Hi Max, Approved for 7u-dev.
-jeff On Sep 10, 2013, at 4:38 AM, Weijun Wang <weijun.w...@oracle.com> wrote: > Hi All > > This is a request to backport two related jdk8 fixes into jdk7u. > > 8021788: JarInputStream doesn't provide certificates for some file under > META-INF > 8022761: regression: SecurityException is NOT thrown while trying to pack a > wrongly signed Indexed Jar file > > http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=8021788 > http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=8022761 > > 8021788 fixed a problem that any normal (not signature-related) file inside > META-INF is regarded as unsigned. 8022761 fixed a regression caused by > 8021788. > > The fixes are already included in jdk8 as: > > http://hg.openjdk.java.net/jdk8/tl/jdk/rev/758e3117899c > http://hg.openjdk.java.net/jdk8/tl/jdk/rev/4bddc344848e > > The review threads were > > http://mail.openjdk.java.net/pipermail/security-dev/2013-August/008334.html > http://mail.openjdk.java.net/pipermail/security-dev/2013-August/008574.html > > The patches for jdk7u are almost identical to the one in jdk8, except for a > tiny change in the new regression test: the keytool command in jdk8 is backed > by the sun.security.tools.keytool.Main class, while in jdk7, it was > sun.security.tools.KeyTool. Same for jarsigner. > > New regression tests added. Existing tests also run fine. > > Thanks > Weijun