Hi,
May I have this test update reviewed?
The javax/security/auth/callback/PasswordCallback/CheckCleanerBound.java test
case failed on one of the test setups. The test runs gc in a loop and expects
the GC to have garbage collected contents of a WeakHashMap. The loop runs for
10 iterations. So
On Wed, 27 Apr 2022 21:04:59 GMT, Weijun Wang wrote:
>> Changes requested by mullan (Reviewer).
>
> @seanjmullan Since we use symmetric keys to encrypt entries and add integrity
> check, should this enhancement cover them as well? For example, if a PKCS12
> keystore is created with `-J-Dkeystor
On Wed, 27 Apr 2022 19:35:04 GMT, Sean Mullan wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> SecretKeyConstraintsParameters subclass created and property description
>> updated
>
> Changes requested by mullan (Re
On Thu, 28 Apr 2022 01:34:19 GMT, Joe Darcy wrote:
>> To enable more complete doclint checking (courtesy @jonathan-gibbons),
>> please review this PR to add type-level @param tags where they are missing.
>>
>> To the maintainers of java.util.concurrent, those changes could be separated
>> out
On Thu, 28 Apr 2022 01:34:19 GMT, Joe Darcy wrote:
>> To enable more complete doclint checking (courtesy @jonathan-gibbons),
>> please review this PR to add type-level @param tags where they are missing.
>>
>> To the maintainers of java.util.concurrent, those changes could be separated
>> out
On Thu, 28 Apr 2022 07:01:25 GMT, Xue-Lei Andrew Fan wrote:
> Hi,
>
> May I have this test update reviewed?
>
> The javax/security/auth/callback/PasswordCallback/CheckCleanerBound.java test
> case failed on one of the test setups. The test runs gc in a loop and
> expects the GC to have garba
On Thu, 28 Apr 2022 07:01:25 GMT, Xue-Lei Andrew Fan wrote:
> Hi,
>
> May I have this test update reviewed?
>
> The javax/security/auth/callback/PasswordCallback/CheckCleanerBound.java test
> case failed on one of the test setups. The test runs gc in a loop and
> expects the GC to have garba
On Thu, 28 Apr 2022 07:01:25 GMT, Xue-Lei Andrew Fan wrote:
> Hi,
>
> May I have this test update reviewed?
>
> The javax/security/auth/callback/PasswordCallback/CheckCleanerBound.java test
> case failed on one of the test setups. The test runs gc in a loop and
> expects the GC to have garba
On Thu, 28 Apr 2022 12:19:35 GMT, Sean Mullan wrote:
>> Hi,
>>
>> May I have this test update reviewed?
>>
>> The javax/security/auth/callback/PasswordCallback/CheckCleanerBound.java
>> test case failed on one of the test setups. The test runs gc in a loop and
>> expects the GC to have garba
On Thu, 28 Apr 2022 06:46:35 GMT, Hai-May Chao wrote:
>> Please review these changes to add DES/3DES/MD5 to
>> `jdk.security.legacyAlgorithms` security property, and to add the legacy
>> algorithm constraint checking to `keytool` commands that are associated with
>> secret key entries stored i
On Wed, 27 Apr 2022 19:35:04 GMT, Sean Mullan wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> SecretKeyConstraintsParameters subclass created and property description
>> updated
>
> Changes requested by mullan (Re
We added a new system property back in
https://bugs.openjdk.java.net/browse/JDK-8153005 but it's better to describe it
in the `java.security` file as well.
Please review the text. I especially added the last sentence so that people
won't set `-Dkeystore.pkcs12.legacy=false`.
-
Com
On Wed, 27 Apr 2022 20:22:42 GMT, Mark Powers wrote:
>> JDK-6725221 is about obtaining boolean properties, so not an exact match.
>> The suggested change is so easy, I'm going to do it.
>
> sun.security.action.GetPropertyAction::privilegedGetProperty doesn't trim the
> return value. Could this
On Thu, 28 Apr 2022 02:33:49 GMT, Mark Powers wrote:
>> https://bugs.openjdk.java.net/browse/JDK-8285504
>>
>> JDK-8273046 is the umbrella bug for this bug. The changes were too large for
>> a single code review, so it was decided to split into smaller chunks. This
>> is one such chunk:
>>
>
On Thu, 28 Apr 2022 13:34:04 GMT, Roger Riggs wrote:
>> Hi,
>>
>> May I have this test update reviewed?
>>
>> The javax/security/auth/callback/PasswordCallback/CheckCleanerBound.java
>> test case failed on one of the test setups. The test runs gc in a loop and
>> expects the GC to have garba
On Thu, 28 Apr 2022 07:01:25 GMT, Xue-Lei Andrew Fan wrote:
> Hi,
>
> May I have this test update reviewed?
>
> The javax/security/auth/callback/PasswordCallback/CheckCleanerBound.java test
> case failed on one of the test setups. The test runs gc in a loop and
> expects the GC to have garba
On Thu, 28 Apr 2022 15:47:44 GMT, Weijun Wang wrote:
>> Mark Powers has updated the pull request with a new target base due to a
>> merge or a rebase. The incremental webrev excludes the unrelated changes
>> brought in by the merge/rebase. The pull request contains eight additional
>> commits
On Thu, 28 Apr 2022 02:33:49 GMT, Mark Powers wrote:
>> https://bugs.openjdk.java.net/browse/JDK-8285504
>>
>> JDK-8273046 is the umbrella bug for this bug. The changes were too large for
>> a single code review, so it was decided to split into smaller chunks. This
>> is one such chunk:
>>
>
On Thu, 28 Apr 2022 16:14:01 GMT, Bradford Wetmore wrote:
>> src/java.base/share/classes/javax/net/ssl/KeyManagerFactory.java line 70:
>>
>>> 68: String type;
>>> 69: type = GetPropertyAction.privilegedGetProperty(
>>> 70: "ssl.KeyManagerFactory.algorithm");
>>
>> So
On Thu, 28 Apr 2022 15:45:58 GMT, Weijun Wang wrote:
>> Mark Powers has updated the pull request with a new target base due to a
>> merge or a rebase. The incremental webrev excludes the unrelated changes
>> brought in by the merge/rebase. The pull request contains eight additional
>> commits
On Thu, 28 Apr 2022 16:22:43 GMT, Bradford Wetmore wrote:
>> src/java.base/share/classes/javax/net/ssl/SSLSocketFactory.java line 92:
>>
>>> 90: static String getSecurityProperty(final String name) {
>>> 91: return AccessController.doPrivileged((PrivilegedAction)
>>> () -> {
>>> 92:
On Thu, 28 Apr 2022 16:27:08 GMT, Bradford Wetmore wrote:
>> Just found the same. This needs to be reverted. You can set a Security
>> Property to an "empty" string which won't work here. Suggest you revert to
>> previous code, possibly using a lambda if that was the original intent.
>
> `Se
On Thu, 28 Apr 2022 08:08:37 GMT, Alan Bateman wrote:
>> Joe Darcy has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Respond to more review feedback.
>
> src/java.base/share/classes/java/nio/file/SecureDirectoryStream.java line 55:
>
>> 5
On Thu, 28 Apr 2022 06:46:35 GMT, Hai-May Chao wrote:
>> Please review these changes to add DES/3DES/MD5 to
>> `jdk.security.legacyAlgorithms` security property, and to add the legacy
>> algorithm constraint checking to `keytool` commands that are associated with
>> secret key entries stored i
> To enable more complete doclint checking (courtesy @jonathan-gibbons), please
> review this PR to add type-level @param tags where they are missing.
>
> To the maintainers of java.util.concurrent, those changes could be separated
> out in another bug if that would ease maintenance of that code
On Thu, 28 Apr 2022 08:10:38 GMT, Alan Bateman wrote:
>> Joe Darcy has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Respond to more review feedback.
>
> src/java.base/share/classes/java/nio/file/WatchEvent.java line 51:
>
>> 49: /**
On Wed, 27 Apr 2022 20:01:26 GMT, Sean Mullan wrote:
>> I don't see the ProviderException being mentioned?
>> Per the description under JDK-8209038, the requests are:
>> 1) describe the returned parameters following what's in Signature class,
>> i.e. if this object has been initialized with para
On Thu, 28 Apr 2022 16:58:40 GMT, Joe Darcy wrote:
>> To enable more complete doclint checking (courtesy @jonathan-gibbons),
>> please review this PR to add type-level @param tags where they are missing.
>>
>> To the maintainers of java.util.concurrent, those changes could be separated
>> out
On Thu, 28 Apr 2022 16:37:35 GMT, Mark Powers wrote:
>> `Security.getProperty()` does not specify the value will be `trim()`.
>
> My mistake. It's only the trim that you wanted removed, line 94.
No, the API for Security.getProperty doesn't specify trimming, so suggest
leaving the trim() part al
On Thu, 28 Apr 2022 16:58:40 GMT, Joe Darcy wrote:
>> To enable more complete doclint checking (courtesy @jonathan-gibbons),
>> please review this PR to add type-level @param tags where they are missing.
>>
>> To the maintainers of java.util.concurrent, those changes could be separated
>> out
On Thu, 28 Apr 2022 04:34:36 GMT, Xue-Lei Andrew Fan wrote:
>> Please review the update to remove finalizer method in the
>> java.security.jgss module. It is one of the efforts to clean up the use of
>> finalizer method in JDK.
>
> Xue-Lei Andrew Fan has updated the pull request incrementally w
On Thu, 28 Apr 2022 17:29:53 GMT, Bradford Wetmore wrote:
>> My mistake. It's only the trim that you wanted removed, line 94.
>
> No, the API for Security.getProperty doesn't specify trimming, so suggest
> leaving the trim() part also.
Okay. Line 94 is back.
-
PR: https://git.open
> To enable more complete doclint checking (courtesy @jonathan-gibbons), please
> review this PR to add type-level @param tags where they are missing.
>
> To the maintainers of java.util.concurrent, those changes could be separated
> out in another bug if that would ease maintenance of that code
On Tue, 26 Apr 2022 22:24:26 GMT, Joe Darcy wrote:
> To enable more complete doclint checking (courtesy @jonathan-gibbons), please
> review this PR to add type-level @param tags where they are missing.
>
> To the maintainers of java.util.concurrent, those changes could be separated
> out in an
On Thu, 28 Apr 2022 17:48:20 GMT, Weijun Wang wrote:
> I see you removed the `Thread.sleep(100)` calls. Given the failure of another
> similar test, maybe it's safer to add them back?
Yes. I'm evaluating if other proposal works or not. Otherwise, I will add the
sleep back.
-
PR
On Thu, 28 Apr 2022 07:01:25 GMT, Xue-Lei Andrew Fan wrote:
> Hi,
>
> May I have this test update reviewed?
>
> The javax/security/auth/callback/PasswordCallback/CheckCleanerBound.java test
> case failed on one of the test setups. The test runs gc in a loop and
> expects the GC to have garba
On Thu, 28 Apr 2022 04:34:36 GMT, Xue-Lei Andrew Fan wrote:
>> Please review the update to remove finalizer method in the
>> java.security.jgss module. It is one of the efforts to clean up the use of
>> finalizer method in JDK.
>
> Xue-Lei Andrew Fan has updated the pull request incrementally w
On Thu, 28 Apr 2022 18:05:39 GMT, Joe Darcy wrote:
>> To enable more complete doclint checking (courtesy @jonathan-gibbons),
>> please review this PR to add type-level @param tags where they are missing.
>>
>> To the maintainers of java.util.concurrent, those changes could be separated
>> out
> https://bugs.openjdk.java.net/browse/JDK-8285504
>
> JDK-8273046 is the umbrella bug for this bug. The changes were too large for
> a single code review, so it was decided to split into smaller chunks. This is
> one such chunk:
>
> open/src/java.base/share/classes/java/net
Mark Powers has u
> Please review the update to remove finalizer method in the java.security.jgss
> module. It is one of the efforts to clean up the use of finalizer method in
> JDK.
Xue-Lei Andrew Fan has updated the pull request incrementally with one
additional commit since the last revision:
add sleep bac
On Thu, 28 Apr 2022 04:34:36 GMT, Xue-Lei Andrew Fan wrote:
>> Please review the update to remove finalizer method in the
>> java.security.jgss module. It is one of the efforts to clean up the use of
>> finalizer method in JDK.
>
> Xue-Lei Andrew Fan has updated the pull request incrementally w
On Thu, 28 Apr 2022 04:34:36 GMT, Xue-Lei Andrew Fan wrote:
>> Please review the update to remove finalizer method in the
>> java.security.jgss module. It is one of the efforts to clean up the use of
>> finalizer method in JDK.
>
> Xue-Lei Andrew Fan has updated the pull request incrementally w
On Thu, 28 Apr 2022 18:29:35 GMT, Mark Powers wrote:
>> https://bugs.openjdk.java.net/browse/JDK-8285504
>>
>> JDK-8273046 is the umbrella bug for this bug. The changes were too large for
>> a single code review, so it was decided to split into smaller chunks. This
>> is one such chunk:
>>
>
On Thu, 28 Apr 2022 18:24:33 GMT, Andrey Turbanov wrote:
>> Joe Darcy has updated the pull request with a new target base due to a merge
>> or a rebase. The incremental webrev excludes the unrelated changes brought
>> in by the merge/rebase. The pull request contains seven additional commits
>
> Anyone can help review this javadoc update? The main change is the wording
> for the method javadoc of
> Cipher.getParameters()/CipherSpi.engineGetParameters(). The original wording
> is somewhat restrictive and request is to broaden this to accommodate more
> scenarios such as when null can
On Thu, 28 Apr 2022 19:11:23 GMT, Valerie Peng wrote:
>> Anyone can help review this javadoc update? The main change is the wording
>> for the method javadoc of
>> Cipher.getParameters()/CipherSpi.engineGetParameters(). The original wording
>> is somewhat restrictive and request is to broaden
On Thu, 28 Apr 2022 14:35:54 GMT, Weijun Wang wrote:
> We added a new system property back in
> https://bugs.openjdk.java.net/browse/JDK-8153005 but it's better to describe
> it in the `java.security` file as well.
>
> Please review the text. I especially added the last sentence so that people
On Thu, 28 Apr 2022 19:48:38 GMT, Sean Mullan wrote:
>> We added a new system property back in
>> https://bugs.openjdk.java.net/browse/JDK-8153005 but it's better to describe
>> it in the `java.security` file as well.
>>
>> Please review the text. I especially added the last sentence so that p
On Thu, 28 Apr 2022 19:54:36 GMT, Weijun Wang wrote:
>> src/java.base/share/conf/security/java.security line 1174:
>>
>>> 1172: # If the property is not set or empty, a default value will be used.
>>> 1173: #
>>> 1174: # For compatibility, the system property "keystore.pkcs12.legacy" can
>>> be
On Thu, 28 Apr 2022 16:23:25 GMT, Bradford Wetmore wrote:
>> src/java.base/share/classes/javax/net/ssl/TrustManagerFactory.java line 82:
>>
>>> 80: String type;
>>> 81: type = GetPropertyAction.privilegedGetProperty(
>>> 82: "ssl.TrustManagerFactory.algorithm");
>>
>
On Thu, 28 Apr 2022 18:29:35 GMT, Mark Powers wrote:
>> https://bugs.openjdk.java.net/browse/JDK-8285504
>>
>> JDK-8273046 is the umbrella bug for this bug. The changes were too large for
>> a single code review, so it was decided to split into smaller chunks. This
>> is one such chunk:
>>
>
On Mon, 25 Apr 2022 17:40:13 GMT, Mark Powers wrote:
> https://bugs.openjdk.java.net/browse/JDK-8285504
>
> JDK-8273046 is the umbrella bug for this bug. The changes were too large for
> a single code review, so it was decided to split into smaller chunks. This is
> one such chunk:
>
> open/
On Thu, 28 Apr 2022 04:56:47 GMT, Xue-Lei Andrew Fan wrote:
>>> Can you clarify what is the A and B that you are referring to?
>>
>> The sentence is, “If the required parameters were not supplied and the
>> underlying signature implementation can generate the parameter values, it
>> will be re
On Wed, 27 Apr 2022 23:02:28 GMT, Weijun Wang wrote:
>> Right, the user-supplied values takes precedence and provider-specific
>> default/random values should just be supplemental.
>>
>> As for EdDSA, looks like the prehash and context are only in RFC 8032 and
>> NOT RFC 8410. caller has to p
On Thu, 28 Apr 2022 23:08:17 GMT, Valerie Peng wrote:
>> So, "the underlying signature implementation supports returning the
>> parameters as {@code AlgorithmParameters}" is quite necessary. Xuelei's
>> suggestion is quite good, just change the last "and" to "or".
>
> I assume you were suggesti
On Thu, 28 Apr 2022 19:59:07 GMT, Sean Mullan wrote:
>> OpenSSL's help page shows
>>
>> -legacy Use legacy encryption: 3DES_CBC for keys, RC2_CBC for
>> certs
>>
>> Can we also say "To work with legacy PKCS #12 files"?
>
> But isn't it mostly an issue when creating new keystores a
On Thu, 28 Apr 2022 23:14:56 GMT, Weijun Wang wrote:
>> I assume you were suggesting this? `"The returned parameters may be the same
>> that were used to initialize this signature, or may contain additional
>> default or random parameter values used by the underlying signature
>> implementatio
On Thu, 28 Apr 2022 23:22:30 GMT, Valerie Peng wrote:
>> I suggest the last sentence to be "null is returned if the required
>> parameters were not supplied **or** the underlying signature implementation
>> cannot generate the parameter values." I used "or" because for EdDSA
>> parameters are
On Thu, 14 Apr 2022 15:37:05 GMT, Daniel Jeliński wrote:
> IMO we should not send close_notify in the finalizer. It's the application's
> responsibility to send close_notify when it's done with the socket; we should
> not pretend that it was closed normally when it was not.
@djelinski makes an
On Thu, 28 Apr 2022 13:25:13 GMT, Sean Mullan wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> SecretKeyConstraintsParameters subclass created and property description
>> updated
>
> src/java.base/share/conf/securi
On Thu, 28 Apr 2022 06:46:35 GMT, Hai-May Chao wrote:
>> Please review these changes to add DES/3DES/MD5 to
>> `jdk.security.legacyAlgorithms` security property, and to add the legacy
>> algorithm constraint checking to `keytool` commands that are associated with
>> secret key entries stored i
On Thu, 28 Apr 2022 23:09:00 GMT, Valerie Peng wrote:
> What kind of additional sentence do you have in mind?
It may be fine to put it into the state for 'null" returned value. For example:
The returned parameters may be the same that were used to initialize
this signature, or may contain addi
62 matches
Mail list logo
