[jdk17u-dev] Integrated: 8311546: Certificate name constraints improperly validated with leading period
Aleksey Shipilev
shade at openjdk.org
Mon Jan 20 09:05:44 UTC 2025
On Wed, 18 Dec 2024 16:55:53 GMT, Aleksey Shipilev <shade at openjdk.org> wrote:
> Backporting this due to wider customer interest in aligning JDK behavior with other SSL implementations. Both patches apply cleanly. First patch does the fix. Second patch fixes the test.
>
> Additional testing:
> - [x] macos-aarch64-server-release, new test fails without the change and passes with it
> - [x] macos-aarch64-server-release, `sun/security/x509/`
> - [x] linux-x86_64-server-release, `jdk_security`
This pull request has now been integrated.
Changeset: d2fb8c27
Author: Aleksey Shipilev <shade at openjdk.org>
URL: https://git.openjdk.org/jdk17u-dev/commit/d2fb8c273488f0ff57e5f0aacb00d679d7ffa849
Stats: 265 lines in 8 files changed: 256 ins; 6 del; 3 mod
8311546: Certificate name constraints improperly validated with leading period
8320372: test/jdk/sun/security/x509/DNSName/LeadingPeriod.java validity check failed
8347424: Fix and rewrite sun/security/x509/DNSName/LeadingPeriod.java test
Reviewed-by: simonis, bperez
Backport-of: bfaf5704e7e71f968b716b5f448860e9cda721b4
-------------
PR: https://git.openjdk.org/jdk17u-dev/pull/3149
More information about the jdk-updates-dev
mailing list