Hi Michael
Please review the code change at
http://cr.openjdk.java.net/~weijun/8055901/webrev.00/
With this change, the policy tool can generate a file like
grant {
permission jdk.net.NetworkPermission setOption.SO_FLOW_SLA;
};
Please confirm the grammar is correct.
BTW, I also add some
New webrevs available at
http://cr.openjdk.java.net/~weijun/8055723/client/webrev.01/
http://cr.openjdk.java.net/~weijun/8055723/core/webrev.01/
There are only 2 now. Everything non-client is in core.
Everyone, please do code review quickly because the patch touches too many
files and
Change looks good.
Thanks
Max
On Aug 26, 2014, at 12:36, mala bankal mala.ban...@oracle.com wrote:
HI Max,
Request your review for backport of bug# JDK-7197159 : accept different kvno
if there no match , to 7u-dev
webrev :
http://cr.openjdk.java.net/~mbankal/7197159/webrev.00/
On Aug 13, 2014, at 23:31, mark.reinh...@oracle.com wrote:
2014/8/13 7:20 -0700, alan.bate...@oracle.com:
The usual thing is to just have a default implementation that is used
when ServiceLoader doesn't locate a useful provider. You'll find many
examples of this in the JDK. In those cases
, 2014 at 10:55 PM, Wang Weijun weijun.w...@oracle.com wrote:
Hi Otávio
I see TABs in the first page of sun_security.diff, too long line in
javax_security.diff.
Also, it's unfortunate that you will need to rename the file names to the new
style with modules. See
http://cr.openjdk.java.net
On Aug 21, 2014, at 21:18, Andrej Golovnin andrej.golov...@gmail.com wrote:
https://bugs.openjdk.java.net/browse/JDK-8038277
This is not the right bug report. The subject of this bug report is Improve
the bootstrap performance of carets keystore.
Oh, my mistake, it should be
I also see a lot of .toString() and String.valueOf() calls.
$ cat string_concat_updated.patch | perl -ne 'print if /^\+
.*append.*(String\.valueOf|\.toString\(\))/' | wc
62 2104626
Wrapped lines not indented correctly in
Code change looks fine, but you will need to translate the file path to new
module style.
There are also 2 useless imports:
import java.util.LinkedList;
import java.security.AccessController;
--Max
On Aug 22, 2014, at 9:12, Jamil Nimeh jamil.j.ni...@oracle.com wrote:
One more update, with
Hi Jamil
Code change looks fine.
Two small nits:
1. Why is Method reqMethod; method level? Can it be a local variable inside
the loop?
2. The spec of new method
893 * ... This method will first
894 * try to match the method by both name and parameter
Please review the fix at
http://cr.openjdk.java.net/~weijun/8055373/webrev.00/
Just a typo. I have no idea how I wrote that wrong class name.
Thanks
Max
Hi Otávio
I see TABs in the first page of sun_security.diff, too long line in
javax_security.diff.
Also, it's unfortunate that you will need to rename the file names to the new
style with modules. See
http://cr.openjdk.java.net/~chegar/docs/portingScript.html for how to do this.
I can create
I don't find it helpful.
Each time I come back reading the codes, I think I understand it a little more.
So maybe I can finally assert the correctness now. But I still think the code
is not easily readable. It will be nice if you reorganize the lines.
--Max
On Aug 20, 2014, at 10:35, zaiyao
Please review the fix for the same bug for jdk8u-dev:
http://cr.openjdk.java.net/~weijun/8054817/8u/webrev.00/
We don't have sun.misc.VM.getuid() in jdk8 so the fix is even simpler. The test
is identical though.
Thanks
Max
On Aug 11, 2014, at 22:14, Wang Weijun weijun.w...@oracle.com wrote
Hi Kevin
I tried to read the new test. TestMDChange and TestMDShare are OK, but I am
confused on what testDigestOnOff is doing. Can you add some comments there?
Thanks
Max
On Aug 18, 2014, at 14:35, zaiyao liu zaiyao@oracle.com wrote:
Hi Brad,
Can you help to review this new test for
We don't write @bug JDK-8048052. Should be @bug 8048052.
--Max
On Jul 28, 2014, at 17:04, FELIX YANG felix.y...@oracle.com wrote:
Please review a new test to setFactory permission. It is to address that
setFactory permission is required or not as expected in a series of
classes/methods
912 return modClass.getMethod(methodName, parameters);
It would be better to call LoginModule.class.getMethod().
Also, do you want to add a test case that includes a good login() method but
the class not extending LoginModule? This would show our fallback still works.
Thanks
Max
On Aug 13, 2014, at 22:11, Bernd Eckenfels e...@zusammenkunft.net wrote:
Just a BTW: It would be really cool to have a SPI interface for that, so
people who need SRP, CCM or shared secret handshakes (or stuff like NPN?)
don't need to use a third party SSL engine.
Are they all ciphersuites
On Aug 14, 2014, at 16:03, Alan Bateman alan.bate...@oracle.com wrote:
Or writing the class name in a services file automatically exports it as a
service?
Now my preferred order will be
if (loadProviderFromProperty())
return provider;
if
Hi All
I'm working on 8038089: TLS optional support for Kerberos cipher suites needs
to be re-examine which will separate the implementation of Kerberos-related
TLS ciphersuites from the other TLS codes. I am thinking of defining a
ServiceLoader interface called ExternalCipherSuiteProvider
Yes, I see a lot of places using
if (loadProviderFromProperty())
return provider;
if (loadProviderAsService())
return provider;
The 1st using Class.forName() and 2nd ServiceLoader.load().
I was thinking that the 1st method will not work because Class.forName() on an
No TAB, no \r, and no trailing space are hard requirements enforced by jcheck.
Otherwise it's only styles, including 4-space-indentation. { at the end of a
line, 8-space wrap indentation...
--Max (an Oracle dev)
On Aug 12, 2014, at 15:48, Andrej Golovnin andrej.golov...@gmail.com wrote:
As
'\' can be written as '':
com_sun.diff:209:+sb.append('
').append(nodeName).append(=\).append(att.getNodeValue()).append('\');
java_lang.diff:31:+ sb.append('\').append(getThreadName()).append('\')
java_security.diff:78:+.append('\');
Please review the fix at
http://cr.openjdk.java.net/~weijun/8054817/webrev.00
since we have a new getuid() now for all Unix systems.
It does return -1 on Windows, but I keep the osname.startsWith(Windows) check
to be exactly consistent with the current behavior. getuid() might return
Please review the code change at
http://cr.openjdk.java.net/~weijun/8052412/webrev.00
The original code queries DNS server every time the getKDCList() method is
called. On the other hand, if the KDC info is written inside a krb5.conf file,
it is never re-read (or for each login when the
.
Thanks
Max
On Jul 21, 2014, at 16:22, Wang Weijun weijun.w...@oracle.com wrote:
Please review the updated webrev at
http://cr.openjdk.java.net/~weijun/8038089/webrev.01
Some comment changes. Some arguments rearrangement between classes.
The interface is still in sun.security.ssl
On Aug 1, 2014, at 16:27, Xuelei Fan xuelei@oracle.com wrote:
On 8/1/2014 12:53 PM, Wang Weijun wrote:
On Jul 31, 2014, at 10:15, Xuelei Fan xuelei@oracle.com wrote:
The server side now only enables TLS_RSA_WITH_AES_128_CBC_SHA256. If other
protocols are enabled,
Oh, typo. I
Hi Michael
We've recently fixed a bug where the principal name in ccache has no realm:
http://bugs.openjdk.java.net/browse/JDK-8048073
8048073: Cannot read ccache entry with a realm-less service name
Is this the same one? If not, can you send me a copy of your ccache?
Thanks
Max
On Jul
On Jul 31, 2014, at 10:15, Xuelei Fan xuelei@oracle.com wrote:
The server side now only enables TLS_RSA_WITH_AES_128_CBC_SHA256. If other
protocols are enabled,
Oh, typo. I meant to ask: If other cipher suites are enabled, what will be the
difference?
--Max
what will be the
The fix looks harmless, but I don't understand the test. What happens if
SSLv2Hello is filtered out?
--Max
On Jul 30, 2014, at 20:56, Xuelei Fan xuelei@oracle.com wrote:
Hi,
Please review this fix for JDK-8052406:
Webrev: http://cr.openjdk.java.net/~xuelei/8052406/webrev.00/
JBS:
On Jul 31, 2014, at 8:54, Xuelei Fan xuelei@oracle.com wrote:
On 7/31/2014 8:14 AM, Wang Weijun wrote:
The fix looks harmless, but I don't understand the test. What happens if
SSLv2Hello is filtered out?
If SSLv2Hello is filtered out, this side would not support SSLv2Hello
any more
I guess we can cache the result and remove invalid ones, and probably requery
when all are removed.
https://bugs.openjdk.java.net/browse/JDK-8052412 filed.
You said you are having double numbers of KDCs now, so I guess the DNS response
could also double. How come the time spent change from
Please review the problem list change at
http://cr.openjdk.java.net/~weijun/8052999/webrev.00/
Looks like the same test on two lines with different platform labels does not
work. Now combined.
Should this be a noreg-cleanup?
--Max
I decide to further investigate why the 2-line version does not work. Webrev
withdrawn.
--Max
On Jul 29, 2014, at 23:13, Wang Weijun weijun.w...@oracle.com wrote:
Please review the problem list change at
http://cr.openjdk.java.net/~weijun/8052999/webrev.00/
Looks like the same test
It seems jtharness just doesn't support one test on two lines. Please review
the same webrev at
http://cr.openjdk.java.net/~weijun/8052999/webrev.00/
Thanks
Max
On Jul 29, 2014, at 23:29, Wang Weijun weijun.w...@oracle.com wrote:
I decide to further investigate why the 2-line version does
On 2014-07-28 03:44, Wang Weijun wrote:
Webrev updated at
http://cr.openjdk.java.net/~weijun/6997010/webrev.01/
New test CheckSecurityProvider.java, and updates to
MakeJavaSecurity.addPackages().
Thanks
Max
On Jul 25, 2014, at 22:44, Wang Weijun
weijun.w...@oracle.com
Is it possible to specify the kdc for the realm inside krb5.conf? Java only use
DNS to get kdc when it cannot read one from krb5.conf.
--Max
On Jul 28, 2014, at 21:16, Michael Osipov 1983-01...@gmx.net wrote:
Hi folks,
I am experiencing a performance degregation when JGSS tries to locate a
I understand your problem. Will see what we can do. When you say Wouldn't it
be possible to perform the lookup *once* and then issue all KDC request to the
KDC whis is working? do you mean the DNS query result could contain KDCs which
do not work? Is this common?
Guess there is no need for log
Webrev updated at
http://cr.openjdk.java.net/~weijun/6997010/webrev.01/
New test CheckSecurityProvider.java, and updates to
MakeJavaSecurity.addPackages().
Thanks
Max
On Jul 25, 2014, at 22:44, Wang Weijun weijun.w...@oracle.com wrote:
On Jul 25, 2014, at 22:30, Sean Mullan sean.mul
On Jul 25, 2014, at 19:20, Sean Mullan sean.mul...@oracle.com wrote:
On 07/24/2014 09:51 PM, Wang Weijun wrote:
Please review the code change at
http://cr.openjdk.java.net/~weijun/8051953/webrev.00/test/ProblemList.txt.udiff.html
which add one item into test/ProblemList.txt
On Jul 25, 2014, at 22:30, Sean Mullan sean.mul...@oracle.com wrote:
http://cr.openjdk.java.net/~weijun/6997010/webrev.00/
4. *IMPORTANT*: In order to easily maintain platform-related entries,
every line (including the last line) in package.access and
package.definition MUST end with ',\'
Code change looks fine. Thanks for taking care of this.
--Max
On Jul 24, 2014, at 16:54, mala bankal mala.ban...@oracle.com wrote:
Hi,
Request review for the direct backport of bug#8036709 from 9/8 to 7u-dev.
http://cr.openjdk.java.net/~mbankal/8036709/webrev.00/
JDK9 changeset :
Please review the code change at
http://cr.openjdk.java.net/~weijun/8051953/webrev.00/test/ProblemList.txt.udiff.html
which add one item into test/ProblemList.txt
+# 8051952: Unreachable.java test failing on Windows
+sun/security/krb5/auto/Unreachable.java
Please review the code change at
http://cr.openjdk.java.net/~weijun/6997010/webrev.00/
The fix consolidates java.security-platform files into one with #ifdef
directives.
There are several major changes:
1. Creation of file is moved from CopyFiles to GenerateData, since we are
really
to export the
interface from java.base to java.security.jgss.
Thanks
Max
On Jul 17, 2014, at 12:35, Xuelei Fan xuelei@oracle.com wrote:
On 7/16/2014 4:41 PM, Wang Weijun wrote:
Hi Xuelei
A *primitive* version of webrev available at
http://cr.openjdk.java.net/~weijun/8038089/webrev
Ping again.
On Jul 10, 2014, at 16:36, Wang Weijun weijun.w...@oracle.com wrote:
Hi All
Please review the code change at
http://cr.openjdk.java.net/~weijun/8049834/webrev.00/
These 2 tests do not run with only JRE because they are testing on jarsigner.
The weaksize.sh is simply
Ping again.
On Jul 8, 2014, at 10:12, Wang Weijun weijun.w...@oracle.com wrote:
Please review the code change at
http://cr.openjdk.java.net/~weijun/8048194/webrev.00
The original code goes on accepting the input mechToken even if it's of an
unsupported mech. It also mistakenly
? Otherwise, looks ok to me.
I copied a test nearby and modified it into the new test. Will fix.
Thanks
Max
--Sean
On 07/07/2014 10:12 PM, Wang Weijun wrote:
Please review the code change at
http://cr.openjdk.java.net/~weijun/8048194/webrev.00
The original code goes on accepting
Then I realized your mail comes in the same minute as my ping. Either you are
reviewing super fast or we happen to be writing on this thread at the same
time. Anyway, amazing.
--Max
On Jul 21, 2014, at 19:16, Wang Weijun weijun.w...@oracle.com wrote:
Oops, I didn't realized you've already
On Jul 21, 2014, at 20:11, Sean Mullan sean.mul...@oracle.com wrote:
This looks fine to me, but I was wondering why you needed to do this - are
there requirements to run some regression tests with just the JRE instead of
the full JDK?
The embedded team has the requirement. They've already
On Jul 21, 2014, at 20:24, Sean Mullan sean.mul...@oracle.com wrote:
On 07/21/2014 08:19 AM, Wang Weijun wrote:
On Jul 21, 2014, at 20:11, Sean Mullan sean.mul...@oracle.com wrote:
This looks fine to me, but I was wondering why you needed to do this - are
there requirements to run some
On Jul 21, 2014, at 23:09, Alan Bateman alan.bate...@oracle.com wrote:
On 21/07/2014 09:22, Wang Weijun wrote:
Please review the updated webrev at
http://cr.openjdk.java.net/~weijun/8038089/webrev.01
Some comment changes. Some arguments rearrangement between classes
On Jul 22, 2014, at 11:50, Alan Bateman alan.bate...@oracle.com wrote:
If it's the LogManager line then they can be removed too as it was missed by
an early change in JDK 9 where that dependency was removed.
# Residual references to java.beans.
# The RemoveMethods tool does not yet purge the
Please review the code changes at
http://cr.openjdk.java.net/~weijun/8051399/webrev.00/
A new class was introduced with the same name and build would show
error: reference to EncryptionKey is ambiguous
Thanks
Max
Where is the beast place to define this ServiceLoader interface? If not public,
how do I export it so that java.security.jgss knows it?
Thanks
Max
On Jul 17, 2014, at 12:35, Xuelei Fan xuelei@oracle.com wrote:
ExternalCipherSuite is the service interface and Krb5CipherSuite implements
Hi Xuelei
A *primitive* version of webrev available at
http://cr.openjdk.java.net/~weijun/8038089/webrev.00
Please confirm this is the way you like it.
ExternalCipherSuite is the service interface and Krb5CipherSuite implements it.
It's a modification of the old Krb5Proxy but I've moved as
Code change looks fine. I guess this belongs to the category of minor
clarification that does not need a CCC?
--Max
On Jul 16, 2014, at 4:59, Sean Mullan sean.mul...@oracle.com wrote:
Please review this simple fix to clarify the SignatureException thrown by
SignedObject.verify:
There is no permission needed to get the os.name property. The global
jre/lib/security/java.policy file also granted all codes to get that.
--Max
On Jul 15, 2014, at 23:27, Sean Mullan sean.mul...@oracle.com wrote:
2. The code on lines 65-69 introduces an undesirable dependency on
Updated webrev at
http://cr.openjdk.java.net/~weijun/8043071/webrev.01/
All your suggestions accepted, plus
- New test on new classes added into KerberosHashEqualsTest.java
- A duplicate test/sun/security/krb5/auto/KerberosHashEqualsTest.java removed
- I don't know why KerberosKey allows a
Hi All
Please review the code change at
http://cr.openjdk.java.net/~weijun/8049834/webrev.00/
These 2 tests do not run with only JRE because they are testing on jarsigner.
The weaksize.sh is simply moved to jarsigner, and default_options.sh broken
into 2 parts with the jarsigner part going
Please review the code change at
http://cr.openjdk.java.net/~weijun/8049936/webrev.00/
blacklisted.certs.pem was moved from src/ to make/ in JDK-8047765. The test
should also be updated.
Thanks
Max
On Jul 8, 2014, at 2:00, Sean Mullan sean.mul...@oracle.com wrote:
Looks good, just one comment in GssKrb5Base - I would change
getNegotiatedProperty to call the superclass method first, and then if that
returns null, check for the gss inquiretype properties. This way you don't
check for
it.
Thanks
Max
--Sean
On 07/04/2014 02:12 AM, Wang Weijun wrote:
Hi All
Please review the change at
http://cr.openjdk.java.net/~weijun/8043071/webrev.00/
Two new inquire type KRB5_GET_SESSION_KEY_EX and KRB5_GET_KRB_CRED are added
to get the session key (in a new format
On Jul 9, 2014, at 20:00, Sean Mullan sean.mul...@oracle.com wrote:
Looks good, just one comment in GssKrb5Base - I would change
getNegotiatedProperty to call the superclass method first, and then
if that returns null, check for the gss inquiretype properties.
This way you don't check for
On Jul 8, 2014, at 17:20, Michael-O 1983-01...@gmx.net wrote:
Hi Max,
are you going to backport this to Java 7?
I would be glad to do that. But now I still cannot find anyone code reviewing
it for JDK 9.
We are suffering from this on a regular basis because several KDCs are faulty
update if we considering the overall
system of Kerberos.
Xuelei
On 6/24/2014 4:17 PM, Wang Weijun wrote:
Hi All
Please review the code change at
http://cr.openjdk.java.net/~weijun/8014870/webrev.00/
Please review the jdk7u-only code change at
http://cr.openjdk.java.net/~weijun/8049480/webrev.00/
The reason is that the jdk7u version [1] of fix for JDK-8049480 is just a hack
and not as powerful as its jdk8 sibling [2] and now I'll have to apply the
jdk7u jar signature hack to timestamp
Webrev updated at phttp://cr.openjdk.java.net/~weijun/8049480/webrev.01/.
Thanks
Max
On Jul 9, 2014, at 0:45, Sean Mullan sean.mul...@oracle.com wrote:
On 07/08/2014 10:37 AM, Wang Weijun wrote:
Please review the jdk7u-only code change at
http://cr.openjdk.java.net/~weijun/8049480/webrev
one.
--Max
Xuelei
On 7/8/2014 10:37 PM, Wang Weijun wrote:
Please review the jdk7u-only code change at
http://cr.openjdk.java.net/~weijun/8049480/webrev.00/
The reason is that the jdk7u version [1] of fix for JDK-7180907 is just a
hack and not as powerful as its jdk8 sibling [2
Please review the code change at
http://cr.openjdk.java.net/~weijun/8048194/webrev.00
The original code goes on accepting the input mechToken even if it's of an
unsupported mech. It also mistakenly interprets the input token as a mech token
instead of a NegTokenTarg at the 2nd step.
Thanks
Hi All
Please review the change at
http://cr.openjdk.java.net/~weijun/8043071/webrev.00/
Two new inquire type KRB5_GET_SESSION_KEY_EX and KRB5_GET_KRB_CRED are added to
get the session key (in a new format) and the KRB_CRED message. Two new classes
are created as the types of their return
On Jul 2, 2014, at 15:02, Alan Bateman alan.bate...@oracle.com wrote:
Should blacklisted.certs.pem also move into the make tree? I think there has
been an effort to put data files that are used for generating something in
the build into the make tree. Someone from the build will probably
Hi All
Please review the code change at
http://cr.openjdk.java.net/~weijun/8044085/webrev.00
With this change, all existing (and future) InquireType values for
ExtendedGSSContext.inquireSecContext() are available to the SASL GSSAPI
mechanism as negotiated properties.
Code change is in
Please review the fix at
http://cr.openjdk.java.net/~weijun/8042053/webrev.00/
The Unix-style doc for security tools are in unix/ since JDK 8.
Thanks
Max
On Jul 2, 2014, at 15:02, Alan Bateman alan.bate...@oracle.com wrote:
On touch the tool then does this happen for other tools too? I assume it
does, in which case you could submit a build bug to improve this.
Yes, it does. https://bugs.openjdk.java.net/browse/JDK-8049024 filed.
--Max
On Jul 2, 2014, at 20:50, Sean Mullan sean.mul...@oracle.com wrote:
On 07/02/2014 01:02 AM, Wang Weijun wrote:
On Jul 2, 2014, at 12:48, David Holmes david.hol...@oracle.com wrote:
73 // Output sorted for eye pleasure.
?? eye pleasure
Well, it's easy for a human to locate
Hi All
Please review the fix at
http://cr.openjdk.java.net/~weijun/8047765/webrev.00/
where the generation of blacklisted.certs is moved from developer-manual to
build-auto. I copied the mechanisms from GENDATA_HTML32DTD.
One thing I am not sure about is that if I update the tool a little,
On Jul 2, 2014, at 12:48, David Holmes david.hol...@oracle.com wrote:
73 // Output sorted for eye pleasure.
?? eye pleasure
Well, it's easy for a human to locate one from a sorted output. Or maybe it's
because the old one is sorted and I don't want the new one looks ugly.
--Max
Hi Valerie
Please review a fix at
http://cr.openjdk.java.net/~weijun/8048511/webrev.00/
A static code analysis tool is not happy to see the minor variable not
initialized (if none of the ifs in lines 652-658 returns true) and used in the
checkStatus() function. Although we know in that
Please review the fix at
http://cr.openjdk.java.net/~weijun/8048073/webrev.00/
Running native krb5 could generate a ccache file like this
Valid starting ExpiresService principal
06/25/14 14:05:06 06/26/14 00:05:06 krbtgt/K1@K1
06/25/14 14:12:35 06/26/14 00:05:06
On Jun 25, 2014, at 17:05, Xuelei Fan xuelei@oracle.com wrote:
On 6/25/2014 4:48 PM, Wang Weijun wrote:
Please review the fix at
http://cr.openjdk.java.net/~weijun/8048073/webrev.00/
Looks fine to me. It would be nice to add more comment about why you
want to ignore the principal
Hi All
Please review the code change at
http://cr.openjdk.java.net/~weijun/8014870/webrev.00/
In Kerberos, when trying to request for a ticket, we tried multiple KDC servers
for multiple times. Before this fix, we connect to a server, wait for 30
seconds (the default kdc_timeout). If there
Ping again.
On Jun 12, 2014, at 14:07, Wang Weijun weijun.w...@oracle.com wrote:
Hi All
Please review the code change at
http://cr.openjdk.java.net/~weijun/7150092/webrev.00/
The problem is that in NTLM, the server might prompt for a domain name (in
Type 2 message), and the client
:
On 06/19/2014 01:39 AM, Wang Weijun wrote:
570 public Void run() throws Exception {
This can be declared to throw IOException, then you can change lines
586-591 to:
throw pe.getException();
You mean javac will be smart enough to find out that pe's cause can only
On Jun 19, 2014, at 0:17, Sean Mullan sean.mul...@oracle.com wrote:
Just a few comments on Config.java:
479 if (dups.contains(file)) {
480 throw new IOException(Profile path included more than once);
481 } else {
482 dups.add(file);
483 }
Hi All
Please review the code change at
http://cr.openjdk.java.net/~weijun/7150092/webrev.00/
The problem is that in NTLM, the server might prompt for a domain name (in Type
2 message), and the client can also provide one. Before this fix, if the two
are different, the client chooses the
Why
@@ -968,14 +963,10 @@
readOnly = gf.get(readOnly, false);
SetPrincipal inputPrincs = (SetPrincipal)gf.get(principals,
null);
// Rewrap the principals into a SecureSet
-if (inputPrincs == null) {
-throw new NullPointerException
-
Oh, I made the mistake again, on Solaris export ENV=var is not always correct.
Please review the code change at
http://cr.openjdk.java.net/~weijun/8046702/webrev.00/
The fix is as simple as
-START-
diff --git a/test/sun/security/tools/keytool/default_options.sh
On Jun 10, 2014, at 14:01, Xuelei Fan xuelei@oracle.com wrote:
On 6/10/2014 12:37 PM, Wang Weijun wrote:
On Jun 6, 2014, at 20:22, Xuelei Fan xuelei@oracle.com wrote:
src/share/classes/sun/security/tools/KeyStoreUtil.java
Hi Jamil
Sorry I've just read the webrev.
If you always throw an NPE after a collectionNullClean() call, isn't it simpler
to let the method throw the NPE?
Also, Objects.requireNonNull(o, msg) can be used in those if (o == null)
cases.
Thanks
Max
On Jun 10, 2014, at 23:32, Sean Mullan
Hi All
Please review the code change at
http://cr.openjdk.java.net/~weijun/8046499/webrev.00/
It simply removes all #ifdef DEBUG blocks. They are not really useful but the
output pollutes the stdout stream. We can use the sun.security.krb5.debug
system property if there are future debug
args: +
Define a new resource?
Same reason as above.
Thanks
Max
Otherwise, looks fine to me.
Thanks,
Xuelei
On 6/6/2014 3:27 PM, Wang Weijun wrote:
Please review the code changes in
http://cr.openjdk.java.net/~weijun/8023197/webrev.02
This enhancement allows you to put
Please review the code changes in
http://cr.openjdk.java.net/~weijun/8023197/webrev.02
This enhancement allows you to put frequently used keytool/jarsigner options
into a property file and use -conf to load it. Like this:
# A Pre-configured options file
keytool.all = -storepass:env PASS
Please review the fix at
http://cr.openjdk.java.net/~weijun/8044747/webrev.00
which is just a simple
-if [ -e $HOME/.java.policy ]; then
+if [ -f $HOME/.java.policy ]; then
I always forget that Solaris sh does not support test -e.
Thanks
Max
On Jun 4, 2014, at 16:26, Wang Weijun weijun.w...@oracle.com wrote:
Oh, I was just updating the webrev to
http://cr.openjdk.java.net/~weijun/8044755/webrev.01/
Are you OK with this 2nd version of webrev?
Thanks
Max
As we've just discussed offline, the reason the 2nd jarsigner call
Please review a new test at
http://cr.openjdk.java.net/~weijun/8044755/webrev.00/
It makes sure the CertPath validation check in jarsigner matches the algorithm
constraints check on key sizes.
Thanks
Max
files (a.jar, ks, etc) after a
testing.
Xuelei
On 6/4/2014 2:21 PM, Wang Weijun wrote:
Please review a new test at
http://cr.openjdk.java.net/~weijun/8044755/webrev.00/
It makes sure the CertPath validation check in jarsigner matches the
algorithm constraints check on key sizes
On Jun 4, 2014, at 16:20, Xuelei Fan xuelei@oracle.com wrote:
FYI, I'd like to remove the temporary files (a.jar, ks, etc) after a
testing.
Oh, my habit is to always keeping them so that if anything goes wrong there is
a chance to look at what's happening. Also, jtreg takes care of
Looks fine. Please remember to add a noreg-cleanup to JBS.
Thanks
Max
On Jun 4, 2014, at 17:38, Xuelei Fan xuelei@oracle.com wrote:
Hi,
Please review this code conversion cleanup update:
http://cr.openjdk.java.net/~xuelei/8044771/webrev.00/
Webrev toolkit ignore space update so
day_of_my_life() {
...
if (hour 9 hour 18)
goto work;
goto work;
time_to_play();
}
Thanks
Max
Xuelei
[1]: http://sim.ivi.co/2014/02/love-to-use-braces-even-for-single-line.html
On 5/29/2014 5:38 PM, Wang Weijun wrote:
New webrev at
http
New webrev at
http://cr.openjdk.java.net/~weijun/8036779/webrev.01/
The value can take the form of a bare non-negative integer in milliseconds, or
a non-negative integer followed by s (no space between) in seconds.
Thanks
Max
On May 19, 2014, at 21:49, Wang Weijun weijun.w...@oracle.com
501 - 600 of 669 matches
Mail list logo