Backporting sun.security.ssl.ClientHandshaker change to jdk7u?
Andrew Hughes
gnu.andrew at redhat.com
Fri May 29 00:30:44 UTC 2015
----- Original Message -----
> Hi all,
>
> On April 10 a change was committed to jdk8u that I'd like to see backported
> to jdk7u. The change set is a large one:
> http://hg.openjdk.java.net/jdk8u/jdk8u-dev/jdk/rev/ea62ea52af27. I don't
> know anything about the background of the change. The checkin comment just
> says "Merge." I don't know where it was merged from but it seems to be a
> bundle of unrelated changes.
>
> The substance of the change to sun.security.ssl.ClientHandshaker is to make
> the triple handshake fix check all subject alternate names of types "IP
> address" and "DNS" and not just the first of each. The current behavior,
> introduced in in 1.7.0_71 I think, is unnecessarily restrictive. I believe
> the change is just a single file.
The actual change is:
changeset: 10570:518f0c5574ef
user: robm
date: Mon Mar 23 17:05:01 2015 +0000
summary: 8072385: Only the first DNSName entry is checked for endpoint identification
http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/518f0c5574ef
https://bugs.openjdk.java.net/browse/JDK-8072385 has it marked as fixed in 7u85,
which implies that it should be committed to the 7u tree. This should now be
possible, now the project has active leadership again.
>
> Thanks
>
>
> John Gregg
>
>
>
>
--
Andrew :)
Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)
PGP Key: ed25519/35964222 (hkp://keys.gnupg.net)
Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222
PGP Key: rsa4096/248BDC07 (hkp://keys.gnupg.net)
Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07
More information about the jdk7u-dev
mailing list