RFR: 8245527: LDAP Channel Binding support for Java GSS/Kerberos
Daniel Fuchs
dfuchs at openjdk.java.net
Tue Sep 22 14:53:34 UTC 2020
On Mon, 21 Sep 2020 08:19:28 GMT, Alexey Bakhtin <abakhtin at openjdk.org> wrote:
> Hi,
>
> Plaese review JDK-8245527 fix which implements LDAP Channel Binding support for Java GSS/Kerberos.
> Initial review is available at core-devs: https://mail.openjdk.java.net/pipermail/core-libs-dev/2020-August/068197.html
> This version removes "tls-unique" CB type from the list of possible channel binding types. The only supported type is
> "tls-server-end-point"
> CSR is also updated : https://bugs.openjdk.java.net/browse/JDK-8247311
>
> Thank you
> Alexey
src/java.naming/share/classes/com/sun/jndi/ldap/Connection.java line 994:
> 992: }
> 993:
> 994: private CompletableFuture<X509Certificate> tlsHandshakeCompleted =
Should be `final`?
src/java.naming/share/classes/com/sun/jndi/ldap/sasl/TlsChannelBinding.java line 63:
> 61: * Channel binding on the basis of TLS Finished message
> 62: */
> 63: TLS_UNIQUE("tls-unique"),
Is that still used? If not maybe it should be removed?
-------------
PR: https://git.openjdk.java.net/jdk/pull/278
More information about the core-libs-dev
mailing list