I'm far from an expert on security, so if anyone is, a quick code inspect of the above commit would be appreciated! All the build tests pass now, but I haven't had time to try it out on a real application.
Regards, Lars On Wed, Jan 9, 2013 at 6:14 AM, Matt Hauck <mattha...@gmail.com> wrote: > Sweet. Perfect timing. It looks like it's pretty far along! I'm glad > people that know more about this stuff are already working on it. =) > > -- > Matt Hauck > > On Tuesday, January 8, 2013 at 9:05 PM, Alex Tambellini wrote: > > The upgrade to 1.47 is already being worked on here: > > > https://github.com/LarsWestergren/jruby/commit/c9f36d616bebe5a96c93908469d974c64de314fe > > On Jan 8, 2013, at 11:10 PM, Matt Hauck <mattha...@gmail.com> wrote: > > I am glad to hear that I will at least be able to upgrade to jruby 1.7.2 > and replace out the built-in openssl support in case I need to make a fork > with this bouncy castle 1.47 support. I've got it compiling now with the > updated BC now, and am beginning to work through some more the more > difficult changes. The biggest has to do with deprecating X509Name in favor > of X500Name and the various implications of this. > > -- > Matt Hauck > > On Tuesday, January 8, 2013 at 8:00 PM, Matt Hauck wrote: > > Sadly not so. If you try replacing the bc*.jar files in build_lib with > bcprov and bcpkik 1.47 versions you will find the build fails with 100 > errors. > > -- > Matt Hauck > > On Tuesday, January 8, 2013 at 7:01 PM, kristian wrote: > > Jruby 1.7.x comes with openssl bundled. I think from version 1.7.1 onwards > bouncy castle gets a java package rewrite and is used only internally for > openssl. So you are free to add any version of bouncy castle as needed by > your application - just do not add the jruby-openssl since this will pull > in the old version. > > Kristian > > > > > >
