Backport TLS 1.2 from OpenJDK 7 - tips and tricks?
Andrew Hughes
gnu.andrew at redhat.com
Thu Aug 20 01:28:23 UTC 2015
----- Original Message -----
> All-
>
> Hopefully this is the right mailing list to ask about this, otherwise
> please let me know where I should post it.
>
> I'm trying to backport the TLS 1.2 support [1] from OpenJDK 7 to
> OpenJDK 6, but I'm running into some trouble and I'm wondering what is
> the usual way to go about it. I also intent to enable TLS 1.2 by
> default (as in JDK-7093640) after I get this stuff backported.
>
> [1] 6916074: Add support for TLS 1.2:
> http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/9d6a9f65d2bf
>
> What is the usually the right approach for this?
> 1. hg import
> 2. hg transplant
> 3. compare current files, bring changes that matter
>
> I have been trying option #1, but I'm finding it a bit harsh since
> there were backports into OpenJDK 6 that affected the same files as
> [1] and those were made *without* backporting any TLS 1.2 stuff. I'm
> looking into a lot of rejects and I find it hard to be sure that I'm
> getting all the stuff I need for TLS 1.2 support without introducing
> bugs.
>
> Option #3 means I will end up putting a few backports into the same
> patch, I'm not sure that is allowed and/or if there are any
> restrictions. I also have to be sure which commit made what change to
> report that. The downside is that I need to then check all the files
> from every commit I end up using, otherwise I might miss other
> important changes.
>
> I have tried option #2 as well, but either I am doing something wrong
> or it does not work as expected - eg. because the repos do not have
> the same parent.
>
> I would really appreciate any help.
>
> On a side note, I'm probably not experienced enough with mercurial
> (currently I'm much more used to git), so it might just be that I'm
> not into the right mindset on how to approach the problem.
>
> Best regards,
> Tiago
>
> --
> Tiago Stürmer Daitx
> Software Engineer
> tiago.daitx at canonical.com
>
We backported appropriate parts of 6916074 to OpenJDK 6 where needed for
recent security fixes.
I don't think backporting the whole of TLS 1.2 is appropriate for OpenJDK 6.
--
Andrew :)
Senior Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)
PGP Key: ed25519/35964222 (hkp://keys.gnupg.net)
Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222
PGP Key: rsa4096/248BDC07 (hkp://keys.gnupg.net)
Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07
More information about the jdk6-dev
mailing list