Re: RFR: 8283092: JMX subclass permission check redundant with strong encapsulation
On Tue, 15 Mar 2022 20:22:16 GMT, Kevin Walls wrote: > Removing permission checks which, in the presence of a Security Manager, > would check for a RuntimePermission "className.subclass". This was to > prevent subclassing these classes, but is no longer necessary with strong > encapsulation from modules. I think you also need to update this test such that it checks that the module access restrictions prevent subclassing instead of the permission check: test/jdk/sun/management/PlatformMBeanProviderConstructorCheck.java Also, it looks like this permission was never publicly documented and was only used internally, so it probably doesn't need a CSR, but I don't know for sure. - PR: https://git.openjdk.java.net/jdk/pull/7827
Re: RFR: 8279918: Fix various doc typos
On Thu, 13 Jan 2022 10:30:07 GMT, Pavel Rappo wrote: > - Most of the typos are of a trivial kind: missing whitespace. > - If any of the typos should be fixed in the upstream projects instead, > please say so; I will drop those typos from the patch. > - As I understand it, ` ` in ImageInputStream and DataInput is an irrelevant > formatting artefact and thus can be removed. > - `` is an apostrophe, which does not require to be encoded. The change in the one security class (KeyStoreLoginModule) looks fine. - Marked as reviewed by mullan (Reviewer). PR: https://git.openjdk.java.net/jdk/pull/7063
Re: [jdk18] RFR: 8279007: jstatd fails to start because SecurityManager is disabled [v2]
On Tue, 21 Dec 2021 20:28:52 GMT, Kevin Walls wrote: >> jstatd now in jdk18 fails to start unless we specifically allow or set a >> SecurityManager. >> This update to the launcher makefile adds JAVA_ARGS to permit a >> SecurityManager. > > Kevin Walls has updated the pull request incrementally with one additional > commit since the last revision: > > Remove security manager property from jstatd tests. Marked as reviewed by mullan (Reviewer). - PR: https://git.openjdk.java.net/jdk18/pull/53
Re: [jdk18] RFR: 8279007: jstatd fails to start because SecurityManager is disabled
On Tue, 21 Dec 2021 13:00:26 GMT, Kevin Walls wrote: > jstatd now in jdk18 fails to start unless we specifically allow or set a > SecurityManager. > This update to the launcher makefile adds JAVA_ARGS to permit a > SecurityManager. You should also remove `-Djava.security.manager=allow` from the jstatd test (`test/jdk/sun/tools/jstatd/JstatdTest.java`) as it is not needed now. - PR: https://git.openjdk.java.net/jdk18/pull/53
Re: RFR: 8269130: Replace usages of Collection.toArray() with Collection.toArray(T[]) to avoid redundant array copying
On Mon, 14 Jun 2021 17:00:29 GMT, Andrey Turbanov wrote: > I found few places, where code initially perform `Object[] > Colleciton.toArray()` call and then manually copy array into another array > with required type. > This PR cleanups such places to more shorter call `T[] > Collection.toArray(T[])`. The changes to the security classes look good. - Marked as reviewed by mullan (Reviewer). PR: https://git.openjdk.java.net/jdk/pull/4487
Re: RFR: 8267543: Post JEP 411 refactoring: security [v2]
On Tue, 25 May 2021 16:20:35 GMT, Weijun Wang wrote: >> For all modified files in #4073 having "security", "crypto", or "ssl" in >> their names. Codes are refactored to bring a `@SuppressWarning` annotation >> nearer to the deprecated API usage and also shrink the size of its target. >> >> I'll add a copyright year update commit before integration. > > Weijun Wang has updated the pull request incrementally with one additional > commit since the last revision: > > one more change Marked as reviewed by mullan (Reviewer). - PR: https://git.openjdk.java.net/jdk/pull/4172
Re: RFR: 8267543: Post JEP 411 refactoring: security [v2]
On Tue, 25 May 2021 16:20:35 GMT, Weijun Wang wrote: >> For all modified files in #4073 having "security", "crypto", or "ssl" in >> their names. Codes are refactored to bring a `@SuppressWarning` annotation >> nearer to the deprecated API usage and also shrink the size of its target. >> >> I'll add a copyright year update commit before integration. > > Weijun Wang has updated the pull request incrementally with one additional > commit since the last revision: > > one more change Update copyright dates to 2021, if applicable. - PR: https://git.openjdk.java.net/jdk/pull/4172
Re: RFR: 8267543: Post JEP 411 refactoring: security
On Mon, 24 May 2021 20:23:27 GMT, Weijun Wang wrote:
> For all modified files in #4073 having "security", "crypto", or "ssl" in
> their names. Codes are refactored to bring a `@SuppressWarning` annotation
> nearer to the deprecated API usage and also shrink the size of its target.
src/java.security.jgss/share/classes/sun/security/jgss/krb5/Krb5Context.java
line 709:
> 707: }
> 708: if (GSSUtil.useSubjectCredsOnly(caller)) {
> 709: @SuppressWarnings("removal")
It looks like you missed removing the @SuppressWarnings("removal") from the
initSecContext method above.
-
PR: https://git.openjdk.java.net/jdk/pull/4172
Re: RFR: 8266459: Implement JEP 411: Deprecate the Security Manager for Removal [v3]
On Fri, 21 May 2021 15:27:39 GMT, Daniel Fuchs wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> fixing awt/datatransfer/DataFlavor/DataFlavorRemoteTest.java
>
> src/java.base/share/classes/java/lang/SecurityManager.java line 104:
>
>> 102: * method will throw an {@code UnsupportedOperationException}). If the
>> 103: * {@systemProperty java.security.manager} system property is set to the
>> 104: * special token "{@code allow}", then a security manager will not be
>> set at
>
> Can/should the `{@systemProperty ...}` tag be used more than once for a given
> system property? I thought it should be used only once, at the place where
> the system property is defined. Maybe @jonathan-gibbons can offer some more
> guidance on this.
Good point. I would remove the extra @systemProperty tags on lines 103, 106,
and 113. Also, in `System.setSecurityManager` there are 3 @systemProperty
java.security.manager tags, I would just keep the first one. (I think it's ok
to have more than one, if they are defined in different APIs).
-
PR: https://git.openjdk.java.net/jdk/pull/4073
Re: RFR: 8267184: JEP 411: Add -Djava.security.manager=allow to tests calling System.setSecurityManager [v2]
On Tue, 18 May 2021 21:44:43 GMT, Weijun Wang wrote:
>> Please review the test changes for [JEP
>> 411](https://openjdk.java.net/jeps/411).
>>
>> With JEP 411 and the default value of `-Djava.security.manager` becoming
>> `disallow`, tests calling `System.setSecurityManager()` need
>> `-Djava.security.manager=allow` when launched. This PR covers such changes
>> for tier1 to tier3 (except for the JCK tests).
>>
>> To make it easier to focus your review on the tests in your area, this PR is
>> divided into multiple commits for different areas (~~serviceability~~,
>> ~~hotspot-compiler~~, ~~i18n~~, ~~rmi~~, ~~javadoc~~, swing, 2d,
>> ~~security~~, ~~hotspot-runtime~~, ~~nio~~, ~~xml~~, ~~beans~~,
>> ~~core-libs~~, ~~net~~, ~~compiler~~, ~~hotspot-gc~~). Mostly the rule is
>> the same as how Skara adds labels, but there are several small tweaks:
>>
>> 1. When a file is covered by multiple labels, only one is chosen. I make my
>> best to avoid putting too many tests into `core-libs`. If a file is covered
>> by `core-libs` and another label, I categorized it into the other label.
>> 2. If a file is in `core-libs` but contains `/xml/` in its name, it's in the
>> `xml` commit.
>> 3. If a file is in `core-libs` but contains `/rmi/` in its name, it's in the
>> `rmi` commit.
>> 4. One file not covered by any label --
>> `test/jdk/com/sun/java/accessibility/util/8051626/Bug8051626.java` -- is in
>> the `swing` commit.
>>
>> Due to the size of this PR, no attempt is made to update copyright years for
>> all files to minimize unnecessary merge conflict.
>>
>> Please note that this PR can be integrated before the source changes for JEP
>> 411, as the possible values of this system property was already defined long
>> time ago in JDK 9.
>>
>> Most of the change in this PR is a simple adding of
>> `-Djava.security.manager=allow` to the `@run main/othervm` line. Sometimes
>> it was not `othervm` and we add one. Sometimes there's no `@run` at all and
>> we add the line.
>>
>> There are several tests that launch another Java process that needs to call
>> the `System.setSecurityManager()` method, and the system property is added
>> to `ProcessBuilder`, `ProcessTools`, or the java command line (if the test
>> is a shell test).
>>
>> 3 langtools tests are added into problem list due to
>> [JDK-8265611](https://bugs.openjdk.java.net/browse/JDK-8265611).
>>
>> 2 SQL tests are moved because they need different options on the `@run` line
>> but they are inside a directory that has a `TEST.properties`:
>>
>> rename test/jdk/java/sql/{testng/test/sql/othervm =>
>> permissionTests}/DriverManagerPermissionsTests.java (93%)
>> rename test/jdk/javax/sql/{testng/test/rowset/spi =>
>> permissionTests}/SyncFactoryPermissionsTests.java (95%)
>> ```
>>
>> The source change for JEP 411 is at https://github.com/openjdk/jdk/pull/4073.
>
> Weijun Wang has updated the pull request incrementally with one additional
> commit since the last revision:
>
> adjust order of VM options
The changes to the security tests look good.
-
Marked as reviewed by mullan (Reviewer).
PR: https://git.openjdk.java.net/jdk/pull/4071
Re: RFR: 8266459: Implement JEP 411: Deprecate the Security Manager for Removal
On Tue, 18 May 2021 15:19:21 GMT, Alan Bateman wrote: >> It includes both: >>  > > Thanks for checking, I assumed that was the case so wondering if it should be > dropped from the deprecation text to avoid the repeated sentence. My feeling is that it is better to be more specific than the generic removal text as this is the most significant class that is being deprecated for removal. Also, this says "the Security Manager" (note the space between) which really encompasses more than the `java.lang.SecurityManager` API and which is explained more completely in the JEP. - PR: https://git.openjdk.java.net/jdk/pull/4073
Re: RFR: 8266459: Implement JEP 411: Deprecate the Security Manager for Removal
On Tue, 18 May 2021 06:31:06 GMT, Alan Bateman wrote: >> Please review this implementation of [JEP >> 411](https://openjdk.java.net/jeps/411). >> >> The code change is divided into 3 commits. Please review them one by one. >> >> 1. >> https://github.com/openjdk/jdk/commit/576161d15423f58281e384174d28c9f9be7941a1 >> The essential change for this JEP, including the `@Deprecate` annotations >> and spec change. It also update the default value of the >> `java.security.manager` system property to "disallow", and necessary test >> change following this update. >> 2. >> https://github.com/openjdk/jdk/commit/26a54a835e9f84aa528740a7c5c35d07355a8a66 >> Manual changes to several files so that the next commit can be generated >> programatically. >> 3. >> https://github.com/openjdk/jdk/commit/eb6c566ff9207974a03a53335e0e697cffcf0950 >> Automatic changes to other source files to avoid javac warnings on >> deprecation for removal >> >> The 1st and 2nd commits should be reviewed carefully. The 3rd one is >> generated programmatically, see the comment below for more details. If you >> are only interested in a portion of the 3rd commit and would like to review >> it as a separate file, please comment here and I'll generate an individual >> webrev. >> >> Due to the size of this PR, no attempt is made to update copyright years for >> any file to minimize unnecessary merge conflict. >> >> Furthermore, since the default value of `java.security.manager` system >> property is now "disallow", most of the tests calling >> `System.setSecurityManager()` need to launched with >> `-Djava.security.manager=allow`. This is covered in a different PR at >> https://github.com/openjdk/jdk/pull/4071. > > src/java.base/share/classes/java/lang/SecurityManager.java line 315: > >> 313: * >> 314: * @since 1.0 >> 315: * @deprecated The Security Manager is deprecated and subject to >> removal in a > > Javadoc will prefix, in bold, "Deprecated, for removal: This API element is > subject to removal in a future version". I'm just wondering if the sentence > will be repeated here, can you check? It includes both:  - PR: https://git.openjdk.java.net/jdk/pull/4073
Re: RFR: 8080272 Refactor I/O stream copying to use InputStream.transferTo/readAllBytes and Files.copy [v11]
On Fri, 19 Feb 2021 08:05:06 GMT, Andrey Turbanov
wrote:
>> src/java.base/share/classes/sun/security/provider/certpath/X509CertPath.java
>> line 228:
>>
>>> 226: try {
>>> 227: if (is.markSupported() == false) {
>>> 228: // Copy the entire input stream into an InputStream
>>> that does
>>
>> I don't think you should remove lines 228-232. These methods are called by
>> methods of CertificateFactory that take InputStream (which may contain a
>> stream of security data) and they are designed such that they try to read
>> one Certificate, CRL, or CertPath from the InputStream and leave the
>> InputStream ready to parse the next structure instead of consuming all of
>> the bytes. Thus they check if the InputStream supports mark in order to try
>> to preserve that behavior. If mark is not supported, then it's ok to use
>> InputStream.readAllBytes, otherwise, leave the stream as-is.
>
> As I can see only ByteArrayInputStream is actually passed in `InputStream` in
> current JDK code:
>
> PKCS7 pkcs7 = new PKCS7(is.readAllBytes());
> private static List parsePKCS7(InputStream is)
> certs = parsePKCS7(is);
> public X509CertPath(InputStream is, String encoding)
> return new X509CertPath(new ByteArrayInputStream(data),
> encoding);
>
> PKCS7 pkcs7 = new PKCS7(is.readAllBytes());
> private static List parsePKCS7(InputStream is)
> certs = parsePKCS7(is);
> public X509CertPath(InputStream is, String encoding)
> this(is, PKIPATH_ENCODING);
> public X509CertPath(InputStream is) throws
> CertificateException {
> return new X509CertPath(new
> ByteArrayInputStream(encoding));
>
> 
>
> Perhaps original marking approach was lost during refactoring?
You are right, the code was refactored (way back in 2010) [1] to read one block
at a time, so this check on mark can be removed. So, in this case, I think it
is probably safe to just pass the InputStream as-is to PKCS7(InputStream), but
maybe you can add a comment that says this should always be a
ByteArrayInputStream. We can look at refactoring this code and clean it up a
bit more later.
[1] https://hg.openjdk.java.net/jdk/jdk/rev/337ae296b6d6
-
PR: https://git.openjdk.java.net/jdk/pull/1853
Re: RFR: 8080272 Refactor I/O stream copying to use InputStream.transferTo/readAllBytes and Files.copy [v11]
On Mon, 15 Feb 2021 19:47:00 GMT, Andrey Turbanov
wrote:
>> 8080272 Refactor I/O stream copying to use
>> InputStream.transferTo/readAllBytes and Files.copy
>
> Andrey Turbanov has updated the pull request incrementally with one
> additional commit since the last revision:
>
> 8080272: Refactor I/O stream copying to use java.io.InputStream.transferTo
> remove unnecessary file.exists() check
src/java.base/share/classes/sun/security/provider/certpath/X509CertPath.java
line 228:
> 226: try {
> 227: if (is.markSupported() == false) {
> 228: // Copy the entire input stream into an InputStream that
> does
I don't think you should remove lines 228-232. These methods are called by
methods of CertificateFactory that take InputStream (which may contain a stream
of security data) and they are designed such that they try to read one
Certificate, CRL, or CertPath from the InputStream and leave the InputStream
ready to parse the next structure instead of consuming all of the bytes. Thus
they check if the InputStream supports mark in order to try to preserve that
behavior. If mark is not supported, then it's ok to use
InputStream.readAllBytes, otherwise, leave the stream as-is.
-
PR: https://git.openjdk.java.net/jdk/pull/1853
Re: RFR 8072932: Test fails with java.security.AccessControlException: access denied (java.security.SecurityPermission getDomainCombiner)
Looks fine to me. Can you add a noreg-trivial label to the bug? --Sean On 02/11/2015 11:10 AM, Jaroslav Bachorik wrote: Please, review the following simple change. Issue : https://bugs.openjdk.java.net/browse/JDK-8072932 Webrev: http://cr.openjdk.java.net/~jbachorik/8072932/webrev.00 This patch is about replacing the j.s.AccessControlContext.getDomainCombiner() with the package-private version j.s.AccessControlContext.getCombiner() to prevent the unnecessary privilege check done by the public getDomainCombiner() method. Thanks, -JB-
Re: 8034856/8034857: More gcc warnings
Looks fine to me. --Sean On 02/13/2014 08:18 AM, Alan Bateman wrote: The number of native code warnings in the build is annoying so this is another drive-by fix that eliminates a few of them in the serviceability and security areas. The webrev with the changes is here: http://cr.openjdk.java.net/~alanb/8034856+8034857/webrev/ In the pkcs11 code the issue is the function prototypes for the throwXXX functions aren't included. This is fixed by including pkcs11wrapper.h but that exposes another issue with the header file includes that needed to be fixed. In JarFacade the issue is that it uses isspace but doesn't include the ctype.h For LinuxOperatingSystem.c then there are 12 warnings related to fscanf usages where the format specifier is %lld and the code wants to read into a uint64_t. I've changed the format specifier to%SCNd64 so that it matches uint64_t and should be okay on both 32 and 64-bit. Thanks, Alan.
hg: jdk8/tl/jdk: 8031825: OCSP client can't find responder cert if it uses a different subject key id algorithm than responderID
Changeset: 57c26829deb6 Author:mullan Date: 2014-01-22 19:06 -0500 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/57c26829deb6 8031825: OCSP client can't find responder cert if it uses a different subject key id algorithm than responderID Reviewed-by: vinnie, xuelei ! src/share/classes/sun/security/provider/certpath/OCSPResponse.java
hg: jdk8/tl/jdk: 2 new changesets
Changeset: aef6c726810e Author:mullan Date: 2013-12-23 14:03 -0500 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/aef6c726810e 8030813: Signed applet fails to load when CRLs are stored in an LDAP directory Summary: Skip JNDI application resource lookup to avoid recursive JAR validation Reviewed-by: vinnie, herrick ! src/share/classes/com/sun/naming/internal/ResourceManager.java ! src/share/classes/sun/security/provider/certpath/ldap/LDAPCertStore.java Changeset: f3c714eeef6c Author:mullan Date: 2013-12-23 14:05 -0500 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f3c714eeef6c Merge - src/share/classes/sun/util/resources/pt/LocaleNames_pt_BR.properties - test/sun/security/ssl/javax/net/ssl/SSLContextVersion.java
Re: RFR(L) - 2nd round: 8024854: Basic changes and files to build the class library on AIX
Hi Volker, The security changes look fine. I'm not crazy that we now have to maintain one additional java.security file which is the exact same as java.security-linux, but this is really an existing issue with duplicated content across the java.security files which I will try to fix early in JDK 9: https://bugs.openjdk.java.net/browse/JDK-6997010 Thanks, Sean On 11/20/2013 01:26 PM, Volker Simonis wrote: Hi, this is the second review round for 8024854: Basic changes and files to build the class library on AIXhttps://bugs.openjdk.java.net/browse/JDK-8024854. The previous reviews can be found at the end of this mail in the references section. I've tried to address all the comments and suggestions from the first round and to further streamline the patch (it perfectly builds on Linux/x86_64, Linux/PPC664, AIX, Solaris/SPARC and Windows/x86_64). The biggest change compared to the first review round is the new aix/ subdirectory which I've now created under jdk/src and which contains AIX-only code. The webrev is against our http://hg.openjdk.java.net/ppc-aix-port/stagerepository which has been recently synchronised with the jdk8 master: http://cr.openjdk.java.net/~simonis/webrevs/8024854.v2/ Below (and in the webrev) you can find some comments which explain the changes to each file. In order to be able to push this big change, I need the approval of reviewers from the lib, net, svc, 2d, awt and sec groups. So please don't hesitate to jump at it - there are enough changes for everybody:) Thank you and best regards, Volker *References:* The following reviews have been posted so far (thanks Iris for collecting them :) - Alan Bateman (lib): Initial comments (16 Sep [2]) - Chris Hegarty (lib/net): Initial comments (20 Sep [3]) - Michael McMahon (net): Initial comments (20 Sept [4]) - Steffan Larsen (svc): APPROVED (20 Sept [5]) - Phil Race (2d): Initial comments (18 Sept [6]); Additional comments (15 Oct [7]) - Sean Mullan (sec): Initial comments (26 Sept [8]) [2]: http://mail.openjdk.java.net/pipermail/ppc-aix-port-dev/2013-September/001045.html [3]: http://mail.openjdk.java.net/pipermail/ppc-aix-port-dev/2013-September/001078.html [4]: http://mail.openjdk.java.net/pipermail/ppc-aix-port-dev/2013-September/001079.html [5]: http://mail.openjdk.java.net/pipermail/ppc-aix-port-dev/2013-September/001077.html [6]: http://mail.openjdk.java.net/pipermail/ppc-aix-port-dev/2013-September/001069.html [7]: http://mail.openjdk.java.net/pipermail/2d-dev/2013-October/003826.html [8]: http://mail.openjdk.java.net/pipermail/ppc-aix-port-dev/2013-September/001081.html *Detailed change description:* The new jdk/src/aix subdirectory contains the following new and AIX-specific files for now: src/aix/classes/sun/awt/fontconfigs/aix.fontconfig.properties src/aix/classes/sun/nio/ch/AixAsynchronousChannelProvider.java src/aix/classes/sun/nio/ch/AixPollPort.java src/aix/classes/sun/nio/fs/AixFileStore.java src/aix/classes/sun/nio/fs/AixFileSystem.java src/aix/classes/sun/nio/fs/AixFileSystemProvider.java src/aix/classes/sun/nio/fs/AixNativeDispatcher.java src/aix/classes/sun/tools/attach/AixAttachProvider.java src/aix/classes/sun/tools/attach/AixVirtualMachine.java src/aix/native/java/net/aix_close.c src/aix/native/sun/nio/ch/AixPollPort.c src/aix/native/sun/nio/fs/AixNativeDispatcher.c src/aix/native/sun/tools/attach/AixVirtualMachine.c src/aix/porting/porting_aix.c src/aix/porting/porting_aix.h src/aix/porting/porting_aix.c src/aix/porting/porting_aix.h - Added these two files for AIX relevant utility code. - Currently these files only contain an implementation of dladdr which is not available on AIX. - In the first review round the existing dladdr users in the code either called the version from the HotSpot on AIX ( src/solaris/native/sun/awt/awt_LoadLibrary.c) or had a private copy of the whole implementation (src/solaris/demo/jvmti/hprof/hprof_md.c). This is now not necessary any more. The new file layout required some small changes to the makefiles to make them aware of the new directory locations: makefiles/CompileDemos.gmk - Add an extra argument to SetupJVMTIDemo which can be used to pass additional source locations. - Currently this is only used on AIX for the AIX porting utilities which are required by hprof. makefiles/lib/Awt2dLibraries.gmk makefiles/lib/ServiceabilityLibraries.gmk - On AIX add the sources of the AIX porting utilities to the build. They are required by src/solaris/native/sun/awt/awt_LoadLibrary.c and src/solaris/demo/jvmti/hprof/hprof_md.c because dladdr is not available on AIX. makefiles/lib/NioLibraries.gmk - Make the AIX-build aware of the new NIO source locations under src/aix/native/sun/nio/. makefiles/lib/NetworkingLibraries.gmk - Make the AIX-build aware of the new aix_close.c source location under src/aix/native/java/net/. src/share/bin/jli_util.h
hg: jdk8/tl/jdk: 3 new changesets
Changeset: 5f4aecd73caa Author:mullan Date: 2013-10-22 08:03 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/5f4aecd73caa 8021191: Add isAuthorized check to limited doPrivileged methods Reviewed-by: weijun, xuelei ! src/share/classes/java/security/AccessControlContext.java ! src/share/classes/java/security/AccessController.java Changeset: 948b390b6952 Author:mullan Date: 2013-10-22 08:17 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/948b390b6952 Merge - make/sun/awt/FILES_c_macosx.gmk - make/sun/awt/FILES_export_macosx.gmk - makefiles/GendataBreakIterator.gmk - makefiles/GendataFontConfig.gmk - makefiles/GendataHtml32dtd.gmk - makefiles/GendataTZDB.gmk - makefiles/GendataTimeZone.gmk - makefiles/GenerateJavaSources.gmk - makefiles/GensrcBuffer.gmk - makefiles/GensrcCLDR.gmk - makefiles/GensrcCharacterData.gmk - makefiles/GensrcCharsetCoder.gmk - makefiles/GensrcCharsetMapping.gmk - makefiles/GensrcExceptions.gmk - makefiles/GensrcIcons.gmk - makefiles/GensrcJDWP.gmk - makefiles/GensrcJObjC.gmk - makefiles/GensrcLocaleDataMetaInfo.gmk - makefiles/GensrcMisc.gmk - makefiles/GensrcProperties.gmk - makefiles/GensrcSwing.gmk - makefiles/GensrcX11Wrappers.gmk - src/macosx/classes/com/apple/resources/MacOSXResourceBundle.java - src/macosx/native/com/apple/resources/MacOSXResourceBundle.m - src/share/classes/java/lang/invoke/MagicLambdaImpl.java - src/share/classes/java/net/HttpURLPermission.java - src/solaris/doc/sun/man/man1/ja/javaws.1 - src/solaris/doc/sun/man/man1/javaws.1 - test/java/net/HttpURLPermission/HttpURLPermissionTest.java - test/java/net/HttpURLPermission/URLTest.java - test/java/net/HttpURLPermission/policy.1 - test/java/net/HttpURLPermission/policy.2 - test/java/net/HttpURLPermission/policy.3 Changeset: 3ea9af449b36 Author:mullan Date: 2013-10-22 09:06 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/3ea9af449b36 Merge - test/java/net/NetworkInterface/MemLeakTest.java
hg: jdk8/tl/jdk: 2 new changesets
Changeset: fc7a6fa3589a Author:ascarpino Date: 2013-10-22 19:37 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/fc7a6fa3589a 8025763: Provider does not override new Hashtable methods Reviewed-by: mullan ! src/share/classes/java/security/Provider.java Changeset: b065de1700d3 Author:mullan Date: 2013-10-22 19:43 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/b065de1700d3 Merge - src/share/demo/jfc/Notepad/resources/Notepad_fr.properties - src/share/demo/jfc/Notepad/resources/Notepad_sv.properties
hg: jdk8/tl/jdk: 3 new changesets
Changeset: 5d866df64ae3 Author:mullan Date: 2013-10-17 10:18 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/5d866df64ae3 8026346: test/java/lang/SecurityManager/CheckPackageAccess.java failing Reviewed-by: vinnie ! src/share/lib/security/java.security-macosx ! test/java/lang/SecurityManager/CheckPackageAccess.java Changeset: 04e8b8fc6906 Author:mullan Date: 2013-10-17 10:37 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/04e8b8fc6906 Merge - make/sun/awt/FILES_c_macosx.gmk - make/sun/awt/FILES_export_macosx.gmk - src/macosx/classes/com/apple/resources/MacOSXResourceBundle.java - src/macosx/native/com/apple/resources/MacOSXResourceBundle.m - src/share/classes/java/net/HttpURLPermission.java - test/java/net/HttpURLPermission/HttpURLPermissionTest.java - test/java/net/HttpURLPermission/URLTest.java - test/java/net/HttpURLPermission/policy.1 - test/java/net/HttpURLPermission/policy.2 - test/java/net/HttpURLPermission/policy.3 Changeset: 85a73ad28c53 Author:mullan Date: 2013-10-17 11:34 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/85a73ad28c53 Merge
hg: jdk8/tl/jdk: 2 new changesets
Changeset: 4ad76262bac8 Author:mullan Date: 2013-10-11 08:43 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/4ad76262bac8 8007292: Add JavaFX internal packages to package.access Summary: build hooks to allow closed restricted packages to be added to java.security file Reviewed-by: erikj, dholmes, tbell ! make/java/security/Makefile ! make/tools/Makefile + make/tools/addtorestrictedpkgs/Makefile + make/tools/src/build/tools/addtorestrictedpkgs/AddToRestrictedPkgs.java ! makefiles/CopyFiles.gmk ! makefiles/Tools.gmk ! test/java/lang/SecurityManager/CheckPackageAccess.java Changeset: 76df579c0b93 Author:mullan Date: 2013-10-11 09:17 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/76df579c0b93 Merge ! makefiles/Tools.gmk - src/macosx/classes/sun/lwawt/SelectionClearListener.java - src/macosx/classes/sun/lwawt/macosx/CMouseInfoPeer.java - src/share/classes/com/sun/jdi/connect/package.html - src/share/classes/com/sun/jdi/connect/spi/package.html - src/share/classes/com/sun/jdi/event/package.html - src/share/classes/com/sun/jdi/package.html - src/share/classes/com/sun/jdi/request/package.html - src/share/classes/com/sun/management/package.html - src/share/classes/com/sun/tools/attach/package.html - src/share/classes/com/sun/tools/attach/spi/package.html - src/share/classes/com/sun/tools/jconsole/package.html - src/share/classes/java/lang/invoke/InvokeGeneric.java - src/share/classes/java/time/chrono/ChronoDateImpl.java - test/com/oracle/security/ucrypto/TestAES.java - test/com/oracle/security/ucrypto/TestDigest.java - test/com/oracle/security/ucrypto/TestRSA.java - test/com/oracle/security/ucrypto/UcryptoTest.java - test/com/sun/jdi/Solaris32AndSolaris64Test.sh - test/java/nio/channels/spi/SelectorProvider/inheritedChannel/lib/solaris-i586/libLauncher.so - test/java/nio/channels/spi/SelectorProvider/inheritedChannel/lib/solaris-sparc/libLauncher.so - test/java/time/tck/java/time/chrono/TCKChronologySerialization.java
Re: 8008662: Add @jdk.Exported to JDK-specific/exported APIs
7 classes in com.sun.security.auth have been deprecated for several major releases now. Should they still have this annotation? --Sean On 10/06/2013 04:03 PM, Alan Bateman wrote: As a follow-up to Joe Darcy's rename of jdk.Supported to jdk.Exported, I'd like to have another attempt at adding the annotation to a number of JDK specific APIs that are long standing exported, documented and supported APIs. Specifically, the following APIs: - Java Debug Interface (com.sun.jdi) - Attach API (com.sun.tools.attach) - SCTP API (com.sun.nio.sctp) - HTTP server API (com.sun.net.httpserver) - Management extensions (com.sun.management) - JConsole Plugin API (com.sun.tools.jconsole) - JDK-specific API to JAAS (com.sun.security.auth) - JDK-specific JGSS API (com.sun.security.jgss) (The javadoc for each of these APIs is currently generated in the build) The webrev with the proposed update is here: http://cr.openjdk.java.net/~alanb/8008662/webrev.02/ As per the original webrev, I've added package-info.java to a number of packages that didn't have any description. In a few cases, I've had to rename the legacy package.html to package-info.java. For the review then the intention is that @jdk.Exported be added to the package-info and all public/protected types in these APIs. The only exceptions are two cases where I've added @jdk.Exported(false), specifically: - com.sun.management.OSMBeanFactory as it clearly documents to stay away - com.sun.security.auth.callback.DialogCallbackHandler as it for the chop (see JEP 162) Thanks, Alan.
Re: 8008662: Add @jdk.Exported to JDK-specific/exported APIs
On 10/07/2013 08:28 AM, Alan Bateman wrote: On 07/10/2013 13:26, Sean Mullan wrote: 7 classes in com.sun.security.auth have been deprecated for several major releases now. Should they still have this annotation? --Sean I know but aren't they still exported and supported? They have all had API replacements since JDK 1.4 or 1.5. There has been plenty of time to transition. DialogCallbackHandler is the only one with its name on a bullet. We have only started removing some deprecated things in JDK, so it just was never thought about until now. Marking these as supported going forward strikes me as a bit strange, since we don't really want anyone using these anymore. --Sean
Re: 8008662: Add @jdk.Exported to JDK-specific/exported APIs
On 10/07/2013 08:58 AM, Alan Bateman wrote: On 07/10/2013 13:36, Sean Mullan wrote: We have only started removing some deprecated things in JDK, so it just was never thought about until now. Marking these as supported going forward strikes me as a bit strange, since we don't really want anyone using these anymore. As a guide, I think we should plan to address these anomalies for 9 so that we can export APIs on a per API package basis. I'm okay to change these to @jdk.Exported(false) if we can flag them for removal (like we did for DialogCallbackHandler). Sure. I'll file a bug to have these deprecated classes removed in 9. --Sean
Re: RFR(L): 8024854: Basic changes and files to build the class library on AIX
On 09/16/2013 12:30 PM, Volker Simonis wrote: src/share/lib/security/java.security-aix - Provide default java.security-aix for AIX. The login.configuration.provider property should be set to: sun.security.provider.ConfigFile See 8016848 for more info. After you make this change, java.security-aix will be identical to java.security-linux. It would be nice if you could just use the java.security-linux file, so that we would have one less file to modify when making platform-independent changes to the java.security file, but I understand that might be odd, since AIX is not linux. Ideally, the content for the java.security-* files needs to be revamped so there is less duplication across the (now) 5 platform-specific files but we probably won't have time to get to this for JDK 8. --Sean
hg: jdk8/tl/jdk: 2 new changesets
Changeset: 0aba8b6232af Author:mullan Date: 2013-09-06 12:04 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0aba8b6232af 8023362: Don't allow soft-fail behavior if OCSP responder returns unauthorized Reviewed-by: vinnie, xuelei ! src/share/classes/java/security/cert/PKIXRevocationChecker.java ! src/share/classes/sun/security/provider/certpath/OCSPResponse.java + test/java/security/cert/PKIXRevocationChecker/OcspUnauthorized.java Changeset: f23a84a1cf8e Author:mullan Date: 2013-09-06 12:10 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f23a84a1cf8e Merge - src/share/classes/java/util/stream/CloseableStream.java - src/share/classes/java/util/stream/DelegatingStream.java - test/java/util/Map/TreeBinSplitBackToEntries.java - test/sun/tools/jconsole/ImmutableResourceTest.java - test/sun/tools/jconsole/ImmutableResourceTest.sh
hg: jdk8/tl/jdk: 8023769: JDK-8016850 broke the old build
Changeset: 134283a88499 Author:mullan Date: 2013-08-27 10:46 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/134283a88499 8023769: JDK-8016850 broke the old build Summary: remove files that were moved/removed from com/sun/security/auth/FILES_java.gmk Reviewed-by: chegar, xuelei ! make/com/sun/security/auth/FILES_java.gmk
hg: jdk8/tl/jdk: 2 new changesets
Changeset: 6a1bfcde4d4d Author:mullan Date: 2013-08-27 12:04 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/6a1bfcde4d4d 8019830: Add com.sun.media.sound to the list of restricted package Reviewed-by: vinnie ! src/share/lib/security/java.security-linux ! src/share/lib/security/java.security-macosx ! src/share/lib/security/java.security-solaris ! src/share/lib/security/java.security-windows ! test/java/lang/SecurityManager/CheckPackageAccess.java Changeset: 3575263eefab Author:mullan Date: 2013-08-27 12:27 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/3575263eefab Merge - src/share/classes/com/sun/security/auth/PolicyParser.java - src/share/classes/com/sun/security/auth/SubjectCodeSource.java - src/share/classes/sun/misc/Compare.java - src/share/classes/sun/misc/Sort.java
hg: jdk8/tl/jdk: 2 new changesets
Changeset: bce5205dbe84 Author:ascarpino Date: 2013-08-14 10:50 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/bce5205dbe84 8022669: OAEPParameterSpec does not work if MGF1ParameterSpec is set to SHA2 algorithms Reviewed-by: mullan ! src/share/classes/sun/security/rsa/RSAPadding.java ! test/com/sun/crypto/provider/Cipher/RSA/TestOAEPPadding.java Changeset: b40d246d4d81 Author:ascarpino Date: 2013-08-16 12:31 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/b40d246d4d81 8022896: test/com/sun/crypto/provider/Cipher/RSA/TestOAEPPadding.java fails Reviewed-by: mullan ! test/ProblemList.txt
hg: jdk8/tl/jdk: 8016850: JCK javax.security.auth.Policy tests fail when run in Profiles mode
Changeset: f120e2c4b4b1 Author:mullan Date: 2013-08-19 17:17 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f120e2c4b4b1 8016850: JCK javax.security.auth.Policy tests fail when run in Profiles mode Summary: Move default javax.security.auth.Policy implementation to compact1 profile Reviewed-by: vinnie ! src/share/classes/com/sun/security/auth/PolicyFile.java - src/share/classes/com/sun/security/auth/PolicyParser.java - src/share/classes/com/sun/security/auth/SubjectCodeSource.java ! src/share/classes/javax/security/auth/Policy.java + src/share/classes/sun/security/provider/AuthPolicyFile.java + src/share/classes/sun/security/provider/SubjectCodeSource.java
hg: jdk8/tl/jdk: 2 new changesets
Changeset: 412b2f0950a9 Author:mullan Date: 2013-08-13 10:06 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/412b2f0950a9 8022897: Add test/com/sun/crypto/provider/Cipher/RSA/TestOAEPPadding.java to ProblemList Reviewed-by: vinnie, chegar ! test/ProblemList.txt Changeset: 19133b3af95f Author:mullan Date: 2013-08-13 10:07 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/19133b3af95f Merge ! test/ProblemList.txt
hg: jdk8/tl/jdk: 2 new changesets
Changeset: ffacf3e7a130 Author:mullan Date: 2013-08-12 09:03 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/ffacf3e7a130 8016848: javax_security/auth/login tests fail in compact 1 and 2 profiles Summary: Change the default value of the login.configuration.provider security property to sun.security.provider.ConfigFile Reviewed-by: xuelei ! src/share/classes/com/sun/security/auth/login/ConfigFile.java ! src/share/classes/javax/security/auth/login/Configuration.java + src/share/classes/sun/security/provider/ConfigFile.java - src/share/classes/sun/security/provider/ConfigSpiFile.java ! src/share/classes/sun/security/provider/SunEntries.java ! src/share/lib/security/java.security-linux ! src/share/lib/security/java.security-macosx ! src/share/lib/security/java.security-solaris ! src/share/lib/security/java.security-windows Changeset: d73fbf005f5f Author:mullan Date: 2013-08-12 09:29 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/d73fbf005f5f Merge - src/share/classes/java/net/package.html - test/java/lang/System/MacJNUEncoding/ExpectedEncoding.java - test/java/lang/System/MacJNUEncoding/MacJNUEncoding.sh
hg: jdk8/tl/jdk: 2 new changesets
Changeset: 1f4af3e0447e Author:mullan Date: 2013-08-06 08:31 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/1f4af3e0447e 8022120: JCK test api/javax_xml/crypto/dsig/TransformService/index_ParamMethods fails Summary: TransformService.init and marshalParams must throw NullPointerException when parent parameter is null Reviewed-by: xuelei ! src/share/classes/org/jcp/xml/dsig/internal/dom/ApacheCanonicalizer.java ! src/share/classes/org/jcp/xml/dsig/internal/dom/ApacheTransform.java + test/javax/xml/crypto/dsig/TransformService/NullParent.java Changeset: ba634b53f53a Author:mullan Date: 2013-08-06 08:34 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/ba634b53f53a Merge
hg: jdk8/tl/jdk: 3 new changesets
Changeset: 42b786f2fb99 Author:mullan Date: 2013-08-02 08:30 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/42b786f2fb99 8001319: Add SecurityPermission insertProvider target name Reviewed-by: vinnie ! src/share/classes/java/security/Security.java ! src/share/classes/java/security/SecurityPermission.java + test/java/security/Security/AddProvider.java + test/java/security/Security/AddProvider.policy.1 + test/java/security/Security/AddProvider.policy.2 + test/java/security/Security/AddProvider.policy.3 Changeset: 7bbc6c2351d7 Author:mullan Date: 2013-08-02 08:37 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/7bbc6c2351d7 Merge - src/share/classes/java/net/package.html - src/share/classes/java/util/stream/StreamBuilder.java - src/share/classes/javax/security/auth/callback/package.html - src/share/classes/javax/security/auth/kerberos/package.html - src/share/classes/javax/security/auth/login/package.html - src/share/classes/javax/security/auth/package.html - src/share/classes/javax/security/auth/spi/package.html - src/share/classes/javax/security/auth/x500/package.html - src/share/classes/javax/security/cert/package.html - src/share/classes/javax/security/sasl/package.html - test/java/util/Collections/EmptySortedSet.java Changeset: 0a778e487a73 Author:mullan Date: 2013-08-02 09:38 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0a778e487a73 Merge
hg: jdk8/tl/jdk: 2 new changesets
Changeset: a834ab2c1354 Author:mullan Date: 2013-07-25 10:58 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/a834ab2c1354 8010748: Add PKIXRevocationChecker NO_FALLBACK option and improve SOFT_FAIL option Reviewed-by: vinnie ! src/share/classes/java/security/cert/PKIXRevocationChecker.java ! src/share/classes/sun/security/provider/certpath/OCSP.java ! src/share/classes/sun/security/provider/certpath/OCSPResponse.java ! src/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java ! src/share/classes/sun/security/provider/certpath/ReverseState.java ! src/share/classes/sun/security/provider/certpath/RevocationChecker.java ! src/share/classes/sun/security/provider/certpath/SunCertPathBuilder.java ! test/java/security/cert/PKIXRevocationChecker/UnitTest.java Changeset: 22a391706a0b Author:mullan Date: 2013-07-25 11:09 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/22a391706a0b Merge - make/sun/xawt/ToBin.java - makefiles/sun/awt/X11/ToBin.java - src/share/classes/com/sun/org/apache/xml/internal/security/resource/log4j.properties - src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/FuncHereContext.java - src/share/classes/com/sun/org/apache/xml/internal/security/utils/CachedXPathAPIHolder.java - src/share/classes/com/sun/org/apache/xml/internal/security/utils/CachedXPathFuncHereAPI.java - src/share/classes/com/sun/org/apache/xml/internal/security/utils/XPathFuncHereAPI.java - src/share/classes/java/security/acl/package.html - src/share/classes/java/security/cert/package.html - src/share/classes/java/security/interfaces/package.html - src/share/classes/java/security/package.html - src/share/classes/java/security/spec/package.html - src/share/classes/java/util/stream/StreamBuilder.java - src/share/classes/javax/security/auth/callback/package.html - src/share/classes/javax/security/auth/kerberos/package.html - src/share/classes/javax/security/auth/login/package.html - src/share/classes/javax/security/auth/package.html - src/share/classes/javax/security/auth/spi/package.html - src/share/classes/javax/security/auth/x500/package.html - src/share/classes/javax/security/cert/package.html - src/share/classes/javax/security/sasl/package.html - src/share/classes/sun/misc/Hashing.java - src/share/classes/sun/security/krb5/internal/rcache/CacheTable.java - src/share/classes/sun/security/krb5/internal/rcache/ReplayCache.java ! src/share/classes/sun/security/provider/certpath/RevocationChecker.java - src/solaris/classes/sun/awt/X11/XIconInfo.java - src/solaris/classes/sun/awt/X11/security-icon-bw16.png - src/solaris/classes/sun/awt/X11/security-icon-bw24.png - src/solaris/classes/sun/awt/X11/security-icon-bw32.png - src/solaris/classes/sun/awt/X11/security-icon-bw48.png - src/solaris/classes/sun/awt/X11/security-icon-interim16.png - src/solaris/classes/sun/awt/X11/security-icon-interim24.png - src/solaris/classes/sun/awt/X11/security-icon-interim32.png - src/solaris/classes/sun/awt/X11/security-icon-interim48.png - src/solaris/classes/sun/awt/X11/security-icon-yellow16.png - src/solaris/classes/sun/awt/X11/security-icon-yellow24.png - src/solaris/classes/sun/awt/X11/security-icon-yellow32.png - src/solaris/classes/sun/awt/X11/security-icon-yellow48.png - src/solaris/classes/sun/awt/fontconfigs/linux.fontconfig.Fedora.properties - src/solaris/classes/sun/awt/fontconfigs/linux.fontconfig.SuSE.properties - src/solaris/classes/sun/awt/fontconfigs/linux.fontconfig.Ubuntu.properties - src/solaris/classes/sun/awt/fontconfigs/linux.fontconfig.properties - test/java/lang/invoke/7196190/MHProxyTest.java - test/java/util/Collections/EmptySortedSet.java - test/java/util/Comparators/BasicTest.java - test/sun/misc/Hashing.java - test/sun/security/krb5/auto/ReplayCache.java
hg: jdk8/tl/jdk: 2 new changesets
Changeset: 1744a32d3db3 Author:mullan Date: 2013-07-25 20:12 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/1744a32d3db3 8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo Reviewed-by: xuelei ! src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyValue.java ! src/share/classes/org/jcp/xml/dsig/internal/dom/DOMManifest.java ! src/share/classes/org/jcp/xml/dsig/internal/dom/DOMReference.java ! src/share/classes/org/jcp/xml/dsig/internal/dom/DOMRetrievalMethod.java ! src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignatureProperties.java ! src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignedInfo.java ! src/share/classes/org/jcp/xml/dsig/internal/dom/DOMUtils.java ! src/share/classes/org/jcp/xml/dsig/internal/dom/DOMX509IssuerSerial.java ! src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignature.java Changeset: 4100ab44ba4f Author:mullan Date: 2013-07-25 20:30 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/4100ab44ba4f Merge
hg: jdk8/tl/jdk: 2 new changesets
Changeset: 028ef97797c1 Author:mullan Date: 2013-07-05 15:54 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/028ef97797c1 8011547: Update XML Signature implementation to Apache Santuario 1.5.4 Reviewed-by: xuelei ! src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/Algorithm.java ! src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/JCEMapper.java ! src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/MessageDigestAlgorithm.java ! src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithm.java ! src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithmSpi.java ! src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/IntegrityHmac.java ! src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureBaseRSA.java ! src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureDSA.java ! src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureECDSA.java ! src/share/classes/com/sun/org/apache/xml/internal/security/c14n/CanonicalizationException.java ! src/share/classes/com/sun/org/apache/xml/internal/security/c14n/Canonicalizer.java ! src/share/classes/com/sun/org/apache/xml/internal/security/c14n/CanonicalizerSpi.java ! src/share/classes/com/sun/org/apache/xml/internal/security/c14n/InvalidCanonicalizerException.java ! src/share/classes/com/sun/org/apache/xml/internal/security/c14n/helper/AttrCompare.java ! src/share/classes/com/sun/org/apache/xml/internal/security/c14n/helper/C14nHelper.java ! src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11.java ! src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11_OmitComments.java ! src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11_WithComments.java ! src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315.java ! src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315Excl.java ! src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315ExclOmitComments.java ! src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315ExclWithComments.java ! src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315OmitComments.java ! src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315WithComments.java ! src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/CanonicalizerBase.java + src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/CanonicalizerPhysical.java ! src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/NameSpaceSymbTable.java ! src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/UtfHelpper.java + src/share/classes/com/sun/org/apache/xml/internal/security/encryption/AbstractSerializer.java ! src/share/classes/com/sun/org/apache/xml/internal/security/encryption/AgreementMethod.java ! src/share/classes/com/sun/org/apache/xml/internal/security/encryption/CipherData.java ! src/share/classes/com/sun/org/apache/xml/internal/security/encryption/CipherReference.java ! src/share/classes/com/sun/org/apache/xml/internal/security/encryption/CipherValue.java + src/share/classes/com/sun/org/apache/xml/internal/security/encryption/DocumentSerializer.java ! src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptedData.java ! src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptedKey.java ! src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptedType.java ! src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptionMethod.java ! src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptionProperties.java ! src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptionProperty.java ! src/share/classes/com/sun/org/apache/xml/internal/security/encryption/Reference.java ! src/share/classes/com/sun/org/apache/xml/internal/security/encryption/ReferenceList.java + src/share/classes/com/sun/org/apache/xml/internal/security/encryption/Serializer.java ! src/share/classes/com/sun/org/apache/xml/internal/security/encryption/Transforms.java ! src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipher.java ! src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipherInput.java ! src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipherParameters.java !
hg: jdk8/tl/jdk: 8014307: Memory leak ... security/jgss/wrapper/GSSLibStub.c
Changeset: f695f447f6b7 Author:jzavgren Date: 2013-06-14 09:13 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f695f447f6b7 8014307: Memory leak ... security/jgss/wrapper/GSSLibStub.c Summary: I modified the native procedure: Java_sun_security_jgss_wrapper_GSSLibStub_initContext() so that allocated memory is freed when errors occur. Reviewed-by: chegar, valeriep ! src/share/native/sun/security/jgss/wrapper/GSSLibStub.c
hg: jdk8/tl/jdk: 2 new changesets
Changeset: 1652ac7b4bfd Author:mullan Date: 2013-03-01 16:12 -0500 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/1652ac7b4bfd 8008908: Access denied when invoking Subject.doAsPrivileged() Summary: wildcard principal names are not processed correctly Reviewed-by: xuelei ! src/share/classes/sun/security/provider/PolicyFile.java + test/sun/security/provider/PolicyFile/WildcardPrincipalName.java + test/sun/security/provider/PolicyFile/wildcard.policy Changeset: 1ca712765acb Author:mullan Date: 2013-03-01 16:15 -0500 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/1ca712765acb Merge
hg: jdk8/tl/jdk: 8005389: Backout fix for JDK-6500133
Changeset: c7d54f93d3e5 Author:juh Date: 2013-01-16 09:51 -0500 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/c7d54f93d3e5 8005389: Backout fix for JDK-6500133 Reviewed-by: mullan ! src/share/classes/sun/security/x509/URIName.java ! test/sun/security/x509/URIName/Parse.java
hg: jdk8/tl/jdk: 8005939: sun/security/x509/{X509CRLImplX509CertImpl}/Verify.java fail in confusing way when some providers not present
Changeset: f7f77bdf248b
Author:juh
Date: 2013-01-16 13:35 -0500
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f7f77bdf248b
8005939: sun/security/x509/{X509CRLImplX509CertImpl}/Verify.java fail in
confusing way when some providers not present
Reviewed-by: mullan, weijun
! test/sun/security/x509/X509CRLImpl/Verify.java
! test/sun/security/x509/X509CertImpl/Verify.java
hg: jdk8/tl/jdk: 3 new changesets
Changeset: 86828e84654f Author:mullan Date: 2013-01-08 19:00 -0500 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/86828e84654f 7019834: Eliminate dependency from PolicyFile to com.sun.security.auth.PrincipalComparator Summary: Add new java.security.Principal.implies method Reviewed-by: alanb ! src/share/classes/java/security/Principal.java ! src/share/classes/sun/security/provider/PolicyFile.java ! src/share/classes/sun/security/provider/PolicyParser.java ! src/share/classes/sun/security/tools/policytool/PolicyTool.java + test/java/security/Principal/Implies.java ! test/sun/security/provider/PolicyFile/Comparator.java Changeset: bf6d0bca5ea7 Author:mullan Date: 2013-01-08 19:02 -0500 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/bf6d0bca5ea7 Merge - make/jdk/asm/Makefile - src/share/classes/sun/awt/TextureSizeConstraining.java - src/share/lib/security/java.security - test/java/rmi/server/Unmarshal/checkUnmarshalOnStopThread/CheckUnmarshall.java Changeset: f0ed9ef84637 Author:mullan Date: 2013-01-09 08:59 -0500 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f0ed9ef84637 Merge
hg: jdk8/tl/jdk: 2 new changesets
Changeset: 4d28776d7007 Author:mullan Date: 2012-12-26 10:07 -0500 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/4d28776d7007 8005117: Eliminate dependency from ConfigSpiFile to com.sun.security.auth.login.ConfigFile Reviewed-by: alanb, mchung, weijun ! src/share/classes/com/sun/security/auth/login/ConfigFile.java ! src/share/classes/sun/security/provider/ConfigSpiFile.java Changeset: d9cab18f326a Author:mullan Date: 2012-12-26 10:08 -0500 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/d9cab18f326a Merge - make/jdk/asm/Makefile
hg: jdk8/tl/jdk: 2 new changesets
Changeset: c97618a3c8c2 Author:juh Date: 2012-12-13 09:35 -0500 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/c97618a3c8c2 7193792: sun/security/pkcs11/ec/TestECDSA.java failing intermittently Reviewed-by: vinnie, wetmore ! test/ProblemList.txt ! test/sun/security/pkcs11/ec/TestECDSA.java Changeset: 7b697da6626a Author:mullan Date: 2012-12-13 09:37 -0500 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/7b697da6626a Merge
hg: jdk8/tl/jdk: 8004188: Rename src/share/lib/security/java.security to java.security-linux
Changeset: 44ae777564eb Author:mullan Date: 2012-12-04 17:40 -0500 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/44ae777564eb 8004188: Rename src/share/lib/security/java.security to java.security-linux Reviewed-by: mullan, mchung Contributed-by: jason...@oracle.com ! make/java/security/Makefile - src/share/lib/security/java.security + src/share/lib/security/java.security-linux
hg: jdk8/tl/jdk: 7199143: RFE: OCSP revocation checker should provide possibility to specify connection timeout
Changeset: ee9846f351d7 Author:mullan Date: 2012-12-03 11:07 -0500 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/ee9846f351d7 7199143: RFE: OCSP revocation checker should provide possibility to specify connection timeout Summary: Added com.sun.security.ocsp.timeout system property to control timeout Reviewed-by: mullan, vinnie Contributed-by: jason...@oracle.com ! src/share/classes/sun/security/provider/certpath/OCSP.java
hg: jdk8/tl/jdk: 7198416: CertificateIssuerName and CertificateSubjectName are redundant
Changeset: 1e7dd9e05ce2 Author:mullan Date: 2012-11-08 12:51 -0500 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/1e7dd9e05ce2 7198416: CertificateIssuerName and CertificateSubjectName are redundant Reviewed-by: mullan Contributed-by: jason...@oracle.com ! src/share/classes/sun/security/pkcs/PKCS7.java ! src/share/classes/sun/security/tools/jarsigner/Main.java ! src/share/classes/sun/security/tools/keytool/CertAndKeyGen.java ! src/share/classes/sun/security/tools/keytool/Main.java ! src/share/classes/sun/security/x509/X509CertImpl.java ! src/share/classes/sun/security/x509/X509CertInfo.java ! src/share/classes/sun/security/x509/certAttributes.html ! test/sun/security/pkcs11/rsa/GenKeyStore.java ! test/sun/security/provider/X509Factory/BigCRL.java ! test/sun/security/rsa/GenKeyStore.java
hg: jdk8/tl/jdk: 7195409: CertPath/CertPathValidatorTest/KeyParamsInheritanceTest fails with NullPointerException
Changeset: 17881ebf811c Author:mullan Date: 2012-09-16 13:29 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/17881ebf811c 7195409: CertPath/CertPathValidatorTest/KeyParamsInheritanceTest fails with NullPointerException Reviewed-by: xuelei ! src/share/classes/sun/security/provider/certpath/AlgorithmChecker.java ! src/share/classes/sun/security/provider/certpath/BasicChecker.java ! src/share/classes/sun/security/provider/certpath/ForwardBuilder.java ! src/share/classes/sun/security/provider/certpath/ForwardState.java ! src/share/classes/sun/security/provider/certpath/PKIX.java ! src/share/classes/sun/security/provider/certpath/ReverseState.java ! src/share/classes/sun/security/provider/certpath/RevocationChecker.java ! src/share/classes/sun/security/provider/certpath/SunCertPathBuilder.java
hg: jdk8/tl/jdk: 2 new changesets
Changeset: 7a16cd3bd2d9 Author:mullan Date: 2012-09-12 15:20 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/7a16cd3bd2d9 7196593: java.security.debug=help doesn't list certpath option Reviewed-by: mullan, wetmore, valeriep Contributed-by: jason...@oracle.com ! src/share/classes/sun/security/util/Debug.java Changeset: f8c1cf072ba6 Author:mullan Date: 2012-09-12 15:21 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f8c1cf072ba6 Merge
hg: jdk8/tl/jdk: 3 new changesets
Changeset: a51f86e2dce9 Author:mullan Date: 2012-09-10 08:57 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/a51f86e2dce9 7195301: XML Signature DOM implementation should not use instanceof to determine type of Node Reviewed-by: xuelei ! src/share/classes/com/sun/org/apache/xml/internal/security/Init.java ! src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/CanonicalizerBase.java ! src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipher.java ! src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/RetrievalMethodResolver.java ! src/share/classes/com/sun/org/apache/xml/internal/security/utils/IdResolver.java Changeset: a14d41fd6f51 Author:mullan Date: 2012-09-10 09:00 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/a14d41fd6f51 Merge - make/sun/beans/Makefile - src/share/classes/sun/beans/editors/BooleanEditor.java - src/share/classes/sun/beans/editors/ByteEditor.java - src/share/classes/sun/beans/editors/ColorEditor.java - src/share/classes/sun/beans/editors/DoubleEditor.java - src/share/classes/sun/beans/editors/EnumEditor.java - src/share/classes/sun/beans/editors/FloatEditor.java - src/share/classes/sun/beans/editors/FontEditor.java - src/share/classes/sun/beans/editors/IntegerEditor.java - src/share/classes/sun/beans/editors/LongEditor.java - src/share/classes/sun/beans/editors/NumberEditor.java - src/share/classes/sun/beans/editors/ShortEditor.java - src/share/classes/sun/beans/editors/StringEditor.java - src/share/classes/sun/beans/infos/ComponentBeanInfo.java - src/share/classes/sun/security/x509/CertificateIssuerUniqueIdentity.java - src/share/classes/sun/security/x509/CertificateSubjectUniqueIdentity.java - src/solaris/classes/sun/awt/X11/XTextTransferHelper.java - test/javax/swing/JColorChooser/Test4380468.html - test/javax/swing/JColorChooser/Test4380468.java - test/sun/net/www/httptest/HttpServer.java - test/sun/security/ssl/sun/net/www/httpstest/HttpServer.java Changeset: 657f7cb0da7e Author:mullan Date: 2012-09-10 09:18 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/657f7cb0da7e Merge
hg: jdk8/tl/jdk: 4647343: IDENT variable in sun.security.x509 classes not used
Changeset: 7f081e14364e Author:mullan Date: 2012-09-07 12:49 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/7f081e14364e 4647343: IDENT variable in sun.security.x509 classes not used Reviewed-by: mullan Contributed-by: jason...@oracle.com - src/share/classes/sun/security/x509/CertificateIssuerUniqueIdentity.java - src/share/classes/sun/security/x509/CertificateSubjectUniqueIdentity.java ! src/share/classes/sun/security/x509/X509CertImpl.java ! src/share/classes/sun/security/x509/X509CertInfo.java
hg: jdk8/tl/jdk: 2 new changesets
Changeset: 0a2565113920 Author:mullan Date: 2012-08-30 14:40 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0a2565113920 6995421: Eliminate the static dependency to sun.security.ec.ECKeyFactory Reviewed-by: mullan, vinnie Contributed-by: stephen.flo...@oracle.com ! make/sun/security/ec/Makefile ! make/sun/security/other/Makefile ! src/share/classes/sun/security/ec/ECKeyFactory.java ! src/share/classes/sun/security/ec/ECParameters.java ! src/share/classes/sun/security/ec/ECPublicKeyImpl.java ! src/share/classes/sun/security/ec/SunECEntries.java ! src/share/classes/sun/security/pkcs11/P11ECKeyFactory.java ! src/share/classes/sun/security/x509/AlgorithmId.java ! test/sun/security/ec/TestEC.java ! test/sun/security/pkcs11/ec/ReadCertificates.java ! test/sun/security/pkcs11/ec/ReadPKCS12.java ! test/sun/security/pkcs11/ec/TestECDH.java ! test/sun/security/pkcs11/ec/TestECDSA.java Changeset: 47f8ba39265c Author:mullan Date: 2012-08-30 14:42 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/47f8ba39265c Merge
hg: jdk8/tl/jdk: 2 new changesets
Changeset: 8b90182f2b33 Author:mullan Date: 2012-08-28 08:43 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/8b90182f2b33 7192896: Reason of CertPathValidatorException should be UNDETERMINED_REVOCATION_STATUS if OCSP request failed Reviewed-by: xuelei ! src/share/classes/sun/security/provider/certpath/OCSP.java Changeset: ca7f914b5fea Author:mullan Date: 2012-08-28 08:46 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/ca7f914b5fea Merge
hg: jdk8/tl/jdk: 6500133: REGRESSION: CertificateParsingException for CRL Distribution Point with blank
Changeset: 6b2ebf3c4964 Author:mullan Date: 2012-08-17 14:32 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/6b2ebf3c4964 6500133: REGRESSION: CertificateParsingException for CRL Distribution Point with blank Reviewed-by: mullan Contributed-by: jason...@oracle.com ! src/share/classes/sun/security/x509/URIName.java + test/sun/security/x509/URIName/Parse.java
hg: jdk8/tl/jdk: 2 new changesets
Changeset: 57b5025548d6 Author:mullan Date: 2012-08-10 09:12 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/57b5025548d6 7187962: sun.security.pkcs11.P11DSAKeyFactory.implTranslatePublicKey doesn't check if params is null Reviewed-by: valeriep ! src/share/classes/sun/security/provider/certpath/BasicChecker.java Changeset: 629f357fc17b Author:mullan Date: 2012-08-10 09:17 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/629f357fc17b Merge
hg: jdk8/tl/jdk: 2 new changesets
Changeset: b0bfa441d70f Author:mullan Date: 2012-08-02 10:40 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/b0bfa441d70f 7026347: Certificate and X509CRL should have verify(PublicKey key, Provider sigProvider) Reviewed-by: mullan, xuelei, weijun Contributed-by: jason...@oracle.com ! src/share/classes/java/security/cert/Certificate.java ! src/share/classes/java/security/cert/X509CRL.java ! src/share/classes/java/security/cert/X509Certificate.java ! src/share/classes/sun/security/x509/X509CRLImpl.java ! src/share/classes/sun/security/x509/X509CertImpl.java + test/sun/security/x509/X509CRLImpl/Verify.java + test/sun/security/x509/X509CertImpl/Verify.java Changeset: 4e8bafdcefda Author:mullan Date: 2012-08-02 10:42 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/4e8bafdcefda Merge
hg: jdk8/tl/jdk: 2 new changesets
Changeset: 21c590fdc8cb Author:mullan Date: 2012-08-01 11:06 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/21c590fdc8cb 7179715: OCSP revocation checking fails if the signer certificate is identified using the key ID Reviewed-by: vinnie ! src/share/classes/sun/security/provider/certpath/OCSPResponse.java Changeset: 9a5a3741bac9 Author:mullan Date: 2012-08-01 11:08 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/9a5a3741bac9 Merge - makefiles/LegacyMakefiles.gmk - makefiles/OldImages.gmk - makefiles/com/sun/crypto/provider/Makefile - makefiles/common/Classes.gmk - makefiles/common/Cscope.gmk - makefiles/common/Defs-embedded.gmk - makefiles/common/Defs-linux.gmk - makefiles/common/Defs-macosx.gmk - makefiles/common/Defs-solaris.gmk - makefiles/common/Defs-windows.gmk - makefiles/common/Defs.gmk - makefiles/common/Demo.gmk - makefiles/common/Library.gmk - makefiles/common/Mapfile-vers.gmk - makefiles/common/Modules.gmk - makefiles/common/Program.gmk - makefiles/common/Release-embedded.gmk - makefiles/common/Release-macosx.gmk - makefiles/common/Release.gmk - makefiles/common/Rules.gmk - makefiles/common/Subdirs.gmk - makefiles/common/internal/Defs-corba.gmk - makefiles/common/internal/Defs-jaxp.gmk - makefiles/common/internal/Defs-jaxws.gmk - makefiles/common/internal/Defs-langtools.gmk - makefiles/common/internal/ImportComponents.gmk - makefiles/common/internal/NativeCompileRules.gmk - makefiles/common/internal/Resources.gmk - makefiles/common/shared/Compiler-gcc.gmk - makefiles/common/shared/Compiler-llvm.gmk - makefiles/common/shared/Compiler-msvc.gmk - makefiles/common/shared/Compiler-sun.gmk - makefiles/common/shared/Defs-control.gmk - makefiles/common/shared/Defs-java.gmk - makefiles/common/shared/Defs-javadoc.gmk - makefiles/common/shared/Defs-linux.gmk - makefiles/common/shared/Defs-macosx.gmk - makefiles/common/shared/Defs-solaris.gmk - makefiles/common/shared/Defs-versions.gmk - makefiles/common/shared/Defs-windows.gmk - makefiles/common/shared/Defs.gmk - makefiles/common/shared/Platform.gmk - makefiles/common/shared/PrivateDefs.gmk-example - makefiles/common/shared/Sanity-Settings.gmk - makefiles/java/Makefile - makefiles/java/invoke/Makefile - makefiles/java/redist/Makefile - makefiles/java/redist/sajdi/Makefile - makefiles/javax/crypto/Defs-jce.gmk - makefiles/javax/crypto/Makefile - makefiles/javax/crypto/policy/limited/LIMITED - makefiles/javax/crypto/policy/limited/default_local.policy - makefiles/javax/crypto/policy/limited/exempt_local.policy - makefiles/javax/crypto/policy/unlimited/UNLIMITED - makefiles/javax/crypto/policy/unlimited/default_US_export.policy - makefiles/javax/crypto/policy/unlimited/default_local.policy - makefiles/mkdemo/Makefile - makefiles/mkdemo/jni/Makefile - makefiles/mkdemo/jni/Poller/Makefile - makefiles/mkdemo/jvmti/Makefile - makefiles/mkdemo/jvmti/README.txt - makefiles/mkdemo/jvmti/hprof/Makefile - makefiles/mkdemo/jvmti/mapfile-vers - makefiles/mkdemo/management/README.txt - makefiles/sun/jkernel/Makefile - makefiles/sun/security/ec/Makefile - makefiles/sun/security/pkcs11/FILES_c.gmk - makefiles/sun/security/pkcs11/Makefile - makefiles/sun/security/pkcs11/mapfile-vers - src/share/classes/sun/nio/cs/SingleByteDecoder.java - src/share/classes/sun/nio/cs/SingleByteEncoder.java - src/share/classes/sun/nio/cs/ext/DoubleByteDecoder.java - src/share/classes/sun/nio/cs/ext/JIS_X_0201.java - src/share/classes/sun/nio/cs/ext/JIS_X_0208.java - src/share/classes/sun/nio/cs/ext/JIS_X_0208_Decoder.java - src/share/classes/sun/nio/cs/ext/JIS_X_0208_Encoder.java - src/share/classes/sun/nio/cs/ext/JIS_X_0208_MS5022X_Decoder.java - src/share/classes/sun/nio/cs/ext/JIS_X_0208_MS5022X_Encoder.java - src/share/classes/sun/nio/cs/ext/JIS_X_0208_MS932_Decoder.java - src/share/classes/sun/nio/cs/ext/JIS_X_0208_MS932_Encoder.java - src/share/classes/sun/nio/cs/ext/JIS_X_0208_Solaris_Decoder.java - src/share/classes/sun/nio/cs/ext/JIS_X_0208_Solaris_Encoder.java - src/share/classes/sun/nio/cs/ext/JIS_X_0212.java - src/share/classes/sun/nio/cs/ext/JIS_X_0212_Decoder.java - src/share/classes/sun/nio/cs/ext/JIS_X_0212_Encoder.java - src/share/classes/sun/nio/cs/ext/JIS_X_0212_MS5022X_Decoder.java - src/share/classes/sun/nio/cs/ext/JIS_X_0212_MS5022X_Encoder.java - src/share/classes/sun/nio/cs/ext/JIS_X_0212_Solaris_Decoder.java - src/share/classes/sun/nio/cs/ext/JIS_X_0212_Solaris_Encoder.java - src/share/classes/sun/nio/cs/ext/PCK.java - src/share/classes/sun/nio/cs/ext/SJIS.java - src/share/classes/sun/security/krb5/ServiceName.java - test/sun/security/krb5/ServiceNameClone.java - test/sun/security/mscapi/ShortRSAKey512.sh - test/sun/security/mscapi/ShortRSAKey768.sh
hg: jdk8/tl/jdk: 3 new changesets
Changeset: 8deec0d1fc6f Author:mullan Date: 2012-06-15 08:43 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/8deec0d1fc6f 7176326: CertPath/CertPathBuilderTest failures after webrev 6854712_6637288_7126011 Reviewed-by: xuelei ! src/share/classes/sun/security/provider/certpath/BasicChecker.java + test/java/security/cert/CertPathBuilder/zeroLengthPath/ZeroLengthPath.java Changeset: 0e382512610f Author:mullan Date: 2012-06-15 08:47 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0e382512610f Merge Changeset: e01b47409e37 Author:mullan Date: 2012-06-15 09:16 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/e01b47409e37 Merge
hg: jdk8/tl/jdk: 3 new changesets
Changeset: 0c6830e7241f Author:mullan Date: 2012-05-30 17:19 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0c6830e7241f 6854712: Revocation checking enhancements (JEP-124) 6637288: Add OCSP support to PKIX CertPathBuilder implementation 7126011: ReverseBuilder.getMatchingCACerts may throws NPE Reviewed-by: xuelei ! src/share/classes/java/security/cert/CertPathBuilder.java ! src/share/classes/java/security/cert/CertPathBuilderSpi.java + src/share/classes/java/security/cert/CertPathChecker.java ! src/share/classes/java/security/cert/CertPathValidator.java ! src/share/classes/java/security/cert/CertPathValidatorSpi.java ! src/share/classes/java/security/cert/PKIXCertPathChecker.java + src/share/classes/java/security/cert/PKIXRevocationChecker.java ! src/share/classes/java/security/cert/package.html ! src/share/classes/sun/security/provider/certpath/AdjacencyList.java ! src/share/classes/sun/security/provider/certpath/BasicChecker.java ! src/share/classes/sun/security/provider/certpath/BuildStep.java ! src/share/classes/sun/security/provider/certpath/Builder.java ! src/share/classes/sun/security/provider/certpath/CertStoreHelper.java ! src/share/classes/sun/security/provider/certpath/CollectionCertStore.java ! src/share/classes/sun/security/provider/certpath/ConstraintsChecker.java - src/share/classes/sun/security/provider/certpath/CrlRevocationChecker.java ! src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java ! src/share/classes/sun/security/provider/certpath/ForwardBuilder.java ! src/share/classes/sun/security/provider/certpath/ForwardState.java ! src/share/classes/sun/security/provider/certpath/IndexedCollectionCertStore.java ! src/share/classes/sun/security/provider/certpath/KeyChecker.java ! src/share/classes/sun/security/provider/certpath/OCSP.java - src/share/classes/sun/security/provider/certpath/OCSPChecker.java ! src/share/classes/sun/security/provider/certpath/OCSPRequest.java ! src/share/classes/sun/security/provider/certpath/OCSPResponse.java + src/share/classes/sun/security/provider/certpath/PKIX.java ! src/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java ! src/share/classes/sun/security/provider/certpath/PKIXMasterCertPathValidator.java ! src/share/classes/sun/security/provider/certpath/PolicyChecker.java ! src/share/classes/sun/security/provider/certpath/PolicyNodeImpl.java ! src/share/classes/sun/security/provider/certpath/ReverseBuilder.java ! src/share/classes/sun/security/provider/certpath/ReverseState.java + src/share/classes/sun/security/provider/certpath/RevocationChecker.java ! src/share/classes/sun/security/provider/certpath/SunCertPathBuilder.java ! src/share/classes/sun/security/provider/certpath/SunCertPathBuilderParameters.java ! src/share/classes/sun/security/provider/certpath/URICertStore.java ! src/share/classes/sun/security/provider/certpath/Vertex.java ! src/share/classes/sun/security/provider/certpath/X509CertPath.java ! src/share/classes/sun/security/provider/certpath/X509CertificatePair.java ! src/share/classes/sun/security/x509/X509CRLEntryImpl.java + test/java/security/cert/PKIXRevocationChecker/UnitTest.java Changeset: 3192e73394fe Author:mullan Date: 2012-05-31 17:07 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/3192e73394fe Merge - src/share/classes/sun/security/provider/certpath/CrlRevocationChecker.java ! src/share/classes/sun/security/provider/certpath/ForwardBuilder.java ! src/share/classes/sun/security/provider/certpath/ForwardState.java - src/share/classes/sun/security/provider/certpath/OCSPChecker.java ! src/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java ! src/share/classes/sun/security/provider/certpath/ReverseBuilder.java ! src/share/classes/sun/security/provider/certpath/ReverseState.java ! src/share/classes/sun/security/provider/certpath/SunCertPathBuilder.java Changeset: 48dfc0df61d0 Author:mullan Date: 2012-05-31 17:10 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/48dfc0df61d0 Merge
hg: jdk8/tl/jdk: 2 new changesets
Changeset: fa26ac92b29e Author:mullan Date: 2012-04-13 09:46 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/fa26ac92b29e 7152564: Improve CodeSource.matchLocation(CodeSource) performance 7155693: CodeSource.matchLocation getPort test can be improved Reviewed-by: chegar ! src/share/classes/java/security/CodeSource.java ! test/java/security/CodeSource/Implies.java Changeset: edf10d16af25 Author:mullan Date: 2012-04-13 09:49 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/edf10d16af25 Merge
hg: jdk8/tl/jdk: 2 new changesets
Changeset: 805fc337bbe8 Author:mullan Date: 2012-02-27 11:44 -0500 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/805fc337bbe8 7147830: NullPointerException in java.security.Policy.implies() when the ProtectionDomain has a null code sou Reviewed-by: vinnie ! src/share/classes/sun/security/provider/PolicyFile.java + test/sun/security/provider/PolicyFile/NullCodeSource.java Changeset: cdf6184a7d5c Author:mullan Date: 2012-02-27 13:53 -0500 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/cdf6184a7d5c Merge
hg: jdk8/tl/jdk: 2 new changesets
Changeset: 0720542d6c1e Author:mullan Date: 2012-02-15 07:45 -0500 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0720542d6c1e 7024604: OID.1 causes IAE in X500Principal constructor Reviewed-by: vinnie ! src/share/classes/javax/security/auth/x500/X500Principal.java ! src/share/classes/javax/security/auth/x500/package.html ! test/javax/security/auth/x500/X500Principal/Parse.java Changeset: 3207b3e271f2 Author:mullan Date: 2012-02-15 07:52 -0500 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/3207b3e271f2 Merge
hg: jdk8/tl/jdk: 2 new changesets
Changeset: 3df0bd3ed880 Author:mullan Date: 2012-01-23 12:17 -0500 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/3df0bd3ed880 7131084: XMLDSig XPathFilter2Transform regression involving intersect filter Reviewed-by: xuelei ! src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformXPath2Filter.java ! test/javax/xml/crypto/dsig/KeySelectors.java ! test/javax/xml/crypto/dsig/ValidationTests.java ! test/javax/xml/crypto/dsig/X509KeySelector.java + test/javax/xml/crypto/dsig/data/xmldsig-xfilter2.xml Changeset: 5e1ad6ad41b7 Author:mullan Date: 2012-01-23 13:23 -0500 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/5e1ad6ad41b7 Merge
hg: jdk8/tl/jdk: 3 new changesets
Changeset: 1945abeb82a0 Author:mullan Date: 2011-11-22 08:58 -0500 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/1945abeb82a0 7093090: Reduce synchronization in java.security.Policy.getPolicyNoCheck Reviewed-by: valeriep ! src/share/classes/java/security/Policy.java Changeset: bb8f19b80557 Author:mullan Date: 2011-11-22 09:00 -0500 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/bb8f19b80557 Merge - test/java/io/FileDescriptor/FileChannelFDTest.java - test/java/io/etc/FileDescriptorSharing.java Changeset: b4d7020c2a40 Author:mullan Date: 2011-11-22 09:17 -0500 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/b4d7020c2a40 Merge
hg: jdk8/tl/jdk: 2 new changesets
Changeset: 56cc907fc8dc Author:mullan Date: 2011-10-27 10:57 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/56cc907fc8dc 7094155: JSR105 code throws javax.xml.crypto.URIReferenceException when running into Java 7 VM Reviewed-by: xuelei ! src/share/classes/com/sun/org/apache/xml/internal/security/utils/IdResolver.java ! test/javax/xml/crypto/dsig/GenerationTests.java Changeset: 8cd2e3b8127a Author:mullan Date: 2011-10-27 11:01 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/8cd2e3b8127a Merge - make/sun/rmi/rmi/mapfile-vers - src/share/native/sun/awt/libpng/pnggccrd.c - src/share/native/sun/awt/libpng/pngvcrd.c - src/share/native/sun/rmi/server/MarshalInputStream.c
hg: jdk8/tl/jdk: 2 new changesets
Changeset: 57eb9136b73b Author:mullan Date: 2011-10-19 10:15 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/57eb9136b73b 7102686: Restructure timestamp code so that jars and modules can more easily share the same code Reviewed-by: mchung ! src/share/classes/sun/security/pkcs/PKCS7.java ! src/share/classes/sun/security/pkcs/SignerInfo.java ! src/share/classes/sun/security/timestamp/HttpTimestamper.java ! src/share/classes/sun/security/timestamp/TSRequest.java ! src/share/classes/sun/security/timestamp/TSResponse.java ! src/share/classes/sun/security/tools/JarSigner.java ! src/share/classes/sun/security/tools/TimestampedSigner.java ! src/share/classes/sun/security/util/Debug.java ! src/share/classes/sun/security/util/SignatureFileVerifier.java Changeset: 15078025eed9 Author:mullan Date: 2011-10-19 10:16 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/15078025eed9 Merge
hg: jdk8/tl/jdk: 2 new changesets
Changeset: 9bf526cc4046 Author:mullan Date: 2011-10-18 10:12 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/9bf526cc4046 7092897: sun.security.util.Cache should be generified Reviewed-by: xuelei ! src/share/classes/sun/security/pkcs11/KeyCache.java ! src/share/classes/sun/security/provider/X509Factory.java ! src/share/classes/sun/security/provider/certpath/CertStoreHelper.java ! src/share/classes/sun/security/provider/certpath/URICertStore.java ! src/share/classes/sun/security/provider/certpath/X509CertificatePair.java ! src/share/classes/sun/security/provider/certpath/ldap/LDAPCertStore.java ! src/share/classes/sun/security/ssl/SSLSessionContextImpl.java ! src/share/classes/sun/security/util/Cache.java Changeset: f566cd364a90 Author:mullan Date: 2011-10-18 10:15 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f566cd364a90 Merge ! src/share/classes/sun/security/provider/X509Factory.java
hg: jdk8/tl/jdk: 2 new changesets
Changeset: 01615d3e74ed
Author:mullan
Date: 2011-10-13 13:50 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/01615d3e74ed
6953295: Move few sun.security.{util, x509, pkcs} classes used by
keytool/jarsigner to another package
Reviewed-by: mchung
! make/sun/security/other/Makefile
- src/share/classes/sun/security/pkcs/EncodingException.java
- src/share/classes/sun/security/pkcs/PKCS10.java
- src/share/classes/sun/security/pkcs/PKCS10Attribute.java
- src/share/classes/sun/security/pkcs/PKCS10Attributes.java
+ src/share/classes/sun/security/pkcs10/PKCS10.java
+ src/share/classes/sun/security/pkcs10/PKCS10Attribute.java
+ src/share/classes/sun/security/pkcs10/PKCS10Attributes.java
! src/share/classes/sun/security/provider/certpath/CertStoreHelper.java
! src/share/classes/sun/security/provider/certpath/URICertStore.java
! src/share/classes/sun/security/provider/certpath/ldap/LDAPCertStore.java
! src/share/classes/sun/security/provider/certpath/ldap/LDAPCertStoreHelper.java
+ src/share/classes/sun/security/provider/certpath/ssl/SSLServerCertStore.java
+
src/share/classes/sun/security/provider/certpath/ssl/SSLServerCertStoreHelper.java
+ src/share/classes/sun/security/tools/CertAndKeyGen.java
! src/share/classes/sun/security/tools/KeyTool.java
+ src/share/classes/sun/security/tools/PathList.java
- src/share/classes/sun/security/util/BigInt.java
- src/share/classes/sun/security/util/PathList.java
- src/share/classes/sun/security/x509/CertAndKeyGen.java
- test/sun/security/util/BigInt/BigIntEqualsHashCode.java
Changeset: 04ecbd2bcf5a
Author:mullan
Date: 2011-10-13 13:53 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/04ecbd2bcf5a
Merge
hg: jdk8/tl/jdk: 7054969: Null-check-in-finally pattern in java/security documentation
Changeset: f68d30c0a2e3 Author:mullan Date: 2011-07-06 11:08 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f68d30c0a2e3 7054969: Null-check-in-finally pattern in java/security documentation Reviewed-by: vinnie ! src/share/classes/java/security/KeyStore.java ! src/share/classes/java/security/cert/X509CRL.java ! src/share/classes/java/security/cert/X509Certificate.java ! src/share/classes/java/security/cert/X509Extension.java
hg: jdk7/tl/jdk: 2 new changesets
Changeset: 0a80650409e1 Author:mullan Date: 2011-05-24 14:15 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/0a80650409e1 703: Permissions resolved incorrectly for jar protocol (Patch from bugs.openjdk.java.net) Reviewed-by: alanb, chegar Contributed-by: dbh...@redhat.com ! src/share/classes/sun/security/provider/PolicyFile.java + test/java/security/Policy/GetPermissions/JarURL.java Changeset: ace2dfdecda1 Author:mullan Date: 2011-05-24 14:32 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/ace2dfdecda1 Merge
hg: jdk7/tl/jdk: 2 new changesets
Changeset: b8259e08543b Author:mullan Date: 2011-03-29 10:39 -0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/b8259e08543b 7019937: Translatability bug - Remove Unused String - String ID , read end of file 7019938: Translatability bug - Remove Unused String - String ID can not specify Principal with a 7019940: Translatability bug - Remove unused string - String ID: provided null name 7019942: Translatability bug - String ID: trustedCertEntry, 7019945: Translatability bug - Translatability issue - String ID: * has NOT been verified! In order to veri 7019947: Translatability bug - Translatability issue - String ID: * The integrity of the information stored i 7019949: Translatability bug - Translatability issue - String ID: * you must provide your keystore password. Reviewed-by: weijun, wetmore ! src/share/classes/com/sun/security/auth/PolicyParser.java ! src/share/classes/sun/security/tools/JarSigner.java ! src/share/classes/sun/security/tools/JarSignerResources.java ! src/share/classes/sun/security/tools/KeyTool.java ! src/share/classes/sun/security/util/AuthResources.java ! src/share/classes/sun/security/util/Resources.java Changeset: 77077940fad6 Author:mullan Date: 2011-03-29 11:37 -0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/77077940fad6 Merge
hg: jdk7/tl/jdk: 2 new changesets
Changeset: bc0c58d65e97 Author:mullan Date: 2011-03-07 13:20 -0500 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/bc0c58d65e97 7022467: SecretKeyFactory doesn't support algorithm AES on Windows and Linux Reviewed-by: wetmore, valeriep ! src/share/classes/javax/crypto/SecretKeyFactory.java Changeset: 62b0337d1369 Author:mullan Date: 2011-03-07 13:44 -0500 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/62b0337d1369 Merge
hg: jdk7/tl/jdk: 4 new changesets
Changeset: ae38d1374e31 Author:mullan Date: 2011-01-24 14:56 -0500 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/ae38d1374e31 5001004: Required Security Algorithms need to be defined Reviewed-by: wetmore ! src/share/classes/java/security/AlgorithmParameterGenerator.java ! src/share/classes/java/security/AlgorithmParameters.java ! src/share/classes/java/security/KeyFactory.java ! src/share/classes/java/security/KeyPairGenerator.java ! src/share/classes/java/security/KeyStore.java ! src/share/classes/java/security/MessageDigest.java ! src/share/classes/java/security/Policy.java ! src/share/classes/java/security/SecureRandom.java ! src/share/classes/java/security/Security.java ! src/share/classes/java/security/Signature.java ! src/share/classes/java/security/cert/CertPath.java ! src/share/classes/java/security/cert/CertPathBuilder.java ! src/share/classes/java/security/cert/CertPathValidator.java ! src/share/classes/java/security/cert/CertStore.java ! src/share/classes/java/security/cert/Certificate.java ! src/share/classes/java/security/cert/CertificateFactory.java ! src/share/classes/java/security/cert/CertificateFactorySpi.java ! src/share/classes/java/security/cert/package.html ! src/share/classes/java/security/package.html ! src/share/classes/javax/crypto/Cipher.java ! src/share/classes/javax/crypto/ExemptionMechanism.java ! src/share/classes/javax/crypto/KeyAgreement.java ! src/share/classes/javax/crypto/KeyGenerator.java ! src/share/classes/javax/crypto/Mac.java ! src/share/classes/javax/crypto/SecretKeyFactory.java ! src/share/classes/javax/crypto/package.html ! src/share/classes/javax/net/ssl/SSLContext.java ! src/share/classes/javax/net/ssl/package.html ! src/share/classes/javax/security/auth/login/Configuration.java ! src/share/classes/javax/security/auth/login/package.html Changeset: b33e9b15835e Author:mullan Date: 2011-01-24 15:08 -0500 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/b33e9b15835e Merge - make/common/internal/BinaryPlugs.gmk - make/java/hpi/Makefile - make/java/hpi/hpi_common.gmk - make/java/hpi/native/Makefile - make/java/hpi/native/mapfile-vers - make/java/hpi/native/reorder-i586 - make/java/hpi/native/reorder-sparc - make/java/hpi/native/reorder-sparcv9 - make/java/hpi/windows/Makefile - src/share/classes/java/dyn/JavaMethodHandle.java - src/share/classes/java/dyn/LinkagePermission.java - src/share/classes/java/nio/channels/AsynchronousDatagramChannel.java ! src/share/classes/java/security/Security.java ! src/share/classes/javax/net/ssl/SSLContext.java - src/share/classes/sun/java2d/pisces/LineSink.java - src/share/classes/sun/net/httpserver/SelectorCache.java - src/share/classes/sun/nio/ch/SimpleAsynchronousDatagramChannelImpl.java - src/share/classes/sun/security/krb5/KrbKdcReq.java - src/share/classes/sun/security/krb5/internal/TCPClient.java - src/share/classes/sun/security/krb5/internal/UDPClient.java - src/share/demo/nio/zipfs/META-INF/services/java.nio.file.spi.FileSystemProvider - src/share/demo/nio/zipfs/com/sun/nio/zipfs/JarFileSystemProvider.java - src/share/demo/nio/zipfs/com/sun/nio/zipfs/ZipCoder.java - src/share/demo/nio/zipfs/com/sun/nio/zipfs/ZipConstants.java - src/share/demo/nio/zipfs/com/sun/nio/zipfs/ZipDirectoryStream.java - src/share/demo/nio/zipfs/com/sun/nio/zipfs/ZipFileAttributeView.java - src/share/demo/nio/zipfs/com/sun/nio/zipfs/ZipFileAttributes.java - src/share/demo/nio/zipfs/com/sun/nio/zipfs/ZipFileStore.java - src/share/demo/nio/zipfs/com/sun/nio/zipfs/ZipFileSystem.java - src/share/demo/nio/zipfs/com/sun/nio/zipfs/ZipFileSystemProvider.java - src/share/demo/nio/zipfs/com/sun/nio/zipfs/ZipInfo.java - src/share/demo/nio/zipfs/com/sun/nio/zipfs/ZipPath.java - src/share/demo/nio/zipfs/com/sun/nio/zipfs/ZipUtils.java - src/share/hpi/export/bool.h - src/share/hpi/export/dll.h - src/share/hpi/export/hpi.h - src/share/hpi/include/hpi_impl.h - src/share/hpi/include/vm_calls.h - src/share/hpi/src/hpi.c - src/share/native/sun/font/layout/HebrewLigatureData.cpp - src/share/native/sun/font/layout/HebrewShaping.cpp - src/share/native/sun/font/layout/HebrewShaping.h - src/solaris/classes/sun/net/www/protocol/http/NTLMAuthentication.java - src/solaris/hpi/export/byteorder_md.h - src/solaris/hpi/export/hpi_md.h - src/solaris/hpi/export/io_md.h - src/solaris/hpi/export/path_md.h - src/solaris/hpi/export/timeval_md.h - src/solaris/hpi/include/hpi_init.h - src/solaris/hpi/include/interrupt.h - src/solaris/hpi/include/largefile.h - src/solaris/hpi/include/largefile_linux.h - src/solaris/hpi/include/largefile_solaris.h - src/solaris/hpi/native_threads/include/condvar_md.h - src/solaris/hpi/native_threads/include/monitor_md.h - src/solaris/hpi/native_threads/include/mutex_md.h - src/solaris/hpi/native_threads/include/np.h - src/solaris/hpi/native_threads/include/porting.h - src/solaris/hpi/native_threads/include/threads_md.h - src/solaris/hpi/native_threads/src/condvar_md.c - src/solaris/hpi/native_threads/src/interrupt_md.c
hg: jdk7/tl/jdk: 6998860: Signed jar file verification is currently creating many extra new Sun providers.
Changeset: 291128e77395 Author:mullan Date: 2010-12-08 10:21 -0800 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/291128e77395 6998860: Signed jar file verification is currently creating many extra new Sun providers. Reviewed-by: mchung ! src/share/classes/sun/security/util/ManifestEntryVerifier.java
hg: jdk7/tl/jdk: 6994717: expired certificate in test ValidateCertPath
Changeset: 34faa22a8ce8 Author:mullan Date: 2010-11-08 11:33 -0500 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/34faa22a8ce8 6994717: expired certificate in test ValidateCertPath Reviewed-by: vinnie ! test/java/security/cert/CertPathValidator/nameConstraintsRFC822/ValidateCertPath.java
hg: jdk7/tl/jdk: 2 new changesets
Changeset: 0f5bab573e01 Author:mullan Date: 2010-10-18 09:00 -0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/0f5bab573e01 6988599: CertificateRevokedException specifies name of authority but interacts with authority instance Reviewed-by: vinnie ! src/share/classes/java/security/cert/CertificateRevokedException.java Changeset: 537cf89b2f74 Author:mullan Date: 2010-10-18 09:05 -0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/537cf89b2f74 Merge
hg: jdk7/tl/jdk: 2 new changesets
Changeset: a21c46dac6cf Author:mullan Date: 2010-08-03 09:39 -0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/a21c46dac6cf 6653372: Error in java.security.KeyStore example code Reviewed-by: weijun ! src/share/classes/java/security/KeyStore.java Changeset: 2feeefb45a44 Author:mullan Date: 2010-08-03 09:55 -0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/2feeefb45a44 Merge
hg: jdk7/tl/jdk: 6870553: X509Certificate.getSigAlgName method description uses non-standard algorithm name as example
Changeset: 9d1994d53a67 Author:mullan Date: 2010-07-20 10:41 -0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/9d1994d53a67 6870553: X509Certificate.getSigAlgName method description uses non-standard algorithm name as example Reviewed-by: xuelei ! src/share/classes/java/security/cert/X509CRL.java ! src/share/classes/java/security/cert/X509Certificate.java
hg: jdk7/tl/jdk: 2 new changesets
Changeset: 9bffc32b645d Author:mullan Date: 2010-07-01 15:20 -0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/9bffc32b645d 6782979: Add JNLPAppletLauncher (6618105) to blacklist Reviewed-by: ohair ! make/java/security/Makefile Changeset: c0d2a097eb99 Author:mullan Date: 2010-07-01 15:30 -0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/c0d2a097eb99 Merge
hg: jdk7/tl/jdk: 2 new changesets
Changeset: 51d62db10c93 Author:mullan Date: 2010-01-15 09:48 -0500 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/51d62db10c93 6915939: Exception should be thrown if OCSP SingleResponses contain unresolved critical extensions Reviewed-by: xuelei ! src/share/classes/sun/security/provider/certpath/OCSPResponse.java Changeset: 074f79397dda Author:mullan Date: 2010-01-15 09:58 -0500 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/074f79397dda Merge
hg: jdk7/tl/jdk: 2 new changesets
Changeset: 7c9be6c9385a Author:mullan Date: 2009-12-10 11:31 -0500 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/7c9be6c9385a 6867348: Digest Value of References inside Manifest - calculation order problem Reviewed-by: xuelei ! src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignature.java ! test/javax/xml/crypto/dsig/GenerationTests.java Changeset: 421e652f00c7 Author:mullan Date: 2009-12-10 11:34 -0500 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/421e652f00c7 Merge
hg: jdk7/tl/jdk: 2 new changesets
Changeset: 5d2e63dad298 Author:mullan Date: 2009-11-23 12:36 -0500 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/5d2e63dad298 6899503: Security code issue using Verisign root certificate Summary: Add support for reordering out-of-order certificate chains Reviewed-by: vinnie, xuelei ! src/share/classes/sun/security/validator/PKIXValidator.java Changeset: 38960b705c30 Author:mullan Date: 2009-11-23 13:57 -0500 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/38960b705c30 Merge
hg: jdk7/tl/jdk: 6894461: OCSP Checker should not wrap all Exception as Unable to send OCSP request.(introduced by #6885667)
Changeset: 6fac6e5fdf0c Author:mullan Date: 2009-11-18 12:34 -0500 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/6fac6e5fdf0c 6894461: OCSP Checker should not wrap all Exception as Unable to send OCSP request.(introduced by #6885667) Reviewed-by: vinnie, xuelei ! src/share/classes/sun/security/provider/certpath/OCSPChecker.java
hg: jdk7/tl/jdk: 2 new changesets
Changeset: 5f326176855d Author:mullan Date: 2009-10-14 09:36 -0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/5f326176855d 6885667: CertPath/CertPathValidatorTest/bugs/bug6383078 fails on jdk6u18/b02, jdk7/pit/b73 and passes on b72. Summary: Wrap all OCSP exceptions in CertPathValidatorException so that we can fallback to CRLs, if enabled. Reviewed-by: dgu, xuelei ! src/share/classes/sun/security/provider/certpath/OCSP.java ! src/share/classes/sun/security/provider/certpath/OCSPChecker.java Changeset: edeb687e2d9a Author:mullan Date: 2009-10-14 09:47 -0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/edeb687e2d9a Merge
hg: jdk7/tl/jdk: 6787645: CRL validation code should permit some clock skew when checking validity of CRLs
Changeset: 1203425b5742 Author:mullan Date: 2009-07-20 17:16 -0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/1203425b5742 6787645: CRL validation code should permit some clock skew when checking validity of CRLs Reviewed-by: vinnie ! src/share/classes/java/security/cert/CertPathHelperImpl.java ! src/share/classes/java/security/cert/X509CRLSelector.java ! src/share/classes/sun/security/provider/certpath/CertPathHelper.java ! src/share/classes/sun/security/provider/certpath/CrlRevocationChecker.java ! src/share/classes/sun/security/provider/certpath/OCSPResponse.java
hg: jdk7/tl/jdk: 2 new changesets
Changeset: e387bb1367a7 Author:mullan Date: 2009-06-18 09:04 -0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/e387bb1367a7 6833839: RFE: improve ManifestDigester by instantiating StringBuilder constructor w/ initial value Reviewed-by: weijun ! src/share/classes/sun/security/util/ManifestDigester.java Changeset: 81c176909720 Author:mullan Date: 2009-06-18 10:38 -0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/81c176909720 Merge
hg: jdk7/tl/jdk: 2 new changesets
Changeset: 5102df668164 Author:mullan Date: 2008-11-05 15:55 -0500 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/5102df668164 6744888: OCSP validation code should permit some clock skew when checking validity of OCSP responses Summary: Allow for up to 10 minutes of clock skew when validating OCSP responses Reviewed-by: vinnie ! src/share/classes/sun/security/provider/certpath/OCSPResponse.java Changeset: 6923a82c1036 Author:mullan Date: 2008-11-06 11:58 -0500 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/6923a82c1036 Merge
hg: jdk7/tl/jdk: 6765046: CertPathValidatorException(Throwable).getMessage() always returns null since b37
Changeset: 3a3e02a55de8 Author:mullan Date: 2008-11-06 12:12 -0500 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/3a3e02a55de8 6765046: CertPathValidatorException(Throwable).getMessage() always returns null since b37 Reviewed-by: vinnie ! src/share/classes/java/security/cert/CertPathValidatorException.java + test/java/security/cert/CertPathValidatorException/GetMessage.java
