On Fri, 3 Feb 2023 01:41:41 GMT, Martin Balao wrote:
> We would like to propose an implementation for the [JDK-8301553: Support
> Password-Based Cryptography in
> SunPKCS11](https://bugs.openjdk.org/browse/JDK-8301553) enhancement
> requirement.
>
> In addition to pursuing the requirement goa
On Thu, 23 Feb 2023 18:15:35 GMT, Ahmed Muhsin wrote:
> This change will move the instantiation of BadPaddingException into the
> branch of the if statement where it is thrown. This will decrease the
> overhead of calling `unpadV15` and `unpadOAEP`. Please see the associated
> work item for p
On Fri, 3 Feb 2023 01:41:41 GMT, Martin Balao wrote:
> We would like to propose an implementation for the [JDK-8301553: Support
> Password-Based Cryptography in
> SunPKCS11](https://bugs.openjdk.org/browse/JDK-8301553) enhancement
> requirement.
>
> In addition to pursuing the requirement goa
On Tue, 14 Mar 2023 21:23:02 GMT, Xue-Lei Andrew Fan wrote:
> May I get a chance to review it before the integration? I may need more time
> to dig into time-constant issue.
If I read the Bleichenbacher's Attack[1][2] right, the attack works if it can
tell the difference between good condition
On Thu, 23 Feb 2023 18:15:35 GMT, Ahmed Muhsin wrote:
> This change will move the instantiation of BadPaddingException into the
> branch of the if statement where it is thrown. This will decrease the
> overhead of calling `unpadV15` and `unpadOAEP`. Please see the associated
> work item for p
On Thu, 23 Feb 2023 18:15:35 GMT, Ahmed Muhsin wrote:
> This change will move the instantiation of BadPaddingException into the
> branch of the if statement where it is thrown. This will decrease the
> overhead of calling `unpadV15` and `unpadOAEP`. Please see the associated
> work item for p
On Thu, 23 Feb 2023 18:15:35 GMT, Ahmed Muhsin wrote:
> This change will move the instantiation of BadPaddingException into the
> branch of the if statement where it is thrown. This will decrease the
> overhead of calling `unpadV15` and `unpadOAEP`. Please see the associated
> work item for p
On Tue, 14 Mar 2023 14:02:43 GMT, Weijun Wang wrote:
> After this change, `gss_buffer_t` always uses `malloc` and `free`. All others
> use `new` and `delete`. It also initializes several `SecBuffer` to zeroes so
> it's safe to check for null when trying to free them.
LGTM. Thanks!
---
On Tue, 14 Mar 2023 18:46:29 GMT, Matthew Donovan wrote:
>> * Refactored SSLContextTemplate and SSLSocketTemplate to put common code in
>> one base class (SSLContextTemplate)
>> * Updated TLS/SSL tests to extend SSLSocketTemplate where possible.
>> * Updated SSLEngineTemplate to accommodate chan
On Tue, 14 Mar 2023 17:56:07 GMT, Rajan Halade wrote:
> Updated review looks good to me except few minor code cleanup comments.
I went through all the changed files and added @Override where necessary and
cleaned up imports. I think I got them all.
-
PR: https://git.openjdk.org/jd
> * Refactored SSLContextTemplate and SSLSocketTemplate to put common code in
> one base class (SSLContextTemplate)
> * Updated TLS/SSL tests to extend SSLSocketTemplate where possible.
> * Updated SSLEngineTemplate to accommodate changes in SSLContextTemplate. To
> keep this changeset to a reaso
On Wed, 1 Mar 2023 15:30:19 GMT, Matthew Donovan wrote:
>> * Refactored SSLContextTemplate and SSLSocketTemplate to put common code in
>> one base class (SSLContextTemplate)
>> * Updated TLS/SSL tests to extend SSLSocketTemplate where possible.
>> * Updated SSLEngineTemplate to accommodate chang
On Tue, 14 Mar 2023 17:18:46 GMT, Rajan Halade wrote:
>> removed
>
> Don't see this file deleted in PR.
It was still being used by an "engine" test in that directory; I removed that
last use and deleted the key manager class.
(there is another bug to refactor the SSLEngine tests.)
---
> * Refactored SSLContextTemplate and SSLSocketTemplate to put common code in
> one base class (SSLContextTemplate)
> * Updated TLS/SSL tests to extend SSLSocketTemplate where possible.
> * Updated SSLEngineTemplate to accommodate changes in SSLContextTemplate. To
> keep this changeset to a reaso
On Mon, 27 Feb 2023 19:11:29 GMT, Matthew Donovan wrote:
>> test/jdk/javax/net/ssl/ALPN/SSLServerSocketAlpnTest.java line 31:
>>
>>> 29: * @bug 8051498 8145849 8158978 8170282
>>> 30: * @summary JEP 244: TLS Application-Layer Protocol Negotiation
>>> Extension
>>> 31: * @compile MyX509Extend
On Fri, 3 Feb 2023 01:41:41 GMT, Martin Balao wrote:
> We would like to propose an implementation for the [JDK-8301553: Support
> Password-Based Cryptography in
> SunPKCS11](https://bugs.openjdk.org/browse/JDK-8301553) enhancement
> requirement.
>
> In addition to pursuing the requirement goa
On Wed, 8 Mar 2023 09:05:19 GMT, Alexey Bakhtin wrote:
> This patch fixes a possible native memory leak in case of a custom native GSS
> provider.
> The actual leak was reported in production.
>
> sun/security/jgss, sun/security/krb5, sun/net/www/protocol/http jtreg tests
> are passed
This pu
On Tue, 14 Mar 2023 16:35:30 GMT, Daniel Fuchs wrote:
> Thanks Alexey. Tests returned green. Good to go!
Thank you a lot for review
-
PR: https://git.openjdk.org/jdk/pull/12920
On Tue, 14 Mar 2023 15:09:04 GMT, Alexey Bakhtin wrote:
>> This patch fixes a possible native memory leak in case of a custom native
>> GSS provider.
>> The actual leak was reported in production.
>>
>> sun/security/jgss, sun/security/krb5, sun/net/www/protocol/http jtreg tests
>> are passed
>
On Wed, 1 Feb 2023 18:10:41 GMT, Jamil Nimeh wrote:
> Hello all,
>
> This addresses a test bug where the SimpleOCSPServer would reset the
> connections made by a client CertPathValidator. I've made some minor changes
> to how the network data is read and sent from OCSP HTTP GET URLs and on
>
On Tue, 14 Mar 2023 15:01:07 GMT, Weijun Wang wrote:
>> Jamil Nimeh has updated the pull request with a new target base due to a
>> merge or a rebase. The pull request now contains 11 commits:
>>
>> - merge with main
>> - merge with main
>> - 8300939: sun/security/provider/certpath/OCSP/OCSP
On Tue, 14 Mar 2023 14:30:21 GMT, Daniel Fuchs wrote:
>> Alexey Bakhtin has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> More space after catch
>
> src/java.base/share/classes/sun/net/www/protocol/http/Negotiator.java line 86:
>
>> 84:
On Tue, 14 Mar 2023 14:24:20 GMT, Jamil Nimeh wrote:
>> Hello all,
>>
>> This addresses a test bug where the SimpleOCSPServer would reset the
>> connections made by a client CertPathValidator. I've made some minor
>> changes to how the network data is read and sent from OCSP HTTP GET URLs and
> This patch fixes a possible native memory leak in case of a custom native GSS
> provider.
> The actual leak was reported in production.
>
> sun/security/jgss, sun/security/krb5, sun/net/www/protocol/http jtreg tests
> are passed
Alexey Bakhtin has updated the pull request incrementally with o
On Tue, 14 Mar 2023 14:24:20 GMT, Jamil Nimeh wrote:
>> Hello all,
>>
>> This addresses a test bug where the SimpleOCSPServer would reset the
>> connections made by a client CertPathValidator. I've made some minor
>> changes to how the network data is read and sent from OCSP HTTP GET URLs and
On Mon, 13 Mar 2023 17:33:12 GMT, Alexey Bakhtin wrote:
>> This patch fixes a possible native memory leak in case of a custom native
>> GSS provider.
>> The actual leak was reported in production.
>>
>> sun/security/jgss, sun/security/krb5, sun/net/www/protocol/http jtreg tests
>> are passed
>
> Hello all,
>
> This addresses a test bug where the SimpleOCSPServer would reset the
> connections made by a client CertPathValidator. I've made some minor changes
> to how the network data is read and sent from OCSP HTTP GET URLs and on
> responses, respectively. This will take the test off
After this change, `gss_buffer_t` always uses `malloc` and `free`. All others
use `new` and `delete`. It also initializes several `SecBuffer` to zeroes so
it's safe to check for null when trying to free them.
-
Commit messages:
- the fix
Changes: https://git.openjdk.org/jdk/pull/1
On Thu, 9 Mar 2023 16:02:33 GMT, Alexey Bakhtin wrote:
>> This patch fixes a possible native memory leak in case of a custom native
>> GSS provider.
>> The actual leak was reported in production.
>>
>> sun/security/jgss, sun/security/krb5, sun/net/www/protocol/http jtreg tests
>> are passed
>
On Tue, 28 Feb 2023 19:09:00 GMT, Eirik Bjorsnos wrote:
> The `-altsigner` and `-altsignerpath` options in JarSigner with the
> underlying `ContentSigner` mechanism were deprected in Java 9, for removal in
> Java 15. See [JDK-8076535](https://bugs.openjdk.org/browse/JDK-8076535),
> [JDK-824226
On Thu, 2 Feb 2023 18:33:23 GMT, Jamil Nimeh wrote:
>> Hello all,
>>
>> This addresses a test bug where the SimpleOCSPServer would reset the
>> connections made by a client CertPathValidator. I've made some minor
>> changes to how the network data is read and sent from OCSP HTTP GET URLs and
31 matches
Mail list logo
