RFR: 8279842: HTTPS Channel Binding support for Java GSS/Kerberos [v6]
Michael McMahon
michaelm at openjdk.java.net
Mon Jan 24 15:57:15 UTC 2022
On Mon, 24 Jan 2022 15:23:44 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> Michael McMahon has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains eight additional commits since the last revision:
>>
>> - fixed failing test issue and update for latest comments
>> - Merge branch 'master' into spnego
>> - added root cause to NamingException
>> - more tidy-up
>> - removed sasl module dependency and added SaslException cause
>> - changes after first review round
>> - cleanup but still no test. Will be added in closed repo
>> - First version of fix. No test and feature enabled always.
>
> src/java.base/share/classes/sun/security/util/TlsChannelBinding.java line 100:
>
>> (failed to retrieve contents of file, check the PR for context)
> I think this method should stay here. Suppose one day the CBT type is configurable for HTTPS we'll have to get it back. Of course we will need to update the message to avoid talking about LDAP.
So, where should the two constant Strings go? It doesn't feel like they belong in java.base since they are JNDI/SASL related, and we can't have a method in `java.base` depending on code in other modules?
-------------
PR: https://git.openjdk.java.net/jdk/pull/7065
More information about the core-libs-dev
mailing list