[jdk17u-dev] RFR: 8311546: Certificate name constraints improperly validated with leading period
Aleksey Shipilev
shade at openjdk.org
Thu Jan 16 11:03:11 UTC 2025
On Wed, 18 Dec 2024 16:55:53 GMT, Aleksey Shipilev <shade at openjdk.org> wrote:
> Backporting this due to wider customer interest in aligning JDK behavior with other SSL implementations. Both patches apply cleanly. First patch does the fix. Second patch fixes the test.
>
> Additional testing:
> - [x] macos-aarch64-server-release, new test fails without the change and passes with it
> - [x] macos-aarch64-server-release, `sun/security/x509/`
> - [x] linux-x86_64-server-release, `jdk_security`
Thanks for reviews! I mixed in the test rewrite that fixes the regression test. Now I can confirm that retracting the product fix shows up as new regression test failure. Unfortunately, this invalidates prior reviews, please review again.
-------------
PR Comment: https://git.openjdk.org/jdk17u-dev/pull/3149#issuecomment-2595214076
More information about the jdk-updates-dev
mailing list