[jdk21u-dev] RFR: 8311546: Certificate name constraints improperly validated with leading period
Volker Simonis
simonis at openjdk.org
Thu Jan 9 12:54:50 UTC 2025
On Wed, 18 Dec 2024 15:56:26 GMT, Aleksey Shipilev <shade at openjdk.org> wrote:
> Backporting this due to wider customer interest in aligning JDK behavior with other SSL implementations. Both patches apply cleanly. First patch does the fix. Second patch fixes the test.
>
> Additional testing:
> - [x] macos-aarch64-server-release, new test passes with and without the change
> - [x] macos-aarch64-server-release, `sun/security/x509/`
> - [x] linux-x86_64-server-release, `jdk_security`
Looks good.
Just for my education: is it now common/recommended to bundle several downports into a single PR? From my memory (which might be outdated) we used dependent PRs for that purpose. The latter is obviously more complicated and work intensive so I'll probably follow your style in the future if that's OK?
-------------
Marked as reviewed by simonis (Reviewer).
PR Review: https://git.openjdk.org/jdk21u-dev/pull/1268#pullrequestreview-2539840165
More information about the jdk-updates-dev
mailing list