Re: RFR: 8231351: Add notes for PKCS11 tests in the test doc

Hi John Jiang, Thank you for your review. 在 2019年09月23日 20:54, sha.ji...@oracle.com 写道: In fact, PKCS11 tests have their own doc at: test/jdk/sun/security/pkcs11/README I'm afraid most people wouldn't see test/jdk/sun/security/pkcs11/README at all. So it makes very little sense to add the

Re: RFR: 8231351: Add notes for PKCS11 tests in the test doc

Hi Erik, Thank you for your review and valuable comments. Updated: http://cr.openjdk.java.net/~jiefu/8231351-huangjia/webrev.01/ - The reference to the pkcs11 README and the reviewers had been added. Please note the user in the patch. Hope you wouldn't mind it. Thanks. Could you please

Re: Issue related to backport JDK-7092821

I’ve filed https://bugs.openjdk.java.net/browse/JDK-8231387 to track this. Thanks, Paul From: "Shi, Tianmin" Date: Monday, September 23, 2019 at 1:21 AM To: "security-dev@openjdk.java.net" Cc: "Hohensee, Paul" Subject: Re: Issue related to backport JDK-7092821 Hi Everyone, I haven’t get

JDK 14 RFR of JDK-8231368: Suppress warnings on non-serializable non-transient instance fields in java.security.jgss

Hello, Another module, another review request as part of making serial warnings more robust:     JDK-8231368: Suppress warnings on non-serializable non-transient instance fields in java.security.jgss     http://cr.openjdk.java.net/~darcy/8231368.0/ (Related earlier review

Re: JDK 14 RFR of JDK-8231262: Suppress warnings on non-serializable instance fields in security libs serializable classes

Hi Sean, On 9/23/2019 12:19 PM, Sean Mullan wrote: Hi Joe, It's a little odd to suppress the warnings in the X509CertImpl class since it is a subclass of java.security.cert.Certificate which implements the writeReplace method so these fields are not serialized. Also for other classes like

Re: JDK 14 RFR of JDK-8231262: Suppress warnings on non-serializable instance fields in security libs serializable classes

Hi Joe, It's a little odd to suppress the warnings in the X509CertImpl class since it is a subclass of java.security.cert.Certificate which implements the writeReplace method so these fields are not serialized. Also for other classes like X509Key which are internal it is a little odd to

Re: RFR: 8231351: Add notes for PKCS11 tests in the test doc

I think this type of comment fits well in the top level test doc. It just provides basic instructions for setting up these tests so that they pass without going into too much detail. Perhaps a reference to the pkcs11 README for more details would be a good idea. Looks good to me. /Erik On

RE: RFR: 8231222: fix pkcs11 P11_DEBUG guarded native traces

Hi Christoph, thanks for the review ! I'll update the Copyright years . Will push it as XS tomorrow in case of no further comments / objections. Best regards, Matthias From: Langer, Christoph Sent: Montag, 23. September 2019 16:50 To: Baesken, Matthias ; security-dev@openjdk.java.net

RE: RFR: 8231222: fix pkcs11 P11_DEBUG guarded native traces

Hi Matthias, your change looks good to me. Don't forget to update the copyright years before pushing. Best regards Christoph From: security-dev On Behalf Of Baesken, Matthias Sent: Donnerstag, 19. September 2019 16:28 To: security-dev@openjdk.java.net Subject: [CAUTION] RFR: 8231222:

RE: RFR [XS] 8231357: sun/security/pkcs11/Cipher/TestKATForGCM.java fails on SLES11 using mozilla-nss-3.14

Hi Christoph, I am okay with your suggestion to just print a message in case that an older nss lib < 3.15 is found ; however let's see what others think . (but for Solaris we let the test pass when noticing old nss versions , so I thought it might make some sense to

RE: RFR [XS] 8231357: sun/security/pkcs11/Cipher/TestKATForGCM.java fails on SLES11 using mozilla-nss-3.14

Hi Matthias, generally I agree that it's a good idea to have more diagnostic output in case of failures in this test. But, given that there's an upgrade path even on our old Linux SLES 11.3 system to a newer libnss that has a fix for the bug that we observe, I suggest that the test should

RFR [XS] 8231357: sun/security/pkcs11/Cipher/TestKATForGCM.java fails on SLES11 using mozilla-nss-3.14

Hello, please review this small test related change . We noticed that on our SLES (SuSE Linux) 11 test machines, the test sun/security/pkcs11/Cipher/TestKATForGCM.java fails when older nss versions are used on the system , especially nss 3.14 . The used package is named

Re: RFR: 8231351: Add notes for PKCS11 tests in the test doc

Hi Jia, I think this isn't a general testing problem. It may not worthy of highlighting this point in the JDK testing doc. In fact, PKCS11 tests have their own doc at: test/jdk/sun/security/pkcs11/README Best regards, John Jiang On 2019/9/23 18:04, Jia Huang wrote: Hi all, JBS:   

RFR: 8231351: Add notes for PKCS11 tests in the test doc

Hi all, JBS:https://bugs.openjdk.java.net/browse/JDK-8231351 Webrev: http://cr.openjdk.java.net/~jiefu/8231351-huangjia/webrev.00/ sun/security/pkcs11/Secmod/AddTrustedCert.java failed on Ubuntu 18.04. According to the comments in JDK-8231338, it was caused by the improper NSS libs of the

Re: Issue related to backport JDK-7092821

Hi Everyone, I haven’t get any response yet for my previous email. so I would like to raise this issue again and also attached a small code sample to repo the issue. This sample code works fine in JDK8 but print out this line in JDK13 due to the race condition "CertificateFactory.Fixed is NULL"