The security tests look fine.
--Sean
On 11/01/2013 07:18 AM, Sergey Bylokhov wrote:
Hello.
Please review the fix for jdk 8.
Most of tests in the sound area, and some tests in the client,
java.lang, security, jmx etc has incorrect copyright.
According to the http://openjdk.java.net/faq
GPL v2 +
comments (20 Sept [4])
- Steffan Larsen (svc): APPROVED (20 Sept [5])
- Phil Race (2d): Initial comments (18 Sept [6]); Additional comments (15
Oct [7])
- Sean Mullan (sec): Initial comments (26 Sept [8])
[2]:
http://mail.openjdk.java.net/pipermail/ppc-aix-port-dev/2013-September/001045.html
[3
On 12/10/2013 08:51 AM, Alan Bateman wrote:
In JDK 8 we deprecated the JDK 1.1-era SecurityManager methods
checkTopLevelWindow, checkSystemClipboard and
checkAccessAwtEventQueueAccess with a warning that they would be changed
in a future release to check AllPermission. At the same time we
Changeset: aef6c726810e
Author:mullan
Date: 2013-12-23 14:03 -0500
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/aef6c726810e
8030813: Signed applet fails to load when CRLs are stored in an LDAP directory
Summary: Skip JNDI application resource lookup to avoid recursive JAR
Changeset: 57c26829deb6
Author:mullan
Date: 2014-01-22 19:06 -0500
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/57c26829deb6
8031825: OCSP client can't find responder cert if it uses a different subject
key id algorithm than responderID
Reviewed-by: vinnie, xuelei
!
The java.security-aix file looks fine to me.
--Sean
On 01/29/2014 12:59 PM, Volker Simonis wrote:
Hi,
please review the following small change:
http://cr.openjdk.java.net/~simonis/webrevs/8033154/
which fixes the AIX build after the integration of
ppc-aix-port/stage-9/jdk to jdk9/dev/jdk.
On 02/03/2014 02:19 PM, huizhe wang wrote:
The JDK contains an older Xerces implementation, version 2.7.1. Although there
were
updates in JDK 7 to bring in some changes, we did not bring it completely up to
date
to any later release. The goal of this JEP is to complete the update and bring
Just a few comments:
1. When you write a test that uses the jtreg /policy option, the policy
file overrides the system policy file. If the test depends on a standard
extension, then you may get SecurityExceptions unless additional perms
are granted. Thus, there are quite a few tests that
On 04/23/2014 05:29 PM, Mandy Chung wrote:
On 4/23/2014 1:10 PM, Sean Mullan wrote:
Just a few comments:
1. When you write a test that uses the jtreg /policy option, the
policy file overrides the system policy file. If the test depends on a
standard extension, then you may get
The security specific files look fine to me.
--Sean
On 06/03/2014 09:22 PM, Henry Jen wrote:
Hi,
In an effort to determine APIs availability in a given version, it
became obvious that a consistent way to express @since tag would be
beneficial.
So started with the most obvious ones, where we
I don't see a pointer to the webrev/patch -- did you forget to include it?
--Sean
On 07/11/2014 07:33 PM, Martin Buchholz wrote:
Thanks to Peter for digging into the secure seed generator classes and
coming up with a patch. Openjdk security folks, please review. I confess
to getting lost
Hello all,
I have submitted a JEP for Improve Security Manager Performance that I
am seeking further review and feedback:
https://bugs.openjdk.java.net/browse/JDK-8043631
This is very similar to a draft I posted earlier [1], but has been
re-drafted using the JEP 2.0 process. The JEP is
Changeset: d375ea39ce9c
Author:mullan
Date: 2012-07-03 14:56 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/d375ea39ce9c
7133344: Document the java.security.properties system property feature in the
java.security file
Reviewed-by: hawtin, mullan, weijun
Contributed-by:
Changeset: 21c590fdc8cb
Author:mullan
Date: 2012-08-01 11:06 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/21c590fdc8cb
7179715: OCSP revocation checking fails if the signer certificate is identified
using the key ID
Reviewed-by: vinnie
!
Changeset: b0bfa441d70f
Author:mullan
Date: 2012-08-02 10:40 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/b0bfa441d70f
7026347: Certificate and X509CRL should have verify(PublicKey key, Provider
sigProvider)
Reviewed-by: mullan, xuelei, weijun
Contributed-by:
Changeset: 57b5025548d6
Author:mullan
Date: 2012-08-10 09:12 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/57b5025548d6
7187962: sun.security.pkcs11.P11DSAKeyFactory.implTranslatePublicKey doesn't
check if params is null
Reviewed-by: valeriep
!
Changeset: 6b2ebf3c4964
Author:mullan
Date: 2012-08-17 14:32 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/6b2ebf3c4964
6500133: REGRESSION: CertificateParsingException for CRL Distribution Point
with blank
Reviewed-by: mullan
Contributed-by: jason...@oracle.com
!
Changeset: 8b90182f2b33
Author:mullan
Date: 2012-08-28 08:43 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/8b90182f2b33
7192896: Reason of CertPathValidatorException should be
UNDETERMINED_REVOCATION_STATUS if OCSP request failed
Reviewed-by: xuelei
!
Changeset: 0a2565113920
Author:mullan
Date: 2012-08-30 14:40 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0a2565113920
6995421: Eliminate the static dependency to sun.security.ec.ECKeyFactory
Reviewed-by: mullan, vinnie
Contributed-by: stephen.flo...@oracle.com
!
Changeset: 7f081e14364e
Author:mullan
Date: 2012-09-07 12:49 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/7f081e14364e
4647343: IDENT variable in sun.security.x509 classes not used
Reviewed-by: mullan
Contributed-by: jason...@oracle.com
-
Changeset: a51f86e2dce9
Author:mullan
Date: 2012-09-10 08:57 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/a51f86e2dce9
7195301: XML Signature DOM implementation should not use instanceof to
determine type of Node
Reviewed-by: xuelei
!
Changeset: 7a16cd3bd2d9
Author:mullan
Date: 2012-09-12 15:20 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/7a16cd3bd2d9
7196593: java.security.debug=help doesn't list certpath option
Reviewed-by: mullan, wetmore, valeriep
Contributed-by: jason...@oracle.com
!
Changeset: eae1384cff39
Author:mullan
Date: 2012-09-14 10:13 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/eae1384cff39
7176627: CertPath/jep124/PreferCRL_SoftFail test fails (Could not determine
revocation status)
Reviewed-by: xuelei
!
(Forwarding to security-dev as this should be discussed in that group, not
core-libs).
On 10/18/12 5:02 PM, chris...@zoulas.com wrote:
Hello,
This simple fix allows kerberos authentication to work with:
-Dsun.security.jgss.native=true
and microsoft's sqljdbc 4.0.2206.100 driver.
Changeset: 1e7dd9e05ce2
Author:mullan
Date: 2012-11-08 12:51 -0500
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/1e7dd9e05ce2
7198416: CertificateIssuerName and CertificateSubjectName are redundant
Reviewed-by: mullan
Contributed-by: jason...@oracle.com
!
This change affects components in the security and core libs areas.
This is a minor specification clarification to avoid the use of the terms
valid and invalid when describing the syntax for wildcard names in
java.security.BasicPermission and various subclasses. This could be implied that
these
Changeset: c97618a3c8c2
Author:juh
Date: 2012-12-13 09:35 -0500
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/c97618a3c8c2
7193792: sun/security/pkcs11/ec/TestECDSA.java failing intermittently
Reviewed-by: vinnie, wetmore
! test/ProblemList.txt
!
Changeset: 4d28776d7007
Author:mullan
Date: 2012-12-26 10:07 -0500
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/4d28776d7007
8005117: Eliminate dependency from ConfigSpiFile to
com.sun.security.auth.login.ConfigFile
Reviewed-by: alanb, mchung, weijun
!
Changeset: 86828e84654f
Author:mullan
Date: 2013-01-08 19:00 -0500
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/86828e84654f
7019834: Eliminate dependency from PolicyFile to
com.sun.security.auth.PrincipalComparator
Summary: Add new java.security.Principal.implies method
Changeset: c7d54f93d3e5
Author:juh
Date: 2013-01-16 09:51 -0500
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/c7d54f93d3e5
8005389: Backout fix for JDK-6500133
Reviewed-by: mullan
! src/share/classes/sun/security/x509/URIName.java
! test/sun/security/x509/URIName/Parse.java
Changeset: f7f77bdf248b
Author:juh
Date: 2013-01-16 13:35 -0500
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f7f77bdf248b
8005939: sun/security/x509/{X509CRLImplX509CertImpl}/Verify.java fail in
confusing way when some providers not present
Reviewed-by: mullan, weijun
!
Changeset: 89f37f7188df
Author:mullan
Date: 2013-01-23 20:46 -0500
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/89f37f7188df
8006813: Compilation error in PKCS12KeyStore.java
Reviewed-by: valeriep
! src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java
Changeset: 267bca6af07e
Author:jzavgren
Date: 2013-02-19 15:31 -0500
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/267bca6af07e
8008107: [parfait] Use after free of pointer in
jdk/src/share/native/sun/security/pkcs11/wrapper/p11_convert.c
Reviewed-by: mullan, chegar
!
The security related ones look ok to me.
--Sean
On 02/21/2013 01:46 PM, Alan Bateman wrote:
Joe Darcy recently added @jdk.Supported [1] to make it possible to
identify JDK-specific APIs.
I'd like to add this to a number of APIs in the com.sun namespace to
make it obvious these are supported.
Changeset: 1652ac7b4bfd
Author:mullan
Date: 2013-03-01 16:12 -0500
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/1652ac7b4bfd
8008908: Access denied when invoking Subject.doAsPrivileged()
Summary: wildcard principal names are not processed correctly
Reviewed-by: xuelei
!
The changes to classes in the security component look fine. One question
I have is about the change to javax/xml/crypto/dsig/Manifest.java. Was
there a specific error here or did you just want to make this cleaner by
removing all of the html special character handling? The reason I ask is
that
(cc-ing security-dev for comments)
Original thread is at
http://mail.openjdk.java.net/pipermail/core-libs-dev/2013-June/017912.html
--Sean
On 06/12/2013 11:17 AM, Brian Burkhalter wrote:
On Jun 12, 2013, at 6:19 AM, Florian Weimer wrote:
On 06/11/2013 11:31 PM, Brian Burkhalter wrote:
Changeset: f695f447f6b7
Author:jzavgren
Date: 2013-06-14 09:13 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f695f447f6b7
8014307: Memory leak ... security/jgss/wrapper/GSSLibStub.c
Summary: I modified the native procedure:
Changeset: 028ef97797c1
Author:mullan
Date: 2013-07-05 15:54 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/028ef97797c1
8011547: Update XML Signature implementation to Apache Santuario 1.5.4
Reviewed-by: xuelei
!
Changeset: a834ab2c1354
Author:mullan
Date: 2013-07-25 10:58 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/a834ab2c1354
8010748: Add PKIXRevocationChecker NO_FALLBACK option and improve SOFT_FAIL
option
Reviewed-by: vinnie
!
Changeset: 1744a32d3db3
Author:mullan
Date: 2013-07-25 20:12 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/1744a32d3db3
8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
Reviewed-by: xuelei
!
Changeset: 42b786f2fb99
Author:mullan
Date: 2013-08-02 08:30 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/42b786f2fb99
8001319: Add SecurityPermission insertProvider target name
Reviewed-by: vinnie
! src/share/classes/java/security/Security.java
!
Changeset: 1f4af3e0447e
Author:mullan
Date: 2013-08-06 08:31 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/1f4af3e0447e
8022120: JCK test api/javax_xml/crypto/dsig/TransformService/index_ParamMethods
fails
Summary: TransformService.init and marshalParams must throw
Changeset: ffacf3e7a130
Author:mullan
Date: 2013-08-12 09:03 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/ffacf3e7a130
8016848: javax_security/auth/login tests fail in compact 1 and 2 profiles
Summary: Change the default value of the login.configuration.provider
security
Changeset: 5b14d702b0b8
Author:ascarpino
Date: 2013-08-12 11:25 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/5b14d702b0b8
8020081: Cipher with OAEPPadding and OAEPParameterSpec can't be created
Reviewed-by: mullan
! src/share/classes/com/sun/crypto/provider/SunJCE.java
+
Changeset: 412b2f0950a9
Author:mullan
Date: 2013-08-13 10:06 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/412b2f0950a9
8022897: Add test/com/sun/crypto/provider/Cipher/RSA/TestOAEPPadding.java to
ProblemList
Reviewed-by: vinnie, chegar
! test/ProblemList.txt
Changeset:
Changeset: bce5205dbe84
Author:ascarpino
Date: 2013-08-14 10:50 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/bce5205dbe84
8022669: OAEPParameterSpec does not work if MGF1ParameterSpec is set to SHA2
algorithms
Reviewed-by: mullan
!
Changeset: f120e2c4b4b1
Author:mullan
Date: 2013-08-19 17:17 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f120e2c4b4b1
8016850: JCK javax.security.auth.Policy tests fail when run in Profiles mode
Summary: Move default javax.security.auth.Policy implementation to compact1
Changeset: 134283a88499
Author:mullan
Date: 2013-08-27 10:46 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/134283a88499
8023769: JDK-8016850 broke the old build
Summary: remove files that were moved/removed from
com/sun/security/auth/FILES_java.gmk
Reviewed-by: chegar,
Changeset: 6a1bfcde4d4d
Author:mullan
Date: 2013-08-27 12:04 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/6a1bfcde4d4d
8019830: Add com.sun.media.sound to the list of restricted package
Reviewed-by: vinnie
! src/share/lib/security/java.security-linux
!
Changeset: 0aba8b6232af
Author:mullan
Date: 2013-09-06 12:04 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0aba8b6232af
8023362: Don't allow soft-fail behavior if OCSP responder returns unauthorized
Reviewed-by: vinnie, xuelei
!
On 09/16/2013 12:30 PM, Volker Simonis wrote:
src/share/lib/security/java.security-aix
- Provide default java.security-aix for AIX.
The login.configuration.provider property should be set to:
sun.security.provider.ConfigFile
See 8016848 for more info.
After you make this change,
7 classes in com.sun.security.auth have been deprecated for several
major releases now. Should they still have this annotation?
--Sean
On 10/06/2013 04:03 PM, Alan Bateman wrote:
As a follow-up to Joe Darcy's rename of jdk.Supported to jdk.Exported,
I'd like to have another attempt at adding
On 10/07/2013 08:28 AM, Alan Bateman wrote:
On 07/10/2013 13:26, Sean Mullan wrote:
7 classes in com.sun.security.auth have been deprecated for several
major releases now. Should they still have this annotation?
--Sean
I know but aren't they still exported and supported?
They have all had
On 10/07/2013 08:58 AM, Alan Bateman wrote:
On 07/10/2013 13:36, Sean Mullan wrote:
We have only started removing some deprecated things in JDK, so it
just was never thought about until now. Marking these as supported
going forward strikes me as a bit strange, since we don't really want
anyone
Changeset: 4ad76262bac8
Author:mullan
Date: 2013-10-11 08:43 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/4ad76262bac8
8007292: Add JavaFX internal packages to package.access
Summary: build hooks to allow closed restricted packages to be added to
java.security file
Changeset: 5d866df64ae3
Author:mullan
Date: 2013-10-17 10:18 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/5d866df64ae3
8026346: test/java/lang/SecurityManager/CheckPackageAccess.java failing
Reviewed-by: vinnie
! src/share/lib/security/java.security-macosx
!
Changeset: 5f4aecd73caa
Author:mullan
Date: 2013-10-22 08:03 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/5f4aecd73caa
8021191: Add isAuthorized check to limited doPrivileged methods
Reviewed-by: weijun, xuelei
! src/share/classes/java/security/AccessControlContext.java
!
The changes in the security area look fine to me.
--Sean
On 10/22/2013 04:31 PM, roger riggs wrote:
Thanks for the comments, updated with Webrev with the suggestions.
http://cr.openjdk.java.net/~rriggs/webrev-javadoc-8026982/
Roger
On 10/22/2013 2:53 PM, roger riggs wrote:
Please
Changeset: fc7a6fa3589a
Author:ascarpino
Date: 2013-10-22 19:37 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/fc7a6fa3589a
8025763: Provider does not override new Hashtable methods
Reviewed-by: mullan
! src/share/classes/java/security/Provider.java
Changeset: b065de1700d3
Changeset: 0f5bab573e01
Author:mullan
Date: 2010-10-18 09:00 -0400
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/0f5bab573e01
6988599: CertificateRevokedException specifies name of authority but interacts
with authority instance
Reviewed-by: vinnie
!
Changeset: 34faa22a8ce8
Author:mullan
Date: 2010-11-08 11:33 -0500
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/34faa22a8ce8
6994717: expired certificate in test ValidateCertPath
Reviewed-by: vinnie
!
Changeset: 951db417fc3c
Author:mullan
Date: 2010-11-22 10:16 -0500
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/951db417fc3c
6995424: Eliminate dependency to a deprecated API
com.sun.security.auth.PolicyFile
Reviewed-by: mchung
!
Changeset: 291128e77395
Author:mullan
Date: 2010-12-08 10:21 -0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/291128e77395
6998860: Signed jar file verification is currently creating many extra new Sun
providers.
Reviewed-by: mchung
!
Changeset: ae38d1374e31
Author:mullan
Date: 2011-01-24 14:56 -0500
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/ae38d1374e31
5001004: Required Security Algorithms need to be defined
Reviewed-by: wetmore
! src/share/classes/java/security/AlgorithmParameterGenerator.java
!
Looks good to me.
--Sean
On 2/25/11 1:12 PM, Rama Pulavarthi wrote:
Please review this updated webrev that has the patch for JDK 7 repo.
http://cr.openjdk.java.net/~ohair/openjdk7/jdk7-tl-jaxws-7020513-open/webrev/
For background on this issue, this is not a new one. I am trying to port
the
Changeset: bc0c58d65e97
Author:mullan
Date: 2011-03-07 13:20 -0500
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/bc0c58d65e97
7022467: SecretKeyFactory doesn't support algorithm AES on Windows and Linux
Reviewed-by: wetmore, valeriep
!
Changeset: b8259e08543b
Author:mullan
Date: 2011-03-29 10:39 -0400
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/b8259e08543b
7019937: Translatability bug - Remove Unused String - String ID , read end of
file
7019938: Translatability bug - Remove Unused String - String ID can
/Makefile to run the tests.
http://cr.openjdk.java.net/~ramap/CR7020513-open-webrev/
thanks,
Rama Pulavarthi
On 02/25/2011 12:21 PM, Sean Mullan wrote:
Looks good to me.
--Sean
On 2/25/11 1:12 PM, Rama Pulavarthi wrote:
Please review this updated webrev that has the patch for JDK 7 repo.
http
Changeset: 2c46bf0a462c
Author:mullan
Date: 2011-04-21 17:39 -0400
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/2c46bf0a462c
7038175: Expired PKITS certificates causing CertPathBuilder and
CertPathValidator regression test failures
Reviewed-by: xuelei
!
Changeset: 0a80650409e1
Author:mullan
Date: 2011-05-24 14:15 -0700
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/0a80650409e1
703: Permissions resolved incorrectly for jar protocol (Patch from
bugs.openjdk.java.net)
Reviewed-by: alanb, chegar
Contributed-by:
Changeset: 49aef5a5416e
Author:mullan
Date: 2011-06-04 06:45 -0700
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/49aef5a5416e
7050329: test/java/security/Policy/GetPermissions/JarURL.java fails on Windows
Reviewed-by: alanb
! test/java/security/Policy/GetPermissions/JarURL.java
Several jigsaw unit tests are failing on Windows because of bug 4715154 [1]
which was closed a long time ago as Will Not Fix. Does anyone have any
suggestions as the best way to workaround this, short of replacing the call to
FileChannel.map with FileChannel.read? Are there any plans to fix
On 6/27/11 9:19 AM, Alan Bateman wrote:
Sean Mullan wrote:
Several jigsaw unit tests are failing on Windows because of bug 4715154 [1]
which was closed a long time ago as Will Not Fix. Does anyone have any
suggestions as the best way to workaround this, short of replacing the call
Hey Alan,
Would it be a good idea if we add this Windows limitation to the NIO javadocs
somewhere, say in the FileChannel class? I spent a lot of time chasing this down
until I finally figured out it was a known issue.
--Sean
On 6/27/11 9:19 AM, Alan Bateman wrote:
Sean Mullan wrote
Changeset: f68d30c0a2e3
Author:mullan
Date: 2011-07-06 11:08 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f68d30c0a2e3
7054969: Null-check-in-finally pattern in java/security documentation
Reviewed-by: vinnie
! src/share/classes/java/security/KeyStore.java
!
Changeset: d1c04dac850d
Author:mullan
Date: 2011-08-29 12:22 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/d1c04dac850d
7024771: \\ in attribute value part of X500Principal constructor parameter
makes strange effect
Reviewed-by: vinnie
!
On 9/24/11 5:55 AM, Sebastian Sickelmann wrote:
Am 23.09.2011 20:54, schrieb Sean Mullan:
On 9/17/11 3:09 PM, Sebastian Sickelmann wrote:
i have updated the webrev [0].
But i think that L69 and L72 of the test should be changed to
checkMutable and the implementation of the exceptions
Changeset: 62e1389fdb0a
Author:mullan
Date: 2011-09-26 17:20 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/62e1389fdb0a
7088502: Security libraries don't build with javac -Werror
Summary: Changes to files in
src/share/classes/com/sun/org/apache/xml/internal/security and
On 9/30/11 2:15 PM, Sebastian Sickelmann wrote:
I think I know the reason. If you allow initCause to be called when a
cause is
not initially provided, then getCause will still return null, which
seems wrong.
getCause() of Throwable and all classes that doesn't had a chaining
before
Changeset: 01615d3e74ed
Author:mullan
Date: 2011-10-13 13:50 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/01615d3e74ed
6953295: Move few sun.security.{util, x509, pkcs} classes used by
keytool/jarsigner to another package
Reviewed-by: mchung
!
Changeset: 9bf526cc4046
Author:mullan
Date: 2011-10-18 10:12 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/9bf526cc4046
7092897: sun.security.util.Cache should be generified
Reviewed-by: xuelei
! src/share/classes/sun/security/pkcs11/KeyCache.java
!
Changeset: 57eb9136b73b
Author:mullan
Date: 2011-10-19 10:15 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/57eb9136b73b
7102686: Restructure timestamp code so that jars and modules can more easily
share the same code
Reviewed-by: mchung
!
On 12/10/11 7:46 AM, Sebastian Sickelmann wrote:
Am 09.12.2011 17:07, schrieb Sean Mullan:
On 12/6/11 3:48 PM, Sebastian Sickelmann wrote:
Am 05.12.2011 19:06, schrieb Sean Mullan:
On 12/2/11 11:02 AM, Sean Mullan wrote:
[0] Solution 1
http://dl.dropbox.com/u/43692695/oss-patches/openjdk8
Changeset: 3df0bd3ed880
Author:mullan
Date: 2012-01-23 12:17 -0500
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/3df0bd3ed880
7131084: XMLDSig XPathFilter2Transform regression involving intersect filter
Reviewed-by: xuelei
!
Changeset: 0720542d6c1e
Author:mullan
Date: 2012-02-15 07:45 -0500
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0720542d6c1e
7024604: OID.1 causes IAE in X500Principal constructor
Reviewed-by: vinnie
! src/share/classes/javax/security/auth/x500/X500Principal.java
!
Changeset: fa26ac92b29e
Author:mullan
Date: 2012-04-13 09:46 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/fa26ac92b29e
7152564: Improve CodeSource.matchLocation(CodeSource) performance
7155693: CodeSource.matchLocation getPort test can be improved
Reviewed-by: chegar
!
On 4/12/12 6:25 PM, Joe Wang wrote:
This is a follow-up update on Kelly's change that dropped the jaxp
source drop bundle process. With this update, the jaxp source in JDK8
will be sync-ed with the current JAXP 1.4.5, and also JDK7u (the last
change was 7151484). Going forward, we'll
On 4/16/12 2:38 PM, Joe Wang wrote:
I've added the testcase. The new webrev is here:
http://cr.openjdk.java.net/~joehw/jdk8/7160380/jdk/webrev/
Looks good.
Thanks,
Sean
Also, Lance has reviewed the long list of the source changes.
Thanks!
-Joe
On 4/16/2012 7:20 AM, Sean Mullan
Looks fine, just a couple of nits.
src/macosx/classes/com/apple/concurrent/LibDispatchNative.java,
- the closing static brace is not indented the same as the open brace.
src/solaris/classes/sun/management/FileSystemImpl.java
src/windows/classes/sun/management/FileSystemImpl.java
-
Changeset: 0c6830e7241f
Author:mullan
Date: 2012-05-30 17:19 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0c6830e7241f
6854712: Revocation checking enhancements (JEP-124)
6637288: Add OCSP support to PKIX CertPathBuilder implementation
7126011:
Changeset: 8deec0d1fc6f
Author:mullan
Date: 2012-06-15 08:43 -0400
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/8deec0d1fc6f
7176326: CertPath/CertPathBuilderTest failures after webrev
6854712_6637288_7126011
Reviewed-by: xuelei
!
Changeset: 3a3e02a55de8
Author:mullan
Date: 2008-11-06 12:12 -0500
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/3a3e02a55de8
6765046: CertPathValidatorException(Throwable).getMessage() always returns null
since b37
Reviewed-by: vinnie
!
Changeset: 4da7b972b391
Author:mullan
Date: 2009-06-10 09:12 -0700
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/4da7b972b391
6845161: Bottleneck in Configuration.getConfiguration synchronized call
Summary: Reduce scope of synchronized block
Reviewed-by: weijun
!
Changeset: e387bb1367a7
Author:mullan
Date: 2009-06-18 09:04 -0400
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/e387bb1367a7
6833839: RFE: improve ManifestDigester by instantiating StringBuilder
constructor w/ initial value
Reviewed-by: weijun
!
Changeset: 1203425b5742
Author:mullan
Date: 2009-07-20 17:16 -0400
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/1203425b5742
6787645: CRL validation code should permit some clock skew when checking
validity of CRLs
Reviewed-by: vinnie
!
Changeset: 8252729d51a3
Author:mullan
Date: 2009-09-09 09:54 -0400
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/8252729d51a3
6745437: Add option to only check revocation of end-entity certificate in a
chain of certificates
6869739: Cannot check revocation of single certificate
Changeset: 5d2e63dad298
Author:mullan
Date: 2009-11-23 12:36 -0500
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/5d2e63dad298
6899503: Security code issue using Verisign root certificate
Summary: Add support for reordering out-of-order certificate chains
Reviewed-by: vinnie,
Changeset: 7c9be6c9385a
Author:mullan
Date: 2009-12-10 11:31 -0500
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/7c9be6c9385a
6867348: Digest Value of References inside Manifest - calculation order problem
Reviewed-by: xuelei
!
The security fix looks fine.
--Sean
Joseph D. Darcy wrote:
Hello.
Another round of javadoc build warnings fixes for review; this time
mostly in rmi, but one in security and another in management.
Patch below; webrev at
http://cr.openjdk.java.net/~darcy/6909563.0/
-Joe
---
1 - 100 of 288 matches
Mail list logo
