Re: RFR 8078439: Kerberos auth fails if client proposes MS krb5 OID

Looks good to me. Thanks, Valerie On 4/30/2015 2:06 AM, Weijun Wang wrote: Hi Valerie I've updated the test a little to make sure the exception is NO_CRED and it's sent from the krb5 mech. It passed on my own machine and I'm running a JPRT job now. The webrev is at http://cr.openjdk.java.ne

Re: [9] RFR: 8076486: javax/security/auth/Subject/doAs/NestedActions.java fails if extra VM options are given

Great. It's now at http://hg.openjdk.java.net/jdk9/dev/jdk/rev/fff8ab918557. Thanks Max On 5/6/2015 12:01 AM, Artem Smotrakov wrote: Hi Max, It works fine if a sting starts with a whitespace. It looks like that jtreg removes whitespaces. Here is a command to run the test, and a piece of jtr fi

Re: [9] RFC: 8061798: Add support for TLS_FALLBACK_SCSV (RFC 7507)

As additional APIs are strongly desired, what do you think to make the API more general and easy to use? For example, using the name: SSLParameters.setUseFallbackMode(boolean isFallback) boolean SSLParameters.getuseFallbackMode() We can implement more for this parameters if need to take

Re: RFR: JDK-8075706 : Policy implementation does not allow policy.provider to be on the class path

I was trying to avoid too many changes, but in the end I decided it was better to refactor some of this code into a new method. So here is the new webrev: http://cr.openjdk.java.net/~mullan/webrevs/8075706/webrev.02/ Changes include: - bootstrapping code moved to new method named loadPoli

[9] RFC: 8061798: Add support for TLS_FALLBACK_SCSV (RFC 7507)

Here's a slightly updated version of the patch to implement TLS_FALLBACK_SCSV: Compared to the previous version, I added a references to RFC 7507, and addressed some drift in CipherSuite.java. I still believe very strongly that the addit

SSLSocket renegotiation issue (JSSE)

Hi, We have previously posted the following questions at [email protected] in a slightly different version - we have some further insights, since we have posted the questions the last time. A member of [email protected]

Re: [9] RFR: 8076486: javax/security/auth/Subject/doAs/NestedActions.java fails if extra VM options are given

Hi Max, It works fine if a sting starts with a whitespace. It looks like that jtreg removes whitespaces. Here is a command to run the test, and a piece of jtr file: ${JAVA_HOME}/bin/java -jar /home/artem/tools/jtreg/4.1/lib/jtreg.jar -a -v -testjdk ${JAVA_HOME} -javaoptions:" -XX:+UseG1G

Re: [9] request for review 8079129: NullPointerException in PKCS#12 Keystore in PKCS12KeyStore.java

Good. Thanks Max On 5/5/2015 11:17 PM, Vincent Ryan wrote: FYI updated webrev at: http://cr.openjdk.java.net/~vinnie/8079129/webrev.01/ On 5 May 2015, at 15:53, Vincent Ryan mailto:[email protected]>> wrote: I’ll skip the initialization. Thanks. On 5 May 2015, at 15:52, Weijun Wa

Re: [9] request for review 8079129: NullPointerException in PKCS#12 Keystore in PKCS12KeyStore.java

FYI updated webrev at: http://cr.openjdk.java.net/~vinnie/8079129/webrev.01/ > On 5 May 2015, at 15:53, Vincent Ryan wrote: > > I’ll skip the initialization. > Thanks. > > >> On 5 May 2015, at 15:52, Weijun Wang wrote: >> >> That's

Re: [9] request for review 8079129: NullPointerException in PKCS#12 Keystore in PKCS12KeyStore.java

That's good, but there is no need to assign null in Certificate[] certs = null; Or, maybe you can add "if (certs != null)" around the loop, but you might not like an extra indentation. --Max On 5/5/2015 10:44 PM, Vincent Ryan wrote: OK. How about this? --- a/src/java.base/share/clas

Re: [9] request for review 8079129: NullPointerException in PKCS#12 Keystore in PKCS12KeyStore.java

I’ll skip the initialization. Thanks. > On 5 May 2015, at 15:52, Weijun Wang wrote: > > That's good, but there is no need to assign null in > > Certificate[] certs = null; > > Or, maybe you can add "if (certs != null)" around the loop, but you might not > like an extra indentation. >

Re: [9] request for review 8079129: NullPointerException in PKCS#12 Keystore in PKCS12KeyStore.java

OK. How about this? --- a/src/java.base/share/classes/sun/security/pkcs12/PKCS12KeyStore.java +++ b/src/java.base/share/classes/sun/security/pkcs12/PKCS12KeyStore.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2015,

Re: [9] request for review 8079129: NullPointerException in PKCS#12 Keystore in PKCS12KeyStore.java

Anyway it looks redundant and error-prone to maintain the length of an array in a separate variable. --Max On 5/5/2015 8:32 PM, Vincent Ryan wrote: Replacing the for loop below with a for-each loop on certs would be fine except that certs can be null. I could initialize certs with an empty ar

Re: [9] request for review 8079129: NullPointerException in PKCS#12 Keystore in PKCS12KeyStore.java

Replacing the for loop below with a for-each loop on certs would be fine except that certs can be null. I could initialize certs with an empty array on each iteration of the outer loop but it doesn’t seem to gain much overall. > On 4 May 2015, at 13:10, Weijun Wang wrote: > > 1662