[jdk21u-dev] RFR: 8311546: Certificate name constraints improperly validated with leading period [v2]
Aleksey Shipilev
shade at openjdk.org
Thu Jan 16 11:02:39 UTC 2025
On Thu, 16 Jan 2025 10:29:12 GMT, Aleksey Shipilev <shade at openjdk.org> wrote:
>> Backporting this due to wider customer interest in aligning JDK behavior with other SSL implementations. Both patches apply cleanly. First patch does the fix. Second patch fixes the test.
>>
>> Additional testing:
>> - [x] macos-aarch64-server-release, new test fails without the change, passes with it
>> - [x] macos-aarch64-server-release, `sun/security/x509/`
>> - [x] linux-x86_64-server-release, `jdk_security`
>
> Aleksey Shipilev has updated the pull request incrementally with one additional commit since the last revision:
>
> Backport a6be9076351b591cbc0860b1ba8f3c56319f4ffe
Thanks for reviews! I mixed in the test rewrite that fixes the regression test. Now I can confirm that retracting the product fix shows up as new regression test failure. Unfortunately, this invalidates prior reviews, please review again.
-------------
PR Comment: https://git.openjdk.org/jdk21u-dev/pull/1268#issuecomment-2595213987
More information about the jdk-updates-dev
mailing list