Re: JEP411: Missing use-case: Monitoring / restricting libraries

Hi all, apologize if I interrupted this thread. I agreed on what Reinier has said and I have similar concerns about the removal of SecurityManager. I have developed a "Mod" for a certain game to monitor which "Mods" are using network connections. The mod is a kind of library since other libraries

Re: RFR: 8240256: Better resource cleaning for SunPKCS11 Provider

On Fri, 16 Apr 2021 11:24:57 GMT, Sean Coffey wrote: > Added capability to allow the PKCS11 Token to be destroyed once a session is > logged out from. New configuration properties via pkcs11 config file. Cleaned > up the native resource poller also. > > New unit test case to test behaviour. So

Re: RFR: 8185127: Add tests to cover hashCode() method for java supported crypto key types [v2]

On Fri, 16 Apr 2021 07:37:43 GMT, Sibabrata Sahoo wrote: >> Should be || instead of &&? Would also be nice to know which one(s) failed. > > Considering equality and hashCode check may not be same for all KeyTypes, i > have relaxed the verification with || operator. Also added print statement >

Re: RFR: 8185127: Add tests to cover hashCode() method for java supported crypto key types [v2]

On Fri, 16 Apr 2021 07:32:08 GMT, Sibabrata Sahoo wrote: >> test/jdk/javax/crypto/KeyGenerator/CompareKeys.java line 114: >> >>> 112: HmacSHA384("HmacSHA384"), >>> 113: HmacSHA512("HmacSHA512"), >>> 114: RC2("RC2"); >> >> Just curious, how are these decided? Should this

Re: RFR: 8185127: Add tests to cover hashCode() method for java supported crypto key types [v6]

On Sat, 17 Apr 2021 09:36:55 GMT, Sibabrata Sahoo wrote: >> This is a simple Test to add few additional API coverage for all java >> supported key types. The objective of this Test is to cover equals() and >> hashcode() methods for each key types. > > Sibabrata Sahoo has updated the pull reques

Re: RFR: 8264208: Console charset API [v11]

> Please review the changes for the subject issue. This has been suggested in > a recent discussion thread for the JEP 400 > [[1](https://mail.openjdk.java.net/pipermail/core-libs-dev/2021-March/075214.html)]. > A CSR has also been drafted, and comments are welcome > [[2](https://bugs.openjdk.

Re: RFR: 8236671: NullPointerException in JKS keystore

On Tue, 20 Apr 2021 20:06:16 GMT, Sean Coffey wrote: > > It looks like a public behavior change to me. Did you want to file a CSR > > and update the specification (KeyStore) as well? I think it would be nice > > if we could keep use the old exception, IllegalArgumentException, as > > described

Re: How do I report a potential bug in OpenJDK?

It is nest to post the verbatim error message and maybe also the URL to reproduce. But if you notice a sudden change in behavior and the cert is not expired, then it’s likely a server-side change. Did you try to connect with browser and OpenSSl cli? You can debug JSSE connections but the except

Re: RFR: 8236671: NullPointerException in JKS keystore

On Tue, 20 Apr 2021 17:00:40 GMT, Xue-Lei Andrew Fan wrote: > It looks like a public behavior change to me. Did you want to file a CSR and > update the specification (KeyStore) as well? I think it would be nice if we > could keep use the old exception, IllegalArgumentException, as described in

Re: JEP411: Restricting/logging library usages using a SecurityManager

On 15/04/2021 22:10, Roel Spilker wrote: : But on my server application, we use libraries. And I'm very interested on how they behave. I would like to log or restrict the following actions: - Spawning new processes - Unexpected file access - Unexpected network traffic Currently, our applicat

Re: RFR: 8236671: NullPointerException in JKS keystore

On Tue, 20 Apr 2021 11:54:39 GMT, Sean Coffey wrote: > Trivial enough change. Improved the exception thrown from JceKeyStore also. It looks like a public behavior change to me. Did you want to file a CSR and update the specification (KeyStore) as well? - PR: https://git.openjdk.j

Re: RFR: 8236671: NullPointerException in JKS keystore

On Tue, 20 Apr 2021 11:54:39 GMT, Sean Coffey wrote: > Trivial enough change. Improved the exception thrown from JceKeyStore also. Marked as reviewed by hchao (Committer). - PR: https://git.openjdk.java.net/jdk/pull/3588

JEP 411: methods in j.u.c.Executors

The JEP should also address the following methods in java.util.concurrent.Executors: privilegedCallable, privilegedCallableUsingCurrentClassLoader​, privilegedThreadFactory Since AccessController et al. will be terminally deprecated, I'd assume these methods should be as well. Kind regards, Ant

JEP411: Restricting/logging library usages using a SecurityManager

Hi all, So I do get why RMI and Applets are no longer used. I also agree that the performance and usability of the current implementation is suboptimal, and that configuring the security manager through text files is also not that easy. But on my server application, we use libraries. And I'm ver

Re: New candidate JEP: 411: Deprecate the Security Manager for Removal

How do I report a potential bug in OpenJDK?

We've been using OpenJDK in a product and since March 17, OpenJDK seems to be reporting a "Certificate Unknown" error on a previously working certificate. Versions are 8.0.212.03, 8.0.282.8, 11.0.5.10, 11.0.10.9. Given that I'm a newbie - debug? Diagnostics? Changelog to look at possible

Re: New candidate JEP: 411: Deprecate the Security Manager for Removal

RFR: 8236671: NullPointerException in JKS keystore

Trivial enough change. Improved the exception thrown from JceKeyStore also. - Commit messages: - Fix white space - 8236671: NullPointerException in JKS keystore Changes: https://git.openjdk.java.net/jdk/pull/3588/files Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=3588&ran

[8u] RFR: 8206925: Support the certificate_authorities extension

Hi, Please review this OpenJDK 8u backport of the certificate_authorities extensionj. The OpenJDK 11u patch didn't apply cleanly after path unshuffeling, but was fairly trivial to resolve. Conflicts caused by: 1. X509Authentication.java copyright line conflict only. Resolved manually. 2. SSLCo