[9]RFR JDK-8160029: Security-libs tests need to avoid using jdk.testlibrary.Utils.getFreePort()

Hi, Would you like to review this patch for removing unnecessary usages on jdk.testlibrary.Utils.getFreePort() from security-libs tests? In OpenJDK, I find only sun/security/krb5/auto/KDC.java should be modified for this issue. If I miss something, please let me know. Issue: https://bugs.openj

@run main/policy ignores system default java.policy

I know that a "@run main/policy=p" tag will be translated to -Djava.security.policy==p and the system default java.home/conf/security/java.policy will be ignored, and sometimes it's necessary to copy some lines from there to the test's own policy file. However, with more modules being de-privi

Re: Strange test failure when referencing a class in a deprivileged module

Mystery solved or problem solved? Have you fixed it somewhere else? Thanks Max On 7/7/2016 17:00, Peter Firmstone wrote: Problem solved, even though it didn't occur on Java 8, the potential for it to occur still exists there, it's simply that Java 9 seems to have hit this execution path, it wa

Re: [9] RFR 8130181: Deprecate java.security.Provider(String, double, String), add Provider(String, String, String)

Yes, this is precise. I have no other comment. Thanks Max On 7/8/2016 10:24, Valerie Peng wrote: Hmm, as I re-read it, I think it's too ambiguous to include '.' as a separator as it's possible to interpret the info as optional trailing info instead of version number as your earlier comment me

Re: [9] RFR 8130181: Deprecate java.security.Provider(String, double, String), add Provider(String, String, String)

Hmm, as I re-read it, I think it's too ambiguous to include '.' as a separator as it's possible to interpret the info as optional trailing info instead of version number as your earlier comment mentioned. I updated the @implNote and removed the '.' as the separator for the other info. I think

Re: [9] RFR: JDK-7052815 Change tests that remove or add providers to run in othervm mode

Updated copyright , new webrev here: http://cr.openjdk.java.net/~tidu/7052815/webrev.02/ Please help to review them ,Thanks. Regards Tim On 2016/7/8 1:30, Rajan Halade wrote: Hi Tim, Please also update the copyright year to 2016 wherever applicable. Thanks, Rajan On 7/7/16 2:11 AM, Tim Du w

Re: JDK 9 RFR mark java/security/SignedObject/Chain.java as failing intermittently

Looks fine to me. 8136842 has a long comment history. Thanks Max > On Jul 8, 2016, at 5:02 AM, joe darcy wrote: > > Hello, > > The test > > java/security/SignedObject/Chain.java > > has been seen to fail intermittently (JDK-8136842). I'd like to mark the test > accordingly; please review th

Re: RFR 8054537: sun.security.x509.SerialNumber constructor should not accept negative numbers

Hi Svetlana According to http://tools.ietf.org/html/rfc5280#section-4.1.2.2: Note: Non-conforming CAs may issue certificates with serial numbers that are negative or zero. Certificate users SHOULD be prepared to gracefully handle such certificates. This means although a modern library/

Re: RFR: 8160518: Semicolon is not recognized as comment starting character (Kerberos)

Change looks fine. Only one thing: why is the following @modules tag needed? java.security.jgss/sun.security.krb5.internal.crypto Thanks Max > On Jul 5, 2016, at 1:03 AM, Ivan Gerasimov wrote: > > Hello! > > We've got a complain that a semicolon character cannot be used to start a > com

Re: RFR: 8158670: Fix @modules in java/lang/SecurityManager/CheckSecurityProvider.java

Ok, please send me your putback comment. Otherwise, I will just use my own wording. ;) Should get it done either later today or tomorrow... Thanks, Valerie On 7/6/2016 11:31 AM, Alexandre (Shura) Iline wrote: Valerie, could you sponsor the patch for me? Shura On Jul 6, 2016, at 10:08 AM, Val

RFR: 9: 8144559: sun/security/mscapi/SignUsingNONEwithRSA.sh failed intermittently

May I request you to review this small patch. I am not able to reproduce the failure so I enhance the test itself to get rid of shell script. Since temporary key generation is now moved to java source, if it fails, exception will be raised and test will not fail with "Cannot load keys". I a

JDK 9 RFR mark java/security/SignedObject/Chain.java as failing intermittently

Hello, The test java/security/SignedObject/Chain.java has been seen to fail intermittently (JDK-8136842). I'd like to mark the test accordingly; please review the test below which does this. Thanks, -Joe --- a/test/java/security/SignedObject/Chain.javaThu Jul 07 10:16:47 2016 -0700 +

Re: Strange test failure when referencing a class in a deprivileged module

Can you change the test to call checkPermission prior to setting SSL as the system security manager? This will just ensure that all necessary classes are loaded prior to SSL becoming the security manager.  Regards, Peter. Sent from my Samsung device.     Include original message Original

Re: Strange test failure when referencing a class in a deprivileged module

Problem solved, even though it didn't occur on Java 8, the potential for it to occur still exists there,  it's simply that Java 9 seems to have hit this execution path, it was a latent bug. Cheers, Peter. Sent from my Samsung device.     Include original message Original message Fro

Re: Strange test failure when referencing a class in a deprivileged module

Yes, that's correct. ;) Sent from my Samsung device.     Include original message Original message From: Alan Bateman Sent: 07/07/2016 06:37:49 pm To: Wang Weijun Cc: jigsaw-dev ; OpenJDK Subject: Re: Strange test failure when referencing a class in a deprivileged module On 07/07/2

Re: Strange test failure when referencing a class in a deprivileged module

Sorry, I wasn't clear, I meant, create a new instance of SSL, call its checkPermission method, then make that instance your system security manager. Although the check permission call will be repeated in the test, it will have run while the standard SecurityManager is in force, so the jvm won't

Re: Strange test failure when referencing a class in a deprivileged module

Have you tried setting the jvm in security debug mode to see else might be occurring?  If so can you send the output? Regards, Peter. Sent from my Samsung device.     Include original message Original message From: Wang Weijun Sent: 07/07/2016 11:08:58 am To: Peter Firmstone Cc: Sea

Re: Strange test failure when referencing a class in a deprivileged module

Perhaps the policy provider hasn't been refreshed when the new security manager is in force?  Try doing a Policy.refresh() in the SecurityManager constructor. Regards, Peter. Sent from my Samsung device.     Include original message Original message From: Wang Weijun Sent: 07/07/2016

RFR 8054537: sun.security.x509.SerialNumber constructor should not accept negative numbers

Hello, could you please review this simple fix. Issue: https://bugs.openjdk.java.net/browse/JDK-8054537 Webrev: http://cr.openjdk.java.net/~snikandrova/8054537/webrev.00/ Description: Added check if SerialNumber constructor's param

Re: RFR: 8160267: Ucrypto config file cannot be read when -Dfile.encoding=UTF-16 is set

Looks fine to me. --Sean On 07/04/2016 09:37 AM, Ivan Gerasimov wrote: Hello! When backporting JDK-8158633 to jdk8u, it was noticed that OracleUcrypto provider may experience difficulties reading its config file in UTF-16 environment. The fix is to explicitly specify the expected encoding of

Re: [9] RFR: JDK-7052815 Change tests that remove or add providers to run in othervm mode

Hi Tim, Please also update the copyright year to 2016 wherever applicable. Thanks, Rajan On 7/7/16 2:11 AM, Tim Du wrote: Hi Sean: Thank you for reviewing the codes. I updated the title for this bug and added othervm for the tests that add but not remove their own provider. Also corrected th

Re: [9] RFR: JDK-7052815 Change tests that remove or add providers to run in othervm mode

Hi Sean: Thank you for reviewing the codes. I updated the title for this bug and added othervm for the tests that add but not remove their own provider. Also corrected the typo. New webrev is available here: http://cr.openjdk.java.net/~tidu/7052815/webrev.01/ . Please help to review it again.

Re: [9] RFR: 8079441: Intermittent failures on Windows with "Unexpected exit from test [exit code: 1080890248]"

Hi Siba I don't think we need to fix it this way. While the Thread APIs are old they are not obsolete or deprecated. Also, I don't understand how this rewrite using new APIs could be any useful for the bug. I see another bug JDK-8160596 in the hotspot category was closed as a dup, and I believ

Re: Strange test failure when referencing a class in a deprivileged module

> On Jul 7, 2016, at 4:47 PM, Peter Firmstone > wrote: > > Sorry, I wasn't clear, I meant, create a new instance of SSL, call its > checkPermission method, then make that instance your system security manager. That would cure the test too, since it references SQLPermission when checkPermissi

Re: Strange test failure when referencing a class in a deprivileged module

> On Jul 7, 2016, at 4:37 PM, Alan Bateman wrote: > > On 07/07/2016 09:27, Wang Weijun wrote: > >> Like this? >> >> https://gist.github.com/wangweij/6992aaf9617b9e2f242ddf9e391ea5f6 >> >> The horizontal line is printed on line 706 of the gist. >> > I assume the suggestion was to reference SQ

Re: Strange test failure when referencing a class in a deprivileged module

On 07/07/2016 09:27, Wang Weijun wrote: Like this? https://gist.github.com/wangweij/6992aaf9617b9e2f242ddf9e391ea5f6 The horizontal line is printed on line 706 of the gist. I assume the suggestion was to reference SQLPermission before setting the security manager. As regards module loading t

Re: Strange test failure when referencing a class in a deprivileged module

Like this? https://gist.github.com/wangweij/6992aaf9617b9e2f242ddf9e391ea5f6 The horizontal line is printed on line 706 of the gist. --Max > On Jul 7, 2016, at 12:57 PM, Peter Firmstone > wrote: > > Can you change the test to call checkPermission prior to setting SSL as the > system securit

Re: [9] RFR: 8160940: Enable debug log in javax/net/ssl/HttpsURLConnection/Equals.java to track JDK-8160210

looks fine to me. Thanks, Xuelei > On Jul 7, 2016, at 3:33 PM, Sibabrata Sahoo > wrote: > > Hi Xuelei, > > As suggested I have created a new bug to enable debug log for the failure > raised for JDK-8160210. Now the original bug JDK-8160210 will be under > observation until the failure found

[9] RFR: 8160940: Enable debug log in javax/net/ssl/HttpsURLConnection/Equals.java to track JDK-8160210

Hi Xuelei, As suggested I have created a new bug to enable debug log for the failure raised for JDK-8160210. Now the original bug JDK-8160210 will be under observation until the failure found again in future. Because the fix is for a new bug, so the original subject line changed for this email