This fix adjusts the SunJSSE provider's handling of the jdk.tls.[client |
server].SignatureSchemes property and its effect on messages that assert the
signature_algorithms and signature_algorithms_cert extensions, or
supported_signature_algorithms vectors like those used in TLS 1.2
On Sat, 20 Feb 2021 01:56:37 GMT, Jamil Nimeh wrote:
> This fix adjusts the SunJSSE provider's handling of the jdk.tls.[client |
> server].SignatureSchemes property and its effect on messages that assert the
> signature_algorithms and signature_algorithms_cert extensions, or
>
On Fri, 19 Feb 2021 12:48:05 GMT, Jim Laskey wrote:
>> This PR is to introduce a new random number API for the JDK. The primary API
>> is found in RandomGenerator and RandomGeneratorFactory. Further description
>> can be found in the JEP https://openjdk.java.net/jeps/356 .
>>
>> javadoc can
> Redo for 8237578: JDK-8214339 (SSLSocketImpl wraps SocketException) appears
> to not be fully fixed
>
> This also fixes JDK-8259516: Alerts sent by peer may not be received
> correctly during TLS handshake
Clive Verghese has updated the pull request with a new target base due to a
merge or
On Tue, 9 Feb 2021 21:04:00 GMT, Weijun Wang wrote:
>> Please review this change to disable XML signatures that use SHA-1 based
>> digest or signature algorithms. SHA-1 is weak and is not a recommended
>> algorithm for digital signatures. This will improve out of the box security
>> by
On Thu, 18 Feb 2021 11:09:17 GMT, Valerie Peng wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> materials
>
> Other files look fine. Thanks~
Add one more clean. Adjusting macKeyLen and ivLen in
> Clean up temporary byte array, char array, and keyspec around keys and
> passwords.
>
> No new regression test.
Weijun Wang has updated the pull request incrementally with one additional
commit since the last revision:
simpler spec creation, and one more clean
-
Changes:
-
`InetAddress` is loading native library `net` and at the same time
`SunNativeProvider` is loading `j2gss`, and in the `OnLoad` function inside
`j2gss` it is calling `FindClass(env, "java/net/InetAddress")` and thus a
deadlock.
We can access `InetAddress` in `SunNativeProvider.` before loading
On Fri, 19 Feb 2021 08:05:06 GMT, Andrey Turbanov
wrote:
>> src/java.base/share/classes/sun/security/provider/certpath/X509CertPath.java
>> line 228:
>>
>>> 226: try {
>>> 227: if (is.markSupported() == false) {
>>> 228: // Copy the entire input stream into
On Wed, 25 Nov 2020 13:55:32 GMT, Jim Laskey wrote:
>> src/java.base/share/classes/java/util/random/RandomGenerator.java line 745:
>>
>>> 743: * if the period is unknown.
>>> 744: */
>>> 745: BigInteger UNKNOWN_PERIOD = BigInteger.ZERO;
>>
>> move those 3 values into
> This PR is to introduce a new random number API for the JDK. The primary API
> is found in RandomGenerator and RandomGeneratorFactory. Further description
> can be found in the JEP https://openjdk.java.net/jeps/356 .
>
> javadoc can be found at
>
Similar to the constructor SNIHostName(String hostname), the constructor
SNIHostName(byte[] encoded) also needs to check if the encoded hostname conform
to RFC 3490.
-
Commit messages:
- JDK-8261969: SNIHostName would check if the encoded hostname conform to RFC
3490
Changes:
On Thu, 18 Feb 2021 22:24:28 GMT, Rajan Halade wrote:
>> Evan Whelan has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> 8211227: Re-wrote LoggingFormatConsistency to use local SSL server rather
>> than an existing URL
>
>
On Thu, 18 Feb 2021 19:21:45 GMT, Sean Mullan wrote:
>> Andrey Turbanov has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> 8080272: Refactor I/O stream copying to use java.io.InputStream.transferTo
>> remove unnecessary file.exists()
14 matches
Mail list logo