If you can open it readonly, why not do it without any special name and only fail the write operation? Or maybe have a truststore mode, which does not have to open keys?GrussBernd-- http://bernd.eckenfels.net
Von: security-dev im Auftrag von Mat Carter Gesendet:
Currently on Windows to access the local machine KeyStores
(Windows-MY-LOCALMACHINE and Windows-ROOT-LOCALMACHINE) you need administrator
privileges.
To reduce the need to grant admin privileges to Java applications, I'm
proposing that we allow the application to access readonly versions of the
> The new approach uses test URLs directly to verify interoperability with CA
> infrastructure. This would help us avoid having regular test fixes to update
> test artifacts as long as CAs keep test domains up to date.
Rajan Halade has updated the pull request incrementally with one additional
> The new approach uses test URLs directly to verify interoperability with CA
> infrastructure. This would help us avoid having regular test fixes to update
> test artifacts as long as CAs keep test domains up to date.
Rajan Halade has updated the pull request incrementally with one additional
On Tue, 23 May 2023 14:00:30 GMT, Sean Mullan wrote:
>> We found several more cases of passwords and encoded keys not cleared that
>> were addressed in out Iteration # 2 commit. These cases were both in Java
>> and native code. We still have doubts about the effectiveness and need for
>> these
On Wed, 31 May 2023 18:03:57 GMT, Rajan Halade wrote:
> The new approach uses test URLs directly to verify interoperability with CA
> infrastructure. This would help us avoid having regular test fixes to update
> test artifacts as long as CAs keep test domains up to date.
Only Actalis and BuyP
The new approach uses test URLs directly to verify interoperability with CA
infrastructure. This would help us avoid having regular test fixes to update
test artifacts as long as CAs keep test domains up to date.
-
Commit messages:
- 8308592: verify inter CA
- 8308592: Update CA i
On Tue, 30 May 2023 16:47:03 GMT, Mark Powers wrote:
>> https://bugs.openjdk.org/browse/JDK-8307794
>
> Mark Powers has updated the pull request incrementally with one additional
> commit since the last revision:
>
> Sean's additional comments take 2
test/micro/org/openjdk/bench/java/securit
On Wed, 31 May 2023 07:14:39 GMT, Daniel Jeliński wrote:
>> When we put in the debug field into the template, it was to allow folks to
>> quickly add debugging output to their test, but in general it won't be
>> turned on during regular test runs.
>
> I'd like to enable this in the test runs as
On Thu, 25 May 2023 14:31:04 GMT, Matthias Baesken wrote:
> There exists already some logging in krb5/Config.java (enabled by
> -Dsun.security.krb5.debug=true), this could be enhanced for easier analysis
> of problems. Additionally some exception(s) might be slightly adjusted.
This pull reques
On Fri, 26 May 2023 08:04:58 GMT, Matthias Baesken wrote:
>> There exists already some logging in krb5/Config.java (enabled by
>> -Dsun.security.krb5.debug=true), this could be enhanced for easier analysis
>> of problems. Additionally some exception(s) might be slightly adjusted.
>
> Matthias B
On Fri, 26 May 2023 08:04:58 GMT, Matthias Baesken wrote:
>> There exists already some logging in krb5/Config.java (enabled by
>> -Dsun.security.krb5.debug=true), this could be enhanced for easier analysis
>> of problems. Additionally some exception(s) might be slightly adjusted.
>
> Matthias B
On Wed, 31 May 2023 13:37:06 GMT, Artem Semenov wrote:
>> When using the clang compiler to build OpenJDk on Linux, we encounter
>> various "warnings as errors".
>> They can be fixed with small changes.
>
> Artem Semenov has updated the pull request incrementally with one additional
> commit sin
On Tue, 30 May 2023 08:14:59 GMT, Alexey Ushakov wrote:
>> Artem Semenov has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> update
>
> src/jdk.hotspot.agent/linux/native/libsaproc/ps_core.c line 655:
>
>> 653: // linker loaded it. We
On Sun, 28 May 2023 03:57:40 GMT, Kim Barrett wrote:
>> Artem Semenov has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> update
>
> src/java.desktop/unix/native/libawt_xawt/awt/gtk2_interface.c line 1163:
>
>> 1161: #if defined(__clang__)
> When using the clang compiler to build OpenJDk on Linux, we encounter various
> "warnings as errors".
> They can be fixed with small changes.
Artem Semenov has updated the pull request incrementally with one additional
commit since the last revision:
update
-
Changes:
- all:
On Wed, 31 May 2023 06:27:09 GMT, Sibabrata Sahoo wrote:
>> Additional Tests for KEM API.
>
> Sibabrata Sahoo has updated the pull request incrementally with one
> additional commit since the last revision:
>
> 8308711: Comment addressed
test/jdk/javax/crypto/KEM/GenLargeNumberOfKeys.java li
On Wed, 31 May 2023 06:27:41 GMT, Bradford Wetmore wrote:
>> test/jdk/sun/security/ssl/SSLEngineImpl/TestBadDNForPeerCA.java line 29:
>>
>>> 27: * @library /test/lib
>>> 28: * @summary SSLEngine throws IAE during parsing of X500Principal
>>> 29: * @run main/othervm TestBadDNForPeerCA
>>
>> S
On Tue, 30 May 2023 19:24:09 GMT, Kevin Driver wrote:
>> Fixes: [JDK-8294985](https://bugs.openjdk.org/browse/JDK-8294985)
>
> Kevin Driver has updated the pull request incrementally with two additional
> commits since the last revision:
>
> - undo import changes
> - undo import changes
test
19 matches
Mail list logo