[jdk17u-dev] Integrated: 8349583: Add mechanism to disable signature schemes based on their TLS scope
Goetz Lindenmaier
goetz at openjdk.org
Thu Aug 7 09:21:29 UTC 2025
On Mon, 4 Aug 2025 10:25:27 GMT, Goetz Lindenmaier <goetz at openjdk.org> wrote:
> I backport this for parity with 17.0.17-oracle.
>
> I needed to resolve several files, and it took some effort to get the
> patches to the right places. But looks quite good now.
> Maybe we should backport cleanup changes more often?
>
> src/java.base/share/classes/sun/security/ssl/CertificateRequest.java
> Resolved because "8291509: Minor cleanup could be done in sun.security"
> not in 17.
>
> src/java.base/share/classes/sun/security/ssl/HandshakeContext.java
> Copyright.
>
> src/java.base/share/classes/sun/security/ssl/PreSharedKeyExtension.java
> Resolved because "8284893: Fix typos in java.base"
> not in 17.
>
> src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java
> src/java.base/share/classes/sun/security/ssl/SignatureAlgorithmsExtension.java
> Copyright.
>
> src/java.base/share/classes/sun/security/ssl/SignatureScheme.java
> Some real resolves needed here:
> Hunk #1 FAILED at 1. Copyright.
> Hunk #7 FAILED at 438. Resolved code because "8280494: (D)TLS signature schemes" is not in 17.
> Hunk #9 FAILED at 475. Trivial resolv due to context ("8281236: (D)TLS key exchange named groups" is not in 17).
>
> src/java.base/share/classes/sun/security/util/DisabledAlgorithmConstraints.java
> Trivial resolves because of "8291509: Minor cleanup could be done in sun.security"
>
> test/jdk/sun/security/ssl/SignatureScheme/SigSchemePropOrdering.java
> Resolved because of "8303480: Miscellaneous fixes to mostly invisible doc comments"
This pull request has now been integrated.
Changeset: fe850da3
Author: Goetz Lindenmaier <goetz at openjdk.org>
URL: https://git.openjdk.org/jdk17u-dev/commit/fe850da38a3fc0c9ce6cf9348efca3c846e97143
Stats: 1272 lines in 21 files changed: 923 ins; 224 del; 125 mod
8349583: Add mechanism to disable signature schemes based on their TLS scope
Reviewed-by: mdoerr
Backport-of: b91c92752c65f2c05549c4e4cd8e413e9f5e2d28
-------------
PR: https://git.openjdk.org/jdk17u-dev/pull/3810
More information about the jdk-updates-dev
mailing list