This is the security libs portion of the effort to replace
archaic/non-inclusive words with more neutral terms (see JDK-8253315 for
details).
Here are the changes covering core libraries code and tests. Terms were changed
as follows:
- blacklisted.certs -> blocked.certs (along with supporting
On Wed, 13 Jan 2021 22:19:00 GMT, Rajan Halade wrote:
> please add noreg label to the JBS bug.
Added. Thanks.
-
PR: https://git.openjdk.java.net/jdk/pull/2070
On Tue, 12 Jan 2021 19:18:18 GMT, Hai-May Chao wrote:
>> This enhancement adds support for the nonce extension in OCSP request
>> extensions by system property jdk.security.certpath.ocspNonce.
>>
>> Please review the CSR at:
>> https://bugs.openjdk.java.net/browse/JDK-8257766
>
> Hai-May Chao h
> Redo for 8237578: JDK-8214339 (SSLSocketImpl wraps SocketException) appears
> to not be fully fixed
>
> This also fixes JDK-8259516: Alerts sent by peer may not be received
> correctly during TLS handshake
Clive Verghese has updated the pull request incrementally with one additional
commit s
On Wed, 13 Jan 2021 18:41:26 GMT, Rajan Halade wrote:
>> Clive Verghese has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Fix bugids and use server port passed as a parameter
>
> test/jdk/sun/security/ssl/SSLContextImpl/ShouldThrowSSLExcep
On Tue, 12 Jan 2021 03:34:00 GMT, Hai-May Chao wrote:
> The jarsigner tool currently provides warning associated with the signer’s
> cert when it uses weak algorithms, but not for the CA certs. This change is
> to process the signer’s cert chain to warn if CA certs use weak algorithms.
This pu
On Wed, 13 Jan 2021 21:32:07 GMT, Weijun Wang wrote:
> Clean up temporary byte array, char array, and keyspec around keys and
> passwords.
>
> No new regression test.
please add noreg label to the JBS bug.
-
PR: https://git.openjdk.java.net/jdk/pull/2070
On Wed, 13 Jan 2021 20:25:53 GMT, Sean Mullan wrote:
>> src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Main.java line
>> 1484:
>>
>>> 1482: // If the cert is trusted, only check its key size,
>>> but not its
>>> 1483: // signature algorithm. This is
On Wed, 13 Jan 2021 15:17:22 GMT, Weijun Wang wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> No warning for trusted cert's SHA1, and added debug output to test
>
> src/jdk.jartool/share/classes/sun/security/tools/
On Wed, 13 Jan 2021 20:26:17 GMT, Sean Mullan wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> No warning for trusted cert's SHA1, and added debug output to test
>
> Marked as reviewed by mullan (Reviewer).
Thanks
> The jarsigner tool currently provides warning associated with the signer’s
> cert when it uses weak algorithms, but not for the CA certs. This change is
> to process the signer’s cert chain to warn if CA certs use weak algorithms.
Hai-May Chao has updated the pull request incrementally with on
Clean up temporary byte array, char array, and keyspec around keys and
passwords.
No new regression test.
-
Commit messages:
- 8258915: More temporary buffer cleanup
Changes: https://git.openjdk.java.net/jdk/pull/2070/files
Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=20
On Wed, 13 Jan 2021 15:13:52 GMT, Weijun Wang wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> No warning for trusted cert's SHA1, and added debug output to test
>
> src/jdk.jartool/share/classes/sun/security/tools/
On Wed, 13 Jan 2021 01:21:14 GMT, Hai-May Chao wrote:
>> The jarsigner tool currently provides warning associated with the signer’s
>> cert when it uses weak algorithms, but not for the CA certs. This change is
>> to process the signer’s cert chain to warn if CA certs use weak algorithms.
>
> H
On Fri, 8 Jan 2021 19:08:34 GMT, Weijun Wang wrote:
> More temporary byte array, char array, keyspec cleanup around keys and
> passwords.
>
> No new regression test.
This pull request has been closed without being integrated.
-
PR: https://git.openjdk.java.net/jdk16/pull/98
On Wed, 13 Jan 2021 06:19:18 GMT, Clive Verghese wrote:
> Redo for 8237578: JDK-8214339 (SSLSocketImpl wraps SocketException) appears
> to not be fully fixed
>
> This also fixes JDK-8259516: Alerts sent by peer may not be received
> correctly during TLS handshake
Changes requested by rhalade
On Wed, 13 Jan 2021 01:21:14 GMT, Hai-May Chao wrote:
>> The jarsigner tool currently provides warning associated with the signer’s
>> cert when it uses weak algorithms, but not for the CA certs. This change is
>> to process the signer’s cert chain to warn if CA certs use weak algorithms.
>
> H
On Wed, 13 Jan 2021 00:54:16 GMT, Valerie Peng wrote:
>> Can someone help review this?
>>
>> This change enhances RSA KeyFactory impl of SunRsaSign and SunPKCS11
>> providers to accept RSA keys in PKCS#1 format and encoding and translate
>> them to provider-specific RSA keys. Updated the relev
On Wed, 13 Jan 2021 01:21:14 GMT, Hai-May Chao wrote:
>> The jarsigner tool currently provides warning associated with the signer’s
>> cert when it uses weak algorithms, but not for the CA certs. This change is
>> to process the signer’s cert chain to warn if CA certs use weak algorithms.
>
> H
On Wed, 13 Jan 2021 06:19:18 GMT, Clive Verghese wrote:
> Redo for 8237578: JDK-8214339 (SSLSocketImpl wraps SocketException) appears
> to not be fully fixed
>
> This also fixes JDK-8259516: Alerts sent by peer may not be received
> correctly during TLS handshake
The changes to the HttpClient
Redo for 8237578: JDK-8214339 (SSLSocketImpl wraps SocketException) appears to
not be fully fixed
This also fixes JDK-8259516: Alerts sent by peer may not be received correctly
during TLS handshake
-
Commit messages:
- 8259662: SocketException should be passed through
Changes: ht
21 matches
Mail list logo