Re: RFR 8172975: SecurityTools.keytool() needs to accept user input

2017-01-19 Thread Artem Smotrakov
Hi Max, In general, looks okay. Would it be better if it called redirectInput() only if the response file exists? keytool() method might also delete the response file after reading it. These two measures may prevent situations when the response file is unnecessary used. What do you think?

Re: RFR 8172975: SecurityTools.keytool() needs to accept user input

2017-01-19 Thread Weijun Wang
On 01/19/2017 09:40 PM, Artem Smotrakov wrote: Hi Max, In general, looks okay. Would it be better if it called redirectInput() only if the response file exists? keytool() method might also delete the response file after reading it. These two measures may prevent situations when the response f

Re: RFR release notes for multiple enhancements: krb5, SASL, JAAS, policytool

2017-01-19 Thread Weijun Wang
Another one: https://bugs.openjdk.java.net/browse/JDK-8173035 (https://bugs.openjdk.java.net/browse/JDK-8029904) Remove com.sun.security.auth.callback.DialogCallbackHandler `com.sun.security.auth.callback.DialogCallbackHandler` has been removed in JDK 9. This class, in the JDK-specific exte

Re: RFR 8168075: Custom system class loader + security manager + malformed policy file = recursive initialization

2017-01-19 Thread Adam Petcher
My last attempt to solve this problem didn't work because some classes needed for string formatting were not loaded by init level 3 in some cases. So I had to backtrack and try a different approach. This patch avoids localization and message formatting when the VM is not booted. In this case,

Review: release note for JDK-8015081

2017-01-19 Thread Jamil Nimeh
Hello all, Please review this one release note that documents a change in behavior for the Subject class and it's underlying SecureSet collections: Original bug: https://bugs.openjdk.java.net/browse/JDK-8015081 Release note: https://bugs.openjdk.java.net/browse/JDK-8173069 Text of the release

Code Review Request, JDK-8173066 More verbose debug output for selection of X509 certs

2017-01-19 Thread Xuelei Fan
Hi Sean, Would you please review this debug log update for JSSE key manager implementation: http://cr.openjdk.java.net/~xuelei/8173066/webrev.00/ Trivial update, no new regression test. Thanks, Xuelei

Re: Code Review Request, JDK-8173066 More verbose debug output for selection of X509 certs

2017-01-19 Thread Seán Coffey
Looks good. Thanks for the quick turn around. regards, Sean. On 19/01/2017 17:37, Xuelei Fan wrote: Hi Sean, Would you please review this debug log update for JSSE key manager implementation: http://cr.openjdk.java.net/~xuelei/8173066/webrev.00/ Trivial update, no new regression test.

Re: RFR release notes for multiple enhancements: krb5, SASL, JAAS, policytool

2017-01-19 Thread Xuelei Fan
On 1/18/2017 6:40 PM, Weijun Wang wrote: https://bugs.openjdk.java.net/browse/JDK-8173011 (https://bugs.openjdk.java.net/browse/JDK-8029995) accept yes/no for boolean krb5.conf settings krb5.conf now accepts "yes" or "no" for boolean-valued settings. Looks fine to me. May be nice to state "y

RFR 8172527: Rename jdk.crypto.token to jdk.crypto.cryptoki

2017-01-19 Thread Anthony Scarpino
Hi, I need a review to rename the jdk.crypto.token to jdk.crypto.cryptoki. This is to change what 8171202 had done to the original jdk.crypto.pkcs11 module. For those not familiar with discussions elsewhere, the term "token" is confusing and unclear as it can mean many things cryptographical

Re: RFR 8172527: Rename jdk.crypto.token to jdk.crypto.cryptoki

2017-01-19 Thread Mandy Chung
> On Jan 19, 2017, at 11:39 AM, Anthony Scarpino > wrote: > > Hi, > > I need a review to rename the jdk.crypto.token to jdk.crypto.cryptoki. This > is to change what 8171202 had done to the original jdk.crypto.pkcs11 module. > For those not familiar with discussions elsewhere, the term "tok

Re: RFR 8172527: Rename jdk.crypto.token to jdk.crypto.cryptoki

2017-01-19 Thread Bradford Wetmore
Similar problem about the rename. rename or addremove (likely) should work, but hg add/hg remove won't. To check that all references to jdk.crypto.{token,pkcs11} are gone, I ran a test over lunch and applied the webrev patches to a clean workspace. There was a problem applying the jdk webrev

Re: RFR release notes for multiple enhancements: krb5, SASL, JAAS, policytool

2017-01-19 Thread Jamil Nimeh
Hi Max, just one nit for JDK-8044085: The release note is one sentence, but it is a bit of a run-on. It might be worth breaking it up into two sentences, the first for the description and the second containing the example. Aside from that they look good to me. --Jamil On 1/18/2017 6:40 PM,

Re: RFR release notes for multiple enhancements: krb5, SASL, JAAS, policytool

2017-01-19 Thread Weijun Wang
On 01/20/2017 01:57 AM, Xuelei Fan wrote: On 1/18/2017 6:40 PM, Weijun Wang wrote: https://bugs.openjdk.java.net/browse/JDK-8173011 (https://bugs.openjdk.java.net/browse/JDK-8029995) accept yes/no for boolean krb5.conf settings krb5.conf now accepts "yes" or "no" for boolean-valued setting