; -Original Message-
> > From: Sean Mullan
> > Sent: Dienstag, 11. September 2018 20:44
> > To: Langer, Christoph ; Baesken, Matthias
> > ; Weijun Wang
> > Cc: security-...@openjdk.java.net; core-libs-dev@openjdk.java.net
> > Subject: Re: [RFR] 8205525 : I
ph ; Baesken, Matthias
> ; Weijun Wang
> Cc: security-...@openjdk.java.net; core-libs-dev@openjdk.java.net
> Subject: Re: [RFR] 8205525 : Improve exception messages during manifest
> parsing of jar archives
>
> On 9/11/18 8:14 AM, Langer, Christoph wrote:
> > Hi,
&g
On 9/11/18 8:14 AM, Langer, Christoph wrote:
Hi,
first of all, I suggest to use "jarDetails" instead of "jarPath" as category name. Because with this
contribution we add the notion of jar file plus line of manifest to Exceptions occurring when parsing jar manifests. And if there
were further
ias
>
>
> > -Original Message-
> > From: Weijun Wang
> > Sent: Dienstag, 11. September 2018 13:04
> > To: Baesken, Matthias
> > Cc: Langer, Christoph ; Sean Mullan
> > ; security-...@openjdk.java.net; core-libs-
> > d...@openjdk.java.net
> &
Langer, Christoph ; Sean Mullan
> ; security-...@openjdk.java.net; core-libs-
> d...@openjdk.java.net
> Subject: Re: [RFR] 8205525 : Improve exception messages during manifest
> parsing of jar archives
>
> Attributes.java:
>
> - Line 377: Too long, add a break.
>
> Ot
n Wang ; Baesken, Matthias
>>
>> Cc: Sean Mullan ; security-
>> d...@openjdk.java.net; core-libs-dev@openjdk.java.net
>> Subject: RE: [RFR] 8205525 : Improve exception messages during manifest
>> parsing of jar archives
>>
>> Hi,
>>
>>>>
en, Matthias
>
> Cc: Sean Mullan ; security-
> d...@openjdk.java.net; core-libs-dev@openjdk.java.net
> Subject: RE: [RFR] 8205525 : Improve exception messages during manifest
> parsing of jar archives
>
> Hi,
>
> > > do you think we need property jdk.includeInE
On 9/10/18 5:13 PM, Weijun Wang wrote:
On Sep 11, 2018, at 3:29 AM, Langer, Christoph wrote:
Ok, maybe it should be named "priviledgedGetOverridable" then.
Ah yes. My mistake.
Small spelling nit: there's no "d" before "g", so this should likely be
privilegedGetOverridable
> On Sep 11, 2018, at 3:29 AM, Langer, Christoph
> wrote:
>
> Ok, maybe it should be named "priviledgedGetOverridable" then.
Ah yes. My mistake.
Hi,
> > do you think we need property jdk.includeInExceptions=jar at
> all, if we don't resolve the absolute path?
>
> I think so. File path is still sensitive.
>
> In fact, I tend to believe people usually use absolute paths for JAR files (or
> maybe made absolute by using a file:// URL
> On Sep 10, 2018, at 10:46 PM, Langer, Christoph
> wrote:
>
> Hi Sean, Max,
>
> do you think we need property jdk.includeInExceptions=jar at all,
> if we don't resolve the absolute path?
I think so. File path is still sensitive.
In fact, I tend to believe people usually use absolute
nger, Christoph
> ; security-...@openjdk.java.net; core-libs-
> d...@openjdk.java.net
> Subject: Re: [RFR] 8205525 : Improve exception messages during manifest
> parsing of jar archives
>
>
>
> > On Sep 10, 2018, at 10:35 PM, Sean Mullan
> wrote:
> >
> >>
> On Sep 10, 2018, at 10:35 PM, Sean Mullan wrote:
>
>> After the changes I wonder - should the jarPath category be renamed to
>> jarFile (or something else) ?
>
> Yes, renaming it to "jarFile" makes more sense. You will need to update the
> CSR with this change too.
Well, maybe
On 9/10/18 9:59 AM, Baesken, Matthias wrote:
New webrev :
http://cr.openjdk.java.net/~mbaesken/webrevs/8205525.9/
- SocketExceptions class has been adjusted to new
sun.security.util.SecurityProperties
- Attributes getErrorPosition adjusted (see proposal of Christoph " I think it would
en, Matthias ; Wang Weijun
>> ; Sean Mullan
>> Cc: security-...@openjdk.java.net; core-libs-dev@openjdk.java.net
>> Subject: RE: [RFR] 8205525 : Improve exception messages during manifest
>> parsing of jar archives
>>
>> Hi Matthias,
>>
>> I think it would b
On 9/10/18 4:21 AM, Baesken, Matthias wrote:
I think it would be enough to drop the privileged section and just return
"filename" as is. (without conveting to a file object).
OK, any objections on this ?
No, this is fine with me.
--Sean
On 9/8/18 11:42 AM, Wang Weijun wrote:
Thinking about this again. Looks like the absolute path is not necessary. Even
if there are multiple files using the same name, they will be in different
directories, no matter absolute or relative. Suppose the jarPath info is used
for debugging purpose
ken, Matthias ; Wang Weijun
> ; Sean Mullan
> Cc: security-...@openjdk.java.net; core-libs-dev@openjdk.java.net
> Subject: RE: [RFR] 8205525 : Improve exception messages during manifest
> parsing of jar archives
>
> Hi Matthias,
>
> I think it would be enough to drop
ph
> Sent: Montag, 10. September 2018 10:04
> To: Baesken, Matthias ; Wang Weijun
> ; Sean Mullan
> Cc: security-...@openjdk.java.net; core-libs-dev@openjdk.java.net
> Subject: RE: [RFR] 8205525 : Improve exception messages during manifest
> parsing of jar archives
&g
t; To: Wang Weijun ; Sean Mullan
>
> Cc: security-...@openjdk.java.net; core-libs-dev@openjdk.java.net
> Subject: [CAUTION] RE: [RFR] 8205525 : Improve exception messages during
> manifest parsing of jar archives
>
> Hello are you fine with changing from file.getAbsoluteP
; Alan Bateman
> ; Chris Hegarty ;
> security-...@openjdk.java.net; core-libs-dev@openjdk.java.net
> Subject: Re: [RFR] 8205525 : Improve exception messages during manifest
> parsing of jar archives
>
> Thinking about this again. Looks like the absolute path is not ne
Thinking about this again. Looks like the absolute path is not necessary. Even
if there are multiple files using the same name, they will be in different
directories, no matter absolute or relative. Suppose the jarPath info is used
for debugging purpose mostly like the developer can find out
On 9/7/18 7:58 PM, Weijun Wang wrote:
In my understanding, the author deliberately wants to show the absolute paths when there are multiple jar files with the same name (Ex: a jar hell).
If you are very familiar with a particular application and understand
the risks associated with running
In my understanding, the author deliberately wants to show the absolute paths
when there are multiple jar files with the same name (Ex: a jar hell). Maybe we
can add some more detail in the java.security so an admin knows what exact
impact it has.
--Max
> On Sep 8, 2018, at 3:41 AM, Sean
On 8/29/18 10:01 AM, Baesken, Matthias wrote:
Hi Max, thanks for your input .
I created another webrev , this contains now the suggested
SecurityProperties class :
http://cr.openjdk.java.net/~mbaesken/webrevs/8205525.6/
java/util/jar/Attributes.java
469 return
On 8/27/18 10:25 AM, Baesken, Matthias wrote:
Will sun.net.util.SocketExceptions be changed to use the supporting
class or is that a separate issue?
I think this is a separate issue .
I think we should fix it as part of this issue. It shouldn't be hard and
then we don't have to file another
et
> Cc: Langer, Christoph
> Subject: Re: [RFR] 8205525 : Improve exception messages during manifest
> parsing of jar archives
>
> Hi Max, thanks for adding yourself as a reviewer.
>
> I set the CSR ( https://bugs.openjdk.java.net/browse/JDK-8207768 ) to
> proposed.
>
&
as"
> Cc: "security-...@openjdk.java.net" ,
> "core-libs-dev@openjdk.java.net" d...@openjdk.java.net>
> Subject: Re: [RFR] 8205525 : Improve exception messages during
> manifest parsing of jar archives
> Message-ID: <058bd7b5-4d3a-4b56-acb0-0dedddea2...@orac
>> Cc: Alan Bateman ; Sean Mullan
>> ; Chris Hegarty ;
>> security-...@openjdk.java.net; core-libs-dev@openjdk.java.net
>> Subject: Re: [RFR] 8205525 : Improve exception messages during manifest
>> parsing of jar archives
>>
>> Hi Matthias
>>
&
gt; >>> :manifest-line(e.g. test.jar:manifest-line 10 )
> >>
> >> How about you pass in the full name ("/path/to/file.jar!META-
> >> INF/MANIFEST.MF") to "new Manifest(stream,name)" directly?
> >>
> >> So th
, Matthias
>
>
>> -Original Message-
>> From: Weijun Wang
>> Sent: Freitag, 31. August 2018 15:53
>> To: Baesken, Matthias
>> Cc: Alan Bateman ; Sean Mullan
>> ; Chris Hegarty ;
>> security-...@openjdk.java.net; core-libs-dev@openjdk.
ava (after checking for
> jarPathInExceptionText). The getErrorPosition method simply concat the
> name (if not null) and the line number. Thus the exception thrown from
> parsing X.SF simply will not include any file info. If we want it we can
> enhance
> later.
>
> Thanks
>
>
>
> Best regards, Matthias
>
>
>
>> -Original Message-
>> From: Weijun Wang
>> Sent: Freitag, 31. August 2018 04:32
>> To: Baesken, Matthias
>> Cc: Alan Bateman ; Sean Mullan
>> ; Chris Hegarty ;
>> security-...@openj
egards, Matthias
> -Original Message-
> From: Weijun Wang
> Sent: Freitag, 31. August 2018 04:32
> To: Baesken, Matthias
> Cc: Alan Bateman ; Sean Mullan
> ; Chris Hegarty ;
> security-...@openjdk.java.net; core-libs-dev@openjdk.java.net
> Subject: Re: [RFR] 8
Or you can smuggle it out through JavaUtilJarAccess with SharedSecrets.
> On Aug 31, 2018, at 10:32 AM, Weijun Wang wrote:
>
> if we want to show the .SF name also, we will need a public API because
> SignatureFileVerifier.java is inside sun.security.util. Something like
>
Sorry for making this complicated.
Thanks
Max
> }
> .
>
>
> Best regards, Matthias
>
>
>
>> -Original Message-
>> From: Weijun Wang
>> Sent: Donnerstag, 30. August 2018 16:04
>> To: Baesken, Matthias
>> Cc: Alan Ba
> Cc: Alan Bateman ; Sean Mullan
> ; Chris Hegarty ;
> security-...@openjdk.java.net; core-libs-dev@openjdk.java.net
> Subject: Re: [RFR] 8205525 : Improve exception messages during manifest
> parsing of jar archives
>
>
>
> > On Aug 30, 2018, at 8:26 PM, Baesken
> On Aug 30, 2018, at 8:26 PM, Baesken, Matthias
> wrote:
>
>> - What will the output look like? Is it "/tmp/x.jar:100"?
>>
>
> Yes it look like this :
>
> line too long (/testdata/jars/file_with_long_line_1.jar:2)
Is this a little misleading? I think you mean
an ; Sean Mullan
> ; Chris Hegarty ;
> security-...@openjdk.java.net; core-libs-dev@openjdk.java.net
> Subject: Re: [RFR] 8205525 : Improve exception messages during manifest
> parsing of jar archives
>
> SecurityProperties.java:
>
> - Please add the copyright+license h
gt;
>> -Original Message-
>> From: Weijun Wang
>> Sent: Montag, 27. August 2018 17:35
>> To: Baesken, Matthias
>> Cc: Alan Bateman ; Sean Mullan
>> ; Chris Hegarty ;
>> security-...@openjdk.java.net; core-libs-dev@openjdk.java.net
>> Subject:
018 17:35
> To: Baesken, Matthias
> Cc: Alan Bateman ; Sean Mullan
> ; Chris Hegarty ;
> security-...@openjdk.java.net; core-libs-dev@openjdk.java.net
> Subject: Re: [RFR] 8205525 : Improve exception messages during manifest
> parsing of jar archives
>
>
>
>
essage-
>> From: Alan Bateman
>> Sent: Montag, 27. August 2018 15:52
>> To: Baesken, Matthias ; Sean Mullan
>> ; Chris Hegarty
>> Cc: core-libs-dev@openjdk.java.net; security Dev OpenJDK > d...@openjdk.java.net>
>> Subject: Re: [RFR] 8205525 : Improve e
Message-
> From: Alan Bateman
> Sent: Montag, 27. August 2018 15:52
> To: Baesken, Matthias ; Sean Mullan
> ; Chris Hegarty
> Cc: core-libs-dev@openjdk.java.net; security Dev OpenJDK d...@openjdk.java.net>
> Subject: Re: [RFR] 8205525 : Improve exception messages during mani
rty
> ; Alan Bateman
> Cc: core-libs-dev@openjdk.java.net; security Dev OpenJDK d...@openjdk.java.net>
> Subject: Re: [RFR] 8205525 : Improve exception messages during manifest
> parsing of jar archives
>
> I need more time to finish my review but here are some initial comment
On 8/13/18 11:18 AM, Baesken, Matthias wrote:
As Chris and Alan mentioned, you should move the parsing of the property
to a more general location so it can be used by other code that uses
this property.
Hi Sean, Thanks for the input and comments .
Could we do the moving of the property
I use this security property now as well , and updated the change :
> >>>
> >>> http://cr.openjdk.java.net/~mbaesken/webrevs/8205525.3/
> >>>
> >>> I updated the CSR as well :
> >>>
> >>> https://bugs.openjdk.java.net/b
ibs-dev@openjdk.java.net; Lindenmaier, Goetz
; Langer, Christoph
Subject: RE: [RFR] 8205525 : Improve exception messages during manifest
parsing of jar archives
Hello ,
looks like the generalization of the `includeInExceptions`
security property
is now in jdk/jdk aft
-Original Message-
>> From: Alan Bateman
>> Sent: Mittwoch, 8. August 2018 20:30
>> To: Baesken, Matthias ; Chris Hegarty
>>
>> Cc: core-libs-dev@openjdk.java.net; Lindenmaier, Goetz
>> ; Langer, Christoph
>> ; OpenJDK Dev list > d...@openjdk.ja
K Dev list d...@openjdk.java.net>
> Subject: Re: [RFR] 8205525 : Improve exception messages during manifest
> parsing of jar archives
>
> On 07/08/2018 16:00, Baesken, Matthias wrote:
> > Ping , any reviews / comments ?
> Did we get to a conclusion on whether to
On 07/08/2018 16:00, Baesken, Matthias wrote:
Ping , any reviews / comments ?
Did we get to a conclusion on whether to have central infrastructure to
read/parse the security property? As I recall, this one was originally
proposed before the generalization of the networking solution.
2018 12:28
To: 'Chris Hegarty' ; Alan Bateman
Cc: core-libs-dev@openjdk.java.net; Lindenmaier, Goetz
; Langer, Christoph
Subject: RE: [RFR] 8205525 : Improve exception messages during manifest
parsing of jar archives
Hello ,
looks like the generalization of the `includeInExceptions` security
gt;
> Subject: RE: [RFR] 8205525 : Improve exception messages during manifest
> parsing of jar archives
>
> Hello ,
> looks like the generalization of the `includeInExceptions` security
> property
> is now in jdk/jdk after
>
> "8207846: Generalize the jdk.n
18 14:54
> To: Alan Bateman ; Baesken, Matthias
>
> Cc: core-libs-dev@openjdk.java.net; Lindenmaier, Goetz
>
> Subject: Re: [RFR] 8205525 : Improve exception messages during manifest
> parsing of jar archives
>
>
> > On 19 Jul 2018, at 11:46, Alan Bateman
> wrote:
an ; Baesken, Matthias
>
> Cc: core-libs-dev@openjdk.java.net
> Subject: Re: [RFR] 8205525 : Improve exception messages during manifest
> parsing of jar archives
>
>
> > On 19 Jul 2018, at 13:54, Chris Hegarty wrote:
> >
> >
> > I filed the
> On 19 Jul 2018, at 13:54, Chris Hegarty wrote:
>
>
> I filed the following issue to generalize the `includeInExceptions` security
> property:
> https://bugs.openjdk.java.net/browse/JDK-8207846
I sent out an RFR for 8207846, since I think it is worth proceeding with
regardless of the
> On 19 Jul 2018, at 15:42, Sean Mullan wrote:
>
>> ...
>
> Note that making this a security property for all general cases may have
> performance implications in certain scenarios since the java.security file
> will need to be loaded and fully parsed before it can be used. If you are
>
quot; jdk.net.includeInExceptions " or do
>> you just mean the name of the property ? Best regards, Matthias
>>> -Original Message- From: Alan Bateman
>>> [mailto:alan.bate...@oracle.com] Sent: Mittwoch, 18. Juli 2018 19:44
>>> To: Baesken, Matthias
On 7/19/18 8:54 AM, Chris Hegarty wrote:
On 19 Jul 2018, at 11:46, Alan Bateman wrote:
On 19/07/2018 09:07, Baesken, Matthias wrote:
Hello, in the meantime I prepared a CSR :
https://bugs.openjdk.java.net/browse/JDK-8207768
jdk.includeInExceptions expands the scope. That might be okay
> On 19 Jul 2018, at 11:46, Alan Bateman wrote:
>
> On 19/07/2018 09:07, Baesken, Matthias wrote:
>> Hello, in the meantime I prepared a CSR :
>>
>> https://bugs.openjdk.java.net/browse/JDK-8207768
>>
>>
>>> jdk.includeInExceptions expands the scope. That might be okay but we
>>> will need
On 19/07/2018 09:07, Baesken, Matthias wrote:
Hello, in the meantime I prepared a CSR :
https://bugs.openjdk.java.net/browse/JDK-8207768
jdk.includeInExceptions expands the scope. That might be okay but we
will need to re-visit jdk.net.includeInExceptions and also move the
support to
;> From: Alan Bateman [mailto:alan.bate...@oracle.com]
>> Sent: Mittwoch, 18. Juli 2018 19:44
>> To: Baesken, Matthias ; core-libs-
>> d...@openjdk.java.net; Lindenmaier, Goetz
>> Subject: Re: [RFR] 8205525 : Improve exception messages during manifest
>> parsing
: Mittwoch, 18. Juli 2018 19:44
> To: Baesken, Matthias ; core-libs-
> d...@openjdk.java.net; Lindenmaier, Goetz
> Subject: Re: [RFR] 8205525 : Improve exception messages during manifest
> parsing of jar archives
>
> On 18/07/2018 09:21, Baesken, Matthias wrote:
> > Hi Alan, I
On 18/07/2018 09:21, Baesken, Matthias wrote:
Hi Alan, I'll prepare a CSR .
I selected a more general name "jdk.includeInExceptions" , because there is
the idea to enhance more exceptions with additional output .
In such a case " jdk.util.jar.includeInExceptions" would not really help .
ke to
enhance , so this has to be checked first .
Best regards, Matthias
> -Original Message-
> From: Alan Bateman [mailto:alan.bate...@oracle.com]
> Sent: Dienstag, 17. Juli 2018 13:39
> To: Baesken, Matthias ; core-libs-
> d...@openjdk.java.net
> Subject: Re: [RFR] 8205525
On 16/07/2018 14:53, Baesken, Matthias wrote:
Hello, after latest comments from Alan and JaikiranI created a new
webrev :
http://cr.openjdk.java.net/~mbaesken/webrevs/8205525.2/
The jar file path is now printed in case jdk.includeInExceptions contains
jarpath (this
ndenmaier, Goetz
> Subject: RE: [RFR] 8205525 : Improve exception messages during manifest
> parsing of jar archives
>
> Hi Alan, thanks for commenting on this .
>
> Jaikiran mentioned that printing just the jar file name and not file with
> path might be okay :
>
On 10/07/2018 10:53, Baesken, Matthias wrote:
Hi Alan, thanks for commenting on this .
Jaikiran mentioned that printing just the jar file name and not file with
path might be okay :
I am not a reviewer and neither do I have enough knowledge about whether
jar/file _names_ are considered
8 09:36
> To: Baesken, Matthias ; core-libs-
> d...@openjdk.java.net
> Cc: Lindenmaier, Goetz
> Subject: Re: [RFR] 8205525 : Improve exception messages during manifest
> parsing of jar archives
>
> On 06/07/2018 13:44, Baesken, Matthias wrote:
> > Hi Alan ,so it loo
On 06/07/2018 13:44, Baesken, Matthias wrote:
Hi Alan ,so it looks likeJDK-8204233 added a switch (system property)
to enable the enhanced socket IOException messages .
That would be an option as well for 8205525 .
Yes, it's documented in conf/security/java.security and something
:52
To: Baesken, Matthias ; core-libs-
d...@openjdk.java.net Cc: Lindenmaier, Goetz
Subject: Re: [RFR] 8205525 : Improve
exception messages during manifest parsing of jar archives On
25/06/2018 15:29, Baesken, Matthias wrote:
Hi, do you consider both the file name and line number as sensitive
018 16:52
> To: Baesken, Matthias ; core-libs-
> d...@openjdk.java.net
> Cc: Lindenmaier, Goetz
> Subject: Re: [RFR] 8205525 : Improve exception messages during manifest
> parsing of jar archives
>
> On 25/06/2018 15:29, Baesken, Matthias wrote:
> > Hi, do you consider
On 25/06/2018 15:29, Baesken, Matthias wrote:
Hi, do you consider both the file name and line number as sensitive ?
There was a similar discussion on net-dev recently related to
leaking host names in exceptions. Something similar may be needed here
Do you know the outcome of this
ds, Matthias
> -Original Message-
> From: Alan Bateman [mailto:alan.bate...@oracle.com]
> Sent: Montag, 25. Juni 2018 16:17
> To: Baesken, Matthias ; core-libs-
> d...@openjdk.java.net
> Subject: Re: [RFR] 8205525 : Improve exception messages during manifest
> parsing of jar
On 25/06/2018 14:55, Baesken, Matthias wrote:
Hello, please review this small change that improve exception messages during
manifest parsing of jar archives .
Thanks, Matthias
Bug :
https://bugs.openjdk.java.net/browse/JDK-8205525
Webrev :
74 matches
Mail list logo