Re: RFR 8217375: jarsigner breaks old signature with long lines in manifest

https://cr.openjdk.java.net/~weijun/8217375/webrev.02 uploaded. There are still several trailing spaces and I've removed them. I just ran a test job: SignTwice.java failed on Windows with `failed to clean up files after test`. Most likely a file is not closed. The src change looks good. In fact

Re: Change in behaviour of SSLSessionContext APIs in recent Java 13 EA versions

Hi Session ids can change due to the way the way stateless operates in the RFCs, particularly if a client doesn’t provide a session Id during resumption. I can take a look at your test and let you know what I find. Thanks Tony > On Jun 30, 2019, at 10:38 PM, Jaikiran Pai wrote: > > It loo

RE: [11u]: RFR: Backport of 8215694: keytool cannot generate RSASSA-PSS certificates

Hi Paul, thanks for your review. > In CertAndKeyGen.java, does generate() need a throws declaration? It doesn't. IllegalArgumentException is a RuntimeException and as such doesn't need a throws declaration. And InvalidKeyException is obviously not needed and was removed in the original changes

Request for Review [14] JDK-8226976, SessionTimeOutTests uses == operator for String value check

Hi, In the following test case, "==" is used to compare two strings. As is not a comment coding convention. I would like to use "equals()" method instead. Thanks, Xuelei $ hg diff test/jdk/javax/net/ssl/SSLSession/SessionTimeOutTests.java diff -r 73f1c84ca264 test/jdk/javax/net/ssl/SSLSe

Re: Request for Review [14] JDK-8226976, SessionTimeOutTests uses == operator for String value check

Hi Xuelei, There was already an RFR post for this from Jaikiran: https://mail.openjdk.java.net/pipermail/security-dev/2019-June/020307.html --Sean On 7/1/19 12:33 PM, Xuelei Fan wrote: Hi, In the following test case, "==" is used to compare two strings.  As is not a comment coding convent

Re: Request for Review [14] JDK-8226976, SessionTimeOutTests uses == operator for String value check

Oops, I'm triage new bugs and missed that thread. Thanks for the remind. I will review Jaikiran's thread. Thanks, Xuelei On 7/1/2019 9:42 AM, Sean Mullan wrote: Hi Xuelei, There was already an RFR post for this from Jaikiran: https://mail.openjdk.java.net/pipermail/security-dev/2019-June/0

Re: [PATCH] JDK-8226976 - SessionTimeOutTests uses == operator for String value check

Hi Jaikiran, Would you mind update the copyright date to 2019? Otherwise, looks good to me. Thanks, Xuelei On 6/29/2019 6:03 AM, Jaikiran Pai wrote: While investigating a potential regression in JDK 13+, I happened to use the test/jdk/javax/net/ssl/SSLSession/SessionTimeOutTests.java. This

Re: Change in behaviour of SSLSessionContext APIs in recent Java 13 EA versions

Hi, You are correct this behavior is a result of stateless resumption. The stateless servers does not keep session state information and is currently opt-out. The system property 'jdk.tls.server.enableSessionTicketExtension' set to false will return the server to stateful. The client side

Re: Request for Review [14] JDK-8226976, SessionTimeOutTests uses == operator for String value check

Also the `is*` prefix would point to a boolean, that’s maybe a cleaner data type than a case sensitive string? -- http://bernd.eckenfels.net Von: security-dev im Auftrag von Xuelei Fan Gesendet: Montag, Juli 1, 2019 6:44 PM An: security-dev@openjdk.java.net B

Re: Request for Review [14] JDK-8226976, SessionTimeOutTests uses == operator for String value check

On 7/1/2019 10:51 AM, Bernd Eckenfels wrote: Also the `is*` prefix would point to a boolean, that’s maybe a cleaner data type than a case sensitive string? I agreed. The "isTimedout" is also used to for strings other than "YES"/"No". I don't think it is a good code convention. isTimedou

Re: [PATCH] JDK-8226976 - SessionTimeOutTests uses == operator for String value check

Thank you Xuelei. Here's the updated webrev http://cr.openjdk.java.net/~jpai/webrev/8226976/01/webrev/. Updated the copyright year and also added you as the reviewer, in the commit log message. -Jaikiran On 01/07/19 10:17 PM, Xuelei Fan wrote: > Hi Jaikiran, > > Would you mind update the copyrigh

RFR 8225687: Newly added sspi.cpp in JDK-6722928 still contains some small errors

Please take a review at http://cr.openjdk.java.net/~weijun/8225687/webrev.00/ Most changes are around const usage in gssapi.h. Note that this is internal so the change could only prevent any coding error and will not be visible outside JDK. Other changes are inside gss_import_name(), gss_co

Re: Change in behaviour of SSLSessionContext APIs in recent Java 13 EA versions

Hello Tony, On 01/07/19 10:28 PM, Anthony Scarpino wrote: > Hi, > > You are correct this behavior is a result of stateless resumption.  > The stateless servers does not keep session state information and is > currently opt-out.  Thank you for looking into this and providing the details. > The

[13] RFR 8225687: Newly added sspi.cpp in JDK-6722928 still contains some small errors

"[13]" added to the subject. > On Jul 2, 2019, at 10:22 AM, Weijun Wang wrote: > > Please take a review at > > http://cr.openjdk.java.net/~weijun/8225687/webrev.00/ > > Most changes are around const usage in gssapi.h. Note that this is internal > so the change could only prevent any coding

[13] RFR 8227061: KDC.java test behaves incorrectly when AS-REQ contains a PAData not PA-ENC-TS-ENC

Please take a review at http://cr.openjdk.java.net/~weijun/8227061/webrev.00/ The test now iterates through all incoming PA-DATA and find out PA-ENC-TS-ENC. noteg-self. Thanks, Max

[13] RFR 8226719: Kerberos login to Windows 2000 failed with "Inappropriate type of checksum in message"

Please take a review at http://cr.openjdk.java.net/~weijun/8226719/webrev.00/ This happens when authenticating to a Windows 2000 Server using DES encryption type. The PA_REQ_ENC_PA_REP in the reply is using RsaMd5CksumType but it is treated unsafe and rejected. Here, unsafe means un-keyed. Wh

Re: [PATCH] JDK-8226976 - SessionTimeOutTests uses == operator for String value check

On 02/07/19 7:35 AM, Jaikiran Pai wrote: > Thank you Xuelei. Here's the updated webrev > http://cr.openjdk.java.net/~jpai/webrev/8226976/01/webrev/. - * Copyright (c) 2001, 2017, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2001, 2017, 2019 Oracle and/or its affiliates. Al

Re: Request for Review [14] JDK-8226976, SessionTimeOutTests uses == operator for String value check

Hi Xuelei, Bernd, On 01/07/19 11:31 PM, Xuelei Fan wrote: > On 7/1/2019 10:51 AM, Bernd Eckenfels wrote: >> Also the `is*` prefix would point to a boolean, that’s maybe a >> cleaner data type than a case sensitive string? >> > I agreed.  The "isTimedout" is also used to for strings other than > "Y

Re: [PATCH] JDK-8226976 - SessionTimeOutTests uses == operator for String value check

The copyright date format is similar to “.. 2001, 2019, ..”. Xuelei > On Jul 1, 2019, at 10:22 PM, Jaikiran Pai wrote: > > >> On 02/07/19 7:35 AM, Jaikiran Pai wrote: >> Thank you Xuelei. Here's the updated webrev >> http://cr.openjdk.java.net/~jpai/webrev/8226976/01/webrev/. > - * Copyright (

Re: Request for Review [14] JDK-8226976, SessionTimeOutTests uses == operator for String value check

> On Jul 1, 2019, at 10:28 PM, Jaikiran Pai wrote: > > Hi Xuelei, Bernd, > >> On 01/07/19 11:31 PM, Xuelei Fan wrote: >>> On 7/1/2019 10:51 AM, Bernd Eckenfels wrote: >>> Also the `is*` prefix would point to a boolean, that’s maybe a >>> cleaner data type than a case sensitive string? >>> >>

Re: [PATCH] JDK-8226976 - SessionTimeOutTests uses == operator for String value check

Done. Here's the updated webrev http://cr.openjdk.java.net/~jpai/webrev/8226976/02/webrev/ -Jaikiran On 02/07/19 11:03 AM, Xuelei Fan wrote: > The copyright date format is similar to “.. 2001, 2019, ..”. > > Xuelei > > On Jul 1, 2019, at 10:22 PM, Jaikiran Pai >