[ http://issues.apache.org/jira/browse/HARMONY-72?page=all ]
Tim Ellison closed HARMONY-72:
--
Verified by Svetlana
java.net.URLConnection.setAllowUserInteraction (boolean b) throws unspecified
SecurityException
[ http://issues.apache.org/jira/browse/HARMONY-82?page=all ]
Tim Ellison closed HARMONY-82:
--
Verified by Svetlana
wrong signature for 2 constructors in java.net.DatagramPacket
-
[ http://issues.apache.org/jira/browse/HARMONY-71?page=all ]
Tim Ellison closed HARMONY-71:
--
Verified by Svetlana
java.net.URLConnection.setUseCaches throws unspecified IllegalAccessError
[ http://issues.apache.org/jira/browse/HARMONY-83?page=all ]
Tim Ellison closed HARMONY-83:
--
Verified by Svetlana
java.net.URL(String, String, int port, String) throws MalformedURLException
when port is 65535
... and it goes without saying that if gjdoc were dual
licensed/contributed we'd welcome it with open arms.
Regards,
Tim
Geir Magnusson Jr wrote:
Because distributing software under the GPL is a non-starter for us.
Anthony Green wrote:
On Thu, 2006-02-09 at 13:41 -0500, Geir Magnusson Jr
Alexey Petrenko wrote:
As it said before it is not a good idea to positioning any Harmony classes
as extension for the standard API.
However we can think about creating some standalone utilities library.
That's fair. In the first instance I expect that these will be
well-defined internal
Stepan Mishura wrote:
snip
Returning back to the 'missing post'. I agreed with suggestion but currently
we don't have Harmony provider so we should define how we locate 'trusted
provides' to be secure.
We just need a trusted SHA1PRNG, right? then we can open signed
providers' jars and get any
As I wrote elsewhere, I propose that packages whose naming convention is:
org.apache.harmony.modulename.something
represent internal APIs. All visible (public/protected) types in those
packages can be used by class library developers from any module, and
such developers can expect
Hi,
Aha ! Mystery solved. I must have screwed up when replying to one of
Stepan's earlier posts.
Thanks Stepan.
Here is a paste of last week's dialogue then that *I thought* was going
to the list
Best regards,
George
paste of note from George to Stepan sent on 1st
Hi Tim,
In order to verify the signature of those signed provider jars I believe
that you would also need trusted implementations of :
* SHA-1 and MD5 digest algorithms
* DSA and RSA signature algorithms
Best regards,
George
IBM UK
Tim Ellison wrote:
Stepan Mishura wrote:
snip
I've reviewed exception classes:
General:
security has javadocs that reword SUN's spec, while sec2 does not have
security seems to follow 1.4 spec, while sec2 - 1.5
AccessControlException
- almost no difference. permission field is private in s2 and package-vis in sec
PrivilegedActionException
More implementatoins we have in Harmony - less we depend on third parties.
I think SHA-1 and DSA is something to start with.
Makes sense?
Thanks,
Mikhail
On 2/10/06, George Harley [EMAIL PROTECTED] wrote:
Hi Stepan,
In the short term, yes, SHA-1 and DSA should suffice for verifying the
Ok.
aside
The behavior strikes me as dumb. Why return a textual representation?
What good does that do anyone? The caller has no clue there was a
problem...
/aside
geir
Paulex Yang wrote:
As I commented in the JIRA, further study shows some interesting facts,
first, my prior patch is
Alexey Petrenko wrote:
But there are a lot of questions. For example what structure and
content should such library have. What classes used in Harmony modules we
should include and what classes we should not include. It's obvious that
library which simply consists of classes used by different
Stepan Mishura wrote:
On 2/9/06, Geir Magnusson Jr [EMAIL PROTECTED] wrote:
Stepan Mishura wrote:
Hi Geir,
For the record, I put the jvmarg line back - I did some test class
renaming, and things broke! I put it back, and all is well. Dunno.
Leaving there so it doesn't break anyone
indeed. We're lazy.
geir
Tim Ellison wrote:
... and it goes without saying that if gjdoc were dual
licensed/contributed we'd welcome it with open arms.
Regards,
Tim
Geir Magnusson Jr wrote:
Because distributing software under the GPL is a non-starter for us.
Anthony Green wrote:
On Thu,
Process note :
(George : I don't believe that there's any problem here, but using it as
an example.)
If you ever are in the situation where you will forward a private
exchange to a public list, be sure to ask all participants in the
exchange for permission. People can react in different
So it's javadoc.
I vote that we :
- take security up and outside of modules/ to a archive/ directory for now
- move security2-security
- over time, start migrating javadoc
Mikhail Loenko wrote:
I've reviewed exception classes:
General:
security has javadocs that reword SUN's spec, while
OK - well - here is a plan.
I have these scripts in a hacked together state and they currently
rely on reading the output from -verbose:class generated by an IBM JRE.
Ideally I'd like them to be able to read a couple of different formats.
If anyone is interested in knowing if their app
zoe slattery wrote:
OK - well - here is a plan.
I have these scripts in a hacked together state and they currently
rely on reading the output from -verbose:class generated by an IBM JRE.
Ideally I'd like them to be able to read a couple of different formats.
If anyone is interested in
+1
Geir Magnusson Jr wrote:
So it's javadoc.
I vote that we :
- take security up and outside of modules/ to a archive/ directory for now
- move security2-security
- over time, start migrating javadoc
Mikhail Loenko wrote:
I've reviewed exception classes:
General:
security has
On 2/10/06, Stefano Mazzocchi [EMAIL PROTECTED] wrote:
Vladimir Strigun wrote:
I'm able to run eclipse on Harmony classlib + J9 VM. To run Eclipse
you need to make following steps:
- download xalan.jar, xercesImpl.jar, xml-apis.jar and serializer.jar
from xml.apache.org and put it to
From other hand if we are talking about using these useful classes only
inside Harmony then it's probably a good idea. But we need some procedure
for moving a class to utilities package and we need to notify developers
about class capabilities.
I think the key to get this started is to
I did a simple test and put the results here:
http://wiki.apache.org/harmony/Apache_Derby
but it sounds like Zoe's approach is smarter.
Regards,
Tim
Upayavira wrote:
zoe slattery wrote:
OK - well - here is a plan.
I have these scripts in a hacked together state and they
Why would you put JCE and general security together?
Regards,
Tim
Mikhail Loenko wrote:
Geir
Sounds like no one objects to the proposal itself, the discussion is about the
naming. Could you please approve/decline new componentization?
Thanks,
Mikhail
On 1/27/06, Geir Magnusson Jr
[
http://issues.apache.org/jira/browse/HARMONY-29?page=comments#action_12365891 ]
Vladimir Strigun commented on HARMONY-29:
-
another fix (using internal utils):
37a38
import com.ibm.oti.util.Util;
235c236
jar = new
Tim,
The goal is to unite JCA and JCE (crypto and crypto extension).
JCA is a part of general security...
Another goal is to separate Authentication and Authorization stuff from
general security.
Thanks,
Mikhail
Isn't it a good time to normalize classlib/trunk repository structure
and update Apache Harmony Contribution Policy document
(http://incubator.apache.org/harmony/contribution_policy.html) while
we got small number of modules?
Here is what I mean...
1. There is classlib/trunk/native-src directory.
I don't understand. I did the breakout of x-net...
Mikhail Loenko wrote:
Geir
Sounds like no one objects to the proposal itself, the discussion is about the
naming. Could you please approve/decline new componentization?
Thanks,
Mikhail
On 1/27/06, Geir Magnusson Jr [EMAIL PROTECTED] wrote:
Heh. Everything we will do is legal :)
The point is - would taking some source from BC be the smart thing to do
- would it be complete, and what kind of maintenance burden would this
be going forward? Would some kind of re-packaged artifact from the BC
project itself be better?
Do we need
Folks,
FYI, we are going take some code from BC in juice project. Check [1]
for more info.
thanks,
dims
[1] http://mail-archives.apache.org/mod_mbox/xml-juice-dev/200601.mbox/[EMAIL
PROTECTED]
On 2/10/06, Geir Magnusson Jr [EMAIL PROTECTED] wrote:
Heh. Everything we will do is legal :)
Stefano Mazzocchi wrote:
[EMAIL PROTECTED] wrote:
Author: tellison
Date: Fri Feb 10 05:57:38 2006
New Revision: 376690
URL: http://svn.apache.org/viewcvs?rev=376690view=rev
Log:
Applying patches received as HARMONY-42 (com.ibm.io.nio.FileChannel is
not fully implemented)
- refactoring of
Alexey Petrenko wrote:
Isn't it a good time to normalize classlib/trunk repository structure
and update Apache Harmony Contribution Policy document
(http://incubator.apache.org/harmony/contribution_policy.html) while
we got small number of modules?
I think that given the fact that everyone
x-net is a separate module according to both original and proposed
componentization.
What I'd like to propose is:
1. separate Authentication and Authorization stuff (javax.security
package) from general security
2. unite crypto (java.security) and crypto extension (javax.crypto)
It would make
Geir Magnusson Jr wrote:
I think that doing our implementations using APR is a solid way to go. A
good place to start looking is JCHEVM and BootVM...
I haven't looked at APR in detail, but the O/S requirements of the VM
proper are not that involved and I'm sure APR could handle them. There's
Archie Cobbs wrote:
Geir Magnusson Jr wrote:
I think that doing our implementations using APR is a solid way to go.
A good place to start looking is JCHEVM and BootVM...
I haven't looked at APR in detail, but the O/S requirements of the VM
proper are not that involved and I'm sure APR could
Geir Magnusson Jr wrote:
I've thought about this a while, and while I'm personally committed to
using APR wherever and whenever we can, I don't think it's wise to let
the APR tail wag the VM internal architecture dog, so to speak.
Already there :)
Isn't it a good time to normalize classlib/trunk repository structure
and update Apache Harmony Contribution Policy document
(http://incubator.apache.org/harmony/contribution_policy.html) while
we got small number of modules?
I think that given the fact that everyone is short on cycles as
On Feb 10, 2006, at 9:54 AM, Stefano Mazzocchi wrote:
It also has a major social side effects: it would create the
ultimate social bridge between the HTTPD/APR side of the foundation
and the java side of the foundation, maybe allowing people from one
side to contribute to the other, or,
2. It's not clear where the system specific java sources should be stored.
I think modules/modulename/src/linux and
modules/modulename/src/windows will be a good place.
M. We talked about this before I think the thought was to group
the natives for a module together under something
Mikhail Loenko wrote:
What I'd like to propose is:
1. separate Authentication and Authorization stuff (javax.security
package) from general security
Ok, so I can see this.
2. unite crypto (java.security) and crypto extension (javax.crypto)
but this makes no sense to me. Why would you
On Fri, Feb 10, 2006 at 04:40:03PM +0100, Mladen Turk wrote:
Geir Magnusson Jr wrote:
I've thought about this a while, and while I'm personally committed to
using APR wherever and whenever we can, I don't think it's wise to let
the APR tail wag the VM internal architecture dog, so to
When I was writing the page to host the eclipse movie I wanted to drop
some 'random' html into the xdocs xml, but the page build whined -- so I
cheated and wrote the whole page as a .html.
So what should I have done to produce a page like this?
Hi,
Google missed this one ...
http://mail-archives.apache.org/mod_mbox/incubator-harmony-dev/200601.mbox/[EMAIL
PROTECTED]
Best regards,
George
IBM UK
Alexey Petrenko wrote:
2. It's not clear where the system specific java sources should be stored.
I think modules/modulename/src/linux and
Alexey Petrenko wrote:
As for the policy doc, why? To match component names to policy
documentation?
Because it is not show the real repository structure...
For example...
Contribution policy:
Division of Repository
=== skipped ===
enhanced/classlib
/applet
/awt
javax.crypto is an exportable package: it's defined as an extension
(JCE) that has key and parameters' export restrictions defined in
JAVA_HOME/lib/security/local_policy.jar and
JAVA_HOME/lib/security/US_export_policy.jar
If you don't define such restrictions its make sense to merge JCE with JCA.
It looks good but it is not clear where would you put certification stuff.
According to SUN's guide it is splitted between JSSE and general security.
(According to SUN general security includes also crypto architecture)
I'd rather put it into crypto (or maybe into x-net) - all of them use
Thanks for pointing out.
This message shows the structure I'm talking about :)
And there is also description of current structure from Tim:
http://mail-archives.apache.org/mod_mbox/incubator-harmony-dev/200512.mbox/[EMAIL
PROTECTED]
--
Alexey A. Petrenko
Intel Middleware Products Division
Jim Jagielski wrote:
On Feb 10, 2006, at 9:54 AM, Stefano Mazzocchi wrote:
It also has a major social side effects: it would create the ultimate
social bridge between the HTTPD/APR side of the foundation and the
java side of the foundation, maybe allowing people from one side to
Tim Ellison wrote:
When I was writing the page to host the eclipse movie I wanted to drop
some 'random' html into the xdocs xml, but the page build whined -- so I
cheated and wrote the whole page as a .html.
Bad Tim! Bad Tim! :)
So what should I have done to produce a page like this?
The sources would be good - we would be able to fix bugs quickly and replace
parts of implementation for example where our code is faster.
Thanks,
Mikhail
On 2/10/06, Geir Magnusson Jr [EMAIL PROTECTED] wrote:
Heh. Everything we will do is legal :)
The point is - would taking some source
Geir Magnusson Jr wrote:
IOW, my guess is that if the Sun JVM used APR, nothing would change,
because the problem is the standard Java APIs, not the integration of
the VM w/ the OS services. My understanding is that the Tomcat peeps
just found a more optimal path to the OS services they
Upayavira wrote:
zoe slattery wrote:
OK - well - here is a plan.
I have these scripts in a hacked together state and they currently
rely on reading the output from -verbose:class generated by an IBM JRE.
Ideally I'd like them to be able to read a couple of different formats.
If anyone
Alexey Petrenko wrote:
Geir :
As for the policy doc, why? To match component names to policy
documentation?
Because it is not show the real repository structure...
It's not meant to. The componentization is conceptual, not representing
the literal layout in SVN.
For example...
Sure -- if you want to change the website doc to better reflect reality
that would be welcomed.
OK.
We are actually in the enviable position of receiving some great
contributions into the project, which means (1) we are kinda busy
integrating this stuff which is more productive than
Stefano Mazzocchi wrote:
[EMAIL PROTECTED] wrote:
Author: tellison
Date: Fri Feb 10 05:57:38 2006
New Revision: 376690
URL: http://svn.apache.org/viewcvs?rev=376690view=rev
Log:
Applying patches received as HARMONY-42 (com.ibm.io.nio.FileChannel
is not fully implemented)
- refactoring of
Ok, I got your point.
Will raise this questions later :)
--
Alexey A. Petrenko
Intel Middleware Products Division
Enrico Migliore wrote:
Stefano Mazzocchi wrote:
The GNU/Classpath guys, for example, have defined a standard interface
to underlying OS
and that's it. Therefore I don't think we really need the APR layer.
Well, perhaps some day, someone will just 'brake' and
instead of loosing hair decide
Mladen Turk wrote:
Enrico Migliore wrote:
Stefano Mazzocchi wrote:
The GNU/Classpath guys, for example, have defined a standard
interface to underlying OS
and that's it. Therefore I don't think we really need the APR layer.
Well, perhaps some day, someone will just 'brake' and
instead
Would I be correct in assuming that the majority of java.sql would be
trivial to implement by reading the javadocs (everything except
DriverManager)? I can take a whack at the low hanging fruit this
weekend.
Jeremy
On 10-Feb-06, at 12:05 PM, zoe slattery wrote:
Upayavira wrote:
zoe
On 2/10/06, Enrico Migliore [EMAIL PROTECTED] wrote:
Stefano Mazzocchi wrote:
[EMAIL PROTECTED] wrote:
Author: tellison
Date: Fri Feb 10 05:57:38 2006
New Revision: 376690
URL: http://svn.apache.org/viewcvs?rev=376690view=rev
Log:
Applying patches received as HARMONY-42
Enrico Migliore wrote:
Mladen Turk wrote:
I wouldn't mind at all using a rock solid library like APR between the
JVM and the OS.
The only problem I see here is: performance, in terms of execution speed.
OTOH, I thought it's more about quality :)
You can have as fast library as you wish,
Jeremy Huiskamp schrieb:
Would I be correct in assuming that the majority of java.sql would be
trivial to implement by reading the javadocs (everything except
DriverManager)? I can take a whack at the low hanging fruit this
weekend.
The java.sql package mostly contains interfaces, so it
[ http://issues.apache.org/jira/browse/HARMONY-48?page=all ]
Geir Magnusson Jr closed HARMONY-48:
Resolution: Fixed
I think that this is in resonable shape. Thanks.
Extract x-net component from 'security2' module
On 10-Feb-06, at 1:14 PM, Tor-Einar Jarnbjo wrote:
Jeremy Huiskamp schrieb:
Would I be correct in assuming that the majority of java.sql would
be trivial to implement by reading the javadocs (everything
except DriverManager)? I can take a whack at the low hanging
fruit this weekend.
Jim Jagielski wrote:
On Feb 10, 2006, at 9:54 AM, Stefano Mazzocchi wrote:
It also has a major social side effects: it would create the ultimate
social bridge between the HTTPD/APR side of the foundation and the
java side of the foundation, maybe allowing people from one side to
contribute
Archie Cobbs,
Do you know if anyone is working on a port of Harmony Classlib to
JCHEVM? If false, I would like to start this port. I can't guarantee
I have time to finish the port but intend to at least sketch out what
needs to be done so that others can join the effort.
I have started looking
Geir Magnusson Jr wrote:
Jim Jagielski wrote:
On Feb 10, 2006, at 9:54 AM, Stefano Mazzocchi wrote:
It also has a major social side effects: it would create the ultimate
social bridge between the HTTPD/APR side of the foundation and the
java side of the foundation, maybe allowing people
Actually, we've been looking at contributing some stuff that we have
already got in this area - I'll let you know by Tuesday (latest). If we
can it would at least give you a head start on this and it would be
really great if you could help us improve what we have.
Jeremy Huiskamp wrote:
Enrico Migliore wrote:
Stefano Mazzocchi wrote:
[EMAIL PROTECTED] wrote:
Author: tellison
Date: Fri Feb 10 05:57:38 2006
New Revision: 376690
URL: http://svn.apache.org/viewcvs?rev=376690view=rev
Log:
Applying patches received as HARMONY-42 (com.ibm.io.nio.FileChannel
is not fully
Enrico Migliore wrote:
Mladen Turk wrote:
Enrico Migliore wrote:
Stefano Mazzocchi wrote:
The GNU/Classpath guys, for example, have defined a standard
interface to underlying OS
and that's it. Therefore I don't think we really need the APR layer.
Well, perhaps some day, someone will
Enrico Migliore wrote:
As far as the the native code of the Classlib and the VM is concerned, I
think that we should keep it
as thinner as possible in order to:
1. have Java programs run fast
2. ease portability to different OS's and platforms (embedded
systems included)
Jeremy Huiskamp wrote:
Didn't say it was difficult, just that it's not trivial ;-) As in,
the javadocs don't tell me everything I could possibly need to know
to implement it. I'd love to take a crack at it, but I figured I'd
start with the really easy stuff. If you beat me to it then so
Tor-Einar Jarnbjo wrote:
Jeremy Huiskamp wrote:
Didn't say it was difficult, just that it's not trivial ;-) As in,
the javadocs don't tell me everything I could possibly need to know
to implement it. I'd love to take a crack at it, but I figured I'd
start with the really easy stuff.
Why not contribute directly to BouncyCastle?
Regards,
Tim
Mikhail Loenko wrote:
The sources would be good - we would be able to fix bugs quickly and replace
parts of implementation for example where our code is faster.
Thanks,
Mikhail
On 2/10/06, Geir Magnusson Jr [EMAIL PROTECTED]
Geir Magnusson Jr wrote:
Alexey Petrenko wrote:
Sure -- if you want to change the website doc to better reflect reality
that would be welcomed.
OK.
Hang on - the Authorized Contributor Questionnaire is conceptual in how
we want to manage any exposure issues. The fact that it doesn't
Stefano Mazzocchi wrote:
snip
therefore, my suggestion is: instead of hooking our native stuff to the
OS directly (or to the standard C libraries) we should hook them up to
something that is a little more abstract and therefore reduces the
effort of porting across OSes.
Have you seen the
Tim Ellison wrote:
Geir Magnusson Jr wrote:
Alexey Petrenko wrote:
Sure -- if you want to change the website doc to better reflect reality
that would be welcomed.
OK.
Hang on - the Authorized Contributor Questionnaire is conceptual in how
we want to manage any exposure issues. The fact
Geir Magnusson Jr wrote:
Yes, this would be the place. Sorry about that - I am in the middle
of a machine change, and email switch, so I've been an email blackhole
at times...
So, I sent you a partial implementation of JavaSound and a Vorbis SPI,
any interest? One problem is of course,
Tor-Einar Jarnbjo wrote:
Geir Magnusson Jr wrote:
Yes, this would be the place. Sorry about that - I am in the middle
of a machine change, and email switch, so I've been an email blackhole
at times...
So, I sent you a partial implementation of JavaSound and a Vorbis SPI,
any interest?
Weldon Washburn wrote:
Do you know if anyone is working on a port of Harmony Classlib to
JCHEVM? If false, I would like to start this port. I can't guarantee
I have time to finish the port but intend to at least sketch out what
needs to be done so that others can join the effort.
I don't
Geir Magnusson Jr wrote:
Lets discuss that here. :) I didn't mean to ignore you - but two mail
machines were hard to follow. I'm ready to join them into one, and
hopefully I'll stop dropping the ball :)
Ok, here are a snippet from the mail I sent you:
(Win32 partial implementation of
Geir Magnusson Jr wrote:
Which code, and what were the terms of the NDA? The CLA is fairly
lightwieght.
What questions do you have for both?
I thought I better split this, to prevent the discussion from getting
too confusing. One thing I already pointed out with the Apache CLA is
that it
[ http://issues.apache.org/jira/browse/HARMONY-63?page=all ]
Nathan Beyer updated HARMONY-63:
Attachment: MessageFormat_patch.txt
Try this patch out. It should resolve the issue and update the test case with a
regression test, as proposed by the
84 matches
Mail list logo