Re: RFR 8130302: jarsigner and keytool -providerClass needs be re-examined for modules

2016-02-22 Thread Mandy Chung
> On Feb 22, 2016, at 7:28 PM, Wang Weijun wrote: > > Webrev updated at http://cr.openjdk.java.net/~weijun/8130302/webrev.03/. > > -provider and loadProviderByName() are useless for jdk9/dev, and > loadProviderByClass() only uses reflection. > I reviewed the provider loading part and looks g

Re: RFR 8130302: jarsigner and keytool -providerClass needs be re-examined for modules

2016-02-22 Thread Wang Weijun
Webrev updated at http://cr.openjdk.java.net/~weijun/8130302/webrev.03/. -provider and loadProviderByName() are useless for jdk9/dev, and loadProviderByClass() only uses reflection. The SunPKCS11 compatibility line will be add in a sub-patch for jake. --Max > On Feb 23, 2016, at 10:25 AM, Wan

Re: RFR 8130302: jarsigner and keytool -providerClass needs be re-examined for modules

2016-02-22 Thread Wang Weijun
>> >> You mean not supporting all pre-loaded providers in modules, but only one or >> two popular ones? >> > > I meant not support -providerClass for arbitrary providers loaded via service > loader. The only exception is SunPKCS11. In other words, -providerClass can > only be used to load l

Re: RFR 8130302: jarsigner and keytool -providerClass needs be re-examined for modules

2016-02-22 Thread Mandy Chung
> On Feb 22, 2016, at 5:55 PM, Wang Weijun wrote: > 303 // A provider in module can also be use class name 304 if (p.getClass().getName().equals(provClass)) { ProviderConfig::getProvider doesn’t compare the classname. I thought we agree to

Re: RFR 8130302: jarsigner and keytool -providerClass needs be re-examined for modules

2016-02-22 Thread Wang Weijun
>>> >>> 303 // A provider in module can also be use class name >>> 304 if (p.getClass().getName().equals(provClass)) { >>> >>> ProviderConfig::getProvider doesn’t compare the classname. I thought we >>> agree to discourage the use of -providerClass to load a provider and

Re: RFR: JDK-8145854 SSLContextImpl.statusResponseManager should be generated if required

2016-02-22 Thread Jamil Nimeh
Hmmm, that's a good point. Let me look into lazy initialization and see if I can come up with something reasonable. --Jamil On 02/22/2016 04:20 PM, Xuelei Fan wrote: Hi Jamil, A comment for safe and robust. Suppose in the future, JDK enables OSCP stapling in server side by default jdk.t

Re: RFR: JDK-8145854 SSLContextImpl.statusResponseManager should be generated if required

2016-02-22 Thread Xuelei Fan
Hi Jamil, A comment for safe and robust. Suppose in the future, JDK enables OSCP stapling in server side by default jdk.tls.server.enableStatusRequestExtension = true the following code might be not ideal in practice: SSLContextImpl.java 87 if (serverEnableStapling) { 88 statusRe

Re: RFR 8130302: jarsigner and keytool -providerClass needs be re-examined for modules

2016-02-22 Thread Mandy Chung
> On Feb 21, 2016, at 1:45 AM, Wang Weijun wrote: > > >> On Feb 20, 2016, at 4:01 AM, Mandy Chung wrote: >> >> >>> On Feb 19, 2016, at 2:47 AM, Wang Weijun wrote: >>> >>> Updated at the same URL >>> >>> http://cr.openjdk.java.net/~weijun/8130302/webrev.01 >>> >>> The help looks like this