Please review the code change at
http://cr.openjdk.java.net/~weijun/8164437/webrev.00
The updated test shows that with the jdk.security.jgss package, the
result of GSSManager::createContext is of an enhanced type.
Thanks
Max
This is great. Change looks fine to me.
Thanks
Max
On 8/18/2016 23:28, Seán Coffey wrote:
Thanks for the tip Artem, Max. No need to modify the policy file then.
Below is the new suggested patch for jdk8u-dev. JPRT results are good.
diff --git a/test/sun/security/krb5/auto/UnboundSSL.java
b/tes
Looks fine to me.
Xuelei
On 8/19/2016 5:17 AM, Vincent Ryan wrote:
Please approve this change to add a failing test to
jdk/test/ProblemList.txt so we can investigate further.
Thanks.
diff --git a/test/ProblemList.txt b/test/ProblemList.txt
--- a/test/ProblemList.txt
+++ b/test/ProblemList.txt
I share your view on most things. It's just that the APIs are there
before the PKCS11 provider is added.
So, there are some history reason as to why things are as they are today.
Re-structuring the public classes are almost impossible considering the
compatibility impact.
However, we can expl
Changes look fine.
Valerie
On 8/17/2016 11:29 AM, Artem Smotrakov wrote:
Hello,
Please review the following patch for
com/sun/crypto/provider/KeyFactory/TestProviderLeak.java test.
This is a request to make the test take into account a test timeout
factor. Timeout factor can be specified w
On 8/18/2016 4:49 PM, Valerie Peng wrote:
Hi Mike,
Thanks for the feedback and the detailed write up.
The scenario here is complicated by the sensitive/non-extractable keys
of PKCS#11 and the fact that java key and key specification classes
assume all relevant values being available.
Um... I
Please approve this change to add a failing test to jdk/test/ProblemList.txt so
we can investigate further.
Thanks.
diff --git a/test/ProblemList.txt b/test/ProblemList.txt
--- a/test/ProblemList.txt
+++ b/test/ProblemList.txt
@@ -289,6 +289,8 @@
sun/security/ssl/SSLSocketImpl/AsyncSSLSocketCl
Hi Mike,
Thanks for the feedback and the detailed write up.
The scenario here is complicated by the sensitive/non-extractable keys
of PKCS#11 and the fact that java key and key specification classes
assume all relevant values being available. Only when all relevant
values are available, then
On 08/17/2016 07:22 PM, Bradford Wetmore wrote:
- src/java.base/share/conf/security/java.security
854 crypto.policy=policydir-tbd
The policydir-tbd value is a little confusing in that it isn't a real
value. What about just setting this to the empty string?
It's a similar marker for the string
approved for push to 8u-dev
Cheers,
-Buck
On 2016/08/18 16:51, Seán Coffey wrote:
Changes look good Ramanand. Reviewed.
Regards,
Sean.
On 18/08/2016 07:03, David Buck wrote:
Hi Ramanand!
As there are (minor) changes between the two change sets, you will
need to get a code review of the back
Hi Ramanand!
As there are (minor) changes between the two change sets, you will need to get
a code review of the backported changes. I have included the security-dev alias
in the CC list.
Cheers,
-Buck
> On Aug 18, 2016, at 14:34, Ramanand Patil wrote:
>
> Hi,
>
> Please review and approve
Thank you Sean and David.
Regards,
Ramanand.
-Original Message-
From: david buck
Sent: Thursday, August 18, 2016 1:26 PM
To: Seán Coffey; Ramanand Patil
Cc: jdk8u-dev; security-dev@openjdk.java.net
Subject: Re: [8u-dev] Request for Approval: Backport of 8144566: Custom
HostnameVerifier
This was probably more important when the Security group had direct
responsibility for the https code.
Brad
On 8/18/2016 12:51 AM, Chris Hegarty wrote:
On 17 Aug 2016, at 19:52, Rajan Halade wrote:
On 8/17/16 11:36 AM, Chris Hegarty wrote:
On 17 Aug 2016, at 18:54, Rajan Halade wrote:
Hi Sean,
The patch below looks fine to me, but I am not an official reviewer.
Artem
On 08/18/2016 08:28 AM, Seán Coffey wrote:
Thanks for the tip Artem, Max. No need to modify the policy file then.
Below is the new suggested patch for jdk8u-dev. JPRT results are good.
diff --git a/test/sun/
Hi -
Looking at Valeries changes to the above made me take a closer look at
the current definitions of the various RSA key interfaces. What would be
the impact of the following changes?:
Make RSAMultiPrimePrivateCrtKeySpec extend RSAPrivateCrtKeyKeySpec
instead of RSAPrivateKeySpec. RSAMult
On 8/17/2016 11:36 PM, Valerie Peng wrote:
Regression tests are still running, but thought that I will send the
updated webrev out and see if there are more comments.
Webrev is updated at:
http://cr.openjdk.java.net/~valeriep/8078661/webrev.01/
Thanks,
Valerie
Hi Valerie -
You know - re-re
Thanks for the tip Artem, Max. No need to modify the policy file then.
Below is the new suggested patch for jdk8u-dev. JPRT results are good.
diff --git a/test/sun/security/krb5/auto/UnboundSSL.java
b/test/sun/security/krb5/auto/UnboundSSL.java
--- a/test/sun/security/krb5/auto/UnboundSSL.java
Hi Brad,
nice to have this going in. Some comments.
1. Bug synopsis, can you edit it perhaps. "Introduce security property
to control strong crypto" seems more descriptive.
2. Exception handling.
Alot of your new exceptions don't include context. That makes debugging
more difficult than nee
On 17/08/2016 17:40, Alexandre (Shura) Iline wrote:
Thank you!
Fixed in place:
http://cr.openjdk.java.net/~shurailine/8163126/webrev.00/test/jdk/security/jarsigner/Spec.java.sdiff.html
Shura
The updated patch looks good to me.
Slightly off-topic but how close do you think we are to dropping
Hi Chris,
I agree that resetting the TCCL makes sense, and looks like the
minimal safer thing to do here.
InnocuousThread should probably be considered for the future,
but that's a first step in this direction :-)
best regards,
-- daniel
On 18/08/16 08:58, Chris Hegarty wrote:
The SunPKCS11 p
> On 17 Aug 2016, at 19:52, Rajan Halade wrote:
>
> On 8/17/16 11:36 AM, Chris Hegarty wrote:
>
>> On 17 Aug 2016, at 18:54, Rajan Halade wrote:
>>> sun/net/www/protocol/https tests are redundant in jdk_security3 group,
>>> these are included in jdk_net group.
>> Yes they are, but it is very
> On 17 Aug 2016, at 19:52, Rajan Halade wrote:
>
> On 8/17/16 11:36 AM, Chris Hegarty wrote:
>
>> On 17 Aug 2016, at 18:54, Rajan Halade wrote:
>>> sun/net/www/protocol/https tests are redundant in jdk_security3 group,
>>> these are included in jdk_net group.
>> Yes they are, but it is very
Changes look good Ramanand. Reviewed.
Regards,
Sean.
On 18/08/2016 07:03, David Buck wrote:
Hi Ramanand!
As there are (minor) changes between the two change sets, you will need to get
a code review of the backported changes. I have included the security-dev alias
in the CC list.
Cheers,
-Bu
23 matches
Mail list logo
