[jdk17u-dev] RFR: 8349583: Add mechanism to disable signature schemes based on their TLS scope [v3]
Goetz Lindenmaier
goetz at openjdk.org
Tue Aug 5 09:21:47 UTC 2025
> I backport this for parity with 17.0.17-oracle.
>
> I needed to resolve several files, and it took some effort to get the
> patches to the right places. But looks quite good now.
> Maybe we should backport cleanup changes more often?
>
> src/java.base/share/classes/sun/security/ssl/CertificateRequest.java
> Resolved because "8291509: Minor cleanup could be done in sun.security"
> not in 17.
>
> src/java.base/share/classes/sun/security/ssl/HandshakeContext.java
> Copyright.
>
> src/java.base/share/classes/sun/security/ssl/PreSharedKeyExtension.java
> Resolved because "8284893: Fix typos in java.base"
> not in 17.
>
> src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java
> src/java.base/share/classes/sun/security/ssl/SignatureAlgorithmsExtension.java
> Copyright.
>
> src/java.base/share/classes/sun/security/ssl/SignatureScheme.java
> Some real resolves needed here:
> Hunk #1 FAILED at 1. Copyright.
> Hunk #7 FAILED at 438. Resolved code because "8280494: (D)TLS signature schemes" is not in 17.
> Hunk #9 FAILED at 475. Trivial resolv due to context ("8281236: (D)TLS key exchange named groups" is not in 17).
>
> src/java.base/share/classes/sun/security/util/DisabledAlgorithmConstraints.java
> Trivial resolves because of "8291509: Minor cleanup could be done in sun.security"
>
> test/jdk/sun/security/ssl/SignatureScheme/SigSchemePropOrdering.java
> Resolved because of "8303480: Miscellaneous fixes to mostly invisible doc comments"
Goetz Lindenmaier has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains four additional commits since the last revision:
- Merge
- Resolves
- backport b91c92752c65f2c05549c4e4cd8e413e9f5e2d28
- backport 80edd5c298f21c5e5be3a0c2bb63129e76e0334f
-------------
Changes:
- all: https://git.openjdk.org/jdk17u-dev/pull/3810/files
- new: https://git.openjdk.org/jdk17u-dev/pull/3810/files/1219eb36..29e3ac7e
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk17u-dev&pr=3810&range=02
- incr: https://webrevs.openjdk.org/?repo=jdk17u-dev&pr=3810&range=01-02
Stats: 2462 lines in 37 files changed: 1015 ins; 1315 del; 132 mod
Patch: https://git.openjdk.org/jdk17u-dev/pull/3810.diff
Fetch: git fetch https://git.openjdk.org/jdk17u-dev.git pull/3810/head:pull/3810
PR: https://git.openjdk.org/jdk17u-dev/pull/3810
More information about the jdk-updates-dev
mailing list