> * Changed security/auth/callback/TextCallbackHandler/Password.java to run
> with JTReg, now the dialog box with instructions will appear as a ui
Mikhail Yankelevich has updated the pull request incrementally with one
additional commit since the last revision:
Wording change, command is sing
On Thu, 23 Jan 2025 15:59:13 GMT, Weijun Wang wrote:
>> Mikhail Yankelevich has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> typos
>
> test/jdk/com/sun/security/auth/callback/TextCallbackHandler/Password.java
> line 55:
>
>> 53:
On Thu, 12 Dec 2024 04:50:04 GMT, Martin Balao wrote:
>> src/java.base/share/classes/java/security/Provider.java line 710:
>>
>>> 708: * Enum to inform the result of an operation on the services
>>> map.
>>> 709: */
>>> 710: enum SvcOpResult {
>>
>> Why use an enum he
> * Changed security/auth/callback/TextCallbackHandler/Password.java to run
> with JTReg, now the dialog box with instructions will appear as a ui
Mikhail Yankelevich has updated the pull request incrementally with one
additional commit since the last revision:
visible and invisible order cha
On Fri, 10 Jan 2025 19:22:52 GMT, Koushik Muthukrishnan Thirupattur
wrote:
> **Description:**
> [JDK-8305406](https://bugs.openjdk.org/browse/JDK-8305406) added the `@spec`
> tags to multiple places where there were links to
> "{@docRoot}/../specs/security/standard-names.html". However, it has
On Fri, 17 Jan 2025 18:19:56 GMT, Eirik Bjørsnøs wrote:
>> Please review this PR which adds the `final` modifier to non-subclassable
>> classes in `java.base`.
>>
>> The classes were identified using an automated analysis. See CSR for details.
>>
>> Besides simply adding the `final` access mod
On Mon, 6 Jan 2025 21:53:34 GMT, Tim Jacomb wrote:
> Does that add value to add a test so someone could run it manually?
Yes, I think a manual test is better than nothing.
-
PR Comment: https://git.openjdk.org/jdk/pull/22911#issuecomment-2574022994
## The change
Without this change intermediate certificates that don't have explicit trust
settings are ignored not added to the truststore.
## Reproducer
See https://github.com/timja/openjdk-intermediate-ca-reproducer
Without this change the reproducer fails, and with this change it succeed
On Tue, 7 Jan 2025 17:01:10 GMT, Tim Jacomb wrote:
>> ## The change
>>
>> Without this change intermediate certificates that don't have explicit trust
>> settings are ignored not added to the truststore.
>>
>>
>>
>> ## Reproducer
>>
>> See https://github.com/timja/openjdk-intermediate-ca-re
On Fri, 3 Jan 2025 11:38:29 GMT, Tim Jacomb wrote:
>> ## The change
>>
>> Without this change intermediate certificates that don't have explicit trust
>> settings are ignored not added to the truststore.
>>
>>
>>
>> ## Reproducer
>>
>> See https://github.com/timja/openjdk-intermediate-ca-re
On Fri, 3 Jan 2025 11:28:01 GMT, Tim Jacomb wrote:
> ## The change
>
> Without this change intermediate certificates that don't have explicit trust
> settings are ignored not added to the truststore.
>
>
>
> ## Reproducer
>
> See https://github.com/timja/openjdk-intermediate-ca-reproducer
>
On Tue, 7 Jan 2025 17:21:50 GMT, Alexey Bakhtin wrote:
>> test/jdk/java/security/KeyStore/CheckMacOSKeyChainIntermediateCATrust.java
>> line 43:
>>
>>> 41:
>>> 42: /*
>>> 43: * @test
>>
>> @alexeybakhtin quick question on how this should be marked as manual.
>>
>> I see all tests in
>> htt
On Mon, 6 Jan 2025 20:43:22 GMT, Tim Jacomb wrote:
> Is it possible to add jtreg test for this scenario?
I've done some research.
I _think_ it would only be possible with manual intervention to run it.
The certificates could be generated with a script, similar to the existing
https://github.co
On Fri, 3 Jan 2025 16:29:57 GMT, Tim Jacomb wrote:
>> Ok this isn't working properly 😢
>>
>> 1. ⛔ Fails: Marking the certificate as OS default (which for CA certs is
>> trust: false) - with an intermediate
>> 2. ⛔ Fails: Marking the certificate as OS default without an intermediate
>> 3. ⛔ Fa
On Fri, 3 Jan 2025 16:52:51 GMT, Tim Jacomb wrote:
>> Interesting for root certificate `SecTrustSettingsCopyTrustSettings` returns:
>>
>> * -25300 (not found) when trust policy is `Use System Defaults`
>> * 0 and a `kSecTrustSettingsResult` value of 3 when set to Never Trust
>> * 0 and a `kSecTr
On Fri, 3 Jan 2025 15:36:33 GMT, Tim Jacomb wrote:
>> src/java.base/macosx/native/libosxsecurity/KeystoreImpl.m line 496:
>>
>>> 494:
>>> 495: // Only add certificates with trust settings
>>> 496: if (inputTrust == NULL) {
>>
>> From what I can tell non root certificate
On Sat, 4 Jan 2025 00:19:46 GMT, Alexey Bakhtin wrote:
> I think, in this particular case, we need two iterations to add certificates
> into the trust store. The first iteration will add certificates with non-null
> trust settings, and the second iteration should verify and add certificates
>
On Fri, 3 Jan 2025 11:28:01 GMT, Tim Jacomb wrote:
> ## The change
>
> Without this change intermediate certificates that don't have explicit trust
> settings are ignored not added to the truststore.
>
>
>
> ## Reproducer
>
> See https://github.com/timja/openjdk-intermediate-ca-reproducer
>
On Tue, 26 Nov 2024 13:04:41 GMT, Eirik Bjørsnøs wrote:
> Please review this PR which adds the `final` modifier to non-subclassable
> classes in `java.base`.
>
> The classes were identified using an automated analysis. See CSR for details.
>
> Besides simply adding the `final` access modifier,
On Wed, 8 Jan 2025 16:32:46 GMT, Francisco Ferrari Bihurriet
wrote:
>> Hi, this pull request implements the fixes for bugs and inconsistencies
>> described in [JDK-8345139](https://bugs.openjdk.org/browse/JDK-8345139 "Fix
>> bugs and inconsistencies in the Provider services map").
>>
>>
On Mon, 20 Jan 2025 16:06:56 GMT, Sean Coffey wrote:
> Correct a corner case where null should be returned if a service from the
> legacyMap is marked invalid.
>
> New test case added.
This pull request has now been integrated.
Changeset: e20bd018
Author:Sean Coffey
URL:
https://
On Mon, 20 Jan 2025 16:06:56 GMT, Sean Coffey wrote:
> Correct a corner case where null should be returned if a service from the
> legacyMap is marked invalid.
>
> New test case added.
Thanks for the review Valerie
-
PR Comment: https://git.openjdk.org/jdk/pull/23201#issuecommen
On Thu, 23 Jan 2025 22:17:14 GMT, Sean Mullan wrote:
>> I think you added the fields for the root certificates, and not these
>> certificates. Also, these are not root certificates, so I would remove "Root
>> Certificate".
>>
>> You can use `keytool -printcert -file ...` and just include the f
> [JDK-8346587](https://bugs.openjdk.org/browse/JDK-8346587)
Mark Powers has updated the pull request incrementally with one additional
commit since the last revision:
no root certificate
-
Changes:
- all: https://git.openjdk.org/jdk/pull/22985/files
- new: https://git.openjd
On Fri, 24 Jan 2025 17:33:49 GMT, Mark Powers wrote:
>> [JDK-8346587](https://bugs.openjdk.org/browse/JDK-8346587)
>
> Mark Powers has updated the pull request incrementally with one additional
> commit since the last revision:
>
> no root certificate
Marked as reviewed by mullan (Reviewer).
On Tue, 7 Jan 2025 20:20:46 GMT, Tim Jacomb wrote:
>> The test should be marked as `@run junit/manual ` and added to the
>> `jdk_security_manual_interactive` part of the TEST.groups
>
> Any idea how I can run the test after making those changes?
>
> The test just gets skipped with:
>
>
> CONF
On Thu, 23 Jan 2025 16:16:03 GMT, Hannes Wallnöfer wrote:
>> There's not a great number of "good" examples of this in the JDK, so
>> probably OK except it
>> seems like most cases will do it like a normal javadoc method so you'd want
>> an @param tag too.
>>
>> note : this is a desktop class,
> This makes a small change to the default value of the
> `com.sun.security.ocsp.readtimeout` System property. When not explicitly
> specified, it will be set to the value of the `com.sun.security.ocsp.timeout`
> System property, which helps ease the transition from older JDK versions
> where
On Thu, 23 Jan 2025 20:56:25 GMT, Ben Perez wrote:
> Removed algorithm-specific information from `KeyPairGenerator` class
> description and instead linked out to the Sun Provider documentation
src/java.base/share/classes/java/security/KeyPairGenerator.java line 73:
> 71: * associated with eac
On Thu, 7 Nov 2024 15:44:56 GMT, Sonia Zaldana Calles
wrote:
> Hi all,
>
> This PR addresses [8339891](https://bugs.openjdk.org/browse/JDK-8339891).
> With this patch, "test.java.opts" aggregates on options set via jtreg as
> opposed to overriding them.
>
> Thanks,
> Sonia
This pull requ
> **Description:**
> [JDK-8305406](https://bugs.openjdk.org/browse/JDK-8305406) added the `@spec`
> tags to multiple places where there were links to
> "{@docRoot}/../specs/security/standard-names.html". However, it has not
> covered those cases where a link is an anchor inside this document. Th
On Wed, 8 Jan 2025 23:27:34 GMT, Mark Powers wrote:
> [JDK-8346587](https://bugs.openjdk.org/browse/JDK-8346587)
This pull request has now been integrated.
Changeset: 907350e9
Author:Mark Powers
URL:
https://git.openjdk.org/jdk/commit/907350e9e8e9b66365e9eaa3ae89ddc55cf9731f
Stats:
> Please review a doc-only change to mostly add missing `@serial` javadoc tags.
> This is a sub-task of [JDK-8286931] to allow us to re-enable the javadoc
> `-serialwarn` option in the JDK doc build, which has been disabled since JDK
> 19.
>
> [JDK-8286931]: https://bugs.openjdk.org/browse/JDK-
On Fri, 3 Jan 2025 11:28:01 GMT, Tim Jacomb wrote:
> ## The change
>
> Without this change intermediate certificates that don't have explicit trust
> settings are ignored not added to the truststore.
>
>
>
> ## Reproducer
>
> See https://github.com/timja/openjdk-intermediate-ca-reproducer
>
> **Description:**
> [JDK-8305406](https://bugs.openjdk.org/browse/JDK-8305406) added the `@spec`
> tags to multiple places where there were links to
> "{@docRoot}/../specs/security/standard-names.html". However, it has not
> covered those cases where a link is an anchor inside this document. Th
On Tue, 14 Jan 2025 22:41:47 GMT, Jamil Nimeh wrote:
> This makes a small change to the default value of the
> `com.sun.security.ocsp.readtimeout` System property. When not explicitly
> specified, it will be set to the value of the `com.sun.security.ocsp.timeout`
> System property, which help
36 matches
Mail list logo
