On Tue, 2 Mar 2021 16:21:00 GMT, Anthony Scarpino wrote:
>> Hi,
>>
>> I need a review of these two simple fixes. One just sets the input
>> bytebuffer position to the limit upon completion of decryption. The second
>> calls the CipherCore method to clear the state from the previous operation
Does it mean that when switch to HTTP/2, the concern is not valid any longer?
Or there is an alternative solution? Sorry for the questions, I know little
about servlet. I'm trying to understand the requirement of this feature.
Xuelei
From: arjan tijms
Sent: T
Hi,
On Thu, Mar 4, 2021 at 10:48 PM Xue-Lei Fan wrote:
> Did you have a chance to read RFC 8740? Post-Handshake authentication in
> HTTP/2 is not allowed for TLS 1.3. Is there a concern for the use case you
> mentioned?
>
Servlet supports both HTTP/1.1 and HTTP/2. The concern here is for
HTTP
Hi Arjan,
Did you have a chance to read RFC 8740? Post-Handshake authentication in
HTTP/2 is not allowed for TLS 1.3. Is there a concern for the use case you
mentioned?
Xuelei
From: jdk-dev on behalf of arjan tijms
Sent: Thursday, March 4, 2021 12:57 PM
On Thu, 4 Mar 2021 17:36:22 GMT, Alan Hayward
wrote:
> I was building this PR on a new machine, and I now get the following error:
>
> > /Users/alahay01/java/gerrit_jdk/src/java.desktop/macosx/native/libjsound/PLATFORM_API_MacOSX_MidiUtils.c:258:31:
> > error: cast to smaller integer type 'MID
I already replied to Norman directly (because apparently I cannot seem
to find my Reply-all button before my morning caffeine!). It does look
quite a bit like 8241248 and that issue is in my bug queue. I haven't
started work on it yet, but now that Norman has provided me some links
to a repro
On Thu, 4 Mar 2021 15:27:25 GMT, Gerard Ziemski wrote:
>>> A list of the bugs that our internal testing revealed so far:
>>
>> Are any of these blockers for integration? Some of them are to do with
>> things like features that aren't yet supported, and we can't fix what we
>> can't see.
>
>> >
On Mon, 8 Feb 2021 20:46:41 GMT, Sean Mullan wrote:
> Please review this change to disable XML signatures that use SHA-1 based
> digest or signature algorithms. SHA-1 is weak and is not a recommended
> algorithm for digital signatures. This will improve out of the box security
> by restricting
Forward to security-dev.
Xuelei
On Mar 4, 2021, at 6:11 AM, Norman Maurer
mailto:norman.mau...@googlemail.com>> wrote:
Hi there,
I think I found a bug in the TLSv1.3 session cache implementation which
sometimes can cause failures during session resumption.
The cause of this sometimes show up
> Certain JVM tools may access and initialise InetAddress class and its static
> fields during start up resulting in a NameService implementation being
> already set to the default **PlatformNameService**, causing intermittent
> failures in some tests that expect the use of **HostsFileNameServic
On Thu, 4 Mar 2021 13:42:57 GMT, Aleksei Efimov wrote:
>> Fernando Guallini has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> move set env properties to header
>
> test/jdk/sun/security/krb5/canonicalize/Test.java line 37:
>
>> 35: pu
On Wed, 3 Mar 2021 17:46:41 GMT, Andrew Haley wrote:
> > A list of the bugs that our internal testing revealed so far:
>
> Are any of these blockers for integration? Some of them are to do with things
> like features that aren't yet supported, and we can't fix what we can't see.
I don't person
On Tue, 23 Feb 2021 01:47:48 GMT, Ziyi Luo wrote:
> All of the "isAssignableFrom" checks in "engineGetKeySpec" appear to be
> backwards in Java's KeyFactorySpi.engineGetKeySpec implementations. In most
> cases, the requested KeySpec is equal to the concrete implementation so the
> inversion do
Hi there,
I think I found a bug in the TLSv1.3 session cache implementation which
sometimes can cause failures during session resumption.
The cause of this sometimes show up as NPE:
javax.net.ssl.SSLException: Session has no PSK
at java.base/sun.security.ssl.Alert.createSSLException(Ale
On Wed, 3 Mar 2021 12:23:00 GMT, Fernando Guallini
wrote:
> Certain JVM tools may access and initialise InetAddress class and its static
> fields during start up resulting in a NameService implementation being
> already set to the default **PlatformNameService**, causing intermittent
> failur
> Please review this change to disable XML signatures that use SHA-1 based
> digest or signature algorithms. SHA-1 is weak and is not a recommended
> algorithm for digital signatures. This will improve out of the box security
> by restricting XML signatures that use SHA-1 algorithms.
>
> CSR: h
On Thu, 4 Mar 2021 09:47:03 GMT, Evan Whelan wrote:
>> Hi all,
>>
>> Please review my test fix relating to JDK-8262438
>>
>> This patch introduces as Thread.sleep at the start of each iteration which
>> creates a new test jvm.
>> This allows the server socket sufficient time to release the pr
On Tue, 2 Mar 2021 15:04:23 GMT, Evan Whelan wrote:
>> Hi Evan - I am a bit skeptical that the proposed fix will solve the issue.
>> AFAICS the exception is raised by the server side - and if I read it
>> correctly it happens when the server finds that the socket is already closed
>> when it t
On Tue, 2 Mar 2021 15:13:56 GMT, Daniel Fuchs wrote:
>> Evan Whelan has updated the pull request incrementally with two additional
>> commits since the last revision:
>>
>> - 8262438: Stream operations on new lines
>> - 8262438: Ensure all streams are emptied in socket connection
>
> test/jdk
> Hi all,
>
> Please review my test fix relating to JDK-8262438
>
> This patch introduces as Thread.sleep at the start of each iteration which
> creates a new test jvm.
> This allows the server socket sufficient time to release the previous
> connection and allows the port to be used again.
>
20 matches
Mail list logo
