RFR 8132943: ServerHandshaker may select non-empty OCSPStatusRequest structures when Responder ID selection is not supported

2016-08-05 Thread Jamil Nimeh
Hello all, This fixes an issue with OCSPStatusRequest selection by the server when doing OCSP stapling. Since we currently do not support responder ID filtering, the server should not select an OCSPStatusRequest with responder IDs in it, else it could potentially return OCSP responses that t

8163104: Unexpected NPE still possible on some Kerberos ticket calls

2016-08-05 Thread Seán Coffey
Post JDK-8147772 , I think we still have a possibility of hitting an NPE in Kerberos ticket management. Could only find one method affected. bug report : https://bugs.openjdk.java.net/browse/JDK-8163104 webrev : http://cr.openjdk.java.net/~coffe

RE: [9] RFR: 8159964: Update Tests to verify JDK build for "JDK-8159488 Deprivilege java.xml.crypto"

2016-08-05 Thread Sibabrata Sahoo
Hi Max, Here is the updated webrev: http://cr.openjdk.java.net/~ssahoo/8159964/webrev.01/ Thanks, Siba -Original Message- From: Weijun Wang Sent: Friday, August 05, 2016 4:19 PM To: Sibabrata Sahoo; security-dev@openjdk.java.net; Valerie Peng Subject: Re: [9] RFR: 8159964: Update Tests

Re: [9] RFR 8157579: com/sun/crypto/provider/Mac/MacClone.java failed on solaris12(sparcv9 and x86)

2016-08-05 Thread Vincent Ryan
Your fix looks good. One comment is that you could trim the Provider[] to exclude the most-preferred provider (at index=0). Thanks. > On 5 Aug 2016, at 03:01, Valerie Peng wrote: > > > Anyone has time to review this fix? The code change is in only one file and > straightforward if you agree

Re: [9] RFR: 8159964: Update Tests to verify JDK build for "JDK-8159488 Deprivilege java.xml.crypto"

2016-08-05 Thread Weijun Wang
I'm looking at DeprivilegedModuleLoaderTest.java. Why not just call classes.add(XMLSignatureFactory.class); --Max On 8/5/2016 18:00, Sibabrata Sahoo wrote: Hi, Please review the patch for “deprivilege java.xml.crypto, java.security.jgss, jdk.security.jgss and jdk.security.auth” modules.

[9] RFR: 8159964: Update Tests to verify JDK build for "JDK-8159488 Deprivilege java.xml.crypto"

2016-08-05 Thread Sibabrata Sahoo
Hi, Please review the patch for "deprivilege java.xml.crypto, java.security.jgss, jdk.security.jgss and jdk.security.auth" modules. JBS: https://bugs.openjdk.java.net/browse/JDK-8159964 Webrev: http://cr.openjdk.java.net/~ssahoo/8159964/webrev.00/ Description: This includes a new Tes