On 18 March 2010 18:40, Brad Wetmore <bradford.wetm...@sun.com> wrote: > > I have a couple important tasks to finish ASAP, so if there is more > discussion, I'll have to jump in sometime next week, but wanted to add > one thing before anything was done: > > Pavel wrote: >> And we can use other URL if verisign.com is problematic. > > We've tried to limit the reliance on servers outside our control for the > open tests and to be as self-contained as possible, tho I'm sure there > are still some tests that do this anyway. IMHO, it's not exactly > neighborly of OpenJDK to include tests that just bang on someone's > server(s) for "testing", even if the volume isn't terribly high. I > think we should check with the server's admin before we included such a > test in the general repository. > > In the past we've also had transient network errors (servers or network > down), so that was another reason to limit our external dependencies. > But they still had to be investigated and took time. >
https://jaxp.dev.java.net/files/documents/913/147490 seems an appropriate URL to hit. It's the very URL that causes the OpenJDK build to fail to bootstrap itself and I assume Oracle do control dev.java.net to some degree. > Brad > > > > > > > On 3/18/2010 8:50 AM, Pavel Tisnovsky wrote: >> Christopher Hegarty -Sun Microsystems Ireland wrote: >>> Alan Bateman wrote: >>>> Pavel Tisnovsky wrote: >>>>> Hi, >>>>> >>>>> please review new regression test for java.net.* API. This test >>>>> check if the cacerts keytool database is configured properly and SSL >>>>> is really working. The test should not fail if SSL is working (in >>>>> other case it simply throws IOException). Webrev si available at >>>>> http://cr.openjdk.java.net/~ptisnovs/TestHttps/ >>>>> >>>>> Thanks in advance >>>>> Pavel Tisnovsky >>>> I suspect the dependency on verisign.com will be problematic. Isn't >>>> SSL already covered by the javax.net and https tests? >>> >>> I'm not sure what the prime motivation of the test is. Pavel, can you >>> please elaborate? >>> >>> Reading between the lines I guess the test is verifying that the >>> correct root Certification Authority is installed in cacerts, i.e. >>> the cert from www.verisign.com can be validated. >> >> Hi Chris, you guessed correctly :-) And we can use other URL if >> verisign.com is problematic. >> >>> >>> Alan is correct there are already tests for SSL/Https in javax.net, >>> but I believe these use self signed certs, no dependency on cacerts. >>> >>> -Chris. >>> >>>> >>>> -Alan. >> > -- Andrew :-) Free Java Software Engineer Red Hat, Inc. (http://www.redhat.com) Support Free Java! Contribute to GNU Classpath and the OpenJDK http://www.gnu.org/software/classpath http://openjdk.java.net PGP Key: 94EFD9D8 (http://subkeys.pgp.net) Fingerprint: F8EF F1EA 401E 2E60 15FA 7927 142C 2591 94EF D9D8
