Pushed to https://hg.openjdk.java.net/jdk/jdk/rev/b3116877866f.
Thanks, Max > On Nov 20, 2019, at 8:27 AM, Weijun Wang <[email protected]> wrote: > > Hi Fedor, > > Sorry for the delay. Everything looks fine except that the version info in > santuario.md should be updated. I've also updated XMLDSigRI.java to match the > recent code change for JDK-8232357. A new webrev is now available at > > http://cr.openjdk.java.net/~weijun/8231507/webrev.00/ > > If no one else has any more comment, I'll push this change myself. > > Thanks, > Max > >> On Oct 10, 2019, at 10:48 PM, Fedor Burdun <[email protected]> wrote: >> >> Hi Weijun, >> >> I am glad to be helpful for community. >> Thanks a lot for your notes. >> >> In addition to all mentioned above and due to (8151893: Add security >> property to configure XML Signature secure validation mode) >> it seems the checking of Policy.restrictRetrievalMethodLoops also should be >> reverted? >> Please correct me if I'm wrong and it should not. >> >> Andrew Brygin volunteered to be sponsor for this code change. >> >> New webrev: http://cr.openjdk.java.net/~fijiol/8231507/webrev.01/ >> Tests: test/jdk/javax/xml/crypto/dsig/ >> >> Best regards, >> Fedor >> >> >> >> >> От: Weijun Wang <[email protected]> >> Отправлено: 10 октября 2019 г. 13:08 >> Кому: Fedor Burdun >> Копия: [email protected] >> Тема: Re: RFR: 8231507: Update Apache Santuario (XML Signature) to version >> 2.1.4 >> >> Hi Fedor, >> >> First, thanks a lot for the contribution. Overall the code change looks >> fine, but I have several comments: >> >> 1. The change in EncryptionConstants.java is not necessary. In this module >> we only do the signature part, but not encryption. >> >> 2. For the same reason, 5 new methods in XMLUtils.java about encryption. >> >> 3. In DOMRetrievalMethod.java, please revert to the use of >> "Policy.restrictNumTransforms(newTransforms.size())". The java.xml.crypto >> module inside OpenJDK is a little different from Santuario here and it uses >> a java.security property named "jdk.xml.dsig.secureValidationPolicy". >> >> 4. XMLDSigRI.java contains no actual change and can be kept unchanged. >> >> Have you found a committer to sponsor your code change? If not, I'll be >> happy to do it. >> >> Thanks, >> Max >> >> >>> On Oct 8, 2019, at 12:35 AM, Fedor Burdun <[email protected]> wrote: >>> >>> Dear all, >>> >>> Would you please review the following change? >>> Bug: https://bugs.openjdk.java.net/browse/JDK-8231507 >>> Webrev: http://cr.openjdk.java.net/~fijiol/8231507/webrev.00/ >>> >>> This change upgrades Apache Santuario library to version 2.1.4 >>> >>> Best regards, >>> Fedor >
