[jdk17u-dev] RFR: 8349583: Add mechanism to disable signature schemes based on their TLS scope [v3]
Goetz Lindenmaier
goetz at openjdk.org
Tue Aug 5 20:37:12 UTC 2025
On Tue, 5 Aug 2025 09:21:47 GMT, Goetz Lindenmaier <goetz at openjdk.org> wrote:
>> I backport this for parity with 17.0.17-oracle.
>>
>> I needed to resolve several files, and it took some effort to get the
>> patches to the right places. But looks quite good now.
>> Maybe we should backport cleanup changes more often?
>>
>> src/java.base/share/classes/sun/security/ssl/CertificateRequest.java
>> Resolved because "8291509: Minor cleanup could be done in sun.security"
>> not in 17.
>>
>> src/java.base/share/classes/sun/security/ssl/HandshakeContext.java
>> Copyright.
>>
>> src/java.base/share/classes/sun/security/ssl/PreSharedKeyExtension.java
>> Resolved because "8284893: Fix typos in java.base"
>> not in 17.
>>
>> src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java
>> src/java.base/share/classes/sun/security/ssl/SignatureAlgorithmsExtension.java
>> Copyright.
>>
>> src/java.base/share/classes/sun/security/ssl/SignatureScheme.java
>> Some real resolves needed here:
>> Hunk #1 FAILED at 1. Copyright.
>> Hunk #7 FAILED at 438. Resolved code because "8280494: (D)TLS signature schemes" is not in 17.
>> Hunk #9 FAILED at 475. Trivial resolv due to context ("8281236: (D)TLS key exchange named groups" is not in 17).
>>
>> src/java.base/share/classes/sun/security/util/DisabledAlgorithmConstraints.java
>> Trivial resolves because of "8291509: Minor cleanup could be done in sun.security"
>>
>> test/jdk/sun/security/ssl/SignatureScheme/SigSchemePropOrdering.java
>> Resolved because of "8303480: Miscellaneous fixes to mostly invisible doc comments"
>
> Goetz Lindenmaier has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains four additional commits since the last revision:
>
> - Merge
> - Resolves
> - backport b91c92752c65f2c05549c4e4cd8e413e9f5e2d28
> - backport 80edd5c298f21c5e5be3a0c2bb63129e76e0334f
Thanks for the review!
-------------
PR Comment: https://git.openjdk.org/jdk17u-dev/pull/3810#issuecomment-3156553099
More information about the jdk-updates-dev
mailing list