Hi,
Please review the latest webrev at:
http://cr.openjdk.java.net/~jjiang/8179614/webrev.09/
This test has been updated significantly. It removes useless case
combinations, and generates reports in HTML. For more details, please
look through the test summary.
Best regards,
John Jiang
On 13/
Tony,
I think we should log a JDK 8u bug for this issue if one doesn't already
exist. If the buggy SigAlgName was allowed in 8u updates already, then
it should be continued to be allowed for compatibility reasons IMO.
There might be time to revert that change in 8u152.
For 9, then maybe we c
> On Jul 14, 2017, at 7:00 PM, Sean Mullan wrote:
>
> I think we should add a Release Note to 8182879 indicating that keytool now
> emits a warning for JKS/JCEKS keystores.
>
https://bugs.openjdk.java.net/browse/JDK-8184671 filed. Please take a review.
"When keytool is operating on a JKS or
Finally getting back to reviewing this update. A few comments:
SignatureFileVerifier.java:
729 debug.println("getTimeStamp caught: "+e);
Can you add a more descriptive message here, like: "Exception processing
timestamp, code will be treated as signed, but not timestamped:
All comments accepted. I’ll update my webrev next month. :-)
No comment on real code change?
--Max
> On Jul 14, 2017, at 11:20 PM, Sean Mullan wrote:
>
> Finally getting back to reviewing this update. A few comments:
>
> SignatureFileVerifier.java:
>
> 729 debug.println(
On 7/14/17 11:12 AM, Weijun Wang wrote:
On Jul 14, 2017, at 7:00 PM, Sean Mullan wrote:
I think we should add a Release Note to 8182879 indicating that keytool now
emits a warning for JKS/JCEKS keystores.
https://bugs.openjdk.java.net/browse/JDK-8184671 filed. Please take a review.
"When
Hi,
after the discussion in thread
http://mail.openjdk.java.net/pipermail/security-dev/2017-July/016068.html,
please review my proposed change:
Bug: https://bugs.openjdk.java.net/browse/JDK-8184673
Change:
diff -r 76fca9438ee9 -r 9c2438e0a823
src/java.base/share/classes/sun/security/provider/
Hi Sean(s), Tony,
I have created the bug https://bugs.openjdk.java.net/browse/JDK-8184673 and
posted a change to revert the sigAlgName check. You had indicated that it
should be ok to do this for JDK9 and 10 as well, so no behavioral change has to
be documented.
If you give the ok, I would pus
On 07/14/2017 08:37 AM, Langer, Christoph wrote:
Hi,
after the discussion in thread
http://mail.openjdk.java.net/pipermail/security-dev/2017-July/016068.html,
please review my proposed change:
Bug: https://bugs.openjdk.java.net/browse/JDK-8184673
Change:
*diff -r 76fca9438ee9 -r 9c2438e0a8
It would be nice to write a regression test for this, but I suspect it
is quite a bit of work or not practical. Please consider it, or add an
appropriate noreg label to the bug.
--Sean
On 7/14/17 12:56 PM, Anthony Scarpino wrote:
On 07/14/2017 08:37 AM, Langer, Christoph wrote:
Hi,
after th
I'm working on a test so we avoid this in the future.
Tony
On 07/14/2017 11:05 AM, Sean Mullan wrote:
It would be nice to write a regression test for this, but I suspect it
is quite a bit of work or not practical. Please consider it, or add an
appropriate noreg label to the bug.
--Sean
On 7
Hi Tony
> > ---
> a/src/java.base/share/classes/sun/security/provider/certpath/AlgorithmChe
> cker.java
> > Thu Jul 13 13:42:39 2017 +0200
> > +++
> b/src/java.base/share/classes/sun/security/provider/certpath/AlgorithmCh
> ecker.java
> > Fri Jul 14 17:35:36 2017 +0200
> >
> > @@ -270,7 +270,7 @@
Hi,
> From: Anthony Scarpino [mailto:anthony.scarp...@oracle.com]
> I'm working on a test so we avoid this in the future.
OK, so, shall I submit the fix and you do the test in a separate issue? Or
shall I wait and let you do it altogether?
With my limited expertise in the security area, I woul
13 matches
Mail list logo
