[security-dev 00954]: Re: code review request 6852744: PIT b61: PKI test suite fails because self signed certificates are being rejected

Webrev updated that a CRL issuer now can delegated itself as CRL issuer in the DistributionPoint extension. DistributionPointFetcher.java: if (pointCrlIssuers != null) { .. if (match == false) { return false; } +

[security-dev 00953]: hg: jdk7/tl/jdk: 6853793: OutOfMemoryError in sun.security.provider.certpath.OCSPChecker.check

Changeset: c2baa2f0415e Author:xuelei Date: 2009-07-03 11:13 +0800 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/c2baa2f0415e 6853793: OutOfMemoryError in sun.security.provider.certpath.OCSPChecker.check Summary: allocate memory dynamically, keep reading until EOF. Reviewed-by: we

[security-dev 00952]: Re: code review request 6853793: OutOfMemoryError in sun.security.provider.certpath.OCSPChecker.check

Max (Weijun) Wang wrote: This code change is very trivial. But, is there any test for OCSP and HTTP timestamping? I think with Michael's HttpServer class in JDK 6, maybe you can see if it's easy to add one or two tests. It is not hard to setup a http server, it is hard to sign a valid ocsp/

[security-dev 00951]: Re: code review request 6853793: OutOfMemoryError in sun.security.provider.certpath.OCSPChecker.check

Webrev looks fine. no new regression test, trivial changes, hard to write a new test. This code change is very trivial. But, is there any test for OCSP and HTTP timestamping? I think with Michael's HttpServer class in JDK 6, maybe you can see if it's easy to add one or two tests. Thank

[security-dev 00950]: Re: code review request 6853793: OutOfMemoryError in sun.security.provider.certpath.OCSPChecker.check

Much better! The webrev updated. Thanks, Xuelei Weijun Wang wrote: I understand what the code means. It either reads contentLength bytes of data, or, if it's -1, reads until EOF. However, I guess it would look simpler if you use only one while(read): if (contentLength == -1) { resp = n

[security-dev 00949]: Re: code review request 6853793: OutOfMemoryError in sun.security.provider.certpath.OCSPChecker.check

Sorry, my code is not correct. It might read more than expected when contentLength != -1 while (total < contentLength) { if (total >= resp.len) { resp = Arrays.copyOf(resp, resp.len*2); } count = in.read(resp, total, resp.len-total) if (count < 0) break;

[security-dev 00948]: Re: code review request 6853793: OutOfMemoryError in sun.security.provider.certpath.OCSPChecker.check

I understand what the code means. It either reads contentLength bytes of data, or, if it's -1, reads until EOF. However, I guess it would look simpler if you use only one while(read): if (contentLength == -1) { resp = new byte[contentLength]; } else { resp = new byte[2048]; con

[security-dev 00947]: Re: code review request 6853793: OutOfMemoryError in sun.security.provider.certpath.OCSPChecker.check

I understand what the code means. It either reads contentLength bytes of data, or, if it's -1, reads until EOF. However, I guess it would look simpler if you use only one while(read): if (contentLength == -1) { resp = new byte[contentLength]; } else { resp = new byte[2048]; con

[security-dev 00946]: code review request 6853793: OutOfMemoryError in sun.security.provider.certpath.OCSPChecker.check

Hi, bug desc: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6853793 webrv: http://cr.openjdk.java.net/~xuelei/6853793/webrev/ no new regression test, trivial changes, hard to write a new test. Thanks, Xuelei

[security-dev 00945]: code review request 6852744: PIT b61: PKI test suite fails because self signed certificates are being rejected

Hi, bug description: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6852744 webrev: http://cr.openjdk.java.net/~xuelei/6852744/webrev/ Evaluation of the bug: 1. There is a loop of forward builder for self-issused intermediate certificates. The ForwardBuilder looks for the next certificate