[jdk17u-dev] RFR: 8311546: Certificate name constraints improperly validated with leading period
Aleksey Shipilev
shade at openjdk.org
Wed Dec 18 17:02:27 UTC 2024
Backporting this due to wider customer interest in aligning JDK behavior with other SSL implementations. Both patches apply cleanly. First patch does the fix. Second patch fixes the test.
Additional testing:
- [x] macos-aarch64-server-release, new test passes with and without the change
- [x] macos-aarch64-server-release, `sun/security/x509/`
- [ ] linux-x86_64-server-release, `jdk_security`
-------------
Commit messages:
- Backport a2c0fa6f9ccefd3d1b088c51d0b8170cfb59a885
- Backport bfaf5704e7e71f968b716b5f448860e9cda721b4
Changes: https://git.openjdk.org/jdk17u-dev/pull/3149/files
Webrev: https://webrevs.openjdk.org/?repo=jdk17u-dev&pr=3149&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8311546
Stats: 308 lines in 8 files changed: 299 ins; 6 del; 3 mod
Patch: https://git.openjdk.org/jdk17u-dev/pull/3149.diff
Fetch: git fetch https://git.openjdk.org/jdk17u-dev.git pull/3149/head:pull/3149
PR: https://git.openjdk.org/jdk17u-dev/pull/3149
More information about the jdk-updates-dev
mailing list