All patches are posted to http://cr.openjdk.java.net/~weijun/twosigma-gss/.
In order to file a bug or post a patch, you need to be an author first. Read
here: http://openjdk.java.net/projects/#project-author.
Let's pick 2 simple bug fixes to start with.
Thanks
Max
On 07/10/2018 18:08, Scott Palmer wrote:
Thanks Alan. I think this is exactly the issue I was hitting.
Is it currently not possible to ensure modules have not been tampered with?
The signature checking for signed JARs on the module path is the same as
that done for signed JARs on the class
Thanks Alan. I think this is exactly the issue I was hitting.
Is it currently not possible to ensure modules have not been tampered with? I
don’t think my application will ever be properly modularized anyway, so I will
simply make sure those jars are only on the class path. But I’m a
Hello all, this fixes an issue where for TLSv1.2 connections
specifically, clients will not authenticate using PSS certs even when
PSS signature algorithms are asserted in the CertificateRequest
message. This brings in a method for client certificate selection
similar to how we do it for TLS
> On Oct 5, 2018, at 1:15 AM, Nico Williams wrote:
>
> On Thu, Oct 04, 2018 at 11:19:06AM +0100, Alan Bateman wrote:
>> On 03/10/2018 21:49, Nico Williams wrote:
>>> :
>>> A lot of these changes are interrelated. Reviewing them in order of
>>> size might require rebasing our stack of
On 06/10/2018 06:21, Scott Palmer wrote:
As is too often the case I discovered the difference while trying to
isolate a test case. With Java 10 I had extra JVM args to deal with
module path and that appeared to cause the problem.
There is very limited support for signing of modules and signed
