Hi Sean , I opened
https://bugs.openjdk.java.net/browse/JDK-8243543
JDK-8243543 : jtreg test
security/infra/java/security/cert/CertPathValidator/certification/BuypassCA.java
fails
Best regards, Matthias
>> Hello,?? the test
>> 'security/infra/java/security/cert/CertPathValidator/certific
Hello, the test
'security/infra/java/security/cert/CertPathValidator/certification/BuypassCA.java'
started failing since last nightly tests (both in jdk/jdk and jdk11) .
Looks like a certificate has been revoked.
Error is :
=
Received ex
cribed here
https://www.globalsign-media.com/en/incident-report/2020-03-18-singapore-dc .
Most likely it is the issue described in the incident report .
Best regards, Matthias
-Original Message-
From: Sean Mullan
Sent: Freitag, 20. März 2020 18:15
To: Rajan Halade ; Baesken, Matthia
Hello, for a few days we see the test
security/infra/java/security/cert/CertPathValidator/certification/GlobalSignR6CA.java
failing sometimes. The failures are seen not only in jdk/jdk but also in jdk11,
that's why we suppose it might be
some issue with the infrastructure and/or certificate autho
Thanks ! May I get a second review ?
Best regards, Matthias
From: Langer, Christoph
Sent: Freitag, 21. Februar 2020 13:47
To: Baesken, Matthias ; security-dev@openjdk.java.net
Subject: RE: RFR [XS]: 8239457: call ReleaseStringUTFChars before early returns
in
Ping - any reviews please ?
Best regards, Matthias
From: Baesken, Matthias
Sent: Mittwoch, 19. Februar 2020 13:55
To: security-dev@openjdk.java.net
Subject: RFR [XS]: 8239457: call ReleaseStringUTFChars before early returns in
Java_sun_security_pkcs11_wrapper_PKCS11_connect
Hello, please
Hello, please review this small change to unix
Java_sun_security_pkcs11_wrapper_PKCS11_connect .
Here we miss a call to ReleaseStringUTFChars before early returns , e.g.
these early returns .
127 // with the old JAR file jGetFunctionList is null, temporarily check
for that
128 if
Hello, please review this small test change .
AmazonCA.java fails intermittent
In the discussion of https://bugs.openjdk.java.net/browse/JDK-8238157it
has been found that test AmazonCA.java fails intermittent .
So to make this transparent we should add the intermittent key to the t
Sean, Christoph, thanks for the reviews !
>
> Looks good.
>
> --Sean
>
Sorry, had a typo in the last one , new webrev :
http://cr.openjdk.java.net/~mbaesken/webrevs/8237962.4/
Best regards, Matthias
>
>
> Hi Christoph, that sounds like a good idea .
>
> New webrev :
>
> http://cr.openjdk.java.net/~mbaesken/webrevs/8237962.3/
>
> Thanks, Matthias
>
>
>
> Best regards
> Christoph
>
> > -Original Message-
> > From: Baesken, Matthias
> > Sent: Donnerstag, 30. Januar 2020 09:25
> > To: Sean Mullan ; security-
> > d...@openjdk.java.net
> > Cc: Langer, Christoph
> > Subject: RE: RFR: 8237962: give bett
like this !
Best regards, Matthias
>
> On 1/29/20 7:18 AM, Baesken, Matthias wrote:
> >
> > Hello, recently we see (cross platform) sometimes failures in the
> > jtreg test
> >
> security/infra/java/security/cert/CertPathValidator/certification/AmazonCA.
&
Thanks, may I have a second review ?
Best regards, Matthias
> Looks good.
>
> Thanks,
> Sean
>
> On 1/29/20 4:20 AM, Baesken, Matthias wrote:
> >
> > Hi Sean, new webrev :
> >
> >
> > http://cr.openjdk.java.net/~mbaesken/webrevs/8237962.1/
> >
> >
> > Best Regards, Matthias
> >
Hello, recently we see (cross platform) sometimes failures in the jtreg test
security/infra/java/security/cert/CertPathValidator/certification/AmazonCA.java
.
The failures look like this :
java.lang.RuntimeException: TEST FAILED: unexpected revocation date
at
ValidatePathWit
t for invalid OCSP
> response intervals in CertPathValidator checks
> Message-ID:
> Content-Type: text/plain; charset=windows-1252; format=flowed
>
> Hi Matthias,
>
> On 1/28/20 8:18 AM, Baesken, Matthias wrote:
> > Hello, please review this small change .
> >
>
Hello, please review this small change .
While working on
https://bugs.openjdk.java.net/browse/JDK-8237869
and
https://bugs.openjdk.java.net/browse/JDK-8237888
I noticed that the error output in case of invalid OCSP response intervals
could be improved a bit.
Bug/webrev :
https://bugs.openj
Hi, new webrev , now with the other bugid :
http://cr.openjdk.java.net/~mbaesken/webrevs/8237869.1/
... and new issue to track the LuxTrust instabilities :
https://bugs.openjdk.java.net/browse/JDK-8237888
security/infra/java/security/cert/CertPathValidator/certification/LuxTrustCA.java
fa
nal Message-
> From: Sean Mullan
> Sent: Freitag, 24. Januar 2020 21:11
> To: Baesken, Matthias ; security-
> d...@openjdk.java.net
> Subject: Re: jtreg test
> security/infra/java/security/cert/CertPathValidator/certification/LuxTrustCA.
> java instabilities
>
> On 1/24
Sean Mullan
Sent: Donnerstag, 23. Januar 2020 21:46
To: Baesken, Matthias ; security-dev@openjdk.java.net
Subject: Re: jtreg test
security/infra/java/security/cert/CertPathValidator/certification/LuxTrustCA.java
instabilities
On 1/17/20 8:09 AM, Baesken, Matthias wrote:
Hello, I wonder if y
Hello, I wonder if you have some input regarding the following issue.
I noticed a couple of instabilities (in jdk13 and higher) in the test
security/infra/java/security/cert/CertPathValidator/certification/LuxTrustCA.java
.
The test sometimes fails when validating the "validity inte
Hi Christoph, you are right - I should better use getVersionStr() , I’ll
replace it .
Valerie are you fine with the latest webrev ?
Best regards, Matthias
From: Langer, Christoph
Sent: Mittwoch, 25. September 2019 16:50
To: Baesken, Matthias ; Valerie Peng
; security-dev
nd
then have just one throw e; after the whole if else block.
Best regards
Christoph
From: Baesken, Matthias
<mailto:matthias.baes...@sap.com>
Sent: Dienstag, 24. September 2019 10:30
To: Langer, Christoph
<mailto:christoph.lan...@sap.com>;
security-dev@openjdk.java.net<mailto:se
New webrev :
http://cr.openjdk.java.net/~mbaesken/webrevs/8231357.1/
I adjusted the imports and now output a warning .
Best regards, Matthias
From: Baesken, Matthias
Sent: Montag, 23. September 2019 16:07
To: Langer, Christoph ; security-dev@openjdk.java.net
Cc: Zeller, Arno
Subject: RE: RFR
Hi Christoph, thanks for the review !
I'll update the Copyright years .
Will push it as XS tomorrow in case of no further comments / objections.
Best regards, Matthias
From: Langer, Christoph
Sent: Montag, 23. September 2019 16:50
To: Baesken, Matthias ; security-dev@openjdk.jav
sense to behave on Linux in the same way )
Best regards, Matthias
From: Langer, Christoph
Sent: Montag, 23. September 2019 15:53
To: Baesken, Matthias ; security-dev@openjdk.java.net
Cc: Zeller, Arno
Subject: RE: RFR [XS] 8231357: sun/security/pkcs11/Cipher/TestKATForGCM.java
fails on SLES11 using
Hello, please review this small test related change .
We noticed that on our SLES (SuSE Linux) 11 test machines, the test
sun/security/pkcs11/Cipher/TestKATForGCM.java
fails when older nss versions are used on the system , especially nss 3.14 .
The used package is named mozilla-nss-3
Hello, please reviews this fix of the pkcs11 native tracing( P11_DEBUG
guarded native traces ).
I had enabled it to look into a issue with pkcs11 not working on a
recently patched Linux system .
But noticed that the traces did not work any more (probably mostly because of
changed
Hi Alan and Thomas, Thanks for the reviews !
From: Thomas Stüfe
Sent: Mittwoch, 11. September 2019 17:51
To: Baesken, Matthias
Cc: security-dev@openjdk.java.net
Subject: Re: RFR [XS] : 8230861: missing ReleaseStringUTFChars in
Java_sun_security_pkcs11_wrapper_PKCS11_connect
+1
Cheers, Thomas
Hello, please review this small fix .
It adds a ReleaseStringUTFChars to an early (special case) return in
function Java_sun_security_pkcs11_wrapper_PKCS11_connect .
Bug/webrev :
https://bugs.openjdk.java.net/browse/JDK-8230861
http://cr.openjdk.java.net/~mbaesken/webrevs/8230861.0/
Th
Hello Christoph, the change looks good to me .
However I suggest to wait a day or two for more feedback , because
http://cr.openjdk.java.net/~clanger/webrevs/8204203.11u.0/test/jdk/sun/security/pkcs11/PKCS11Test.java.frames.html
889 @Artifact(
890 organization = "jpg.tests.j
Thanks for the review .
Do I need a second review for this one ?
Best regards, Matthias
> -Original Message-
> From: Weijun Wang
> Sent: Mittwoch, 24. Juli 2019 15:41
> To: Baesken, Matthias
> Cc: security-dev@openjdk.java.net; naoto.s...@oracle.com
> Subject: Re:
Hello, here is the webrev for easier review .
Bug/webrev (after my webrev creation works again) :
http://cr.openjdk.java.net/~mbaesken/webrevs/8228578.0/
https://bugs.openjdk.java.net/browse/JDK-8228578
Best regards, Matthias
From: Baesken, Matthias
Sent: Mittwoch, 24. Juli 2019 13:17
To
Hello, please review the following small patch .
In KeystoreImpl.m we call CFDataCreate at one place. According to
https://developer.apple.com/documentation/corefoundation/1542359-cfdatacreate?language=objc
the return value of CFDataCreate is :"A new CFData object, or NULL if there
Mullan
> Sent: Dienstag, 22. Januar 2019 22:57
> To: Langer, Christoph ; Seán Coffey
> ; OpenJDK Dev list d...@openjdk.java.net>
> Cc: Baesken, Matthias
> Subject: Re: Shall TLS_EMPTY_RENEGOTIATION_INFO_SCSV really be
> disabled via jdk.tls.disabledAlgorithms=...,NULL or is it a
s
> Sent: Dienstag, 18. Dezember 2018 10:04
> To: Baesken, Matthias ; 'hotspot-
> d...@openjdk.java.net' ; serviceability-
> d...@openjdk.java.net; security-dev@openjdk.java.net; JC Beyler
>
> Subject: Re: RFR: [XS] 8215411: some GetByteArrayElements calls miss
> corresp
bytePtr before returning here
735 if (bytesRead != numBytes) {
736 return 0;
737 }
?
Best regards, Matthias
> -----Original Message-
> From: David Holmes
> Sent: Dienstag, 18. Dezember 2018 01:20
> To: Baesken, Matthias ; 'hotspot-
> d...@openjdk.java.net&
Hello, please review the following change.
I noticed that we miss at some places (for example in case of early returns)
where GetByteArrayElements is used, the corresponding ReleaseByteArrayElements
call.
In VirtualMachineImpl.c I also removed a check for isCopy (is the returned
byte array a
hias
> -Original Message-----
> From: Sean Mullan
> Sent: Donnerstag, 8. November 2018 20:36
> To: Baesken, Matthias ; Langer, Christoph
> ; Alan Bateman ;
> security-dev@openjdk.java.net; core-libs-...@openjdk.java.net
> Subject: Re: RFR: 8211752: JNU_ThrowIOExceptionW
tification/ActalisCA.java
should be set on the exclude list for now (until JDK-8202651 is resolved)
?
Best regards, Matthias
> -Original Message-
> From: Sean Mullan
> Sent: Montag, 26. November 2018 15:57
> To: Baesken, Matthias ; security-
> d...@openjdk.java.net
4:24
> To: Baesken, Matthias ; security-
> d...@openjdk.java.net
> Subject: Re: jdk11u and jdk/jdk : jtreg test error in
> security/infra/java/security/cert/CertPathValidator/certification/ActalisCA.ja
> va
>
> On 11/26/18 7:51 AM, Baesken, Matthias wrote:
> > Hello, since 18th
Hello, since 18th / 19th November we notice an error in the jtreg test
security/infra/java/security/cert/CertPathValidator/certification/ActalisCA.java
(on all platforms, for example linux x86_64 ).
Has anyone else seen the issue, or is it just us ?
Thanks, Matthias
Error (stderr) outp
path output at the other places too ).
Thanks, Matthias
> -Original Message-
> From: Sean Mullan
> Sent: Freitag, 12. Oktober 2018 17:19
> To: Langer, Christoph ; Baesken, Matthias
> ; Alan Bateman ;
> security-dev@openjdk.java.net; core-libs-...@openjdk.java.net
> S
age-
> From: Rajan Halade
> Sent: Dienstag, 30. Oktober 2018 19:59
> To: security-dev ; Sean Mullan
> ; Lindenmaier, Goetz
> ; Baesken, Matthias
>
> Subject: RFR: 8207059: Update test certificates in QuoVadisCA.java test
>
> Please review this fix to update test ce
Halade
> Sent: Dienstag, 18. September 2018 19:05
> To: Lindenmaier, Goetz ; Baesken, Matthias
>
> Cc: security-dev@openjdk.java.net
> Subject: Re:
> security/infra/java/security/cert/CertPathValidator/certification/QuoVadisC
> A.java fails in jdk
>
> We found an issue wi
t regards ,
Matthias
From: Alan Bateman
Sent: Freitag, 12. Oktober 2018 11:18
To: Baesken, Matthias ;
security-dev@openjdk.java.net; core-libs-...@openjdk.java.net
Subject: Re: RFR: 8211752: JNU_ThrowIOExceptionWithLastErrorAndPath - enhance
some IOExceptions with path causing the
Exceptions=hostInfo,jar,ioExceptionsWithPath
Thanks, Matthias
From: Baesken, Matthias
Sent: Dienstag, 9. Oktober 2018 14:12
To: security-dev@openjdk.java.net; core-libs-...@openjdk.java.net
Cc: Alan Bateman (alan.bate...@oracle.com)
Subject: FW: RFR: 8211752: JNU_ThrowIOExceptionWithLastErrorAndPath
messages to the
java.security file .
Best regards, Matthias
From: Baesken, Matthias
Sent: Dienstag, 9. Oktober 2018 13:40
To: core-libs-...@openjdk.java.net
Cc: Langer, Christoph ; Lindenmaier, Goetz
Subject: RFR: 8211752: JNU_ThrowIOExceptionWithLastErrorAndPath - enhance some
IOExceptions
Hello I changed it to jar , also added some minor adjustments suggested by
Christoph .
http://cr.openjdk.java.net/~mbaesken/webrevs/8205525.12/
Regards, Matthias
> -Original Message-
> From: Sean Mullan
> Sent: Dienstag, 11. September 2018 20:44
> To: Langer, Christo
> I don't have a strong opinion on making Manifest.jarFilename final
Hi, just making it final leads to compile errors anyway.
Best regards, Matthias
> -Original Message-
> From: Weijun Wang
> Sent: Dienstag, 11. September 2018 13:04
> To: Baesken, Matthias
>
Hello, please check the new webrev :
http://cr.openjdk.java.net/~mbaesken/webrevs/8205525.10/
I kept the jarPath category name .
Best regards, Matthias
> -Original Message-
> From: Langer, Christoph
> Sent: Montag, 10. September 2018 21:30
> To: Weijun Wang ; Baesk
n and just return "filename" as
is.)
After the changes I wonder - should the jarPath category be renamed to
jarFile (or something else) ?
Best regards, Matthias
> -Original Message-
> From: Langer, Christoph
> Sent: Montag, 10. September 2018 10:04
> To: Baes
ph
> Sent: Montag, 10. September 2018 10:04
> To: Baesken, Matthias ; Wang Weijun
> ; Sean Mullan
> Cc: security-dev@openjdk.java.net; core-libs-...@openjdk.java.net
> Subject: RE: [RFR] 8205525 : Improve exception messages during manifest
> parsing of jar archives
>
n() {
214 return "manifest of " + file.getName() + ":" + lineNumber;
215 }
Best regards, Matthias
> -Original Message-
> From: Wang Weijun
> Sent: Samstag, 8. September 2018 17:43
> To: Sean Mullan
> Cc: Baesken, Matthias
Hi Max, thanks for adding yourself as a reviewer.
I set the CSR ( https://bugs.openjdk.java.net/browse/JDK-8207768 ) to
proposed.
Best regards, Matthias
>
> Message: 2
> Date: Tue, 4 Sep 2018 21:31:58 +0800
> From: Weijun Wang
> To: "Baesken, Matthias&q
; -Original Message-
> From: Weijun Wang
> Sent: Montag, 3. September 2018 17:14
> To: Baesken, Matthias
> Cc: Alan Bateman ; Sean Mullan
> ; Chris Hegarty ;
> security-dev@openjdk.java.net; core-libs-...@openjdk.java.net
> Subject: Re: [RFR] 8205525 : Improve exceptio
st regards, Matthias
> -Original Message-
> From: Weijun Wang
> Sent: Freitag, 31. August 2018 15:53
> To: Baesken, Matthias
> Cc: Alan Bateman ; Sean Mullan
> ; Chris Hegarty ;
> security-dev@openjdk.java.net; core-libs-...@openjdk.java.net
> Subject: Re: [RFR]
)
Best regards, Matthias
> -Original Message-----
> From: Weijun Wang
> Sent: Freitag, 31. August 2018 04:32
> To: Baesken, Matthias
> Cc: Alan Bateman ; Sean Mullan
> ; Chris Hegarty ;
> security-dev@openjdk.java.net; core-libs-...@openjdk.java.net
> Subject: R
String run() {
return file.getAbsolutePath() + "!META-INF/MANIFEST.MF line:"
+ lineNumber;
}
.
Best regards, Matthias
> -Original Message-
> From: Weijun Wang
> Sent: Donnerstag, 30. August 2018 16:04
> To: Baesken, Matthias
Is it "/tmp/x.jar:100"?
>
Yes it look like this :
line too long (/testdata/jars/file_with_long_line_1.jar:2)
Best regards, Matthias
> -Original Message-
> From: Weijun Wang
> Sent: Mittwoch, 29. August 2018 16:27
> To: Baesken, Matthias
> Cc: Alan Batem
018 17:35
> To: Baesken, Matthias
> Cc: Alan Bateman ; Sean Mullan
> ; Chris Hegarty ;
> security-dev@openjdk.java.net; core-libs-...@openjdk.java.net
> Subject: Re: [RFR] 8205525 : Improve exception messages during manifest
> parsing of jar archives
>
>
>
>
Message-
> From: Alan Bateman
> Sent: Montag, 27. August 2018 15:52
> To: Baesken, Matthias ; Sean Mullan
> ; Chris Hegarty
> Cc: core-libs-...@openjdk.java.net; security Dev OpenJDK d...@openjdk.java.net>
> Subject: Re: [RFR] 8205525 : Improve exception messages during mani
)
- read now from the InputStream and check for error conditions *before*
setting jarFilenamein the Manifest constructor
Best regards , Matthias
> -Original Message-
> From: Sean Mullan
> Sent: Freitag, 10. August 2018 17:39
> To: Baesken, Matthias ; Chris Hega
I
would prefer this .
Best regards, Matthias
> -Original Message-
> From: Sean Mullan
> Sent: Freitag, 10. August 2018 17:39
> To: Baesken, Matthias ; Chris Hegarty
> ; Alan Bateman
> Cc: core-libs-...@openjdk.java.net; security Dev OpenJDK d...@openjdk.java.net>
Sure I'll look into it !
Best regards, Matthias
> -Original Message-
> From: Alan Bateman
> Sent: Mittwoch, 8. August 2018 20:30
> To: Baesken, Matthias ; Chris Hegarty
>
> Cc: core-libs-...@openjdk.java.net; Lindenmaier, Goetz
> ; Langer, Christoph
> ; O
Hi Rajan, thanks for filing JDK-8207059.
Best regards, Matthias
From: Rajan Halade [mailto:rajan.hal...@oracle.com]
Sent: Mittwoch, 11. Juli 2018 17:42
To: Baesken, Matthias ; security-dev@openjdk.java.net
Subject: Re:
security/infra/java/security/cert/CertPathValidator/certification
Hello, currently the security related test
security/infra/java/security/cert/CertPathValidator/certification/QuoVadisCA.java
fails in jdk.
I currently get an exception :
java.lang.RuntimeException: TEST FAILED: unexpected status of EE certificate
at ValidatePathWithParams.validate(Validate
66 matches
Mail list logo
