On Tue, 19 Nov 2024 20:43:25 GMT, Sean Mullan wrote:
> Now that JEP 486 has been integrated, `java.security.jgss` and
> `jdk.security.jgss` module dependencies on `System.getSecurityManager` and
> `AccessController.doPrivileged*` can be removed.
>
> There is an undocumented property named "sun
Hi all,
There may be problems with the j2gss.dll and sspi_bridge.dll files added in the
backports of JDK-8200468 [1] and JDK-6722928 [2] for 8u.
Some Windows properties are missing in these files.
- j2gss.dll and sspi_bridge.dll
InternalName:
OriginalFilename:
FileVersion:
FileDescription:
Pro
On Tue, 19 Nov 2024 18:01:42 GMT, Volodymyr Paprotski
wrote:
>> Measuring throughput with JMH parameters `-f 1 -i 2 -wi 3 -r 20 -w 30 -p
>> algorithm=AES/CBC/NoPadding -p dataSize=3000 -p provider=SunJCE -p
>> keyLength=128 org.openjdk.bench.javax.crypto.full.AESBench`
>>
>> Before:
>>
On Tue, 19 Nov 2024 20:43:25 GMT, Sean Mullan wrote:
> Now that JEP 486 has been integrated, `java.security.jgss` and
> `jdk.security.jgss` module dependencies on `System.getSecurityManager` and
> `AccessController.doPrivileged*` can be removed.
>
> There is an undocumented property named "sun
On Tue, 19 Nov 2024 18:01:42 GMT, Volodymyr Paprotski
wrote:
>> Measuring throughput with JMH parameters `-f 1 -i 2 -wi 3 -r 20 -w 30 -p
>> algorithm=AES/CBC/NoPadding -p dataSize=3000 -p provider=SunJCE -p
>> keyLength=128 org.openjdk.bench.javax.crypto.full.AESBench`
>>
>> Before:
>>
On Wed, 20 Nov 2024 20:27:48 GMT, Ben Perez wrote:
>> Java implementation of ML-KEM, the [FIPS
>> 203](https://csrc.nist.gov/pubs/fips/203/final) post-quantum KEM scheme.
>> Depends on https://github.com/openjdk/jdk/pull/21167
>
> Ben Perez has updated the pull request incrementally with one ad
> In addition to the goals, scope, motivation, specification and requirement
> notes in [JDK-8315487](https://bugs.openjdk.org/browse/JDK-8315487), we would
> like to describe the most relevant decisions taken during the implementation
> of this enhancement. These notes are organized by feature,
On Wed, 20 Nov 2024 20:53:35 GMT, Artur Barashev wrote:
>> These cipher suites do not preserve forward-secrecy and are not commonly
>> used. Other TLS implementations (ex: Rustls) do not support or enable these
>> suites by default. RFC 9325 [1] states that these suites should not be used.
>>
On Wed, 20 Nov 2024 20:57:13 GMT, Sean Mullan wrote:
> Missed a copyright update on
> `test/jdk/javax/net/ssl/ciphersuites/DisabledAlgorithms.java`. Otherwise
> looks good.
Please refresh this PR, copyright has been fixed already.
-
PR Comment: https://git.openjdk.org/jdk/pull/22
On Tue, 19 Nov 2024 18:01:42 GMT, Volodymyr Paprotski
wrote:
>> Measuring throughput with JMH parameters `-f 1 -i 2 -wi 3 -r 20 -w 30 -p
>> algorithm=AES/CBC/NoPadding -p dataSize=3000 -p provider=SunJCE -p
>> keyLength=128 org.openjdk.bench.javax.crypto.full.AESBench`
>>
>> Before:
>>
> These cipher suites do not preserve forward-secrecy and are not commonly
> used. Other TLS implementations (ex: Rustls) do not support or enable these
> suites by default. RFC 9325 [1] states that these suites should not be used.
> The IETF Draft "Deprecating Obsolete Key Exchange Methods in T
On Tue, 19 Nov 2024 18:01:42 GMT, Volodymyr Paprotski
wrote:
>> Measuring throughput with JMH parameters `-f 1 -i 2 -wi 3 -r 20 -w 30 -p
>> algorithm=AES/CBC/NoPadding -p dataSize=3000 -p provider=SunJCE -p
>> keyLength=128 org.openjdk.bench.javax.crypto.full.AESBench`
>>
>> Before:
>>
> These cipher suites do not preserve forward-secrecy and are not commonly
> used. Other TLS implementations (ex: Rustls) do not support or enable these
> suites by default. RFC 9325 [1] states that these suites should not be used.
> The IETF Draft "Deprecating Obsolete Key Exchange Methods in T
> Java implementation of ML-KEM, the [FIPS
> 203](https://csrc.nist.gov/pubs/fips/203/final) post-quantum KEM scheme.
> Depends on https://github.com/openjdk/jdk/pull/21167
Ben Perez has updated the pull request incrementally with one additional commit
since the last revision:
ML_KEM no long
> Java implementation of ML-KEM, the [FIPS
> 203](https://csrc.nist.gov/pubs/fips/203/final) post-quantum KEM scheme.
> Depends on https://github.com/openjdk/jdk/pull/21167
Ben Perez has updated the pull request incrementally with one additional commit
since the last revision:
Added ML-KEM t
> These cipher suites do not preserve forward-secrecy and are not commonly
> used. Other TLS implementations (ex: Rustls) do not support or enable these
> suites by default. RFC 9325 [1] states that these suites should not be used.
> The IETF Draft "Deprecating Obsolete Key Exchange Methods in T
> These cipher suites do not preserve forward-secrecy and are not commonly
> used. Other TLS implementations (ex: Rustls) do not support or enable these
> suites by default. RFC 9325 [1] states that these suites should not be used.
> The IETF Draft "Deprecating Obsolete Key Exchange Methods in T
On Tue, 19 Nov 2024 01:17:55 GMT, Brian Burkhalter wrote:
> Expunge the use of the `SecurityManager`, `AccessController`, and the like
> from the `jdk.sctp` module.
src/jdk.sctp/unix/classes/sun/nio/ch/sctp/SctpChannelImpl.java line 1085:
> 1083: }
> 1084:
> 1085: @SuppressWarnings({"
On Tue, 19 Nov 2024 16:27:54 GMT, Eirik Bjørsnøs wrote:
>> Magnus Ihse Bursie has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> It's somewhat nicer to use \\s instead of space character in regex
>
> Is the warning log when pandoc is not in
On Wed, 30 Oct 2024 18:12:30 GMT, Matthew Donovan wrote:
>> In this PR, I removed hard-coded security providers and replaced them with a
>> system property, test.provider.name. If the property is not specified, the
>> provider originally used in the test is used:
>>
>> Cipher c = Cipher.getIns
On Wed, 20 Nov 2024 13:53:23 GMT, Sean Mullan wrote:
>> Artur Barashev has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Remove the empty lines added
>
> test/jdk/javax/net/ssl/SSLEngine/Basics.java line 60:
>
>> 58:
>> 59: public st
On Wed, 20 Nov 2024 14:46:21 GMT, Sean Mullan wrote:
>> Artur Barashev has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Remove the empty lines added
>
> test/jdk/javax/net/ssl/sanity/ciphersuites/CheckCipherSuites.java line 1:
>
>> 1: /*
On Wed, 20 Nov 2024 14:44:38 GMT, Sean Mullan wrote:
>> Artur Barashev has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Remove the empty lines added
>
> test/jdk/javax/net/ssl/DTLS/DTLSMFLNTest.java line 56:
>
>> 54: public class DTLSMFL
On Wed, 20 Nov 2024 09:07:40 GMT, Matthias Baesken wrote:
>> SAP complains about SSLSocketNoServerHelloClientShutdown timing out in their
>> test environment (concurrent test execution with high CPU load). This change
>> addresses this issue in 2 ways:
>> - Increase default timeout value
>> - A
> These cipher suites do not preserve forward-secrecy and are not commonly
> used. Other TLS implementations (ex: Rustls) do not support or enable these
> suites by default. RFC 9325 [1] states that these suites should not be used.
> The IETF Draft "Deprecating Obsolete Key Exchange Methods in T
> SAP complains about SSLSocketNoServerHelloClientShutdown timing out in their
> test environment (concurrent test execution with high CPU load). This change
> addresses this issue in 2 ways:
> - Increase default timeout value
> - Allow adjustment of timeout value by setting "test.timeout.factor"
On Tue, 19 Nov 2024 21:57:04 GMT, Artur Barashev wrote:
>> These cipher suites do not preserve forward-secrecy and are not commonly
>> used. Other TLS implementations (ex: Rustls) do not support or enable these
>> suites by default. RFC 9325 [1] states that these suites should not be used.
>>
> Please review this patch which removes unnecessary `@SuppressWarnings`
> annotations.
Archie Cobbs has updated the pull request incrementally with one additional
commit since the last revision:
Remove another unnecessary @SuppressWarnings annotation.
-
Changes:
- all: https:
On Wed, 20 Nov 2024 02:18:15 GMT, Hai-May Chao wrote:
> The original code uses zf.getEntry() first which is direct and may not need
> to iterate over all entries in the ZIP file, and it does not issue a warning
> for multiple manifest entries. The new change uses the zf.stream() approach
> to
On Tue, 19 Nov 2024 10:48:37 GMT, Eirik Bjørsnøs wrote:
> Please review this trivial cleanup of an unused import of
> `AccessControlContext ` in `JavaLangAccess`.
>
> This was left over after #22035 removed
> `JavaLangAccess::newThreadWithAcc(Runnable, AccessControlContext)`.
>
> Verificatio
On Tue, 19 Nov 2024 21:10:22 GMT, Bradford Wetmore wrote:
>> can't see it used anywhere. I went back to an old (2007) copy of
>> SSLSessionImpl and there it used the "ssl" category.
>>
>> `private static final Debug debug = Debug.getInstance("ssl");`
>>
>> No debug statements were implemented
On Tue, 19 Nov 2024 20:56:13 GMT, Bradford Wetmore wrote:
>> `sslexpandhandshakeverbose` works in the new implementation.
>>
>> the `sslOn `boolean is a fast path helper. We fall back to matching per
>> debug option if required.
>>
>> I'm going to suggest that we shouldn't have to accept
>>
On Wed, 20 Nov 2024 01:23:10 GMT, Artur Barashev wrote:
> SAP complains about SSLSocketNoServerHelloClientShutdown timing out in their
> test environment (concurrent test execution with high CPU load). This change
> addresses this issue in 2 ways:
> - Increase default timeout value
> - Allow ad
33 matches
Mail list logo
