> New functionality in the -XshowSettings menu to display relevant information
> about JDK security configuration
Sean Coffey has updated the pull request with a new target base due to a merge
or a rebase. The incremental webrev excludes the unrelated changes brought in
by the merge/rebase. The
On Fri, 9 Jun 2023 13:54:14 GMT, Sean Coffey wrote:
> New functionality in the -XshowSettings menu to display relevant information
> about JDK security configuration
This pull request has now been integrated.
Changeset: 2e12a123
Author:Sean Coffey
URL:
https://git.openjdk.org/jdk/c
On Wed, 12 Jul 2023 16:17:49 GMT, Glavo wrote:
>> Maybe a small suggestion to make it clear whats wanted here. In other
>> projects I am involved in (Apache Lucene/Solr, Apache TIKA, PostgresSQL
>> JDBC, Checkstyle itsself, Elasticserach/Opensearch), which use the
>> [forbiddenapis Maven/Gradl
On Fri, 14 Jul 2023 05:06:14 GMT, Anthony Scarpino
wrote:
>> Valerie Peng has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Address review feedbacks, e.g. Removed RSAPadding.Output and use byte[] as
>> before.
>
> src/java.base/share/cla
On Fri, 14 Jul 2023 10:24:47 GMT, Alan Bateman wrote:
> It might be that the conclusion is that it's just too risky to change, in
> which case Uwe's suggestion is good and would avoid it showing up on
> someone's else radar in the future.
Until we're sure we want to normalize a usage of `toLow
On Fri, 14 Jul 2023 13:01:46 GMT, Glavo wrote:
>>> However, while I think this corrects the behavior, this caused a change in
>>> the behavior of the API, so a CSR may be required. I don't want to debate
>>> this in this PR, so I'll revert this change and open a new PR in the future.
>>
>> Str
- Original Message -
> From: "Uwe Schindler"
> To: "core-libs-dev" , net-...@openjdk.org,
> nio-...@openjdk.org, security-dev@openjdk.org
> Sent: Wednesday, July 12, 2023 6:08:17 PM
> Subject: Re: RFR: 8311943: Cleanup usages of toLowerCase() and toUpperCase()
> in java.base [v2]
> On W
On Thu, 13 Jul 2023 16:31:41 GMT, Xue-Lei Andrew Fan wrote:
>> Sorry for the delay on any updates here.
>>
>> I updated this branch and verified the tests still pass. I ran jdk_security3
>> tests from test/jdk/TEST.groups. Is there anything else I should do to test
>> this change?
>
> SSLSock
On Thu, 13 Jul 2023 22:57:49 GMT, Pavel Rappo wrote:
>> Please review this PR to use modern APIs and language features to simplify
>> `equals` and `hashCode` in security area.
>>
>> I understand that security area is sensitive and a non-expert, such as
>> myself, should tread carefully; so bel
On Fri, 14 Jul 2023 14:16:00 GMT, Matthew Donovan wrote:
> TransportContext also has a `protocolVersion` field. Is it possible to just
> use that instead?
Did you mean a change in duplexCloseOutput() like the following?
- // The protocol version may have been negotiated.
-
On Fri, 14 Jul 2023 16:44:10 GMT, Xue-Lei Andrew Fan wrote:
>> The only lock I added was in `TransportContext` to synchronize access to the
>> `handshakeContext` field, but I understand your reluctance to make any
>> changes with locks. The problem is that SSLSocketImpl tries to access
>> `con
On Tue, 11 Jul 2023 18:09:26 GMT, Craig Andrews wrote:
> When loading the default JVM trust store, if the JVM trust store contains an
> invalid certificate, the exception contains insufficient information to
> determine which certificate is invalid, making it very difficult to fix the
> proble
> In this PR, I added methods to the TransportContext class to synchronize
> access to the handshakeContext field. I also updated locations in the code
> that rely on the handshakeContext field to not be null to use the
> synchronized methods.
>
> Thanks
Matthew Donovan has updated the pull re
On Wed, 12 Jul 2023 23:12:18 GMT, Valerie Peng wrote:
>> This change refactors the RSAPadding class to return an output record
>> containing the status instead of relying on exception object to indicate a
>> failure.
>>
>> Thanks in advance for review~
>> Valerie
>
> Valerie Peng has updated t
On Tue, 11 Jul 2023 18:09:26 GMT, Craig Andrews wrote:
> When loading the default JVM trust store, if the JVM trust store contains an
> invalid certificate, the exception contains insufficient information to
> determine which certificate is invalid, making it very difficult to fix the
> proble
On Fri, 14 Jul 2023 20:00:55 GMT, Matthew Donovan wrote:
>> In this PR, I added methods to the TransportContext class to synchronize
>> access to the handshakeContext field. I also updated locations in the code
>> that rely on the handshakeContext field to not be null to use the
>> synchronize
> This change adds back the Reference.ReachabilityFence(Object) call removed by
> [JDK-8301553](https://bugs.openjdk.org/browse/JDK-8301553).
>
> Please help review.
> Thanks!
> Valerie
Valerie Peng has updated the pull request incrementally with one additional
commit since the last revision:
On Fri, 14 Jul 2023 03:04:13 GMT, Xue-Lei Andrew Fan wrote:
> > > > It looks good to me to rollback to previous behaviors. I was just
> > > > wondering, if the use of key in other methods, like
> > > > hashCode()/equals(), has the similar issue? Thanks!
> > >
> > >
> > > For the usage of hash
On Fri, 14 Jul 2023 21:57:32 GMT, Valerie Peng wrote:
>> This change adds back the Reference.ReachabilityFence(Object) call removed
>> by [JDK-8301553](https://bugs.openjdk.org/browse/JDK-8301553).
>>
>> Please help review.
>> Thanks!
>> Valerie
>
> Valerie Peng has updated the pull request inc
19 matches
Mail list logo
