> `keytool` currently uses a simpler scheme in `DisabledAlgorithmConstraints`
> class when performing algorithm constraints checks. This change is to enhance
> `keytool` to make use of the new methods
> `DisabledAlgorithmConstraints.permits` with `CertPathConstraintsParameters`
> and `checkKey`
On Thu, 13 Jan 2022 16:31:35 GMT, Sean Mullan wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Update with review comments
>
> src/java.base/share/classes/sun/security/tools/keytool/Main.java line 187:
>
>> 185:
On Thu, 20 Jan 2022 18:19:19 GMT, Weijun Wang wrote:
> Set `output_token` to empty. It is always accessed (even for a
> `GSS_S_FAILURE`) at
> https://github.com/openjdk/jdk/blob/cfa3f7493149170f2b23a516bc95110dab43fd06/src/java.security.jgss/share/native/libj2gss/GSSLibStub.c#L1160.
This pull
On Thu, 20 Jan 2022 18:19:19 GMT, Weijun Wang wrote:
> Set `output_token` to empty. It is always accessed (even for a
> `GSS_S_FAILURE`) at
> https://github.com/openjdk/jdk/blob/cfa3f7493149170f2b23a516bc95110dab43fd06/src/java.security.jgss/share/native/libj2gss/GSSLibStub.c#L1160.
Changes lo
On Thu, 20 Jan 2022 16:54:21 GMT, Mandy Chung wrote:
> If `sun.jvmstat.monitor.remote.RemoteVm` is the only proxy interface,
> `com.sun.proxy.jdk.proxy*` should adequately cover the proxy classes created
> for `RemoteVm`.
Thanks. With that endorsement I think there are no unresolved issues wi
On 1/18/2022 4:10 PM, Sean Mullan wrote:
On Thu, 6 Jan 2022 20:28:22 GMT, Sean Mullan wrote:
Could you please review the JDK-8255739 bug fix?
I think sun.security.x509.SubjectAlternativeNameExtension() should throw an
exception for incorrect SubjectAlternativeNames instead of returning the
The enhancement adds two extra items in the `getSubjectAlternativeNames()`
output for an OtherName.
It also fix several errors:
1. In `OtherName.java`, `nameValue` should be the value inside `CONTEXT [0]`
without the tag and length bytes.
2. The argument in constructor `extClass.getConstructor(O
Set `output_token` to empty. It is always accessed (even for a `GSS_S_FAILURE`)
at
https://github.com/openjdk/jdk/blob/cfa3f7493149170f2b23a516bc95110dab43fd06/src/java.security.jgss/share/native/libj2gss/GSSLibStub.c#L1160.
-
Commit messages:
- 8280401: [sspi] gss_accept_sec_conte
On Mon, 10 Jan 2022 11:17:12 GMT, Kevin Walls wrote:
>> Remove the use of Security Manager from jstatd.
>> Add use of an ObjectInputFilter to restrict RMI.
>>
>> Also we can undo the property-setting Launcher.gmk change from: 8279007:
>> jstatd fails to start because SecurityManager is disabled
On Thu, 20 Jan 2022 15:31:55 GMT, Daniel Fuchs wrote:
>> Hm, much better. Thanks!
>
>> The phrase "descending order" seems more appropriate for numerical values. I
>> think the previous wording was more clear, with a small change: "The array
>> is ordered based on protocol preference, with the
On Thu, 20 Jan 2022 07:12:42 GMT, Xue-Lei Andrew Fan wrote:
> In the getApplicationProtocols() method in javax.net.ssl.SSLParameters, the
> return statement says that "The array is ordered based on protocol
> preference, with protocols[0] being the most preferred.". However, there is
> no "pro
On Thu, 20 Jan 2022 14:42:56 GMT, Xue-Lei Andrew Fan wrote:
>> src/java.base/share/classes/javax/net/ssl/SSLParameters.java line 619:
>>
>>> 617: *
>>> 618: * @return a non-null, possibly zero-length array of application
>>> protocol
>>> 619: * {@code String}s. The array
On Thu, 20 Jan 2022 14:46:28 GMT, Xue-Lei Andrew Fan wrote:
>> In the getApplicationProtocols() method in javax.net.ssl.SSLParameters, the
>> return statement says that "The array is ordered based on protocol
>> preference, with protocols[0] being the most preferred.". However, there is
>> no
On Thu, 20 Jan 2022 14:16:43 GMT, Sean Mullan wrote:
>> Xue-Lei Andrew Fan has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Update per feedback
>
> src/java.base/share/classes/javax/net/ssl/SSLParameters.java line 619:
>
>> 617: *
>
> In the getApplicationProtocols() method in javax.net.ssl.SSLParameters, the
> return statement says that "The array is ordered based on protocol
> preference, with protocols[0] being the most preferred.". However, there is
> no "protocols" variable in this method.
>
> The update is a minor co
On Thu, 20 Jan 2022 07:12:42 GMT, Xue-Lei Andrew Fan wrote:
> In the getApplicationProtocols() method in javax.net.ssl.SSLParameters, the
> return statement says that "The array is ordered based on protocol
> preference, with protocols[0] being the most preferred.". However, there is
> no "pro
On Thu, 20 Jan 2022 07:12:42 GMT, Xue-Lei Andrew Fan wrote:
> In the getApplicationProtocols() method in javax.net.ssl.SSLParameters, the
> return statement says that "The array is ordered based on protocol
> preference, with protocols[0] being the most preferred.". However, there is
> no "pro
On Thu, 20 Jan 2022 10:58:27 GMT, Michael McMahon wrote:
>> Hi,
>>
>> This change adds Channel Binding Token (CBT) support to HTTPS
>> (java.net.HttpsURLConnection) when used with the Negotiate (SPNEGO,
>> Kerberos) authentication scheme. When enabled, the implementation
>> preemptively inclu
On Thu, 20 Jan 2022 10:58:27 GMT, Michael McMahon wrote:
>> Hi,
>>
>> This change adds Channel Binding Token (CBT) support to HTTPS
>> (java.net.HttpsURLConnection) when used with the Negotiate (SPNEGO,
>> Kerberos) authentication scheme. When enabled, the implementation
>> preemptively inclu
> Hi,
>
> This change adds Channel Binding Token (CBT) support to HTTPS
> (java.net.HttpsURLConnection) when used with the Negotiate (SPNEGO, Kerberos)
> authentication scheme. When enabled, the implementation preemptively includes
> a CBT with authentication requests over Kerberos. The feature
On Wed, 19 Jan 2022 22:25:43 GMT, Weijun Wang wrote:
>> Michael McMahon has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> changes after first review round
>
> src/java.naming/share/classes/com/sun/jndi/ldap/sasl/LdapSasl.java line 133:
>
On Wed, 19 Jan 2022 19:56:53 GMT, Mandy Chung wrote:
> Are all the proxy interfaces public?
sun.jvmstat.monitor.remote.RemoteVm is "public interface RemoteVm extends
Remote" and methods in there only return basic types.
This is in the jdk.jstatd module, where I see the module info contains "exp
22 matches
Mail list logo