Fwd: CR 6958869/6u21 Updated, P2 java/classes_secu regression: PKIXValidator fails when multiple trust anchors have same dn
Weijun Wang
Weijun.Wang at Sun.COM
Thu Jun 10 21:04:24 PDT 2010
Hi Joe
This is a last minute fix to 6948803. You've already approved 6948803 to be included in openjdk-6. Now I request 6958869 to be included as well. I've been busy recently so have no time to really push 6948803, I plan to push a combined changeset with both bug IDs in the description.
The webrev is here (the changeset for 6u21, I'll add copyright info to test):
http://cr.openjdk.java.net/~weijun/6958869/6/webrev.00/
Basically the Map<Subject,Certificate> is changed to Map<Subject,List<PublicKey>> so that no one is missing even if there are duplicated subject names. The Certificate->PublicKey change makes coding easy, since we only compares public keys, and a keyList.contains(key) is simpler than
for (c in certList)
if (c.getPublicKey().equals(key)) return true;
else continue;
return false
Thanks
Max
Begin forwarded message:
> === Field ============ === New Value ============= === Old Value =============
> Keyword 6u21-yes-b06
> ====================== =========================== ===========================
>
> *Change Request ID*: 6958869/6u21
> *Synopsis*: regression: PKIXValidator fails when multiple trust anchors have same dn
More information about the jdk6-dev
mailing list