starts to use large Diffie-Hellman keys in DH key exchanging. Per HMAC (RFC 2104) spec, if the secret key i

Re: Code review request: 8005523: Unbound krb5 for TLS

On 4/16/2013 5:44 PM, Weijun Wang wrote: >> >> I am not sure how to do that. Can I just skip this check and whenever >> subject != null always set resumingSession to true? This is not very >> correct but is it possible to detect the mismatch later and "resume" the >> full negotiation? >> No, it is

hg: jdk8/tl/jdk: 8012237: CompletableFuture/Basic.java still fails intermittently

Changeset: e2a0e37b152c Author:chegar Date: 2013-04-16 12:51 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/e2a0e37b152c 8012237: CompletableFuture/Basic.java still fails intermittently Reviewed-by: martin ! test/java/util/concurrent/CompletableFuture/Basic.java

hg: jdk8/tl/jdk: 8012343: Objects.requireNonNull(Object, Supplier) breaks genstubs build

Changeset: 61cfbe08ce5d Author:chegar Date: 2013-04-16 12:23 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/61cfbe08ce5d 8012343: Objects.requireNonNull(Object,Supplier) breaks genstubs build Reviewed-by: alanb ! src/share/classes/java/util/Objects.java ! test/java/util/Obje

Re: Code review request: 8005523: Unbound krb5 for TLS

I am not sure how to do that. Can I just skip this check and whenever subject != null always set resumingSession to true? This is not very correct but is it possible to detect the mismatch later and "resume" the full negotiation? It seems the purpose of this check is that, if it fails, you can

Re: Code review request: 8005523: Unbound krb5 for TLS

On 4/16/13 5:34 PM, Xuelei Fan wrote: On 4/16/2013 5:30 PM, Weijun Wang wrote: The problem is inside ServerHandshaker::clientHello: if (subject != null) { // Eliminate dependency on KerberosPrincipal Set principals = subject.getPrincipals(Principal.class);

Re: Code review request: 8005523: Unbound krb5 for TLS

On 4/16/2013 5:30 PM, Weijun Wang wrote: > The problem is inside ServerHandshaker::clientHello: > > if (subject != null) { > // Eliminate dependency on KerberosPrincipal > Set principals = > subject.getPrincipals(Principal.class); > if (!principals.contains(

Re: Code review request: 8005523: Unbound krb5 for TLS

Sorry, seems localPrincipal is the last requested service name set in clientKeyExchange. On 4/16/13 5:30 PM, Weijun Wang wrote: The problem is inside ServerHandshaker::clientHello: if (subject != null) { // Eliminate dependency on KerberosPrincipal Set principals =

Re: Code review request: 8005523: Unbound krb5 for TLS

The problem is inside ServerHandshaker::clientHello: if (subject != null) { // Eliminate dependency on KerberosPrincipal Set principals = subject.getPrincipals(Principal.class); if (!principals.contains(localPrincipal)) { resumingSession = false