Changeset: d842462572a9
Author:weijun
Date: 2008-03-05 22:15 +0800
URL: http://hg.openjdk.java.net/jdk7/jsn/jdk/rev/d842462572a9
6590930: reed/write does not match for ccache
Summary: Add null-awareness to ccache read
Reviewed-by: valeriep
!
Changeset: ac695089ccc5
Author:weijun
Date: 2008-03-08 22:49 +0800
URL: http://hg.openjdk.java.net/jdk7/jsn/jdk/rev/ac695089ccc5
6634644: broken fragment, should use @link
Reviewed-by: mullan
! src/share/classes/javax/security/cert/X509Certificate.java
Changeset: 9655476d50f4
Author:weijun
Date: 2008-07-27 19:16 +0800
URL: http://hg.openjdk.java.net/jdk7/jsn/jdk/rev/9655476d50f4
6709758: keytool default cert fingerprint algorithm should be SHA1, not MD5
Reviewed-by: mullan, xuelei
!
Changeset: bcb61dfc8514
Author:weijun
Date: 2008-09-08 14:17 +0800
URL: http://hg.openjdk.java.net/jdk7/jsn/jdk/rev/bcb61dfc8514
6740833: krb5.conf does not accept kdc=hostname (no spaces around =)
Reviewed-by: xuelei
! src/share/classes/sun/security/krb5/Config.java
Changeset: 3f051f3ba5bb
Author:weijun
Date: 2008-10-17 13:02 +0800
URL: http://hg.openjdk.java.net/jdk7/jsn/jdk/rev/3f051f3ba5bb
6706974: Add krb5 test infrastructure
Reviewed-by: valeriep
+ test/sun/security/krb5/auto/Action.java
+ test/sun/security/krb5/auto/BasicKrb5Test.java
+
Changeset: 0bf6c9c6fdc5
Author:weijun
Date: 2008-10-20 10:32 +0800
URL: http://hg.openjdk.java.net/jdk7/jsn/jdk/rev/0bf6c9c6fdc5
6761072: new krb5 tests fail on multiple platforms
Reviewed-by: xuelei
! test/sun/security/krb5/auto/BasicKrb5Test.java
!
Hi All
Currently we have this check inside Krb5LoginModule:
private void validateConfiguration() throws LoginException {
if (doNotPrompt !useTicketCache !useKeyTab)
throw new LoginException
(Configuration Error
+ - either doNotPrompt
Changeset: d2f96992b77b
Author:weijun
Date: 2008-11-12 16:00 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/d2f96992b77b
6733095: Failure when SPNEGO request non-Mutual
Reviewed-by: valeriep
! src/share/classes/sun/security/jgss/GSSContextImpl.java
!
Hi All
The current implementation of HTTP Negotiate authentication has not
enabled credential delegation (it simply acquires a new one using either
a cached TGT or username/password from Authenticator). This means that
in a multi-tier application, a middle tier cannot start an HTTP request
(to
Changeset: a8d9e8cb38bb
Author:weijun
Date: 2009-03-04 15:09 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/a8d9e8cb38bb
6705872: SecureRandom number init is taking too long on a java.io.tmpdir with a
large number of files.
Reviewed-by: xuelei, alanb
!
Hi
In keytool's installReply(), there is:
if (replyCerts.length == 1) {
// single-cert reply
newChain = establishCertChain(userCert, replyCerts[0]);
} else {
// cert-chain reply (e.g., PKCS#7)
newChain = validateReply(alias,
Changeset: 9d5cce463fa0
Author:weijun
Date: 2009-03-13 09:20 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/9d5cce463fa0
6815182: GSSAPI/SPNEGO does not work with server using MIT Kerberos library
Reviewed-by: valeriep
!
Changeset: 87acd36bd847
Author:weijun
Date: 2009-03-19 11:17 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/87acd36bd847
6819272: keytool -importcert should read the whole input
Reviewed-by: xuelei
! src/share/classes/sun/security/tools/KeyTool.java
+
Changeset: 74fe20f0e49b
Author:weijun
Date: 2009-03-23 17:05 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/74fe20f0e49b
6820606: keytool can generate serialno more randomly
Reviewed-by: xuelei
! src/share/classes/sun/security/tools/KeyTool.java
!
Changeset: b752110df530
Author:weijun
Date: 2009-03-27 11:05 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/b752110df530
6802846: jarsigner needs enhanced cert validation(options)
Reviewed-by: xuelei
! src/share/classes/sun/security/tools/JarSigner.java
!
Changeset: ee75d1fac0ca
Author:weijun
Date: 2009-04-03 11:36 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/ee75d1fac0ca
6825352: support self-issued certificate in keytool
Reviewed-by: xuelei
! src/share/classes/sun/security/tools/KeyTool.java
+
Changeset: 8d37331265ae
Author:weijun
Date: 2009-04-09 15:32 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/8d37331265ae
6714845: Quotes in Kerberos configuration file are included in the values
Reviewed-by: xuelei
! src/share/classes/sun/security/krb5/Config.java
+
Hi Valerie and Networking guys
Please take a review at this bug fix:
http://cr.openjdk.java.net/~weijun/6578647/webrev.00/
The bug is
http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6578647
The bug report says that no URL-related info is available in
Authenticator when using
Changeset: 33e06332c9d4
Author:weijun
Date: 2009-04-16 11:16 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/33e06332c9d4
6830658: Changeset 897b2d42995a breaks the fastdebug build in NativeCreds.c
Reviewed-by: tbell
! src/windows/native/sun/security/krb5/NativeCreds.c
, putting two Kerberos KDC, one HTTP server, one proxy
server in a single regression test is fun!
Thanks
Mx
On Apr 14, 2009, at 8:55 PM, Max (Weijun) Wang wrote:
On Apr 14, 2009, at 5:59 PM, Christopher Hegarty - Sun Microsystems
Ireland wrote:
Hi Max,
I only looked at the networking
The new webrev is at
http://cr.openjdk.java.net/~weijun/6813340/webrev.03
Changes compared to last webrev is:
diff -r 59db2c7c37fa
src/share/classes/sun/security/provider/X509Factory.java
--- a/src/share/classes/sun/security/provider/X509Factory.java
+++
Changeset: 8f405b65ddac
Author:weijun
Date: 2009-06-09 14:17 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/8f405b65ddac
6578647: Undefined requesting URL in
java.net.Authenticator.getPasswordAuthentication()
Reviewed-by: chegar, valeriep
!
Changeset: bc2c9dbdcc70
Author:weijun
Date: 2009-06-17 15:26 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/bc2c9dbdcc70
6849275: enhance krb5 reg tests
Reviewed-by: xuelei
! test/sun/security/krb5/auto/CrossRealm.java
! test/sun/security/krb5/auto/HttpNegotiateServer.java
Changeset: 863351d5d244
Author:weijun
Date: 2009-06-18 11:12 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/863351d5d244
6712755: jarsigner fails to sign itextasian.jar since 1.5.0_b14, it works with
1.5.0_13
Reviewed-by: mullan
!
Changeset: 605d3fa6764e
Author:weijun
Date: 2009-06-30 11:55 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/605d3fa6764e
6855671: DerOutputStream encodes negative integer incorrectly
Reviewed-by: xuelei
! src/share/classes/sun/security/util/DerOutputStream.java
+
;
total += count;
}
Weijun Wang wrote:
I understand what the code means. It either reads contentLength bytes of
data, or, if it's -1, reads until EOF.
However, I guess it would look simpler if you use only one while(read):
if (contentLength == -1) {
resp = new byte[contentLength
Changeset: 1175f872a968
Author:weijun
Date: 2009-07-08 12:07 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/1175f872a968
6857802: GSS getRemainingInitLifetime method returns milliseconds not seconds
Reviewed-by: xuelei
!
Hi Shawn
Earlier this year, you've asked me about supporting CCAPI in Java. At
the time, our Java JGSS provider only support the FILE ccache reading.
(We do have a native bridge to GSSAPI but that provider is not turned on
by default).
I'm creating a native bridge to CCAPI now.
Some questions:
Changeset: 81e3117803a5
Author:weijun
Date: 2009-07-22 16:39 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/81e3117803a5
6858589: more changes to Config on system properties
Reviewed-by: valeriep
! src/share/classes/sun/security/krb5/Config.java
!
Changeset: 0c58a7b6b978
Author:weijun
Date: 2009-07-31 16:21 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/0c58a7b6b978
6867231: Regression: jdk/test/sun/security/krb5/ConfPlusProp.java error against
jdk7/pit/b68
Reviewed-by: xuelei
!
Changeset: 2536ab04dc68
Author:weijun
Date: 2009-08-02 13:40 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/2536ab04dc68
6867687: keytool's standard.sh test timeout sometimes
Reviewed-by: xuelei
! test/sun/security/tools/keytool/standard.sh
Changeset: 5439d705c04e
Author:weijun
Date: 2009-08-11 12:15 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/5439d705c04e
6866479: libzip.so caused JVM to crash when running jarsigner
Reviewed-by: mullan
! src/share/classes/sun/security/tools/JarSigner.java
+
Changeset: efe2d2a55b3b
Author:weijun
Date: 2009-08-11 15:36 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/efe2d2a55b3b
6868867: Test: sun/security/tools/keytool/standard.sh fails under windows/cygwin
Reviewed-by: wetmore
! src/share/classes/sun/security/tools/KeyTool.java
Changeset: 8414927b41d8
Author:weijun
Date: 2009-08-18 10:20 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/8414927b41d8
6829785: TextCallbackHandler does not honor PasswordCallback.isEchoOn()
Reviewed-by: mullan
!
Changeset: dbcc1f13e4fd
Author:weijun
Date: 2009-08-24 18:37 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/dbcc1f13e4fd
6875033: regression: test of 6867665 fail
Reviewed-by: xuelei
! test/sun/security/krb5/ktab/HighestKvno.java
Changeset: 2607e571a6d5
Author:weijun
Date: 2009-08-26 12:17 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/2607e571a6d5
6868864: Kerberos tests fail under windows/cygwin
Reviewed-by: wetmore
! test/sun/security/krb5/auto/basic.sh
Changeset: ee5300e1835a
Author:weijun
Date: 2009-09-04 14:58 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/ee5300e1835a
6876328: different names for the same digest algorithms breaks jarsigner
Reviewed-by: mullan
! src/share/classes/sun/security/tools/JarSigner.java
+
Changeset: 81dffe63c913
Author:weijun
Date: 2009-09-22 10:01 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/81dffe63c913
6877357: IPv6 address does not work
Reviewed-by: xuelei, alanb
! src/share/classes/sun/security/krb5/KrbKdcReq.java
+ test/sun/security/krb5/IPv6.java
Changeset: bd928aefe692
Author:weijun
Date: 2009-09-24 21:35 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/bd928aefe692
6885166: regression test for 6877357 (IPv6 address does not work) error (timed
out)
Reviewed-by: xuelei
! test/sun/security/krb5/IPv6.java
Changeset: 527ad9cbc9cf
Author:weijun
Date: 2009-10-02 18:44 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/527ad9cbc9cf
6324292: keytool -help is unhelpful
Reviewed-by: xuelei, mullan
! src/share/classes/sun/security/tools/KeyTool.java
!
Changeset: 0d7c64c023c6
Author:weijun
Date: 2009-10-21 08:17 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/0d7c64c023c6
6870812: enhance security tools to use ECC algorithms
Reviewed-by: vinnie, mullan
! src/share/classes/java/util/jar/JarFile.java
!
Changeset: a1923ebcd61b
Author:weijun
Date: 2009-10-30 11:28 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/a1923ebcd61b
6894534: SeedGenerator shouldn't require java.nio.file to be present
Reviewed-by: alanb
! src/share/classes/sun/security/provider/SeedGenerator.java
Changeset: 7871897537b1
Author:weijun
Date: 2009-11-27 08:51 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/7871897537b1
6853328: Support OK-AS-DELEGATE flag
Reviewed-by: valeriep
! src/share/classes/com/sun/security/jgss/ExtendedGSSContext.java
!
Changeset: db5c77621c6b
Author:weijun
Date: 2009-12-09 11:15 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/db5c77621c6b
6908628: ObjectIdentifier s11n test fails
Reviewed-by: xuelei
! test/sun/security/util/Oid/S11N.sh
Changeset: ef9774dc4f5a
Author:weijun
Date: 2010-01-05 10:40 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/ef9774dc4f5a
6895424: RFC 5653
Reviewed-by: valeriep
! src/share/classes/org/ietf/jgss/GSSName.java
! src/share/classes/sun/security/jgss/GSSManagerImpl.java
!
Changeset: 558f2a424bfa
Author:weijun
Date: 2010-01-26 17:03 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/558f2a424bfa
6919610: KeyTabInputStream uses static field for per-instance value
Reviewed-by: mullan
!
Changeset: 0500f7306cbe
Author:weijun
Date: 2010-03-17 09:55 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/0500f7306cbe
6868865: Test: sun/security/tools/jarsigner/oldsig.sh fails under all platforms
Reviewed-by: wetmore
! test/sun/security/tools/jarsigner/oldsig.sh
Changeset: 2796f839e337
Author:weijun
Date: 2010-03-18 18:26 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/2796f839e337
6829283: HTTP/Negotiate: Autheticator triggered again when user cancels the
first one
Reviewed-by: chegar
!
Hi Valerie
As described in http://forums.sun.com/thread.jspa?threadID=5432248, customer's
pkcs11 keystore has aliases ended with '\0'.
Is this something we should fix on the Java side?
Thanks
Max
Hi Xuelei and Sean
Please take a review on the fix for OpenJDK:
http://cr.openjdk.java.net/~weijun/6939248/webrev.00
Note that I've added some check:
1. response cert null check
2. extension isCritical check
About the test:
1. Since keytool can now generate extensions, binary keystore is
Changeset: db4fd2fdf196
Author:weijun
Date: 2010-04-16 10:06 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/db4fd2fdf196
6937978: let keytool -gencert generate the chain
Reviewed-by: mullan
! src/share/classes/sun/security/tools/KeyTool.java
!
Changeset: 0d989dc383d3
Author:weijun
Date: 2010-04-16 10:13 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/0d989dc383d3
6939248: Jarsigner can't extract Extended Key Usage from Timestamp Reply
correctly
Reviewed-by: xuelei, mullan
!
Changeset: 97fb6f6d230a
Author:weijun
Date: 2010-04-20 19:30 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/97fb6f6d230a
6944847: native gss lib names on linux
Reviewed-by: valeriep
! src/share/classes/sun/security/jgss/wrapper/SunNativeProvider.java
+
Changeset: edde2f60415b
Author:weijun
Date: 2010-04-22 12:45 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/edde2f60415b
6856069: PrincipalName.clone() does not invoke super.clone()
Reviewed-by: chegar
! src/share/classes/sun/security/krb5/PrincipalName.java
+
Hi
Please take a review at this test bug:
http://cr.openjdk.java.net/~weijun/6948287/webrev.00
Thanks
Max
*Change Request ID*: 6948287
*Synopsis*: KDC test strange kvno
Keywords: noreg-self
=== *Description*
In
Changeset: b833a422c776
Author:weijun
Date: 2010-04-29 15:50 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/b833a422c776
6947487: use HexDumpEncoder.encodeBuffer()
Reviewed-by: mullan
! src/share/classes/com/sun/security/auth/module/Krb5LoginModule.java
!
Changeset: 3d51799b65a9
Author:weijun
Date: 2010-05-06 11:26 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/3d51799b65a9
6948909: Jarsigner removes MANIFEST.MF info for badly packages jar's
Reviewed-by: mullan, xuelei
! src/share/classes/sun/security/tools/JarSigner.java
+
Changeset: 8834c3633f0b
Author:weijun
Date: 2010-05-06 13:42 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/8834c3633f0b
6890876: jarsigner can add CRL info into signed jar
Reviewed-by: mullan
! src/share/classes/com/sun/jarsigner/ContentSignerParameters.java
!
On May 14, 2010, at 2:40 PM, Mandy Chung wrote:
Hi Max,
Wang Weijun wrote:
Hi Mandy
Sorry for late comment. My email client on Nokia E71 keeps crashing. (Hope
it's good this time).
It's good. Thanks for the comment.
I'm quite sure there are people out there calling KeyTool the
Hi Valerie
A new bug 6950930 filed for the same problem.
So ping again. Webrev small update at --
http://cr.openjdk.java.net/~weijun/6882687/webrev.01
Changes:
1. 2009 - 2010
2. new fields now private final
Thanks
Max
On Sep 17, 2009, at 1:46 AM, Max (Weijun) Wang wrote:
Hi Valerie
Changeset: d01726854317
Author:weijun
Date: 2010-05-24 09:28 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/d01726854317
6948803: CertPath validation regression caused by SHA1 replacement root and MD2
disable feature
Reviewed-by: xuelei, mullan
!
Changeset: ff9cc9789bb3
Author:weijun
Date: 2010-05-24 09:37 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/ff9cc9789bb3
6882687: KerberosTime too imprecise
Reviewed-by: valeriep
! src/share/classes/sun/security/krb5/internal/KerberosTime.java
+
Changeset: ba95fd03440b
Author:weijun
Date: 2010-05-24 10:05 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/ba95fd03440b
6932525: Incorrect encryption types of KDC_REQ_BODY of AS-REQ with
pre-authentication
Reviewed-by: valeriep
!
Changeset: 2306564dea3a
Author:weijun
Date: 2010-05-25 18:20 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/2306564dea3a
6948287: KDC test strange knvo
Reviewed-by: xuelei
! test/sun/security/krb5/auto/KDC.java
Changeset: d5939d20b762
Author:weijun
Date: 2010-05-27 17:24 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/d5939d20b762
6955783: ServiceUnavailableException caught even the secondary DNS is available
Reviewed-by: vinnie
! src/share/classes/com/sun/jndi/dns/DnsClient.java
Hi All
Please review this webrev:
http://cr.openjdk.java.net/~weijun/6844907/webrev.00/
Three notes:
1. The etype order change has effect on keys in a keytab file. In KeyTab.java,
I've made the following change:
public EncryptionKey[] readServiceKeys(PrincipalName service) {
Hi All
Please review this code change:
http://cr.openjdk.java.net/~weijun/6958026/webrev.00/
Two parts included:
1. Major one: match private key and cert using both keyId and friendlyName.
2. Minor one: add keyId and friendlyName to private keys created by
setKeyEntry(alias, byte[],
Changeset: ea8c57ec8409
Author:weijun
Date: 2010-06-04 19:28 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/ea8c57ec8409
6951366: kerberos login failure on win2008 with AD set to win2000 compat mode
Reviewed-by: valeriep, xuelei
!
Hi Valerie and Andrew
Please review the following webrev:
http://cr.openjdk.java.net/~weijun/6960894/webrev.00
The major enhancement is KrbAsReqBuilder which generates AS-REQ, sends it,
parses any response, and returns a Credentials object. The other big change is
KrbKdcReq, it's no longer
Changeset: 3df25d0680f3
Author:weijun
Date: 2010-06-17 13:46 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/3df25d0680f3
6959292: regression: cannot login if session key and preauth does not use the
same etype
Reviewed-by: xuelei, valeriep
!
6670889: Keystore created under Hindi Locale causing
ArrayIndexOutOfBoundsException
Webrev:
http://cr.openjdk.java.net/~weijun/6670889/webrev.00/
Thanks
Max
Changeset: f3a4c1947fd1
Author:weijun
Date: 2010-07-13 20:27 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/f3a4c1947fd1
6670889: Keystore created under Hindi Locale causing
ArrayIndexOutOfBoundsException
Reviewed-by: chegar
!
Hi Valerie
6969292: make DNS lookup for realm/kdc really work
Webrev:
http://cr.openjdk.java.net/~weijun/6969292/webrev.00/
We've implemented DNS lookup for realm and kdc for some time, and have
made it default turned on in JDK 7. However, it's still not 100%
zero-configuration, a krb5.conf
Updated webrev:
http://cr.openjdk.java.net/~weijun/6969292/webrev.01/
Changes:
checkRealm() return null instead of throwing an exception. (Thanks, Alan).
Thanks
Max
On 07/15/2010 02:12 PM, Weijun Wang wrote:
Hi Valerie
6969292: make DNS lookup for realm/kdc really work
Webrev:
http
What platform and openjdk release (or build) are you using? What kind of
security providers are specified? When you say regression, is it a regression
of an earlier build of openjdk?
If I understand correctly, a PKCS #11 security provider is needed to use
PKCS11-based keystores. Currently,
Changeset: 9a1bd20fc71c
Author:weijun
Date: 2010-07-19 10:02 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/9a1bd20fc71c
6969683: Generify ResolverConfiguration codes
Reviewed-by: alanb, chegar
! src/share/classes/com/sun/jndi/dns/DnsContextFactory.java
!
Hi Xuelei
A regression in test:
*Change Request ID*: 6972005
*Synopsis*: ConfPlusProp.java test failure when DNS has info for realm
webrev:
http://cr.openjdk.java.net/~weijun/6972005/webrev.00/
Thanks
Max
=== *Description*
The
Changeset: 402ff3e81922
Author:weijun
Date: 2010-07-26 17:21 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/402ff3e81922
6972005: ConfPlusProp.java test failure when DNS has info for realm
Reviewed-by: xuelei
! test/sun/security/krb5/ConfPlusProp.java
!
Fix looks fine.
I finally find the ldr.wait(15 * 1000) line.
-Max
On 07/27/2010 11:50 AM, Xuelei Fan wrote:
Hi Weijun,
A JNDI bug.
webrev: http://cr.openjdk.java.net/~xuelei/6870947/webrev.00/
bug desc: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6870947
Thanks,
Xuelei
the stream, and
throw an exception if it wasn't a certificate. But the current fix ignores
non certificate blocks until it finds a certificate or end of stream, right?
--Sean
On 7/30/10 2:39 AM, Weijun Wang wrote:
Hi Sean
6973371: X509Factory should recognize PEM headers
Please review
Re-send mail. Probably lost during in a mail server outage.
On 07/31/2010 09:46 PM, Weijun Wang wrote:
Yes, you're correct.
I regard not-working - working a fix, not a regression.
Thanks
Max
On Jul 31, 2010, at 12:46 AM, Sean Mullan wrote:
Hi Max,
I'm not sure about this change
On 08/03/2010 05:10 AM, Sean Mullan wrote:
On 7/31/10 9:46 AM, Weijun Wang wrote:
Yes, you're correct.
I regard not-working - working a fix, not a regression.
I think I would regard it as underspecified. There's nothing in
CertificateFactory.generateCertificate that says it skips non
now.
Thanks
Max
Thanks,
Valerie
On 07/21/10 12:32, Valerie (Yu-Ching) Peng wrote:
On 06/13/10 08:02, Weijun Wang wrote:
Hi Valerie and Andrew
Please review the following webrev:
http://cr.openjdk.java.net/~weijun/6960894/webrev.00
The major enhancement is KrbAsReqBuilder which
Changeset: 4abd65f04638
Author:weijun
Date: 2010-08-19 11:26 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/4abd65f04638
6976536: Solaris JREs do not have the krb5.kdc.bad.policy configured by default.
Reviewed-by: valeriep
! src/share/lib/security/java.security-solaris
!
Changeset: 95bb147c7c33
Author:weijun
Date: 2010-08-19 12:24 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/95bb147c7c33
6921610: 1.6 update 17 and 18 throw java.lang.IndexOutOfBoundsException
Reviewed-by: vinnie, xuelei
! src/share/classes/com/sun/jndi/ldap/Connection.java
HI All
webrev at --
http://cr.openjdk.java.net/~weijun/6979329/webrev.00/
I'm not sure if there will be other type of non-ticket entries later, so
just ignore once an exception is thrown.
I'll be glad if there can be more than one code reviewers. Mostly likely
this will need to
Ping again.
The webrev is updated:
http://cr.openjdk.java.net/~weijun/6911951/webrev.01/
The CCC is about to be finalized:
http://ccc.sfbay.sun.com/6911951
Thanks
Max
On 04/16/2010 11:12 AM, Weijun Wang wrote:
Vinnie
Please take a review on this webrev:
cr.openjdk.java.net
you any comments on the NTLM changes?
On 25/08/2010 06:23, Weijun Wang wrote:
Ping again.
The webrev is updated:
http://cr.openjdk.java.net/~weijun/6911951/webrev.01/
The CCC is about to be finalized:
http://ccc.sfbay.sun.com/6911951
Thanks
Max
On 04/16/2010 11:12 AM, Weijun Wang wrote
Hi Lance
I've updated policytool to match your new SQLPermission target names,
webrev at:
http://cr.openjdk.java.net/~weijun/6845220/webrev.00/
It seems there's an extra name setNetworkTimeout (compared with
original RFE description) in your latest changeset at:
Changeset: 5c3bad1d7f8a
Author:weijun
Date: 2010-09-14 10:18 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/5c3bad1d7f8a
6982840: sun/security/tools/jarsigner/emptymanifest.sh fails
Reviewed-by: dholmes
! test/sun/security/tools/jarsigner/emptymanifest.sh
Changeset: ca630e91d473
Author:weijun
Date: 2010-09-23 10:46 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/ca630e91d473
6982971: TEST failure: com/sun/security/sasl/ntlm/NTLMTest.java
Reviewed-by: wetmore
! test/com/sun/security/sasl/ntlm/NTLMTest.java
Changeset: 9eb9485ec45b
Author:weijun
Date: 2010-09-25 10:21 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/9eb9485ec45b
6986868: TEST failure: sun/security/tools/jarsigner/crl.sh
Reviewed-by: ohair
! test/sun/security/tools/jarsigner/crl.sh
Changeset: 26c6ee936f63
Author:weijun
Date: 2010-09-29 15:26 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/26c6ee936f63
6988163: sun.security.util.Resources dup and a keytool doc typo
Reviewed-by: xuelei
! src/share/classes/sun/security/tools/KeyTool.java
!
Changeset: dfce5a0cc460
Author:weijun
Date: 2010-10-28 21:14 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/dfce5a0cc460
6950546: ktab -d name etype to ktab -d name [-e etype] [kvno | all | old]
6984764: kerberos fails if service side keytab is generated using JDK ktab
Changeset: 856843c444a0
Author:weijun
Date: 2010-11-06 09:11 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/856843c444a0
6997740: ktab entry related test compilation error
Reviewed-by: valeriep
! test/sun/security/krb5/auto/MoreKvno.java
!
Changeset: e27ad63b0f54
Author:weijun
Date: 2010-11-09 08:34 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/e27ad63b0f54
6952519: kdc_timeout is not being honoured when using TCP
Reviewed-by: valeriep
! src/share/classes/sun/security/krb5/KrbKdcReq.java
+
Changeset: 4565d120e514
Author:weijun
Date: 2010-11-11 15:51 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/4565d120e514
6987827: security/util/Resources.java needs improvement
Reviewed-by: valeriep
! src/share/classes/com/sun/security/auth/NTDomainPrincipal.java
!
Changeset: 1e7dc87fad95
Author:weijun
Date: 2010-11-12 21:33 +0800
URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/1e7dc87fad95
6960894: Better AS-REQ creation and processing
Reviewed-by: valeriep
! src/share/classes/com/sun/security/auth/module/Krb5LoginModule.java
!
On 11/18/2010 07:31 AM, Valerie (Yu-Ching) Peng wrote:
Hi, Max,
Can you please help reviewing the following two regression test fixes?
6203816: Can not run test/java/security/Security/ClassLoaderDeadlock.sh
from the command line
Webrev: http://cr.openjdk.java.net/~valeriep/6203816/webrev.00/
/closed is still not updated.
Thanks
Max
Valerie
On 11/17/10 17:00, Weijun Wang wrote:
On 11/18/2010 07:31 AM, Valerie (Yu-Ching) Peng wrote:
Hi, Max,
Can you please help reviewing the following two regression test fixes?
6203816: Can not run test/java/security/Security
1 - 100 of 2902 matches
Mail list logo