On Thu, 14 Nov 2024 20:59:36 GMT, Artur Barashev wrote:
>> Given this is a performance change, I'm fine with leaving it as is. Jumping
>> to a helper method with an encrypt/decrypt conditional check for every
>> crypto op will costs performance. This is a case where more efficient code
>> is
Please review this PR to clean up SM use in `java.net.Authenticator`,
`java.net.CookieHandler`, and `java.net.ResponseCache` after JEP 486
integration.
* `Authenticator` is updated to remove calls to SM::checkPermission`
* `CookieHandler` is updated to remove calls to SM::checkPermission` and re
On Thu, 14 Nov 2024 21:17:01 GMT, Michael McMahon wrote:
>> Please find here a patch that cleans up the java.net.http module code to
>> remove permission checks and doPriviliged calls.
>> This was mostly mechanical.
>
> test/jdk/java/net/httpclient/whitebox/java.net.http/jdk/internal/net/http/Si
> Please find here a patch that cleans up the java.net.http module code to
> remove permission checks and doPriviliged calls.
> This was mostly mechanical.
Daniel Fuchs has updated the pull request with a new target base due to a merge
or a rebase. The incremental webrev excludes the unrelated c
On Fri, 15 Nov 2024 14:46:33 GMT, Magnus Ihse Bursie wrote:
>> Currently, the man pages are stored as troff (a text format) in the open
>> repo, and a content-wise identical copy is stored as markdown (another text
>> format) in the closed repo.
>>
>> Since markdown is preferred to troff in te
On Thu, 14 Nov 2024 20:40:46 GMT, Daniel Fuchs wrote:
> Please find here a patch that cleans up the java.net.http module code to
> remove permission checks and doPriviliged calls.
> This was mostly mechanical.
This pull request has now been integrated.
Changeset: 40a055eb
Author:Daniel Fuc
On Fri, 15 Nov 2024 15:00:39 GMT, Christian Stein wrote:
>> Magnus Ihse Bursie has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Fix regexes in CheckManPageOptions
>
> test/langtools/jdk/javadoc/tool/CheckManPageOptions.java line 277:
>
>
On Fri, 15 Nov 2024 10:31:11 GMT, Jaikiran Pai wrote:
> Can I please get a review of this change which removes calls to
> `SecurityManager` and `AccessController.doPrivileged()` from the
> `ProxySelector` and `DefaultProxySelector` classes?
>
> Apart from the trivial removing of those calls, t
On Fri, 15 Nov 2024 12:52:28 GMT, Artur Barashev wrote:
>> I don't think it matters either way performance-wise, or from any other
>> point of view in this case, but as a rule of thumb, I think for
>> readability/maintainability it is worth to give up a bit of code size
>> (especially if that
On Fri, 18 Oct 2024 03:08:49 GMT, Artur Barashev wrote:
> The current syntax of the jdk.tls.disabledAlgorithms makes it difficult to
> disable algorithms that affect both the key exchange and authentication parts
> of a TLS cipher suite. For example, if you add "RSA" to the
> jdk.tls.disabledA
On Tue, 22 Oct 2024 20:48:19 GMT, Artur Barashev wrote:
> `SSLAlgorithmDecomposer.decomposes(CipherSuite.KeyExchange keyExchange)`
> method is missing the `null` case: TLSv1.3 cipher suites with ECDHE being
> used for both key exchange and authentication have `null` for KeyExchange
> object.
On Fri, 15 Nov 2024 10:31:11 GMT, Jaikiran Pai wrote:
> Can I please get a review of this change which removes calls to
> `SecurityManager` and `AccessController.doPrivileged()` from the
> `ProxySelector` and `DefaultProxySelector` classes?
>
> Apart from the trivial removing of those calls, t
> Remove Hotspot code that passes protection_domain around class loading so
> that checkPackageAccess can be called and the result stored. With the
> removal of the Security Manager in JEP 486, this code no longer does anything.
>
> Tested with tier1-4.
Coleen Phillimore has updated the pull r
On Fri, 15 Nov 2024 23:43:33 GMT, Coleen Phillimore wrote:
>> Remove Hotspot code that passes protection_domain around class loading so
>> that checkPackageAccess can be called and the result stored. With the
>> removal of the Security Manager in JEP 486, this code no longer does
>> anything.
> Can I please get a review of this change which removes calls to
> `SecurityManager` and `AccessController.doPrivileged()` from the
> `ProxySelector` and `DefaultProxySelector` classes?
>
> Apart from the trivial removing of those calls, the commit in this PR also
> removes the `getProxySelect
On Fri, 15 Nov 2024 17:15:15 GMT, Vladimir Ivanov wrote:
>> This patch remove access to the shared variable to fix scalability issue in
>> the multithread environment. According to testing by the
>> specjvm2008::crypto.rsa the one thread performance reduced for less than 1%
>> while the score
On Tue, 15 Oct 2024 14:53:42 GMT, Youliang Guo wrote:
> this PR shall link to JDK-8298390 Implementing ML-KEM key encapsulation
> mechanism. Not JEP task [JDK-8339009]
fixed
-
PR Comment: https://git.openjdk.org/jdk/pull/21478#issuecomment-2479456570
On Fri, 15 Nov 2024 09:00:29 GMT, Eirik Bjørsnøs wrote:
> Please review this PR to clean up SM use in `java.net.Authenticator`,
> `java.net.CookieHandler`, and `java.net.ResponseCache` after JEP 486
> integration.
>
> * `Authenticator` is updated to remove calls to SM::checkPermission`
> * `Co
> This patch remove access to the shared variable to fix scalability issue in
> the multithread environment. According to testing by the
> specjvm2008::crypto.rsa the one thread performance reduced for less than 1%
> while the score for the multithread run increased in ~2x. For the 2 socket
> s
On Wed, 13 Nov 2024 18:37:58 GMT, Kevin Driver wrote:
> JDK-8320743: The particular issues mentioned in the bug report seem to be
> behaving as desired at this point, but we will prefer ProviderException over
> RuntimeException in these classes.
Change looks fine.
You should set the bug to a `
On Fri, 15 Nov 2024 09:00:29 GMT, Eirik Bjørsnøs wrote:
> Please review this PR to clean up SM use in `java.net.Authenticator`,
> `java.net.CookieHandler`, and `java.net.ResponseCache` after JEP 486
> integration.
>
> * `Authenticator` is updated to remove calls to SM::checkPermission`
> * `Co
On Fri, 15 Nov 2024 23:43:33 GMT, Coleen Phillimore wrote:
>> Remove Hotspot code that passes protection_domain around class loading so
>> that checkPackageAccess can be called and the result stored. With the
>> removal of the Security Manager in JEP 486, this code no longer does
>> anything.
On Sat, 16 Nov 2024 02:48:09 GMT, John R Rose wrote:
>> Coleen Phillimore has updated the pull request with a new target base due to
>> a merge or a rebase. The pull request now contains nine commits:
>>
>> - Handle merge conflicts in new resolve_instance_class calls.
>> - Merge branch 'maste
On Fri, 15 Nov 2024 09:00:29 GMT, Eirik Bjørsnøs wrote:
> Please review this PR to clean up SM use in `java.net.Authenticator`,
> `java.net.CookieHandler`, and `java.net.ResponseCache` after JEP 486
> integration.
>
> * `Authenticator` is updated to remove calls to SM::checkPermission`
> * `Co
Can I please get a review of this change which removes calls to
`SecurityManager` and `AccessController.doPrivileged()` from the
`ProxySelector` and `DefaultProxySelector` classes?
Apart from the trivial removing of those calls, the commit in this PR also
removes the `getProxySelector` and `set
On Fri, 15 Nov 2024 08:32:10 GMT, Ferenc Rakoczi wrote:
>> @ascarpino But a method call should be very cheap, we are adding a bunch of
>> extra implEncrypt/implDecrypt calls here already. Besides, compiler/hotspot
>> will optimize that call if needed. It will be just a method wrapping the
>> `
> Please find here a patch that cleans up the java.net.http module code to
> remove permission checks and doPriviliged calls.
> This was mostly mechanical.
Daniel Fuchs has updated the pull request incrementally with one additional
commit since the last revision:
Review feedback
On Thu, 14 Nov 2024 20:53:02 GMT, Michael McMahon wrote:
>> Please find here a patch that cleans up the java.net.http module code to
>> remove permission checks and doPriviliged calls.
>> This was mostly mechanical.
>
> src/java.net.http/share/classes/jdk/internal/net/http/HttpClientBuilderImpl.
On Thu, 14 Nov 2024 05:45:48 GMT, David Holmes wrote:
>> Coleen Phillimore has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Purge last references to SecurityManager.
>
> src/hotspot/share/classfile/dictionary.cpp line 80:
>
>> 78:
>> 79
> Currently, the man pages are stored as troff (a text format) in the open
> repo, and a content-wise identical copy is stored as markdown (another text
> format) in the closed repo.
>
> Since markdown is preferred to troff in terms of editing, we make changes to
> the man pages in markdown and
On Fri, 15 Nov 2024 01:25:43 GMT, David Holmes wrote:
>> Magnus Ihse Bursie has updated the pull request incrementally with two
>> additional commits since the last revision:
>>
>> - Fix CheckManPageOptions test
>> - Remove classpath exception
>
>> > Now `CheckManPageOptions` finds the `.md`
On Thu, 14 Nov 2024 11:11:54 GMT, Magnus Ihse Bursie wrote:
>> Currently, the man pages are stored as troff (a text format) in the open
>> repo, and a content-wise identical copy is stored as markdown (another text
>> format) in the closed repo.
>>
>> Since markdown is preferred to troff in te
> Currently, the man pages are stored as troff (a text format) in the open
> repo, and a content-wise identical copy is stored as markdown (another text
> format) in the closed repo.
>
> Since markdown is preferred to troff in terms of editing, we make changes to
> the man pages in markdown and
On Thu, 14 Nov 2024 14:42:30 GMT, Alan Bateman wrote:
>> Coleen Phillimore has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> More obsolete code. Fix trace_class_resolution (doesn't throw exception -
>> shouldn't take TRAPS).
>
> I see a
On Fri, 15 Nov 2024 10:31:11 GMT, Jaikiran Pai wrote:
> Can I please get a review of this change which removes calls to
> `SecurityManager` and `AccessController.doPrivileged()` from the
> `ProxySelector` and `DefaultProxySelector` classes?
>
> Apart from the trivial removing of those calls, t
On Fri, 15 Nov 2024 11:26:50 GMT, Daniel Fuchs wrote:
> No CSR needed for removing those permissions. There's no visible change to
> the public APIs, and no behavior change that was not already covered by JEP
> 486 CSR, since permissions checks have now become deadcode. Or am I missing
> somet
On Fri, 15 Nov 2024 09:10:51 GMT, Daniel Fuchs wrote:
>> test/jdk/java/net/httpclient/whitebox/java.net.http/jdk/internal/net/http/SimpleSSLContext.java
>> line 45:
>>
>>> 43: * Creates a simple usable SSLContext for SSLSocketFactory
>>> 44: * or a HttpsServer using a default keystore in the
> Please find here a patch that cleans up the java.net.http module code to
> remove permission checks and doPriviliged calls.
> This was mostly mechanical.
Daniel Fuchs has updated the pull request incrementally with one additional
commit since the last revision:
Jaikiran's feedback
On Fri, 15 Nov 2024 13:15:42 GMT, Jaikiran Pai wrote:
>> Daniel Fuchs has updated the pull request with a new target base due to a
>> merge or a rebase. The incremental webrev excludes the unrelated changes
>> brought in by the merge/rebase. The pull request contains three additional
>> commit
On Fri, 15 Nov 2024 14:07:10 GMT, Daniel Fuchs wrote:
>> Please find here a patch that cleans up the java.net.http module code to
>> remove permission checks and doPriviliged calls.
>> This was mostly mechanical.
>
> Daniel Fuchs has updated the pull request incrementally with one additional
>
On Fri, 15 Nov 2024 10:25:18 GMT, Daniel Fuchs wrote:
>> Please find here a patch that cleans up the java.net.http module code to
>> remove permission checks and doPriviliged calls.
>> This was mostly mechanical.
>
> Daniel Fuchs has updated the pull request with a new target base due to a
> me
On Fri, 15 Nov 2024 10:25:18 GMT, Daniel Fuchs wrote:
>> Please find here a patch that cleans up the java.net.http module code to
>> remove permission checks and doPriviliged calls.
>> This was mostly mechanical.
>
> Daniel Fuchs has updated the pull request with a new target base due to a
> me
On Thu, 14 Nov 2024 16:20:22 GMT, Artur Barashev wrote:
>> Volodymyr Paprotski has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> comments from Kevin
>
> src/java.base/share/classes/com/sun/crypto/provider/CipherBlockChaining.java
> line 6
On Thu, 14 Nov 2024 17:19:54 GMT, Sean Mullan wrote:
> Now that JEP 486 is integrated, the jdk.crypto.mscapi module implementation
> dependencies on System.getSecurityManager and AccessController.doPrivileged
> can be removed.
This pull request has now been integrated.
Changeset: fc8fb34f
Aut
On Thu, 14 Nov 2024 19:53:42 GMT, Sean Mullan wrote:
>> Now that JEP 486 is integrated, the jdk.crypto.mscapi module implementation
>> dependencies on System.getSecurityManager and AccessController.doPrivileged
>> can be removed.
>
> Sean Mullan has updated the pull request incrementally with o
On Fri, 15 Nov 2024 14:50:21 GMT, Magnus Ihse Bursie wrote:
>> Currently, the man pages are stored as troff (a text format) in the open
>> repo, and a content-wise identical copy is stored as markdown (another text
>> format) in the closed repo.
>>
>> Since markdown is preferred to troff in te
On Thu, 14 Nov 2024 17:26:13 GMT, Artur Barashev wrote:
>> Volodymyr Paprotski has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> comments from Kevin
>
> src/java.base/share/classes/com/sun/crypto/provider/CipherBlockChaining.java
> line 6
On Fri, 15 Nov 2024 16:55:37 GMT, Volodymyr Paprotski
wrote:
>> src/java.base/share/classes/com/sun/crypto/provider/CipherBlockChaining.java
>> line 63:
>>
>>> 61:
>>> 62: // chunkSize is multiple of block size, but otherwise fairly
>>> arbitrary
>>> 63: // Should be large enough to
On Thu, 14 Nov 2024 00:44:35 GMT, Volodymyr Paprotski
wrote:
>> Measuring throughput with JMH parameters `-f 1 -i 2 -wi 3 -r 20 -w 30 -p
>> algorithm=AES/CBC/NoPadding -p dataSize=3000 -p provider=SunJCE -p
>> keyLength=128 org.openjdk.bench.javax.crypto.full.AESBench`
>>
>> Before:
>>
Now that JEP 486 is integrated, javax.crypto and com.sun.crypto implementation
dependencies on System.getSecurityManager and AccessController.doPrivileged can
be removed.
-
Commit messages:
- Initial cleanup.
Changes: https://git.openjdk.org/jdk/pull/22164/files
Webrev: https://
On Fri, 15 Nov 2024 11:37:55 GMT, Jaikiran Pai wrote:
> > No CSR needed for removing those permissions. There's no visible change to
> > the public APIs, and no behavior change that was not already covered by JEP
> > 486 CSR, since permissions checks have now become deadcode. Or am I missing
>
On Mon, 4 Nov 2024 18:43:30 GMT, Weijun Wang wrote:
> Please implement the key checks at the beginnings of sections 7.2 and 7.3 of
> FIPS 203 in `implCheckPublicKey` and `implCheckPrivateKey` so it can detected
> earlier in `newEcapsulator` and `newDecapsulator`.
>
> The current `isValidDecaps
On Fri, 15 Nov 2024 18:55:44 GMT, Volodymyr Paprotski
wrote:
>> src/java.base/share/classes/com/sun/crypto/provider/CipherBlockChaining.java
>> line 65:
>>
>>> 63: // Should be large enough to provide intrinsic with optimization
>>> 64: // opportunities
>>> 65: private final int ch
These cipher suites do not preserve forward-secrecy and are not commonly used.
Other TLS implementations (ex: Rustls) do not support or enable these suites by
default. RFC 9325 [1] states that these suites should not be used. The IETF
Draft "Deprecating Obsolete Key Exchange Methods in TLS" [2]
On Thu, 14 Nov 2024 06:28:25 GMT, Prasadrao Koppula
wrote:
>> src/java.base/share/classes/javax/net/ssl/TrustManagerFactory.java line 283:
>>
>>> 281: if (ks != null && SSLLogger.isOn &&
>>> SSLLogger.isOn("trustmanager")) {
>>> 282: String keystorePath = SharedSecrets
>>>
On Fri, 15 Nov 2024 23:43:33 GMT, Coleen Phillimore wrote:
>> Remove Hotspot code that passes protection_domain around class loading so
>> that checkPackageAccess can be called and the result stored. With the
>> removal of the Security Manager in JEP 486, this code no longer does
>> anything.
On Fri, 15 Nov 2024 10:31:46 GMT, Daniel Fuchs wrote:
> Changes look good. Please run tier2 to validate.
tier2 ran to completion with only the `VerifyJimage.java` test failing. So
seems okay.
-
PR Comment: https://git.openjdk.org/jdk/pull/22139#issuecomment-2479463011
57 matches
Mail list logo
