RFR: 8311546: Certificate name constraints improperly validated with leading period

Updated the `constrains` method in `DNSName.java` to accept certificates with a leading period. - Commit messages: - removed tabs - replaced tabs with spaces - Merge branch 'openjdk:master' into JDK-8311546 - Changed documentation for LeadingPeriod test - Removed unnecessary doc

RFR: 8318689: jtreg is confused when folder name is the same as the test name

Rename the test. - Commit messages: - the fix Changes: https://git.openjdk.org/jdk/pull/16323/files Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=16323&range=00 Issue: https://bugs.openjdk.org/browse/JDK-8318689 Stats: 2 lines in 1 file changed: 0 ins; 0 del; 2 mod Patch:

Re: KrbException exception does not contain error string although error is well-known

Nothing at hand, at the moment. I was first waiting for you to confirm the issue. I think two distinct PRs are necessary here with two JBS issues? M On 2023-09-20 20:06, Wei-Jun Wang wrote: I'll look into it. Thanks! Do you have a patch? :-) --Max On Aug 9, 2023, at 3:30 AM, Osipov, Michae

Re: The fix for JDK-806769 breaks some ldap usages.

Sent from my iPhone

Re: HttpURLConnection cache issues leading to crashes in JGSS w/ native GSS introduced by 8303809

On Mon, Oct 23, 2023 at 04:26:42PM +0100, Michael McMahon wrote: > Thanks for bringing this to our attention. You are right that this is a > misuse of the authentication cache in the case of Kerberos (Negotiate) > authentication. Though that is not the case for other auth schemes, because > normall

RFR: 8318479: [jmh] the test security.CacheBench failed for multiple threads run

Remove the hardcoded maximum heap size. Verified that the benchmark now passes with 100 threads given sufficient heap: make test TEST=micro:CacheBench MICRO="OPTIONS=-t 100;JAVA_OPTIONS=-Xmx16g" - Commit messages: - Remove hardcoded Xmx Changes: https://git.openjdk.org/jdk/pull/16

Re: HttpURLConnection cache issues leading to crashes in JGSS w/ native GSS introduced by 8303809

Hi, Thanks for bringing this to our attention. You are right that this is a misuse of the authentication cache in the case of Kerberos (Negotiate) authentication. Though that is not the case for other auth schemes, because normally what gets cached are credentials, rather than security tokens

Re: RFR: 8318240: [AIX] Cleaners.java test failure

On Thu, 19 Oct 2023 11:53:30 GMT, Matthias Baesken wrote: >> When the test sets the sun.security.jgss.native and >> sun.security.nativegss.debug as true, the test fails on AIX due to missing >> Kerberos GSS API dynamic library` libgssapi_krb5.so` >> >> JBS Issue : [JDK-8318240](https://bugs.o

Re: RFR: 8295343: sun/security/pkcs11 tests fail on Linux RHEL 8.6 and newer [v3]

> Hello, > > In this PR I removed NSS tests from the ProblemList and updated NssTest to > use Sqlite databases. I also removed code in PKCS11Test.java that falls back > to NSS libraries installed on the test system. The tests can still be run > with different NSS libraries but they have to be s

Re: RFR: 8295343: sun/security/pkcs11 tests fail on Linux RHEL 8.6 and newer [v2]

On Mon, 23 Oct 2023 10:25:56 GMT, Arno Zeller wrote: > I am not sure, but shouldn`t the change also adopt the documentation in > test/jdk/sun/security/pkcs11/README Good catch! - PR Comment: https://git.openjdk.org/jdk/pull/16294#issuecomment-1775011697

Re: RFR: 8295343: sun/security/pkcs11 tests fail on Linux RHEL 8.6 and newer [v2]

On Sun, 22 Oct 2023 12:08:52 GMT, Matthew Donovan wrote: >> Hello, >> >> In this PR I removed NSS tests from the ProblemList and updated NssTest to >> use Sqlite databases. I also removed code in PKCS11Test.java that falls back >> to NSS libraries installed on the test system. The tests can st