Re: RFR 8044085: Access ExtendedGSSContext.inquireSecContext() result through SASL

2014-07-09 Thread Wang Weijun
On Jul 8, 2014, at 2:00, Sean Mullan wrote: > Looks good, just one comment in GssKrb5Base - I would change > getNegotiatedProperty to call the superclass method first, and then if that > returns null, check for the gss inquiretype properties. This way you don't > check for IllegalStateExc twi

Re: RFR 8043071: Expose session key and KRB_CRED through extended GSS-API

2014-07-09 Thread Wang Weijun
On Jul 9, 2014, at 3:21, Sean Mullan wrote: > Hi Max, > > Here are my comments: > > * KerberosKey > > 37: Did you mean to use @link instead of @see? Yes. > > - several methods are now defined to throw IllegalStateExc, but you (perhaps > accidentally) removed the code that does that (ex: g

Re: RFR 8044085: Access ExtendedGSSContext.inquireSecContext() result through SASL

2014-07-09 Thread Sean Mullan
On 07/09/2014 04:31 AM, Wang Weijun wrote: On Jul 8, 2014, at 2:00, Sean Mullan wrote: Looks good, just one comment in GssKrb5Base - I would change getNegotiatedProperty to call the superclass method first, and then if that returns null, check for the gss inquiretype properties. This way you

Re: RFR 8044085: Access ExtendedGSSContext.inquireSecContext() result through SASL

2014-07-09 Thread Wang Weijun
On Jul 9, 2014, at 20:00, Sean Mullan wrote: >>> Looks good, just one comment in GssKrb5Base - I would change >>> getNegotiatedProperty to call the superclass method first, and then >>> if that returns null, check for the gss inquiretype properties. >>> This way you don't check for IllegalStateE

Re: RFR 8049480: Current versions of Java can't verify jars signed and timestamped with Java 9

2014-07-09 Thread Sean Mullan
On 07/09/2014 12:31 AM, Wang Weijun wrote: Webrev updated at http://cr.openjdk.java.net/~weijun/8049480/webrev.01/. Looks good to me. --Sean

Re: RFR 8043071: Expose session key and KRB_CRED through extended GSS-API

2014-07-09 Thread Sean Mullan
On 07/09/2014 05:29 AM, Wang Weijun wrote: On Jul 9, 2014, at 3:21, Sean Mullan wrote: - several methods are now defined to throw IllegalStateExc, but you (perhaps accidentally) removed the code that does that (ex: getKeyType). That's because KeyImpl.getKeyType() already throws it. I mentio

Re: RFR 8044085: Access ExtendedGSSContext.inquireSecContext() result through SASL

2014-07-09 Thread Sean Mullan
On 07/09/2014 10:02 AM, Wang Weijun wrote: On Jul 9, 2014, at 20:00, Sean Mullan wrote: Looks good, just one comment in GssKrb5Base - I would change getNegotiatedProperty to call the superclass method first, and then if that returns null, check for the gss inquiretype properties. This way you

Re: RFR 8043071: Expose session key and KRB_CRED through extended GSS-API

2014-07-09 Thread Wang Weijun
Updated webrev at http://cr.openjdk.java.net/~weijun/8043071/webrev.01/ All your suggestions accepted, plus - New test on new classes added into KerberosHashEqualsTest.java - A duplicate test/sun/security/krb5/auto/KerberosHashEqualsTest.java removed - I don't know why KerberosKey allows a