On Mon, 21 Sep 2020 08:19:28 GMT, Alexey Bakhtin <abakh...@openjdk.org> wrote:
> Hi, > > Plaese review JDK-8245527 fix which implements LDAP Channel Binding support > for Java GSS/Kerberos. > Initial review is available at core-devs: > https://mail.openjdk.java.net/pipermail/core-libs-dev/2020-August/068197.html > This version removes "tls-unique" CB type from the list of possible channel > binding types. The only supported type is > "tls-server-end-point" > CSR is also updated : https://bugs.openjdk.java.net/browse/JDK-8247311 > > Thank you > Alexey src/java.naming/share/classes/com/sun/jndi/ldap/Connection.java line 994: > 992: } > 993: > 994: private CompletableFuture<X509Certificate> tlsHandshakeCompleted = Should be `final`? src/java.naming/share/classes/com/sun/jndi/ldap/sasl/TlsChannelBinding.java line 63: > 61: * Channel binding on the basis of TLS Finished message > 62: */ > 63: TLS_UNIQUE("tls-unique"), Is that still used? If not maybe it should be removed? ------------- PR: https://git.openjdk.java.net/jdk/pull/278