About the prefix, it may follow RFC 5056 (See page 7, section 2.1).
o Specifications of channel bindings for any secure channels MUST
provide for a single, canonical octet string encoding of the
channel bindings. Under this framework, channel bindings MUST
start with the
In JCE and JSSE, the public APIs definition (javax.net.ssl) and the
internal implementation (sun.security.ssl) are separated. The system
property can be defined in the internal implementation classes. I think
we should add the @systemProperty on the public APIs, right?
The public API class
rev/
some jfr side edits also :
* Change label from "X.509 Certificate" to "X509 Certificate" - JFR test
fails with "." usage
* Move the instance field variable name in CertChainEvent to "certChain"
- JFR tests discourage use of "ID" in "
(chc.conContext.conSession);
No more comment.
Thanks,
Xuelei
On 6/27/2018 11:57 AM, Xuelei Fan wrote:
Hi Sean,
I may reply in several replies.
PKIXMasterCertPathValidator.java
+ CertChainEvent cce = new CertChainEvent();
+ if(cce.isEnabled
,
in JDK 11, "RSASSA-PSS" and "XDH" are added, but we really forgot that
we may need to update this file as well.
On 6/27/2018 12:14 PM, Seán Coffey wrote:
On 27/06/2018 19:57, Xuelei Fan wrote:
Hi Sean,
I may reply in several replies.
PKIXMasterCe
Hi Sean,
I may reply in several replies.
PKIXMasterCertPathValidator.java
+ CertChainEvent cce = new CertChainEvent();
+ if(cce.isEnabled() || EventHelper.loggingSecurity()) {
+ String c = reversedCertList.stream()
+ .map(x ->
to ImmutableIntegerModuloP.
On 3/11/2018 12:04 PM, Xuelei Fan wrote:
On 2/26/2018 10:39 AM, Adam Petcher wrote:
On 2/23/2018 12:46 PM, Xuelei Fan wrote:
ArrayUtil.java:
===
I'm not very sure how widely this utilities will be used in the
future. Looks like only BigIntegerModuloP uses
On 2/26/2018 10:39 AM, Adam Petcher wrote:
http://cr.openjdk.java.net/~apetcher/8181594/webrev.01/
See inline below.
On 2/23/2018 12:46 PM, Xuelei Fan wrote:
ArrayUtil.java:
===
I'm not very sure how widely this utilities will be used in the
future. Looks like only
Looks fine to me. Thanks!
Xuelei
On 2/23/2018 11:39 AM, Roger Riggs wrote:
Please review cleanup replacements of
System.getProperty("line.separator") with System.lineSeparator().
It uses the line separator from System instead of looking it up in the
properties each time.
Also fixed one
ArrayUtil.java:
===
I'm not very sure how widely this utilities will be used in the future.
Looks like only BigIntegerModuloP uses this classes. I may prefer to
define private methods for byte array swap in BigIntegerModuloP.
BigIntegerModuloP.java:
===
As
I'm not very sure of the fix problems of JDK-8176354. But this
changeset Looks fine to me.
Thanks,
Xuelei
On 1/4/2018 7:55 PM, Amy Lu wrote:
Please review this minor cleanup for test/jdk/ProblemList.txt on bugid
that associated with tests.
bug:
> sun/security/tools/keytool/DefaultSignatureAlgorithm.java
> javax/net/ssl/DTLS/CipherSuite.java
The above two updates look fine to me.
Thanks,
Xuelei
On 3/7/2017 7:36 PM, Hamlin Li wrote:
Would you please review below patch?
bug: https://bugs.openjdk.java.net/browse/JDK-8176337
webrev:
16 3:58 PM, Wang Weijun wrote:
On Dec 22, 2016, at 4:39 AM, Xuelei Fan <xuelei@oracle.com> wrote:
I'm trying to understand this update. Does "/-" imply "/foo"?
Yes.
Does the following spec can be used to explain the new added note?
* if t
I'm trying to understand this update. Does "/-" imply "/foo"?
Does the following spec can be used to explain the new added note?
* if the wildcard flag is "-", the simple pathname's path
* must be recursively inside the wildcard pathname's path.
Xuelei
On 12/19/2016 11:25
On 12/13/2016 5:45 PM, Wang Weijun wrote:
A major behavior change is that <> now implies an invalid
permission, I hope this is good to minimize incompatibility.
Looks like two sides of the same coin. If there is an invalid > (not existing in practice, I think), it now implies all; if
Looks fine to me.
Thanks,
Xuelei
> On 23 Nov 2016, at 5:41 AM, Roger Riggs wrote:
>
> Adding security-dev...
>
> Please review this change to remove an ineffective finalizer for SSLSessions.
> The finalizer removes bindings from the SSLSession of a table that is also
>
Looks nice to me. It would be nice to update the copyright date, too.
Thanks,
Xuelei
On 4/15/2016 10:13 PM, Seán Coffey wrote:
> I need to correct another issue related to JDK-8149450. If a
> getReferralContext call is made on a ReferralContext that doesn't
> contain any referrals (URI fields)
Looks fine to me.
Thanks,
Xuelei
On 4/10/2016 9:41 PM, Sean Coffey wrote:
> Looking to fix this issue. Better checks for the referrrals field.
>
> bugID : https://bugs.openjdk.java.net/browse/JDK-8149450
> webrev : http://cr.openjdk.java.net/~coffeys/webrev.8149450.jdk9/webrev/
>
> regards,
>
Thanks!
Xuelei
On 3/23/2016 9:44 PM, Wang Weijun wrote:
>
>> On Mar 23, 2016, at 7:23 PM, Xuelei Fan <xuelei@oracle.com> wrote:
>>
>> On 3/23/2016 5:44 PM, Wang Weijun wrote:
>>> Then why not fix the 2 bugs in a single changeset?
&
t; [1]
> http://docs.oracle.com/javase/8/docs/api/java/math/BigInteger.html#compareTo-java.math.BigInteger-
>
>> On 23 Mar 2016, at 12:23, Xuelei Fan <xuelei@oracle.com
>> <mailto:xuelei@oracle.com>> wrote:
>>
>> On 3/23/2016 5:44 PM, Wang Weij
. See the new webrev:
http://cr.openjdk.java.net/~xuelei/8152237/webrev.01/
Xuelei
> --Max
>
>> 在 2016年3月23日,17:06,Xuelei Fan <xuelei@oracle.com> 写道:
>>
>>> On 3/23/2016 3:34 PM, Wang Weijun wrote:
>>>
>>>> On Mar 23, 2016, at 12:48 PM,
On 3/23/2016 3:34 PM, Wang Weijun wrote:
>
>> On Mar 23, 2016, at 12:48 PM, Xuelei Fan <xuelei@oracle.com> wrote:
>>
>> On 3/23/2016 12:10 PM, Wang Weijun wrote:
>>> Only 3 files touched. Are you going to make the
>>> s/BigInteger.valu
On Mar 23, 2016, at 11:26 AM, Xuelei Fan <xuelei@oracle.com> wrote:
Hi,
Please review the update for the supporting of BigInteger.TWO:
http://cr.openjdk.java.net/~xuelei/8152237/webrev/
BigInteger.valueOf(2) is a common BigInteger value used in binary and
cryptography ope
Hi,
Please review the update for the supporting of BigInteger.TWO:
http://cr.openjdk.java.net/~xuelei/8152237/webrev/
BigInteger.valueOf(2) is a common BigInteger value used in binary and
cryptography operation calculation. The BigInteger.TWO is not exported,
and hence
. As would avoid the unnecessary old file logs.
Xuelei
-Konstantin
On 06/09/2015 06:07 PM, Xuelei Fan wrote:
On 6/9/2015 10:57 PM, Xuelei Fan wrote:
Looks fine to me. Nice port to TLS protocols.
A very minior comment about the class name.
TLSUnSupportedCiphersTest.java:
replease
On 6/9/2015 10:57 PM, Xuelei Fan wrote:
Looks fine to me. Nice port to TLS protocols.
A very minior comment about the class name.
TLSUnSupportedCiphersTest.java:
replease UnSupported with Unsupported.
typo: replace UnSupported with Unsupported.
Thanks,
Xuelei
On 6/8/2015 11:04 PM
On 6/9/2015 11:47 PM, Xuelei Fan wrote:
On 6/9/2015 11:31 PM, Konstantin Shefov wrote:
Xuelei, thanks for reviewing
typo is corrected:
http://cr.openjdk.java.net/~kshefov/8085979/webrev.01/
Why there are old UnSupportedCiphersTest.java files? If you have not
committed the changeset, you
Looks fine to me.
It's nice to keep each line not exceed 80 characters. For example
- * @run main/othervm -Dtest.security.protocol=DTLS -Dtest.mode=norm
DTLSBufferOverflowUnderflowTest
+ * @run main/othervm -Dtest.security.protocol=DTLS
+ * -Dtest.mode=norm
/StringBuilder.toString:()Ljava/lang/String;
38: areturn
}
-Pavel
On 26 Aug 2014, at 06:20, Xuelei Fan xuelei@oracle.com wrote:
I was wondering, is it nice to address it in Java compiler to use string
builder for the string + operator?
Xuelei
On 8/26/2014 11:28 AM, Wang Weijun wrote:
New
I was wondering, is it nice to address it in Java compiler to use string
builder for the string + operator?
Xuelei
On 8/26/2014 11:28 AM, Wang Weijun wrote:
New webrevs available at
http://cr.openjdk.java.net/~weijun/8055723/client/webrev.01/
- security
http://cr.openjdk.java.net/~psandoz/jdk9/sb/JDK-8041679-buffer-to-builder-security/webrev/
Looks fine to me. Thanks for making this update.
Xuelei
On 5/12/2014 6:03 PM, Paul Sandoz wrote:
Hi,
This is a request for review of Otavio's patch replacing StringBuffer
with
Looks fine to me.
Thanks,
Xuelei
On 1/7/2014 4:53 AM, Joe Darcy wrote:
Hello,
Please review the simple change to fix JDK-8027063
SecurityManger.getClassContext returns a raw type, which changes a
signature of a protected method in SecurityManger to remove a use of raw
types in the core
Changeset: 8d35f0985dd7
Author:xuelei
Date: 2013-12-18 16:46 -0800
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/8d35f0985dd7
7093640: Enable client-side TLS 1.2 by default
Reviewed-by: weijun, mullan, wetmore
! src/share/classes/sun/security/ssl/ProtocolVersion.java
!
Changeset: 40d0ccd00f87
Author:xuelei
Date: 2013-11-14 16:08 -0800
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/40d0ccd00f87
8014266: regression test AsyncSSLSocketClose.java time out.
Reviewed-by: xuelei
Contributed-by: Rajan Halade rajan.hal...@oracle.com
!
Changeset: 1158d504e39e
Author:xuelei
Date: 2013-11-13 01:14 -0800
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/1158d504e39e
8023147: Test DisabledShortRSAKeys.java intermittent failed
Reviewed-by: mullan
! test/sun/security/ssl/javax/net/ssl/TLSv12/DisabledShortRSAKeys.java
Changeset: fb202a8e83c9
Author:xuelei
Date: 2013-10-13 21:10 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/fb202a8e83c9
8026119: Regression test DHEKeySizing.java failing intermittently
Reviewed-by: weijun
!
Changeset: 0d5f4f1782e8
Author:xuelei
Date: 2013-10-07 18:46 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0d5f4f1782e8
6956398: make ephemeral DH key match the length of the certificate key
Reviewed-by: weijun
! src/share/classes/sun/security/ssl/ServerHandshaker.java
+
Changeset: 3fca37c636be
Author:xuelei
Date: 2013-10-01 20:25 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/3fca37c636be
8025123: SNI support in Kerberos cipher suites
Reviewed-by: weijun, xuelei
Contributed-by: Artem Smotrakov artem.smotra...@oracle.com
!
Changeset: c9083205e6eb
Author:xuelei
Date: 2013-09-10 21:31 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/c9083205e6eb
8024501: sun.security.mscapi.Key has no definition of serialVersionUID
Reviewed-by: weijun
! src/windows/classes/sun/security/mscapi/Key.java
Changeset: f80b8af9c218
Author:xuelei
Date: 2013-09-09 19:07 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f80b8af9c218
802: Change to use othervm mode of tests in SSLEngineImpl
Reviewed-by: mullan
!
Changeset: 0f47f9f622d9
Author:xuelei
Date: 2013-09-07 17:05 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0f47f9f622d9
7188657: There should be a way to reorder the JSSE ciphers
Reviewed-by: weijun, wetmore
! src/share/classes/javax/net/ssl/SSLParameters.java
!
Changeset: ead6babac5a9
Author:xuelei
Date: 2013-09-01 20:00 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/ead6babac5a9
8024068: sun/security/ssl/javax/net/ssl/ServerName/IllegalSNIName.java fails
Reviewed-by: weijun
!
Changeset: cdf68747b0fb
Author:xuelei
Date: 2013-08-29 18:58 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/cdf68747b0fb
8023881: IDN.USE_STD3_ASCII_RULES option is too strict to use Unicode in
IDN.toASCII
Reviewed-by: michaelm
! src/share/classes/java/net/IDN.java
+
Changeset: 096e7c665857
Author:xuelei
Date: 2013-08-19 17:42 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/096e7c665857
8020842: IDN do not throw IAE when hostname ends with a trailing dot
Reviewed-by: weijun, michaelm
! src/share/classes/java/net/IDN.java
+
Changeset: 21a25911f7f7
Author:xuelei
Date: 2013-08-19 18:49 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/21a25911f7f7
8023230: The impl of KerberosClientKeyExchange maybe not exist
Reviewed-by: weijun
! src/share/classes/sun/security/ssl/KerberosClientKeyExchange.java
Changeset: ea4f4164422e
Author:xuelei
Date: 2013-08-11 18:21 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/ea4f4164422e
8022487: DEREncodedKeyValue.supportedKeyTypes should be private
Reviewed-by: mullan
!
Changeset: 8c7cf4926157
Author:xuelei
Date: 2013-08-07 06:42 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/8c7cf4926157
8013809: deadlock in SSLSocketImpl between between write and close
Reviewed-by: wetmore
! src/share/classes/sun/security/ssl/SSLSocketImpl.java
Changeset: d6de149b9f20
Author:xuelei
Date: 2013-08-01 07:34 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/d6de149b9f20
7127524: P11TlsPrfGenerator has anonymous inner class with serialVersionUID
Reviewed-by: vinnie
!
Changeset: 613cc7beba64
Author:xuelei
Date: 2013-07-29 19:36 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/613cc7beba64
8021841: Remove SSLEngineDeadlock.java from problem list
Reviewed-by: wetmore
! test/ProblemList.txt
Changeset: 60d1994f63f7
Author:xuelei
Date: 2013-06-27 19:22 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/60d1994f63f7
8019359: To comment why not use no_renegotiation to reject client initiated
renegotiation
Reviewed-by: wetmore
!
Changeset: a44bd993ce93
Author:xuelei
Date: 2013-06-20 07:48 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/a44bd993ce93
8017157: catch more exception in test RejectClientRenego
Reviewed-by: vinnie
!
Changeset: a76858faad59
Author:xuelei
Date: 2013-06-19 02:33 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/a76858faad59
7188658: Add possibility to disable client initiated renegotiation
Reviewed-by: weijun, wetmore
! src/share/classes/sun/security/ssl/Handshaker.java
!
Changeset: 2d9da733014f
Author:xuelei
Date: 2013-06-18 18:50 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/2d9da733014f
8000456: Add programmatic deadlock detection in SSLEngineDeadlock
Reviewed-by: wetmore
!
Changeset: 6407106f1b1c
Author:xuelei
Date: 2013-05-30 22:02 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/6407106f1b1c
8014618: Need to strip leading zeros in TlsPremasterSecret of DHKeyAgreement
Reviewed-by: xuelei
Contributed-by: Pasi Eronen p...@iki.fi
!
Changeset: 8402ef8fabde
Author:ascarpino
Date: 2013-05-30 22:19 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/8402ef8fabde
7160837: DigestOutputStream does not turn off digest calculation when close()
is called
Reviewed-by: mullan, xuelei
!
Changeset: 918d9ac17740
Author:ascarpino
Date: 2013-05-30 14:11 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/918d9ac17740
6750584: Cipher.wrap/unwrap methods should define UnsupportedOperationException
Reviewed-by: mullan
! src/share/classes/javax/crypto/Cipher.java
!
Hi,
There is another fix to avoid the use of mutable objects.
webrev: http://cr.openjdk.java.net/~xuelei/8010814/webrev.00/
Thanks,
Xuelei
if those env cases belong to #1.
I think both fixes are for #2.
Xuelei
Thanks
Max
On 5/16/13 5:08 PM, Xuelei Fan wrote:
Hi,
There is another fix to avoid the use of mutable objects.
webrev: http://cr.openjdk.java.net/~xuelei/8010814/webrev.00/
Thanks,
Xuelei
Changeset: 76998d11a643
Author:xuelei
Date: 2013-05-13 05:41 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/76998d11a643
8005535: SSLSessionImpl should have protected finalize()
Reviewed-by: weijun, wetmore
! src/share/classes/sun/security/ssl/SSLSessionImpl.java
Changeset: 46db0e633240
Author:xuelei
Date: 2013-05-13 06:05 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/46db0e633240
8005598: (reopened) Need to clone array of input/output parameters
Reviewed-by: weijun
! src/share/classes/com/sun/jndi/dns/DnsContext.java
!
Hi,
There is some constructors issues about mutable objects in
com.sun.jndi.toolkit.
webrev: http://cr.openjdk.java.net/~xuelei/8010815/webrev.00/
Thanks,
Xuelei
Hi,
It's a correction of previous fix of JDK-8003265:
http://hg.openjdk.java.net/jdk8/tl/jdk/rev/4472a641b4dc
Which introduced compiler warning and error, and backouted later.
Thanks,
Xuelei
Oops, here is the webrev:
http://cr.openjdk.java.net/~xuelei/8005598/webrev.00/
Xuelei
On 5/9/2013 10:30 AM, Xuelei Fan wrote:
Hi,
It's a correction of previous fix of JDK-8003265:
http://hg.openjdk.java.net/jdk8/tl/jdk/rev/4472a641b4dc
Which introduced compiler warning and error
Changeset: 7bdb3e186497
Author:xuelei
Date: 2013-04-18 22:23 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/7bdb3e186497
8006935: Need to take care of long secret keys in HMAC/PRF compuation
Reviewed-by: valeriep
!
Changeset: def2e05299b7
Author:xuelei
Date: 2013-03-01 02:34 -0800
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/def2e05299b7
7030966: Support AEAD CipherSuites
Reviewed-by: weijun, wetmore, valeriep
! src/share/classes/com/sun/crypto/provider/TlsKeyMaterialGenerator.java
!
Changeset: edb7e34a0531
Author:xuelei
Date: 2013-01-14 18:31 -0800
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/edb7e34a0531
8006265: Add test SSLEngineDeadlock.java to ProblemList
Reviewed-by: weijun
! test/ProblemList.txt
Changeset: 645d774b683a
Author:xuelei
Date: 2012-12-28 00:48 -0800
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/645d774b683a
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
Summary: This restriction is applied via the Java Security property,
Changeset: 4472a641b4dc
Author:xuelei
Date: 2012-12-28 03:50 -0800
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/4472a641b4dc
8003265: Need to clone array of input/output parameters
Reviewed-by: mullan
! src/share/classes/com/sun/jndi/dns/DnsContext.java
!
Changeset: ead651efb271
Author:xuelei
Date: 2012-12-03 06:00 -0800
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/ead651efb271
8004184: security tests leave JSSEServer running
Summary: Use othervm mode to release resources, and correct the system
properties issues in JSSE
Changeset: 46c627801490
Author:xuelei
Date: 2012-11-28 05:18 -0800
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/46c627801490
8004019: Removes unused method HandshakeHash.setCertificateVerifyAlg()
Summary: certification verification in HandshakeHash was abandoned during TLS
1.2
Changeset: f7d45462b225
Author:xuelei
Date: 2012-11-24 04:09 -0800
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f7d45462b225
8003950: Adds missing Override annotations and removes unnecessary imports in
sun.security.ssl
Reviewed-by: xuelei
Contributed-by: Florian Weimer
Changeset: d30c13172254
Author:xuelei
Date: 2012-11-24 04:27 -0800
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/d30c13172254
8003951: Removes unused variables in sun.security.ssl
Reviewed-by: xuelei
Contributed-by: Florian Weimer fwei...@redhat.com
!
Changeset: 25e5df117021
Author:xuelei
Date: 2012-11-18 01:31 -0800
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/25e5df117021
8003587: Warning cleanup in package javax.net.ssl
Summary: Removes unnecessary imports and adds missing Override annotations
Reviewed-by: xuelei
Looks fine to me.
Xuelei
On 11/16/2012 10:54 PM, Sean Mullan wrote:
This change affects components in the security and core libs areas.
This is a minor specification clarification to avoid the use of the terms
valid and invalid when describing the syntax for wildcard names in
Changeset: 9edfa0e761b9
Author:xuelei
Date: 2012-11-09 01:15 -0800
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/9edfa0e761b9
8001569: Regression test GetPeerHost uses static port number
Reviewed-by: weijun
!
Changeset: e782f3c383fe
Author:xuelei
Date: 2012-10-24 08:25 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/e782f3c383fe
8001466: Nightly regression test failure of SSLSocketSNISensitive.java
Reviewed-by: weijun
!
Changeset: a58585051c4b
Author:xuelei
Date: 2012-09-26 21:05 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/a58585051c4b
7200295: CertificateRequest message is wrapping when using large numbers of
Certs
Reviewed-by: wetmore
!
Changeset: 88a4f699d233
Author:xuelei
Date: 2012-09-18 06:51 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/88a4f699d233
7199066: Typo in method name
Reviewed-by: mullan
! src/share/classes/sun/security/ssl/SSLContextImpl.java
!
Changeset: b7b33a3c9df0
Author:xuelei
Date: 2012-09-04 02:24 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/b7b33a3c9df0
7195733: TEST_BUG:
sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/B6216082.java
failing
Reviewed-by: chegar, alanb, xuelei
Changeset: e0e7cc711bda
Author:xuelei
Date: 2012-07-24 03:31 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/e0e7cc711bda
7185576: Need to consider the connection timeout at
test/com/sun/jndi/ldap/InvalidLdapFilters.java
Reviewed-by: vinnie
!
Changeset: 3ae91286f313
Author:xuelei
Date: 2012-07-03 20:29 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/3ae91286f313
7180038: regression test failure, SSLEngineBadBufferArrayAccess.java
Reviewed-by: weijun
!
Changeset: cdcbd22cfb9d
Author:xuelei
Date: 2012-06-19 17:28 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/cdcbd22cfb9d
7166487: checkSequenceNumber method never called within readRecord of
SSLEngineImpl
Reviewed-by: weijun
!
Changeset: f8e72d7ff37d
Author:xuelei
Date: 2012-06-06 18:18 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f8e72d7ff37d
7174244: NPE in Krb5ProxyImpl.getServerKeys()
Reviewed-by: weijun
! src/share/classes/sun/security/ssl/SSLContextImpl.java
!
Changeset: 713b10821c3d
Author:xuelei
Date: 2012-06-06 18:39 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/713b10821c3d
7172149: ArrayIndexOutOfBoundsException from Signature.verify
Summary: take care of integer addition overflow
Reviewed-by: xuelei, wetmore
Contributed-by:
Changeset: 9fe6ebbe5895
Author:xuelei
Date: 2012-05-17 21:59 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/9fe6ebbe5895
7145960: sun/security/mscapi/ShortRSAKey1024.sh failing on windows
Reviewed-by: vinnie, wetmore
! test/sun/security/mscapi/ShortRSAKey1024.sh
!
Changeset: df3152beef2f
Author:xuelei
Date: 2012-05-14 07:26 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/df3152beef2f
7167988: PKIX CertPathBuilder in reverse mode doesn't work if more than one
trust anchor is specified
Reviewed-by: mullan
!
Changeset: 0f63f3390ac9
Author:xuelei
Date: 2012-05-08 18:08 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0f63f3390ac9
7166570: JSSE certificate validation has started to fail for certificate chains
Reviewed-by: wetmore
!
Changeset: 41d3f7509e00
Author:xuelei
Date: 2012-05-04 17:28 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/41d3f7509e00
7153184: NullPointerException when calling
SSLEngineImpl.getSupportedCipherSuites
Reviewed-by: weijun
!
Changeset: 71fdf32fdc65
Author:xuelei
Date: 2012-05-01 03:48 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/71fdf32fdc65
7158688: Typo in SSLContext Spec
Reviewed-by: weijun, wetmore
! src/share/classes/javax/net/ssl/SSLContext.java
Changeset: f0842ed897c3
Author:xuelei
Date: 2012-04-27 04:25 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f0842ed897c3
6996372: synchronizing handshaking hash
Summary: remove the unnecessary synchronization. Also reviewed by David
Schlosnagle (schlo...@gmail.com)
Changeset: a4e3dde9a8a7
Author:xuelei
Date: 2012-02-21 05:44 -0800
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/a4e3dde9a8a7
7147407: remove never used debug code in DnsClient.java
Reviewed-by: vinnie
! src/share/classes/com/sun/jndi/dns/DnsClient.java
Changeset: 45804d661008
Author:xuelei
Date: 2012-02-15 23:45 -0800
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/45804d661008
7145837: a little performance improvement on the usage of SecureRandom
Reviewed-by: chegar, wetmore
! src/share/classes/sun/security/ssl/CipherSuite.java
Changeset: da8b8ee281f9
Author:xuelei
Date: 2012-02-10 22:17 -0800
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/da8b8ee281f9
7144781: incorrect URLs in JSSE java doc
Reviewed-by: wetmore, skannan
! src/share/classes/javax/net/ssl/ExtendedSSLSession.java
!
Changeset: d383b5d128e3
Author:xuelei
Date: 2012-01-23 04:44 -0800
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/d383b5d128e3
7132248:
sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/CookieHttpsClientTest.java
failing
Reviewed-by: alanb
!
Changeset: 11e52d5ba64e
Author:xuelei
Date: 2012-01-12 03:39 -0800
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/11e52d5ba64e
7106773: 512 bits RSA key cannot work with SHA384 and SHA512
Reviewed-by: weijun
! src/share/classes/sun/security/pkcs11/P11Cipher.java
!
Changeset: 82151e860a64
Author:xuelei
Date: 2011-11-23 03:40 -0800
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/82151e860a64
7113275: compatibility issue with MD2 trust anchor and old X509TrustManager
Summary: also reviewed by dennis...@oracle.com
Reviewed-by: mullan
!
Changeset: 5c7c83a6ee24
Author:xuelei
Date: 2011-11-14 01:21 -0800
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/5c7c83a6ee24
7111548: unexpected debug log message
Reviewed-by: wetmore
! src/share/classes/sun/security/ssl/SSLSocketImpl.java
Changeset: 30900a1a9cfc
Author:xuelei
Date: 2011-10-30 20:07 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/30900a1a9cfc
7106277: Brokenness in the seqNumberOverflow of MAC
Reviewed-by: wetmore
! src/share/classes/sun/security/ssl/MAC.java
Changeset: ffa762153af4
Author:xuelei
Date: 2011-09-28 15:10 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/ffa762153af4
7092375: Security Libraries don't build with javac -Werror
Summary: Changes to security related java and make files to remove warnings
Reviewed-by: xuelei
I reviewed the security part. In general, it looks fine. But sometimes,
from my very personal view, the exception-chain might be over used. For
example, the following code:
try {
md = MessageDigest.getInstance(SHA);
} catch (NoSuchAlgorithmException nsae) {
throw new
1 - 100 of 156 matches
Mail list logo