hg: jdk6/jdk6/jdk: 2 new changesets
Andrew John Hughes
gnu_andrew at member.fsf.org
Fri Jan 15 07:56:30 PST 2010
2010/1/15 Sean Mullan <Sean.Mullan at sun.com>:
> Andrew John Hughes wrote:
>>
>> 2010/1/13 <sean.mullan at sun.com>:
>>>
>>> Changeset: c33ca6c539bf
>>> Author: mullan
>>> Date: 2010-01-13 09:29 -0500
>>> URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/c33ca6c539bf
>>>
>>> 6744888: OCSP validation code should permit some clock skew when checking
>>> validity
>>> 6745437: Add option to only check revocation of end-entity certificate in
>>> a chain
>>> 6869739: Cannot check revocation of single certificate without validating
>>> the entire chain
>>> 6885667: CertPath/CertPathValidatorTest/bugs/bug6383078 fails on
>>> jdk6u18/b02, jdk7/pit/b73 and passes on b72.
>>> 6894461: OCSP Checker should not wrap all Exception as "Unable to send
>>> OCSP request."(introduced by #6885667)
>>> Reviewed-by: dgu, vinnie, xuelei
>>>
>>> +
>>> src/share/classes/sun/security/action/GetBooleanSecurityPropertyAction.java
>>> ! src/share/classes/sun/security/provider/certpath/Builder.java
>>> ! src/share/classes/sun/security/provider/certpath/CertId.java
>>> !
>>> src/share/classes/sun/security/provider/certpath/CrlRevocationChecker.java
>>> !
>>> src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java
>>> ! src/share/classes/sun/security/provider/certpath/ForwardBuilder.java
>>> + src/share/classes/sun/security/provider/certpath/OCSP.java
>>> ! src/share/classes/sun/security/provider/certpath/OCSPChecker.java
>>> ! src/share/classes/sun/security/provider/certpath/OCSPRequest.java
>>> ! src/share/classes/sun/security/provider/certpath/OCSPResponse.java
>>> !
>>> src/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java
>>> !
>>> src/share/classes/sun/security/provider/certpath/SunCertPathBuilder.java
>>> ! src/share/classes/sun/security/x509/AccessDescription.java
>>>
>>> Changeset: 22cf4479d879
>>> Author: mullan
>>> Date: 2010-01-13 09:31 -0500
>>> URL: http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/22cf4479d879
>>>
>>> Merge
>>>
>>>
>>>
>>
>> I didn't see this discussed on the jdk6 list. What is it for? We're
>> currently trying to test b18 for release and importing more random
>> changesets really doesn't help!
>
> There was a request to support multiple OCSP SingleResponses in OpenJDK 6 on
> the security-dev alias :
>
> http://mail.openjdk.java.net/pipermail/security-dev/2010-January/001486.html
>
> This required a backport of several related CRs already fixed in OpenJDK 7
> that addressed this issue.
>
> Let me know if this is still an issue and I will back it out for a later
> build. Also, I will discuss these and other changes on the jdk6 list before
> putting changes back in the future.
>
> --Sean
>
>
Ok thanks. I found the post in my local mail too, I must have missed
it. However, it doesn't say anything about approval to push to JDK6,
just that you'd look into backporting it.
I think the build issues I'm seeing are easily resolvable and only due
to the way we have to bootstrap OpenJDK. We use ecj to bootstrap
before doing a full build and it can't understand @Override on
interfaces, so we have to patch them out.
I'm more concerned that we've done a lot of regression testing on this
already and this may alter the results -- though I hope not.
Thanks for your understanding,
--
Andrew :-)
Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)
Support Free Java!
Contribute to GNU Classpath and the OpenJDK
http://www.gnu.org/software/classpath
http://openjdk.java.net
PGP Key: 94EFD9D8 (http://subkeys.pgp.net)
Fingerprint: F8EF F1EA 401E 2E60 15FA 7927 142C 2591 94EF D9D8
More information about the jdk6-dev
mailing list