From weijun.wang at oracle.com Thu Sep 1 04:31:38 2011 From: weijun.wang at oracle.com (Weijun Wang) Date: Thu, 01 Sep 2011 12:31:38 +0800 Subject: code review request: 7081783: jarsigner error when no $HOME/.keystore In-Reply-To: <4E5E3461.2010405@oracle.com> References: <4E5C6D90.4050204@oracle.com> <4E5CEB1D.2010007@oracle.com> <4E5DEA38.60201@oracle.com> <4E5E3461.2010405@oracle.com> Message-ID: <4E5F0AAA.2050904@oracle.com> On 08/31/2011 09:17 PM, Xuelei Fan wrote: > I understand the code, fine to me. But the loadKeyStore() method looks > really ugly and lazy. :-) It's ugly, but not very lazy. Anyway, I'm going to putback this version since you already said fine. > > Just for your reference in the inline comments. > ... >> >> Well, it looks more correct, but is complicated in 2 senses: >> >> 1. ~/.keystore and user-specified -keystore are not treated the same. >> You can ignore ~/.keystore, but if a user-specified -keystore does not >> exist, it's an error. >> > We can handle the logic simply at the following blok, right? > 1562 if (!nullStream&& keyStoreName == null) { > 1563 keyStoreName = System.getProperty("user.home") + File.separator > 1564 + ".keystore"; > + // check file existence, ignore it if non-exist > 1565 } > >> 2. signing and verification have different behaviors on exception >> handling. See above. >> > We don't need to make more significant update in other blocks because of > we have ignore the non-exist keystore, right? If no required private > key, the following steps will throw the expected exception. If you ignore non-existing ~/.keystore, there will be no exception, and store will be either null or uninitialized. Then when it's used, NPE or KeyStoreException will be thrown and the user is confused. So you still need to check it earlier. Thanks Max > > Or is there any other thing that I missed? > > Thanks, > Xuelei From xuelei.fan at oracle.com Thu Sep 1 04:37:43 2011 From: xuelei.fan at oracle.com (Xuelei Fan) Date: Thu, 01 Sep 2011 12:37:43 +0800 Subject: code review request: 7081783: jarsigner error when no $HOME/.keystore In-Reply-To: <4E5F0AAA.2050904@oracle.com> References: <4E5C6D90.4050204@oracle.com> <4E5CEB1D.2010007@oracle.com> <4E5DEA38.60201@oracle.com> <4E5E3461.2010405@oracle.com> <4E5F0AAA.2050904@oracle.com> Message-ID: <4E5F0C17.8070801@oracle.com> On 9/1/2011 12:31 PM, Weijun Wang wrote: > > On 08/31/2011 09:17 PM, Xuelei Fan wrote: >> I understand the code, fine to me. But the loadKeyStore() method looks >> really ugly and lazy. :-) > > It's ugly, but not very lazy. > Lazy code is not a bad coding style. ;-) > Anyway, I'm going to putback this version since you already said fine. > Please go ahead. It's fine to me. I just want to talk about some of my concerns. Thanks, Xuelei >> >> Just for your reference in the inline comments. >> > ... > >>> >>> Well, it looks more correct, but is complicated in 2 senses: >>> >>> 1. ~/.keystore and user-specified -keystore are not treated the same. >>> You can ignore ~/.keystore, but if a user-specified -keystore does not >>> exist, it's an error. >>> >> We can handle the logic simply at the following blok, right? >> 1562 if (!nullStream&& keyStoreName == null) { >> 1563 keyStoreName = System.getProperty("user.home") + File.separator >> 1564 + ".keystore"; >> + // check file existence, ignore it if non-exist >> 1565 } >> >>> 2. signing and verification have different behaviors on exception >>> handling. See above. >>> >> We don't need to make more significant update in other blocks because of >> we have ignore the non-exist keystore, right? If no required private >> key, the following steps will throw the expected exception. > > If you ignore non-existing ~/.keystore, there will be no exception, and > store will be either null or uninitialized. Then when it's used, NPE or > KeyStoreException will be thrown and the user is confused. So you still > need to check it earlier. > > Thanks > Max > >> >> Or is there any other thing that I missed? >> >> Thanks, >> Xuelei From chris.hegarty at oracle.com Thu Sep 1 05:45:47 2011 From: chris.hegarty at oracle.com (chris.hegarty at oracle.com) Date: Thu, 01 Sep 2011 05:45:47 +0000 Subject: hg: jdk8/tl/jdk: 7014860: Socket.getInputStream().available() not clear for shutdown input Message-ID: <20110901054606.0B82E47290@hg.openjdk.java.net> Changeset: a5a28b040714 Author: chegar Date: 2011-09-01 06:45 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/a5a28b040714 7014860: Socket.getInputStream().available() not clear for shutdown input Reviewed-by: alanb, michaelm ! src/share/classes/java/net/AbstractPlainSocketImpl.java ! src/share/classes/java/net/Socket.java ! src/share/classes/java/net/SocketImpl.java + test/java/net/Socket/ShutdownInput.java From chris.hegarty at oracle.com Thu Sep 1 13:46:46 2011 From: chris.hegarty at oracle.com (chris.hegarty at oracle.com) Date: Thu, 01 Sep 2011 13:46:46 +0000 Subject: hg: jdk8/tl/jdk: 7041800: URI.equals may incorrectly return true with escaped octets Message-ID: <20110901134708.4CB21472A7@hg.openjdk.java.net> Changeset: fcb33500b325 Author: chegar Date: 2011-09-01 13:53 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/fcb33500b325 7041800: URI.equals may incorrectly return true with escaped octets Reviewed-by: alanb, michaelm ! src/share/classes/java/net/URI.java ! test/java/net/URI/Test.java From kumar.x.srinivasan at oracle.com Thu Sep 1 16:57:39 2011 From: kumar.x.srinivasan at oracle.com (kumar.x.srinivasan at oracle.com) Date: Thu, 01 Sep 2011 16:57:39 +0000 Subject: hg: jdk8/tl/langtools: 7073631: (javac) javac parser improvements for error position reporting Message-ID: <20110901165743.7AB60472B0@hg.openjdk.java.net> Changeset: 04f983e3e825 Author: ksrini Date: 2011-09-01 09:14 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/04f983e3e825 7073631: (javac) javac parser improvements for error position reporting Summary: JavacParser improvements for NetBeans, improved by LangTools. Reviewed-by: mcimadamore, jjg Contributed-by: jan.lahoda at oracle.com ! src/share/classes/com/sun/tools/javac/parser/JavacParser.java ! src/share/classes/com/sun/tools/javac/parser/Scanner.java ! src/share/classes/com/sun/tools/javac/util/AbstractLog.java ! test/tools/javac/TryWithResources/BadTwr.out ! test/tools/javac/TryWithResources/DuplicateResourceDecl.out ! test/tools/javac/TryWithResources/ResourceInterface.out ! test/tools/javac/TryWithResources/TwrFlow.out ! test/tools/javac/TryWithResources/TwrLint.out ! test/tools/javac/TryWithResources/TwrOnNonResource.out ! test/tools/javac/diags/examples/EmptyCharLiteral.java + test/tools/javac/parser/netbeans/JavacParserTest.java From sean.mullan at oracle.com Thu Sep 1 20:13:07 2011 From: sean.mullan at oracle.com (Sean Mullan) Date: Thu, 01 Sep 2011 16:13:07 -0400 Subject: 7081804: Remove cause field from javax.xml.crypto.NoSuchMechnismException In-Reply-To: <4E5E8AE3.3070402@gmx.de> References: <4E525386.9000207@gmx.de> <4E52758D.2020208@oracle.com> <4E5E8AE3.3070402@gmx.de> Message-ID: <4E5FE753.2010705@oracle.com> On 8/31/11 3:26 PM, Sebastian Sickelmann wrote: > Some discussions went on in this thread as i tried to apply this > solution to some other classes. > These classes has adressed the new chaining support in Throwable quite > different. > In the meanwhile i think it is done best the way it is done in > java/lang/{UndeclaredThrowableException|InvocationTargetException|ClassNotFoundException} > > I changed the webrev to mirror this pattern of supporting exception > chain from java/lang. > The solution is far easier to understand and i think it needs no > addtional regression-tests. > The solution to delete the cause field and patch serialisation is far > more complex. > I like the deletion of this field much more like prohibiting initCause. > But this change should be mirrored to many Exceptions out there, and > would require many discussion. > > Here is the updated webrev: > http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_0/ Hmm, the main problem I have with this change is that the printStackTrace methods will no longer print the stack trace of the cause because it will always be null. That doesn't seem right to me, as it could be considered an incompatible change, and it will make it harder to debug issues. IMO, this is one of those bugs where the impact is minimal, and it just might be better to let things exist as they are, and perhaps add some comments in the code to that effect. --Sean > > Maybe the title of the bug isn't right anymore. > @Alan: Can we change it into something like prohibit unintentional > initCause() after construction? > > -- Sebastian >>> @core-libs-dev: I crosspost it to core-libs-dev because the thread started >>> there. So the interessted parties can move over to security-dev archive[4] >>> >>> -- Sebastian >>> >>> [1] http://mail.openjdk.java.net/pipermail/core-libs-dev/2011-August/007462.html >>> [2] http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/SeriallizeTest.java >>> [3] http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/ >>> [4] http://mail.openjdk.java.net/pipermail/security-dev/2011-August/thread.html > From jim.holmlund at sun.com Thu Sep 1 21:41:13 2011 From: jim.holmlund at sun.com (jim.holmlund at sun.com) Date: Thu, 01 Sep 2011 21:41:13 +0000 Subject: hg: jdk8/tl/langtools: 7086071: tools/javac/7079713/TestCircularClassfile.java fails on windows Message-ID: <20110901214117.D2A61472C2@hg.openjdk.java.net> Changeset: a45d78d26450 Author: jjh Date: 2011-09-01 14:35 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/a45d78d26450 7086071: tools/javac/7079713/TestCircularClassfile.java fails on windows Summary: delete file before renaming another file to it Reviewed-by: jjg ! test/tools/javac/7079713/TestCircularClassfile.java From sebastian.sickelmann at gmx.de Fri Sep 2 05:43:57 2011 From: sebastian.sickelmann at gmx.de (Sebastian Sickelmann) Date: Fri, 02 Sep 2011 07:43:57 +0200 Subject: 7081804: Remove cause field from javax.xml.crypto.NoSuchMechnismException In-Reply-To: <4E5FE753.2010705@oracle.com> References: <4E525386.9000207@gmx.de> <4E52758D.2020208@oracle.com> <4E5E8AE3.3070402@gmx.de> <4E5FE753.2010705@oracle.com> Message-ID: <4E606D1D.6050509@gmx.de> Am 01.09.2011 22:13, schrieb Sean Mullan: > On 8/31/11 3:26 PM, Sebastian Sickelmann wrote: >> Some discussions went on in this thread as i tried to apply this >> solution to some other classes. >> These classes has adressed the new chaining support in Throwable quite >> different. >> In the meanwhile i think it is done best the way it is done in >> java/lang/{UndeclaredThrowableException|InvocationTargetException|ClassNotFoundException} >> >> I changed the webrev to mirror this pattern of supporting exception >> chain from java/lang. >> The solution is far easier to understand and i think it needs no >> addtional regression-tests. >> The solution to delete the cause field and patch serialisation is far >> more complex. >> I like the deletion of this field much more like prohibiting initCause. >> But this change should be mirrored to many Exceptions out there, and >> would require many discussion. >> >> Here is the updated webrev: >> http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_0/ > Hmm, the main problem I have with this change is that the printStackTrace > methods will no longer print the stack trace of the cause because it will always > be null. That doesn't seem right to me, as it could be considered an > incompatible change, and it will make it harder to debug issues. The printStackTrace in Throwable calls the overridden getCause(). Maybe we should add @Override to it. Updated the webrev to: http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_1/ > IMO, this is one of those bugs where the impact is minimal, and it just might be > better to let things exist as they are, and perhaps add some comments in the > code to that effect. At least it prevents calls to initCause after creation. Which is now possible. I additionaly don't like the idea of leaving the cause field in the class but it maybe better to first fix it to an already used pattern (in java/lang) and then start discussion if we should remove the cause field in all implementations where we can remove it without breaking compatibility. -- Sebastian > --Sean > >> Maybe the title of the bug isn't right anymore. >> @Alan: Can we change it into something like prohibit unintentional >> initCause() after construction? >> >> -- Sebastian >>>> @core-libs-dev: I crosspost it to core-libs-dev because the thread started >>>> there. So the interessted parties can move over to security-dev archive[4] >>>> >>>> -- Sebastian >>>> >>>> [1] http://mail.openjdk.java.net/pipermail/core-libs-dev/2011-August/007462.html >>>> [2] http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/SeriallizeTest.java >>>> [3] http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/ >>>> [4] http://mail.openjdk.java.net/pipermail/security-dev/2011-August/thread.html From joe.darcy at oracle.com Fri Sep 2 06:00:55 2011 From: joe.darcy at oracle.com (joe.darcy at oracle.com) Date: Fri, 02 Sep 2011 06:00:55 +0000 Subject: hg: jdk8/tl/jdk: 7082971: More performance tuning of BigDecimal and other java.math classes Message-ID: <20110902060120.1E673472D9@hg.openjdk.java.net> Changeset: ffada2ce20e5 Author: darcy Date: 2011-09-01 23:00 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/ffada2ce20e5 7082971: More performance tuning of BigDecimal and other java.math classes Reviewed-by: darcy Contributed-by: sergey.kuksenko at oracle.com ! src/share/classes/java/math/BigDecimal.java ! src/share/classes/java/math/BigInteger.java ! src/share/classes/java/math/MutableBigInteger.java ! test/java/math/BigDecimal/DivideMcTests.java ! test/java/math/BigDecimal/FloatDoubleValueTests.java ! test/java/math/BigDecimal/RangeTests.java ! test/java/math/BigDecimal/StrippingZerosTest.java ! test/java/math/BigDecimal/ToPlainStringTests.java From sean.coffey at oracle.com Fri Sep 2 15:15:07 2011 From: sean.coffey at oracle.com (=?ISO-8859-1?Q?Se=E1n_Coffey?=) Date: Fri, 02 Sep 2011 16:15:07 +0100 Subject: Code review request for 7049079: NTSYSTEM CLASS IS LEAKING 3 WINDOWS TOKENS Message-ID: <4E60F2FB.5020609@oracle.com> This is a forward port to JDK 8 of a fix gone into jdk 5 and jdk6 releases. It'll be ported to 7u shortly after jdk8. Bug id is not public. NTSystem() obtains a native Token instance for each constructor call. This is unnecessary and Token instances should only be requested when called for, i.e. at getImpersonationToken() time. No auto testcase but fix has been verified though use of the MS handle tool and a simple java testcase. http://cr.openjdk.java.net/~coffeys/webrev.7049079.jdk8/ Regards, Sean. From kumar.x.srinivasan at oracle.com Fri Sep 2 16:07:04 2011 From: kumar.x.srinivasan at oracle.com (kumar.x.srinivasan at oracle.com) Date: Fri, 02 Sep 2011 16:07:04 +0000 Subject: hg: jdk8/tl/langtools: 7024096: Stack trace has invalid line numbers Message-ID: <20110902160710.3449C47313@hg.openjdk.java.net> Changeset: 02b8381781ab Author: ksrini Date: 2011-09-02 07:54 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/02b8381781ab 7024096: Stack trace has invalid line numbers Reviewed-by: jjg, darcy Contributed-by: bruce.chapman.nz at gmail.com ! src/share/classes/com/sun/tools/javac/jvm/Gen.java + test/tools/javac/jvm/T7024096.java From maurizio.cimadamore at oracle.com Fri Sep 2 16:39:29 2011 From: maurizio.cimadamore at oracle.com (maurizio.cimadamore at oracle.com) Date: Fri, 02 Sep 2011 16:39:29 +0000 Subject: hg: jdk8/tl/langtools: 7086261: javac doesn't report error as expected, it only reports ClientCodeWrapper$DiagnosticSourceUnwrapper Message-ID: <20110902163932.453C847317@hg.openjdk.java.net> Changeset: ec27e5befa53 Author: mcimadamore Date: 2011-09-02 17:35 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/ec27e5befa53 7086261: javac doesn't report error as expected, it only reports ClientCodeWrapper$DiagnosticSourceUnwrapper Summary: Missing override for toString() in ClientCodeUnwrapper.DiagnosticSourceUnwrapper Reviewed-by: jjg ! src/share/classes/com/sun/tools/javac/api/ClientCodeWrapper.java + test/tools/javac/api/7086261/T7086261.java From xueming.shen at oracle.com Fri Sep 2 17:21:26 2011 From: xueming.shen at oracle.com (xueming.shen at oracle.com) Date: Fri, 02 Sep 2011 17:21:26 +0000 Subject: hg: jdk8/tl/jdk: 6898310: (cs) Charset cache lookups should be synchronized Message-ID: <20110902172137.E30FF47319@hg.openjdk.java.net> Changeset: 812c6d4d6a58 Author: sherman Date: 2011-09-02 10:20 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/812c6d4d6a58 6898310: (cs) Charset cache lookups should be synchronized Summary: synchronize the lookup in iterator Reviewed-by: alanb ! src/share/classes/sun/nio/cs/AbstractCharsetProvider.java From sean.mullan at oracle.com Fri Sep 2 19:58:29 2011 From: sean.mullan at oracle.com (Sean Mullan) Date: Fri, 02 Sep 2011 15:58:29 -0400 Subject: 7081804: Remove cause field from javax.xml.crypto.NoSuchMechnismException In-Reply-To: <4E606D1D.6050509@gmx.de> References: <4E525386.9000207@gmx.de> <4E52758D.2020208@oracle.com> <4E5E8AE3.3070402@gmx.de> <4E5FE753.2010705@oracle.com> <4E606D1D.6050509@gmx.de> Message-ID: <4E613565.1080801@oracle.com> On 9/2/11 1:43 AM, Sebastian Sickelmann wrote: >>> Here is the updated webrev: >>> http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_0/ >> Hmm, the main problem I have with this change is that the printStackTrace >> methods will no longer print the stack trace of the cause because it will always >> be null. That doesn't seem right to me, as it could be considered an >> incompatible change, and it will make it harder to debug issues. > The printStackTrace in Throwable calls the overridden getCause(). > Maybe we should add @Override to it. > Updated the webrev to: > http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_1/ In that case, my main concern is addressed then. I would probably want someone from our TCK team to also review it with respect to JSR 105 compatibility, so I'll see if I can find someone. But first, can you expand your webrev to include the other Exception classes in javax.xml.crypto.**? Thanks, Sean From joe.darcy at oracle.com Fri Sep 2 23:06:27 2011 From: joe.darcy at oracle.com (joe.darcy at oracle.com) Date: Fri, 02 Sep 2011 23:06:27 +0000 Subject: hg: jdk8/tl/jdk: 6989067: BigInteger's array copiers should be converted to System.arraycopy() Message-ID: <20110902230651.7DB8447327@hg.openjdk.java.net> Changeset: 95aff7cbf590 Author: darcy Date: 2011-09-02 16:06 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/95aff7cbf590 6989067: BigInteger's array copiers should be converted to System.arraycopy() Reviewed-by: mduigou, forax ! src/share/classes/java/math/BigInteger.java From weijun.wang at oracle.com Sat Sep 3 05:34:42 2011 From: weijun.wang at oracle.com (Weijun Wang) Date: Sat, 03 Sep 2011 13:34:42 +0800 Subject: Code review request for 7049079: NTSYSTEM CLASS IS LEAKING 3 WINDOWS TOKENS In-Reply-To: <4E60F2FB.5020609@oracle.com> References: <4E60F2FB.5020609@oracle.com> Message-ID: <4E61BC72.6010006@oracle.com> The code change looks fine. Thanks Max On 09/02/2011 11:15 PM, Se?n Coffey wrote: > This is a forward port to JDK 8 of a fix gone into jdk 5 and jdk6 releases. > It'll be ported to 7u shortly after jdk8. > > Bug id is not public. > > NTSystem() obtains a native Token instance for each constructor call. > This is unnecessary and Token instances should only be requested when > called for, i.e. at getImpersonationToken() time. > > No auto testcase but fix has been verified though use of the MS handle > tool and a simple java testcase. > > http://cr.openjdk.java.net/~coffeys/webrev.7049079.jdk8/ > > Regards, > Sean. From chris.hegarty at oracle.com Sat Sep 3 06:47:23 2011 From: chris.hegarty at oracle.com (chris.hegarty at oracle.com) Date: Sat, 03 Sep 2011 06:47:23 +0000 Subject: hg: jdk8/tl/jdk: 7084032: test/java/net/Inet6Address/B6558853.java fails on Windows XP/2003 if IPv6 Message-ID: <20110903064744.9FFBA4733B@hg.openjdk.java.net> Changeset: 5b8f8397379f Author: chegar Date: 2011-09-03 07:46 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/5b8f8397379f 7084032: test/java/net/Inet6Address/B6558853.java fails on Windows XP/2003 if IPv6 Reviewed-by: chegar Contributed-by: kurchi.subhra.hazra at oracle.com ! src/windows/native/java/net/TwoStacksPlainSocketImpl.c From sebastian.sickelmann at gmx.de Sat Sep 3 17:04:20 2011 From: sebastian.sickelmann at gmx.de (Sebastian Sickelmann) Date: Sat, 03 Sep 2011 19:04:20 +0200 Subject: 7081804: Remove cause field from javax.xml.crypto.NoSuchMechnismException In-Reply-To: <4E613565.1080801@oracle.com> References: <4E525386.9000207@gmx.de> <4E52758D.2020208@oracle.com> <4E5E8AE3.3070402@gmx.de> <4E5FE753.2010705@oracle.com> <4E606D1D.6050509@gmx.de> <4E613565.1080801@oracle.com> Message-ID: <4E625E14.9060101@gmx.de> Am 02.09.2011 21:58, schrieb Sean Mullan: > On 9/2/11 1:43 AM, Sebastian Sickelmann wrote: >>>> Here is the updated webrev: >>>> http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_0/ >>> Hmm, the main problem I have with this change is that the printStackTrace >>> methods will no longer print the stack trace of the cause because it will always >>> be null. That doesn't seem right to me, as it could be considered an >>> incompatible change, and it will make it harder to debug issues. >> The printStackTrace in Throwable calls the overridden getCause(). >> Maybe we should add @Override to it. >> Updated the webrev to: >> http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_1/ > In that case, my main concern is addressed then. I would probably want someone > from our TCK team to also review it with respect to JSR 105 compatibility, so > I'll see if I can find someone. Fine, that would be good. > But first, can you expand your webrev to include the other Exception classes in > javax.xml.crypto.**? The new webrev is here: http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_2/ > Thanks, > Sean -- Sebastian From weijun.wang at oracle.com Mon Sep 5 03:23:55 2011 From: weijun.wang at oracle.com (weijun.wang at oracle.com) Date: Mon, 05 Sep 2011 03:23:55 +0000 Subject: hg: jdk8/tl/jdk: 7081783: jarsigner error when no $HOME/.keystore Message-ID: <20110905032413.579704739A@hg.openjdk.java.net> Changeset: 62c25e4c30a3 Author: weijun Date: 2011-09-05 11:22 +0800 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/62c25e4c30a3 7081783: jarsigner error when no $HOME/.keystore Reviewed-by: xuelei ! src/share/classes/sun/security/tools/JarSigner.java From weijun.wang at oracle.com Mon Sep 5 10:18:48 2011 From: weijun.wang at oracle.com (weijun.wang at oracle.com) Date: Mon, 05 Sep 2011 10:18:48 +0000 Subject: hg: jdk8/tl/jdk: 7081411: DSA keypair generation affected by Solaris bug Message-ID: <20110905101914.0C6F6473A9@hg.openjdk.java.net> Changeset: 1d247911e035 Author: weijun Date: 2011-09-05 18:17 +0800 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/1d247911e035 7081411: DSA keypair generation affected by Solaris bug Reviewed-by: xuelei, mullan, alanb ! test/ProblemList.txt + test/java/security/KeyPairGenerator/SolarisShortDSA.java From sean.coffey at oracle.com Mon Sep 5 10:29:17 2011 From: sean.coffey at oracle.com (sean.coffey at oracle.com) Date: Mon, 05 Sep 2011 10:29:17 +0000 Subject: hg: jdk8/tl/jdk: 7049079: NTSYSTEM CLASS IS LEAKING WINDOWS TOKENS Message-ID: <20110905102929.38473473AA@hg.openjdk.java.net> Changeset: 946e3b786d2d Author: coffeys Date: 2011-09-05 11:28 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/946e3b786d2d 7049079: NTSYSTEM CLASS IS LEAKING WINDOWS TOKENS Reviewed-by: weijun ! src/share/classes/com/sun/security/auth/module/NTSystem.java ! src/windows/native/com/sun/security/auth/module/nt.c From joe.darcy at oracle.com Mon Sep 5 15:04:19 2011 From: joe.darcy at oracle.com (joe.darcy at oracle.com) Date: Mon, 05 Sep 2011 15:04:19 +0000 Subject: hg: jdk8/tl/jdk: 7086710: java/util/Formatter/Basic.java failing after 7082971 Message-ID: <20110905150431.29093473B7@hg.openjdk.java.net> Changeset: 43880d125b79 Author: darcy Date: 2011-09-05 08:04 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/43880d125b79 7086710: java/util/Formatter/Basic.java failing after 7082971 Reviewed-by: alanb ! src/share/classes/java/math/BigDecimal.java From joe.darcy at oracle.com Tue Sep 6 13:18:21 2011 From: joe.darcy at oracle.com (joe.darcy at oracle.com) Date: Tue, 06 Sep 2011 13:18:21 +0000 Subject: hg: jdk8/tl/jdk: 6838776: Defer initialization of static fields in java.math.BigInteger Message-ID: <20110906131844.44717473EA@hg.openjdk.java.net> Changeset: 5077e7a68259 Author: darcy Date: 2011-09-06 06:17 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/5077e7a68259 6838776: Defer initialization of static fields in java.math.BigInteger Reviewed-by: mduigou, mduigou ! src/share/classes/java/math/BigDecimal.java ! src/share/classes/java/math/BigInteger.java From weijun.wang at oracle.com Wed Sep 7 00:57:18 2011 From: weijun.wang at oracle.com (weijun.wang at oracle.com) Date: Wed, 07 Sep 2011 00:57:18 +0000 Subject: hg: jdk8/tl/jdk: 7067974: multiple ETYPE-INFO-ENTRY with same etype and different salt Message-ID: <20110907005728.86F3B4740B@hg.openjdk.java.net> Changeset: c62794c9caea Author: weijun Date: 2011-09-07 08:56 +0800 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/c62794c9caea 7067974: multiple ETYPE-INFO-ENTRY with same etype and different salt Reviewed-by: valeriep ! src/share/classes/sun/security/krb5/EncryptionKey.java ! src/share/classes/sun/security/krb5/KrbAsRep.java ! src/share/classes/sun/security/krb5/KrbAsReqBuilder.java ! src/share/classes/sun/security/krb5/internal/KRBError.java ! src/share/classes/sun/security/krb5/internal/PAData.java + test/sun/security/krb5/auto/DupEtypes.java ! test/sun/security/krb5/auto/KDC.java From joe.darcy at oracle.com Wed Sep 7 04:20:12 2011 From: joe.darcy at oracle.com (joe.darcy at oracle.com) Date: Wed, 07 Sep 2011 04:20:12 +0000 Subject: hg: jdk8/tl/jdk: 7086192: (reflect) Have TypeVariable extend AnnotatedElement Message-ID: <20110907042022.1B78747413@hg.openjdk.java.net> Changeset: fa1e7738a136 Author: darcy Date: 2011-09-06 21:19 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/fa1e7738a136 7086192: (reflect) Have TypeVariable extend AnnotatedElement Reviewed-by: mcimadamore ! src/share/classes/java/lang/reflect/TypeVariable.java ! src/share/classes/sun/reflect/generics/reflectiveObjects/TypeVariableImpl.java + test/java/lang/reflect/TypeVariable/TestAnnotatedElement.java From sean.mullan at oracle.com Wed Sep 7 17:51:57 2011 From: sean.mullan at oracle.com (Sean Mullan) Date: Wed, 07 Sep 2011 13:51:57 -0400 Subject: 7081804: Remove cause field from javax.xml.crypto.NoSuchMechnismException In-Reply-To: <4E625E14.9060101@gmx.de> References: <4E525386.9000207@gmx.de> <4E52758D.2020208@oracle.com> <4E5E8AE3.3070402@gmx.de> <4E5FE753.2010705@oracle.com> <4E606D1D.6050509@gmx.de> <4E613565.1080801@oracle.com> <4E625E14.9060101@gmx.de> Message-ID: <4E67AF3D.2090609@oracle.com> On 9/3/11 1:04 PM, Sebastian Sickelmann wrote: > Am 02.09.2011 21:58, schrieb Sean Mullan: >> On 9/2/11 1:43 AM, Sebastian Sickelmann wrote: >>>>> Here is the updated webrev: >>>>> http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_0/ >>>> Hmm, the main problem I have with this change is that the printStackTrace >>>> methods will no longer print the stack trace of the cause because it will always >>>> be null. That doesn't seem right to me, as it could be considered an >>>> incompatible change, and it will make it harder to debug issues. >>> The printStackTrace in Throwable calls the overridden getCause(). >>> Maybe we should add @Override to it. >>> Updated the webrev to: >>> http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_1/ >> In that case, my main concern is addressed then. I would probably want someone >> from our TCK team to also review it with respect to JSR 105 compatibility, so >> I'll see if I can find someone. > Fine, that would be good. >> But first, can you expand your webrev to include the other Exception classes in >> javax.xml.crypto.**? > The new webrev is here: > http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_2/ In some classes the initCause comment is misspelled as initCaus. What about a test case, for example testing to make sure initCause throws an exception? Can you write one? Also, I have asked someone from the TCK team to look at this and he said he will do that by Friday. It might require a CCC change because the behavior of initCause is different. I am hoping it doesn't require a JSR 105 maintenance revision though. --Sean From mandy.chung at oracle.com Wed Sep 7 20:43:01 2011 From: mandy.chung at oracle.com (mandy.chung at oracle.com) Date: Wed, 07 Sep 2011 20:43:01 +0000 Subject: hg: jdk8/tl/jdk: 7078024: Update JDK service tag for JDK 8 Message-ID: <20110907204311.8AB2347446@hg.openjdk.java.net> Changeset: be949e12cab0 Author: mchung Date: 2011-09-07 13:42 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/be949e12cab0 7078024: Update JDK service tag for JDK 8 Reviewed-by: paulk ! make/com/sun/servicetag/Makefile ! src/share/classes/com/sun/servicetag/Installer.java + src/share/classes/com/sun/servicetag/resources/javase_servicetag.properties ! test/com/sun/servicetag/JavaServiceTagTest.java ! test/com/sun/servicetag/JavaServiceTagTest1.java From weijun.wang at oracle.com Thu Sep 8 01:04:52 2011 From: weijun.wang at oracle.com (weijun.wang at oracle.com) Date: Thu, 08 Sep 2011 01:04:52 +0000 Subject: hg: jdk8/tl/jdk: 7087428: move client tests out of jdk_misc Message-ID: <20110908010502.8232A4745B@hg.openjdk.java.net> Changeset: 6dab08f1cabb Author: weijun Date: 2011-09-08 09:04 +0800 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/6dab08f1cabb 7087428: move client tests out of jdk_misc Reviewed-by: alanb, ohair ! make/jprt.properties ! test/Makefile From weijun.wang at oracle.com Thu Sep 8 01:06:20 2011 From: weijun.wang at oracle.com (weijun.wang at oracle.com) Date: Thu, 08 Sep 2011 01:06:20 +0000 Subject: hg: jdk8/tl: 7087428: move client tests out of jdk_misc Message-ID: <20110908010620.E7A2E4745C@hg.openjdk.java.net> Changeset: b1d357ebf0cb Author: weijun Date: 2011-09-08 09:06 +0800 URL: http://hg.openjdk.java.net/jdk8/tl/rev/b1d357ebf0cb 7087428: move client tests out of jdk_misc Reviewed-by: ohair, alanb ! make/jprt.properties From weijun.wang at oracle.com Thu Sep 8 09:13:05 2011 From: weijun.wang at oracle.com (Weijun Wang) Date: Thu, 08 Sep 2011 17:13:05 +0800 Subject: code review request: 7047200: keytool safe store (was Misleading error message) In-Reply-To: <23399182.1309308648847.JavaMail.sbladm@swsblss4-new> References: <23399182.1309308648847.JavaMail.sbladm@swsblss4-new> Message-ID: <4E688721.7040104@oracle.com> Bug weblink: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7047200 Webrev: http://cr.openjdk.java.net/~weijun/7047200/webrev.00/ The original bug report is a false report. However, because of a simple input error, the keystore file is damaged permanently. This is definitely not a nice user experience. The fix stores the keystore content to a byte array first before writing it to a file. An alternative way would be store the content to a new file name and then do a remove-and-rename, but since keystore files are normally small, it's not worth trying. Thanks Max On 06/29/2011 08:50 AM, weijun.wang at oracle.com wrote: > 7047200: keytool safe store (was Misleading error message) > > > === *Description* ============================================================ > FULL PRODUCT VERSION : > java version "1.6.0_25" > Java(TM) SE Runtime Environment (build 1.6.0_25-b06) > Java HotSpot(TM) Client VM (build 20.0-b11, mixed mode, sharing) > > ADDITIONAL OS VERSION INFORMATION : > Microsoft Windows XP [Version 5.1.2600] > (C) Copyright 1985-2001 Microsoft Corp. > > A DESCRIPTION OF THE PROBLEM : > Why is an error being generated after I key in the password twice? > > REGRESSION. Last worked in version 6u25 > > STEPS TO FOLLOW TO REPRODUCE THE PROBLEM : > Command Line > Microsoft Windows XP [Version 5.1.2600] > (C) Copyright 1985-2001 Microsoft Corp. > > C:\Documents and Settings\Jon>keytool -genkeypair -v -protected -alias jon -file > certif.file > What is your first and last name? > [Unknown]: Jon C. > What is the name of your organizational unit? > [Unknown]: @Jon's > What is the name of your organization? > [Unknown]: @Jon's > What is the name of your City or Locality? > [Unknown]: Birkirkara > What is the name of your State or Province? > [Unknown]: Malta(EU) > What is the two-letter country code for this unit? > [Unknown]: MT > Is CN=Jon C., OU=@Jon's, O=@Jon's, L=Birkirkara, ST=Malta(EU), C=MT correct? > [no]: yes > > Generating 1,024 bit DSA key pair and self-signed certificate (SHA1withDSA) with > a validity of 90 days > for: CN=Jon C., OU=@Jon's, O=@Jon's, L=Birkirkara, ST=Malta(EU), C=MT > Enter key password for > (RETURN if same as keystore password): > Re-enter new password: > [Storing C:\Documents and Settings\Jon\.keystore] > > > EXPECTED VERSUS ACTUAL BEHAVIOR : > EXPECTED - > PKI should be generated > ACTUAL - > Error message is displayed. > > ERROR MESSAGES/STACK TRACES THAT OCCUR : > keytool error: java.lang.IllegalArgumentException: password can't be null > java.lang.IllegalArgumentException: password can't be null > at sun.security.provider.JavaKeyStore.engineStore(JavaKeyStore.java:508) > > at sun.security.provider.JavaKeyStore$JKS.engineStore(JavaKeyStore.java: > 38) > at java.security.KeyStore.store(KeyStore.java:1117) > at sun.security.tools.KeyTool.doCommands(KeyTool.java:901) > at sun.security.tools.KeyTool.run(KeyTool.java:171) > at sun.security.tools.KeyTool.main(KeyTool.java:165) > > REPRODUCIBILITY : > This bug can be reproduced always. > > === *Evaluation* ============================================================= > This is mainly a user error: > >> keytool -genkeypair -v -protected -alias jon -file certif.file > > 1. Does the user intent to create a new keystore certif.file? If so, please use "-keystore certif.file". > > 2. The default keystore type at the moment, JKS, is file-based. So, do not specify "-protected". This option is for token-based keystores which has their own special protection mechanism. > > Having said that, we can enhance keytool to deal with this user input error more friendly. From sebastian.sickelmann at gmx.de Thu Sep 8 05:39:01 2011 From: sebastian.sickelmann at gmx.de (Sebastian Sickelmann) Date: Thu, 08 Sep 2011 07:39:01 +0200 Subject: 7081804: Remove cause field from javax.xml.crypto.NoSuchMechnismException In-Reply-To: <4E67AF3D.2090609@oracle.com> References: <4E525386.9000207@gmx.de> <4E52758D.2020208@oracle.com> <4E5E8AE3.3070402@gmx.de> <4E5FE753.2010705@oracle.com> <4E606D1D.6050509@gmx.de> <4E613565.1080801@oracle.com> <4E625E14.9060101@gmx.de> <4E67AF3D.2090609@oracle.com> Message-ID: <4E6854F5.6000008@gmx.de> Am 07.09.2011 19:51, schrieb Sean Mullan: > On 9/3/11 1:04 PM, Sebastian Sickelmann wrote: >> Am 02.09.2011 21:58, schrieb Sean Mullan: >>> On 9/2/11 1:43 AM, Sebastian Sickelmann wrote: >>>>>> Here is the updated webrev: >>>>>> http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_0/ >>>>> Hmm, the main problem I have with this change is that the printStackTrace >>>>> methods will no longer print the stack trace of the cause because it will always >>>>> be null. That doesn't seem right to me, as it could be considered an >>>>> incompatible change, and it will make it harder to debug issues. >>>> The printStackTrace in Throwable calls the overridden getCause(). >>>> Maybe we should add @Override to it. >>>> Updated the webrev to: >>>> http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_1/ >>> In that case, my main concern is addressed then. I would probably want someone >>> from our TCK team to also review it with respect to JSR 105 compatibility, so >>> I'll see if I can find someone. >> Fine, that would be good. >>> But first, can you expand your webrev to include the other Exception classes in >>> javax.xml.crypto.**? >> The new webrev is here: >> http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_2/ > In some classes the initCause comment is misspelled as initCaus. What about a > test case, for example testing to make sure initCause throws an exception? Can > you write one? Yes will fix this and create some tests. > Also, I have asked someone from the TCK team to look at this and he said he will > do that by Friday. It might require a CCC change because the behavior of > initCause is different. I am hoping it doesn't require a JSR 105 maintenance > revision though. I hope so too. A JSR 105 maintenance revision is way to big for this tiny "improvement"/change. > --Sean -- Sebastian From sebastian.sickelmann at gmx.de Thu Sep 8 17:47:41 2011 From: sebastian.sickelmann at gmx.de (Sebastian Sickelmann) Date: Thu, 08 Sep 2011 19:47:41 +0200 Subject: 7081804: Remove cause field from javax.xml.crypto.NoSuchMechnismException In-Reply-To: <4E67AF3D.2090609@oracle.com> References: <4E525386.9000207@gmx.de> <4E52758D.2020208@oracle.com> <4E5E8AE3.3070402@gmx.de> <4E5FE753.2010705@oracle.com> <4E606D1D.6050509@gmx.de> <4E613565.1080801@oracle.com> <4E625E14.9060101@gmx.de> <4E67AF3D.2090609@oracle.com> Message-ID: <4E68FFBD.2030601@gmx.de> Am 07.09.2011 19:51, schrieb Sean Mullan: > On 9/3/11 1:04 PM, Sebastian Sickelmann wrote: >> Am 02.09.2011 21:58, schrieb Sean Mullan: >>> On 9/2/11 1:43 AM, Sebastian Sickelmann wrote: >>>>>> Here is the updated webrev: >>>>>> http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_0/ >>>>> Hmm, the main problem I have with this change is that the printStackTrace >>>>> methods will no longer print the stack trace of the cause because it will always >>>>> be null. That doesn't seem right to me, as it could be considered an >>>>> incompatible change, and it will make it harder to debug issues. >>>> The printStackTrace in Throwable calls the overridden getCause(). >>>> Maybe we should add @Override to it. >>>> Updated the webrev to: >>>> http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_1/ >>> In that case, my main concern is addressed then. I would probably want someone >>> from our TCK team to also review it with respect to JSR 105 compatibility, so >>> I'll see if I can find someone. >> Fine, that would be good. >>> But first, can you expand your webrev to include the other Exception classes in >>> javax.xml.crypto.**? >> The new webrev is here: >> http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_2/ > In some classes the initCause comment is misspelled as initCaus. What about a > test case, for example testing to make sure initCause throws an exception? Can > you write one? While creating an test(suggested code below) for this, i thought a little bit about if it is really good to change the behavoir of the ctors without a cause (defaultctor, ctor with message). What is the best behavoir (see DEFAULT and MESSAGE_ONLY cases below) . Should in the cases DEFAULT and MESSAGE_ONLY the cause mutable? I actually think this would the better solution, cause it is what the users can actually do with the exceptions in javax/xml/crypto. Or should the test check on imutability in all cases? > Also, I have asked someone from the TCK team to look at this and he said he will > do that by Friday. It might require a CCC change because the behavior of > initCause is different. I am hoping it doesn't require a JSR 105 maintenance > revision though. > > --Sean public class PreventOverridingOfChaining { private static final Class[] DEFAULT = new Class[]{}; private static final Class[] MESSAGE_ONLY = new Class[]{String.class}; private static final Class[] CAUSE_ONLY = new Class[]{Throwable.class}; private static final Class[] BOTH = new Class[]{String.class, Throwable.class}; private static final Class[] URI_REFERENCE_SPECIAL = new Class[]{String.class, Throwable.class, URIReference.class}; public static void main(String args[]) throws Exception { check(NoSuchMechanismException.class); // all other exceptions. } private static void check(Class exClass) throws ReflectiveOperationException { Constructor[] constructors = (Constructor[]) exClass.getConstructors(); for (Constructor ctor : constructors) { Class[] parameterTypes = ctor.getParameterTypes(); if (Arrays.equals(DEFAULT, parameterTypes)) { checkMutable(ctor.newInstance()); } else if (Arrays.equals(MESSAGE_ONLY, parameterTypes)) { checkMutable(ctor.newInstance("msg")); } else if (Arrays.equals(CAUSE_ONLY, parameterTypes)) { checkImutable(ctor.newInstance(new RuntimeException("RE"))); } else if (Arrays.equals(BOTH, parameterTypes)) { checkImutable(ctor.newInstance("msg",new RuntimeException("RE"))); } else if (Arrays.equals(URI_REFERENCE_SPECIAL, parameterTypes)) { checkImutable(ctor.newInstance("msg",new RuntimeException("RE"),new URIReference() { @Override public String getURI() { return "URI"; } @Override public String getType() { return "Type"; } })); } } } private static void checkMutable(Throwable th) { th.initCause(new RuntimeException()); } private static void checkImutable(Throwable th) { try { th.initCause(new RuntimeException()); throw new RuntimeException("Exception expected"); } catch (IllegalStateException e) { // Everything is fine } } } From xuelei.fan at oracle.com Fri Sep 9 00:52:23 2011 From: xuelei.fan at oracle.com (Xuelei Fan) Date: Fri, 09 Sep 2011 08:52:23 +0800 Subject: code review request: 7047200: keytool safe store (was Misleading error message) In-Reply-To: <4E688721.7040104@oracle.com> References: <23399182.1309308648847.JavaMail.sbladm@swsblss4-new> <4E688721.7040104@oracle.com> Message-ID: <4E696347.5060401@oracle.com> KeyStore.store() will damage the key store/output stream because of java.lang.IllegalArgumentException: password can't be null, is it right? It seems that before the exception, there is nothing write to the output stream. I'm not sure why the key store will be damaged. What's you evaluation? Thanks, Xuelei On 9/8/2011 5:13 PM, Weijun Wang wrote: > > Bug weblink: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7047200 > Webrev: http://cr.openjdk.java.net/~weijun/7047200/webrev.00/ > > The original bug report is a false report. However, because of a simple > input error, the keystore file is damaged permanently. This is > definitely not a nice user experience. > > The fix stores the keystore content to a byte array first before writing > it to a file. An alternative way would be store the content to a new > file name and then do a remove-and-rename, but since keystore files are > normally small, it's not worth trying. > > Thanks > Max > > On 06/29/2011 08:50 AM, weijun.wang at oracle.com wrote: >> 7047200: keytool safe store (was Misleading error message) >> >> >> === *Description* >> ============================================================ >> FULL PRODUCT VERSION : >> java version "1.6.0_25" >> Java(TM) SE Runtime Environment (build 1.6.0_25-b06) >> Java HotSpot(TM) Client VM (build 20.0-b11, mixed mode, sharing) >> >> ADDITIONAL OS VERSION INFORMATION : >> Microsoft Windows XP [Version 5.1.2600] >> (C) Copyright 1985-2001 Microsoft Corp. >> >> A DESCRIPTION OF THE PROBLEM : >> Why is an error being generated after I key in the password twice? >> >> REGRESSION. Last worked in version 6u25 >> >> STEPS TO FOLLOW TO REPRODUCE THE PROBLEM : >> Command Line >> Microsoft Windows XP [Version 5.1.2600] >> (C) Copyright 1985-2001 Microsoft Corp. >> >> C:\Documents and Settings\Jon>keytool -genkeypair -v -protected -alias >> jon -file >> certif.file >> What is your first and last name? >> [Unknown]: Jon C. >> What is the name of your organizational unit? >> [Unknown]: @Jon's >> What is the name of your organization? >> [Unknown]: @Jon's >> What is the name of your City or Locality? >> [Unknown]: Birkirkara >> What is the name of your State or Province? >> [Unknown]: Malta(EU) >> What is the two-letter country code for this unit? >> [Unknown]: MT >> Is CN=Jon C., OU=@Jon's, O=@Jon's, L=Birkirkara, ST=Malta(EU), C=MT >> correct? >> [no]: yes >> >> Generating 1,024 bit DSA key pair and self-signed certificate >> (SHA1withDSA) with >> a validity of 90 days >> for: CN=Jon C., OU=@Jon's, O=@Jon's, L=Birkirkara, ST=Malta(EU), C=MT >> Enter key password for >> (RETURN if same as keystore password): >> Re-enter new password: >> [Storing C:\Documents and Settings\Jon\.keystore] >> >> >> EXPECTED VERSUS ACTUAL BEHAVIOR : >> EXPECTED - >> PKI should be generated >> ACTUAL - >> Error message is displayed. >> >> ERROR MESSAGES/STACK TRACES THAT OCCUR : >> keytool error: java.lang.IllegalArgumentException: password can't be null >> java.lang.IllegalArgumentException: password can't be null >> at sun.security.provider.JavaKeyStore.engineStore(JavaKeyStore.java:508) >> >> at sun.security.provider.JavaKeyStore$JKS.engineStore(JavaKeyStore.java: >> 38) >> at java.security.KeyStore.store(KeyStore.java:1117) >> at sun.security.tools.KeyTool.doCommands(KeyTool.java:901) >> at sun.security.tools.KeyTool.run(KeyTool.java:171) >> at sun.security.tools.KeyTool.main(KeyTool.java:165) >> >> REPRODUCIBILITY : >> This bug can be reproduced always. >> >> === *Evaluation* >> ============================================================= >> This is mainly a user error: >> >>> keytool -genkeypair -v -protected -alias jon -file certif.file >> >> 1. Does the user intent to create a new keystore certif.file? If so, >> please use "-keystore certif.file". >> >> 2. The default keystore type at the moment, JKS, is file-based. So, do >> not specify "-protected". This option is for token-based keystores >> which has their own special protection mechanism. >> >> Having said that, we can enhance keytool to deal with this user input >> error more friendly. From weijun.wang at oracle.com Fri Sep 9 01:38:55 2011 From: weijun.wang at oracle.com (Weijun Wang) Date: Fri, 09 Sep 2011 09:38:55 +0800 Subject: code review request: 7047200: keytool safe store (was Misleading error message) In-Reply-To: <4E696347.5060401@oracle.com> References: <23399182.1309308648847.JavaMail.sbladm@swsblss4-new> <4E688721.7040104@oracle.com> <4E696347.5060401@oracle.com> Message-ID: <4E696E2F.9030704@oracle.com> On 09/09/2011 08:52 AM, Xuelei Fan wrote: > KeyStore.store() will damage the key store/output stream because of > java.lang.IllegalArgumentException: password can't be null, is it right? Yes. > > It seems that before the exception, there is nothing write to the output > stream. I'm not sure why the key store will be damaged. What's you > evaluation? In the bug report (as well as my regression test), the user mistakenly adds -protected to the command line so there is no prompt for password, and keytool finally goes to "KeyStore.store(outStream, pass)" with pass==null. Here, the outStream is opened as a FileOutputStream to the keystore file, but since the store method fails, nothing is really written out and the file becomes empty. -Max > > Thanks, > Xuelei > > On 9/8/2011 5:13 PM, Weijun Wang wrote: >> >> Bug weblink: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7047200 >> Webrev: http://cr.openjdk.java.net/~weijun/7047200/webrev.00/ >> >> The original bug report is a false report. However, because of a simple >> input error, the keystore file is damaged permanently. This is >> definitely not a nice user experience. >> >> The fix stores the keystore content to a byte array first before writing >> it to a file. An alternative way would be store the content to a new >> file name and then do a remove-and-rename, but since keystore files are >> normally small, it's not worth trying. >> >> Thanks >> Max >> >> On 06/29/2011 08:50 AM, weijun.wang at oracle.com wrote: >>> 7047200: keytool safe store (was Misleading error message) >>> >>> >>> === *Description* >>> ============================================================ >>> FULL PRODUCT VERSION : >>> java version "1.6.0_25" >>> Java(TM) SE Runtime Environment (build 1.6.0_25-b06) >>> Java HotSpot(TM) Client VM (build 20.0-b11, mixed mode, sharing) >>> >>> ADDITIONAL OS VERSION INFORMATION : >>> Microsoft Windows XP [Version 5.1.2600] >>> (C) Copyright 1985-2001 Microsoft Corp. >>> >>> A DESCRIPTION OF THE PROBLEM : >>> Why is an error being generated after I key in the password twice? >>> >>> REGRESSION. Last worked in version 6u25 >>> >>> STEPS TO FOLLOW TO REPRODUCE THE PROBLEM : >>> Command Line >>> Microsoft Windows XP [Version 5.1.2600] >>> (C) Copyright 1985-2001 Microsoft Corp. >>> >>> C:\Documents and Settings\Jon>keytool -genkeypair -v -protected -alias >>> jon -file >>> certif.file >>> What is your first and last name? >>> [Unknown]: Jon C. >>> What is the name of your organizational unit? >>> [Unknown]: @Jon's >>> What is the name of your organization? >>> [Unknown]: @Jon's >>> What is the name of your City or Locality? >>> [Unknown]: Birkirkara >>> What is the name of your State or Province? >>> [Unknown]: Malta(EU) >>> What is the two-letter country code for this unit? >>> [Unknown]: MT >>> Is CN=Jon C., OU=@Jon's, O=@Jon's, L=Birkirkara, ST=Malta(EU), C=MT >>> correct? >>> [no]: yes >>> >>> Generating 1,024 bit DSA key pair and self-signed certificate >>> (SHA1withDSA) with >>> a validity of 90 days >>> for: CN=Jon C., OU=@Jon's, O=@Jon's, L=Birkirkara, ST=Malta(EU), C=MT >>> Enter key password for >>> (RETURN if same as keystore password): >>> Re-enter new password: >>> [Storing C:\Documents and Settings\Jon\.keystore] >>> >>> >>> EXPECTED VERSUS ACTUAL BEHAVIOR : >>> EXPECTED - >>> PKI should be generated >>> ACTUAL - >>> Error message is displayed. >>> >>> ERROR MESSAGES/STACK TRACES THAT OCCUR : >>> keytool error: java.lang.IllegalArgumentException: password can't be null >>> java.lang.IllegalArgumentException: password can't be null >>> at sun.security.provider.JavaKeyStore.engineStore(JavaKeyStore.java:508) >>> >>> at sun.security.provider.JavaKeyStore$JKS.engineStore(JavaKeyStore.java: >>> 38) >>> at java.security.KeyStore.store(KeyStore.java:1117) >>> at sun.security.tools.KeyTool.doCommands(KeyTool.java:901) >>> at sun.security.tools.KeyTool.run(KeyTool.java:171) >>> at sun.security.tools.KeyTool.main(KeyTool.java:165) >>> >>> REPRODUCIBILITY : >>> This bug can be reproduced always. >>> >>> === *Evaluation* >>> ============================================================= >>> This is mainly a user error: >>> >>>> keytool -genkeypair -v -protected -alias jon -file certif.file >>> >>> 1. Does the user intent to create a new keystore certif.file? If so, >>> please use "-keystore certif.file". >>> >>> 2. The default keystore type at the moment, JKS, is file-based. So, do >>> not specify "-protected". This option is for token-based keystores >>> which has their own special protection mechanism. >>> >>> Having said that, we can enhance keytool to deal with this user input >>> error more friendly. > From xuelei.fan at oracle.com Fri Sep 9 02:46:03 2011 From: xuelei.fan at oracle.com (Xuelei Fan) Date: Fri, 09 Sep 2011 10:46:03 +0800 Subject: code review request: 7047200: keytool safe store (was Misleading error message) In-Reply-To: <4E696E2F.9030704@oracle.com> References: <23399182.1309308648847.JavaMail.sbladm@swsblss4-new> <4E688721.7040104@oracle.com> <4E696347.5060401@oracle.com> <4E696E2F.9030704@oracle.com> Message-ID: <4E697DEB.4090504@oracle.com> Thanks for the answer. The fix looks fine to me. Thanks, Xuelei On 9/9/2011 9:38 AM, Weijun Wang wrote: > > On 09/09/2011 08:52 AM, Xuelei Fan wrote: >> KeyStore.store() will damage the key store/output stream because of >> java.lang.IllegalArgumentException: password can't be null, is it right? > > Yes. > >> >> It seems that before the exception, there is nothing write to the output >> stream. I'm not sure why the key store will be damaged. What's you >> evaluation? > > In the bug report (as well as my regression test), the user mistakenly > adds -protected to the command line so there is no prompt for password, > and keytool finally goes to "KeyStore.store(outStream, pass)" with > pass==null. Here, the outStream is opened as a FileOutputStream to the > keystore file, but since the store method fails, nothing is really > written out and the file becomes empty. > > -Max > >> >> Thanks, >> Xuelei >> >> On 9/8/2011 5:13 PM, Weijun Wang wrote: >>> >>> Bug weblink: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7047200 >>> Webrev: http://cr.openjdk.java.net/~weijun/7047200/webrev.00/ >>> >>> The original bug report is a false report. However, because of a simple >>> input error, the keystore file is damaged permanently. This is >>> definitely not a nice user experience. >>> >>> The fix stores the keystore content to a byte array first before writing >>> it to a file. An alternative way would be store the content to a new >>> file name and then do a remove-and-rename, but since keystore files are >>> normally small, it's not worth trying. >>> >>> Thanks >>> Max >>> >>> On 06/29/2011 08:50 AM, weijun.wang at oracle.com wrote: >>>> 7047200: keytool safe store (was Misleading error message) >>>> >>>> >>>> === *Description* >>>> ============================================================ >>>> FULL PRODUCT VERSION : >>>> java version "1.6.0_25" >>>> Java(TM) SE Runtime Environment (build 1.6.0_25-b06) >>>> Java HotSpot(TM) Client VM (build 20.0-b11, mixed mode, sharing) >>>> >>>> ADDITIONAL OS VERSION INFORMATION : >>>> Microsoft Windows XP [Version 5.1.2600] >>>> (C) Copyright 1985-2001 Microsoft Corp. >>>> >>>> A DESCRIPTION OF THE PROBLEM : >>>> Why is an error being generated after I key in the password twice? >>>> >>>> REGRESSION. Last worked in version 6u25 >>>> >>>> STEPS TO FOLLOW TO REPRODUCE THE PROBLEM : >>>> Command Line >>>> Microsoft Windows XP [Version 5.1.2600] >>>> (C) Copyright 1985-2001 Microsoft Corp. >>>> >>>> C:\Documents and Settings\Jon>keytool -genkeypair -v -protected -alias >>>> jon -file >>>> certif.file >>>> What is your first and last name? >>>> [Unknown]: Jon C. >>>> What is the name of your organizational unit? >>>> [Unknown]: @Jon's >>>> What is the name of your organization? >>>> [Unknown]: @Jon's >>>> What is the name of your City or Locality? >>>> [Unknown]: Birkirkara >>>> What is the name of your State or Province? >>>> [Unknown]: Malta(EU) >>>> What is the two-letter country code for this unit? >>>> [Unknown]: MT >>>> Is CN=Jon C., OU=@Jon's, O=@Jon's, L=Birkirkara, ST=Malta(EU), C=MT >>>> correct? >>>> [no]: yes >>>> >>>> Generating 1,024 bit DSA key pair and self-signed certificate >>>> (SHA1withDSA) with >>>> a validity of 90 days >>>> for: CN=Jon C., OU=@Jon's, O=@Jon's, L=Birkirkara, ST=Malta(EU), C=MT >>>> Enter key password for >>>> (RETURN if same as keystore password): >>>> Re-enter new password: >>>> [Storing C:\Documents and Settings\Jon\.keystore] >>>> >>>> >>>> EXPECTED VERSUS ACTUAL BEHAVIOR : >>>> EXPECTED - >>>> PKI should be generated >>>> ACTUAL - >>>> Error message is displayed. >>>> >>>> ERROR MESSAGES/STACK TRACES THAT OCCUR : >>>> keytool error: java.lang.IllegalArgumentException: password can't be >>>> null >>>> java.lang.IllegalArgumentException: password can't be null >>>> at >>>> sun.security.provider.JavaKeyStore.engineStore(JavaKeyStore.java:508) >>>> >>>> at >>>> sun.security.provider.JavaKeyStore$JKS.engineStore(JavaKeyStore.java: >>>> 38) >>>> at java.security.KeyStore.store(KeyStore.java:1117) >>>> at sun.security.tools.KeyTool.doCommands(KeyTool.java:901) >>>> at sun.security.tools.KeyTool.run(KeyTool.java:171) >>>> at sun.security.tools.KeyTool.main(KeyTool.java:165) >>>> >>>> REPRODUCIBILITY : >>>> This bug can be reproduced always. >>>> >>>> === *Evaluation* >>>> ============================================================= >>>> This is mainly a user error: >>>> >>>>> keytool -genkeypair -v -protected -alias jon -file certif.file >>>> >>>> 1. Does the user intent to create a new keystore certif.file? If so, >>>> please use "-keystore certif.file". >>>> >>>> 2. The default keystore type at the moment, JKS, is file-based. So, do >>>> not specify "-protected". This option is for token-based keystores >>>> which has their own special protection mechanism. >>>> >>>> Having said that, we can enhance keytool to deal with this user input >>>> error more friendly. >> From weijun.wang at oracle.com Fri Sep 9 03:19:44 2011 From: weijun.wang at oracle.com (weijun.wang at oracle.com) Date: Fri, 09 Sep 2011 03:19:44 +0000 Subject: hg: jdk8/tl/jdk: 7047200: keytool safe store Message-ID: <20110909032012.D2965474B7@hg.openjdk.java.net> Changeset: 0e6076fed003 Author: weijun Date: 2011-09-09 11:18 +0800 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0e6076fed003 7047200: keytool safe store Reviewed-by: xuelei ! src/share/classes/sun/security/tools/KeyTool.java + test/sun/security/tools/keytool/trystore.sh From sebastian.sickelmann at gmx.de Fri Sep 9 13:24:50 2011 From: sebastian.sickelmann at gmx.de (Sebastian Sickelmann) Date: Fri, 09 Sep 2011 15:24:50 +0200 Subject: 7081804: Remove cause field from javax.xml.crypto.NoSuchMechnismException In-Reply-To: <4E68FFBD.2030601@gmx.de> References: <4E525386.9000207@gmx.de> <4E52758D.2020208@oracle.com> <4E5E8AE3.3070402@gmx.de> <4E5FE753.2010705@oracle.com> <4E606D1D.6050509@gmx.de> <4E613565.1080801@oracle.com> <4E625E14.9060101@gmx.de> <4E67AF3D.2090609@oracle.com> <4E68FFBD.2030601@gmx.de> Message-ID: <4E6A13A2.2020503@gmx.de> Am 08.09.2011 19:47, schrieb Sebastian Sickelmann: > Am 07.09.2011 19:51, schrieb Sean Mullan: >> On 9/3/11 1:04 PM, Sebastian Sickelmann wrote: >>> Am 02.09.2011 21:58, schrieb Sean Mullan: >>>> On 9/2/11 1:43 AM, Sebastian Sickelmann wrote: >>>>>>> Here is the updated webrev: >>>>>>> http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_0/ >>>>>>> >>>>>> Hmm, the main problem I have with this change is that the >>>>>> printStackTrace >>>>>> methods will no longer print the stack trace of the cause because >>>>>> it will always >>>>>> be null. That doesn't seem right to me, as it could be considered an >>>>>> incompatible change, and it will make it harder to debug issues. >>>>> The printStackTrace in Throwable calls the overridden getCause(). >>>>> Maybe we should add @Override to it. >>>>> Updated the webrev to: >>>>> http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_1/ >>>> In that case, my main concern is addressed then. I would probably >>>> want someone >>>> from our TCK team to also review it with respect to JSR 105 >>>> compatibility, so >>>> I'll see if I can find someone. >>> Fine, that would be good. >>>> But first, can you expand your webrev to include the other >>>> Exception classes in >>>> javax.xml.crypto.**? >>> The new webrev is here: >>> http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_2/ >> In some classes the initCause comment is misspelled as initCaus. What >> about a >> test case, for example testing to make sure initCause throws an >> exception? Can >> you write one? > While creating an test(suggested code below) for this, i thought a > little bit about if it is really good to change the behavoir of the > ctors without a cause (defaultctor, ctor with message). > What is the best behavoir (see DEFAULT and MESSAGE_ONLY cases below) . > Should in the cases DEFAULT and MESSAGE_ONLY the cause mutable? I > actually think this would the better solution, cause it is what the > users can actually do with the exceptions in javax/xml/crypto. Or > should the test check on imutability in all cases? > >> Also, I have asked someone from the TCK team to look at this and he >> said he will >> do that by Friday. It might require a CCC change because the behavior of >> initCause is different. I am hoping it doesn't require a JSR 105 >> maintenance >> revision though. >> >> --Sean > > > i have updated the webrev [0]. But i think that L69 and L72 of the test should be changed to checkMutable and the implementation of the exceptions accordantly. [0] http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_3 -- Sebastian From michael.x.mcmahon at oracle.com Fri Sep 9 13:37:55 2011 From: michael.x.mcmahon at oracle.com (michael.x.mcmahon at oracle.com) Date: Fri, 09 Sep 2011 13:37:55 +0000 Subject: hg: jdk8/tl/jdk: 2 new changesets Message-ID: <20110909133824.D9943474DE@hg.openjdk.java.net> Changeset: e8eee45e1ca5 Author: michaelm Date: 2011-09-09 14:04 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/e8eee45e1ca5 7085981: XXSocket types depend on impl finalizer to close if constructor throws exception Reviewed-by: alanb, chegar ! src/share/classes/java/net/DatagramSocket.java ! src/share/classes/java/net/MulticastSocket.java ! src/share/classes/java/net/Socket.java Changeset: 0ba4b29c7d9a Author: michaelm Date: 2011-09-09 14:14 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0ba4b29c7d9a Merge From michael.x.mcmahon at oracle.com Fri Sep 9 14:39:03 2011 From: michael.x.mcmahon at oracle.com (michael.x.mcmahon at oracle.com) Date: Fri, 09 Sep 2011 14:39:03 +0000 Subject: hg: jdk8/tl/jdk: 7088747: Use multicatch in Socket constructor Message-ID: <20110909143914.896E1474E3@hg.openjdk.java.net> Changeset: e995c36bb1eb Author: michaelm Date: 2011-09-09 15:24 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/e995c36bb1eb 7088747: Use multicatch in Socket constructor Reviewed-by: alanb ! src/share/classes/java/net/Socket.java From jonathan.gibbons at oracle.com Sat Sep 10 00:19:08 2011 From: jonathan.gibbons at oracle.com (jonathan.gibbons at oracle.com) Date: Sat, 10 Sep 2011 00:19:08 +0000 Subject: hg: jdk8/tl/langtools: 7073508: Regression: NullPointerException at com.sun.tools.javac.code.Lint$AugmentVisitor.augment Message-ID: <20110910001910.BF42247507@hg.openjdk.java.net> Changeset: 1ee9f9a91e9c Author: jjg Date: 2011-09-09 17:19 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/1ee9f9a91e9c 7073508: Regression: NullPointerException at com.sun.tools.javac.code.Lint$AugmentVisitor.augment Reviewed-by: darcy ! src/share/classes/com/sun/tools/javac/comp/Attr.java + test/tools/javac/annotations/T7043371.java + test/tools/javac/annotations/T7073477.java From alan.bateman at oracle.com Sat Sep 10 13:56:53 2011 From: alan.bateman at oracle.com (alan.bateman at oracle.com) Date: Sat, 10 Sep 2011 13:56:53 +0000 Subject: hg: jdk8/tl/jdk: 7089131: test/java/lang/invoke/InvokeGenericTest.java does not compile Message-ID: <20110910135724.F3D7547529@hg.openjdk.java.net> Changeset: c91176b44c9b Author: alanb Date: 2011-09-10 14:55 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/c91176b44c9b 7089131: test/java/lang/invoke/InvokeGenericTest.java does not compile Reviewed-by: darcy, jrose ! test/java/lang/invoke/InvokeGenericTest.java From lana.steuck at oracle.com Sun Sep 11 06:05:54 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Sun, 11 Sep 2011 06:05:54 +0000 Subject: hg: jdk8/tl/corba: 4 new changesets Message-ID: <20110911060601.9987F47559@hg.openjdk.java.net> Changeset: ed8d94519a87 Author: cl Date: 2011-08-18 18:55 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/corba/rev/ed8d94519a87 Added tag jdk8-b01 for changeset 949fb60ca830 ! .hgtags Changeset: cd0da00694fb Author: schien Date: 2011-08-25 17:17 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/corba/rev/cd0da00694fb Added tag jdk8-b02 for changeset ed8d94519a87 ! .hgtags Changeset: 60a68d688e24 Author: schien Date: 2011-09-01 13:54 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/corba/rev/60a68d688e24 Added tag jdk8-b03 for changeset cd0da00694fb ! .hgtags Changeset: cc1b599b986a Author: schien Date: 2011-09-08 16:59 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/corba/rev/cc1b599b986a Added tag jdk8-b04 for changeset 60a68d688e24 ! .hgtags From lana.steuck at oracle.com Sun Sep 11 06:06:04 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Sun, 11 Sep 2011 06:06:04 +0000 Subject: hg: jdk8/tl/jaxws: 4 new changesets Message-ID: <20110911060604.492224755A@hg.openjdk.java.net> Changeset: 1034127ed402 Author: cl Date: 2011-08-18 18:55 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxws/rev/1034127ed402 Added tag jdk8-b01 for changeset 64df57a1edec ! .hgtags Changeset: 7dcb0307508f Author: schien Date: 2011-08-25 17:18 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxws/rev/7dcb0307508f Added tag jdk8-b02 for changeset 1034127ed402 ! .hgtags Changeset: 3f6f08163331 Author: schien Date: 2011-09-01 13:54 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxws/rev/3f6f08163331 Added tag jdk8-b03 for changeset 7dcb0307508f ! .hgtags Changeset: 7d5d91fddbce Author: schien Date: 2011-09-08 16:59 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxws/rev/7d5d91fddbce Added tag jdk8-b04 for changeset 3f6f08163331 ! .hgtags From lana.steuck at oracle.com Sun Sep 11 06:06:09 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Sun, 11 Sep 2011 06:06:09 +0000 Subject: hg: jdk8/tl/jaxp: 4 new changesets Message-ID: <20110911060609.822594755B@hg.openjdk.java.net> Changeset: ca4d6ad55a66 Author: cl Date: 2011-08-18 18:55 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxp/rev/ca4d6ad55a66 Added tag jdk8-b01 for changeset 4f0fcb812767 ! .hgtags Changeset: 7a74371ce0c6 Author: schien Date: 2011-08-25 17:18 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxp/rev/7a74371ce0c6 Added tag jdk8-b02 for changeset ca4d6ad55a66 ! .hgtags Changeset: acbcadef0b21 Author: schien Date: 2011-09-01 13:54 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxp/rev/acbcadef0b21 Added tag jdk8-b03 for changeset 7a74371ce0c6 ! .hgtags Changeset: ff0a3d78e7a2 Author: schien Date: 2011-09-08 16:59 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxp/rev/ff0a3d78e7a2 Added tag jdk8-b04 for changeset acbcadef0b21 ! .hgtags From lana.steuck at oracle.com Sun Sep 11 06:06:15 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Sun, 11 Sep 2011 06:06:15 +0000 Subject: hg: jdk8/tl/langtools: 5 new changesets Message-ID: <20110911060628.2862C4755C@hg.openjdk.java.net> Changeset: b3c059de2a61 Author: cl Date: 2011-08-18 18:55 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/b3c059de2a61 Added tag jdk8-b01 for changeset e9f118c2bd3c ! .hgtags Changeset: f497fac86cf9 Author: schien Date: 2011-08-25 17:18 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/f497fac86cf9 Added tag jdk8-b02 for changeset b3c059de2a61 ! .hgtags Changeset: 5df63fd8fa64 Author: schien Date: 2011-09-01 13:54 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/5df63fd8fa64 Added tag jdk8-b03 for changeset f497fac86cf9 ! .hgtags Changeset: 5304c2a17d4b Author: schien Date: 2011-09-08 16:59 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/5304c2a17d4b Added tag jdk8-b04 for changeset 5df63fd8fa64 ! .hgtags Changeset: 9aca3534ddf4 Author: lana Date: 2011-09-10 21:31 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/9aca3534ddf4 Merge From lana.steuck at oracle.com Sun Sep 11 06:06:24 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Sun, 11 Sep 2011 06:06:24 +0000 Subject: hg: jdk8/tl/hotspot: 68 new changesets Message-ID: <20110911060844.E3E674755D@hg.openjdk.java.net> Changeset: 31e253c1da42 Author: cl Date: 2011-08-18 18:55 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/31e253c1da42 Added tag jdk8-b01 for changeset 0cc8a70952c3 ! .hgtags Changeset: a3592789b47c Author: schien Date: 2011-08-25 17:17 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/a3592789b47c Added tag jdk8-b02 for changeset 31e253c1da42 ! .hgtags Changeset: 20cac004a4f9 Author: dsamersoff Date: 2011-06-09 01:06 +0400 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/20cac004a4f9 Merge Changeset: 1744e37e032b Author: dsamersoff Date: 2011-06-18 13:32 +0400 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/1744e37e032b Merge Changeset: d425748f2203 Author: dcubed Date: 2011-06-23 20:31 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/d425748f2203 7043987: 3/3 JVMTI FollowReferences is slow Summary: VM_HeapWalkOperation::doit() should only reset mark bits when necessary. Reviewed-by: dsamersoff, ysr, dholmes, dcubed Contributed-by: ashok.srinivasa.murthy at oracle.com ! src/share/vm/prims/jvmtiTagMap.cpp Changeset: 88dce6a60ac8 Author: dcubed Date: 2011-06-29 20:28 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/88dce6a60ac8 6951623: 3/3 possible performance problems in FollowReferences() and GetObjectsWithTags() Summary: Call collect_stack_roots() before collect_simple_roots() as an optimization. Reviewed-by: ysr, dsamersoff, dcubed Contributed-by: ashok.srinivasa.murthy at oracle.com ! src/share/vm/prims/jvmtiTagMap.cpp Changeset: 109d1d265924 Author: dholmes Date: 2011-07-02 04:17 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/109d1d265924 7052988: JPRT embedded builds don't set MINIMIZE_RAM_USAGE Reviewed-by: kamg, dsamersoff ! make/jprt.gmk Changeset: 5447b2c582ad Author: coleenp Date: 2011-07-07 22:34 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/5447b2c582ad Merge Changeset: bcc6475bc68f Author: coleenp Date: 2011-07-16 22:21 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/bcc6475bc68f Merge Changeset: 0b80db433fcb Author: dholmes Date: 2011-07-22 00:29 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/0b80db433fcb 7046490: Preallocated OOME objects should obey Throwable stack trace protocol Summary: Update the OOME stacktrace to contain Throwable.UNASSIGNED_STACK when the backtrace is filled in Reviewed-by: mchung, phh ! src/share/vm/classfile/javaClasses.cpp ! src/share/vm/classfile/javaClasses.hpp Changeset: 8107273fd204 Author: coleenp Date: 2011-07-23 10:42 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/8107273fd204 Merge Changeset: ca1f1753c866 Author: andrew Date: 2011-07-28 14:10 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/ca1f1753c866 7072341: enable hotspot builds on Linux 3.0 Summary: Add "3" to list of allowable versions Reviewed-by: kamg, chrisphi ! make/linux/Makefile Changeset: 14a2fd14c0db Author: johnc Date: 2011-08-01 10:04 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/14a2fd14c0db 7068240: G1: Long "parallel other time" and "ext root scanning" when running specific benchmark Summary: In root processing, move the scanning of the reference processor's discovered lists to before RSet updating and scanning. When scanning the reference processor's discovered lists, use a buffering closure so that the time spent copying any reference object is correctly attributed. Also removed a couple of unused and irrelevant timers. Reviewed-by: ysr, jmasa ! src/share/vm/gc_implementation/g1/g1CollectedHeap.cpp ! src/share/vm/gc_implementation/g1/g1CollectedHeap.hpp ! src/share/vm/gc_implementation/g1/g1CollectorPolicy.cpp ! src/share/vm/gc_implementation/g1/g1CollectorPolicy.hpp Changeset: 6aa4feb8a366 Author: johnc Date: 2011-08-02 12:13 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/6aa4feb8a366 7069863: G1: SIGSEGV running SPECjbb2011 and -UseBiasedLocking Summary: Align the reserved size of the heap and perm to the heap region size to get a preferred heap base that is aligned to the region size, and call the correct heap reservation constructor. Also add a check in the heap reservation code that the reserved space starts at the requested address (if any). Reviewed-by: kvn, ysr ! src/share/vm/gc_implementation/g1/g1CollectedHeap.cpp ! src/share/vm/runtime/virtualspace.cpp Changeset: a20e6e447d3d Author: iveresov Date: 2011-08-05 16:44 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/a20e6e447d3d 7060842: UseNUMA crash with UseHugreTLBFS running SPECjvm2008 Summary: Use mmap() instead of madvise(MADV_DONTNEED) to uncommit pages Reviewed-by: ysr ! src/os/linux/vm/os_linux.cpp Changeset: 7c2653aefc46 Author: iveresov Date: 2011-08-05 16:50 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/7c2653aefc46 7060836: RHEL 5.5 and 5.6 should support UseNUMA Summary: Add a wrapper for sched_getcpu() for systems where libc lacks it Reviewed-by: ysr Contributed-by: Andrew John Hughes ! src/os/linux/vm/os_linux.cpp ! src/os/linux/vm/os_linux.hpp Changeset: 41e6ee74f879 Author: kevinw Date: 2011-08-02 14:37 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/41e6ee74f879 7072527: CMS: JMM GC counters overcount in some cases Summary: Avoid overcounting when CMS has concurrent mode failure. Reviewed-by: ysr Contributed-by: rednaxelafx at gmail.com ! src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp ! src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.hpp + test/gc/7072527/TestFullGCCount.java Changeset: e9db47a083cc Author: kevinw Date: 2011-08-11 14:58 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/e9db47a083cc Merge Changeset: 87e40b34bc2b Author: johnc Date: 2011-08-11 11:36 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/87e40b34bc2b 7074579: G1: JVM crash with JDK7 running ATG CRMDemo Fusion App Summary: Handlize MemoryUsage klass oop in createGCInfo routine Reviewed-by: tonyp, fparain, ysr, jcoomes ! src/share/vm/services/gcNotifier.cpp Changeset: f44782f04dd4 Author: tonyp Date: 2011-08-12 11:31 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/f44782f04dd4 7039627: G1: avoid BOT updates for survivor allocations and dirty survivor regions incrementally Summary: Refactor the allocation code during GC to use the G1AllocRegion abstraction. Use separate subclasses of G1AllocRegion for survivor and old regions. Avoid BOT updates and dirty survivor cards incrementally for the former. Reviewed-by: brutisso, johnc, ysr ! src/share/vm/gc_implementation/g1/g1AllocRegion.cpp ! src/share/vm/gc_implementation/g1/g1AllocRegion.hpp ! src/share/vm/gc_implementation/g1/g1CollectedHeap.cpp ! src/share/vm/gc_implementation/g1/g1CollectedHeap.hpp ! src/share/vm/gc_implementation/g1/g1CollectedHeap.inline.hpp ! src/share/vm/gc_implementation/g1/g1CollectorPolicy.cpp ! src/share/vm/gc_implementation/g1/g1CollectorPolicy.hpp ! src/share/vm/gc_implementation/g1/heapRegion.cpp ! src/share/vm/gc_implementation/g1/heapRegion.hpp ! src/share/vm/gc_implementation/g1/heapRegionRemSet.cpp Changeset: 76b1a9420e3d Author: ysr Date: 2011-08-16 08:02 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/76b1a9420e3d Merge Changeset: 46cb9a7b8b01 Author: dsamersoff Date: 2011-08-10 15:04 +0400 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/46cb9a7b8b01 7073913: The fix for 7017193 causes segfaults Summary: Buffer overflow in os::get_line_chars Reviewed-by: coleenp, dholmes, dcubed Contributed-by: aph at redhat.com ! src/share/vm/runtime/os.cpp Changeset: b1cbb0907b36 Author: zgu Date: 2011-04-15 09:34 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/b1cbb0907b36 7016797: Hotspot: securely/restrictive load dlls and new API for loading system dlls Summary: Created Windows Dll wrapped to handle jdk6 and jdk7 platform requirements, also provided more restictive Dll search orders for Windows system Dlls. Reviewed-by: acorn, dcubed, ohair, alanb ! make/windows/makefiles/compile.make ! src/os/windows/vm/decoder_windows.cpp ! src/os/windows/vm/jvm_windows.h ! src/os/windows/vm/os_windows.cpp ! src/os/windows/vm/os_windows.hpp Changeset: 279ef1916773 Author: zgu Date: 2011-07-12 21:13 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/279ef1916773 7065535: Mistyped function name that disabled UseLargePages on Windows Summary: Missing suffix "A" of Windows API LookupPrivilegeValue failed finding function pointer, caused VM to disable UseLargePages option Reviewed-by: coleenp, phh ! src/os/windows/vm/os_windows.cpp Changeset: a68e11dceb83 Author: zgu Date: 2011-08-16 09:18 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/a68e11dceb83 Merge Changeset: 00ed4ccfe642 Author: collins Date: 2011-08-17 07:05 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/00ed4ccfe642 Merge Changeset: 43f9d800f276 Author: iveresov Date: 2011-07-20 18:04 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/43f9d800f276 7066339: Tiered: policy should make consistent decisions about osr levels Summary: Added feedback disabling flag to common(), fixed handling of TieredStopAtLevel. Reviewed-by: kvn, never ! src/share/vm/classfile/classLoader.cpp ! src/share/vm/interpreter/linkResolver.cpp ! src/share/vm/prims/methodHandles.cpp ! src/share/vm/runtime/advancedThresholdPolicy.cpp ! src/share/vm/runtime/advancedThresholdPolicy.hpp ! src/share/vm/runtime/compilationPolicy.hpp ! src/share/vm/runtime/javaCalls.cpp ! src/share/vm/runtime/simpleThresholdPolicy.cpp ! src/share/vm/runtime/simpleThresholdPolicy.hpp Changeset: 6a991dcb52bb Author: never Date: 2011-07-21 08:38 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/6a991dcb52bb 7012081: JSR 292: SA-JDI can't read MH/MT/Indy ConstantPool entries Reviewed-by: kvn, twisti, jrose ! agent/src/share/classes/sun/jvm/hotspot/interpreter/Bytecode.java - agent/src/share/classes/sun/jvm/hotspot/interpreter/BytecodeFastAAccess0.java - agent/src/share/classes/sun/jvm/hotspot/interpreter/BytecodeFastIAccess0.java ! agent/src/share/classes/sun/jvm/hotspot/interpreter/BytecodeLoadConstant.java ! agent/src/share/classes/sun/jvm/hotspot/interpreter/BytecodeStream.java ! agent/src/share/classes/sun/jvm/hotspot/interpreter/BytecodeWideable.java ! agent/src/share/classes/sun/jvm/hotspot/interpreter/BytecodeWithCPIndex.java ! agent/src/share/classes/sun/jvm/hotspot/interpreter/Bytecodes.java ! agent/src/share/classes/sun/jvm/hotspot/oops/ConstMethod.java ! agent/src/share/classes/sun/jvm/hotspot/oops/ConstantPool.java ! agent/src/share/classes/sun/jvm/hotspot/oops/ConstantPoolCache.java ! agent/src/share/classes/sun/jvm/hotspot/oops/GenerateOopMap.java ! agent/src/share/classes/sun/jvm/hotspot/oops/Method.java ! agent/src/share/classes/sun/jvm/hotspot/oops/TypeArray.java ! agent/src/share/classes/sun/jvm/hotspot/utilities/ConstantTag.java ! src/share/vm/oops/generateOopMap.cpp Changeset: 3d42f82cd811 Author: kvn Date: 2011-07-21 11:25 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/3d42f82cd811 7063628: Use cbcond on T4 Summary: Add new short branch instruction to Hotspot sparc assembler. Reviewed-by: never, twisti, jrose ! src/cpu/sparc/vm/assembler_sparc.cpp ! src/cpu/sparc/vm/assembler_sparc.hpp ! src/cpu/sparc/vm/assembler_sparc.inline.hpp ! src/cpu/sparc/vm/c1_CodeStubs_sparc.cpp ! src/cpu/sparc/vm/c1_LIRAssembler_sparc.cpp ! src/cpu/sparc/vm/c1_MacroAssembler_sparc.cpp ! src/cpu/sparc/vm/c1_Runtime1_sparc.cpp ! src/cpu/sparc/vm/cppInterpreter_sparc.cpp ! src/cpu/sparc/vm/interp_masm_sparc.cpp ! src/cpu/sparc/vm/interpreter_sparc.cpp ! src/cpu/sparc/vm/methodHandles_sparc.cpp ! src/cpu/sparc/vm/sharedRuntime_sparc.cpp ! src/cpu/sparc/vm/sparc.ad ! src/cpu/sparc/vm/stubGenerator_sparc.cpp ! src/cpu/sparc/vm/templateInterpreter_sparc.cpp ! src/cpu/sparc/vm/templateTable_sparc.cpp ! src/cpu/sparc/vm/vm_version_sparc.cpp ! src/cpu/sparc/vm/vm_version_sparc.hpp ! src/cpu/sparc/vm/vtableStubs_sparc.cpp ! src/cpu/x86/vm/x86_32.ad ! src/cpu/x86/vm/x86_64.ad ! src/os_cpu/solaris_sparc/vm/vm_version_solaris_sparc.cpp ! src/share/vm/adlc/formssel.cpp ! src/share/vm/adlc/output_c.cpp ! src/share/vm/adlc/output_h.cpp ! src/share/vm/opto/compile.cpp ! src/share/vm/opto/machnode.cpp ! src/share/vm/opto/machnode.hpp ! src/share/vm/opto/output.cpp ! src/share/vm/runtime/globals.hpp Changeset: 4e761e7e6e12 Author: kvn Date: 2011-07-26 19:35 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/4e761e7e6e12 7070134: Hotspot crashes with sigsegv from PorterStemmer Summary: Do not move data nodes which are attached to a predicate test to a dominating test. Reviewed-by: never ! src/share/vm/opto/ifnode.cpp ! src/share/vm/opto/loopPredicate.cpp ! src/share/vm/opto/loopnode.hpp ! src/share/vm/opto/loopopts.cpp + test/compiler/7070134/Stemmer.java + test/compiler/7070134/Test7070134.sh + test/compiler/7070134/words Changeset: 0f34fdee809e Author: never Date: 2011-07-27 15:06 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/0f34fdee809e 7071427: AdapterFingerPrint can hold 8 entries per int Reviewed-by: kvn ! src/share/vm/runtime/java.cpp ! src/share/vm/runtime/sharedRuntime.cpp Changeset: c7b60b601eb4 Author: kvn Date: 2011-07-27 17:28 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/c7b60b601eb4 7069452: Cleanup NodeFlags Summary: Remove flags which duplicate information in Node::NodeClasses. Reviewed-by: never ! src/cpu/sparc/vm/sparc.ad ! src/cpu/x86/vm/x86_32.ad ! src/cpu/x86/vm/x86_64.ad ! src/share/vm/adlc/adlparse.cpp ! src/share/vm/adlc/archDesc.cpp ! src/share/vm/adlc/formssel.cpp ! src/share/vm/adlc/formssel.hpp ! src/share/vm/adlc/output_h.cpp ! src/share/vm/opto/block.cpp ! src/share/vm/opto/callnode.hpp ! src/share/vm/opto/cfgnode.hpp ! src/share/vm/opto/coalesce.cpp ! src/share/vm/opto/gcm.cpp ! src/share/vm/opto/idealGraphPrinter.cpp ! src/share/vm/opto/lcm.cpp ! src/share/vm/opto/machnode.hpp ! src/share/vm/opto/mulnode.cpp ! src/share/vm/opto/mulnode.hpp ! src/share/vm/opto/node.hpp ! src/share/vm/opto/output.cpp ! src/share/vm/opto/reg_split.cpp ! src/share/vm/opto/superword.cpp ! src/share/vm/opto/superword.hpp ! src/share/vm/opto/vectornode.cpp ! src/share/vm/opto/vectornode.hpp Changeset: d17bd0b18663 Author: twisti Date: 2011-07-28 02:14 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/d17bd0b18663 7066143: JSR 292: Zero support after regressions from 7009923 and 7009309 Reviewed-by: jrose, twisti Contributed-by: Xerxes Ranby ! src/cpu/zero/vm/stack_zero.cpp ! src/share/vm/runtime/vmStructs.cpp Changeset: ce3e1d4dc416 Author: never Date: 2011-07-28 13:03 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/ce3e1d4dc416 7060619: C1 should respect inline and dontinline directives from CompilerOracle Reviewed-by: kvn, iveresov ! src/share/vm/c1/c1_GraphBuilder.cpp Changeset: c96c3eb1efae Author: kvn Date: 2011-07-29 09:16 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/c96c3eb1efae 7068051: SIGSEGV in PhaseIdealLoop::build_loop_late_post Summary: Removed predicate cloning from loop peeling optimization and from split fall-in paths. Reviewed-by: never ! src/share/vm/opto/cfgnode.cpp ! src/share/vm/opto/ifnode.cpp ! src/share/vm/opto/loopPredicate.cpp ! src/share/vm/opto/loopTransform.cpp ! src/share/vm/opto/loopUnswitch.cpp ! src/share/vm/opto/loopnode.cpp ! src/share/vm/opto/loopnode.hpp ! src/share/vm/opto/phaseX.hpp Changeset: 4aa5974a06dd Author: kvn Date: 2011-08-06 08:28 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/4aa5974a06dd 7075559: JPRT windows_x64 build failure Summary: use SA_CLASSDIR variable instead of dirsctory saclasses. Reviewed-by: kamg, dcubed ! make/linux/makefiles/defs.make ! make/solaris/makefiles/defs.make ! make/solaris/makefiles/saproc.make ! make/windows/makefiles/defs.make ! make/windows/makefiles/sa.make Changeset: a3142bdb6707 Author: twisti Date: 2011-08-08 05:49 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/a3142bdb6707 7071823: Zero: zero/shark doesn't build after b147-fcs Reviewed-by: gbenson, twisti Contributed-by: Chris Phillips ! src/cpu/zero/vm/frame_zero.cpp + src/cpu/zero/vm/methodHandles_zero.hpp ! src/cpu/zero/vm/sharedRuntime_zero.cpp ! src/share/vm/shark/sharkContext.hpp Changeset: a19c671188cb Author: never Date: 2011-08-08 13:19 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/a19c671188cb 7075623: 6990212 broke raiseException in 64 bit Reviewed-by: kvn, twisti ! src/cpu/sparc/vm/methodHandles_sparc.cpp ! src/cpu/x86/vm/methodHandles_x86.cpp Changeset: f1c12354c3f7 Author: roland Date: 2011-08-02 18:36 +0200 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/f1c12354c3f7 7074017: Introduce MemBarAcquireLock/MemBarReleaseLock nodes for monitor enter/exit code paths Summary: replace MemBarAcquire/MemBarRelease nodes on the monitor enter/exit code paths with new MemBarAcquireLock/MemBarReleaseLock nodes Reviewed-by: kvn, twisti ! src/cpu/sparc/vm/sparc.ad ! src/cpu/x86/vm/x86_32.ad ! src/cpu/x86/vm/x86_64.ad ! src/share/vm/adlc/formssel.cpp ! src/share/vm/opto/classes.hpp ! src/share/vm/opto/graphKit.cpp ! src/share/vm/opto/macro.cpp ! src/share/vm/opto/matcher.cpp ! src/share/vm/opto/matcher.hpp ! src/share/vm/opto/memnode.cpp ! src/share/vm/opto/memnode.hpp Changeset: 6987871cfb9b Author: kvn Date: 2011-08-10 14:06 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/6987871cfb9b 7077439: Possible reference through NULL in loopPredicate.cpp:726 Summary: Use cl->is_valid_counted_loop() check. Reviewed-by: never ! src/share/vm/opto/loopPredicate.cpp ! src/share/vm/opto/loopTransform.cpp ! src/share/vm/opto/loopnode.cpp ! src/share/vm/opto/superword.cpp Changeset: 95134e034042 Author: kvn Date: 2011-08-11 12:08 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/95134e034042 7063629: use cbcond in C2 generated code on T4 Summary: Use new short branch instruction in C2 generated code. Reviewed-by: never ! src/cpu/sparc/vm/assembler_sparc.hpp ! src/cpu/sparc/vm/sparc.ad ! src/cpu/sparc/vm/vm_version_sparc.cpp ! src/cpu/x86/vm/assembler_x86.cpp ! src/cpu/x86/vm/assembler_x86.hpp ! src/cpu/x86/vm/x86_32.ad ! src/cpu/x86/vm/x86_64.ad ! src/os_cpu/linux_x86/vm/linux_x86_32.ad ! src/os_cpu/linux_x86/vm/linux_x86_64.ad ! src/os_cpu/solaris_x86/vm/solaris_x86_32.ad ! src/os_cpu/solaris_x86/vm/solaris_x86_64.ad ! src/share/vm/adlc/formssel.cpp ! src/share/vm/adlc/output_h.cpp ! src/share/vm/opto/block.cpp ! src/share/vm/opto/block.hpp ! src/share/vm/opto/compile.hpp ! src/share/vm/opto/machnode.hpp ! src/share/vm/opto/matcher.hpp ! src/share/vm/opto/node.hpp ! src/share/vm/opto/output.cpp Changeset: fdb992d83a87 Author: twisti Date: 2011-08-16 04:14 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/fdb992d83a87 7071653: JSR 292: call site change notification should be pushed not pulled Reviewed-by: kvn, never, bdelsart ! src/cpu/sparc/vm/interp_masm_sparc.cpp ! src/cpu/sparc/vm/interp_masm_sparc.hpp ! src/cpu/sparc/vm/templateTable_sparc.cpp ! src/cpu/x86/vm/interp_masm_x86_32.cpp ! src/cpu/x86/vm/interp_masm_x86_32.hpp ! src/cpu/x86/vm/interp_masm_x86_64.cpp ! src/cpu/x86/vm/interp_masm_x86_64.hpp ! src/cpu/x86/vm/templateTable_x86_32.cpp ! src/cpu/x86/vm/templateTable_x86_64.cpp ! src/share/vm/ci/ciCallSite.cpp ! src/share/vm/ci/ciCallSite.hpp ! src/share/vm/ci/ciField.hpp ! src/share/vm/classfile/systemDictionary.cpp ! src/share/vm/classfile/systemDictionary.hpp ! src/share/vm/classfile/vmSymbols.hpp ! src/share/vm/code/dependencies.cpp ! src/share/vm/code/dependencies.hpp ! src/share/vm/code/nmethod.cpp ! src/share/vm/interpreter/interpreterRuntime.cpp ! src/share/vm/interpreter/templateTable.hpp ! src/share/vm/memory/universe.cpp ! src/share/vm/memory/universe.hpp ! src/share/vm/oops/instanceKlass.cpp ! src/share/vm/opto/callGenerator.cpp ! src/share/vm/opto/callGenerator.hpp ! src/share/vm/opto/doCall.cpp ! src/share/vm/opto/parse3.cpp Changeset: 11211f7cb5a0 Author: kvn Date: 2011-08-16 11:53 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/11211f7cb5a0 7079317: Incorrect branch's destination block in PrintoOptoAssembly output Summary: save/restore label and block in scratch_emit_size() Reviewed-by: never ! src/share/vm/adlc/archDesc.cpp ! src/share/vm/adlc/formssel.cpp ! src/share/vm/adlc/output_c.cpp ! src/share/vm/adlc/output_h.cpp ! src/share/vm/opto/block.cpp ! src/share/vm/opto/compile.cpp ! src/share/vm/opto/idealGraphPrinter.cpp ! src/share/vm/opto/machnode.cpp ! src/share/vm/opto/machnode.hpp ! src/share/vm/opto/node.hpp ! src/share/vm/opto/output.cpp Changeset: 1af104d6cf99 Author: kvn Date: 2011-08-16 16:59 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/1af104d6cf99 7079329: Adjust allocation prefetching for T4 Summary: on T4 2 BIS instructions should be issued to prefetch 64 bytes Reviewed-by: iveresov, phh, twisti ! src/cpu/sparc/vm/assembler_sparc.hpp ! src/cpu/sparc/vm/sparc.ad ! src/cpu/sparc/vm/vm_version_sparc.cpp ! src/cpu/sparc/vm/vm_version_sparc.hpp ! src/cpu/x86/vm/assembler_x86.cpp ! src/cpu/x86/vm/vm_version_x86.cpp ! src/cpu/x86/vm/vm_version_x86.hpp ! src/cpu/x86/vm/x86_32.ad ! src/cpu/x86/vm/x86_64.ad ! src/share/vm/adlc/formssel.cpp ! src/share/vm/memory/threadLocalAllocBuffer.hpp ! src/share/vm/opto/classes.hpp ! src/share/vm/opto/macro.cpp ! src/share/vm/opto/matcher.cpp ! src/share/vm/opto/memnode.hpp ! src/share/vm/runtime/globals.hpp ! src/share/vm/runtime/vm_version.cpp ! src/share/vm/runtime/vm_version.hpp Changeset: 381bf869f784 Author: twisti Date: 2011-08-17 05:14 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/381bf869f784 7079626: x64 emits unnecessary REX prefix Reviewed-by: kvn, iveresov, never ! src/cpu/x86/vm/assembler_x86.cpp Changeset: bd87c0dcaba5 Author: twisti Date: 2011-08-17 11:52 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/bd87c0dcaba5 7079769: JSR 292: incorrect size() for CallStaticJavaHandle on sparc Reviewed-by: never, kvn ! src/cpu/sparc/vm/sparc.ad Changeset: 739a9abbbd4b Author: kvn Date: 2011-08-18 11:49 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/739a9abbbd4b 7080431: VM asserts if specified size(x) in .ad is larger than emitted size Summary: Move code from finalize_offsets_and_shorten() to fill_buffer() to restore previous behavior. Reviewed-by: never ! src/share/vm/opto/compile.hpp ! src/share/vm/opto/output.cpp Changeset: de147f62e695 Author: kvn Date: 2011-08-19 08:55 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/de147f62e695 Merge - agent/src/share/classes/sun/jvm/hotspot/interpreter/BytecodeFastAAccess0.java - agent/src/share/classes/sun/jvm/hotspot/interpreter/BytecodeFastIAccess0.java Changeset: 24cee90e9453 Author: jcoomes Date: 2011-08-17 10:32 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/24cee90e9453 6791672: enable 1G and larger pages on solaris Reviewed-by: ysr, iveresov, johnc ! src/os/solaris/vm/os_solaris.cpp ! src/share/vm/runtime/os.cpp ! src/share/vm/runtime/os.hpp Changeset: 3be7439273c5 Author: katleman Date: 2011-05-25 13:31 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/3be7439273c5 7044486: open jdk repos have files with incorrect copyright headers, which can end up in src bundles Reviewed-by: ohair, trims ! agent/src/share/classes/sun/jvm/hotspot/runtime/ServiceThread.java ! make/linux/README ! make/windows/projectfiles/kernel/Makefile ! src/cpu/x86/vm/vm_version_x86.cpp ! src/cpu/x86/vm/vm_version_x86.hpp ! src/os_cpu/solaris_sparc/vm/solaris_sparc.s ! src/share/tools/hsdis/README ! src/share/vm/gc_implementation/g1/heapRegionSet.inline.hpp ! src/share/vm/gc_implementation/parNew/parCardTableModRefBS.cpp ! src/share/vm/utilities/yieldingWorkgroup.cpp Changeset: 8b135e6129d6 Author: jeff Date: 2011-05-27 15:01 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/8b135e6129d6 7045697: JDK7 THIRD PARTY README update Reviewed-by: lana ! THIRD_PARTY_README Changeset: 52e4ba46751f Author: kamg Date: 2011-04-12 16:42 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/52e4ba46751f 7020373: JSR rewriting can overflow memory address size variables Summary: Abort if incoming classfile's parameters would cause overflows Reviewed-by: coleenp, dcubed, never ! src/share/vm/oops/generateOopMap.cpp + test/runtime/7020373/Test7020373.sh Changeset: bca686989d4b Author: asaha Date: 2011-06-15 14:59 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/bca686989d4b 7055247: Ignore test of # 7020373 Reviewed-by: dcubed ! test/runtime/7020373/Test7020373.sh Changeset: 337ffef74c37 Author: jeff Date: 2011-06-22 10:10 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/337ffef74c37 7057046: Add embedded license to THIRD PARTY README Reviewed-by: lana ! THIRD_PARTY_README Changeset: 9f12ede5571a Author: jcoomes Date: 2011-08-19 14:08 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/9f12ede5571a Merge ! src/cpu/x86/vm/vm_version_x86.cpp ! src/cpu/x86/vm/vm_version_x86.hpp ! src/share/vm/oops/generateOopMap.cpp ! src/share/vm/runtime/os.cpp Changeset: 7c29742c41b4 Author: jcoomes Date: 2011-08-19 14:22 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/7c29742c41b4 7081251: bump the hs22 build number to 02 Reviewed-by: johnc ! make/hotspot_version Changeset: ff53346271fe Author: brutisso Date: 2011-08-19 09:30 +0200 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/ff53346271fe 6814390: G1: remove the concept of non-generational G1 Summary: Removed the possibility to turn off generational mode for G1. Reviewed-by: johnc, ysr, tonyp ! src/share/vm/gc_implementation/g1/concurrentMark.cpp ! src/share/vm/gc_implementation/g1/concurrentMark.hpp ! src/share/vm/gc_implementation/g1/concurrentMarkThread.cpp ! src/share/vm/gc_implementation/g1/g1CollectedHeap.cpp ! src/share/vm/gc_implementation/g1/g1CollectedHeap.hpp ! src/share/vm/gc_implementation/g1/g1CollectorPolicy.cpp ! src/share/vm/gc_implementation/g1/g1CollectorPolicy.hpp ! src/share/vm/gc_implementation/g1/g1_globals.hpp Changeset: ae73da50be4b Author: tonyp Date: 2011-08-22 10:16 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/ae73da50be4b 7081064: G1: remove develop params G1FixedSurvivorSpaceSize, G1FixedTenuringThreshold, and G1FixedEdenSize Summary: Remove three develop parameters we don't use. Reviewed-by: brutisso, jwilhelm ! src/share/vm/gc_implementation/g1/g1CollectorPolicy.cpp ! src/share/vm/gc_implementation/g1/g1CollectorPolicy.hpp ! src/share/vm/gc_implementation/g1/g1_globals.hpp Changeset: 7f776886a215 Author: ysr Date: 2011-08-22 12:30 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/7f776886a215 6810861: G1: support -XX:+{PrintClassHistogram,HeapDump}{Before,After}FullGC Summary: Call {pre,post}_full_gc_dump() before and after a STW full gc of G1CollectedHeap. Also adjusted the prefix message, including the addition of missing whitespace. Reviewed-by: brutisso, tonyp ! src/share/vm/gc_implementation/g1/g1CollectedHeap.cpp ! src/share/vm/gc_interface/collectedHeap.cpp Changeset: be05e987ba07 Author: ysr Date: 2011-08-22 23:57 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/be05e987ba07 Merge Changeset: 2f27ed2a98fa Author: brutisso Date: 2011-08-23 11:06 +0200 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/2f27ed2a98fa 7082220: Visual Studio projects broken after change 7016797: Hotspot: securely/restrictive load dlls and new Summary: Add the psapi.lib library to Visual Studio projects Reviewed-by: jwilhelm, poonam, kamg ! src/share/tools/ProjectCreator/WinGammaPlatformVC10.java Changeset: ff9ab6327924 Author: kvn Date: 2011-08-20 14:03 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/ff9ab6327924 7076831: TEST_BUG: compiler/5091921/Test7005594.java fails on LOW MEM SYSTEMS Summary: Run test only on systems with 2Gbyte or more memory. Don't zap heap to reduce execution time. Reviewed-by: iveresov ! test/compiler/5091921/Test7005594.sh Changeset: a594deb1d6dc Author: kvn Date: 2011-08-22 11:00 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/a594deb1d6dc 7081926: assert(VM_Version::supports_sse2()) failed: must support Summary: fix assert, prefetchnta is supported since SSE not SSE2. Reviewed-by: never ! src/cpu/x86/vm/assembler_x86.cpp Changeset: a70c2acb8f52 Author: kvn Date: 2011-08-25 18:56 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/a70c2acb8f52 Merge Changeset: 1520340a7f35 Author: kvn Date: 2011-08-26 16:11 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/1520340a7f35 7083916: Bump the hs22 build number to 03 Reviewed-by: jcoomes Contributed-by: alejandro.murillo at oracle.com ! make/hotspot_version Changeset: 3a2fb61165df Author: jcoomes Date: 2011-08-31 13:57 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/3a2fb61165df Merge - agent/src/share/classes/sun/jvm/hotspot/interpreter/BytecodeFastAAccess0.java - agent/src/share/classes/sun/jvm/hotspot/interpreter/BytecodeFastIAccess0.java Changeset: 0fa3ace511fe Author: schien Date: 2011-09-01 13:54 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/0fa3ace511fe Added tag jdk8-b03 for changeset 3a2fb61165df ! .hgtags Changeset: dce7d24674f4 Author: schien Date: 2011-09-08 16:59 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/dce7d24674f4 Added tag jdk8-b04 for changeset 0fa3ace511fe ! .hgtags From lana.steuck at oracle.com Sun Sep 11 06:08:04 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Sun, 11 Sep 2011 06:08:04 +0000 Subject: hg: jdk8/tl/jdk: 22 new changesets Message-ID: <20110911061159.CB0194755E@hg.openjdk.java.net> Changeset: 13e70aa1398e Author: cl Date: 2011-08-18 18:55 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/13e70aa1398e Added tag jdk8-b01 for changeset 2cdbbc4a6359 ! .hgtags Changeset: dfa15ff0f99e Author: schien Date: 2011-08-25 17:18 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/dfa15ff0f99e Added tag jdk8-b02 for changeset 13e70aa1398e ! .hgtags Changeset: d8fccd6db59b Author: nloodin Date: 2011-08-31 13:48 +0200 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/d8fccd6db59b 7067811: Update demo/sample code to state it should not be used for production Summary: Added comment block after copyright block stating that code is unfit for production. Reviewed-by: ohair ! make/common/Defs.gmk ! make/mkdemo/Makefile ! make/mksample/Makefile ! src/share/classes/com/sun/tools/example/debug/bdi/AccessWatchpointSpec.java ! src/share/classes/com/sun/tools/example/debug/bdi/AmbiguousMethodException.java ! src/share/classes/com/sun/tools/example/debug/bdi/BreakpointSpec.java ! src/share/classes/com/sun/tools/example/debug/bdi/ChildSession.java ! src/share/classes/com/sun/tools/example/debug/bdi/EvaluationException.java ! src/share/classes/com/sun/tools/example/debug/bdi/EventRequestSpec.java ! src/share/classes/com/sun/tools/example/debug/bdi/EventRequestSpecList.java ! src/share/classes/com/sun/tools/example/debug/bdi/ExceptionSpec.java ! src/share/classes/com/sun/tools/example/debug/bdi/ExecutionManager.java ! src/share/classes/com/sun/tools/example/debug/bdi/FrameIndexOutOfBoundsException.java ! src/share/classes/com/sun/tools/example/debug/bdi/InputListener.java ! src/share/classes/com/sun/tools/example/debug/bdi/JDIEventSource.java ! src/share/classes/com/sun/tools/example/debug/bdi/LineBreakpointSpec.java ! src/share/classes/com/sun/tools/example/debug/bdi/LineNotFoundException.java ! src/share/classes/com/sun/tools/example/debug/bdi/MalformedMemberNameException.java ! src/share/classes/com/sun/tools/example/debug/bdi/MethodBreakpointSpec.java ! src/share/classes/com/sun/tools/example/debug/bdi/MethodNotFoundException.java ! src/share/classes/com/sun/tools/example/debug/bdi/ModificationWatchpointSpec.java ! src/share/classes/com/sun/tools/example/debug/bdi/NoSessionException.java ! src/share/classes/com/sun/tools/example/debug/bdi/NoThreadException.java ! src/share/classes/com/sun/tools/example/debug/bdi/OutputListener.java ! src/share/classes/com/sun/tools/example/debug/bdi/ParseException.java ! src/share/classes/com/sun/tools/example/debug/bdi/PatternReferenceTypeSpec.java ! src/share/classes/com/sun/tools/example/debug/bdi/ReferenceTypeSpec.java ! src/share/classes/com/sun/tools/example/debug/bdi/Session.java ! src/share/classes/com/sun/tools/example/debug/bdi/SessionListener.java ! src/share/classes/com/sun/tools/example/debug/bdi/SourceNameReferenceTypeSpec.java ! src/share/classes/com/sun/tools/example/debug/bdi/SpecErrorEvent.java ! src/share/classes/com/sun/tools/example/debug/bdi/SpecEvent.java ! src/share/classes/com/sun/tools/example/debug/bdi/SpecListener.java ! src/share/classes/com/sun/tools/example/debug/bdi/ThreadGroupIterator.java ! src/share/classes/com/sun/tools/example/debug/bdi/ThreadInfo.java ! src/share/classes/com/sun/tools/example/debug/bdi/ThreadIterator.java ! src/share/classes/com/sun/tools/example/debug/bdi/Utils.java ! src/share/classes/com/sun/tools/example/debug/bdi/VMLaunchFailureException.java ! src/share/classes/com/sun/tools/example/debug/bdi/VMNotInterruptedException.java ! src/share/classes/com/sun/tools/example/debug/bdi/WatchpointSpec.java ! src/share/classes/com/sun/tools/example/debug/event/AbstractEventSet.java ! src/share/classes/com/sun/tools/example/debug/event/AccessWatchpointEventSet.java ! src/share/classes/com/sun/tools/example/debug/event/ClassPrepareEventSet.java ! src/share/classes/com/sun/tools/example/debug/event/ClassUnloadEventSet.java ! src/share/classes/com/sun/tools/example/debug/event/ExceptionEventSet.java ! src/share/classes/com/sun/tools/example/debug/event/JDIAdapter.java ! src/share/classes/com/sun/tools/example/debug/event/JDIListener.java ! src/share/classes/com/sun/tools/example/debug/event/LocatableEventSet.java ! src/share/classes/com/sun/tools/example/debug/event/LocationTriggerEventSet.java ! src/share/classes/com/sun/tools/example/debug/event/ModificationWatchpointEventSet.java ! src/share/classes/com/sun/tools/example/debug/event/ThreadDeathEventSet.java ! src/share/classes/com/sun/tools/example/debug/event/ThreadStartEventSet.java ! src/share/classes/com/sun/tools/example/debug/event/VMDeathEventSet.java ! src/share/classes/com/sun/tools/example/debug/event/VMDisconnectEventSet.java ! src/share/classes/com/sun/tools/example/debug/event/VMStartEventSet.java ! src/share/classes/com/sun/tools/example/debug/event/WatchpointEventSet.java ! src/share/classes/com/sun/tools/example/debug/expr/ASCII_UCodeESC_CharStream.java ! src/share/classes/com/sun/tools/example/debug/expr/ExpressionParser.java ! src/share/classes/com/sun/tools/example/debug/expr/ExpressionParserConstants.java ! src/share/classes/com/sun/tools/example/debug/expr/ExpressionParserTokenManager.java ! src/share/classes/com/sun/tools/example/debug/expr/LValue.java ! src/share/classes/com/sun/tools/example/debug/expr/ParseException.java ! src/share/classes/com/sun/tools/example/debug/expr/Token.java ! src/share/classes/com/sun/tools/example/debug/expr/TokenMgrError.java ! src/share/classes/com/sun/tools/example/debug/gui/ApplicationTool.java ! src/share/classes/com/sun/tools/example/debug/gui/ClassManager.java ! src/share/classes/com/sun/tools/example/debug/gui/ClassTreeTool.java ! src/share/classes/com/sun/tools/example/debug/gui/CommandInterpreter.java ! src/share/classes/com/sun/tools/example/debug/gui/CommandTool.java ! src/share/classes/com/sun/tools/example/debug/gui/ContextListener.java ! src/share/classes/com/sun/tools/example/debug/gui/ContextManager.java ! src/share/classes/com/sun/tools/example/debug/gui/CurrentFrameChangedEvent.java ! src/share/classes/com/sun/tools/example/debug/gui/Environment.java ! src/share/classes/com/sun/tools/example/debug/gui/GUI.java ! src/share/classes/com/sun/tools/example/debug/gui/Icons.java ! src/share/classes/com/sun/tools/example/debug/gui/JDBFileFilter.java ! src/share/classes/com/sun/tools/example/debug/gui/JDBMenuBar.java ! src/share/classes/com/sun/tools/example/debug/gui/JDBToolBar.java ! src/share/classes/com/sun/tools/example/debug/gui/LaunchTool.java ! src/share/classes/com/sun/tools/example/debug/gui/MonitorListModel.java ! src/share/classes/com/sun/tools/example/debug/gui/MonitorTool.java ! src/share/classes/com/sun/tools/example/debug/gui/OutputSink.java ! src/share/classes/com/sun/tools/example/debug/gui/SearchPath.java ! src/share/classes/com/sun/tools/example/debug/gui/SingleLeafTreeSelectionModel.java ! src/share/classes/com/sun/tools/example/debug/gui/SourceListener.java ! src/share/classes/com/sun/tools/example/debug/gui/SourceManager.java ! src/share/classes/com/sun/tools/example/debug/gui/SourceModel.java ! src/share/classes/com/sun/tools/example/debug/gui/SourceTool.java ! src/share/classes/com/sun/tools/example/debug/gui/SourceTreeTool.java ! src/share/classes/com/sun/tools/example/debug/gui/SourcepathChangedEvent.java ! src/share/classes/com/sun/tools/example/debug/gui/StackTraceTool.java ! src/share/classes/com/sun/tools/example/debug/gui/ThreadTreeTool.java ! src/share/classes/com/sun/tools/example/debug/gui/TypeScript.java ! src/share/classes/com/sun/tools/example/debug/gui/TypeScriptOutputListener.java ! src/share/classes/com/sun/tools/example/debug/gui/TypeScriptWriter.java ! src/share/classes/com/sun/tools/example/debug/tty/AccessWatchpointSpec.java ! src/share/classes/com/sun/tools/example/debug/tty/AmbiguousMethodException.java ! src/share/classes/com/sun/tools/example/debug/tty/BreakpointSpec.java ! src/share/classes/com/sun/tools/example/debug/tty/Commands.java ! src/share/classes/com/sun/tools/example/debug/tty/Env.java ! src/share/classes/com/sun/tools/example/debug/tty/EventHandler.java ! src/share/classes/com/sun/tools/example/debug/tty/EventNotifier.java ! src/share/classes/com/sun/tools/example/debug/tty/EventRequestSpec.java ! src/share/classes/com/sun/tools/example/debug/tty/EventRequestSpecList.java ! src/share/classes/com/sun/tools/example/debug/tty/ExceptionSpec.java ! src/share/classes/com/sun/tools/example/debug/tty/LineNotFoundException.java ! src/share/classes/com/sun/tools/example/debug/tty/MalformedMemberNameException.java ! src/share/classes/com/sun/tools/example/debug/tty/MessageOutput.java ! src/share/classes/com/sun/tools/example/debug/tty/ModificationWatchpointSpec.java ! src/share/classes/com/sun/tools/example/debug/tty/PatternReferenceTypeSpec.java ! src/share/classes/com/sun/tools/example/debug/tty/ReferenceTypeSpec.java ! src/share/classes/com/sun/tools/example/debug/tty/SourceMapper.java ! src/share/classes/com/sun/tools/example/debug/tty/TTY.java ! src/share/classes/com/sun/tools/example/debug/tty/TTYResources.java ! src/share/classes/com/sun/tools/example/debug/tty/TTYResources_ja.java ! src/share/classes/com/sun/tools/example/debug/tty/TTYResources_zh_CN.java ! src/share/classes/com/sun/tools/example/debug/tty/ThreadGroupIterator.java ! src/share/classes/com/sun/tools/example/debug/tty/ThreadInfo.java ! src/share/classes/com/sun/tools/example/debug/tty/ThreadIterator.java ! src/share/classes/com/sun/tools/example/debug/tty/VMConnection.java ! src/share/classes/com/sun/tools/example/debug/tty/VMNotConnectedException.java ! src/share/classes/com/sun/tools/example/debug/tty/WatchpointSpec.java ! src/share/classes/com/sun/tools/example/trace/EventThread.java ! src/share/classes/com/sun/tools/example/trace/StreamRedirectThread.java ! src/share/classes/com/sun/tools/example/trace/Trace.java + src/share/demo/README ! src/share/demo/applets/ArcTest/ArcTest.java ! src/share/demo/applets/BarChart/BarChart.java ! src/share/demo/applets/Blink/Blink.java ! src/share/demo/applets/CardTest/CardTest.java ! src/share/demo/applets/Clock/Clock.java ! src/share/demo/applets/DitherTest/DitherTest.java ! src/share/demo/applets/DrawTest/DrawTest.java ! src/share/demo/applets/Fractal/CLSFractal.java ! src/share/demo/applets/GraphicsTest/AppletFrame.java ! src/share/demo/applets/GraphicsTest/GraphicsTest.java ! src/share/demo/applets/MoleculeViewer/Matrix3D.java ! src/share/demo/applets/MoleculeViewer/XYZApp.java ! src/share/demo/applets/NervousText/NervousText.java ! src/share/demo/applets/SimpleGraph/GraphApplet.java ! src/share/demo/applets/SortDemo/BidirBubbleSortAlgorithm.java ! src/share/demo/applets/SortDemo/BubbleSortAlgorithm.java ! src/share/demo/applets/SortDemo/QSortAlgorithm.java ! src/share/demo/applets/SortDemo/SortAlgorithm.java ! src/share/demo/applets/SortDemo/SortItem.java ! src/share/demo/applets/SpreadSheet/SpreadSheet.java ! src/share/demo/applets/WireFrame/Matrix3D.java ! src/share/demo/applets/WireFrame/ThreeD.java ! src/share/demo/java2d/J2DBench/src/j2dbench/Destinations.java ! src/share/demo/java2d/J2DBench/src/j2dbench/Group.java ! src/share/demo/java2d/J2DBench/src/j2dbench/J2DBench.java ! src/share/demo/java2d/J2DBench/src/j2dbench/Modifier.java ! src/share/demo/java2d/J2DBench/src/j2dbench/Node.java ! src/share/demo/java2d/J2DBench/src/j2dbench/Option.java ! src/share/demo/java2d/J2DBench/src/j2dbench/Result.java ! src/share/demo/java2d/J2DBench/src/j2dbench/ResultSet.java ! src/share/demo/java2d/J2DBench/src/j2dbench/Test.java ! src/share/demo/java2d/J2DBench/src/j2dbench/TestEnvironment.java ! src/share/demo/java2d/J2DBench/src/j2dbench/report/HTMLSeriesReporter.java ! src/share/demo/java2d/J2DBench/src/j2dbench/report/IIOComparator.java ! src/share/demo/java2d/J2DBench/src/j2dbench/report/J2DAnalyzer.java ! src/share/demo/java2d/J2DBench/src/j2dbench/report/XMLHTMLReporter.java ! src/share/demo/java2d/J2DBench/src/j2dbench/tests/GraphicsTests.java ! src/share/demo/java2d/J2DBench/src/j2dbench/tests/ImageTests.java ! src/share/demo/java2d/J2DBench/src/j2dbench/tests/MiscTests.java ! src/share/demo/java2d/J2DBench/src/j2dbench/tests/PixelTests.java ! src/share/demo/java2d/J2DBench/src/j2dbench/tests/RenderTests.java ! src/share/demo/java2d/J2DBench/src/j2dbench/tests/iio/IIOTests.java ! src/share/demo/java2d/J2DBench/src/j2dbench/tests/iio/InputImageTests.java ! src/share/demo/java2d/J2DBench/src/j2dbench/tests/iio/InputStreamTests.java ! src/share/demo/java2d/J2DBench/src/j2dbench/tests/iio/InputTests.java ! src/share/demo/java2d/J2DBench/src/j2dbench/tests/iio/OutputImageTests.java ! src/share/demo/java2d/J2DBench/src/j2dbench/tests/iio/OutputStreamTests.java ! src/share/demo/java2d/J2DBench/src/j2dbench/tests/iio/OutputTests.java ! src/share/demo/java2d/J2DBench/src/j2dbench/tests/text/TextConstructionTests.java ! src/share/demo/java2d/J2DBench/src/j2dbench/tests/text/TextMeasureTests.java ! src/share/demo/java2d/J2DBench/src/j2dbench/tests/text/TextRenderTests.java ! src/share/demo/java2d/J2DBench/src/j2dbench/tests/text/TextTests.java ! src/share/demo/java2d/J2DBench/src/j2dbench/ui/CompactLayout.java ! src/share/demo/java2d/J2DBench/src/j2dbench/ui/EnableButton.java ! src/share/demo/jfc/CodePointIM/CodePointIM.java ! src/share/demo/jfc/CodePointIM/CodePointInputMethod.java ! src/share/demo/jfc/CodePointIM/CodePointInputMethodDescriptor.java ! src/share/demo/jfc/FileChooserDemo/ExampleFileSystemView.java ! src/share/demo/jfc/FileChooserDemo/ExampleFileView.java ! src/share/demo/jfc/FileChooserDemo/FileChooserDemo.java ! src/share/demo/jfc/Font2DTest/Font2DTest.java ! src/share/demo/jfc/Font2DTest/Font2DTestApplet.java ! src/share/demo/jfc/Font2DTest/FontPanel.java ! src/share/demo/jfc/Font2DTest/RangeMenu.java ! src/share/demo/jfc/Metalworks/AquaMetalTheme.java ! src/share/demo/jfc/Metalworks/BigContrastMetalTheme.java ! src/share/demo/jfc/Metalworks/ContrastMetalTheme.java ! src/share/demo/jfc/Metalworks/DemoMetalTheme.java ! src/share/demo/jfc/Metalworks/GreenMetalTheme.java ! src/share/demo/jfc/Metalworks/KhakiMetalTheme.java ! src/share/demo/jfc/Metalworks/MetalThemeMenu.java ! src/share/demo/jfc/Metalworks/Metalworks.java ! src/share/demo/jfc/Metalworks/MetalworksDocumentFrame.java ! src/share/demo/jfc/Metalworks/MetalworksFrame.java ! src/share/demo/jfc/Metalworks/MetalworksHelp.java ! src/share/demo/jfc/Metalworks/MetalworksInBox.java ! src/share/demo/jfc/Metalworks/MetalworksPrefs.java ! src/share/demo/jfc/Metalworks/PropertiesMetalTheme.java ! src/share/demo/jfc/Metalworks/UISwitchListener.java ! src/share/demo/jfc/Notepad/ElementTreePanel.java ! src/share/demo/jfc/Notepad/Notepad.java ! src/share/demo/jfc/SampleTree/DynamicTreeNode.java ! src/share/demo/jfc/SampleTree/SampleData.java ! src/share/demo/jfc/SampleTree/SampleTree.java ! src/share/demo/jfc/SampleTree/SampleTreeCellRenderer.java ! src/share/demo/jfc/SampleTree/SampleTreeModel.java ! src/share/demo/jfc/SwingApplet/SwingApplet.java ! src/share/demo/jfc/TableExample/JDBCAdapter.java ! src/share/demo/jfc/TableExample/OldJTable.java ! src/share/demo/jfc/TableExample/TableExample.java ! src/share/demo/jfc/TableExample/TableExample2.java ! src/share/demo/jfc/TableExample/TableExample3.java ! src/share/demo/jfc/TableExample/TableExample4.java ! src/share/demo/jfc/TableExample/TableMap.java ! src/share/demo/jfc/TableExample/TableSorter.java ! src/share/demo/jfc/TransparentRuler/transparentruler/Ruler.java ! src/share/demo/jvmti/agent_util/agent_util.c ! src/share/demo/jvmti/agent_util/agent_util.h ! src/share/demo/jvmti/compiledMethodLoad/compiledMethodLoad.c ! src/share/demo/jvmti/gctest/gctest.c ! src/share/demo/jvmti/heapTracker/HeapTracker.java ! src/share/demo/jvmti/heapTracker/heapTracker.c ! src/share/demo/jvmti/heapTracker/heapTracker.h ! src/share/demo/jvmti/heapViewer/heapViewer.c ! src/share/demo/jvmti/hprof/debug_malloc.c ! src/share/demo/jvmti/hprof/debug_malloc.h ! src/share/demo/jvmti/hprof/hprof.h ! src/share/demo/jvmti/hprof/hprof_blocks.c ! src/share/demo/jvmti/hprof/hprof_blocks.h ! src/share/demo/jvmti/hprof/hprof_check.c ! src/share/demo/jvmti/hprof/hprof_check.h ! src/share/demo/jvmti/hprof/hprof_class.c ! src/share/demo/jvmti/hprof/hprof_class.h ! src/share/demo/jvmti/hprof/hprof_cpu.c ! src/share/demo/jvmti/hprof/hprof_cpu.h ! src/share/demo/jvmti/hprof/hprof_error.c ! src/share/demo/jvmti/hprof/hprof_error.h ! src/share/demo/jvmti/hprof/hprof_event.c ! src/share/demo/jvmti/hprof/hprof_event.h ! src/share/demo/jvmti/hprof/hprof_frame.c ! src/share/demo/jvmti/hprof/hprof_frame.h ! src/share/demo/jvmti/hprof/hprof_init.c ! src/share/demo/jvmti/hprof/hprof_init.h ! src/share/demo/jvmti/hprof/hprof_io.c ! src/share/demo/jvmti/hprof/hprof_io.h ! src/share/demo/jvmti/hprof/hprof_ioname.c ! src/share/demo/jvmti/hprof/hprof_ioname.h ! src/share/demo/jvmti/hprof/hprof_listener.c ! src/share/demo/jvmti/hprof/hprof_listener.h ! src/share/demo/jvmti/hprof/hprof_loader.c ! src/share/demo/jvmti/hprof/hprof_loader.h ! src/share/demo/jvmti/hprof/hprof_md.h ! src/share/demo/jvmti/hprof/hprof_monitor.c ! src/share/demo/jvmti/hprof/hprof_monitor.h ! src/share/demo/jvmti/hprof/hprof_object.c ! src/share/demo/jvmti/hprof/hprof_object.h ! src/share/demo/jvmti/hprof/hprof_reference.c ! src/share/demo/jvmti/hprof/hprof_reference.h ! src/share/demo/jvmti/hprof/hprof_site.c ! src/share/demo/jvmti/hprof/hprof_site.h ! src/share/demo/jvmti/hprof/hprof_stack.c ! src/share/demo/jvmti/hprof/hprof_stack.h ! src/share/demo/jvmti/hprof/hprof_string.c ! src/share/demo/jvmti/hprof/hprof_string.h ! src/share/demo/jvmti/hprof/hprof_table.c ! src/share/demo/jvmti/hprof/hprof_table.h ! src/share/demo/jvmti/hprof/hprof_tag.c ! src/share/demo/jvmti/hprof/hprof_tag.h ! src/share/demo/jvmti/hprof/hprof_tls.c ! src/share/demo/jvmti/hprof/hprof_tls.h ! src/share/demo/jvmti/hprof/hprof_trace.c ! src/share/demo/jvmti/hprof/hprof_trace.h ! src/share/demo/jvmti/hprof/hprof_tracker.c ! src/share/demo/jvmti/hprof/hprof_tracker.h ! src/share/demo/jvmti/hprof/hprof_util.c ! src/share/demo/jvmti/hprof/hprof_util.h ! src/share/demo/jvmti/java_crw_demo/java_crw_demo.c ! src/share/demo/jvmti/java_crw_demo/java_crw_demo.h ! src/share/demo/jvmti/minst/Minst.java ! src/share/demo/jvmti/minst/minst.c ! src/share/demo/jvmti/minst/minst.h ! src/share/demo/jvmti/mtrace/Mtrace.java ! src/share/demo/jvmti/mtrace/mtrace.c ! src/share/demo/jvmti/mtrace/mtrace.h ! src/share/demo/jvmti/versionCheck/versionCheck.c ! src/share/demo/jvmti/waiters/Agent.cpp ! src/share/demo/jvmti/waiters/Agent.hpp ! src/share/demo/jvmti/waiters/Monitor.cpp ! src/share/demo/jvmti/waiters/Monitor.hpp ! src/share/demo/jvmti/waiters/Thread.cpp ! src/share/demo/jvmti/waiters/Thread.hpp ! src/share/demo/jvmti/waiters/waiters.cpp ! src/share/demo/management/FullThreadDump/Deadlock.java ! src/share/demo/management/FullThreadDump/FullThreadDump.java ! src/share/demo/management/FullThreadDump/ThreadMonitor.java ! src/share/demo/management/JTop/JTop.java ! src/share/demo/management/JTop/JTopPlugin.java ! src/share/demo/management/MemoryMonitor/MemoryMonitor.java ! src/share/demo/management/VerboseGC/PrintGCStat.java ! src/share/demo/management/VerboseGC/VerboseGC.java ! src/share/demo/nio/zipfs/Demo.java ! src/share/demo/nio/zipfs/src/com/sun/nio/zipfs/JarFileSystemProvider.java ! src/share/demo/nio/zipfs/src/com/sun/nio/zipfs/ZipCoder.java ! src/share/demo/nio/zipfs/src/com/sun/nio/zipfs/ZipConstants.java ! src/share/demo/nio/zipfs/src/com/sun/nio/zipfs/ZipDirectoryStream.java ! src/share/demo/nio/zipfs/src/com/sun/nio/zipfs/ZipFileAttributeView.java ! src/share/demo/nio/zipfs/src/com/sun/nio/zipfs/ZipFileAttributes.java ! src/share/demo/nio/zipfs/src/com/sun/nio/zipfs/ZipFileStore.java ! src/share/demo/nio/zipfs/src/com/sun/nio/zipfs/ZipFileSystem.java ! src/share/demo/nio/zipfs/src/com/sun/nio/zipfs/ZipFileSystemProvider.java ! src/share/demo/nio/zipfs/src/com/sun/nio/zipfs/ZipInfo.java ! src/share/demo/nio/zipfs/src/com/sun/nio/zipfs/ZipPath.java ! src/share/demo/nio/zipfs/src/com/sun/nio/zipfs/ZipUtils.java ! src/share/demo/scripting/jconsole-plugin/src/com/sun/demo/scripting/jconsole/EditableAtEndDocument.java ! src/share/demo/scripting/jconsole-plugin/src/com/sun/demo/scripting/jconsole/ScriptJConsolePlugin.java ! src/share/demo/scripting/jconsole-plugin/src/com/sun/demo/scripting/jconsole/ScriptShellPanel.java ! src/share/demo/scripting/jconsole-plugin/src/resources/jconsole.js ! src/share/demo/scripting/jconsole-plugin/src/scripts/heapdump.js ! src/share/demo/scripting/jconsole-plugin/src/scripts/hello.js ! src/share/demo/scripting/jconsole-plugin/src/scripts/invoke.js ! src/share/demo/scripting/jconsole-plugin/src/scripts/jstack.js ! src/share/demo/scripting/jconsole-plugin/src/scripts/jtop.js ! src/share/demo/scripting/jconsole-plugin/src/scripts/sysprops.js ! src/share/demo/scripting/jconsole-plugin/src/scripts/verbose.js + src/share/sample/README ! src/share/sample/forkjoin/mergesort/MergeDemo.java ! src/share/sample/forkjoin/mergesort/MergeSort.java ! src/share/sample/jmx/jmx-scandir/src/com/sun/jmx/examples/scandir/DirectoryScanner.java ! src/share/sample/jmx/jmx-scandir/src/com/sun/jmx/examples/scandir/DirectoryScannerMXBean.java ! src/share/sample/jmx/jmx-scandir/src/com/sun/jmx/examples/scandir/ResultLogManager.java ! src/share/sample/jmx/jmx-scandir/src/com/sun/jmx/examples/scandir/ResultLogManagerMXBean.java ! src/share/sample/jmx/jmx-scandir/src/com/sun/jmx/examples/scandir/ScanDirAgent.java ! src/share/sample/jmx/jmx-scandir/src/com/sun/jmx/examples/scandir/ScanDirClient.java ! src/share/sample/jmx/jmx-scandir/src/com/sun/jmx/examples/scandir/ScanDirConfig.java ! src/share/sample/jmx/jmx-scandir/src/com/sun/jmx/examples/scandir/ScanDirConfigMXBean.java ! src/share/sample/jmx/jmx-scandir/src/com/sun/jmx/examples/scandir/ScanManager.java ! src/share/sample/jmx/jmx-scandir/src/com/sun/jmx/examples/scandir/ScanManagerMXBean.java ! src/share/sample/jmx/jmx-scandir/src/com/sun/jmx/examples/scandir/config/DirectoryScannerConfig.java ! src/share/sample/jmx/jmx-scandir/src/com/sun/jmx/examples/scandir/config/FileMatch.java ! src/share/sample/jmx/jmx-scandir/src/com/sun/jmx/examples/scandir/config/ResultLogConfig.java ! src/share/sample/jmx/jmx-scandir/src/com/sun/jmx/examples/scandir/config/ResultRecord.java ! src/share/sample/jmx/jmx-scandir/src/com/sun/jmx/examples/scandir/config/ScanManagerConfig.java ! src/share/sample/jmx/jmx-scandir/src/com/sun/jmx/examples/scandir/config/XmlConfigUtils.java ! src/share/sample/jmx/jmx-scandir/test/com/sun/jmx/examples/scandir/DirectoryScannerTest.java ! src/share/sample/jmx/jmx-scandir/test/com/sun/jmx/examples/scandir/ScanDirConfigTest.java ! src/share/sample/jmx/jmx-scandir/test/com/sun/jmx/examples/scandir/ScanManagerTest.java ! src/share/sample/jmx/jmx-scandir/test/com/sun/jmx/examples/scandir/TestUtils.java ! src/share/sample/jmx/jmx-scandir/test/com/sun/jmx/examples/scandir/config/XmlConfigUtilsTest.java ! src/share/sample/nio/chatserver/ChatServer.java ! src/share/sample/nio/chatserver/Client.java ! src/share/sample/nio/chatserver/ClientReader.java ! src/share/sample/nio/chatserver/DataReader.java ! src/share/sample/nio/chatserver/MessageReader.java ! src/share/sample/nio/chatserver/NameReader.java ! src/share/sample/nio/file/AclEdit.java ! src/share/sample/nio/file/Chmod.java ! src/share/sample/nio/file/Copy.java ! src/share/sample/nio/file/DiskUsage.java ! src/share/sample/nio/file/FileType.java ! src/share/sample/nio/file/WatchDir.java ! src/share/sample/nio/file/Xdd.java ! src/share/sample/nio/multicast/MulticastAddress.java ! src/share/sample/nio/multicast/Reader.java ! src/share/sample/nio/multicast/Sender.java ! src/share/sample/nio/server/AcceptHandler.java ! src/share/sample/nio/server/Acceptor.java ! src/share/sample/nio/server/B1.java ! src/share/sample/nio/server/BN.java ! src/share/sample/nio/server/BP.java ! src/share/sample/nio/server/ChannelIO.java ! src/share/sample/nio/server/ChannelIOSecure.java ! src/share/sample/nio/server/Content.java ! src/share/sample/nio/server/Dispatcher.java ! src/share/sample/nio/server/Dispatcher1.java ! src/share/sample/nio/server/DispatcherN.java ! src/share/sample/nio/server/FileContent.java ! src/share/sample/nio/server/Handler.java ! src/share/sample/nio/server/MalformedRequestException.java ! src/share/sample/nio/server/N1.java ! src/share/sample/nio/server/N2.java ! src/share/sample/nio/server/Reply.java ! src/share/sample/nio/server/Request.java ! src/share/sample/nio/server/RequestHandler.java ! src/share/sample/nio/server/RequestServicer.java ! src/share/sample/nio/server/Sendable.java ! src/share/sample/nio/server/Server.java ! src/share/sample/nio/server/StringContent.java ! src/share/sample/nio/server/URLDumper.java ! src/share/sample/scripting/scriptpad/src/com/sun/sample/scriptpad/Main.java ! src/share/sample/scripting/scriptpad/src/resources/Main.js ! src/share/sample/scripting/scriptpad/src/resources/conc.js ! src/share/sample/scripting/scriptpad/src/resources/gui.js ! src/share/sample/scripting/scriptpad/src/resources/mm.js ! src/share/sample/scripting/scriptpad/src/resources/scriptpad.js ! src/share/sample/scripting/scriptpad/src/scripts/browse.js ! src/share/sample/scripting/scriptpad/src/scripts/insertfile.js ! src/share/sample/scripting/scriptpad/src/scripts/linewrap.js ! src/share/sample/scripting/scriptpad/src/scripts/mail.js ! src/share/sample/scripting/scriptpad/src/scripts/memmonitor.js ! src/share/sample/scripting/scriptpad/src/scripts/memory.js ! src/share/sample/scripting/scriptpad/src/scripts/textcolor.js ! src/share/sample/vm/clr-jvm/invoked.java ! src/share/sample/vm/clr-jvm/jinvoker.cpp ! src/share/sample/vm/clr-jvm/jinvokerExp.h ! src/share/sample/vm/jvm-clr/invoker.cpp ! src/share/sample/vm/jvm-clr/invoker.h ! src/share/sample/vm/jvm-clr/invoker.java ! src/share/sample/vm/jvm-clr/invokerExp.h ! src/solaris/demo/jni/Poller/Client.java ! src/solaris/demo/jni/Poller/LinkedQueue.java ! src/solaris/demo/jni/Poller/Poller.c ! src/solaris/demo/jni/Poller/Poller.java ! src/solaris/demo/jni/Poller/PollingServer.java ! src/solaris/demo/jni/Poller/SimpleServer.java ! src/solaris/demo/jvmti/hprof/hprof_md.c ! src/windows/demo/jvmti/hprof/hprof_md.c Changeset: c9956a6753fb Author: yhuang Date: 2011-08-14 23:46 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/c9956a6753fb 7066203: Update currency data to the latest ISO 4217 standard Reviewed-by: naoto ! make/java/util/FILES_properties.gmk ! make/tools/src/build/tools/generatecurrencydata/GenerateCurrencyData.java ! src/share/classes/java/util/CurrencyData.properties ! src/share/classes/java/util/LocaleISOData.java ! src/share/classes/sun/util/resources/CurrencyNames.properties ! src/share/classes/sun/util/resources/CurrencyNames_de.properties ! src/share/classes/sun/util/resources/CurrencyNames_es.properties + src/share/classes/sun/util/resources/CurrencyNames_es_CU.properties ! src/share/classes/sun/util/resources/CurrencyNames_et_EE.properties ! src/share/classes/sun/util/resources/CurrencyNames_fr.properties ! src/share/classes/sun/util/resources/CurrencyNames_ja.properties ! src/share/classes/sun/util/resources/CurrencyNames_ko.properties ! src/share/classes/sun/util/resources/CurrencyNames_pt.properties ! src/share/classes/sun/util/resources/CurrencyNames_sk_SK.properties ! src/share/classes/sun/util/resources/CurrencyNames_zh_CN.properties ! src/share/classes/sun/util/resources/CurrencyNames_zh_TW.properties ! src/share/classes/sun/util/resources/LocaleNames.properties ! test/java/util/Currency/ValidateISO4217.java ! test/java/util/Currency/tablea1.txt ! test/java/util/Locale/LocaleTest.java ! test/sun/text/resources/LocaleData ! test/sun/text/resources/LocaleDataTest.java Changeset: 954efddeee41 Author: mfang Date: 2011-08-17 14:18 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/954efddeee41 Merge ! make/tools/src/build/tools/generatecurrencydata/GenerateCurrencyData.java Changeset: f10654c857fd Author: mfang Date: 2011-08-29 17:09 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f10654c857fd Merge Changeset: 7989ee9fe673 Author: mfang Date: 2011-08-31 09:56 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/7989ee9fe673 Merge Changeset: d977bcc79584 Author: schien Date: 2011-09-01 13:54 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/d977bcc79584 Added tag jdk8-b03 for changeset 7989ee9fe673 ! .hgtags Changeset: 6664b47ddfd9 Author: prr Date: 2011-08-12 09:48 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/6664b47ddfd9 7077423: Enable Xrender by default Reviewed-by: bae, jgodinez, ceisserer ! src/solaris/classes/sun/awt/X11GraphicsEnvironment.java Changeset: f372807e122b Author: lana Date: 2011-08-17 22:47 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f372807e122b Merge - src/share/native/java/lang/fdlibm/src/e_acosh.c - src/share/native/java/lang/fdlibm/src/e_gamma.c - src/share/native/java/lang/fdlibm/src/e_gamma_r.c - src/share/native/java/lang/fdlibm/src/e_j0.c - src/share/native/java/lang/fdlibm/src/e_j1.c - src/share/native/java/lang/fdlibm/src/e_jn.c - src/share/native/java/lang/fdlibm/src/e_lgamma.c - src/share/native/java/lang/fdlibm/src/e_lgamma_r.c - src/share/native/java/lang/fdlibm/src/s_asinh.c - src/share/native/java/lang/fdlibm/src/s_erf.c - src/share/native/java/lang/fdlibm/src/w_acosh.c - src/share/native/java/lang/fdlibm/src/w_gamma.c - src/share/native/java/lang/fdlibm/src/w_gamma_r.c - src/share/native/java/lang/fdlibm/src/w_j0.c - src/share/native/java/lang/fdlibm/src/w_j1.c - src/share/native/java/lang/fdlibm/src/w_jn.c - src/share/native/java/lang/fdlibm/src/w_lgamma.c - src/share/native/java/lang/fdlibm/src/w_lgamma_r.c Changeset: 4a6dac089eac Author: lana Date: 2011-08-29 14:26 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/4a6dac089eac Merge Changeset: 4e0340c4f443 Author: rupashka Date: 2011-08-12 15:53 +0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/4e0340c4f443 7071609: javax/swing/JPopupMenu/6694823/bug6694823.java failed on solaris10 Reviewed-by: alexp ! test/javax/swing/JPopupMenu/6694823/bug6694823.java Changeset: 6ca2e7babaf0 Author: rupashka Date: 2011-08-17 19:35 +0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/6ca2e7babaf0 7075563: Broken link in "javax.swing.SwingWorker" Reviewed-by: alexp ! src/share/classes/javax/swing/SwingUtilities.java ! src/share/classes/javax/swing/SwingWorker.java ! src/share/classes/javax/swing/package.html ! src/share/classes/javax/swing/text/AbstractDocument.java ! src/share/classes/javax/swing/text/DefaultCaret.java ! src/share/classes/javax/swing/text/DefaultStyledDocument.java ! src/share/classes/javax/swing/text/JTextComponent.java ! src/share/classes/javax/swing/text/PlainDocument.java ! src/share/classes/javax/swing/text/StyleContext.java ! src/share/classes/javax/swing/text/html/HTMLDocument.java ! src/share/classes/sun/swing/PrintingStatus.java Changeset: 0e03455d868c Author: rupashka Date: 2011-08-17 20:08 +0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0e03455d868c 7032436: When running with the Nimbus look and feel, the JFileChooser does not display mnemonics Reviewed-by: alexp Contributed-by: Charles Lee ! src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth.properties ! src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_de.properties ! src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_es.properties ! src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_fr.properties ! src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_it.properties ! src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_ja.properties ! src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_ko.properties ! src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_pt_BR.properties ! src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_sv.properties ! src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_zh_CN.properties ! src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_zh_TW.properties Changeset: 3bfa183cac32 Author: lana Date: 2011-08-17 22:47 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/3bfa183cac32 Merge - src/share/native/java/lang/fdlibm/src/e_acosh.c - src/share/native/java/lang/fdlibm/src/e_gamma.c - src/share/native/java/lang/fdlibm/src/e_gamma_r.c - src/share/native/java/lang/fdlibm/src/e_j0.c - src/share/native/java/lang/fdlibm/src/e_j1.c - src/share/native/java/lang/fdlibm/src/e_jn.c - src/share/native/java/lang/fdlibm/src/e_lgamma.c - src/share/native/java/lang/fdlibm/src/e_lgamma_r.c - src/share/native/java/lang/fdlibm/src/s_asinh.c - src/share/native/java/lang/fdlibm/src/s_erf.c - src/share/native/java/lang/fdlibm/src/w_acosh.c - src/share/native/java/lang/fdlibm/src/w_gamma.c - src/share/native/java/lang/fdlibm/src/w_gamma_r.c - src/share/native/java/lang/fdlibm/src/w_j0.c - src/share/native/java/lang/fdlibm/src/w_j1.c - src/share/native/java/lang/fdlibm/src/w_jn.c - src/share/native/java/lang/fdlibm/src/w_lgamma.c - src/share/native/java/lang/fdlibm/src/w_lgamma_r.c Changeset: 7968d9677f9a Author: denis Date: 2011-08-23 17:56 +0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/7968d9677f9a 7072645: Toolkit.addPropertyChangeListener(name, pcl) throws NPE for null name Reviewed-by: art ! src/solaris/classes/sun/awt/X11/XToolkit.java ! src/windows/classes/sun/awt/windows/WToolkit.java Changeset: e05ea8ab1807 Author: rupashka Date: 2011-08-29 16:25 +0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/e05ea8ab1807 7030332: Default borders in tables looks incorrect JEditorPane Reviewed-by: peterz ! src/share/classes/javax/swing/text/html/CSS.java ! src/share/classes/javax/swing/text/html/TableView.java + test/javax/swing/text/html/TableView/7030332/bug7030332.html + test/javax/swing/text/html/TableView/7030332/bug7030332.java + test/javax/swing/text/html/TableView/7030332/sample0.png + test/javax/swing/text/html/TableView/7030332/sample1.png + test/javax/swing/text/html/TableView/7030332/sample2.png + test/javax/swing/text/html/TableView/7030332/sample3.png + test/javax/swing/text/html/TableView/7030332/sample4.png Changeset: 1ffd61b6ab40 Author: lana Date: 2011-08-29 14:27 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/1ffd61b6ab40 Merge Changeset: 36f74da06285 Author: lana Date: 2011-08-29 14:29 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/36f74da06285 Merge - make/com/oracle/net/Makefile - src/share/classes/sun/io/ByteToCharASCII.java - src/share/classes/sun/io/ByteToCharBig5.java - src/share/classes/sun/io/ByteToCharBig5_HKSCS.java - src/share/classes/sun/io/ByteToCharBig5_Solaris.java - src/share/classes/sun/io/ByteToCharConverter.java - src/share/classes/sun/io/ByteToCharCp037.java - src/share/classes/sun/io/ByteToCharCp1006.java - src/share/classes/sun/io/ByteToCharCp1025.java - src/share/classes/sun/io/ByteToCharCp1026.java - src/share/classes/sun/io/ByteToCharCp1046.java - src/share/classes/sun/io/ByteToCharCp1047.java - src/share/classes/sun/io/ByteToCharCp1097.java - src/share/classes/sun/io/ByteToCharCp1098.java - src/share/classes/sun/io/ByteToCharCp1112.java - src/share/classes/sun/io/ByteToCharCp1122.java - src/share/classes/sun/io/ByteToCharCp1123.java - src/share/classes/sun/io/ByteToCharCp1124.java - src/share/classes/sun/io/ByteToCharCp1140.java - src/share/classes/sun/io/ByteToCharCp1141.java - src/share/classes/sun/io/ByteToCharCp1142.java - src/share/classes/sun/io/ByteToCharCp1143.java - src/share/classes/sun/io/ByteToCharCp1144.java - src/share/classes/sun/io/ByteToCharCp1145.java - src/share/classes/sun/io/ByteToCharCp1146.java - src/share/classes/sun/io/ByteToCharCp1147.java - src/share/classes/sun/io/ByteToCharCp1148.java - src/share/classes/sun/io/ByteToCharCp1149.java - src/share/classes/sun/io/ByteToCharCp1250.java - src/share/classes/sun/io/ByteToCharCp1251.java - src/share/classes/sun/io/ByteToCharCp1252.java - src/share/classes/sun/io/ByteToCharCp1253.java - src/share/classes/sun/io/ByteToCharCp1254.java - src/share/classes/sun/io/ByteToCharCp1255.java - src/share/classes/sun/io/ByteToCharCp1256.java - src/share/classes/sun/io/ByteToCharCp1257.java - src/share/classes/sun/io/ByteToCharCp1258.java - src/share/classes/sun/io/ByteToCharCp1381.java - src/share/classes/sun/io/ByteToCharCp1383.java - src/share/classes/sun/io/ByteToCharCp273.java - src/share/classes/sun/io/ByteToCharCp277.java - src/share/classes/sun/io/ByteToCharCp278.java - src/share/classes/sun/io/ByteToCharCp280.java - src/share/classes/sun/io/ByteToCharCp284.java - src/share/classes/sun/io/ByteToCharCp285.java - src/share/classes/sun/io/ByteToCharCp297.java - src/share/classes/sun/io/ByteToCharCp33722.java - src/share/classes/sun/io/ByteToCharCp420.java - src/share/classes/sun/io/ByteToCharCp424.java - src/share/classes/sun/io/ByteToCharCp437.java - src/share/classes/sun/io/ByteToCharCp500.java - src/share/classes/sun/io/ByteToCharCp737.java - src/share/classes/sun/io/ByteToCharCp775.java - src/share/classes/sun/io/ByteToCharCp833.java - src/share/classes/sun/io/ByteToCharCp834.java - src/share/classes/sun/io/ByteToCharCp838.java - src/share/classes/sun/io/ByteToCharCp850.java - src/share/classes/sun/io/ByteToCharCp852.java - src/share/classes/sun/io/ByteToCharCp855.java - src/share/classes/sun/io/ByteToCharCp856.java - src/share/classes/sun/io/ByteToCharCp857.java - src/share/classes/sun/io/ByteToCharCp858.java - src/share/classes/sun/io/ByteToCharCp860.java - src/share/classes/sun/io/ByteToCharCp861.java - src/share/classes/sun/io/ByteToCharCp862.java - src/share/classes/sun/io/ByteToCharCp863.java - src/share/classes/sun/io/ByteToCharCp864.java - src/share/classes/sun/io/ByteToCharCp865.java - src/share/classes/sun/io/ByteToCharCp866.java - src/share/classes/sun/io/ByteToCharCp868.java - src/share/classes/sun/io/ByteToCharCp869.java - src/share/classes/sun/io/ByteToCharCp870.java - src/share/classes/sun/io/ByteToCharCp871.java - src/share/classes/sun/io/ByteToCharCp874.java - src/share/classes/sun/io/ByteToCharCp875.java - src/share/classes/sun/io/ByteToCharCp918.java - src/share/classes/sun/io/ByteToCharCp921.java - src/share/classes/sun/io/ByteToCharCp922.java - src/share/classes/sun/io/ByteToCharCp930.java - src/share/classes/sun/io/ByteToCharCp933.java - src/share/classes/sun/io/ByteToCharCp935.java - src/share/classes/sun/io/ByteToCharCp937.java - src/share/classes/sun/io/ByteToCharCp939.java - src/share/classes/sun/io/ByteToCharCp942.java - src/share/classes/sun/io/ByteToCharCp942C.java - src/share/classes/sun/io/ByteToCharCp943.java - src/share/classes/sun/io/ByteToCharCp943C.java - src/share/classes/sun/io/ByteToCharCp948.java - src/share/classes/sun/io/ByteToCharCp949.java - src/share/classes/sun/io/ByteToCharCp949C.java - src/share/classes/sun/io/ByteToCharCp950.java - src/share/classes/sun/io/ByteToCharCp964.java - src/share/classes/sun/io/ByteToCharCp970.java - src/share/classes/sun/io/ByteToCharDBCS_ASCII.java - src/share/classes/sun/io/ByteToCharDBCS_EBCDIC.java - src/share/classes/sun/io/ByteToCharDoubleByte.java - src/share/classes/sun/io/ByteToCharEUC.java - src/share/classes/sun/io/ByteToCharEUC2.java - src/share/classes/sun/io/ByteToCharEUC_CN.java - src/share/classes/sun/io/ByteToCharEUC_JP.java - src/share/classes/sun/io/ByteToCharEUC_JP_LINUX.java - src/share/classes/sun/io/ByteToCharEUC_JP_Solaris.java - src/share/classes/sun/io/ByteToCharEUC_KR.java - src/share/classes/sun/io/ByteToCharEUC_TW.java - src/share/classes/sun/io/ByteToCharGB18030.java - src/share/classes/sun/io/ByteToCharGB18030DB.java - src/share/classes/sun/io/ByteToCharGBK.java - src/share/classes/sun/io/ByteToCharISCII91.java - src/share/classes/sun/io/ByteToCharISO2022.java - src/share/classes/sun/io/ByteToCharISO2022CN.java - src/share/classes/sun/io/ByteToCharISO2022JP.java - src/share/classes/sun/io/ByteToCharISO2022KR.java - src/share/classes/sun/io/ByteToCharISO8859_1.java - src/share/classes/sun/io/ByteToCharISO8859_13.java - src/share/classes/sun/io/ByteToCharISO8859_15.java - src/share/classes/sun/io/ByteToCharISO8859_2.java - src/share/classes/sun/io/ByteToCharISO8859_3.java - src/share/classes/sun/io/ByteToCharISO8859_4.java - src/share/classes/sun/io/ByteToCharISO8859_5.java - src/share/classes/sun/io/ByteToCharISO8859_6.java - src/share/classes/sun/io/ByteToCharISO8859_7.java - src/share/classes/sun/io/ByteToCharISO8859_8.java - src/share/classes/sun/io/ByteToCharISO8859_9.java - src/share/classes/sun/io/ByteToCharJIS0201.java - src/share/classes/sun/io/ByteToCharJIS0208.java - src/share/classes/sun/io/ByteToCharJIS0208_Solaris.java - src/share/classes/sun/io/ByteToCharJIS0212.java - src/share/classes/sun/io/ByteToCharJIS0212_Solaris.java - src/share/classes/sun/io/ByteToCharJISAutoDetect.java - src/share/classes/sun/io/ByteToCharJohab.java - src/share/classes/sun/io/ByteToCharKOI8_R.java - src/share/classes/sun/io/ByteToCharMS874.java - src/share/classes/sun/io/ByteToCharMS932.java - src/share/classes/sun/io/ByteToCharMS936.java - src/share/classes/sun/io/ByteToCharMS949.java - src/share/classes/sun/io/ByteToCharMS950.java - src/share/classes/sun/io/ByteToCharMS950_HKSCS.java - src/share/classes/sun/io/ByteToCharMacArabic.java - src/share/classes/sun/io/ByteToCharMacCentralEurope.java - src/share/classes/sun/io/ByteToCharMacCroatian.java - src/share/classes/sun/io/ByteToCharMacCyrillic.java - src/share/classes/sun/io/ByteToCharMacDingbat.java - src/share/classes/sun/io/ByteToCharMacGreek.java - src/share/classes/sun/io/ByteToCharMacHebrew.java - src/share/classes/sun/io/ByteToCharMacIceland.java - src/share/classes/sun/io/ByteToCharMacRoman.java - src/share/classes/sun/io/ByteToCharMacRomania.java - src/share/classes/sun/io/ByteToCharMacSymbol.java - src/share/classes/sun/io/ByteToCharMacThai.java - src/share/classes/sun/io/ByteToCharMacTurkish.java - src/share/classes/sun/io/ByteToCharMacUkraine.java - src/share/classes/sun/io/ByteToCharPCK.java - src/share/classes/sun/io/ByteToCharSJIS.java - src/share/classes/sun/io/ByteToCharSingleByte.java - src/share/classes/sun/io/ByteToCharTIS620.java - src/share/classes/sun/io/ByteToCharUTF16.java - src/share/classes/sun/io/ByteToCharUTF8.java - src/share/classes/sun/io/ByteToCharUnicode.java - src/share/classes/sun/io/ByteToCharUnicodeBig.java - src/share/classes/sun/io/ByteToCharUnicodeBigUnmarked.java - src/share/classes/sun/io/ByteToCharUnicodeLittle.java - src/share/classes/sun/io/ByteToCharUnicodeLittleUnmarked.java - src/share/classes/sun/io/CharToByteASCII.java - src/share/classes/sun/io/CharToByteBig5.java - src/share/classes/sun/io/CharToByteBig5_HKSCS.java - src/share/classes/sun/io/CharToByteBig5_Solaris.java - src/share/classes/sun/io/CharToByteConverter.java - src/share/classes/sun/io/CharToByteCp037.java - src/share/classes/sun/io/CharToByteCp1006.java - src/share/classes/sun/io/CharToByteCp1025.java - src/share/classes/sun/io/CharToByteCp1026.java - src/share/classes/sun/io/CharToByteCp1046.java - src/share/classes/sun/io/CharToByteCp1047.java - src/share/classes/sun/io/CharToByteCp1097.java - src/share/classes/sun/io/CharToByteCp1098.java - src/share/classes/sun/io/CharToByteCp1112.java - src/share/classes/sun/io/CharToByteCp1122.java - src/share/classes/sun/io/CharToByteCp1123.java - src/share/classes/sun/io/CharToByteCp1124.java - src/share/classes/sun/io/CharToByteCp1140.java - src/share/classes/sun/io/CharToByteCp1141.java - src/share/classes/sun/io/CharToByteCp1142.java - src/share/classes/sun/io/CharToByteCp1143.java - src/share/classes/sun/io/CharToByteCp1144.java - src/share/classes/sun/io/CharToByteCp1145.java - src/share/classes/sun/io/CharToByteCp1146.java - src/share/classes/sun/io/CharToByteCp1147.java - src/share/classes/sun/io/CharToByteCp1148.java - src/share/classes/sun/io/CharToByteCp1149.java - src/share/classes/sun/io/CharToByteCp1250.java - src/share/classes/sun/io/CharToByteCp1251.java - src/share/classes/sun/io/CharToByteCp1252.java - src/share/classes/sun/io/CharToByteCp1253.java - src/share/classes/sun/io/CharToByteCp1254.java - src/share/classes/sun/io/CharToByteCp1255.java - src/share/classes/sun/io/CharToByteCp1256.java - src/share/classes/sun/io/CharToByteCp1257.java - src/share/classes/sun/io/CharToByteCp1258.java - src/share/classes/sun/io/CharToByteCp1381.java - src/share/classes/sun/io/CharToByteCp1383.java - src/share/classes/sun/io/CharToByteCp273.java - src/share/classes/sun/io/CharToByteCp277.java - src/share/classes/sun/io/CharToByteCp278.java - src/share/classes/sun/io/CharToByteCp280.java - src/share/classes/sun/io/CharToByteCp284.java - src/share/classes/sun/io/CharToByteCp285.java - src/share/classes/sun/io/CharToByteCp297.java - src/share/classes/sun/io/CharToByteCp33722.java - src/share/classes/sun/io/CharToByteCp420.java - src/share/classes/sun/io/CharToByteCp424.java - src/share/classes/sun/io/CharToByteCp437.java - src/share/classes/sun/io/CharToByteCp500.java - src/share/classes/sun/io/CharToByteCp737.java - src/share/classes/sun/io/CharToByteCp775.java - src/share/classes/sun/io/CharToByteCp833.java - src/share/classes/sun/io/CharToByteCp834.java - src/share/classes/sun/io/CharToByteCp838.java - src/share/classes/sun/io/CharToByteCp850.java - src/share/classes/sun/io/CharToByteCp852.java - src/share/classes/sun/io/CharToByteCp855.java - src/share/classes/sun/io/CharToByteCp856.java - src/share/classes/sun/io/CharToByteCp857.java - src/share/classes/sun/io/CharToByteCp858.java - src/share/classes/sun/io/CharToByteCp860.java - src/share/classes/sun/io/CharToByteCp861.java - src/share/classes/sun/io/CharToByteCp862.java - src/share/classes/sun/io/CharToByteCp863.java - src/share/classes/sun/io/CharToByteCp864.java - src/share/classes/sun/io/CharToByteCp865.java - src/share/classes/sun/io/CharToByteCp866.java - src/share/classes/sun/io/CharToByteCp868.java - src/share/classes/sun/io/CharToByteCp869.java - src/share/classes/sun/io/CharToByteCp870.java - src/share/classes/sun/io/CharToByteCp871.java - src/share/classes/sun/io/CharToByteCp874.java - src/share/classes/sun/io/CharToByteCp875.java - src/share/classes/sun/io/CharToByteCp918.java - src/share/classes/sun/io/CharToByteCp921.java - src/share/classes/sun/io/CharToByteCp922.java - src/share/classes/sun/io/CharToByteCp930.java - src/share/classes/sun/io/CharToByteCp933.java - src/share/classes/sun/io/CharToByteCp935.java - src/share/classes/sun/io/CharToByteCp937.java - src/share/classes/sun/io/CharToByteCp939.java - src/share/classes/sun/io/CharToByteCp942.java - src/share/classes/sun/io/CharToByteCp942C.java - src/share/classes/sun/io/CharToByteCp943.java - src/share/classes/sun/io/CharToByteCp943C.java - src/share/classes/sun/io/CharToByteCp948.java - src/share/classes/sun/io/CharToByteCp949.java - src/share/classes/sun/io/CharToByteCp949C.java - src/share/classes/sun/io/CharToByteCp950.java - src/share/classes/sun/io/CharToByteCp964.java - src/share/classes/sun/io/CharToByteCp970.java - src/share/classes/sun/io/CharToByteDBCS_ASCII.java - src/share/classes/sun/io/CharToByteDBCS_EBCDIC.java - src/share/classes/sun/io/CharToByteDoubleByte.java - src/share/classes/sun/io/CharToByteEUC.java - src/share/classes/sun/io/CharToByteEUC_CN.java - src/share/classes/sun/io/CharToByteEUC_JP.java - src/share/classes/sun/io/CharToByteEUC_JP_LINUX.java - src/share/classes/sun/io/CharToByteEUC_JP_Solaris.java - src/share/classes/sun/io/CharToByteEUC_KR.java - src/share/classes/sun/io/CharToByteEUC_TW.java - src/share/classes/sun/io/CharToByteGB18030.java - src/share/classes/sun/io/CharToByteGBK.java - src/share/classes/sun/io/CharToByteISCII91.java - src/share/classes/sun/io/CharToByteISO2022.java - src/share/classes/sun/io/CharToByteISO2022CN_CNS.java - src/share/classes/sun/io/CharToByteISO2022CN_GB.java - src/share/classes/sun/io/CharToByteISO2022JP.java - src/share/classes/sun/io/CharToByteISO2022KR.java - src/share/classes/sun/io/CharToByteISO8859_1.java - src/share/classes/sun/io/CharToByteISO8859_13.java - src/share/classes/sun/io/CharToByteISO8859_15.java - src/share/classes/sun/io/CharToByteISO8859_2.java - src/share/classes/sun/io/CharToByteISO8859_3.java - src/share/classes/sun/io/CharToByteISO8859_4.java - src/share/classes/sun/io/CharToByteISO8859_5.java - src/share/classes/sun/io/CharToByteISO8859_6.java - src/share/classes/sun/io/CharToByteISO8859_7.java - src/share/classes/sun/io/CharToByteISO8859_8.java - src/share/classes/sun/io/CharToByteISO8859_9.java - src/share/classes/sun/io/CharToByteJIS0201.java - src/share/classes/sun/io/CharToByteJIS0208.java - src/share/classes/sun/io/CharToByteJIS0208_Solaris.java - src/share/classes/sun/io/CharToByteJIS0212.java - src/share/classes/sun/io/CharToByteJIS0212_Solaris.java - src/share/classes/sun/io/CharToByteJohab.java - src/share/classes/sun/io/CharToByteKOI8_R.java - src/share/classes/sun/io/CharToByteMS874.java - src/share/classes/sun/io/CharToByteMS932.java - src/share/classes/sun/io/CharToByteMS936.java - src/share/classes/sun/io/CharToByteMS949.java - src/share/classes/sun/io/CharToByteMS950.java - src/share/classes/sun/io/CharToByteMS950_HKSCS.java - src/share/classes/sun/io/CharToByteMacArabic.java - src/share/classes/sun/io/CharToByteMacCentralEurope.java - src/share/classes/sun/io/CharToByteMacCroatian.java - src/share/classes/sun/io/CharToByteMacCyrillic.java - src/share/classes/sun/io/CharToByteMacDingbat.java - src/share/classes/sun/io/CharToByteMacGreek.java - src/share/classes/sun/io/CharToByteMacHebrew.java - src/share/classes/sun/io/CharToByteMacIceland.java - src/share/classes/sun/io/CharToByteMacRoman.java - src/share/classes/sun/io/CharToByteMacRomania.java - src/share/classes/sun/io/CharToByteMacSymbol.java - src/share/classes/sun/io/CharToByteMacThai.java - src/share/classes/sun/io/CharToByteMacTurkish.java - src/share/classes/sun/io/CharToByteMacUkraine.java - src/share/classes/sun/io/CharToBytePCK.java - src/share/classes/sun/io/CharToByteSJIS.java - src/share/classes/sun/io/CharToByteSingleByte.java - src/share/classes/sun/io/CharToByteTIS620.java - src/share/classes/sun/io/CharToByteUTF16.java - src/share/classes/sun/io/CharToByteUTF8.java - src/share/classes/sun/io/CharToByteUnicode.java - src/share/classes/sun/io/CharToByteUnicodeBig.java - src/share/classes/sun/io/CharToByteUnicodeBigUnmarked.java - src/share/classes/sun/io/CharToByteUnicodeLittle.java - src/share/classes/sun/io/CharToByteUnicodeLittleUnmarked.java - src/share/classes/sun/io/CharacterEncoding.java - src/share/classes/sun/io/ConversionBufferFullException.java - src/share/classes/sun/io/Converters.java - src/share/classes/sun/io/MalformedInputException.java - src/share/classes/sun/io/UnknownCharacterException.java - test/sun/nio/cs/TestISCII91.java Changeset: fc569517f3cf Author: lana Date: 2011-09-05 23:58 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/fc569517f3cf Merge - make/com/oracle/net/Makefile - src/share/classes/sun/io/ByteToCharASCII.java - src/share/classes/sun/io/ByteToCharBig5.java - src/share/classes/sun/io/ByteToCharBig5_HKSCS.java - src/share/classes/sun/io/ByteToCharBig5_Solaris.java - src/share/classes/sun/io/ByteToCharConverter.java - src/share/classes/sun/io/ByteToCharCp037.java - src/share/classes/sun/io/ByteToCharCp1006.java - src/share/classes/sun/io/ByteToCharCp1025.java - src/share/classes/sun/io/ByteToCharCp1026.java - src/share/classes/sun/io/ByteToCharCp1046.java - src/share/classes/sun/io/ByteToCharCp1047.java - src/share/classes/sun/io/ByteToCharCp1097.java - src/share/classes/sun/io/ByteToCharCp1098.java - src/share/classes/sun/io/ByteToCharCp1112.java - src/share/classes/sun/io/ByteToCharCp1122.java - src/share/classes/sun/io/ByteToCharCp1123.java - src/share/classes/sun/io/ByteToCharCp1124.java - src/share/classes/sun/io/ByteToCharCp1140.java - src/share/classes/sun/io/ByteToCharCp1141.java - src/share/classes/sun/io/ByteToCharCp1142.java - src/share/classes/sun/io/ByteToCharCp1143.java - src/share/classes/sun/io/ByteToCharCp1144.java - src/share/classes/sun/io/ByteToCharCp1145.java - src/share/classes/sun/io/ByteToCharCp1146.java - src/share/classes/sun/io/ByteToCharCp1147.java - src/share/classes/sun/io/ByteToCharCp1148.java - src/share/classes/sun/io/ByteToCharCp1149.java - src/share/classes/sun/io/ByteToCharCp1250.java - src/share/classes/sun/io/ByteToCharCp1251.java - src/share/classes/sun/io/ByteToCharCp1252.java - src/share/classes/sun/io/ByteToCharCp1253.java - src/share/classes/sun/io/ByteToCharCp1254.java - src/share/classes/sun/io/ByteToCharCp1255.java - src/share/classes/sun/io/ByteToCharCp1256.java - src/share/classes/sun/io/ByteToCharCp1257.java - src/share/classes/sun/io/ByteToCharCp1258.java - src/share/classes/sun/io/ByteToCharCp1381.java - src/share/classes/sun/io/ByteToCharCp1383.java - src/share/classes/sun/io/ByteToCharCp273.java - src/share/classes/sun/io/ByteToCharCp277.java - src/share/classes/sun/io/ByteToCharCp278.java - src/share/classes/sun/io/ByteToCharCp280.java - src/share/classes/sun/io/ByteToCharCp284.java - src/share/classes/sun/io/ByteToCharCp285.java - src/share/classes/sun/io/ByteToCharCp297.java - src/share/classes/sun/io/ByteToCharCp33722.java - src/share/classes/sun/io/ByteToCharCp420.java - src/share/classes/sun/io/ByteToCharCp424.java - src/share/classes/sun/io/ByteToCharCp437.java - src/share/classes/sun/io/ByteToCharCp500.java - src/share/classes/sun/io/ByteToCharCp737.java - src/share/classes/sun/io/ByteToCharCp775.java - src/share/classes/sun/io/ByteToCharCp833.java - src/share/classes/sun/io/ByteToCharCp834.java - src/share/classes/sun/io/ByteToCharCp838.java - src/share/classes/sun/io/ByteToCharCp850.java - src/share/classes/sun/io/ByteToCharCp852.java - src/share/classes/sun/io/ByteToCharCp855.java - src/share/classes/sun/io/ByteToCharCp856.java - src/share/classes/sun/io/ByteToCharCp857.java - src/share/classes/sun/io/ByteToCharCp858.java - src/share/classes/sun/io/ByteToCharCp860.java - src/share/classes/sun/io/ByteToCharCp861.java - src/share/classes/sun/io/ByteToCharCp862.java - src/share/classes/sun/io/ByteToCharCp863.java - src/share/classes/sun/io/ByteToCharCp864.java - src/share/classes/sun/io/ByteToCharCp865.java - src/share/classes/sun/io/ByteToCharCp866.java - src/share/classes/sun/io/ByteToCharCp868.java - src/share/classes/sun/io/ByteToCharCp869.java - src/share/classes/sun/io/ByteToCharCp870.java - src/share/classes/sun/io/ByteToCharCp871.java - src/share/classes/sun/io/ByteToCharCp874.java - src/share/classes/sun/io/ByteToCharCp875.java - src/share/classes/sun/io/ByteToCharCp918.java - src/share/classes/sun/io/ByteToCharCp921.java - src/share/classes/sun/io/ByteToCharCp922.java - src/share/classes/sun/io/ByteToCharCp930.java - src/share/classes/sun/io/ByteToCharCp933.java - src/share/classes/sun/io/ByteToCharCp935.java - src/share/classes/sun/io/ByteToCharCp937.java - src/share/classes/sun/io/ByteToCharCp939.java - src/share/classes/sun/io/ByteToCharCp942.java - src/share/classes/sun/io/ByteToCharCp942C.java - src/share/classes/sun/io/ByteToCharCp943.java - src/share/classes/sun/io/ByteToCharCp943C.java - src/share/classes/sun/io/ByteToCharCp948.java - src/share/classes/sun/io/ByteToCharCp949.java - src/share/classes/sun/io/ByteToCharCp949C.java - src/share/classes/sun/io/ByteToCharCp950.java - src/share/classes/sun/io/ByteToCharCp964.java - src/share/classes/sun/io/ByteToCharCp970.java - src/share/classes/sun/io/ByteToCharDBCS_ASCII.java - src/share/classes/sun/io/ByteToCharDBCS_EBCDIC.java - src/share/classes/sun/io/ByteToCharDoubleByte.java - src/share/classes/sun/io/ByteToCharEUC.java - src/share/classes/sun/io/ByteToCharEUC2.java - src/share/classes/sun/io/ByteToCharEUC_CN.java - src/share/classes/sun/io/ByteToCharEUC_JP.java - src/share/classes/sun/io/ByteToCharEUC_JP_LINUX.java - src/share/classes/sun/io/ByteToCharEUC_JP_Solaris.java - src/share/classes/sun/io/ByteToCharEUC_KR.java - src/share/classes/sun/io/ByteToCharEUC_TW.java - src/share/classes/sun/io/ByteToCharGB18030.java - src/share/classes/sun/io/ByteToCharGB18030DB.java - src/share/classes/sun/io/ByteToCharGBK.java - src/share/classes/sun/io/ByteToCharISCII91.java - src/share/classes/sun/io/ByteToCharISO2022.java - src/share/classes/sun/io/ByteToCharISO2022CN.java - src/share/classes/sun/io/ByteToCharISO2022JP.java - src/share/classes/sun/io/ByteToCharISO2022KR.java - src/share/classes/sun/io/ByteToCharISO8859_1.java - src/share/classes/sun/io/ByteToCharISO8859_13.java - src/share/classes/sun/io/ByteToCharISO8859_15.java - src/share/classes/sun/io/ByteToCharISO8859_2.java - src/share/classes/sun/io/ByteToCharISO8859_3.java - src/share/classes/sun/io/ByteToCharISO8859_4.java - src/share/classes/sun/io/ByteToCharISO8859_5.java - src/share/classes/sun/io/ByteToCharISO8859_6.java - src/share/classes/sun/io/ByteToCharISO8859_7.java - src/share/classes/sun/io/ByteToCharISO8859_8.java - src/share/classes/sun/io/ByteToCharISO8859_9.java - src/share/classes/sun/io/ByteToCharJIS0201.java - src/share/classes/sun/io/ByteToCharJIS0208.java - src/share/classes/sun/io/ByteToCharJIS0208_Solaris.java - src/share/classes/sun/io/ByteToCharJIS0212.java - src/share/classes/sun/io/ByteToCharJIS0212_Solaris.java - src/share/classes/sun/io/ByteToCharJISAutoDetect.java - src/share/classes/sun/io/ByteToCharJohab.java - src/share/classes/sun/io/ByteToCharKOI8_R.java - src/share/classes/sun/io/ByteToCharMS874.java - src/share/classes/sun/io/ByteToCharMS932.java - src/share/classes/sun/io/ByteToCharMS936.java - src/share/classes/sun/io/ByteToCharMS949.java - src/share/classes/sun/io/ByteToCharMS950.java - src/share/classes/sun/io/ByteToCharMS950_HKSCS.java - src/share/classes/sun/io/ByteToCharMacArabic.java - src/share/classes/sun/io/ByteToCharMacCentralEurope.java - src/share/classes/sun/io/ByteToCharMacCroatian.java - src/share/classes/sun/io/ByteToCharMacCyrillic.java - src/share/classes/sun/io/ByteToCharMacDingbat.java - src/share/classes/sun/io/ByteToCharMacGreek.java - src/share/classes/sun/io/ByteToCharMacHebrew.java - src/share/classes/sun/io/ByteToCharMacIceland.java - src/share/classes/sun/io/ByteToCharMacRoman.java - src/share/classes/sun/io/ByteToCharMacRomania.java - src/share/classes/sun/io/ByteToCharMacSymbol.java - src/share/classes/sun/io/ByteToCharMacThai.java - src/share/classes/sun/io/ByteToCharMacTurkish.java - src/share/classes/sun/io/ByteToCharMacUkraine.java - src/share/classes/sun/io/ByteToCharPCK.java - src/share/classes/sun/io/ByteToCharSJIS.java - src/share/classes/sun/io/ByteToCharSingleByte.java - src/share/classes/sun/io/ByteToCharTIS620.java - src/share/classes/sun/io/ByteToCharUTF16.java - src/share/classes/sun/io/ByteToCharUTF8.java - src/share/classes/sun/io/ByteToCharUnicode.java - src/share/classes/sun/io/ByteToCharUnicodeBig.java - src/share/classes/sun/io/ByteToCharUnicodeBigUnmarked.java - src/share/classes/sun/io/ByteToCharUnicodeLittle.java - src/share/classes/sun/io/ByteToCharUnicodeLittleUnmarked.java - src/share/classes/sun/io/CharToByteASCII.java - src/share/classes/sun/io/CharToByteBig5.java - src/share/classes/sun/io/CharToByteBig5_HKSCS.java - src/share/classes/sun/io/CharToByteBig5_Solaris.java - src/share/classes/sun/io/CharToByteConverter.java - src/share/classes/sun/io/CharToByteCp037.java - src/share/classes/sun/io/CharToByteCp1006.java - src/share/classes/sun/io/CharToByteCp1025.java - src/share/classes/sun/io/CharToByteCp1026.java - src/share/classes/sun/io/CharToByteCp1046.java - src/share/classes/sun/io/CharToByteCp1047.java - src/share/classes/sun/io/CharToByteCp1097.java - src/share/classes/sun/io/CharToByteCp1098.java - src/share/classes/sun/io/CharToByteCp1112.java - src/share/classes/sun/io/CharToByteCp1122.java - src/share/classes/sun/io/CharToByteCp1123.java - src/share/classes/sun/io/CharToByteCp1124.java - src/share/classes/sun/io/CharToByteCp1140.java - src/share/classes/sun/io/CharToByteCp1141.java - src/share/classes/sun/io/CharToByteCp1142.java - src/share/classes/sun/io/CharToByteCp1143.java - src/share/classes/sun/io/CharToByteCp1144.java - src/share/classes/sun/io/CharToByteCp1145.java - src/share/classes/sun/io/CharToByteCp1146.java - src/share/classes/sun/io/CharToByteCp1147.java - src/share/classes/sun/io/CharToByteCp1148.java - src/share/classes/sun/io/CharToByteCp1149.java - src/share/classes/sun/io/CharToByteCp1250.java - src/share/classes/sun/io/CharToByteCp1251.java - src/share/classes/sun/io/CharToByteCp1252.java - src/share/classes/sun/io/CharToByteCp1253.java - src/share/classes/sun/io/CharToByteCp1254.java - src/share/classes/sun/io/CharToByteCp1255.java - src/share/classes/sun/io/CharToByteCp1256.java - src/share/classes/sun/io/CharToByteCp1257.java - src/share/classes/sun/io/CharToByteCp1258.java - src/share/classes/sun/io/CharToByteCp1381.java - src/share/classes/sun/io/CharToByteCp1383.java - src/share/classes/sun/io/CharToByteCp273.java - src/share/classes/sun/io/CharToByteCp277.java - src/share/classes/sun/io/CharToByteCp278.java - src/share/classes/sun/io/CharToByteCp280.java - src/share/classes/sun/io/CharToByteCp284.java - src/share/classes/sun/io/CharToByteCp285.java - src/share/classes/sun/io/CharToByteCp297.java - src/share/classes/sun/io/CharToByteCp33722.java - src/share/classes/sun/io/CharToByteCp420.java - src/share/classes/sun/io/CharToByteCp424.java - src/share/classes/sun/io/CharToByteCp437.java - src/share/classes/sun/io/CharToByteCp500.java - src/share/classes/sun/io/CharToByteCp737.java - src/share/classes/sun/io/CharToByteCp775.java - src/share/classes/sun/io/CharToByteCp833.java - src/share/classes/sun/io/CharToByteCp834.java - src/share/classes/sun/io/CharToByteCp838.java - src/share/classes/sun/io/CharToByteCp850.java - src/share/classes/sun/io/CharToByteCp852.java - src/share/classes/sun/io/CharToByteCp855.java - src/share/classes/sun/io/CharToByteCp856.java - src/share/classes/sun/io/CharToByteCp857.java - src/share/classes/sun/io/CharToByteCp858.java - src/share/classes/sun/io/CharToByteCp860.java - src/share/classes/sun/io/CharToByteCp861.java - src/share/classes/sun/io/CharToByteCp862.java - src/share/classes/sun/io/CharToByteCp863.java - src/share/classes/sun/io/CharToByteCp864.java - src/share/classes/sun/io/CharToByteCp865.java - src/share/classes/sun/io/CharToByteCp866.java - src/share/classes/sun/io/CharToByteCp868.java - src/share/classes/sun/io/CharToByteCp869.java - src/share/classes/sun/io/CharToByteCp870.java - src/share/classes/sun/io/CharToByteCp871.java - src/share/classes/sun/io/CharToByteCp874.java - src/share/classes/sun/io/CharToByteCp875.java - src/share/classes/sun/io/CharToByteCp918.java - src/share/classes/sun/io/CharToByteCp921.java - src/share/classes/sun/io/CharToByteCp922.java - src/share/classes/sun/io/CharToByteCp930.java - src/share/classes/sun/io/CharToByteCp933.java - src/share/classes/sun/io/CharToByteCp935.java - src/share/classes/sun/io/CharToByteCp937.java - src/share/classes/sun/io/CharToByteCp939.java - src/share/classes/sun/io/CharToByteCp942.java - src/share/classes/sun/io/CharToByteCp942C.java - src/share/classes/sun/io/CharToByteCp943.java - src/share/classes/sun/io/CharToByteCp943C.java - src/share/classes/sun/io/CharToByteCp948.java - src/share/classes/sun/io/CharToByteCp949.java - src/share/classes/sun/io/CharToByteCp949C.java - src/share/classes/sun/io/CharToByteCp950.java - src/share/classes/sun/io/CharToByteCp964.java - src/share/classes/sun/io/CharToByteCp970.java - src/share/classes/sun/io/CharToByteDBCS_ASCII.java - src/share/classes/sun/io/CharToByteDBCS_EBCDIC.java - src/share/classes/sun/io/CharToByteDoubleByte.java - src/share/classes/sun/io/CharToByteEUC.java - src/share/classes/sun/io/CharToByteEUC_CN.java - src/share/classes/sun/io/CharToByteEUC_JP.java - src/share/classes/sun/io/CharToByteEUC_JP_LINUX.java - src/share/classes/sun/io/CharToByteEUC_JP_Solaris.java - src/share/classes/sun/io/CharToByteEUC_KR.java - src/share/classes/sun/io/CharToByteEUC_TW.java - src/share/classes/sun/io/CharToByteGB18030.java - src/share/classes/sun/io/CharToByteGBK.java - src/share/classes/sun/io/CharToByteISCII91.java - src/share/classes/sun/io/CharToByteISO2022.java - src/share/classes/sun/io/CharToByteISO2022CN_CNS.java - src/share/classes/sun/io/CharToByteISO2022CN_GB.java - src/share/classes/sun/io/CharToByteISO2022JP.java - src/share/classes/sun/io/CharToByteISO2022KR.java - src/share/classes/sun/io/CharToByteISO8859_1.java - src/share/classes/sun/io/CharToByteISO8859_13.java - src/share/classes/sun/io/CharToByteISO8859_15.java - src/share/classes/sun/io/CharToByteISO8859_2.java - src/share/classes/sun/io/CharToByteISO8859_3.java - src/share/classes/sun/io/CharToByteISO8859_4.java - src/share/classes/sun/io/CharToByteISO8859_5.java - src/share/classes/sun/io/CharToByteISO8859_6.java - src/share/classes/sun/io/CharToByteISO8859_7.java - src/share/classes/sun/io/CharToByteISO8859_8.java - src/share/classes/sun/io/CharToByteISO8859_9.java - src/share/classes/sun/io/CharToByteJIS0201.java - src/share/classes/sun/io/CharToByteJIS0208.java - src/share/classes/sun/io/CharToByteJIS0208_Solaris.java - src/share/classes/sun/io/CharToByteJIS0212.java - src/share/classes/sun/io/CharToByteJIS0212_Solaris.java - src/share/classes/sun/io/CharToByteJohab.java - src/share/classes/sun/io/CharToByteKOI8_R.java - src/share/classes/sun/io/CharToByteMS874.java - src/share/classes/sun/io/CharToByteMS932.java - src/share/classes/sun/io/CharToByteMS936.java - src/share/classes/sun/io/CharToByteMS949.java - src/share/classes/sun/io/CharToByteMS950.java - src/share/classes/sun/io/CharToByteMS950_HKSCS.java - src/share/classes/sun/io/CharToByteMacArabic.java - src/share/classes/sun/io/CharToByteMacCentralEurope.java - src/share/classes/sun/io/CharToByteMacCroatian.java - src/share/classes/sun/io/CharToByteMacCyrillic.java - src/share/classes/sun/io/CharToByteMacDingbat.java - src/share/classes/sun/io/CharToByteMacGreek.java - src/share/classes/sun/io/CharToByteMacHebrew.java - src/share/classes/sun/io/CharToByteMacIceland.java - src/share/classes/sun/io/CharToByteMacRoman.java - src/share/classes/sun/io/CharToByteMacRomania.java - src/share/classes/sun/io/CharToByteMacSymbol.java - src/share/classes/sun/io/CharToByteMacThai.java - src/share/classes/sun/io/CharToByteMacTurkish.java - src/share/classes/sun/io/CharToByteMacUkraine.java - src/share/classes/sun/io/CharToBytePCK.java - src/share/classes/sun/io/CharToByteSJIS.java - src/share/classes/sun/io/CharToByteSingleByte.java - src/share/classes/sun/io/CharToByteTIS620.java - src/share/classes/sun/io/CharToByteUTF16.java - src/share/classes/sun/io/CharToByteUTF8.java - src/share/classes/sun/io/CharToByteUnicode.java - src/share/classes/sun/io/CharToByteUnicodeBig.java - src/share/classes/sun/io/CharToByteUnicodeBigUnmarked.java - src/share/classes/sun/io/CharToByteUnicodeLittle.java - src/share/classes/sun/io/CharToByteUnicodeLittleUnmarked.java - src/share/classes/sun/io/CharacterEncoding.java - src/share/classes/sun/io/ConversionBufferFullException.java - src/share/classes/sun/io/Converters.java - src/share/classes/sun/io/MalformedInputException.java - src/share/classes/sun/io/UnknownCharacterException.java ! src/share/demo/nio/zipfs/src/com/sun/nio/zipfs/ZipFileSystem.java - test/sun/nio/cs/TestISCII91.java Changeset: a6e1c192951a Author: schien Date: 2011-09-08 16:59 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/a6e1c192951a Added tag jdk8-b04 for changeset fc569517f3cf ! .hgtags Changeset: 22c843299c5b Author: lana Date: 2011-09-10 21:30 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/22c843299c5b Merge From jonathan.gibbons at oracle.com Mon Sep 12 18:39:46 2011 From: jonathan.gibbons at oracle.com (jonathan.gibbons at oracle.com) Date: Mon, 12 Sep 2011 18:39:46 +0000 Subject: hg: jdk8/tl/langtools: 2 new changesets Message-ID: <20110912183950.64E52475B1@hg.openjdk.java.net> Changeset: edd7d9bd32dd Author: jjg Date: 2011-09-12 11:39 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/edd7d9bd32dd 7068451: Regression: javac compiles fixed sources against previous, not current, version of generated sources Reviewed-by: mcimadamore ! src/share/classes/com/sun/tools/javac/file/RegularFileObject.java ! src/share/classes/com/sun/tools/javac/nio/PathFileObject.java ! src/share/classes/com/sun/tools/javac/util/BaseFileManager.java + test/tools/javac/file/T7068451.java Changeset: f1431cace56e Author: jjg Date: 2011-09-12 11:40 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/f1431cace56e Merge From sean.coffey at oracle.com Tue Sep 13 10:27:11 2011 From: sean.coffey at oracle.com (sean.coffey at oracle.com) Date: Tue, 13 Sep 2011 10:27:11 +0000 Subject: hg: jdk8/tl/jdk: 7082769: FileInputStream/FileOutputStream/RandomAccessFile allow file descriptor be closed when still in use Message-ID: <20110913102739.9493E47630@hg.openjdk.java.net> Changeset: e0c1282a0ead Author: coffeys Date: 2011-09-13 11:21 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/e0c1282a0ead 7082769: FileInputStream/FileOutputStream/RandomAccessFile allow file descriptor be closed when still in use Reviewed-by: alanb ! src/share/classes/java/io/FileInputStream.java ! src/share/classes/java/io/FileOutputStream.java ! src/share/classes/java/io/RandomAccessFile.java + test/java/io/etc/FileDescriptorSharing.java From maurizio.cimadamore at oracle.com Tue Sep 13 13:16:34 2011 From: maurizio.cimadamore at oracle.com (maurizio.cimadamore at oracle.com) Date: Tue, 13 Sep 2011 13:16:34 +0000 Subject: hg: jdk8/tl/langtools: 3 new changesets Message-ID: <20110913131642.8590147636@hg.openjdk.java.net> Changeset: ed338593b0b6 Author: mcimadamore Date: 2011-09-13 14:14 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/ed338593b0b6 7086595: Error message bug: name of initializer is 'null' Summary: Implementation of MethodSymbol.location() should take into account static/instance initializers Reviewed-by: jjg ! src/share/classes/com/sun/tools/javac/code/Kinds.java ! src/share/classes/com/sun/tools/javac/code/Printer.java ! src/share/classes/com/sun/tools/javac/code/Symbol.java ! src/share/classes/com/sun/tools/javac/comp/Check.java ! src/share/classes/com/sun/tools/javac/resources/compiler.properties ! src/share/classes/com/sun/tools/javac/util/RichDiagnosticFormatter.java + test/tools/javac/7086595/T7086595.java + test/tools/javac/7086595/T7086595.out ! test/tools/javac/Diagnostics/6860795/T6860795.out ! test/tools/javac/LocalClasses_2.out ! test/tools/javac/NestedInnerClassNames.out ! test/tools/javac/TryWithResources/BadTwr.out ! test/tools/javac/TryWithResources/DuplicateResourceDecl.out + test/tools/javac/diags/examples/AlreadyDefinedClinit.java + test/tools/javac/diags/examples/KindnameInstanceInit.java + test/tools/javac/diags/examples/KindnameStaticInit.java ! test/tools/javac/generics/6910550/T6910550d.out Changeset: f595d8bc0599 Author: mcimadamore Date: 2011-09-13 14:15 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/f595d8bc0599 7003595: IncompatibleClassChangeError with unreferenced local class with subclass Summary: Compiler omits unreferenced local inner classes from the InnerClasses attribute Reviewed-by: jjg ! src/share/classes/com/sun/tools/javac/code/Symbol.java ! src/share/classes/com/sun/tools/javac/comp/Lower.java ! src/share/classes/com/sun/tools/javac/jvm/ClassWriter.java + test/tools/javac/7003595/T7003595.java + test/tools/javac/7003595/T7003595b.java Changeset: 3a2200681d69 Author: mcimadamore Date: 2011-09-13 14:15 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/3a2200681d69 7086601: Error message bug: cause for method mismatch is 'null' Summary: Inference error during lub() does not set 'cause' for method resolution diagnostic Reviewed-by: jjg ! src/share/classes/com/sun/tools/javac/comp/Infer.java ! src/share/classes/com/sun/tools/javac/resources/compiler.properties + test/tools/javac/diags/examples/IncompatibleUpperBounds.java + test/tools/javac/generics/inference/7086601/T7086601a.java + test/tools/javac/generics/inference/7086601/T7086601a.out + test/tools/javac/generics/inference/7086601/T7086601b.java From lana.steuck at oracle.com Tue Sep 13 15:38:36 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Tue, 13 Sep 2011 15:38:36 +0000 Subject: hg: jdk8/tl: 7 new changesets Message-ID: <20110913153837.1B6294763C@hg.openjdk.java.net> Changeset: 3bec5415a227 Author: cl Date: 2011-08-18 18:55 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/rev/3bec5415a227 Added tag jdk8-b01 for changeset f42e3d9394b4 ! .hgtags Changeset: e01201e727da Author: neugens Date: 2011-07-26 21:54 +0200 URL: http://hg.openjdk.java.net/jdk8/tl/rev/e01201e727da 7071275: Fix jdk7 references in README files, remove Forest Extension mentions Summary: Change documentation to remove reference to forest and reflect update to jdk8. Reviewed-by: ohair ! README ! README-builds.html Changeset: 69f592185747 Author: schien Date: 2011-08-24 13:50 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/rev/69f592185747 Merge Changeset: 587bb549dff8 Author: schien Date: 2011-08-25 17:17 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/rev/587bb549dff8 Added tag jdk8-b02 for changeset 69f592185747 ! .hgtags Changeset: 0b66a233bfb9 Author: schien Date: 2011-09-01 13:54 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/rev/0b66a233bfb9 Added tag jdk8-b03 for changeset 587bb549dff8 ! .hgtags Changeset: b910aac18c77 Author: schien Date: 2011-09-08 16:59 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/rev/b910aac18c77 Added tag jdk8-b04 for changeset 0b66a233bfb9 ! .hgtags Changeset: 123873564c23 Author: lana Date: 2011-09-13 08:37 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/rev/123873564c23 Merge From sean.mullan at oracle.com Tue Sep 13 19:52:48 2011 From: sean.mullan at oracle.com (Sean Mullan) Date: Tue, 13 Sep 2011 15:52:48 -0400 Subject: request for reviews for bug# 7049963 In-Reply-To: <4E6F8A6C.9020805@oracle.com> References: <4E6F8A6C.9020805@oracle.com> Message-ID: <4E6FB490.3000503@oracle.com> On 9/13/11 12:53 PM, Mala Bankal wrote: > HI Sean, > > Request for review : > bug# 7049963 - DISTINGUISHED NAMES FOR CERT ARE ESCAPED IN JROCKIT > 1.6(NOT COMPATIBLE WITH JROC > > For jdk8 > > http://cr.openjdk.java.net/~mbankal/7049963/webrev_jdk8.00/ Looks fine. However, you are not a committer on the jdk8 project [1] so you do not have the rights to push changesets to JDK 8. I will need to push this for you. Have you also done a successful jprt build and test? If so, then I'll contact you separately to work out how I can push the changeset for you. > for jdk7u2 > > http://cr.openjdk.java.net/~mbankal/7049963/webrev.00/ The process for pushing changesets to JDK 7 updates are done differently [2]. Also, you are not a committer on the jdk7u project so someone else will have to push for you. Let's work on getting the fix into JDK 8 first. --Sean [1] http://openjdk.java.net/census/ [2] http://openjdk.java.net/projects/jdk7u/ From mala.bankal at oracle.com Tue Sep 13 16:53:00 2011 From: mala.bankal at oracle.com (Mala Bankal) Date: Tue, 13 Sep 2011 22:23:00 +0530 Subject: request for reviews for bug# 7049963 Message-ID: <4E6F8A6C.9020805@oracle.com> HI Sean, Request for review : bug# 7049963 - DISTINGUISHED NAMES FOR CERT ARE ESCAPED IN JROCKIT 1.6(NOT COMPATIBLE WITH JROC For jdk8 http://cr.openjdk.java.net/~mbankal/7049963/webrev_jdk8.00/ for jdk7u2 http://cr.openjdk.java.net/~mbankal/7049963/webrev.00/ Since the testcase will be integrated in the closedjdk repository it is raised separately: http://jpsesvr.us.oracle.com:8080/ctetools/html/Approve.jsp?index=4249 http://jpsesvr.us.oracle.com:8080/ctetools/html/Approve.jsp?index=4251 Thanks . rgds mala From mandy.chung at oracle.com Tue Sep 13 23:37:22 2011 From: mandy.chung at oracle.com (mandy.chung at oracle.com) Date: Tue, 13 Sep 2011 23:37:22 +0000 Subject: hg: jdk8/tl/langtools: 7090297: Remove com.sun.tools.javac.Launcher from tools.jar Message-ID: <20110913233724.C1CA847657@hg.openjdk.java.net> Changeset: ca2e2b85f437 Author: mchung Date: 2011-09-13 16:37 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/ca2e2b85f437 7090297: Remove com.sun.tools.javac.Launcher from tools.jar Reviewed-by: jjg - src/share/classes/com/sun/tools/javac/Launcher.java From mala.bankal at oracle.com Wed Sep 14 03:48:56 2011 From: mala.bankal at oracle.com (Mala Bankal) Date: Wed, 14 Sep 2011 09:18:56 +0530 Subject: request for reviews for bug# 7049963 In-Reply-To: <4E6FB490.3000503@oracle.com> References: <4E6F8A6C.9020805@oracle.com> <4E6FB490.3000503@oracle.com> Message-ID: <4E702428.7030206@oracle.com> HI Sean, Yes i have done a successful build and tests, i can point you to the builds and tests. rgds mala On 9/14/2011 1:22 AM, Sean Mullan wrote: > On 9/13/11 12:53 PM, Mala Bankal wrote: >> HI Sean, >> >> Request for review : >> bug# 7049963 - DISTINGUISHED NAMES FOR CERT ARE ESCAPED IN JROCKIT >> 1.6(NOT COMPATIBLE WITH JROC >> >> For jdk8 >> >> http://cr.openjdk.java.net/~mbankal/7049963/webrev_jdk8.00/ > Looks fine. However, you are not a committer on the jdk8 project [1] so you do > not have the rights to push changesets to JDK 8. I will need to push this for > you. Have you also done a successful jprt build and test? If so, then I'll > contact you separately to work out how I can push the changeset for you. > >> for jdk7u2 >> >> http://cr.openjdk.java.net/~mbankal/7049963/webrev.00/ > The process for pushing changesets to JDK 7 updates are done differently [2]. > Also, you are not a committer on the jdk7u project so someone else will have to > push for you. > > Let's work on getting the fix into JDK 8 first. > > --Sean > > [1] http://openjdk.java.net/census/ > [2] http://openjdk.java.net/projects/jdk7u/ From kurchi.subhra.hazra at oracle.com Fri Sep 9 18:08:13 2011 From: kurchi.subhra.hazra at oracle.com (Kurchi Hazra) Date: Fri, 09 Sep 2011 11:08:13 -0700 Subject: Code review request: 7088502 Security libraries don't build with javac -Werror Message-ID: <4E6A560D.6030306@oracle.com> Hi Sean, Can you please review these changes? Summary: * Small changes to Java files in src/share/classes/com/sun/org/apache/xml/internal/security and its subpackages to remove build warnings. * Small changes to relevant makefiles to prevent reintroduction of removed warnings. webrev: http://cr.openjdk.java.net/~mullan/kurchi/7088502/webrev.00/ Note: The bug details should show on bugs.sun.com soon. Thanks, Kurchi -------------- next part -------------- An HTML attachment was scrubbed... URL: From mandy.chung at oracle.com Wed Sep 14 15:34:37 2011 From: mandy.chung at oracle.com (mandy.chung at oracle.com) Date: Wed, 14 Sep 2011 15:34:37 +0000 Subject: hg: jdk8/tl/jdk: 6915797: Remove sun.tools.jar.JarImageSource that is not used; ... Message-ID: <20110914153514.CB9074768E@hg.openjdk.java.net> Changeset: 04672e957da0 Author: mchung Date: 2011-09-14 08:33 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/04672e957da0 6915797: Remove sun.tools.jar.JarImageSource that is not used 7090178: Move java.util.XMLUtils to another package to avoid split package Reviewed-by: alanb, sherman ! make/java/java/FILES_java.gmk ! make/sun/Makefile + make/sun/util/Makefile ! src/share/classes/java/util/Properties.java - src/share/classes/java/util/XMLUtils.java - src/share/classes/sun/tools/jar/JarImageSource.java + src/share/classes/sun/util/xml/XMLUtils.java From vincent.x.ryan at oracle.com Wed Sep 14 18:17:13 2011 From: vincent.x.ryan at oracle.com (Vincent Ryan) Date: Wed, 14 Sep 2011 19:17:13 +0100 Subject: 7054637 closed/lib/security/cacerts/VerifyCACerts.java failed on solaris 11 Message-ID: <4E70EFA9.6020707@oracle.com> Please review the following fix to the SunPKCS11 JCE provider: http://cr.openjdk.java.net/~vinnie/7054637/webrev.00/ The problem is that some older PKCS11 tokens support only the raw encoding for EC point in Elliptic Curve public keys. This fix introduces a configuration attribute that controls whether the raw-encoding or DER-encoding shall be used. It aids interoperability between older and newer PKCS11 tokens. Thanks. From joe.darcy at oracle.com Wed Sep 14 18:32:27 2011 From: joe.darcy at oracle.com (joe.darcy at oracle.com) Date: Wed, 14 Sep 2011 18:32:27 +0000 Subject: hg: jdk8/tl/jdk: 6879143: java.math.BigInteger misses the xxxValueExact methods Message-ID: <20110914183251.BDFE947697@hg.openjdk.java.net> Changeset: 2a8072c7cf99 Author: darcy Date: 2011-09-14 11:32 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/2a8072c7cf99 6879143: java.math.BigInteger misses the xxxValueExact methods Reviewed-by: alanb ! src/share/classes/java/math/BigInteger.java + test/java/math/BigInteger/TestValueExact.java From jonathan.gibbons at oracle.com Wed Sep 14 19:08:30 2011 From: jonathan.gibbons at oracle.com (jonathan.gibbons at oracle.com) Date: Wed, 14 Sep 2011 19:08:30 +0000 Subject: hg: jdk8/tl/langtools: 7080267: Call to toString() from an ExpressionStatementTree doesn't take in consideration the "; " at the end Message-ID: <20110914190835.322694769A@hg.openjdk.java.net> Changeset: 0f3da6af9799 Author: jjg Date: 2011-09-14 12:07 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/0f3da6af9799 7080267: Call to toString() from an ExpressionStatementTree doesn't take in consideration the ";" at the end Reviewed-by: mcimadamore ! src/share/classes/com/sun/tools/javac/tree/JCTree.java + test/tools/javac/tree/TestToString.java From jonathan.gibbons at oracle.com Wed Sep 14 19:15:34 2011 From: jonathan.gibbons at oracle.com (jonathan.gibbons at oracle.com) Date: Wed, 14 Sep 2011 19:15:34 +0000 Subject: hg: jdk8/tl/langtools: 7090249: IllegalStateException from Trees.getScope when called from JSR 199 Message-ID: <20110914191536.C5AF44769B@hg.openjdk.java.net> Changeset: 1807fc3fd33c Author: jjg Date: 2011-09-14 12:14 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/1807fc3fd33c 7090249: IllegalStateException from Trees.getScope when called from JSR 199 Reviewed-by: mcimadamore ! src/share/classes/com/sun/tools/javac/api/JavacTaskImpl.java ! src/share/classes/com/sun/tools/javac/api/JavacTrees.java + test/tools/javac/api/TestGetScope.java From joe.darcy at oracle.com Wed Sep 14 20:09:32 2011 From: joe.darcy at oracle.com (joe.darcy at oracle.com) Date: Wed, 14 Sep 2011 20:09:32 +0000 Subject: hg: jdk8/tl/jdk: 7088500: there is no @since tag on SafeVarargs Message-ID: <20110914200950.1E9784769E@hg.openjdk.java.net> Changeset: 84da01e00e6c Author: darcy Date: 2011-09-14 13:09 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/84da01e00e6c 7088500: there is no @since tag on SafeVarargs Reviewed-by: mduigou ! src/share/classes/java/lang/SafeVarargs.java From valerie.peng at oracle.com Wed Sep 14 20:30:47 2011 From: valerie.peng at oracle.com (Valerie (Yu-Ching) Peng) Date: Wed, 14 Sep 2011 13:30:47 -0700 Subject: 7054637 closed/lib/security/cacerts/VerifyCACerts.java failed on solaris 11 In-Reply-To: <4E70EFA9.6020707@oracle.com> References: <4E70EFA9.6020707@oracle.com> Message-ID: <4E710EF7.5030908@oracle.com> As long as Solaris supports both key formats after fixing 6830224, then it'd be fine, I guess. Oh, are you gonna change the synopsis to describe the cause of the problem? I'd also prefer it that way. Thanks, Valerie On 09/14/11 11:17, Vincent Ryan wrote: > Please review the following fix to the SunPKCS11 JCE provider: > > http://cr.openjdk.java.net/~vinnie/7054637/webrev.00/ > > The problem is that some older PKCS11 tokens support only the raw encoding for > EC point in Elliptic Curve public keys. This fix introduces a configuration > attribute that controls whether the raw-encoding or DER-encoding shall be used. > > It aids interoperability between older and newer PKCS11 tokens. > > Thanks. > > > From jonathan.gibbons at oracle.com Wed Sep 14 22:50:36 2011 From: jonathan.gibbons at oracle.com (jonathan.gibbons at oracle.com) Date: Wed, 14 Sep 2011 22:50:36 +0000 Subject: hg: jdk8/tl/langtools: 7090700: fix for 7080267 breaks two tests Message-ID: <20110914225041.317D3476AB@hg.openjdk.java.net> Changeset: a6e2c1840ea1 Author: jjg Date: 2011-09-14 15:49 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/a6e2c1840ea1 7090700: fix for 7080267 breaks two tests Reviewed-by: ksrini ! src/share/classes/com/sun/tools/javac/tree/JCTree.java From jonathan.gibbons at oracle.com Thu Sep 15 01:28:11 2011 From: jonathan.gibbons at oracle.com (jonathan.gibbons at oracle.com) Date: Thu, 15 Sep 2011 01:28:11 +0000 Subject: hg: jdk8/tl/langtools: 7068437: Regression: Filer.getResource(SOURCE_OUTPUT, ...) no longer works in JDK 7 w/o -s Message-ID: <20110915012815.BE92D476BB@hg.openjdk.java.net> Changeset: 826ae6a2f27d Author: jjg Date: 2011-09-14 18:26 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/826ae6a2f27d 7068437: Regression: Filer.getResource(SOURCE_OUTPUT, ...) no longer works in JDK 7 w/o -s Reviewed-by: darcy ! src/share/classes/com/sun/tools/javac/processing/JavacFiler.java + test/tools/javac/file/T7068437.java From mala.bankal at oracle.com Thu Sep 15 05:37:40 2011 From: mala.bankal at oracle.com (mala.bankal at oracle.com) Date: Thu, 15 Sep 2011 05:37:40 +0000 Subject: hg: jdk8/tl/jdk: 2 new changesets Message-ID: <20110915053826.6EAC8476C5@hg.openjdk.java.net> Changeset: 52bc200b14e5 Author: mbankal Date: 2011-09-14 21:43 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/52bc200b14e5 7049963: DISTINGUISHED NAMES FOR CERT ARE ESCAPED IN JROCKIT 1.6(NOT COMPATIBLE WITH JROC Reviewed-by: mullan ! src/share/classes/sun/security/x509/AVA.java Changeset: 1260be51581f Author: mbankal Date: 2011-09-14 22:36 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/1260be51581f Merge From yuka.kamiya at oracle.com Thu Sep 15 05:47:31 2011 From: yuka.kamiya at oracle.com (yuka.kamiya at oracle.com) Date: Thu, 15 Sep 2011 05:47:31 +0000 Subject: hg: jdk8/tl/jdk: 7090844: Support a timezone whose offset is changed more than once in the future Message-ID: <20110915054803.75CD1476C7@hg.openjdk.java.net> Changeset: f114bddac6d6 Author: peytoia Date: 2011-09-15 14:45 +0900 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f114bddac6d6 7090844: Support a timezone whose offset is changed more than once in the future Reviewed-by: okutsu ! make/tools/src/build/tools/javazic/Mappings.java From yuka.kamiya at oracle.com Thu Sep 15 06:04:14 2011 From: yuka.kamiya at oracle.com (yuka.kamiya at oracle.com) Date: Thu, 15 Sep 2011 06:04:14 +0000 Subject: hg: jdk8/tl/jdk: 7090843: (tz) Support tzdata2011j Message-ID: <20110915060434.744A3476C9@hg.openjdk.java.net> Changeset: 5e403e9fa34a Author: peytoia Date: 2011-09-15 15:02 +0900 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/5e403e9fa34a 7090843: (tz) Support tzdata2011j Reviewed-by: okutsu ! make/sun/javazic/tzdata/VERSION ! make/sun/javazic/tzdata/africa ! make/sun/javazic/tzdata/antarctica ! make/sun/javazic/tzdata/asia ! make/sun/javazic/tzdata/australasia ! make/sun/javazic/tzdata/europe ! make/sun/javazic/tzdata/iso3166.tab ! make/sun/javazic/tzdata/northamerica ! make/sun/javazic/tzdata/southamerica ! make/sun/javazic/tzdata/zone.tab ! src/share/classes/sun/util/resources/TimeZoneNames.java ! src/share/classes/sun/util/resources/TimeZoneNames_de.java ! src/share/classes/sun/util/resources/TimeZoneNames_es.java ! src/share/classes/sun/util/resources/TimeZoneNames_fr.java ! src/share/classes/sun/util/resources/TimeZoneNames_it.java ! src/share/classes/sun/util/resources/TimeZoneNames_ja.java ! src/share/classes/sun/util/resources/TimeZoneNames_ko.java ! src/share/classes/sun/util/resources/TimeZoneNames_pt_BR.java ! src/share/classes/sun/util/resources/TimeZoneNames_sv.java ! src/share/classes/sun/util/resources/TimeZoneNames_zh_CN.java ! src/share/classes/sun/util/resources/TimeZoneNames_zh_TW.java From vincent.x.ryan at oracle.com Thu Sep 15 08:20:27 2011 From: vincent.x.ryan at oracle.com (Vincent Ryan) Date: Thu, 15 Sep 2011 09:20:27 +0100 Subject: 7054637 closed/lib/security/cacerts/VerifyCACerts.java failed on solaris 11 In-Reply-To: <4E710EF7.5030908@oracle.com> References: <4E70EFA9.6020707@oracle.com> <4E710EF7.5030908@oracle.com> Message-ID: <4E71B54B.7080006@oracle.com> On 09/14/11 09:30 PM, Valerie (Yu-Ching) Peng wrote: > > As long as Solaris supports both key formats after fixing 6830224, then it'd be > fine, I guess. > > Oh, are you gonna change the synopsis to describe the cause of the problem? I'd > also prefer it that way. I've fixed that: http://monaco.sfbay.sun.com/detail.jsf?cr=7054637 Thanks. > Thanks, > Valerie > > On 09/14/11 11:17, Vincent Ryan wrote: >> Please review the following fix to the SunPKCS11 JCE provider: >> >> http://cr.openjdk.java.net/~vinnie/7054637/webrev.00/ >> >> The problem is that some older PKCS11 tokens support only the raw encoding for >> EC point in Elliptic Curve public keys. This fix introduces a configuration >> attribute that controls whether the raw-encoding or DER-encoding shall be used. >> >> It aids interoperability between older and newer PKCS11 tokens. >> >> Thanks. >> >> >> > From michael.x.mcmahon at oracle.com Thu Sep 15 13:11:51 2011 From: michael.x.mcmahon at oracle.com (michael.x.mcmahon at oracle.com) Date: Thu, 15 Sep 2011 13:11:51 +0000 Subject: hg: jdk8/tl/jdk: 2 new changesets Message-ID: <20110915131231.D43BB476DD@hg.openjdk.java.net> Changeset: 9281d65f911a Author: michaelm Date: 2011-09-15 13:50 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/9281d65f911a 7073491: -Dsun.net.maxDatagramSockets=1 does not work correctly with system.gc() Reviewed-by: ngmr ! src/share/classes/java/net/AbstractPlainDatagramSocketImpl.java Changeset: 34fc7bbbb465 Author: michaelm Date: 2011-09-15 14:10 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/34fc7bbbb465 Merge - src/share/classes/java/util/XMLUtils.java - src/share/classes/sun/tools/jar/JarImageSource.java From dennis.gu at oracle.com Wed Sep 14 15:05:23 2011 From: dennis.gu at oracle.com (Dennis Gu) Date: Wed, 14 Sep 2011 15:05:23 -0000 Subject: Enhance toString() to return structured info, for certificate and probably more In-Reply-To: <4E55B66C.4020008@oracle.com> References: <4E55B66C.4020008@oracle.com> Message-ID: <4E565992.6080301@oracle.com> Hi Max: In Java plugin, we display the detail information of certificate in both Java Control panel and certificate dialog box from security warning, we also extract entension from certificate to make sure they are valid to use. Currently we are parsing the X509Certificate object to extract all the detail information of certificate, the fields of certificate we need to display are match to IE browser certificate information. Yes, it would be helpful to provide a API/Object for deployment code to retrieve those information. Dennis Weijun Wang wrote: > Hi All > > I was talking with Xuelei on how to better display certificate info. > There are 3 cases we can currently think of: > > 1. debug output > 2. keytool/jarsigner output > 3. Java plugin display > > The 1st one is the most primitive one and can be a single string, the > 2nd is also a string but have some format and needs to localized, the > third is a series of Swing controls. > > But the contents of all 3 are the same, and hopefully can be provided > in a single method. Each consumer can just display it in its own > style, with no need to understand Certificate fields, OIDs, etc. It's > just like XSLT transformation of XML files. > > So what shall I do? Let toString() outputs a long string in XML or JSON? > > Or, create a new method describe() or toDescription() that returns a > UnmodifiableMap (based on a LinkedHashMap to preserve order)? > > I prefer the latter because there is no need to parse the output, and > at least in the case of certificate, since a certificate contains > extensions, it's very easy to stuff several maps inside another one. > The map's keys are strings, and values can be another map or a simple > data object, say, primitive, string, or Date. > > So this needs a new interface Descriptable. It can either be: > > interface sun.security.util.Descriptable; > sun.security.x509.X509CertImpl implements Descriptable; > sun.security.x509.Extension implements Descriptable; > > or > > interface java.security.Descriptable; > java.security.cert.X509Certificate implements Descriptable; > java.security.cert.Extension implements Descriptable; > > or if there are other people find it useful, it can be inside the > java.util package. > > What's your ideas? Do you also need such a method? > > Thanks > Max From pcj at roundroom.net Wed Sep 14 15:05:26 2011 From: pcj at roundroom.net (Peter Jones) Date: Wed, 14 Sep 2011 15:05:26 -0000 Subject: Request for review Remove "private" cause in jdk exceptions In-Reply-To: <4E56E235.6010307@gmx.de> References: <4E525386.9000207@gmx.de> <4E52758D.2020208@oracle.com> <4E56C6CC.7010305@gmx.de> <4E56CB90.60508@gmx.de> <4E56E235.6010307@gmx.de> Message-ID: On Aug 25, 2011, at 8:00 PM, Sebastian Sickelmann wrote: > Am 26.08.2011 00:24, schrieb Sebastian Sickelmann: >> Am 26.08.2011 00:03, schrieb Sebastian Sickelmann: >>> I have found more places in jdk source where an Exception has a private cause field. >>> >>> share/classes/javax/management/remote/JMXProviderException.java: private Throwable cause = null; >>> share/classes/javax/xml/crypto/KeySelectorException.java: private Throwable cause; >>> share/classes/javax/xml/crypto/NoSuchMechanismException.java: private Throwable cause; >>> share/classes/javax/xml/crypto/MarshalException.java: private Throwable cause; >>> share/classes/javax/xml/crypto/dsig/XMLSignatureException.java: private Throwable cause; >>> share/classes/javax/xml/crypto/dsig/TransformException.java: private Throwable cause; >>> share/classes/javax/xml/crypto/URIReferenceException.java: private Throwable cause; >>> >>> 7081804 handles NoSuchMechanismException. >>> Is there a way to expand it to at least the xml/crypto/**/* Exceptions? >>> JMXProviderException should be fine too. >>> >>> I would create a CR for the changes to me made to change and test this. >>> Would it be good to have some utility-code in Throwable to don't introduce to much code-duplication? >>> >>> -- Sebastian >> After a very quick analysis i think i found more candidates for removing private causes. >> share/classes/javax/security/sasl/SaslException.java: private Throwable _exception; >> share/classes/java/lang/reflect/UndeclaredThrowableException.java: private Throwable undeclaredThrowable; >> share/classes/java/lang/reflect/InvocationTargetException.java: private Throwable target; >> share/classes/java/lang/ClassNotFoundException.java: private Throwable ex; >> share/classes/com/sun/java/browser/dom/DOMAccessException.java: private Throwable ex; >> share/classes/com/sun/java/browser/dom/DOMUnsupportedException.java: private Throwable ex; >> share/classes/javax/naming/NamingException.java: protected Throwable rootException = null; >> share/classes/java/rmi/RemoteException.java: public Throwable detail; >> share/classes/java/rmi/activation/ActivationException.java: public Throwable detail; >> >> Some of them need deeper inspection. Some of them are the same as the above noted Exceptions in xml/crypto package. >> >> - Sebastian > OK. Webrev is there: http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/REBASED_ON_8018d541a7b2_2/ > > Can someone review this? Sebastian, Public fields like RemoteException.detail, ill-advised as they may have been, cannot be removed (would break binary compatibility). This change proposes additions to the public API (subclass interface) of java.lang.Throwable, which would need additional approval process. Without getting into detailed design critique, the proposed protected methods seem to add subtle complexity to the subclass interface of this central class, which leads me to: Is there a particular problem that these changes are attempting to address? Many of these exception classes had cause-like fields prior to the addition of Throwable.cause in 1.4, and as described in their class docs, for 1.4 they were each retrofitted, with some care, to work well with the general cause APIs added to Throwable. (Also see the doc for Throwable.getCause, which describes how subclasses can override it to take responsibility for their causes.) These changes seem to be about implementing an alternate approach to that retrofitting, with considerably higher complexity (serialized form compatibility code) and risk, and I don't understand why-- I don't see a motivation discussed earlier on core-libs-dev? Cheers, -- Peter From weijun.wang at oracle.com Fri Sep 16 04:00:24 2011 From: weijun.wang at oracle.com (Weijun Wang) Date: Fri, 16 Sep 2011 12:00:24 +0800 Subject: code review request: 7089889: Krb5LoginModule.login() throws an exception if used without a keytab Message-ID: <4E72C9D8.6070206@oracle.com> Hi All Code changes at http://cr.openjdk.java.net/~weijun/7089889/webrev.00/ KrbAsReqBuilder maintains a state enforcement: at the beginning it's INIT, after doing an AS-REQ it's OK, and we used to only allow getKeys() to be called when the state is OK. Now if an acceptor has isInitiator=false, the OK state will never be reached. In most cases, an acceptor uses a keytab so getKeys() is not called. However, if it uses username/password (most likely in a peer-to-peer case and the acceptor chooses not to login), getKeys() is needed and an exception is thrown. This code change makes getKeys() callable at both INIT and OK states. In order to do this, the checkState() method now accepts varargs. I'll backport this to 7u2, and since 7u2 is now in phase 2, I think I need at least 2 reviewers. Thanks Max -------- Original Message -------- *Change Request ID*: 7089889 *Synopsis*: Krb5LoginModule.login() throws an exception if used without a keytab === *Description* ============================================================ FULL PRODUCT VERSION : java version "1.7.0" Java(TM) SE Runtime Environment (build 1.7.0-b147) Java HotSpot(TM) Client VM (build 21.0-b17, mixed mode, sharing) A DESCRIPTION OF THE PROBLEM : The call to LoginContext.login() fails with an exception if the LoginContext is configured to use Krb5LoginModule with the following options: storeKey="true" useKeyTab="false" isInitiator="false" This appears to be a regression due to an attempt to solve bug '6941083'. The following source code is taken from Kb5LoginModule.attemptAuthentication(false): if (ktab == null) { promptForPass(getPasswdFromSharedState); builder = new KrbAsReqBuilder(principal, password); if (isInitiator) { // XXX Even if isInitiator=false, it might be // better to do an AS-REQ so that keys can be // updated with PA info cred = builder.action().getCreds(); } if (storeKey) { encKeys = builder.getKeys(); // When encKeys is empty, the login actually fails. // For compatibility, exception is thrown in commit(). } } This code path results builder.getGeys() being called while the builder's state is 'INIT'. The builder asserts via checkState() that the state is REQ_OK, hence an exception. This is a regression, as JRE6 and prior versions called EncryptionKey.acquireSecretKeys() to obtain the keys in this case. REGRESSION. Last worked in version 6u26 STEPS TO FOLLOW TO REPRODUCE THE PROBLEM : See the executable test case below. Program should be run on a Windows machine that is joined to a domain. Replace 'REALM', 'KDC', 'DOMAIN_USER' and 'DOMAIN_USER_PWD' as appropriate before running EXPECTED VERSUS ACTUAL BEHAVIOR : EXPECTED - "Login succeeded" printed to console ACTUAL - "Login failed" printed to console. Exception stacktrace printed to strerr ERROR MESSAGES/STACK TRACES THAT OCCUR : javax.security.auth.login.LoginException: java.lang.IllegalStateException: Cannot get keys at REQ_OK state at sun.security.krb5.KrbAsReqBuilder.checkState(Unknown Source) at sun.security.krb5.KrbAsReqBuilder.getKeys(Unknown Source) at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Unknown Source) at com.sun.security.auth.module.Krb5LoginModule.login(Unknown Source) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at javax.security.auth.login.LoginContext.invoke(Unknown Source) at javax.security.auth.login.LoginContext.access$000(Unknown Source) at javax.security.auth.login.LoginContext$4.run(Unknown Source) at javax.security.auth.login.LoginContext$4.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokePriv(Unknown Source) at javax.security.auth.login.LoginContext.login(Unknown Source) at LoginModuleExample.main(LoginModuleExample.java:43) at javax.security.auth.login.LoginContext.invoke(Unknown Source) at javax.security.auth.login.LoginContext.access$000(Unknown Source) at javax.security.auth.login.LoginContext$4.run(Unknown Source) at javax.security.auth.login.LoginContext$4.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokePriv(Unknown Source) at javax.security.auth.login.LoginContext.login(Unknown Source) at LoginModuleExample.main(LoginModuleExample.java:43) REPRODUCIBILITY : This bug can be reproduced always. ---------- BEGIN SOURCE ---------- import java.util.HashMap; import java.util.Map; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.NameCallback; import javax.security.auth.callback.PasswordCallback; import javax.security.auth.login.AppConfigurationEntry; import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag; import javax.security.auth.login.Configuration; import javax.security.auth.login.LoginContext; import com.sun.security.auth.module.Krb5LoginModule; public class LoginModuleExample { // Replace with the realm and KDC of the Windows domain. private static final String REALM = "DEV-DEM.RECOMMIND.COM"; private static final String KDC = "AU-DEV-DC01.dev-dem.recommind.com"; // Replace with the username and password of any account on the // above domain. Account needs to be enabled and not locked out. private static final String DOMAIN_USER = "sgr"; private static final String DOMAIN_USER_PWD = "0rodriguez)"; private static final String EXAMPLE_SERVER_LOGIN = "example-server"; /** * @param args */ public static void main(String[] args) { System.setProperty("java.security.krb5.realm", REALM); System.setProperty("java.security.krb5.kdc", KDC); Configuration.setConfiguration(new CustomConfiguration()); try { CallbackHandler handler = getUsernamePasswordHandler(DOMAIN_USER, DOMAIN_USER_PWD); LoginContext loginContext = new LoginContext(EXAMPLE_SERVER_LOGIN, handler); loginContext.login(); System.out.println("Login succeeded"); } catch (Exception e) { System.out.println("Login failed"); e.printStackTrace(); } } private static CallbackHandler getUsernamePasswordHandler(final String username, final String password) { final CallbackHandler handler = new CallbackHandler() { public void handle(final Callback[] callback) { for (int i = 0; i < callback.length; i++) { if (callback[i] instanceof NameCallback) { final NameCallback nameCallback = (NameCallback) callback[i]; nameCallback.setName(username); } else if (callback[i] instanceof PasswordCallback) { final PasswordCallback passCallback = (PasswordCallback) callback[i]; passCallback.setPassword(password.toCharArray()); } } } }; return handler; } final static class CustomConfiguration extends Configuration { @Override public AppConfigurationEntry[] getAppConfigurationEntry(String name) { AppConfigurationEntry[] entries = new AppConfigurationEntry[0]; if (name.equals(EXAMPLE_SERVER_LOGIN)) { String krbModule = Krb5LoginModule.class.getName(); LoginModuleControlFlag flag = LoginModuleControlFlag.REQUIRED; Map options = new HashMap(); options.put("storeKey", "true"); options.put("useKeyTab", "false"); options.put("isInitiator", "false"); AppConfigurationEntry entry = new AppConfigurationEntry(krbModule, flag, options); entries = new AppConfigurationEntry[] { entry }; } return entries; } } } ---------- END SOURCE ---------- From Xuelei.Fan at Oracle.Com Fri Sep 16 05:45:18 2011 From: Xuelei.Fan at Oracle.Com (Xuelei Fan) Date: Fri, 16 Sep 2011 13:45:18 +0800 Subject: code review request: 7089889: Krb5LoginModule.login() throws an exception if used without a keytab In-Reply-To: <4E72C9D8.6070206@oracle.com> References: <4E72C9D8.6070206@oracle.com> Message-ID: My first impression about the fix: 1. Do you want to update getKeys() comments about isInitiator value? 2. It seems that when isInitiator is true, getKeys() should throw exception if the state is not OK, right? If so, it looks like that the update of getKeys() will not throw ISE if the state is INIT. Does INIT state is enough in such case? Xuelei On Sep 16, 2011, at 12:00 PM, Weijun Wang wrote: > Hi All > > Code changes at > > http://cr.openjdk.java.net/~weijun/7089889/webrev.00/ > > KrbAsReqBuilder maintains a state enforcement: at the beginning it's INIT, after doing an AS-REQ it's OK, and we used to only allow getKeys() to be called when the state is OK. Now if an acceptor has isInitiator=false, the OK state will never be reached. In most cases, an acceptor uses a keytab so getKeys() is not called. However, if it uses username/password (most likely in a peer-to-peer case and the acceptor chooses not to login), getKeys() is needed and an exception is thrown. > > This code change makes getKeys() callable at both INIT and OK states. In order to do this, the checkState() method now accepts varargs. > > I'll backport this to 7u2, and since 7u2 is now in phase 2, I think I need at least 2 reviewers. > > Thanks > Max > > -------- Original Message -------- > > *Change Request ID*: 7089889 > > *Synopsis*: Krb5LoginModule.login() throws an exception if used without a keytab > > > === *Description* ============================================================ > FULL PRODUCT VERSION : > java version "1.7.0" > Java(TM) SE Runtime Environment (build 1.7.0-b147) > Java HotSpot(TM) Client VM (build 21.0-b17, mixed mode, sharing) > > A DESCRIPTION OF THE PROBLEM : > The call to LoginContext.login() fails with an exception if the LoginContext is configured to use Krb5LoginModule with the following options: > > storeKey="true" > useKeyTab="false" > isInitiator="false" > > This appears to be a regression due to an attempt to solve bug '6941083'. > > The following source code is taken from Kb5LoginModule.attemptAuthentication(false): > > if (ktab == null) { > promptForPass(getPasswdFromSharedState); > builder = new KrbAsReqBuilder(principal, password); > if (isInitiator) { > // XXX Even if isInitiator=false, it might be > // better to do an AS-REQ so that keys can be > // updated with PA info > cred = builder.action().getCreds(); > } > if (storeKey) { > encKeys = builder.getKeys(); > // When encKeys is empty, the login actually fails. > // For compatibility, exception is thrown in commit(). > } > } > > This code path results builder.getGeys() being called while the builder's state is 'INIT'. > The builder asserts via checkState() that the state is REQ_OK, hence an exception. > > This is a regression, as JRE6 and prior versions called EncryptionKey.acquireSecretKeys() > to obtain the keys in this case. > > REGRESSION. Last worked in version 6u26 > > STEPS TO FOLLOW TO REPRODUCE THE PROBLEM : > See the executable test case below. Program should be run on a Windows machine that is joined to a domain. Replace 'REALM', 'KDC', 'DOMAIN_USER' and 'DOMAIN_USER_PWD' as appropriate before running > > EXPECTED VERSUS ACTUAL BEHAVIOR : > EXPECTED - > "Login succeeded" printed to console > ACTUAL - > "Login failed" printed to console. > Exception stacktrace printed to strerr > > ERROR MESSAGES/STACK TRACES THAT OCCUR : > javax.security.auth.login.LoginException: java.lang.IllegalStateException: Cannot get keys at REQ_OK state > at sun.security.krb5.KrbAsReqBuilder.checkState(Unknown Source) > at sun.security.krb5.KrbAsReqBuilder.getKeys(Unknown Source) > at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Unknown Source) > at com.sun.security.auth.module.Krb5LoginModule.login(Unknown Source) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) > at java.lang.reflect.Method.invoke(Unknown Source) > at javax.security.auth.login.LoginContext.invoke(Unknown Source) > at javax.security.auth.login.LoginContext.access$000(Unknown Source) > at javax.security.auth.login.LoginContext$4.run(Unknown Source) > at javax.security.auth.login.LoginContext$4.run(Unknown Source) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.login.LoginContext.invokePriv(Unknown Source) > at javax.security.auth.login.LoginContext.login(Unknown Source) > at LoginModuleExample.main(LoginModuleExample.java:43) > > at javax.security.auth.login.LoginContext.invoke(Unknown Source) > at javax.security.auth.login.LoginContext.access$000(Unknown Source) > at javax.security.auth.login.LoginContext$4.run(Unknown Source) > at javax.security.auth.login.LoginContext$4.run(Unknown Source) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.login.LoginContext.invokePriv(Unknown Source) > at javax.security.auth.login.LoginContext.login(Unknown Source) > at LoginModuleExample.main(LoginModuleExample.java:43) > > REPRODUCIBILITY : > This bug can be reproduced always. > > ---------- BEGIN SOURCE ---------- > import java.util.HashMap; > import java.util.Map; > > import javax.security.auth.callback.Callback; > import javax.security.auth.callback.CallbackHandler; > import javax.security.auth.callback.NameCallback; > import javax.security.auth.callback.PasswordCallback; > import javax.security.auth.login.AppConfigurationEntry; > import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag; > import javax.security.auth.login.Configuration; > import javax.security.auth.login.LoginContext; > > import com.sun.security.auth.module.Krb5LoginModule; > > public class LoginModuleExample { > > // Replace with the realm and KDC of the Windows domain. > private static final String REALM = "DEV-DEM.RECOMMIND.COM"; > private static final String KDC = "AU-DEV-DC01.dev-dem.recommind.com"; > > // Replace with the username and password of any account on the > // above domain. Account needs to be enabled and not locked out. > private static final String DOMAIN_USER = "sgr"; > private static final String DOMAIN_USER_PWD = "0rodriguez)"; > > private static final String EXAMPLE_SERVER_LOGIN = "example-server"; > > /** > * @param args > */ > public static void main(String[] args) { > > System.setProperty("java.security.krb5.realm", REALM); > System.setProperty("java.security.krb5.kdc", KDC); > > Configuration.setConfiguration(new CustomConfiguration()); > > try { > CallbackHandler handler = getUsernamePasswordHandler(DOMAIN_USER, DOMAIN_USER_PWD); > > LoginContext loginContext = new LoginContext(EXAMPLE_SERVER_LOGIN, handler); > > loginContext.login(); > > System.out.println("Login succeeded"); > } > catch (Exception e) { > > System.out.println("Login failed"); > e.printStackTrace(); > } > > } > > private static CallbackHandler getUsernamePasswordHandler(final String username, final String password) { > > final CallbackHandler handler = new CallbackHandler() { > > public void handle(final Callback[] callback) { > for (int i = 0; i < callback.length; i++) { > if (callback[i] instanceof NameCallback) { > final NameCallback nameCallback = (NameCallback) callback[i]; > nameCallback.setName(username); > } > else if (callback[i] instanceof PasswordCallback) { > final PasswordCallback passCallback = (PasswordCallback) callback[i]; > passCallback.setPassword(password.toCharArray()); > } > } > } > }; > > return handler; > } > > final static class CustomConfiguration extends Configuration { > > @Override > public AppConfigurationEntry[] getAppConfigurationEntry(String name) { > > AppConfigurationEntry[] entries = new AppConfigurationEntry[0]; > > if (name.equals(EXAMPLE_SERVER_LOGIN)) { > String krbModule = Krb5LoginModule.class.getName(); > LoginModuleControlFlag flag = LoginModuleControlFlag.REQUIRED; > Map options = new HashMap(); > > options.put("storeKey", "true"); > options.put("useKeyTab", "false"); > options.put("isInitiator", "false"); > > AppConfigurationEntry entry = new AppConfigurationEntry(krbModule, flag, options); > > entries = new AppConfigurationEntry[] { entry }; > } > > return entries; > } > } > } > > ---------- END SOURCE ---------- > > From weijun.wang at oracle.com Fri Sep 16 05:57:58 2011 From: weijun.wang at oracle.com (Weijun Wang) Date: Fri, 16 Sep 2011 13:57:58 +0800 Subject: code review request: 7089889: Krb5LoginModule.login() throws an exception if used without a keytab In-Reply-To: References: <4E72C9D8.6070206@oracle.com> Message-ID: <4E72E566.1080002@oracle.com> On 09/16/2011 01:45 PM, Xuelei Fan wrote: > My first impression about the fix: > 1. Do you want to update getKeys() comments about isInitiator value? OK. I'll simply remove the "(in JAAS words, isInitiator=true and storeKey=true)" line. > > 2. It seems that when isInitiator is true, getKeys() should throw exception if the state is not OK, right? If so, it looks like that the update of getKeys() will not throw ISE if the state is INIT. Does INIT state is enough in such case? The KrbAsReqBuilder class does not know about isInitiator so it cannot make any decision based on it. I'll leave that to its caller. When username/password is provided, getKeys() can be called as soon as the object is created, and it returns keys with default salt. If AS-REQ is performed and state goes OK and the method is called again, the salt might be updated in PA-DATA. Thanks Max > > Xuelei > > On Sep 16, 2011, at 12:00 PM, Weijun Wang wrote: > >> Hi All >> >> Code changes at >> >> http://cr.openjdk.java.net/~weijun/7089889/webrev.00/ >> >> KrbAsReqBuilder maintains a state enforcement: at the beginning it's INIT, after doing an AS-REQ it's OK, and we used to only allow getKeys() to be called when the state is OK. Now if an acceptor has isInitiator=false, the OK state will never be reached. In most cases, an acceptor uses a keytab so getKeys() is not called. However, if it uses username/password (most likely in a peer-to-peer case and the acceptor chooses not to login), getKeys() is needed and an exception is thrown. >> >> This code change makes getKeys() callable at both INIT and OK states. In order to do this, the checkState() method now accepts varargs. >> >> I'll backport this to 7u2, and since 7u2 is now in phase 2, I think I need at least 2 reviewers. >> >> Thanks >> Max >> >> -------- Original Message -------- >> >> *Change Request ID*: 7089889 >> >> *Synopsis*: Krb5LoginModule.login() throws an exception if used without a keytab >> >> >> === *Description* ============================================================ >> FULL PRODUCT VERSION : >> java version "1.7.0" >> Java(TM) SE Runtime Environment (build 1.7.0-b147) >> Java HotSpot(TM) Client VM (build 21.0-b17, mixed mode, sharing) >> >> A DESCRIPTION OF THE PROBLEM : >> The call to LoginContext.login() fails with an exception if the LoginContext is configured to use Krb5LoginModule with the following options: >> >> storeKey="true" >> useKeyTab="false" >> isInitiator="false" >> >> This appears to be a regression due to an attempt to solve bug '6941083'. >> >> The following source code is taken from Kb5LoginModule.attemptAuthentication(false): >> >> if (ktab == null) { >> promptForPass(getPasswdFromSharedState); >> builder = new KrbAsReqBuilder(principal, password); >> if (isInitiator) { >> // XXX Even if isInitiator=false, it might be >> // better to do an AS-REQ so that keys can be >> // updated with PA info >> cred = builder.action().getCreds(); >> } >> if (storeKey) { >> encKeys = builder.getKeys(); >> // When encKeys is empty, the login actually fails. >> // For compatibility, exception is thrown in commit(). >> } >> } >> >> This code path results builder.getGeys() being called while the builder's state is 'INIT'. >> The builder asserts via checkState() that the state is REQ_OK, hence an exception. >> >> This is a regression, as JRE6 and prior versions called EncryptionKey.acquireSecretKeys() >> to obtain the keys in this case. >> >> REGRESSION. Last worked in version 6u26 >> >> STEPS TO FOLLOW TO REPRODUCE THE PROBLEM : >> See the executable test case below. Program should be run on a Windows machine that is joined to a domain. Replace 'REALM', 'KDC', 'DOMAIN_USER' and 'DOMAIN_USER_PWD' as appropriate before running >> >> EXPECTED VERSUS ACTUAL BEHAVIOR : >> EXPECTED - >> "Login succeeded" printed to console >> ACTUAL - >> "Login failed" printed to console. >> Exception stacktrace printed to strerr >> >> ERROR MESSAGES/STACK TRACES THAT OCCUR : >> javax.security.auth.login.LoginException: java.lang.IllegalStateException: Cannot get keys at REQ_OK state >> at sun.security.krb5.KrbAsReqBuilder.checkState(Unknown Source) >> at sun.security.krb5.KrbAsReqBuilder.getKeys(Unknown Source) >> at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Unknown Source) >> at com.sun.security.auth.module.Krb5LoginModule.login(Unknown Source) >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) >> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) >> at java.lang.reflect.Method.invoke(Unknown Source) >> at javax.security.auth.login.LoginContext.invoke(Unknown Source) >> at javax.security.auth.login.LoginContext.access$000(Unknown Source) >> at javax.security.auth.login.LoginContext$4.run(Unknown Source) >> at javax.security.auth.login.LoginContext$4.run(Unknown Source) >> at java.security.AccessController.doPrivileged(Native Method) >> at javax.security.auth.login.LoginContext.invokePriv(Unknown Source) >> at javax.security.auth.login.LoginContext.login(Unknown Source) >> at LoginModuleExample.main(LoginModuleExample.java:43) >> >> at javax.security.auth.login.LoginContext.invoke(Unknown Source) >> at javax.security.auth.login.LoginContext.access$000(Unknown Source) >> at javax.security.auth.login.LoginContext$4.run(Unknown Source) >> at javax.security.auth.login.LoginContext$4.run(Unknown Source) >> at java.security.AccessController.doPrivileged(Native Method) >> at javax.security.auth.login.LoginContext.invokePriv(Unknown Source) >> at javax.security.auth.login.LoginContext.login(Unknown Source) >> at LoginModuleExample.main(LoginModuleExample.java:43) >> >> REPRODUCIBILITY : >> This bug can be reproduced always. >> >> ---------- BEGIN SOURCE ---------- >> import java.util.HashMap; >> import java.util.Map; >> >> import javax.security.auth.callback.Callback; >> import javax.security.auth.callback.CallbackHandler; >> import javax.security.auth.callback.NameCallback; >> import javax.security.auth.callback.PasswordCallback; >> import javax.security.auth.login.AppConfigurationEntry; >> import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag; >> import javax.security.auth.login.Configuration; >> import javax.security.auth.login.LoginContext; >> >> import com.sun.security.auth.module.Krb5LoginModule; >> >> public class LoginModuleExample { >> >> // Replace with the realm and KDC of the Windows domain. >> private static final String REALM = "DEV-DEM.RECOMMIND.COM"; >> private static final String KDC = "AU-DEV-DC01.dev-dem.recommind.com"; >> >> // Replace with the username and password of any account on the >> // above domain. Account needs to be enabled and not locked out. >> private static final String DOMAIN_USER = "sgr"; >> private static final String DOMAIN_USER_PWD = "0rodriguez)"; >> >> private static final String EXAMPLE_SERVER_LOGIN = "example-server"; >> >> /** >> * @param args >> */ >> public static void main(String[] args) { >> >> System.setProperty("java.security.krb5.realm", REALM); >> System.setProperty("java.security.krb5.kdc", KDC); >> >> Configuration.setConfiguration(new CustomConfiguration()); >> >> try { >> CallbackHandler handler = getUsernamePasswordHandler(DOMAIN_USER, DOMAIN_USER_PWD); >> >> LoginContext loginContext = new LoginContext(EXAMPLE_SERVER_LOGIN, handler); >> >> loginContext.login(); >> >> System.out.println("Login succeeded"); >> } >> catch (Exception e) { >> >> System.out.println("Login failed"); >> e.printStackTrace(); >> } >> >> } >> >> private static CallbackHandler getUsernamePasswordHandler(final String username, final String password) { >> >> final CallbackHandler handler = new CallbackHandler() { >> >> public void handle(final Callback[] callback) { >> for (int i = 0; i< callback.length; i++) { >> if (callback[i] instanceof NameCallback) { >> final NameCallback nameCallback = (NameCallback) callback[i]; >> nameCallback.setName(username); >> } >> else if (callback[i] instanceof PasswordCallback) { >> final PasswordCallback passCallback = (PasswordCallback) callback[i]; >> passCallback.setPassword(password.toCharArray()); >> } >> } >> } >> }; >> >> return handler; >> } >> >> final static class CustomConfiguration extends Configuration { >> >> @Override >> public AppConfigurationEntry[] getAppConfigurationEntry(String name) { >> >> AppConfigurationEntry[] entries = new AppConfigurationEntry[0]; >> >> if (name.equals(EXAMPLE_SERVER_LOGIN)) { >> String krbModule = Krb5LoginModule.class.getName(); >> LoginModuleControlFlag flag = LoginModuleControlFlag.REQUIRED; >> Map options = new HashMap(); >> >> options.put("storeKey", "true"); >> options.put("useKeyTab", "false"); >> options.put("isInitiator", "false"); >> >> AppConfigurationEntry entry = new AppConfigurationEntry(krbModule, flag, options); >> >> entries = new AppConfigurationEntry[] { entry }; >> } >> >> return entries; >> } >> } >> } >> >> ---------- END SOURCE ---------- >> >> From weijun.wang at oracle.com Fri Sep 16 06:32:32 2011 From: weijun.wang at oracle.com (Weijun Wang) Date: Fri, 16 Sep 2011 14:32:32 +0800 Subject: AVA.toString() result depends on debug flag Message-ID: <4E72ED80.9020106@oracle.com> In sun.security.x509.AVA, there are 3 places where } else if (debug != null && Debug.isOn("ava")) { is checked. If it's true, string representations of an AVA object uses \HEX dump for non-printable characters. This is nice for debugging purposes, but the output of a method depending on a debug flag is really not a good idea. The logic was introduced by Charlie in fix for 4505980. I suggest we always use \HEX. Thanks Max From maurizio.cimadamore at oracle.com Fri Sep 16 13:17:43 2011 From: maurizio.cimadamore at oracle.com (maurizio.cimadamore at oracle.com) Date: Fri, 16 Sep 2011 13:17:43 +0000 Subject: hg: jdk8/tl/langtools: 7086586: Inference producing null type argument Message-ID: <20110916131747.133E54772D@hg.openjdk.java.net> Changeset: c0835c8489b0 Author: mcimadamore Date: 2011-09-16 14:16 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/c0835c8489b0 7086586: Inference producing null type argument Summary: Inference should fail in 15.12.2.7 when inference variables with 'nulltype' upper bounds are found Reviewed-by: dlsmith ! src/share/classes/com/sun/tools/javac/code/Types.java ! test/tools/javac/Diagnostics/6862608/T6862608a.out ! test/tools/javac/generics/inference/6638712/T6638712a.out + test/tools/javac/generics/inference/7086586/T7086586.java + test/tools/javac/generics/inference/7086586/T7086586.out + test/tools/javac/generics/inference/7086586/T7086586b.java From chris.hegarty at oracle.com Fri Sep 16 22:00:12 2011 From: chris.hegarty at oracle.com (chris.hegarty at oracle.com) Date: Fri, 16 Sep 2011 22:00:12 +0000 Subject: hg: jdk8/tl/jdk: 7090158: Networking Libraries don't build with javac -Werror Message-ID: <20110916220036.C9FC247748@hg.openjdk.java.net> Changeset: 75d763111eec Author: chegar Date: 2011-09-16 12:09 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/75d763111eec 7090158: Networking Libraries don't build with javac -Werror Summary: Minor changes to networking java files to remove warnings Reviewed-by: chegar, weijun, hawtin Contributed-by: kurchi.subhra.hazra at oracle.com, sasha_bu at hotmail.com ! make/com/sun/net/httpserver/Makefile ! make/com/sun/net/ssl/Makefile ! make/java/net/Makefile ! make/javax/Makefile ! make/javax/others/Makefile ! make/sun/net/Makefile ! make/sun/net/spi/Makefile ! make/sun/net/spi/nameservice/dns/Makefile ! src/share/classes/com/sun/net/httpserver/BasicAuthenticator.java ! src/share/classes/com/sun/net/httpserver/Headers.java ! src/share/classes/com/sun/net/httpserver/spi/HttpServerProvider.java ! src/share/classes/com/sun/net/ssl/SSLSecurity.java ! src/share/classes/com/sun/net/ssl/internal/www/protocol/https/DelegateHttpsURLConnection.java ! src/share/classes/java/net/AbstractPlainDatagramSocketImpl.java ! src/share/classes/java/net/ContentHandler.java ! src/share/classes/java/net/CookieManager.java ! src/share/classes/java/net/DatagramSocket.java ! src/share/classes/java/net/HttpURLConnection.java ! src/share/classes/java/net/Inet4Address.java ! src/share/classes/java/net/Inet4AddressImpl.java ! src/share/classes/java/net/Inet6Address.java ! src/share/classes/java/net/Inet6AddressImpl.java ! src/share/classes/java/net/MulticastSocket.java ! src/share/classes/java/net/Proxy.java ! src/share/classes/java/net/ProxySelector.java ! src/share/classes/java/net/Socket.java ! src/share/classes/java/net/SocketPermission.java ! src/share/classes/java/net/URL.java ! src/share/classes/java/net/URLClassLoader.java ! src/share/classes/java/net/URLConnection.java ! src/share/classes/javax/net/ssl/SSLServerSocketFactory.java ! src/share/classes/javax/net/ssl/SSLSocketFactory.java ! src/share/classes/sun/misc/REException.java ! src/share/classes/sun/net/TransferProtocolClient.java ! src/share/classes/sun/net/ftp/FtpClientProvider.java ! src/share/classes/sun/net/httpserver/Request.java ! src/share/classes/sun/net/httpserver/SSLStreams.java ! src/share/classes/sun/net/httpserver/ServerImpl.java ! src/share/classes/sun/net/idn/UCharacterEnums.java ! src/share/classes/sun/net/spi/nameservice/dns/DNSNameService.java ! src/share/classes/sun/net/www/HeaderParser.java ! src/share/classes/sun/net/www/MessageHeader.java ! src/share/classes/sun/net/www/MimeTable.java ! src/share/classes/sun/net/www/URLConnection.java ! src/share/classes/sun/net/www/content/image/gif.java ! src/share/classes/sun/net/www/content/image/jpeg.java ! src/share/classes/sun/net/www/content/image/png.java ! src/share/classes/sun/net/www/content/image/x_xbitmap.java ! src/share/classes/sun/net/www/content/image/x_xpixmap.java ! src/share/classes/sun/net/www/http/KeepAliveStream.java ! src/share/classes/sun/net/www/protocol/gopher/GopherClient.java ! src/share/classes/sun/net/www/protocol/http/AuthCacheImpl.java ! src/share/classes/sun/net/www/protocol/http/AuthenticationHeader.java ! src/share/classes/sun/net/www/protocol/http/HttpURLConnection.java ! src/share/classes/sun/net/www/protocol/http/Negotiator.java ! src/share/classes/sun/net/www/protocol/https/AbstractDelegateHttpsURLConnection.java ! src/share/classes/sun/net/www/protocol/https/HttpsClient.java ! src/share/classes/sun/net/www/protocol/mailto/Handler.java ! src/solaris/classes/java/net/DefaultDatagramSocketImplFactory.java ! src/solaris/classes/java/net/PlainDatagramSocketImpl.java ! src/solaris/classes/sun/net/dns/ResolverConfigurationImpl.java ! src/windows/classes/java/net/DefaultDatagramSocketImplFactory.java ! src/windows/classes/java/net/DualStackPlainDatagramSocketImpl.java ! src/windows/classes/java/net/TwoStacksPlainDatagramSocketImpl.java ! src/windows/classes/sun/net/dns/ResolverConfigurationImpl.java ! src/windows/classes/sun/net/www/protocol/jar/JarFileFactory.java From kurchi.subhra.hazra at oracle.com Fri Sep 16 22:34:10 2011 From: kurchi.subhra.hazra at oracle.com (Kurchi Hazra) Date: Fri, 16 Sep 2011 15:34:10 -0700 Subject: Code review request: 7088502 Security libraries don't build with javac -Werror Message-ID: <4E73CEE2.1010507@oracle.com> Hi Sean, Can you please review these changes? Summary: * Small changes to Java files in src/share/classes/com/sun/org/apache/xml/internal/security and its subpackages to remove build warnings. * Small changes to relevant makefiles to prevent reintroduction of removed warnings. webrev: http://cr.openjdk.java.net/~sherman/kurchi/7088502/webrev/ Bug description: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7088502 Thanks, Kurchi From jonathan.gibbons at oracle.com Fri Sep 16 23:20:22 2011 From: jonathan.gibbons at oracle.com (jonathan.gibbons at oracle.com) Date: Fri, 16 Sep 2011 23:20:22 +0000 Subject: hg: jdk8/tl/langtools: 7091528: javadoc attempts to parse .class files Message-ID: <20110916232027.16F6B4774C@hg.openjdk.java.net> Changeset: dea82aa3ca4f Author: jjg Date: 2011-09-16 16:18 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/dea82aa3ca4f 7091528: javadoc attempts to parse .class files Reviewed-by: darcy ! src/share/classes/com/sun/tools/javadoc/JavadocTool.java + test/tools/javadoc/parser/7091528/T7091528.java + test/tools/javadoc/parser/7091528/p/C1.java + test/tools/javadoc/parser/7091528/p/q/C2.java From sebastian.sickelmann at gmx.de Sat Sep 17 19:09:17 2011 From: sebastian.sickelmann at gmx.de (Sebastian Sickelmann) Date: Sat, 17 Sep 2011 21:09:17 +0200 Subject: 7081804: Remove cause field from javax.xml.crypto.NoSuchMechnismException In-Reply-To: <4E6A13A2.2020503@gmx.de> References: <4E525386.9000207@gmx.de> <4E52758D.2020208@oracle.com> <4E5E8AE3.3070402@gmx.de> <4E5FE753.2010705@oracle.com> <4E606D1D.6050509@gmx.de> <4E613565.1080801@oracle.com> <4E625E14.9060101@gmx.de> <4E67AF3D.2090609@oracle.com> <4E68FFBD.2030601@gmx.de> <4E6A13A2.2020503@gmx.de> Message-ID: <4E74F05D.7090806@gmx.de> Am 09.09.2011 15:24, schrieb Sebastian Sickelmann: > Am 08.09.2011 19:47, schrieb Sebastian Sickelmann: >> Am 07.09.2011 19:51, schrieb Sean Mullan: >>> On 9/3/11 1:04 PM, Sebastian Sickelmann wrote: >>>> Am 02.09.2011 21:58, schrieb Sean Mullan: >>>>> On 9/2/11 1:43 AM, Sebastian Sickelmann wrote: >>>>>>>> Here is the updated webrev: >>>>>>>> http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_0/ >>>>>>>> >>>>>>> Hmm, the main problem I have with this change is that the >>>>>>> printStackTrace >>>>>>> methods will no longer print the stack trace of the cause >>>>>>> because it will always >>>>>>> be null. That doesn't seem right to me, as it could be >>>>>>> considered an >>>>>>> incompatible change, and it will make it harder to debug issues. >>>>>> The printStackTrace in Throwable calls the overridden getCause(). >>>>>> Maybe we should add @Override to it. >>>>>> Updated the webrev to: >>>>>> http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_1/ >>>>>> >>>>> In that case, my main concern is addressed then. I would probably >>>>> want someone >>>>> from our TCK team to also review it with respect to JSR 105 >>>>> compatibility, so >>>>> I'll see if I can find someone. >>>> Fine, that would be good. >>>>> But first, can you expand your webrev to include the other >>>>> Exception classes in >>>>> javax.xml.crypto.**? >>>> The new webrev is here: >>>> http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_2/ >>> In some classes the initCause comment is misspelled as initCaus. >>> What about a >>> test case, for example testing to make sure initCause throws an >>> exception? Can >>> you write one? >> While creating an test(suggested code below) for this, i thought a >> little bit about if it is really good to change the behavoir of the >> ctors without a cause (defaultctor, ctor with message). >> What is the best behavoir (see DEFAULT and MESSAGE_ONLY cases below) >> . Should in the cases DEFAULT and MESSAGE_ONLY the cause mutable? I >> actually think this would the better solution, cause it is what the >> users can actually do with the exceptions in javax/xml/crypto. Or >> should the test check on imutability in all cases? >> >>> Also, I have asked someone from the TCK team to look at this and he >>> said he will >>> do that by Friday. It might require a CCC change because the >>> behavior of >>> initCause is different. I am hoping it doesn't require a JSR 105 >>> maintenance >>> revision though. >>> >>> --Sean >> >> >> > i have updated the webrev [0]. > But i think that L69 and L72 of the test should be changed to > checkMutable and the implementation of the exceptions accordantly. > > [0] http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_3 > > -- Sebastian Any comments / progress on this? -- Sebastian From alan.bateman at oracle.com Sun Sep 18 11:34:53 2011 From: alan.bateman at oracle.com (alan.bateman at oracle.com) Date: Sun, 18 Sep 2011 11:34:53 +0000 Subject: hg: jdk8/tl/jdk: 7091935: (fs) Polling based WatchService not used on Linux Message-ID: <20110918113517.49A1947797@hg.openjdk.java.net> Changeset: ccf2a19d7d87 Author: alanb Date: 2011-09-18 12:33 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/ccf2a19d7d87 7091935: (fs) Polling based WatchService not used on Linux Reviewed-by: forax ! make/java/nio/Makefile From joe.darcy at oracle.com Mon Sep 19 01:14:26 2011 From: joe.darcy at oracle.com (joe.darcy at oracle.com) Date: Mon, 19 Sep 2011 01:14:26 +0000 Subject: hg: jdk8/tl/jdk: 7091682: Move sun.misc.FpUtils code into java.lang.Math Message-ID: <20110919011436.85925477B7@hg.openjdk.java.net> Changeset: 418628a08ae7 Author: darcy Date: 2011-09-18 18:14 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/418628a08ae7 7091682: Move sun.misc.FpUtils code into java.lang.Math Reviewed-by: alanb ! src/share/classes/java/lang/Double.java ! src/share/classes/java/lang/Float.java ! src/share/classes/java/lang/Math.java ! src/share/classes/java/lang/StrictMath.java ! src/share/classes/java/util/Formatter.java ! src/share/classes/sun/misc/FloatingDecimal.java ! src/share/classes/sun/misc/FormattedFloatingDecimal.java ! src/share/classes/sun/misc/FpUtils.java ! test/java/lang/Double/ToHexString.java ! test/java/lang/Math/CubeRootTests.java ! test/java/lang/Math/Expm1Tests.java ! test/java/lang/Math/HyperbolicTests.java ! test/java/lang/Math/HypotTests.java ! test/java/lang/Math/IeeeRecommendedTests.java ! test/java/lang/Math/Log10Tests.java ! test/java/lang/Math/Log1pTests.java ! test/java/lang/Math/Rint.java From michael.x.mcmahon at oracle.com Mon Sep 19 14:21:04 2011 From: michael.x.mcmahon at oracle.com (michael.x.mcmahon at oracle.com) Date: Mon, 19 Sep 2011 14:21:04 +0000 Subject: hg: jdk8/tl/jdk: 7091369: DatagramSocket/Limit.java failing on 8 and 7u2 Message-ID: <20110919142127.74370477D3@hg.openjdk.java.net> Changeset: e3d78fe803d4 Author: michaelm Date: 2011-09-19 15:14 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/e3d78fe803d4 7091369: DatagramSocket/Limit.java failing on 8 and 7u2 Reviewed-by: chegar, alanb ! src/windows/classes/java/net/TwoStacksPlainDatagramSocketImpl.java From sean.mullan at oracle.com Mon Sep 19 15:19:31 2011 From: sean.mullan at oracle.com (Sean Mullan) Date: Mon, 19 Sep 2011 11:19:31 -0400 Subject: AVA.toString() result depends on debug flag In-Reply-To: <4E72ED80.9020106@oracle.com> References: <4E72ED80.9020106@oracle.com> Message-ID: <4E775D83.50607@oracle.com> On 09/16/2011 02:32 AM, Weijun Wang wrote: > In sun.security.x509.AVA, there are 3 places where > > } else if (debug != null && Debug.isOn("ava")) { > > is checked. If it's true, string representations of an AVA object uses > \HEX dump for non-printable characters. This is nice for debugging > purposes, but the output of a method depending on a debug flag is really > not a good idea. > > The logic was introduced by Charlie in fix for 4505980. > > I suggest we always use \HEX. Unless I'm misunderstanding, we should not do that, as this would change the format of characters in UTF8 DN Strings returned by X500Principal.getName and could cause compatibility issues. Any character not a DerValue.isPrintableStringChar would be emitted as hex instead of UTF8. --Sean From dennis.gu at oracle.com Fri Sep 16 14:35:40 2011 From: dennis.gu at oracle.com (Dennis Gu) Date: Fri, 16 Sep 2011 14:35:40 -0000 Subject: Enhance toString() to return structured info, for certificate and probably more In-Reply-To: <4E55B66C.4020008@oracle.com> References: <4E55B66C.4020008@oracle.com> Message-ID: <4E565992.6080301@oracle.com> Hi Max: In Java plugin, we display the detail information of certificate in both Java Control panel and certificate dialog box from security warning, we also extract entension from certificate to make sure they are valid to use. Currently we are parsing the X509Certificate object to extract all the detail information of certificate, the fields of certificate we need to display are match to IE browser certificate information. Yes, it would be helpful to provide a API/Object for deployment code to retrieve those information. Dennis Weijun Wang wrote: > Hi All > > I was talking with Xuelei on how to better display certificate info. > There are 3 cases we can currently think of: > > 1. debug output > 2. keytool/jarsigner output > 3. Java plugin display > > The 1st one is the most primitive one and can be a single string, the > 2nd is also a string but have some format and needs to localized, the > third is a series of Swing controls. > > But the contents of all 3 are the same, and hopefully can be provided > in a single method. Each consumer can just display it in its own > style, with no need to understand Certificate fields, OIDs, etc. It's > just like XSLT transformation of XML files. > > So what shall I do? Let toString() outputs a long string in XML or JSON? > > Or, create a new method describe() or toDescription() that returns a > UnmodifiableMap (based on a LinkedHashMap to preserve order)? > > I prefer the latter because there is no need to parse the output, and > at least in the case of certificate, since a certificate contains > extensions, it's very easy to stuff several maps inside another one. > The map's keys are strings, and values can be another map or a simple > data object, say, primitive, string, or Date. > > So this needs a new interface Descriptable. It can either be: > > interface sun.security.util.Descriptable; > sun.security.x509.X509CertImpl implements Descriptable; > sun.security.x509.Extension implements Descriptable; > > or > > interface java.security.Descriptable; > java.security.cert.X509Certificate implements Descriptable; > java.security.cert.Extension implements Descriptable; > > or if there are other people find it useful, it can be inside the > java.util package. > > What's your ideas? Do you also need such a method? > > Thanks > Max From pcj at roundroom.net Fri Sep 16 14:35:43 2011 From: pcj at roundroom.net (Peter Jones) Date: Fri, 16 Sep 2011 14:35:43 -0000 Subject: Request for review Remove "private" cause in jdk exceptions In-Reply-To: <4E56E235.6010307@gmx.de> References: <4E525386.9000207@gmx.de> <4E52758D.2020208@oracle.com> <4E56C6CC.7010305@gmx.de> <4E56CB90.60508@gmx.de> <4E56E235.6010307@gmx.de> Message-ID: On Aug 25, 2011, at 8:00 PM, Sebastian Sickelmann wrote: > Am 26.08.2011 00:24, schrieb Sebastian Sickelmann: >> Am 26.08.2011 00:03, schrieb Sebastian Sickelmann: >>> I have found more places in jdk source where an Exception has a private cause field. >>> >>> share/classes/javax/management/remote/JMXProviderException.java: private Throwable cause = null; >>> share/classes/javax/xml/crypto/KeySelectorException.java: private Throwable cause; >>> share/classes/javax/xml/crypto/NoSuchMechanismException.java: private Throwable cause; >>> share/classes/javax/xml/crypto/MarshalException.java: private Throwable cause; >>> share/classes/javax/xml/crypto/dsig/XMLSignatureException.java: private Throwable cause; >>> share/classes/javax/xml/crypto/dsig/TransformException.java: private Throwable cause; >>> share/classes/javax/xml/crypto/URIReferenceException.java: private Throwable cause; >>> >>> 7081804 handles NoSuchMechanismException. >>> Is there a way to expand it to at least the xml/crypto/**/* Exceptions? >>> JMXProviderException should be fine too. >>> >>> I would create a CR for the changes to me made to change and test this. >>> Would it be good to have some utility-code in Throwable to don't introduce to much code-duplication? >>> >>> -- Sebastian >> After a very quick analysis i think i found more candidates for removing private causes. >> share/classes/javax/security/sasl/SaslException.java: private Throwable _exception; >> share/classes/java/lang/reflect/UndeclaredThrowableException.java: private Throwable undeclaredThrowable; >> share/classes/java/lang/reflect/InvocationTargetException.java: private Throwable target; >> share/classes/java/lang/ClassNotFoundException.java: private Throwable ex; >> share/classes/com/sun/java/browser/dom/DOMAccessException.java: private Throwable ex; >> share/classes/com/sun/java/browser/dom/DOMUnsupportedException.java: private Throwable ex; >> share/classes/javax/naming/NamingException.java: protected Throwable rootException = null; >> share/classes/java/rmi/RemoteException.java: public Throwable detail; >> share/classes/java/rmi/activation/ActivationException.java: public Throwable detail; >> >> Some of them need deeper inspection. Some of them are the same as the above noted Exceptions in xml/crypto package. >> >> - Sebastian > OK. Webrev is there: http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/REBASED_ON_8018d541a7b2_2/ > > Can someone review this? Sebastian, Public fields like RemoteException.detail, ill-advised as they may have been, cannot be removed (would break binary compatibility). This change proposes additions to the public API (subclass interface) of java.lang.Throwable, which would need additional approval process. Without getting into detailed design critique, the proposed protected methods seem to add subtle complexity to the subclass interface of this central class, which leads me to: Is there a particular problem that these changes are attempting to address? Many of these exception classes had cause-like fields prior to the addition of Throwable.cause in 1.4, and as described in their class docs, for 1.4 they were each retrofitted, with some care, to work well with the general cause APIs added to Throwable. (Also see the doc for Throwable.getCause, which describes how subclasses can override it to take responsibility for their causes.) These changes seem to be about implementing an alternate approach to that retrofitting, with considerably higher complexity (serialized form compatibility code) and risk, and I don't understand why-- I don't see a motivation discussed earlier on core-libs-dev? Cheers, -- Peter From sean.mullan at oracle.com Mon Sep 19 19:23:58 2011 From: sean.mullan at oracle.com (Sean Mullan) Date: Mon, 19 Sep 2011 15:23:58 -0400 Subject: Code review request: 7088502 Security libraries don't build with javac -Werror In-Reply-To: <4E73CEE2.1010507@oracle.com> References: <4E73CEE2.1010507@oracle.com> Message-ID: <4E7796CE.2070307@oracle.com> On 09/16/2011 06:34 PM, Kurchi Hazra wrote: > Hi Sean, > > Can you please review these changes? > > Summary: * Small changes to Java files in > src/share/classes/com/sun/org/apache/xml/internal/security and its > subpackages to remove build warnings. > * Small changes to relevant makefiles to prevent reintroduction of > removed warnings. > > webrev: http://cr.openjdk.java.net/~sherman/kurchi/7088502/webrev/ > Bug description: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7088502 My comments follow, line numbers are in []. make/com/sun/crypto/provider/Makefile make/java/security/Makefile make/javax/others/Makefile src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/X509SKIResolver.java There are no diffs for these files. * HelperNodeList.java [37] This declaration (using supertype) is preferable: List nodes = new ArrayList(); * X509IssuerSerialResolver.java I don't think any changes are necessary to this file. * TransformXSLT.java [66, 122-3] Can you remove line 66, and replace 122-3 with: tFactory.setFeature("http://javax.xml.XMLConstants/feature/secure-processing", Boolean.TRUE); * MessageDigestAlgorithm.java [74-5] This is preferable: static ThreadLocal> instances=new ThreadLocal>() { protected Map ... * ElementProxy.java [497-8] This is preferable: static Map _prefixMappings = new HashMap(); static Map _prefixMappingsBindings = new HashMap(); Also, avoid using the diamond operator above since the Apache impl. still supports JDK 1.5+ and will make future integrations more difficult. * InclusiveNamespaces.java [85-88] Replace this with a for each block: for (String prefix : prefixList) { * Canonicalizer.java [87] Declare as Map instead of HashMap. Also, I think this should be: static Map> _canonicalizerHash; Similar changes should be made to the other Class declarations. And line 155 can then be changed to: this.canonicalizerSpi = implementingClass.newInstance(); * Transform.java [68-9] Can you declare the types as Maps (instead of HashMaps)? [234] Change to Class registeredClass = getImplementingClass(algorithmURI); Also change Class types of line 334 and 345 to be consistent. * IdResolver.java [55-6] Change to: private static Map>> docMap = new WeakHashMap>>(); [74, 160] Change WeakHashMap to Map. * Manifest.java [72] Change to Map * TransformXPath2Filter.java [175-6, 289-90] change to for/each loop * XMLUtils.java [325-7} change to for/each loop * Canonicalizer20010315.java [209,314] I'm curious about these changes. Instead of adding a new method getSortedSetAsCollection and then suppressing the warnings for that, it seems like it would be sufficient to just suppress the warnings in this code, ex: @SuppressWarnings("unchecked") ... ns.getUnrenderedNodes(result); * SignatureAlgorithm.java [130, 399, 434] change type to Class [273, 332] Change type to Map * KeyInfo.java [103-5] Try changing this to: private static final List nullList; static { List list = new ArrayList(1); Then I think you can remove the @SuppressWarnings("unchecked") on line 1051. * KeyResolver.java [116-8, 159-62] change to for/each loop * Canonicalizer11.java [256] same comment as Canonicalizer20010315.java --Sean From weijun.wang at oracle.com Tue Sep 20 03:57:27 2011 From: weijun.wang at oracle.com (Weijun Wang) Date: Tue, 20 Sep 2011 11:57:27 +0800 Subject: code review request: 7091290: fails to build jdk8 b05 Embedded build Message-ID: <4E780F27.2080307@oracle.com> Code change http://cr.openjdk.java.net/~weijun/7091290/webrev.00/ Normally, Oid.java is compiled when compiling SSL (sun/security/ssl) and deprecation warning is not treated as error there. In some increment builds, it might be compiled along with jgss codes, where deprecated warning is an error. No regression tests, build issue. How to verify: after JDK is built, remove files in classes/org/ietf/jgss/ and classes/sun/security/jgss/, go into make/sun/security and call make. Thanks Max -------- Original Message -------- *Change Request ID*: 7091290 *Synopsis*: fails to build jdk8 b05 Embedded build === *Description* ============================================================ # Running javac: /java/re/jdk/1.7.0/archive/fcs/binaries/linux-i586/bin/java -XX:-PrintVMOptions -XX:+UnlockDiagnosticVMOptions -XX:-LogVMOutput -client -Xmx512m -Xms512m -XX:PermSize=32m -XX:MaxPermSize=160m -Xbootclasspath/p:/HUDSON/workspace/embedded-jdk7/ws/builds/b05/linux-i586-ea/langtools/dist/bootstrap/lib/javac.jar -jar /HUDSON/workspace/embedded-jdk7/ws/builds/b05/linux-i586-ea/langtools/dist/bootstrap/lib/javac.jar -Werror -Xlint:all -Xlint:-path -source 7 -target 7 -encoding ascii -Xbootclasspath:/HUDSON/workspace/embedded-jdk7/ws/builds/b05/linux-i586-ea/classes -sourcepath ../../../../src/closed/solaris/classes:../../../../src/closed/share/classes:/HUDSON/workspace/embedded-jdk7/ws/builds/b05/linux-i586-ea/gensrc:../../../../src/solaris/classes:../../../../src/share/classes -d /HUDSON/workspace/embedded-jdk7/ws/builds/b05/linux-i586-ea/classes @/HUDSON/workspace/embedded-jdk7/ws/builds/b05/linux-i586-ea/tmp/sun/sun.security.jgss/.classes.list.filtered ../../../../src/share/classes/org/ietf/jgss/Oid.java:160: warning: [deprecation] equals(ObjectIdentifier) in ObjectIdentifier has been deprecated return this.oid.equals(((Oid) other).oid); ^ error: warnings found and -Werror specified 1 error 1 warning make[5]: *** [.compile.classlist] Error 1 make[5]: Leaving directory `/HUDSON/workspace/embedded-jdk7/ws/jdk/make/sun/security/jgss' make[4]: *** [all] Error 1 make[4]: Leaving directory `/HUDSON/workspace/embedded-jdk7/ws/jdk/make/sun/security' make[3]: *** [all] Error 1 make[3]: Leaving directory `/HUDSON/workspace/embedded-jdk7/ws/jdk/make/sun' make[2]: *** [all] Error 1 make[2]: Leaving directory `/HUDSON/workspace/embedded-jdk7/ws/jdk/make' make[1]: *** [jdk-build] Error 2 make[1]: Leaving directory `/HUDSON/workspace/embedded-jdk7/ws' make: *** [build_product_image] Error 2 Notifying upstream projects of job completion Finished: FAILURE From Xuelei.Fan at Oracle.Com Tue Sep 20 04:26:41 2011 From: Xuelei.Fan at Oracle.Com (Xuelei Fan) Date: Tue, 20 Sep 2011 12:26:41 +0800 Subject: code review request: 7091290: fails to build jdk8 b05 Embedded build In-Reply-To: <4E780F27.2080307@oracle.com> References: <4E780F27.2080307@oracle.com> Message-ID: <5D3923DA-E0DE-4265-958A-370994137E33@Oracle.Com> Looks fine to me. Xuelei On Sep 20, 2011, at 11:57 AM, Weijun Wang wrote: > Code change > > http://cr.openjdk.java.net/~weijun/7091290/webrev.00/ > > Normally, Oid.java is compiled when compiling SSL (sun/security/ssl) and deprecation warning is not treated as error there. In some increment builds, it might be compiled along with jgss codes, where deprecated warning is an error. > > No regression tests, build issue. > > How to verify: after JDK is built, remove files in classes/org/ietf/jgss/ and classes/sun/security/jgss/, go into make/sun/security and call make. > > Thanks > Max > > -------- Original Message -------- > *Change Request ID*: 7091290 > *Synopsis*: fails to build jdk8 b05 Embedded build > > > === *Description* ============================================================ > # Running javac: > /java/re/jdk/1.7.0/archive/fcs/binaries/linux-i586/bin/java -XX:-PrintVMOptions -XX:+UnlockDiagnosticVMOptions -XX:-LogVMOutput -client -Xmx512m -Xms512m -XX:PermSize=32m -XX:MaxPermSize=160m -Xbootclasspath/p:/HUDSON/workspace/embedded-jdk7/ws/builds/b05/linux-i586-ea/langtools/dist/bootstrap/lib/javac.jar -jar /HUDSON/workspace/embedded-jdk7/ws/builds/b05/linux-i586-ea/langtools/dist/bootstrap/lib/javac.jar -Werror -Xlint:all -Xlint:-path -source 7 -target 7 -encoding ascii -Xbootclasspath:/HUDSON/workspace/embedded-jdk7/ws/builds/b05/linux-i586-ea/classes -sourcepath ../../../../src/closed/solaris/classes:../../../../src/closed/share/classes:/HUDSON/workspace/embedded-jdk7/ws/builds/b05/linux-i586-ea/gensrc:../../../../src/solaris/classes:../../../../src/share/classes -d /HUDSON/workspace/embedded-jdk7/ws/builds/b05/linux-i586-ea/classes @/HUDSON/workspace/embedded-jdk7/ws/builds/b05/linux-i586-ea/tmp/sun/sun.security.jgss/.classes.list.filtered > ../../../../src/share/classes/org/ietf/jgss/Oid.java:160: warning: [deprecation] equals(ObjectIdentifier) in ObjectIdentifier has been deprecated > return this.oid.equals(((Oid) other).oid); > ^ > error: warnings found and -Werror specified > 1 error > 1 warning > make[5]: *** [.compile.classlist] Error 1 > make[5]: Leaving directory `/HUDSON/workspace/embedded-jdk7/ws/jdk/make/sun/security/jgss' > make[4]: *** [all] Error 1 > make[4]: Leaving directory `/HUDSON/workspace/embedded-jdk7/ws/jdk/make/sun/security' > make[3]: *** [all] Error 1 > make[3]: Leaving directory `/HUDSON/workspace/embedded-jdk7/ws/jdk/make/sun' > make[2]: *** [all] Error 1 > make[2]: Leaving directory `/HUDSON/workspace/embedded-jdk7/ws/jdk/make' > make[1]: *** [jdk-build] Error 2 > make[1]: Leaving directory `/HUDSON/workspace/embedded-jdk7/ws' > make: *** [build_product_image] Error 2 > Notifying upstream projects of job completion > Finished: FAILURE From David.Holmes at oracle.com Tue Sep 20 04:31:41 2011 From: David.Holmes at oracle.com (David Holmes) Date: Tue, 20 Sep 2011 14:31:41 +1000 Subject: code review request: 7091290: fails to build jdk8 b05 Embedded build In-Reply-To: <4E780F27.2080307@oracle.com> References: <4E780F27.2080307@oracle.com> Message-ID: <4E78172D.20503@oracle.com> Hi Max, On 20/09/2011 1:57 PM, Weijun Wang wrote: > Code change > > http://cr.openjdk.java.net/~weijun/7091290/webrev.00/ Looks good to me. (Initially I mis-parsed the casts) David ----- > Normally, Oid.java is compiled when compiling SSL (sun/security/ssl) and > deprecation warning is not treated as error there. In some increment builds, > it might be compiled along with jgss codes, where deprecated warning is an > error. > > No regression tests, build issue. > > How to verify: after JDK is built, remove files in classes/org/ietf/jgss/ > and classes/sun/security/jgss/, go into make/sun/security and call make. > > Thanks > Max > > -------- Original Message -------- > *Change Request ID*: 7091290 > *Synopsis*: fails to build jdk8 b05 Embedded build > > > === *Description* ============================================================ > # Running javac: > /java/re/jdk/1.7.0/archive/fcs/binaries/linux-i586/bin/java > -XX:-PrintVMOptions -XX:+UnlockDiagnosticVMOptions -XX:-LogVMOutput -client > -Xmx512m -Xms512m -XX:PermSize=32m -XX:MaxPermSize=160m > -Xbootclasspath/p:/HUDSON/workspace/embedded-jdk7/ws/builds/b05/linux-i586-ea/langtools/dist/bootstrap/lib/javac.jar > -jar > /HUDSON/workspace/embedded-jdk7/ws/builds/b05/linux-i586-ea/langtools/dist/bootstrap/lib/javac.jar > -Werror -Xlint:all -Xlint:-path -source 7 -target 7 -encoding ascii > -Xbootclasspath:/HUDSON/workspace/embedded-jdk7/ws/builds/b05/linux-i586-ea/classes > -sourcepath > ../../../../src/closed/solaris/classes:../../../../src/closed/share/classes:/HUDSON/workspace/embedded-jdk7/ws/builds/b05/linux-i586-ea/gensrc:../../../../src/solaris/classes:../../../../src/share/classes > -d /HUDSON/workspace/embedded-jdk7/ws/builds/b05/linux-i586-ea/classes > @/HUDSON/workspace/embedded-jdk7/ws/builds/b05/linux-i586-ea/tmp/sun/sun.security.jgss/.classes.list.filtered > > ../../../../src/share/classes/org/ietf/jgss/Oid.java:160: warning: > [deprecation] equals(ObjectIdentifier) in ObjectIdentifier has been deprecated > return this.oid.equals(((Oid) other).oid); > ^ > error: warnings found and -Werror specified > 1 error > 1 warning > make[5]: *** [.compile.classlist] Error 1 > make[5]: Leaving directory > `/HUDSON/workspace/embedded-jdk7/ws/jdk/make/sun/security/jgss' > make[4]: *** [all] Error 1 > make[4]: Leaving directory > `/HUDSON/workspace/embedded-jdk7/ws/jdk/make/sun/security' > make[3]: *** [all] Error 1 > make[3]: Leaving directory `/HUDSON/workspace/embedded-jdk7/ws/jdk/make/sun' > make[2]: *** [all] Error 1 > make[2]: Leaving directory `/HUDSON/workspace/embedded-jdk7/ws/jdk/make' > make[1]: *** [jdk-build] Error 2 > make[1]: Leaving directory `/HUDSON/workspace/embedded-jdk7/ws' > make: *** [build_product_image] Error 2 > Notifying upstream projects of job completion > Finished: FAILURE From weijun.wang at oracle.com Tue Sep 20 04:41:07 2011 From: weijun.wang at oracle.com (weijun.wang at oracle.com) Date: Tue, 20 Sep 2011 04:41:07 +0000 Subject: hg: jdk8/tl/jdk: 7091290: fails to build jdk8 b05 Embedded build Message-ID: <20110920044124.1EEB7477FF@hg.openjdk.java.net> Changeset: 8fe6d94683af Author: weijun Date: 2011-09-20 12:40 +0800 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/8fe6d94683af 7091290: fails to build jdk8 b05 Embedded build Reviewed-by: xuelei, dholmes ! src/share/classes/org/ietf/jgss/Oid.java From weijun.wang at oracle.com Tue Sep 20 05:12:09 2011 From: weijun.wang at oracle.com (Weijun Wang) Date: Tue, 20 Sep 2011 13:12:09 +0800 Subject: code review request: 7077640: gss wrap for cfx doesn't handle rrc != 0 In-Reply-To: <32412895.1313113261230.JavaMail.sbladm@swsblss4-new> References: <32412895.1313113261230.JavaMail.sbladm@swsblss4-new> Message-ID: <4E7820A9.1020409@oracle.com> Code changes http://cr.openjdk.java.net/~weijun/7077640/webrev.00 The original handling of rrc != 0 is not correct. We did rotate the bytes but have not reset the RRC field in the GSS message header before calculating the checksum. According to RFC 4121 [1]: 4.2.4. Encryption and Checksum Operations .... In Wrap tokens that do not provide for confidentiality, the checksum SHALL be calculated first over the to-be-signed plaintext data, and then over the first 16 octets of the Wrap token (the "header", as defined in section 4.2.6). Both the EC field and the RRC field in ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ the token header SHALL be filled with zeroes for the purpose of ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ calculating the checksum... ^^^^^^^^^^^^^^^^^^^^^^^^ In the test, the Context.transmit() method is split into 4 basic methods so that we have a chance to call wrap without confidentiality. Thanks Max [1] http://tools.ietf.org/html/rfc4121#section-4.2.4 On 08/12/2011 09:41 AM, weijun.wang at oracle.com wrote: > *Change Request ID*: 7077640 > > *Synopsis*: gss wrap for cfx doesn't handle rrc != 0 > > Product: java > Category: jgss > Subcategory: krb5plugin > > === *Description* ============================================================ > FULL PRODUCT VERSION : > java version "1.6.0_26" > > A DESCRIPTION OF THE PROBLEM : > gss wrap for cfx doesn't handle rrc != 0 > > Heimdal and mac os x always use an RRC != 0 > > > > STEPS TO FOLLOW TO REPRODUCE THE PROBLEM : > git clone git at github.com:heimdal/heimdal.git > cd heimdal > sh autogen.sh > ./configure > make > cd tests/java > make check > > > > REPRODUCIBILITY : > This bug can be reproduced always. From weijun.wang at oracle.com Tue Sep 20 05:38:45 2011 From: weijun.wang at oracle.com (Weijun Wang) Date: Tue, 20 Sep 2011 13:38:45 +0800 Subject: code review request: 7089889: Krb5LoginModule.login() throws an exception if used without a keytab In-Reply-To: <4E72E566.1080002@oracle.com> References: <4E72C9D8.6070206@oracle.com> <4E72E566.1080002@oracle.com> Message-ID: <4E7826E5.1090205@oracle.com> Any more comment? Thanks Max On 09/16/2011 01:57 PM, Weijun Wang wrote: > > > On 09/16/2011 01:45 PM, Xuelei Fan wrote: >> My first impression about the fix: >> 1. Do you want to update getKeys() comments about isInitiator value? > > OK. I'll simply remove the "(in JAAS words, isInitiator=true and > storeKey=true)" line. > >> >> 2. It seems that when isInitiator is true, getKeys() should throw >> exception if the state is not OK, right? If so, it looks like that the >> update of getKeys() will not throw ISE if the state is INIT. Does INIT >> state is enough in such case? > > The KrbAsReqBuilder class does not know about isInitiator so it cannot > make any decision based on it. I'll leave that to its caller. When > username/password is provided, getKeys() can be called as soon as the > object is created, and it returns keys with default salt. If AS-REQ is > performed and state goes OK and the method is called again, the salt > might be updated in PA-DATA. > > Thanks > Max > > >> >> Xuelei >> >> On Sep 16, 2011, at 12:00 PM, Weijun Wang wrote: >> >>> Hi All >>> >>> Code changes at >>> >>> http://cr.openjdk.java.net/~weijun/7089889/webrev.00/ >>> >>> KrbAsReqBuilder maintains a state enforcement: at the beginning it's >>> INIT, after doing an AS-REQ it's OK, and we used to only allow >>> getKeys() to be called when the state is OK. Now if an acceptor has >>> isInitiator=false, the OK state will never be reached. In most cases, >>> an acceptor uses a keytab so getKeys() is not called. However, if it >>> uses username/password (most likely in a peer-to-peer case and the >>> acceptor chooses not to login), getKeys() is needed and an exception >>> is thrown. >>> >>> This code change makes getKeys() callable at both INIT and OK states. >>> In order to do this, the checkState() method now accepts varargs. >>> >>> I'll backport this to 7u2, and since 7u2 is now in phase 2, I think I >>> need at least 2 reviewers. >>> >>> Thanks >>> Max >>> >>> -------- Original Message -------- >>> >>> *Change Request ID*: 7089889 >>> >>> *Synopsis*: Krb5LoginModule.login() throws an exception if used >>> without a keytab >>> >>> >>> === *Description* >>> ============================================================ >>> FULL PRODUCT VERSION : >>> java version "1.7.0" >>> Java(TM) SE Runtime Environment (build 1.7.0-b147) >>> Java HotSpot(TM) Client VM (build 21.0-b17, mixed mode, sharing) >>> >>> A DESCRIPTION OF THE PROBLEM : >>> The call to LoginContext.login() fails with an exception if the >>> LoginContext is configured to use Krb5LoginModule with the following >>> options: >>> >>> storeKey="true" >>> useKeyTab="false" >>> isInitiator="false" >>> >>> This appears to be a regression due to an attempt to solve bug >>> '6941083'. >>> >>> The following source code is taken from >>> Kb5LoginModule.attemptAuthentication(false): >>> >>> if (ktab == null) { >>> promptForPass(getPasswdFromSharedState); >>> builder = new KrbAsReqBuilder(principal, password); >>> if (isInitiator) { >>> // XXX Even if isInitiator=false, it might be >>> // better to do an AS-REQ so that keys can be >>> // updated with PA info >>> cred = builder.action().getCreds(); >>> } >>> if (storeKey) { >>> encKeys = builder.getKeys(); >>> // When encKeys is empty, the login actually fails. >>> // For compatibility, exception is thrown in commit(). >>> } >>> } >>> >>> This code path results builder.getGeys() being called while the >>> builder's state is 'INIT'. >>> The builder asserts via checkState() that the state is REQ_OK, hence >>> an exception. >>> >>> This is a regression, as JRE6 and prior versions called >>> EncryptionKey.acquireSecretKeys() >>> to obtain the keys in this case. >>> >>> REGRESSION. Last worked in version 6u26 >>> >>> STEPS TO FOLLOW TO REPRODUCE THE PROBLEM : >>> See the executable test case below. Program should be run on a >>> Windows machine that is joined to a domain. Replace 'REALM', 'KDC', >>> 'DOMAIN_USER' and 'DOMAIN_USER_PWD' as appropriate before running >>> >>> EXPECTED VERSUS ACTUAL BEHAVIOR : >>> EXPECTED - >>> "Login succeeded" printed to console >>> ACTUAL - >>> "Login failed" printed to console. >>> Exception stacktrace printed to strerr >>> >>> ERROR MESSAGES/STACK TRACES THAT OCCUR : >>> javax.security.auth.login.LoginException: >>> java.lang.IllegalStateException: Cannot get keys at REQ_OK state >>> at sun.security.krb5.KrbAsReqBuilder.checkState(Unknown Source) >>> at sun.security.krb5.KrbAsReqBuilder.getKeys(Unknown Source) >>> at >>> com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Unknown >>> Source) >>> at com.sun.security.auth.module.Krb5LoginModule.login(Unknown Source) >>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) >>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) >>> at java.lang.reflect.Method.invoke(Unknown Source) >>> at javax.security.auth.login.LoginContext.invoke(Unknown Source) >>> at javax.security.auth.login.LoginContext.access$000(Unknown Source) >>> at javax.security.auth.login.LoginContext$4.run(Unknown Source) >>> at javax.security.auth.login.LoginContext$4.run(Unknown Source) >>> at java.security.AccessController.doPrivileged(Native Method) >>> at javax.security.auth.login.LoginContext.invokePriv(Unknown Source) >>> at javax.security.auth.login.LoginContext.login(Unknown Source) >>> at LoginModuleExample.main(LoginModuleExample.java:43) >>> >>> at javax.security.auth.login.LoginContext.invoke(Unknown Source) >>> at javax.security.auth.login.LoginContext.access$000(Unknown Source) >>> at javax.security.auth.login.LoginContext$4.run(Unknown Source) >>> at javax.security.auth.login.LoginContext$4.run(Unknown Source) >>> at java.security.AccessController.doPrivileged(Native Method) >>> at javax.security.auth.login.LoginContext.invokePriv(Unknown Source) >>> at javax.security.auth.login.LoginContext.login(Unknown Source) >>> at LoginModuleExample.main(LoginModuleExample.java:43) >>> >>> REPRODUCIBILITY : >>> This bug can be reproduced always. >>> >>> ---------- BEGIN SOURCE ---------- >>> import java.util.HashMap; >>> import java.util.Map; >>> >>> import javax.security.auth.callback.Callback; >>> import javax.security.auth.callback.CallbackHandler; >>> import javax.security.auth.callback.NameCallback; >>> import javax.security.auth.callback.PasswordCallback; >>> import javax.security.auth.login.AppConfigurationEntry; >>> import >>> javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag; >>> import javax.security.auth.login.Configuration; >>> import javax.security.auth.login.LoginContext; >>> >>> import com.sun.security.auth.module.Krb5LoginModule; >>> >>> public class LoginModuleExample { >>> >>> // Replace with the realm and KDC of the Windows domain. >>> private static final String REALM = "DEV-DEM.RECOMMIND.COM"; >>> private static final String KDC = "AU-DEV-DC01.dev-dem.recommind.com"; >>> >>> // Replace with the username and password of any account on the >>> // above domain. Account needs to be enabled and not locked out. >>> private static final String DOMAIN_USER = "sgr"; >>> private static final String DOMAIN_USER_PWD = "0rodriguez)"; >>> >>> private static final String EXAMPLE_SERVER_LOGIN = "example-server"; >>> >>> /** >>> * @param args >>> */ >>> public static void main(String[] args) { >>> >>> System.setProperty("java.security.krb5.realm", REALM); >>> System.setProperty("java.security.krb5.kdc", KDC); >>> >>> Configuration.setConfiguration(new CustomConfiguration()); >>> >>> try { >>> CallbackHandler handler = getUsernamePasswordHandler(DOMAIN_USER, >>> DOMAIN_USER_PWD); >>> >>> LoginContext loginContext = new LoginContext(EXAMPLE_SERVER_LOGIN, >>> handler); >>> >>> loginContext.login(); >>> >>> System.out.println("Login succeeded"); >>> } >>> catch (Exception e) { >>> >>> System.out.println("Login failed"); >>> e.printStackTrace(); >>> } >>> >>> } >>> >>> private static CallbackHandler getUsernamePasswordHandler(final >>> String username, final String password) { >>> >>> final CallbackHandler handler = new CallbackHandler() { >>> >>> public void handle(final Callback[] callback) { >>> for (int i = 0; i< callback.length; i++) { >>> if (callback[i] instanceof NameCallback) { >>> final NameCallback nameCallback = (NameCallback) callback[i]; >>> nameCallback.setName(username); >>> } >>> else if (callback[i] instanceof PasswordCallback) { >>> final PasswordCallback passCallback = (PasswordCallback) callback[i]; >>> passCallback.setPassword(password.toCharArray()); >>> } >>> } >>> } >>> }; >>> >>> return handler; >>> } >>> >>> final static class CustomConfiguration extends Configuration { >>> >>> @Override >>> public AppConfigurationEntry[] getAppConfigurationEntry(String name) { >>> >>> AppConfigurationEntry[] entries = new AppConfigurationEntry[0]; >>> >>> if (name.equals(EXAMPLE_SERVER_LOGIN)) { >>> String krbModule = Krb5LoginModule.class.getName(); >>> LoginModuleControlFlag flag = LoginModuleControlFlag.REQUIRED; >>> Map options = new HashMap(); >>> >>> options.put("storeKey", "true"); >>> options.put("useKeyTab", "false"); >>> options.put("isInitiator", "false"); >>> >>> AppConfigurationEntry entry = new AppConfigurationEntry(krbModule, >>> flag, options); >>> >>> entries = new AppConfigurationEntry[] { entry }; >>> } >>> >>> return entries; >>> } >>> } >>> } >>> >>> ---------- END SOURCE ---------- >>> >>> From kurchi.subhra.hazra at oracle.com Tue Sep 20 15:27:21 2011 From: kurchi.subhra.hazra at oracle.com (Kurchi Hazra) Date: Tue, 20 Sep 2011 08:27:21 -0700 Subject: Code review request: 7092375 Security libraries don't build with javac -Werror Message-ID: <4E78B0D9.3040203@oracle.com> Hi Xuelei, Can you please review these changes? Summary: 1. Small changes to Java files, mostly in src/share/classes/javax/security and its subpackages to remove build warnings. 2. Small changes to relevant makefiles to prevent reintroduction of removed warnings. Added a new makefile to prevent reintroduction of warnings in javax/security. webrev:http://cr.openjdk.java.net/~xuelei/7092375/webrev.00/ Bug description: To appear on http://bugs.sun.com/bugdatabase Thanks, Kurchi From jonathan.gibbons at oracle.com Tue Sep 20 19:13:08 2011 From: jonathan.gibbons at oracle.com (jonathan.gibbons at oracle.com) Date: Tue, 20 Sep 2011 19:13:08 +0000 Subject: hg: jdk8/tl/langtools: 7030473: Remove dead field JCCompilationUnit.flags Message-ID: <20110920191312.D72F747823@hg.openjdk.java.net> Changeset: ac964af3b5e7 Author: jjg Date: 2011-09-20 12:08 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/ac964af3b5e7 7030473: Remove dead field JCCompilationUnit.flags Reviewed-by: dlsmith ! src/share/classes/com/sun/tools/javac/tree/JCTree.java From mike.duigou at oracle.com Tue Sep 20 19:32:24 2011 From: mike.duigou at oracle.com (mike.duigou at oracle.com) Date: Tue, 20 Sep 2011 19:32:24 +0000 Subject: hg: jdk8/tl/jdk: 7074264: Switches to packages tree view and adds unit tests to sources Message-ID: <20110920193241.CA88B47826@hg.openjdk.java.net> Changeset: c77b41652266 Author: mduigou Date: 2011-09-20 12:27 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/c77b41652266 7074264: Switches to packages tree view and adds unit tests to sources Reviewed-by: igor ! make/netbeans/README ! make/netbeans/common/closed-share-view.ent ! make/netbeans/common/java-data-native.ent ! make/netbeans/common/java-data-no-native.ent ! make/netbeans/common/jtreg-view.ent ! make/netbeans/common/sample-view.ent ! make/netbeans/common/share-view.ent ! make/netbeans/common/unix-view.ent ! make/netbeans/common/windows-view.ent ! make/netbeans/j2se/nbproject/project.xml From kurchi.subhra.hazra at oracle.com Tue Sep 20 21:34:20 2011 From: kurchi.subhra.hazra at oracle.com (Kurchi Hazra) Date: Tue, 20 Sep 2011 14:34:20 -0700 Subject: Code review request: 7088502 Security libraries don't build with javac -Werror In-Reply-To: <4E7796CE.2070307@oracle.com> References: <4E73CEE2.1010507@oracle.com> <4E7796CE.2070307@oracle.com> Message-ID: <4E7906DC.2060501@oracle.com> On 9/19/2011 12:23 PM, Sean Mullan wrote: > On 09/16/2011 06:34 PM, Kurchi Hazra wrote: >> Hi Sean, >> >> Can you please review these changes? >> >> Summary: * Small changes to Java files in >> src/share/classes/com/sun/org/apache/xml/internal/security and its >> subpackages to remove build warnings. >> * Small changes to relevant makefiles to prevent reintroduction of >> removed warnings. >> >> webrev: http://cr.openjdk.java.net/~sherman/kurchi/7088502/webrev/ >> Bug description: >> http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7088502 > > > * MessageDigestAlgorithm.java > > [74-5] This is preferable: > > static ThreadLocal> instances=new > ThreadLocal>() { > protected Map initialize()... The above does not work since the compiler complains that if ThreadLocal is a HashMap, initialize() cannot override unless its return type is also HashMap. Even if I change it to static ThreadLocal> instances=new ThreadLocal>() { protected HashMap initialize()... the compiler throws an error as follows: ../../../../../../src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/MessageDigestAlgorithm.java:74: error: incompatible types static ThreadLocal> instances=new ^ required: ThreadLocal> found: >> > > > * Canonicalizer20010315.java > > [209,314] I'm curious about these changes. Instead of adding a new > method getSortedSetAsCollection and then suppressing the warnings for > that, it seems like it would be sufficient to just suppress the > warnings in this code, ex: > > @SuppressWarnings("unchecked") > ... > > ns.getUnrenderedNodes(result); I did not put it inside the code, since the method has many lines of code and this would mean suppressing unchecked warnings generated anywhere in the method. > > > * SignatureAlgorithm.java > > [130, 399, 434] change type to Class If I make this change (and similar changes in other classes), I need to cast at various places, and then I need to Suppress the unchecked warnings. Is this preferable? ../../../../../../src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithm.java:412: warning: [unchecked] unchecked cast SignatureAlgorithm._algorithmHash.put(algorithmURI, (Class )Class.forName(implementingClass)); ^ required: Class found: Class where CAP#1 is a fresh type-variable: CAP#1 extends Object from capture of ? Is there a workaround? -Kurchi From forax at univ-mlv.fr Tue Sep 20 09:42:09 2011 From: forax at univ-mlv.fr (=?ISO-8859-1?Q?R=E9mi_Forax?=) Date: Tue, 20 Sep 2011 11:42:09 +0200 Subject: hg: jdk8/tl/jdk: 7091369: DatagramSocket/Limit.java failing on 8 and 7u2 In-Reply-To: <20110919142127.74370477D3@hg.openjdk.java.net> References: <20110919142127.74370477D3@hg.openjdk.java.net> Message-ID: <4E785FF1.3090803@univ-mlv.fr> On 09/19/2011 04:21 PM, michael.x.mcmahon at oracle.com wrote: > Changeset: e3d78fe803d4 > Author: michaelm > Date: 2011-09-19 15:14 +0100 > URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/e3d78fe803d4 > > 7091369: DatagramSocket/Limit.java failing on 8 and 7u2 > Reviewed-by: chegar, alanb > > ! src/windows/classes/java/net/TwoStacksPlainDatagramSocketImpl.java > Hi Michael, I'm not a big fan of this code. I don't see why you're using the precise-rethrow feature here. I think the code should be: try { super.create(); } catch (SocketException e) { fd1 = null; throw e; } R?mi -------------- next part -------------- An HTML attachment was scrubbed... URL: From joe.darcy at oracle.com Wed Sep 21 01:33:56 2011 From: joe.darcy at oracle.com (joe.darcy at oracle.com) Date: Wed, 21 Sep 2011 01:33:56 +0000 Subject: hg: jdk8/tl/jdk: 6268216: Boolean.getBoolean() throws SecurityException Message-ID: <20110921013413.B812B4783E@hg.openjdk.java.net> Changeset: 9b2fc8a11421 Author: darcy Date: 2011-09-20 18:33 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/9b2fc8a11421 6268216: Boolean.getBoolean() throws SecurityException Reviewed-by: mduigou ! src/share/classes/java/lang/Boolean.java ! src/share/classes/java/lang/Integer.java ! src/share/classes/java/lang/Long.java From daniel.daugherty at oracle.com Wed Sep 21 02:17:04 2011 From: daniel.daugherty at oracle.com (daniel.daugherty at oracle.com) Date: Wed, 21 Sep 2011 02:17:04 +0000 Subject: hg: jdk8/tl/jdk: 7085944: 3/3 FDS: gdb does not find debug symbols for libjsig link Message-ID: <20110921021716.6582A47840@hg.openjdk.java.net> Changeset: 029ba13aa0df Author: dcubed Date: 2011-09-20 19:16 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/029ba13aa0df 7085944: 3/3 FDS: gdb does not find debug symbols for libjsig link Summary: Add support for importing .debuginfo files from HSX. Reviewed-by: phh ! make/common/Defs-linux.gmk ! make/common/Defs-solaris.gmk ! make/java/redist/Makefile ! make/java/redist/sajdi/Makefile From david.holmes at oracle.com Wed Sep 21 02:20:45 2011 From: david.holmes at oracle.com (david.holmes at oracle.com) Date: Wed, 21 Sep 2011 02:20:45 +0000 Subject: hg: jdk8/tl/jdk: 7012206: ~20 tools tests failing due to -XX:-UsePerfData default in Java SE Embedded Message-ID: <20110921022055.8E67647841@hg.openjdk.java.net> Changeset: d177eecda07e Author: dholmes Date: 2011-09-20 22:20 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/d177eecda07e 7012206: ~20 tools tests failing due to -XX:-UsePerfData default in Java SE Embedded Summary: Explicitly enable UsePerfData for the tools that require it to be enabled Reviewed-by: alanb, ohair ! test/sun/jvmstat/perfdata/PrologSanity/PrologSizeSanityCheck.java ! test/sun/tools/common/ApplicationSetup.sh ! test/sun/tools/jinfo/Basic.sh ! test/sun/tools/jmap/Basic.sh ! test/sun/tools/jps/jps-Defaults.sh ! test/sun/tools/jps/jps-V_2.sh ! test/sun/tools/jps/jps-Vm_2.sh ! test/sun/tools/jps/jps-Vvm.sh ! test/sun/tools/jps/jps-Vvml.sh ! test/sun/tools/jps/jps-Vvml_2.sh ! test/sun/tools/jps/jps-help.sh ! test/sun/tools/jps/jps-l_1.sh ! test/sun/tools/jps/jps-l_2.sh ! test/sun/tools/jps/jps-lm.sh ! test/sun/tools/jps/jps-m.sh ! test/sun/tools/jps/jps-m_2.sh ! test/sun/tools/jps/jps-q.sh ! test/sun/tools/jps/jps-v_1.sh ! test/sun/tools/jps/jps-vm_1.sh ! test/sun/tools/jstack/Basic.sh ! test/sun/tools/jstat/jstatClassOutput1.sh ! test/sun/tools/jstat/jstatClassloadOutput1.sh ! test/sun/tools/jstat/jstatCompilerOutput1.sh ! test/sun/tools/jstat/jstatFileURITest1.sh ! test/sun/tools/jstat/jstatGcCapacityOutput1.sh ! test/sun/tools/jstat/jstatGcCauseOutput1.sh ! test/sun/tools/jstat/jstatGcNewCapacityOutput1.sh ! test/sun/tools/jstat/jstatGcNewOutput1.sh ! test/sun/tools/jstat/jstatGcOldCapacityOutput1.sh ! test/sun/tools/jstat/jstatGcOldOutput1.sh ! test/sun/tools/jstat/jstatGcOutput1.sh ! test/sun/tools/jstat/jstatGcPermCapacityOutput1.sh ! test/sun/tools/jstat/jstatHelp.sh ! test/sun/tools/jstat/jstatLineCounts1.sh ! test/sun/tools/jstat/jstatLineCounts2.sh ! test/sun/tools/jstat/jstatLineCounts3.sh ! test/sun/tools/jstat/jstatLineCounts4.sh ! test/sun/tools/jstat/jstatOptions1.sh ! test/sun/tools/jstat/jstatPrintCompilationOutput1.sh ! test/sun/tools/jstat/jstatSnap1.sh ! test/sun/tools/jstat/jstatSnap2.sh ! test/sun/tools/jstat/jstatTimeStamp1.sh ! test/sun/tools/jstatd/jstatdDefaults.sh ! test/sun/tools/jstatd/jstatdExternalRegistry.sh ! test/sun/tools/jstatd/jstatdPort.sh ! test/sun/tools/jstatd/jstatdServerName.sh From xuelei.fan at oracle.com Wed Sep 21 03:21:28 2011 From: xuelei.fan at oracle.com (Xuelei Fan) Date: Wed, 21 Sep 2011 11:21:28 +0800 Subject: Code review request: 7013776 Multithreaded JSSE application debug information is hard to read Message-ID: <4E795838.9070402@oracle.com> webrev: http://cr.openjdk.java.net/~xuelei/7013776/webrev.01/ At present, Oracle JSSE provider, SunJSSE, uses hard coded System.out to logger the debug information, with Java option "javax.net.debug". The benefit of the debug mechanism is that it is simple and straightforward. The drawback is that it is hard to redirect to other output stream, hard to parse in multi-threads environment[2], and hard to customize the output[3]. In this update, I try to reconstruct the output to include more information, such as thread id, log time, etc. A typical output looks like: { "logger" : "javax.net.ssl.handshake", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.453 PDT", "message" : "SESSION KEYGEN, PreMaster Secret", "specifics" : [ 0000: 03 02 48 B2 91 B2 0E 63 96 14 ED FA 77 8E EF 67 ..H....c....w..g 0010: 40 42 65 9D C2 5B 37 60 E3 D1 48 BF 42 2B F3 20 @Be..[7`..H.B+. 0020: 6E 06 27 6C D7 8C E5 FA 77 91 96 EE ED 89 95 AA n.'l....w....... ] } Please refer to the attached file for a full SSL/TLS connection log. Q1: Why not use java.util.logging It is required the JSSE/SunJSSE component should be independent from java.util.logging component. So SunJSSE implementation cannot use java.util.logging APIs. Q2: Why not use sun.util.logging At present, System.out is the output stream. We need to be compatible with it. The default output stream of sun.util.logging is System.err, there is no flexible approach to reset it to System.out. Q3: Why not using Weijun's suggested Describle interface? I tried to define and use Describle interface. But I got type-safe heterogeneous map and generic programing puzzles, and more, it is too flexible to determine what's the instance of an object. For example, if (object instanceof Map) is legal, but if (object instanceof Map) is illegal. Q4: The output looks like JSON, but not strictly following JSON specifications. Yes, the output looks like JSON string, array and object. But for easily parser the binary data, the binary data are printed with reader friendly format, like this: "specifics" : [ 0000: 03 02 48 B2 91 B2 0E 63 96 14 ED FA 77 8E EF 67 ..H....c....w..g 0010: 40 42 65 9D C2 5B 37 60 E3 D1 48 BF 42 2B F3 20 @Be..[7`..H.B+. 0020: 6E 06 27 6C D7 8C E5 FA 77 91 96 EE ED 89 95 AA n.'l....w....... ] Q5: what about the performance impact. The update does not hurt the performance Q6: compatibility issue The update continue to use System.out as the default output stream, but the output content is changed significantly. But as it only impact oracle JSSE provider, it should not be significant compatibility issue. Q7: Why defines Levels? I still think about using java/sun.util.logging APIs to make it more flexible. Q8: It seems you want to define "javax.net.debug.output" to redirect output stream, why comment the code out? Yes, it's my initial idea to able to redirect out to customized output stream. But I failed to find a proper approach to close the customized output stream in JSSE implementation or in application code. I may modify the code when I find a proper solution. Q9: What's the map between debug options and Levels? If java option "javax.net.debug" is defined, the debug options (see [1] for the define of the option) are mapped to three loggers: logger "javax.net.ssl.handshake" will support the following debug options: handshake, keygen, session, seesioncache. logger "javax.net.ssl.managerment" will support debug options: keymanager, trustmanager, sslctx, defaultctx. logger "javax.net.ssl" will support all other debug options. Thanks, Xuelei [1]: the usage of "javax.net.debug" option: ------------------------ $ java -Djavax.net.debug=help Foo all turn on all debugging ssl turn on ssl debugging The following can be used with ssl: record enable per-record tracing handshake print each handshake message keygen print key generation data session print session activity defaultctx print default SSL initialization sslctx print SSLContext tracing sessioncache print session cache tracing keymanager print key manager tracing trustmanager print trust manager tracing pluggability print pluggability tracing handshake debugging can be widened with: data hex dump of each handshake message verbose verbose handshake message printing record debugging can be widened with: plaintext hex dump of record plaintext packet print raw SSL/TLS packets ------------------------ [2]: http://monaco.us.oracle.com/detail.jsf?cr=7013776 [3]:http://sim.ivi.co/2009/05/these-days-i-was-asked-about-strange.html -------------- next part -------------- #Test Results (version 2) #Tue Sep 20 18:37:19 PDT 2011 #checksum:1d02fba11ff34fe6 #-----testdescription----- $file=/export/home/xf138604/repositories/jdk8/study/jdk/test/sun/security/ssl/javax/net/ssl/TLSv11/GenericBlockCipher.java $root=/export/home/xf138604/repositories/jdk8/study/jdk/test author=Xuelei Fan keywords=bug4873188 othervm run=USER_SPECIFIED main/othervm -Djavax.net.debug=all GenericBlockCipher\n source=GenericBlockCipher.java title=Support TLS 1.1 #-----environment----- #-----testresult----- description=file:/export/home/xf138604/repositories/jdk8/study/jdk/test/sun/security/ssl/javax/net/ssl/TLSv11/GenericBlockCipher.java elapsed=7059 0:00:07.059 end=Tue Sep 20 18:37:19 PDT 2011 environment=regtest execStatus=Passed. Execution successful hostname=glisten javatestOS=SunOS 5.10 (sparc) javatestVersion=4.1.4 script=com.sun.javatest.regtest.RegressionScript sections=script_messages build compile main start=Tue Sep 20 18:37:12 PDT 2011 test=sun/security/ssl/javax/net/ssl/TLSv11/GenericBlockCipher.java work=/export/home/xf138604/delta/secreg/work/sun/security/ssl/javax/net/ssl/TLSv11 #section:script_messages ----------messages:(4/259)---------- JDK under test: (/export/home/xf138604/repositories/jdk8/study/jdk/build/solaris-sparc) java version "1.8.0-internal" Java(TM) SE Runtime Environment (build 1.8.0-internal-xf138604_2011_09_15_06_55-b00) Java HotSpot(TM) Server VM (build 21.0-b17, mixed mode) #section:build ----------messages:(3/103)---------- command: build GenericBlockCipher reason: Named class compiled on demand elapsed time (seconds): 2.608 result: Passed. Build successful #section:compile ----------messages:(3/214)---------- command: compile /export/home/xf138604/repositories/jdk8/study/jdk/test/sun/security/ssl/javax/net/ssl/TLSv11/GenericBlockCipher.java reason: .class file out of date or does not exist elapsed time (seconds): 2.577 ----------System.out:(0/0)---------- ----------System.err:(0/0)---------- result: Passed. Compilation successful #section:main ----------messages:(3/175)---------- command: main -Djavax.net.debug=all GenericBlockCipher reason: User specified action: run main/othervm -Djavax.net.debug=all GenericBlockCipher elapsed time (seconds): 3.929 ----------System.out:(2083/77658)*---------- { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:17.342 PDT", "message" : "keyStore is: /export/home/xf138604/repositories/jdk8/study/jdk/test/sun/security/ssl/javax/net/ssl/TLSv11//../../../../etc/keystore" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:17.368 PDT", "message" : "keyStore type is: jks" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:17.368 PDT", "message" : "keyStore provider is: " } { "logger" : "javax.net.ssl.management", "level" : "INFO", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:17.370 PDT", "message" : "try to initialize keyStore of type jks" } { "logger" : "javax.net.ssl.management", "level" : "INFO", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:17.546 PDT", "message" : "try to initialize keymanager of type SunX509" } { "logger" : "javax.net.ssl.management", "level" : "INFO", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:17.564 PDT", "message" : "found key for dummydsa", "specifics" : [ "certificate" : { "version" : "v1", "serial number" : "45 F3 A3 14", "signature algorithm": "SHA1withDSA", "issuer" : "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US", "not before" : "2007-03-10 22:35:00.000 PST", "not after" : "2017-03-07 22:35:00.000 PST", "subject" : "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US", "subject public key" : "DSA"} ] } { "logger" : "javax.net.ssl.management", "level" : "INFO", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:17.586 PDT", "message" : "found key for dummyecdsa", "specifics" : [ "certificate" : { "version" : "v1", "serial number" : "00 E1 94 5E 5F 9D E1 32 EE", "signature algorithm": "SHA1withECDSA", "issuer" : "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US", "not before" : "2010-03-04 01:50:55.000 PST", "not after" : "2031-02-12 01:50:55.000 PST", "subject" : "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US", "subject public key" : "EC"} ] } { "logger" : "javax.net.ssl.management", "level" : "INFO", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:17.609 PDT", "message" : "found key for dummy", "specifics" : [ "certificate" : { "version" : "v1", "serial number" : "45 F3 A3 16", "signature algorithm": "MD5withRSA", "issuer" : "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US", "not before" : "2007-03-10 22:35:02.000 PST", "not after" : "2017-03-07 22:35:02.000 PST", "subject" : "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US", "subject public key" : "RSA"} ] } { "logger" : "javax.net.ssl.management", "level" : "INFO", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:17.627 PDT", "message" : "found key for dummyecdhrsa", "specifics" : [ "certificate" : { "version" : "v3", "serial number" : "00 90 AB CD EF", "signature algorithm": "SHA1withRSA", "issuer" : "OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US", "not before" : "2010-03-04 18:33:10.000 PST", "not after" : "2029-11-19 18:33:10.000 PST", "subject" : "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US", "subject public key" : "EC", "extensions" : [ { ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: 2B A8 6C 75 AD 6D CC 37 98 F4 70 B4 18 8D 64 49 +.lu.m.7..p...dI 0010: E3 DD 5A 18 ..Z. ] ]}, { ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ [OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US] SerialNumber: [ 10abcdef] ]}, { ObjectId: 2.5.29.15 Criticality=false KeyUsage [ DigitalSignature Non_repudiation Key_Encipherment Key_Agreement ]} ]}, "certificate" : { "version" : "v1", "serial number" : "10 AB CD EF", "signature algorithm": "SHA1withRSA", "issuer" : "OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US", "not before" : "2010-03-04 18:32:08.000 PST", "not after" : "2031-02-12 18:32:08.000 PST", "subject" : "OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US", "subject public key" : "RSA"} ] } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:17.660 PDT", "message" : "trustStore is: /export/home/xf138604/repositories/jdk8/study/jdk/test/sun/security/ssl/javax/net/ssl/TLSv11/../../../../etc/truststore" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:17.660 PDT", "message" : "trustStore type is : jks" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:17.661 PDT", "message" : "trustStore provider is : " } { "logger" : "javax.net.ssl.management", "level" : "INFO", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:17.661 PDT", "message" : "try to initialize trustStore of type jks" } { "logger" : "javax.net.ssl.management", "level" : "INFO", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:17.676 PDT", "message" : "adding as trusted certificates", "specifics" : [ "certificate" : { "version" : "v1", "serial number" : "00 E1 94 5E 5F 9D E1 32 EE", "signature algorithm": "SHA1withECDSA", "issuer" : "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US", "not before" : "2010-03-04 01:50:55.000 PST", "not after" : "2031-02-12 01:50:55.000 PST", "subject" : "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US", "subject public key" : "EC"}, "certificate" : { "version" : "v1", "serial number" : "45 F3 A3 14", "signature algorithm": "SHA1withDSA", "issuer" : "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US", "not before" : "2007-03-10 22:35:00.000 PST", "not after" : "2017-03-07 22:35:00.000 PST", "subject" : "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US", "subject public key" : "DSA"}, "certificate" : { "version" : "v1", "serial number" : "45 F3 A3 16", "signature algorithm": "MD5withRSA", "issuer" : "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US", "not before" : "2007-03-10 22:35:02.000 PST", "not after" : "2017-03-07 22:35:02.000 PST", "subject" : "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US", "subject public key" : "RSA"}, "certificate" : { "version" : "v1", "serial number" : "10 AB CD EF", "signature algorithm": "SHA1withRSA", "issuer" : "OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US", "not before" : "2010-03-04 18:32:08.000 PST", "not after" : "2031-02-12 18:32:08.000 PST", "subject" : "OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US", "subject public key" : "RSA"} ] } { "logger" : "javax.net.ssl.management", "level" : "INFO", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:17.714 PDT", "message" : "trigger seeding of SecureRandom" } { "logger" : "javax.net.ssl.management", "level" : "INFO", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:17.715 PDT", "message" : "done seeding SecureRandom" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:18.986 PDT", "message" : "ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:18.988 PDT", "message" : "ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:18.989 PDT", "message" : "ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:18.990 PDT", "message" : "ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:18.991 PDT", "message" : "ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:18.992 PDT", "message" : "ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:18.993 PDT", "message" : "ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:18.994 PDT", "message" : "ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:18.994 PDT", "message" : "ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:18.995 PDT", "message" : "ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:18.995 PDT", "message" : "ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:18.996 PDT", "message" : "ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:18.997 PDT", "message" : "ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:18.998 PDT", "message" : "ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.020 PDT", "message" : "ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.020 PDT", "message" : "ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.021 PDT", "message" : "ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.021 PDT", "message" : "ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.022 PDT", "message" : "ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.022 PDT", "message" : "ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.022 PDT", "message" : "ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.023 PDT", "message" : "ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.023 PDT", "message" : "ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.023 PDT", "message" : "ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.024 PDT", "message" : "ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.024 PDT", "message" : "ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.024 PDT", "message" : "ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.025 PDT", "message" : "ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.025 PDT", "message" : "ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.026 PDT", "message" : "ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.026 PDT", "message" : "ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.026 PDT", "message" : "ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.027 PDT", "message" : "ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.027 PDT", "message" : "ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.028 PDT", "message" : "ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.028 PDT", "message" : "ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.028 PDT", "message" : "ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.028 PDT", "message" : "ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.029 PDT", "message" : "ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.029 PDT", "message" : "ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.029 PDT", "message" : "ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.030 PDT", "message" : "ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.030 PDT", "message" : "ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.030 PDT", "message" : "ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.030 PDT", "message" : "ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.031 PDT", "message" : "ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.031 PDT", "message" : "ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.032 PDT", "message" : "ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA" } { "logger" : "javax.net.ssl.management", "level" : "CONFIG", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.032 PDT", "message" : "ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256" } { "logger" : "javax.net.ssl.handshake", "level" : "INFO", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.056 PDT", "message" : "Allow unsafe renegotiation: false" } { "logger" : "javax.net.ssl.handshake", "level" : "INFO", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.056 PDT", "message" : "Allow unsafe renegotiation: false" } { "logger" : "javax.net.ssl.handshake", "level" : "INFO", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.057 PDT", "message" : "Allow legacy hello messages: true" } { "logger" : "javax.net.ssl.handshake", "level" : "INFO", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.057 PDT", "message" : "Allow legacy hello messages: true" } { "logger" : "javax.net.ssl.handshake", "level" : "INFO", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.057 PDT", "message" : "Is initial handshake: true" } { "logger" : "javax.net.ssl.handshake", "level" : "INFO", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.057 PDT", "message" : "Is initial handshake: true" } { "logger" : "javax.net.ssl.handshake", "level" : "INFO", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.058 PDT", "message" : "Is secure renegotiation: false" } { "logger" : "javax.net.ssl.handshake", "level" : "INFO", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.058 PDT", "message" : "Is secure renegotiation: false" } { "logger" : "javax.net.ssl.handshake", "level" : "INFO", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.073 PDT", "message" : "No cached client session" } { "logger" : "javax.net.ssl.handshake", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.081 PDT", "message" : "ClientHello", "specifics" : [ "client version": "TLSv1.1", "random": "4E 79 3F CF 8E F7 45 4C D0 0C 2A A5 EF 98 55 AB 89 10 0B 3A AB 38 DE 1D 72 75 E3 91 67 2C 2E 91", "session id": "", "cipher suites": [ "TLS_RSA_WITH_AES_128_CBC_SHA" ], "compression methods": "00", "extensions": "[{extension type: renegotiation_info,extension data: ""}]" ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.085 PDT", "message" : "[write] handshake hashes", "specifics" : [ 0000: 01 00 00 30 03 02 4E 79 3F CF 8E F7 45 4C D0 0C ...0..Ny?...EL.. 0010: 2A A5 EF 98 55 AB 89 10 0B 3A AB 38 DE 1D 72 75 *...U....:.8..ru 0020: E3 91 67 2C 2E 91 00 00 02 00 2F 01 00 00 05 FF ..g,....../..... 0030: 01 00 01 00 ] } { "logger" : "javax.net.ssl", "level" : "INFO", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.093 PDT", "message" : "WRITE: TLSv1.1 Handshake, length = 52" } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.094 PDT", "message" : "Raw read", "specifics" : [ 0000: 16 03 02 00 34 ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.094 PDT", "message" : "Raw write", "specifics" : [ 0000: 16 03 02 00 34 01 00 00 30 03 02 4E 79 3F CF 8E ....4...0..Ny?.. 0010: F7 45 4C D0 0C 2A A5 EF 98 55 AB 89 10 0B 3A AB .EL..*...U....:. 0020: 38 DE 1D 72 75 E3 91 67 2C 2E 91 00 00 02 00 2F 8..ru..g,....../ 0030: 01 00 00 05 FF 01 00 01 00 ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.096 PDT", "message" : "Raw read", "specifics" : [ 0000: 01 00 00 30 03 02 4E 79 3F CF 8E F7 45 4C D0 0C ...0..Ny?...EL.. 0010: 2A A5 EF 98 55 AB 89 10 0B 3A AB 38 DE 1D 72 75 *...U....:.8..ru 0020: E3 91 67 2C 2E 91 00 00 02 00 2F 01 00 00 05 FF ..g,....../..... 0030: 01 00 01 00 ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.103 PDT", "message" : "READ: TLSv1.1 Handshake, length = 52" } { "logger" : "javax.net.ssl.handshake", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.105 PDT", "message" : "ClientHello", "specifics" : [ "client version": "TLSv1.1", "random": "4E 79 3F CF 8E F7 45 4C D0 0C 2A A5 EF 98 55 AB 89 10 0B 3A AB 38 DE 1D 72 75 E3 91 67 2C 2E 91", "session id": "", "cipher suites": [ "TLS_RSA_WITH_AES_128_CBC_SHA" ], "compression methods": "00", "extensions": "[{extension type: renegotiation_info,extension data: ""}]" ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.109 PDT", "message" : "[read] handshake hashes", "specifics" : [ 0000: 01 00 00 30 03 02 4E 79 3F CF 8E F7 45 4C D0 0C ...0..Ny?...EL.. 0010: 2A A5 EF 98 55 AB 89 10 0B 3A AB 38 DE 1D 72 75 *...U....:.8..ru 0020: E3 91 67 2C 2E 91 00 00 02 00 2F 01 00 00 05 FF ..g,....../..... 0030: 01 00 01 00 ] } { "logger" : "javax.net.ssl.management", "level" : "INFO", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.119 PDT", "message" : "Initialized: [Session-1, SSL_NULL_WITH_NULL_NULL]" } { "logger" : "javax.net.ssl.management", "level" : "INFO", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.121 PDT", "message" : "matching alias dummy" } { "logger" : "javax.net.ssl.management", "level" : "INFO", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.122 PDT", "message" : "Negotiating: [Session-1, TLS_RSA_WITH_AES_128_CBC_SHA]" } { "logger" : "javax.net.ssl.handshake", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.127 PDT", "message" : "ServerHello", "specifics" : [ "server version": "TLSv1.1", "random": "4E 79 3F CF 46 67 21 08 9E E8 04 89 85 5C C4 9D 4E 6A 1D DB EC 4B 8C 59 D8 48 45 4C AF 63 DF 90", "session id": "4E 79 3F CF 58 31 21 CF 20 59 82 51 5E 41 C4 B7 3D 54 10 E9 6E F4 EC 07 39 5C F5 71 E8 69 9C 15", "cipher suite": "TLS_RSA_WITH_AES_128_CBC_SHA", "compression method": "00", "extensions": "[{extension type: renegotiation_info,extension data: ""}]" ] } { "logger" : "javax.net.ssl.handshake", "level" : "INFO", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.131 PDT", "message" : "Cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA" } { "logger" : "javax.net.ssl.handshake", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.133 PDT", "message" : "certificate list", "specifics" : [ "certificate" : { "version" : "v1", "serial number" : "45 F3 A3 16", "signature algorithm": "MD5withRSA", "issuer" : "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US", "not before" : "2007-03-10 22:35:02.000 PST", "not after" : "2017-03-07 22:35:02.000 PST", "subject" : "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US", "subject public key" : "RSA"} ] } { "logger" : "javax.net.ssl.handshake", "level" : "INFO", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.139 PDT", "message" : "ServerHelloDone" } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.140 PDT", "message" : "[write] handshake hashes", "specifics" : [ 0000: 02 00 00 4D 03 02 4E 79 3F CF 46 67 21 08 9E E8 ...M..Ny?.Fg!... 0010: 04 89 85 5C C4 9D 4E 6A 1D DB EC 4B 8C 59 D8 48 ...\\..Nj...K.Y.H 0020: 45 4C AF 63 DF 90 20 4E 79 3F CF 58 31 21 CF 20 EL.c.. Ny?.X1!. 0030: 59 82 51 5E 41 C4 B7 3D 54 10 E9 6E F4 EC 07 39 Y.Q^A..=T..n...9 0040: 5C F5 71 E8 69 9C 15 00 2F 00 00 05 FF 01 00 01 \\.q.i.../....... 0050: 00 0B 00 02 50 00 02 4D 00 02 4A 30 82 02 46 30 ....P..M..J0..F0 0060: 82 01 AF 02 04 45 F3 A3 16 30 0D 06 09 2A 86 48 .....E...0...*.H 0070: 86 F7 0D 01 01 04 05 00 30 6A 31 0B 30 09 06 03 ........0j1.0... 0080: 55 04 06 13 02 55 53 31 0B 30 09 06 03 55 04 08 U....US1.0...U.. 0090: 13 02 43 41 31 12 30 10 06 03 55 04 07 13 09 43 ..CA1.0...U....C 00A0: 75 70 65 72 74 69 6E 6F 31 0E 30 0C 06 03 55 04 upertino1.0...U. 00B0: 0A 13 05 44 75 6D 6D 79 31 0E 30 0C 06 03 55 04 ...Dummy1.0...U. 00C0: 0B 13 05 44 75 6D 6D 79 31 1A 30 18 06 03 55 04 ...Dummy1.0...U. 00D0: 03 13 11 64 75 6D 6D 79 2E 65 78 61 6D 70 6C 65 ...dummy.example 00E0: 2E 63 6F 6D 30 1E 17 0D 30 37 30 33 31 31 30 36 .com0...07031106 00F0: 33 35 30 32 5A 17 0D 31 37 30 33 30 38 30 36 33 3502Z..170308063 0100: 35 30 32 5A 30 6A 31 0B 30 09 06 03 55 04 06 13 502Z0j1.0...U... 0110: 02 55 53 31 0B 30 09 06 03 55 04 08 13 02 43 41 .US1.0...U....CA 0120: 31 12 30 10 06 03 55 04 07 13 09 43 75 70 65 72 1.0...U....Cuper 0130: 74 69 6E 6F 31 0E 30 0C 06 03 55 04 0A 13 05 44 tino1.0...U....D 0140: 75 6D 6D 79 31 0E 30 0C 06 03 55 04 0B 13 05 44 ummy1.0...U....D 0150: 75 6D 6D 79 31 1A 30 18 06 03 55 04 03 13 11 64 ummy1.0...U....d 0160: 75 6D 6D 79 2E 65 78 61 6D 70 6C 65 2E 63 6F 6D ummy.example.com 0170: 30 81 9F 30 0D 06 09 2A 86 48 86 F7 0D 01 01 01 0..0...*.H...... 0180: 05 00 03 81 8D 00 30 81 89 02 81 81 00 9D C5 68 ......0........h 0190: 0F 53 C5 27 48 D3 45 94 47 DF E5 F7 B6 A6 53 08 .S.'H.E.G.....S. 01A0: C9 60 5F FA 57 C8 8A B8 A3 89 24 C6 38 C6 B5 6D .`_.W.....$.8..m 01B0: 25 D1 7C 3E AA BE A6 66 42 B5 75 18 59 67 AA 68 %..>...fB.u.Yg.h 01C0: 67 6B 9A 87 60 5D 54 F7 A6 A5 CA 97 5A 8C BE 4E gk..`]T.....Z..N 01D0: A3 6C 0E D0 3B B8 CE F5 A3 A2 5A 4C 08 06 B3 E9 .l..;.....ZL.... 01E0: 50 8A 56 D3 A3 50 86 C9 07 28 01 F0 6F 43 2F A4 P.V..P...(..oC/. 01F0: 44 A6 95 1D 9F 1D ED 8A 59 D2 C6 17 D1 E9 16 E5 D.......Y....... 0200: 00 31 BA F6 52 FD DD 8E B9 D9 E7 89 2F 02 03 01 .1..R......./... 0210: 00 01 30 0D 06 09 2A 86 48 86 F7 0D 01 01 04 05 ..0...*.H....... 0220: 00 03 81 81 00 54 C0 F0 8D 8D 09 8D C7 16 D4 17 .....T.......... 0230: DF 4F 42 92 15 87 9E BD 46 D1 D1 71 80 4A E0 E8 .OB.....F..q.J.. 0240: 08 34 E1 A8 DF AB 89 05 D7 60 B2 A7 B1 3D A1 3F .4.......`...=.? 0250: CC C6 85 5B 97 51 25 67 57 7C 18 D6 DA AA 47 1E ...[.Q%gW.....G. 0260: 01 2F 12 E0 D3 5F 44 47 8E 70 87 E5 82 64 61 03 ./..._DG.p...da. 0270: 01 E6 CE 95 4F 5A 94 1D EC 15 5A 73 89 6D 34 89 ....OZ....Zs.m4. 0280: 8E 15 81 56 85 07 37 2E D0 3B C5 90 2C 7C FF F4 ...V..7..;..,... 0290: 34 58 EC FF DF FF 11 82 F6 17 C8 49 53 AC FB 94 4X.........IS... 02A0: 06 65 B2 D7 68 0E 00 00 00 ] } { "logger" : "javax.net.ssl", "level" : "INFO", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.220 PDT", "message" : "WRITE: TLSv1.1 Handshake, length = 681" } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.220 PDT", "message" : "Raw read", "specifics" : [ 0000: 16 03 02 02 A9 ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.220 PDT", "message" : "Raw write", "specifics" : [ 0000: 16 03 02 02 A9 02 00 00 4D 03 02 4E 79 3F CF 46 ........M..Ny?.F 0010: 67 21 08 9E E8 04 89 85 5C C4 9D 4E 6A 1D DB EC g!......\\..Nj... 0020: 4B 8C 59 D8 48 45 4C AF 63 DF 90 20 4E 79 3F CF K.Y.HEL.c.. Ny?. 0030: 58 31 21 CF 20 59 82 51 5E 41 C4 B7 3D 54 10 E9 X1!. Y.Q^A..=T.. 0040: 6E F4 EC 07 39 5C F5 71 E8 69 9C 15 00 2F 00 00 n...9\\.q.i.../.. 0050: 05 FF 01 00 01 00 0B 00 02 50 00 02 4D 00 02 4A .........P..M..J 0060: 30 82 02 46 30 82 01 AF 02 04 45 F3 A3 16 30 0D 0..F0.....E...0. 0070: 06 09 2A 86 48 86 F7 0D 01 01 04 05 00 30 6A 31 ..*.H........0j1 0080: 0B 30 09 06 03 55 04 06 13 02 55 53 31 0B 30 09 .0...U....US1.0. 0090: 06 03 55 04 08 13 02 43 41 31 12 30 10 06 03 55 ..U....CA1.0...U 00A0: 04 07 13 09 43 75 70 65 72 74 69 6E 6F 31 0E 30 ....Cupertino1.0 00B0: 0C 06 03 55 04 0A 13 05 44 75 6D 6D 79 31 0E 30 ...U....Dummy1.0 00C0: 0C 06 03 55 04 0B 13 05 44 75 6D 6D 79 31 1A 30 ...U....Dummy1.0 00D0: 18 06 03 55 04 03 13 11 64 75 6D 6D 79 2E 65 78 ...U....dummy.ex 00E0: 61 6D 70 6C 65 2E 63 6F 6D 30 1E 17 0D 30 37 30 ample.com0...070 00F0: 33 31 31 30 36 33 35 30 32 5A 17 0D 31 37 30 33 311063502Z..1703 0100: 30 38 30 36 33 35 30 32 5A 30 6A 31 0B 30 09 06 08063502Z0j1.0.. 0110: 03 55 04 06 13 02 55 53 31 0B 30 09 06 03 55 04 .U....US1.0...U. 0120: 08 13 02 43 41 31 12 30 10 06 03 55 04 07 13 09 ...CA1.0...U.... 0130: 43 75 70 65 72 74 69 6E 6F 31 0E 30 0C 06 03 55 Cupertino1.0...U 0140: 04 0A 13 05 44 75 6D 6D 79 31 0E 30 0C 06 03 55 ....Dummy1.0...U 0150: 04 0B 13 05 44 75 6D 6D 79 31 1A 30 18 06 03 55 ....Dummy1.0...U 0160: 04 03 13 11 64 75 6D 6D 79 2E 65 78 61 6D 70 6C ....dummy.exampl 0170: 65 2E 63 6F 6D 30 81 9F 30 0D 06 09 2A 86 48 86 e.com0..0...*.H. 0180: F7 0D 01 01 01 05 00 03 81 8D 00 30 81 89 02 81 ...........0.... 0190: 81 00 9D C5 68 0F 53 C5 27 48 D3 45 94 47 DF E5 ....h.S.'H.E.G.. 01A0: F7 B6 A6 53 08 C9 60 5F FA 57 C8 8A B8 A3 89 24 ...S..`_.W.....$ 01B0: C6 38 C6 B5 6D 25 D1 7C 3E AA BE A6 66 42 B5 75 .8..m%..>...fB.u 01C0: 18 59 67 AA 68 67 6B 9A 87 60 5D 54 F7 A6 A5 CA .Yg.hgk..`]T.... 01D0: 97 5A 8C BE 4E A3 6C 0E D0 3B B8 CE F5 A3 A2 5A .Z..N.l..;.....Z 01E0: 4C 08 06 B3 E9 50 8A 56 D3 A3 50 86 C9 07 28 01 L....P.V..P...(. 01F0: F0 6F 43 2F A4 44 A6 95 1D 9F 1D ED 8A 59 D2 C6 .oC/.D.......Y.. 0200: 17 D1 E9 16 E5 00 31 BA F6 52 FD DD 8E B9 D9 E7 ......1..R...... 0210: 89 2F 02 03 01 00 01 30 0D 06 09 2A 86 48 86 F7 ./.....0...*.H.. 0220: 0D 01 01 04 05 00 03 81 81 00 54 C0 F0 8D 8D 09 ..........T..... 0230: 8D C7 16 D4 17 DF 4F 42 92 15 87 9E BD 46 D1 D1 ......OB.....F.. 0240: 71 80 4A E0 E8 08 34 E1 A8 DF AB 89 05 D7 60 B2 q.J...4.......`. 0250: A7 B1 3D A1 3F CC C6 85 5B 97 51 25 67 57 7C 18 ..=.?...[.Q%gW.. 0260: D6 DA AA 47 1E 01 2F 12 E0 D3 5F 44 47 8E 70 87 ...G../..._DG.p. 0270: E5 82 64 61 03 01 E6 CE 95 4F 5A 94 1D EC 15 5A ..da.....OZ....Z 0280: 73 89 6D 34 89 8E 15 81 56 85 07 37 2E D0 3B C5 s.m4....V..7..;. 0290: 90 2C 7C FF F4 34 58 EC FF DF FF 11 82 F6 17 C8 .,...4X......... 02A0: 49 53 AC FB 94 06 65 B2 D7 68 0E 00 00 00 ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.222 PDT", "message" : "Raw read", "specifics" : [ 0000: 02 00 00 4D 03 02 4E 79 3F CF 46 67 21 08 9E E8 ...M..Ny?.Fg!... 0010: 04 89 85 5C C4 9D 4E 6A 1D DB EC 4B 8C 59 D8 48 ...\\..Nj...K.Y.H 0020: 45 4C AF 63 DF 90 20 4E 79 3F CF 58 31 21 CF 20 EL.c.. Ny?.X1!. 0030: 59 82 51 5E 41 C4 B7 3D 54 10 E9 6E F4 EC 07 39 Y.Q^A..=T..n...9 0040: 5C F5 71 E8 69 9C 15 00 2F 00 00 05 FF 01 00 01 \\.q.i.../....... 0050: 00 0B 00 02 50 00 02 4D 00 02 4A 30 82 02 46 30 ....P..M..J0..F0 0060: 82 01 AF 02 04 45 F3 A3 16 30 0D 06 09 2A 86 48 .....E...0...*.H 0070: 86 F7 0D 01 01 04 05 00 30 6A 31 0B 30 09 06 03 ........0j1.0... 0080: 55 04 06 13 02 55 53 31 0B 30 09 06 03 55 04 08 U....US1.0...U.. 0090: 13 02 43 41 31 12 30 10 06 03 55 04 07 13 09 43 ..CA1.0...U....C 00A0: 75 70 65 72 74 69 6E 6F 31 0E 30 0C 06 03 55 04 upertino1.0...U. 00B0: 0A 13 05 44 75 6D 6D 79 31 0E 30 0C 06 03 55 04 ...Dummy1.0...U. 00C0: 0B 13 05 44 75 6D 6D 79 31 1A 30 18 06 03 55 04 ...Dummy1.0...U. 00D0: 03 13 11 64 75 6D 6D 79 2E 65 78 61 6D 70 6C 65 ...dummy.example 00E0: 2E 63 6F 6D 30 1E 17 0D 30 37 30 33 31 31 30 36 .com0...07031106 00F0: 33 35 30 32 5A 17 0D 31 37 30 33 30 38 30 36 33 3502Z..170308063 0100: 35 30 32 5A 30 6A 31 0B 30 09 06 03 55 04 06 13 502Z0j1.0...U... 0110: 02 55 53 31 0B 30 09 06 03 55 04 08 13 02 43 41 .US1.0...U....CA 0120: 31 12 30 10 06 03 55 04 07 13 09 43 75 70 65 72 1.0...U....Cuper 0130: 74 69 6E 6F 31 0E 30 0C 06 03 55 04 0A 13 05 44 tino1.0...U....D 0140: 75 6D 6D 79 31 0E 30 0C 06 03 55 04 0B 13 05 44 ummy1.0...U....D 0150: 75 6D 6D 79 31 1A 30 18 06 03 55 04 03 13 11 64 ummy1.0...U....d 0160: 75 6D 6D 79 2E 65 78 61 6D 70 6C 65 2E 63 6F 6D ummy.example.com 0170: 30 81 9F 30 0D 06 09 2A 86 48 86 F7 0D 01 01 01 0..0...*.H...... 0180: 05 00 03 81 8D 00 30 81 89 02 81 81 00 9D C5 68 ......0........h 0190: 0F 53 C5 27 48 D3 45 94 47 DF E5 F7 B6 A6 53 08 .S.'H.E.G.....S. 01A0: C9 60 5F FA 57 C8 8A B8 A3 89 24 C6 38 C6 B5 6D .`_.W.....$.8..m 01B0: 25 D1 7C 3E AA BE A6 66 42 B5 75 18 59 67 AA 68 %..>...fB.u.Yg.h 01C0: 67 6B 9A 87 60 5D 54 F7 A6 A5 CA 97 5A 8C BE 4E gk..`]T.....Z..N 01D0: A3 6C 0E D0 3B B8 CE F5 A3 A2 5A 4C 08 06 B3 E9 .l..;.....ZL.... 01E0: 50 8A 56 D3 A3 50 86 C9 07 28 01 F0 6F 43 2F A4 P.V..P...(..oC/. 01F0: 44 A6 95 1D 9F 1D ED 8A 59 D2 C6 17 D1 E9 16 E5 D.......Y....... 0200: 00 31 BA F6 52 FD DD 8E B9 D9 E7 89 2F 02 03 01 .1..R......./... 0210: 00 01 30 0D 06 09 2A 86 48 86 F7 0D 01 01 04 05 ..0...*.H....... 0220: 00 03 81 81 00 54 C0 F0 8D 8D 09 8D C7 16 D4 17 .....T.......... 0230: DF 4F 42 92 15 87 9E BD 46 D1 D1 71 80 4A E0 E8 .OB.....F..q.J.. 0240: 08 34 E1 A8 DF AB 89 05 D7 60 B2 A7 B1 3D A1 3F .4.......`...=.? 0250: CC C6 85 5B 97 51 25 67 57 7C 18 D6 DA AA 47 1E ...[.Q%gW.....G. 0260: 01 2F 12 E0 D3 5F 44 47 8E 70 87 E5 82 64 61 03 ./..._DG.p...da. 0270: 01 E6 CE 95 4F 5A 94 1D EC 15 5A 73 89 6D 34 89 ....OZ....Zs.m4. 0280: 8E 15 81 56 85 07 37 2E D0 3B C5 90 2C 7C FF F4 ...V..7..;..,... 0290: 34 58 EC FF DF FF 11 82 F6 17 C8 49 53 AC FB 94 4X.........IS... 02A0: 06 65 B2 D7 68 0E 00 00 00 ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.298 PDT", "message" : "READ: TLSv1.1 Handshake, length = 681" } { "logger" : "javax.net.ssl.handshake", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.299 PDT", "message" : "ServerHello", "specifics" : [ "server version": "TLSv1.1", "random": "4E 79 3F CF 46 67 21 08 9E E8 04 89 85 5C C4 9D 4E 6A 1D DB EC 4B 8C 59 D8 48 45 4C AF 63 DF 90", "session id": "4E 79 3F CF 58 31 21 CF 20 59 82 51 5E 41 C4 B7 3D 54 10 E9 6E F4 EC 07 39 5C F5 71 E8 69 9C 15", "cipher suite": "TLS_RSA_WITH_AES_128_CBC_SHA", "compression method": "00", "extensions": "[{extension type: renegotiation_info,extension data: ""}]" ] } { "logger" : "javax.net.ssl.management", "level" : "INFO", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.302 PDT", "message" : "Initialized: [Session-2, TLS_RSA_WITH_AES_128_CBC_SHA]" } { "logger" : "javax.net.ssl.handshake", "level" : "INFO", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.302 PDT", "message" : "Negotiated new cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA" } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.303 PDT", "message" : "[read] handshake hashes", "specifics" : [ 0000: 02 00 00 4D 03 02 4E 79 3F CF 46 67 21 08 9E E8 ...M..Ny?.Fg!... 0010: 04 89 85 5C C4 9D 4E 6A 1D DB EC 4B 8C 59 D8 48 ...\\..Nj...K.Y.H 0020: 45 4C AF 63 DF 90 20 4E 79 3F CF 58 31 21 CF 20 EL.c.. Ny?.X1!. 0030: 59 82 51 5E 41 C4 B7 3D 54 10 E9 6E F4 EC 07 39 Y.Q^A..=T..n...9 0040: 5C F5 71 E8 69 9C 15 00 2F 00 00 05 FF 01 00 01 \\.q.i.../....... 0050: 00 ] } { "logger" : "javax.net.ssl.handshake", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.317 PDT", "message" : "certificate list", "specifics" : [ "certificate" : { "version" : "v1", "serial number" : "45 F3 A3 16", "signature algorithm": "MD5withRSA", "issuer" : "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US", "not before" : "2007-03-10 22:35:02.000 PST", "not after" : "2017-03-07 22:35:02.000 PST", "subject" : "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US", "subject public key" : "RSA"} ] } { "logger" : "javax.net.ssl.management", "level" : "INFO", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.329 PDT", "message" : "Found trusted certificate:", "specifics" : [ "certificate" : { "version" : "v1", "serial number" : "45 F3 A3 16", "signature algorithm": "MD5withRSA", "issuer" : "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US", "not before" : "2007-03-10 22:35:02.000 PST", "not after" : "2017-03-07 22:35:02.000 PST", "subject" : "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US", "subject public key" : "RSA"} ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.333 PDT", "message" : "[read] handshake hashes", "specifics" : [ 0000: 0B 00 02 50 00 02 4D 00 02 4A 30 82 02 46 30 82 ...P..M..J0..F0. 0010: 01 AF 02 04 45 F3 A3 16 30 0D 06 09 2A 86 48 86 ....E...0...*.H. 0020: F7 0D 01 01 04 05 00 30 6A 31 0B 30 09 06 03 55 .......0j1.0...U 0030: 04 06 13 02 55 53 31 0B 30 09 06 03 55 04 08 13 ....US1.0...U... 0040: 02 43 41 31 12 30 10 06 03 55 04 07 13 09 43 75 .CA1.0...U....Cu 0050: 70 65 72 74 69 6E 6F 31 0E 30 0C 06 03 55 04 0A pertino1.0...U.. 0060: 13 05 44 75 6D 6D 79 31 0E 30 0C 06 03 55 04 0B ..Dummy1.0...U.. 0070: 13 05 44 75 6D 6D 79 31 1A 30 18 06 03 55 04 03 ..Dummy1.0...U.. 0080: 13 11 64 75 6D 6D 79 2E 65 78 61 6D 70 6C 65 2E ..dummy.example. 0090: 63 6F 6D 30 1E 17 0D 30 37 30 33 31 31 30 36 33 com0...070311063 00A0: 35 30 32 5A 17 0D 31 37 30 33 30 38 30 36 33 35 502Z..1703080635 00B0: 30 32 5A 30 6A 31 0B 30 09 06 03 55 04 06 13 02 02Z0j1.0...U.... 00C0: 55 53 31 0B 30 09 06 03 55 04 08 13 02 43 41 31 US1.0...U....CA1 00D0: 12 30 10 06 03 55 04 07 13 09 43 75 70 65 72 74 .0...U....Cupert 00E0: 69 6E 6F 31 0E 30 0C 06 03 55 04 0A 13 05 44 75 ino1.0...U....Du 00F0: 6D 6D 79 31 0E 30 0C 06 03 55 04 0B 13 05 44 75 mmy1.0...U....Du 0100: 6D 6D 79 31 1A 30 18 06 03 55 04 03 13 11 64 75 mmy1.0...U....du 0110: 6D 6D 79 2E 65 78 61 6D 70 6C 65 2E 63 6F 6D 30 mmy.example.com0 0120: 81 9F 30 0D 06 09 2A 86 48 86 F7 0D 01 01 01 05 ..0...*.H....... 0130: 00 03 81 8D 00 30 81 89 02 81 81 00 9D C5 68 0F .....0........h. 0140: 53 C5 27 48 D3 45 94 47 DF E5 F7 B6 A6 53 08 C9 S.'H.E.G.....S.. 0150: 60 5F FA 57 C8 8A B8 A3 89 24 C6 38 C6 B5 6D 25 `_.W.....$.8..m% 0160: D1 7C 3E AA BE A6 66 42 B5 75 18 59 67 AA 68 67 ..>...fB.u.Yg.hg 0170: 6B 9A 87 60 5D 54 F7 A6 A5 CA 97 5A 8C BE 4E A3 k..`]T.....Z..N. 0180: 6C 0E D0 3B B8 CE F5 A3 A2 5A 4C 08 06 B3 E9 50 l..;.....ZL....P 0190: 8A 56 D3 A3 50 86 C9 07 28 01 F0 6F 43 2F A4 44 .V..P...(..oC/.D 01A0: A6 95 1D 9F 1D ED 8A 59 D2 C6 17 D1 E9 16 E5 00 .......Y........ 01B0: 31 BA F6 52 FD DD 8E B9 D9 E7 89 2F 02 03 01 00 1..R......./.... 01C0: 01 30 0D 06 09 2A 86 48 86 F7 0D 01 01 04 05 00 .0...*.H........ 01D0: 03 81 81 00 54 C0 F0 8D 8D 09 8D C7 16 D4 17 DF ....T........... 01E0: 4F 42 92 15 87 9E BD 46 D1 D1 71 80 4A E0 E8 08 OB.....F..q.J... 01F0: 34 E1 A8 DF AB 89 05 D7 60 B2 A7 B1 3D A1 3F CC 4.......`...=.?. 0200: C6 85 5B 97 51 25 67 57 7C 18 D6 DA AA 47 1E 01 ..[.Q%gW.....G.. 0210: 2F 12 E0 D3 5F 44 47 8E 70 87 E5 82 64 61 03 01 /..._DG.p...da.. 0220: E6 CE 95 4F 5A 94 1D EC 15 5A 73 89 6D 34 89 8E ...OZ....Zs.m4.. 0230: 15 81 56 85 07 37 2E D0 3B C5 90 2C 7C FF F4 34 ..V..7..;..,...4 0240: 58 EC FF DF FF 11 82 F6 17 C8 49 53 AC FB 94 06 X.........IS.... 0250: 65 B2 D7 68 ] } { "logger" : "javax.net.ssl.handshake", "level" : "INFO", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.398 PDT", "message" : "ServerHelloDone" } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.399 PDT", "message" : "[read] handshake hashes", "specifics" : [ 0000: 0E 00 00 00 ] } { "logger" : "javax.net.ssl.handshake", "level" : "INFO", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.425 PDT", "message" : "ClientKeyExchange, RSA PreMasterSecret, TLSv1.1" } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.426 PDT", "message" : "[write] handshake hashes", "specifics" : [ 0000: 10 00 00 82 00 80 0C 98 0C 90 DB A0 59 98 F1 1E ............Y... 0010: 81 B6 69 52 99 00 EB 38 A5 72 45 E5 E5 99 0D 99 ..iR...8.rE..... 0020: 44 25 67 79 14 A9 B4 ED B6 42 33 33 4F A6 86 52 D%gy.....B33O..R 0030: 63 ED 99 6B 62 64 65 16 D0 55 09 E5 33 90 87 CA c..kbde..U..3... 0040: 05 7E 74 BB F4 F3 39 10 78 57 CD 1E 96 0E 80 41 ..t...9.xW.....A 0050: 42 D4 1F 79 56 B0 B8 2A E9 0C C2 E8 75 A3 89 D2 B..yV..*....u... 0060: 0D D6 8F 40 A4 F4 4D 66 50 57 6D D7 C8 19 61 C4 ... at ..MfPWm...a. 0070: 97 43 1F 84 03 AA 61 5D 77 1B 6D 1A EA 8A 1A EA .C....a]w.m..... 0080: 48 E5 8A 29 E0 CB ] } { "logger" : "javax.net.ssl", "level" : "INFO", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.440 PDT", "message" : "WRITE: TLSv1.1 Handshake, length = 134" } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.440 PDT", "message" : "Raw read", "specifics" : [ 0000: 16 03 02 00 86 ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.440 PDT", "message" : "Raw write", "specifics" : [ 0000: 16 03 02 00 86 10 00 00 82 00 80 0C 98 0C 90 DB ................ 0010: A0 59 98 F1 1E 81 B6 69 52 99 00 EB 38 A5 72 45 .Y.....iR...8.rE 0020: E5 E5 99 0D 99 44 25 67 79 14 A9 B4 ED B6 42 33 .....D%gy.....B3 0030: 33 4F A6 86 52 63 ED 99 6B 62 64 65 16 D0 55 09 3O..Rc..kbde..U. 0040: E5 33 90 87 CA 05 7E 74 BB F4 F3 39 10 78 57 CD .3.....t...9.xW. 0050: 1E 96 0E 80 41 42 D4 1F 79 56 B0 B8 2A E9 0C C2 ....AB..yV..*... 0060: E8 75 A3 89 D2 0D D6 8F 40 A4 F4 4D 66 50 57 6D .u...... at ..MfPWm 0070: D7 C8 19 61 C4 97 43 1F 84 03 AA 61 5D 77 1B 6D ...a..C....a]w.m 0080: 1A EA 8A 1A EA 48 E5 8A 29 E0 CB ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.441 PDT", "message" : "Raw read", "specifics" : [ 0000: 10 00 00 82 00 80 0C 98 0C 90 DB A0 59 98 F1 1E ............Y... 0010: 81 B6 69 52 99 00 EB 38 A5 72 45 E5 E5 99 0D 99 ..iR...8.rE..... 0020: 44 25 67 79 14 A9 B4 ED B6 42 33 33 4F A6 86 52 D%gy.....B33O..R 0030: 63 ED 99 6B 62 64 65 16 D0 55 09 E5 33 90 87 CA c..kbde..U..3... 0040: 05 7E 74 BB F4 F3 39 10 78 57 CD 1E 96 0E 80 41 ..t...9.xW.....A 0050: 42 D4 1F 79 56 B0 B8 2A E9 0C C2 E8 75 A3 89 D2 B..yV..*....u... 0060: 0D D6 8F 40 A4 F4 4D 66 50 57 6D D7 C8 19 61 C4 ... at ..MfPWm...a. 0070: 97 43 1F 84 03 AA 61 5D 77 1B 6D 1A EA 8A 1A EA .C....a]w.m..... 0080: 48 E5 8A 29 E0 CB ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.454 PDT", "message" : "READ: TLSv1.1 Handshake, length = 134" } { "logger" : "javax.net.ssl.handshake", "level" : "INFO", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.457 PDT", "message" : "ClientKeyExchange, RSA PreMasterSecret, TLSv1.1" } { "logger" : "javax.net.ssl.handshake", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.453 PDT", "message" : "SESSION KEYGEN, PreMaster Secret", "specifics" : [ 0000: 03 02 48 B2 91 B2 0E 63 96 14 ED FA 77 8E EF 67 ..H....c....w..g 0010: 40 42 65 9D C2 5B 37 60 E3 D1 48 BF 42 2B F3 20 @Be..[7`..H.B+. 0020: 6E 06 27 6C D7 8C E5 FA 77 91 96 EE ED 89 95 AA n.'l....w....... ] } { "logger" : "javax.net.ssl.handshake", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.458 PDT", "message" : "SESSION KEYGEN, PreMaster Secret", "specifics" : [ 0000: 03 02 48 B2 91 B2 0E 63 96 14 ED FA 77 8E EF 67 ..H....c....w..g 0010: 40 42 65 9D C2 5B 37 60 E3 D1 48 BF 42 2B F3 20 @Be..[7`..H.B+. 0020: 6E 06 27 6C D7 8C E5 FA 77 91 96 EE ED 89 95 AA n.'l....w....... ] } { "logger" : "javax.net.ssl.handshake", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.485 PDT", "message" : "CONNECTION KEYGEN", "specifics" : [ "client nonce": "4E 79 3F CF 8E F7 45 4C D0 0C 2A A5 EF 98 55 AB 89 10 0B 3A AB 38 DE 1D 72 75 E3 91 67 2C 2E 91", "server nonce": "4E 79 3F CF 46 67 21 08 9E E8 04 89 85 5C C4 9D 4E 6A 1D DB EC 4B 8C 59 D8 48 45 4C AF 63 DF 90", "master secret": "2B BB 6A 34 9E 42 F6 4B 1C 02 C6 A3 C6 52 4F EE EF B7 27 66 5F 73 33 9A EF 98 CA FB E9 07 F8 BC DF 28 3D 1F 10 0D BC 4D AF CC AE 4D 43 AE CF 29", "client MAC write secret": "2E 4B 09 1D 8E C9 66 79 7B 4C 6E 83 42 40 96 F4 BA B9 42 11", "server MAC write secret": "25 AA DC 76 52 2A C4 42 2B 99 83 B7 A7 9E 97 F0 C1 C1 C4 1D", "client write key": "6C A8 0B 53 42 47 3E D5 CE 6A 14 5F 62 73 42 5C", "server write key": "4D D7 EC 32 27 20 C5 66 CC 6E 7B C1 10 94 8E D8" ] } { "logger" : "javax.net.ssl.handshake", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.485 PDT", "message" : "CONNECTION KEYGEN", "specifics" : [ "client nonce": "4E 79 3F CF 8E F7 45 4C D0 0C 2A A5 EF 98 55 AB 89 10 0B 3A AB 38 DE 1D 72 75 E3 91 67 2C 2E 91", "server nonce": "4E 79 3F CF 46 67 21 08 9E E8 04 89 85 5C C4 9D 4E 6A 1D DB EC 4B 8C 59 D8 48 45 4C AF 63 DF 90", "master secret": "2B BB 6A 34 9E 42 F6 4B 1C 02 C6 A3 C6 52 4F EE EF B7 27 66 5F 73 33 9A EF 98 CA FB E9 07 F8 BC DF 28 3D 1F 10 0D BC 4D AF CC AE 4D 43 AE CF 29", "client MAC write secret": "2E 4B 09 1D 8E C9 66 79 7B 4C 6E 83 42 40 96 F4 BA B9 42 11", "server MAC write secret": "25 AA DC 76 52 2A C4 42 2B 99 83 B7 A7 9E 97 F0 C1 C1 C4 1D", "client write key": "6C A8 0B 53 42 47 3E D5 CE 6A 14 5F 62 73 42 5C", "server write key": "4D D7 EC 32 27 20 C5 66 CC 6E 7B C1 10 94 8E D8" ] } { "logger" : "javax.net.ssl", "level" : "INFO", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.498 PDT", "message" : "WRITE: TLSv1.1 Change Cipher Spec, length = 1" } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.488 PDT", "message" : "[read] handshake hashes", "specifics" : [ 0000: 10 00 00 82 00 80 0C 98 0C 90 DB A0 59 98 F1 1E ............Y... 0010: 81 B6 69 52 99 00 EB 38 A5 72 45 E5 E5 99 0D 99 ..iR...8.rE..... 0020: 44 25 67 79 14 A9 B4 ED B6 42 33 33 4F A6 86 52 D%gy.....B33O..R 0030: 63 ED 99 6B 62 64 65 16 D0 55 09 E5 33 90 87 CA c..kbde..U..3... 0040: 05 7E 74 BB F4 F3 39 10 78 57 CD 1E 96 0E 80 41 ..t...9.xW.....A 0050: 42 D4 1F 79 56 B0 B8 2A E9 0C C2 E8 75 A3 89 D2 B..yV..*....u... 0060: 0D D6 8F 40 A4 F4 4D 66 50 57 6D D7 C8 19 61 C4 ... at ..MfPWm...a. 0070: 97 43 1F 84 03 AA 61 5D 77 1B 6D 1A EA 8A 1A EA .C....a]w.m..... 0080: 48 E5 8A 29 E0 CB ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.499 PDT", "message" : "Raw write", "specifics" : [ 0000: 14 03 02 00 01 01 ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.500 PDT", "message" : "Raw read", "specifics" : [ 0000: 14 03 02 00 01 ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.501 PDT", "message" : "Raw read", "specifics" : [ 0000: 01 ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.502 PDT", "message" : "READ: TLSv1.1 Change Cipher Spec, length = 1" } { "logger" : "javax.net.ssl.handshake", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.508 PDT", "message" : "Finished", "specifics" : [ "verify data": "C5 9B C5 4A 54 8F 6F D2 EF 41 34 BA" ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.509 PDT", "message" : "[write] handshake hashes", "specifics" : [ 0000: 14 00 00 0C C5 9B C5 4A 54 8F 6F D2 EF 41 34 BA .......JT.o..A4. ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.512 PDT", "message" : "Padded plaintext before ENCRYPTION", "specifics" : [ 0000: 0F 82 77 A3 A0 37 5A 03 5D 18 AE F3 01 80 17 84 ..w..7Z.]....... 0010: 14 00 00 0C C5 9B C5 4A 54 8F 6F D2 EF 41 34 BA .......JT.o..A4. 0020: BD 0B 71 6B C5 BE DD 7B B5 02 71 0F 06 42 93 B5 ..qk......q..B.. 0030: BC E5 4B 16 0B 0B 0B 0B 0B 0B 0B 0B 0B 0B 0B 0B ..K............. ] } { "logger" : "javax.net.ssl", "level" : "INFO", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.518 PDT", "message" : "WRITE: TLSv1.1 Handshake, length = 64" } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.519 PDT", "message" : "Raw read", "specifics" : [ 0000: 16 03 02 00 40 ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.519 PDT", "message" : "Raw write", "specifics" : [ 0000: 16 03 02 00 40 12 E1 28 88 4B 01 83 7E C0 EF 9C .... at ..(.K...... 0010: 46 0E 77 3F 80 F1 4D DE DE 42 A4 BF 5B D4 96 0D F.w?..M..B..[... 0020: 00 53 DF 27 56 4B D4 09 D7 6B AE 25 8A 77 55 CE .S.'VK...k.%.wU. 0030: 31 69 91 A5 82 DD 96 18 31 B8 2A FE 80 E9 CC 0D 1i......1.*..... 0040: 6E ED 41 91 1E ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.520 PDT", "message" : "Raw read", "specifics" : [ 0000: 12 E1 28 88 4B 01 83 7E C0 EF 9C 46 0E 77 3F 80 ..(.K......F.w?. 0010: F1 4D DE DE 42 A4 BF 5B D4 96 0D 00 53 DF 27 56 .M..B..[....S.'V 0020: 4B D4 09 D7 6B AE 25 8A 77 55 CE 31 69 91 A5 82 K...k.%.wU.1i... 0030: DD 96 18 31 B8 2A FE 80 E9 CC 0D 6E ED 41 91 1E ...1.*.....n.A.. ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.526 PDT", "message" : "READ: TLSv1.1 Handshake, length = 64" } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.527 PDT", "message" : "Padded plaintext after ENCRYPTION", "specifics" : [ 0000: E5 40 4C 6A CB 7F 66 A4 D0 1D 0C 6A C8 57 3D 43 . at Lj..f....j.W=C 0010: 14 00 00 0C C5 9B C5 4A 54 8F 6F D2 EF 41 34 BA .......JT.o..A4. 0020: BD 0B 71 6B C5 BE DD 7B B5 02 71 0F 06 42 93 B5 ..qk......q..B.. 0030: BC E5 4B 16 0B 0B 0B 0B 0B 0B 0B 0B 0B 0B 0B 0B ..K............. ] } { "logger" : "javax.net.ssl.handshake", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.533 PDT", "message" : "Finished", "specifics" : [ "verify data": "C5 9B C5 4A 54 8F 6F D2 EF 41 34 BA" ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.534 PDT", "message" : "[read] handshake hashes", "specifics" : [ 0000: 14 00 00 0C C5 9B C5 4A 54 8F 6F D2 EF 41 34 BA .......JT.o..A4. ] } { "logger" : "javax.net.ssl", "level" : "INFO", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.537 PDT", "message" : "WRITE: TLSv1.1 Change Cipher Spec, length = 1" } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.538 PDT", "message" : "Raw read", "specifics" : [ 0000: 14 03 02 00 01 ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.538 PDT", "message" : "Raw write", "specifics" : [ 0000: 14 03 02 00 01 01 ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.539 PDT", "message" : "Raw read", "specifics" : [ 0000: 01 ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.540 PDT", "message" : "READ: TLSv1.1 Change Cipher Spec, length = 1" } { "logger" : "javax.net.ssl.handshake", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.540 PDT", "message" : "Finished", "specifics" : [ "verify data": "E6 4D F4 F7 7D 67 1F 04 E5 5A 64 6F" ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.540 PDT", "message" : "[write] handshake hashes", "specifics" : [ 0000: 14 00 00 0C E6 4D F4 F7 7D 67 1F 04 E5 5A 64 6F .....M...g...Zdo ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.543 PDT", "message" : "Padded plaintext before ENCRYPTION", "specifics" : [ 0000: A2 D0 1F 57 51 7E 92 85 54 A2 F5 76 5F DA 47 3B ...WQ...T..v_.G; 0010: 14 00 00 0C E6 4D F4 F7 7D 67 1F 04 E5 5A 64 6F .....M...g...Zdo 0020: 58 C0 D0 7F 3D B2 41 1B FF D3 48 2D CB 55 64 CA X...=.A...H-.Ud. 0030: 71 02 25 2F 0B 0B 0B 0B 0B 0B 0B 0B 0B 0B 0B 0B q.%/............ ] } { "logger" : "javax.net.ssl", "level" : "INFO", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.549 PDT", "message" : "WRITE: TLSv1.1 Handshake, length = 64" } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.549 PDT", "message" : "Raw read", "specifics" : [ 0000: 16 03 02 00 40 ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.549 PDT", "message" : "Raw write", "specifics" : [ 0000: 16 03 02 00 40 75 86 0E FB 02 CB AE 08 B5 B4 DC .... at u.......... 0010: 0F 62 BC C4 C2 0C 33 D9 F4 62 CD 7C 69 CA 86 80 .b....3..b..i... 0020: D7 50 71 9D 9C 2A B5 B9 49 85 9B 0A 8A AF 95 A0 .Pq..*..I....... 0030: C0 7C 0D D6 87 F6 0B 00 D0 AA C6 A6 E7 16 C5 F7 ................ 0040: 92 9A 53 47 CF ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.550 PDT", "message" : "Raw read", "specifics" : [ 0000: 75 86 0E FB 02 CB AE 08 B5 B4 DC 0F 62 BC C4 C2 u...........b... 0010: 0C 33 D9 F4 62 CD 7C 69 CA 86 80 D7 50 71 9D 9C .3..b..i....Pq.. 0020: 2A B5 B9 49 85 9B 0A 8A AF 95 A0 C0 7C 0D D6 87 *..I............ 0030: F6 0B 00 D0 AA C6 A6 E7 16 C5 F7 92 9A 53 47 CF .............SG. ] } { "logger" : "javax.net.ssl.handshake", "level" : "INFO", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.556 PDT", "message" : "Cached server session: [Session-1, TLS_RSA_WITH_AES_128_CBC_SHA]" } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.557 PDT", "message" : "READ: TLSv1.1 Handshake, length = 64" } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.557 PDT", "message" : "Padded plaintext after ENCRYPTION", "specifics" : [ 0000: 7D A2 05 19 C1 40 DB 84 D7 A9 77 2B A7 0B 4C 8B ..... at ....w+..L. 0010: 14 00 00 0C E6 4D F4 F7 7D 67 1F 04 E5 5A 64 6F .....M...g...Zdo 0020: 58 C0 D0 7F 3D B2 41 1B FF D3 48 2D CB 55 64 CA X...=.A...H-.Ud. 0030: 71 02 25 2F 0B 0B 0B 0B 0B 0B 0B 0B 0B 0B 0B 0B q.%/............ ] } { "logger" : "javax.net.ssl.handshake", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.563 PDT", "message" : "Finished", "specifics" : [ "verify data": "E6 4D F4 F7 7D 67 1F 04 E5 5A 64 6F" ] } { "logger" : "javax.net.ssl.handshake", "level" : "INFO", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.565 PDT", "message" : "Cached client session: [Session-2, TLS_RSA_WITH_AES_128_CBC_SHA]" } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.565 PDT", "message" : "[read] handshake hashes", "specifics" : [ 0000: 14 00 00 0C E6 4D F4 F7 7D 67 1F 04 E5 5A 64 6F .....M...g...Zdo ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.568 PDT", "message" : "Padded plaintext before ENCRYPTION", "specifics" : [ 0000: B1 94 D9 EB BF 06 5C 8C 23 6F 45 EE 57 B6 37 AF ......\\.#oE.W.7. 0010: 42 5A BB B8 73 10 23 BB 9F 16 03 B3 AF 93 C8 A4 BZ..s.#......... 0020: A4 FC B1 F3 99 0A 0A 0A 0A 0A 0A 0A 0A 0A 0A 0A ................ ] } { "logger" : "javax.net.ssl", "level" : "INFO", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.572 PDT", "message" : "WRITE: TLSv1.1 Application Data, length = 48" } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.573 PDT", "message" : "Raw read", "specifics" : [ 0000: 17 03 02 00 30 ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.573 PDT", "message" : "Raw write", "specifics" : [ 0000: 17 03 02 00 30 85 87 17 A6 7D F3 64 DF A9 CA D0 ....0......d.... 0010: 0D AA 7D 0B 19 53 9F 77 AC C7 FE 38 85 E0 00 82 .....S.w...8.... 0020: 55 5A E2 21 B2 E8 06 FE 27 A0 C2 22 D6 CF 96 82 UZ.!....'..".... 0030: B2 9C 4E 15 24 ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.574 PDT", "message" : "Raw read", "specifics" : [ 0000: 85 87 17 A6 7D F3 64 DF A9 CA D0 0D AA 7D 0B 19 ......d......... 0010: 53 9F 77 AC C7 FE 38 85 E0 00 82 55 5A E2 21 B2 S.w...8....UZ.!. 0020: E8 06 FE 27 A0 C2 22 D6 CF 96 82 B2 9C 4E 15 24 ...'.."......N.$ ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.579 PDT", "message" : "READ: TLSv1.1 Application Data, length = 48" } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.579 PDT", "message" : "Padded plaintext after ENCRYPTION", "specifics" : [ 0000: B1 94 D9 EB BF 06 5C 8C 23 6F 45 EE 57 B6 37 AF ......\\.#oE.W.7. 0010: 42 5A BB B8 73 10 23 BB 9F 16 03 B3 AF 93 C8 A4 BZ..s.#......... 0020: A4 FC B1 F3 99 0A 0A 0A 0A 0A 0A 0A 0A 0A 0A 0A ................ ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.584 PDT", "message" : "Padded plaintext before ENCRYPTION", "specifics" : [ 0000: 40 48 CB F0 74 B1 BF 71 BA 0D 2E DE 43 EA 1B 2D @H..t..q....C..- 0010: 41 56 A9 7A 34 DA 47 90 EB E4 61 61 FA 8C 69 B2 AV.z4.G...aa..i. 0020: FA 6E 52 25 33 0A 0A 0A 0A 0A 0A 0A 0A 0A 0A 0A .nR%3........... ] } { "logger" : "javax.net.ssl", "level" : "INFO", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.589 PDT", "message" : "WRITE: TLSv1.1 Application Data, length = 48" } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.589 PDT", "message" : "Raw read", "specifics" : [ 0000: 17 03 02 00 30 ] } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.589 PDT", "message" : "Raw write", "specifics" : [ 0000: 17 03 02 00 30 2A 26 E0 B3 A4 DB BB BC 33 48 85 ....0*&......3H. 0010: 72 13 EE 4B AC 20 6E FA E0 FA BF A1 61 9F 68 A7 r..K. n.....a.h. 0020: 06 0D 33 1E B2 95 B4 59 72 F6 C2 62 D6 68 58 CA ..3....Yr..b.hX. 0030: 27 6E 2A 73 EC ] } { "logger" : "javax.net.ssl", "level" : "INFO", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.594 PDT", "message" : "called close()" } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.590 PDT", "message" : "Raw read", "specifics" : [ 0000: 2A 26 E0 B3 A4 DB BB BC 33 48 85 72 13 EE 4B AC *&......3H.r..K. 0010: 20 6E FA E0 FA BF A1 61 9F 68 A7 06 0D 33 1E B2 n.....a.h...3.. 0020: 95 B4 59 72 F6 C2 62 D6 68 58 CA 27 6E 2A 73 EC ..Yr..b.hX.'n*s. ] } { "logger" : "javax.net.ssl", "level" : "INFO", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.595 PDT", "message" : "called closeInternal(true)" } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.595 PDT", "message" : "READ: TLSv1.1 Application Data, length = 48" } { "logger" : "javax.net.ssl", "level" : "WARNING", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.596 PDT", "message" : "SEND TLSv1.1 ALERT: RECV TLSv1.1 ALERT: warning, close_notify" } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.595 PDT", "message" : "Padded plaintext after ENCRYPTION", "specifics" : [ 0000: 40 48 CB F0 74 B1 BF 71 BA 0D 2E DE 43 EA 1B 2D @H..t..q....C..- 0010: 41 56 A9 7A 34 DA 47 90 EB E4 61 61 FA 8C 69 B2 AV.z4.G...aa..i. 0020: FA 6E 52 25 33 0A 0A 0A 0A 0A 0A 0A 0A 0A 0A 0A .nR%3........... ] } { "logger" : "javax.net.ssl", "level" : "INFO", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.600 PDT", "message" : "called close()" } { "logger" : "javax.net.ssl", "level" : "INFO", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.600 PDT", "message" : "called closeInternal(true)" } { "logger" : "javax.net.ssl", "level" : "WARNING", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.601 PDT", "message" : "SEND TLSv1.1 ALERT: RECV TLSv1.1 ALERT: warning, close_notify" } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.597 PDT", "message" : "Padded plaintext before ENCRYPTION", "specifics" : [ 0000: 1E CD 89 B6 D4 75 35 A2 71 CE 96 4B 55 16 28 C8 .....u5.q..KU.(. 0010: 01 00 FE FF FF D0 64 6F 1A 08 6F F6 7A 0F C1 81 ......do..o.z... 0020: 7E 31 00 87 7F C9 09 09 09 09 09 09 09 09 09 09 .1.............. ] } { "logger" : "javax.net.ssl", "level" : "INFO", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.602 PDT", "message" : "WRITE: TLSv1.1 Alert, length = 48" } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.601 PDT", "message" : "Padded plaintext before ENCRYPTION", "specifics" : [ 0000: 1D 73 7C 82 38 55 08 B0 6E A6 6D 85 89 21 17 A3 .s..8U..n.m..!.. 0010: 01 00 BC 01 06 83 CC 33 F7 85 77 0F 34 CE AE 27 .......3..w.4..' 0020: 1C B6 7E 79 2F FE 09 09 09 09 09 09 09 09 09 09 ...y/........... ] } { "logger" : "javax.net.ssl", "level" : "INFO", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.606 PDT", "message" : "WRITE: TLSv1.1 Alert, length = 48" } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.603 PDT", "message" : "Raw write", "specifics" : [ 0000: 15 03 02 00 30 1C 34 6A 03 A1 D0 0D 32 DA 06 BD ....0.4j....2... 0010: CB 25 4F 16 EB 0D 8E E3 BD 78 7B 42 2E 49 E0 CC .%O......x.B.I.. 0020: 83 7F FE E0 13 C2 7B B3 3A 4D 4C 1B 62 05 03 39 ........:ML.b..9 0030: 1E C3 94 12 EC ] } { "logger" : "javax.net.ssl", "level" : "INFO", "thread id" : "09", "thread name" : "MainThread", "time" : "2011-09-20 18:37:19.608 PDT", "message" : "called closeSocket(selfInitiated)" } { "logger" : "javax.net.ssl", "level" : "FINE", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.607 PDT", "message" : "Raw write", "specifics" : [ 0000: 15 03 02 00 30 AA 83 53 92 30 C8 4E 50 68 71 F6 ....0..S.0.NPhq. 0010: D5 7C 9E 78 81 2B B5 B2 90 82 A1 D2 49 F0 FF C0 ...x.+......I... 0020: 15 83 6A ED 18 13 47 5B 51 65 A6 7F 42 71 1E FF ..j...G[Qe..Bq.. 0030: 33 ED F7 BF 4C ] } { "logger" : "javax.net.ssl", "level" : "INFO", "thread id" : "0A", "thread name" : "Thread-1", "time" : "2011-09-20 18:37:19.611 PDT", "message" : "called closeSocket(selfInitiated)" } ----------System.err:(1/15)---------- STATUS:Passed. result: Passed. Execution successful test result: Passed. Execution successful From xuelei.fan at oracle.com Wed Sep 21 03:52:00 2011 From: xuelei.fan at oracle.com (Xuelei Fan) Date: Wed, 21 Sep 2011 11:52:00 +0800 Subject: code review request: 7089889: Krb5LoginModule.login() throws an exception if used without a keytab In-Reply-To: <4E7826E5.1090205@oracle.com> References: <4E72C9D8.6070206@oracle.com> <4E72E566.1080002@oracle.com> <4E7826E5.1090205@oracle.com> Message-ID: <4E795F60.5070809@oracle.com> On 9/20/2011 1:38 PM, Weijun Wang wrote: > Any more comment? > > Thanks > Max > > On 09/16/2011 01:57 PM, Weijun Wang wrote: >> >> >> On 09/16/2011 01:45 PM, Xuelei Fan wrote: >>> My first impression about the fix: >>> 1. Do you want to update getKeys() comments about isInitiator value? >> >> OK. I'll simply remove the "(in JAAS words, isInitiator=true and >> storeKey=true)" line. >> Do you also need to remove "This is used when the client supplies passowrd but need ...". I think it is the same as "in JAAS words, ...". >>> >>> 2. It seems that when isInitiator is true, getKeys() should throw >>> exception if the state is not OK, right? If so, it looks like that the >>> update of getKeys() will not throw ISE if the state is INIT. Does INIT >>> state is enough in such case? >> >> The KrbAsReqBuilder class does not know about isInitiator so it cannot >> make any decision based on it. I'll leave that to its caller. When >> username/password is provided, getKeys() can be called as soon as the >> object is created, and it returns keys with default salt. If AS-REQ is >> performed and state goes OK and the method is called again, the salt >> might be updated in PA-DATA. >> I'm not sure whether the getKeys() return the expected keys when the state is INIT. It should be OK as it is an internal class, but as requires that the caller always looks like: if (isInitiator) { // action to update the state to OK } encKeys = builder.getKeys(); Is getKeys() only be called by Krb5LoginModule.java? If not, I think we may need to rethink about the change of the behaviors. Otherwise, it is OK. However, is it a little simpler to update builder.getKeys() to builder.getKeys(boolean isInitiator)? Xuelei >> Thanks >> Max >> >> >>> >>> Xuelei >>> >>> On Sep 16, 2011, at 12:00 PM, Weijun Wang wrote: >>> >>>> Hi All >>>> >>>> Code changes at >>>> >>>> http://cr.openjdk.java.net/~weijun/7089889/webrev.00/ >>>> >>>> KrbAsReqBuilder maintains a state enforcement: at the beginning it's >>>> INIT, after doing an AS-REQ it's OK, and we used to only allow >>>> getKeys() to be called when the state is OK. Now if an acceptor has >>>> isInitiator=false, the OK state will never be reached. In most cases, >>>> an acceptor uses a keytab so getKeys() is not called. However, if it >>>> uses username/password (most likely in a peer-to-peer case and the >>>> acceptor chooses not to login), getKeys() is needed and an exception >>>> is thrown. >>>> >>>> This code change makes getKeys() callable at both INIT and OK states. >>>> In order to do this, the checkState() method now accepts varargs. >>>> >>>> I'll backport this to 7u2, and since 7u2 is now in phase 2, I think I >>>> need at least 2 reviewers. >>>> >>>> Thanks >>>> Max >>>> >>>> -------- Original Message -------- >>>> >>>> *Change Request ID*: 7089889 >>>> >>>> *Synopsis*: Krb5LoginModule.login() throws an exception if used >>>> without a keytab >>>> >>>> >>>> === *Description* >>>> ============================================================ >>>> FULL PRODUCT VERSION : >>>> java version "1.7.0" >>>> Java(TM) SE Runtime Environment (build 1.7.0-b147) >>>> Java HotSpot(TM) Client VM (build 21.0-b17, mixed mode, sharing) >>>> >>>> A DESCRIPTION OF THE PROBLEM : >>>> The call to LoginContext.login() fails with an exception if the >>>> LoginContext is configured to use Krb5LoginModule with the following >>>> options: >>>> >>>> storeKey="true" >>>> useKeyTab="false" >>>> isInitiator="false" >>>> >>>> This appears to be a regression due to an attempt to solve bug >>>> '6941083'. >>>> >>>> The following source code is taken from >>>> Kb5LoginModule.attemptAuthentication(false): >>>> >>>> if (ktab == null) { >>>> promptForPass(getPasswdFromSharedState); >>>> builder = new KrbAsReqBuilder(principal, password); >>>> if (isInitiator) { >>>> // XXX Even if isInitiator=false, it might be >>>> // better to do an AS-REQ so that keys can be >>>> // updated with PA info >>>> cred = builder.action().getCreds(); >>>> } >>>> if (storeKey) { >>>> encKeys = builder.getKeys(); >>>> // When encKeys is empty, the login actually fails. >>>> // For compatibility, exception is thrown in commit(). >>>> } >>>> } >>>> >>>> This code path results builder.getGeys() being called while the >>>> builder's state is 'INIT'. >>>> The builder asserts via checkState() that the state is REQ_OK, hence >>>> an exception. >>>> >>>> This is a regression, as JRE6 and prior versions called >>>> EncryptionKey.acquireSecretKeys() >>>> to obtain the keys in this case. >>>> >>>> REGRESSION. Last worked in version 6u26 >>>> >>>> STEPS TO FOLLOW TO REPRODUCE THE PROBLEM : >>>> See the executable test case below. Program should be run on a >>>> Windows machine that is joined to a domain. Replace 'REALM', 'KDC', >>>> 'DOMAIN_USER' and 'DOMAIN_USER_PWD' as appropriate before running >>>> >>>> EXPECTED VERSUS ACTUAL BEHAVIOR : >>>> EXPECTED - >>>> "Login succeeded" printed to console >>>> ACTUAL - >>>> "Login failed" printed to console. >>>> Exception stacktrace printed to strerr >>>> >>>> ERROR MESSAGES/STACK TRACES THAT OCCUR : >>>> javax.security.auth.login.LoginException: >>>> java.lang.IllegalStateException: Cannot get keys at REQ_OK state >>>> at sun.security.krb5.KrbAsReqBuilder.checkState(Unknown Source) >>>> at sun.security.krb5.KrbAsReqBuilder.getKeys(Unknown Source) >>>> at >>>> com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Unknown >>>> >>>> Source) >>>> at com.sun.security.auth.module.Krb5LoginModule.login(Unknown Source) >>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>>> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) >>>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) >>>> at java.lang.reflect.Method.invoke(Unknown Source) >>>> at javax.security.auth.login.LoginContext.invoke(Unknown Source) >>>> at javax.security.auth.login.LoginContext.access$000(Unknown Source) >>>> at javax.security.auth.login.LoginContext$4.run(Unknown Source) >>>> at javax.security.auth.login.LoginContext$4.run(Unknown Source) >>>> at java.security.AccessController.doPrivileged(Native Method) >>>> at javax.security.auth.login.LoginContext.invokePriv(Unknown Source) >>>> at javax.security.auth.login.LoginContext.login(Unknown Source) >>>> at LoginModuleExample.main(LoginModuleExample.java:43) >>>> >>>> at javax.security.auth.login.LoginContext.invoke(Unknown Source) >>>> at javax.security.auth.login.LoginContext.access$000(Unknown Source) >>>> at javax.security.auth.login.LoginContext$4.run(Unknown Source) >>>> at javax.security.auth.login.LoginContext$4.run(Unknown Source) >>>> at java.security.AccessController.doPrivileged(Native Method) >>>> at javax.security.auth.login.LoginContext.invokePriv(Unknown Source) >>>> at javax.security.auth.login.LoginContext.login(Unknown Source) >>>> at LoginModuleExample.main(LoginModuleExample.java:43) >>>> >>>> REPRODUCIBILITY : >>>> This bug can be reproduced always. >>>> >>>> ---------- BEGIN SOURCE ---------- >>>> import java.util.HashMap; >>>> import java.util.Map; >>>> >>>> import javax.security.auth.callback.Callback; >>>> import javax.security.auth.callback.CallbackHandler; >>>> import javax.security.auth.callback.NameCallback; >>>> import javax.security.auth.callback.PasswordCallback; >>>> import javax.security.auth.login.AppConfigurationEntry; >>>> import >>>> javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag; >>>> import javax.security.auth.login.Configuration; >>>> import javax.security.auth.login.LoginContext; >>>> >>>> import com.sun.security.auth.module.Krb5LoginModule; >>>> >>>> public class LoginModuleExample { >>>> >>>> // Replace with the realm and KDC of the Windows domain. >>>> private static final String REALM = "DEV-DEM.RECOMMIND.COM"; >>>> private static final String KDC = "AU-DEV-DC01.dev-dem.recommind.com"; >>>> >>>> // Replace with the username and password of any account on the >>>> // above domain. Account needs to be enabled and not locked out. >>>> private static final String DOMAIN_USER = "sgr"; >>>> private static final String DOMAIN_USER_PWD = "0rodriguez)"; >>>> >>>> private static final String EXAMPLE_SERVER_LOGIN = "example-server"; >>>> >>>> /** >>>> * @param args >>>> */ >>>> public static void main(String[] args) { >>>> >>>> System.setProperty("java.security.krb5.realm", REALM); >>>> System.setProperty("java.security.krb5.kdc", KDC); >>>> >>>> Configuration.setConfiguration(new CustomConfiguration()); >>>> >>>> try { >>>> CallbackHandler handler = getUsernamePasswordHandler(DOMAIN_USER, >>>> DOMAIN_USER_PWD); >>>> >>>> LoginContext loginContext = new LoginContext(EXAMPLE_SERVER_LOGIN, >>>> handler); >>>> >>>> loginContext.login(); >>>> >>>> System.out.println("Login succeeded"); >>>> } >>>> catch (Exception e) { >>>> >>>> System.out.println("Login failed"); >>>> e.printStackTrace(); >>>> } >>>> >>>> } >>>> >>>> private static CallbackHandler getUsernamePasswordHandler(final >>>> String username, final String password) { >>>> >>>> final CallbackHandler handler = new CallbackHandler() { >>>> >>>> public void handle(final Callback[] callback) { >>>> for (int i = 0; i< callback.length; i++) { >>>> if (callback[i] instanceof NameCallback) { >>>> final NameCallback nameCallback = (NameCallback) callback[i]; >>>> nameCallback.setName(username); >>>> } >>>> else if (callback[i] instanceof PasswordCallback) { >>>> final PasswordCallback passCallback = (PasswordCallback) callback[i]; >>>> passCallback.setPassword(password.toCharArray()); >>>> } >>>> } >>>> } >>>> }; >>>> >>>> return handler; >>>> } >>>> >>>> final static class CustomConfiguration extends Configuration { >>>> >>>> @Override >>>> public AppConfigurationEntry[] getAppConfigurationEntry(String name) { >>>> >>>> AppConfigurationEntry[] entries = new AppConfigurationEntry[0]; >>>> >>>> if (name.equals(EXAMPLE_SERVER_LOGIN)) { >>>> String krbModule = Krb5LoginModule.class.getName(); >>>> LoginModuleControlFlag flag = LoginModuleControlFlag.REQUIRED; >>>> Map options = new HashMap(); >>>> >>>> options.put("storeKey", "true"); >>>> options.put("useKeyTab", "false"); >>>> options.put("isInitiator", "false"); >>>> >>>> AppConfigurationEntry entry = new AppConfigurationEntry(krbModule, >>>> flag, options); >>>> >>>> entries = new AppConfigurationEntry[] { entry }; >>>> } >>>> >>>> return entries; >>>> } >>>> } >>>> } >>>> >>>> ---------- END SOURCE ---------- >>>> >>>> From weijun.wang at oracle.com Wed Sep 21 04:26:01 2011 From: weijun.wang at oracle.com (Weijun Wang) Date: Wed, 21 Sep 2011 12:26:01 +0800 Subject: code review request: 7089889: Krb5LoginModule.login() throws an exception if used without a keytab In-Reply-To: <4E795F60.5070809@oracle.com> References: <4E72C9D8.6070206@oracle.com> <4E72E566.1080002@oracle.com> <4E7826E5.1090205@oracle.com> <4E795F60.5070809@oracle.com> Message-ID: <4E796759.2010508@oracle.com> On 09/21/2011 11:52 AM, Xuelei Fan wrote: > On 9/20/2011 1:38 PM, Weijun Wang wrote: >> Any more comment? >> >> Thanks >> Max >> >> On 09/16/2011 01:57 PM, Weijun Wang wrote: >>> >>> >>> On 09/16/2011 01:45 PM, Xuelei Fan wrote: >>>> My first impression about the fix: >>>> 1. Do you want to update getKeys() comments about isInitiator value? >>> >>> OK. I'll simply remove the "(in JAAS words, isInitiator=true and >>> storeKey=true)" line. >>> > Do you also need to remove "This is used when the client supplies > passowrd but need ...". I think it is the same as "in JAAS words, ...". But that's where it's called. Maybe I should say more: This is used when the client supplies password but need keys to act as an acceptor. It can be called when the state is INIT and returned keys are generated with default salt, or, after AS-REQ is performed, might be updated by KDC. > >>>> >>>> 2. It seems that when isInitiator is true, getKeys() should throw >>>> exception if the state is not OK, right? If so, it looks like that the >>>> update of getKeys() will not throw ISE if the state is INIT. Does INIT >>>> state is enough in such case? >>> >>> The KrbAsReqBuilder class does not know about isInitiator so it cannot >>> make any decision based on it. I'll leave that to its caller. When >>> username/password is provided, getKeys() can be called as soon as the >>> object is created, and it returns keys with default salt. If AS-REQ is >>> performed and state goes OK and the method is called again, the salt >>> might be updated in PA-DATA. >>> > I'm not sure whether the getKeys() return the expected keys when the > state is INIT. It should be OK as it is an internal class, but as > requires that the caller always looks like: > > if (isInitiator) { > // action to update the state to OK > } > encKeys = builder.getKeys(); Correct. In Krb5LoginModule, you can see if (isInitiator) { // XXX Even if isInitiator=false, it might be // better to do an AS-REQ so that keys can be // updated with PA info cred = builder.action().getCreds(); } if (storeKey) { encKeys = builder.getKeys(); // When encKeys is empty, the login actually fails. // For compatibility, exception is thrown in commit(). } This is the only place where this method is called. > > Is getKeys() only be called by Krb5LoginModule.java? If not, I think we > may need to rethink about the change of the behaviors. Otherwise, it is > OK. However, is it a little simpler to update builder.getKeys() to > builder.getKeys(boolean isInitiator)? Yes. But I won't add automatic AS-REQ inside it. The argument will only be used for state check. Is that OK? Thanks Max > > Xuelei > >>> Thanks >>> Max >>> >>> >>>> >>>> Xuelei >>>> >>>> On Sep 16, 2011, at 12:00 PM, Weijun Wang wrote: >>>> >>>>> Hi All >>>>> >>>>> Code changes at >>>>> >>>>> http://cr.openjdk.java.net/~weijun/7089889/webrev.00/ >>>>> >>>>> KrbAsReqBuilder maintains a state enforcement: at the beginning it's >>>>> INIT, after doing an AS-REQ it's OK, and we used to only allow >>>>> getKeys() to be called when the state is OK. Now if an acceptor has >>>>> isInitiator=false, the OK state will never be reached. In most cases, >>>>> an acceptor uses a keytab so getKeys() is not called. However, if it >>>>> uses username/password (most likely in a peer-to-peer case and the >>>>> acceptor chooses not to login), getKeys() is needed and an exception >>>>> is thrown. >>>>> >>>>> This code change makes getKeys() callable at both INIT and OK states. >>>>> In order to do this, the checkState() method now accepts varargs. >>>>> >>>>> I'll backport this to 7u2, and since 7u2 is now in phase 2, I think I >>>>> need at least 2 reviewers. >>>>> >>>>> Thanks >>>>> Max >>>>> >>>>> -------- Original Message -------- >>>>> >>>>> *Change Request ID*: 7089889 >>>>> >>>>> *Synopsis*: Krb5LoginModule.login() throws an exception if used >>>>> without a keytab >>>>> >>>>> >>>>> === *Description* >>>>> ============================================================ >>>>> FULL PRODUCT VERSION : >>>>> java version "1.7.0" >>>>> Java(TM) SE Runtime Environment (build 1.7.0-b147) >>>>> Java HotSpot(TM) Client VM (build 21.0-b17, mixed mode, sharing) >>>>> >>>>> A DESCRIPTION OF THE PROBLEM : >>>>> The call to LoginContext.login() fails with an exception if the >>>>> LoginContext is configured to use Krb5LoginModule with the following >>>>> options: >>>>> >>>>> storeKey="true" >>>>> useKeyTab="false" >>>>> isInitiator="false" >>>>> >>>>> This appears to be a regression due to an attempt to solve bug >>>>> '6941083'. >>>>> >>>>> The following source code is taken from >>>>> Kb5LoginModule.attemptAuthentication(false): >>>>> >>>>> if (ktab == null) { >>>>> promptForPass(getPasswdFromSharedState); >>>>> builder = new KrbAsReqBuilder(principal, password); >>>>> if (isInitiator) { >>>>> // XXX Even if isInitiator=false, it might be >>>>> // better to do an AS-REQ so that keys can be >>>>> // updated with PA info >>>>> cred = builder.action().getCreds(); >>>>> } >>>>> if (storeKey) { >>>>> encKeys = builder.getKeys(); >>>>> // When encKeys is empty, the login actually fails. >>>>> // For compatibility, exception is thrown in commit(). >>>>> } >>>>> } >>>>> >>>>> This code path results builder.getGeys() being called while the >>>>> builder's state is 'INIT'. >>>>> The builder asserts via checkState() that the state is REQ_OK, hence >>>>> an exception. >>>>> >>>>> This is a regression, as JRE6 and prior versions called >>>>> EncryptionKey.acquireSecretKeys() >>>>> to obtain the keys in this case. >>>>> >>>>> REGRESSION. Last worked in version 6u26 >>>>> >>>>> STEPS TO FOLLOW TO REPRODUCE THE PROBLEM : >>>>> See the executable test case below. Program should be run on a >>>>> Windows machine that is joined to a domain. Replace 'REALM', 'KDC', >>>>> 'DOMAIN_USER' and 'DOMAIN_USER_PWD' as appropriate before running >>>>> >>>>> EXPECTED VERSUS ACTUAL BEHAVIOR : >>>>> EXPECTED - >>>>> "Login succeeded" printed to console >>>>> ACTUAL - >>>>> "Login failed" printed to console. >>>>> Exception stacktrace printed to strerr >>>>> >>>>> ERROR MESSAGES/STACK TRACES THAT OCCUR : >>>>> javax.security.auth.login.LoginException: >>>>> java.lang.IllegalStateException: Cannot get keys at REQ_OK state >>>>> at sun.security.krb5.KrbAsReqBuilder.checkState(Unknown Source) >>>>> at sun.security.krb5.KrbAsReqBuilder.getKeys(Unknown Source) >>>>> at >>>>> com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Unknown >>>>> >>>>> Source) >>>>> at com.sun.security.auth.module.Krb5LoginModule.login(Unknown Source) >>>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>>>> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) >>>>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) >>>>> at java.lang.reflect.Method.invoke(Unknown Source) >>>>> at javax.security.auth.login.LoginContext.invoke(Unknown Source) >>>>> at javax.security.auth.login.LoginContext.access$000(Unknown Source) >>>>> at javax.security.auth.login.LoginContext$4.run(Unknown Source) >>>>> at javax.security.auth.login.LoginContext$4.run(Unknown Source) >>>>> at java.security.AccessController.doPrivileged(Native Method) >>>>> at javax.security.auth.login.LoginContext.invokePriv(Unknown Source) >>>>> at javax.security.auth.login.LoginContext.login(Unknown Source) >>>>> at LoginModuleExample.main(LoginModuleExample.java:43) >>>>> >>>>> at javax.security.auth.login.LoginContext.invoke(Unknown Source) >>>>> at javax.security.auth.login.LoginContext.access$000(Unknown Source) >>>>> at javax.security.auth.login.LoginContext$4.run(Unknown Source) >>>>> at javax.security.auth.login.LoginContext$4.run(Unknown Source) >>>>> at java.security.AccessController.doPrivileged(Native Method) >>>>> at javax.security.auth.login.LoginContext.invokePriv(Unknown Source) >>>>> at javax.security.auth.login.LoginContext.login(Unknown Source) >>>>> at LoginModuleExample.main(LoginModuleExample.java:43) >>>>> >>>>> REPRODUCIBILITY : >>>>> This bug can be reproduced always. >>>>> >>>>> ---------- BEGIN SOURCE ---------- >>>>> import java.util.HashMap; >>>>> import java.util.Map; >>>>> >>>>> import javax.security.auth.callback.Callback; >>>>> import javax.security.auth.callback.CallbackHandler; >>>>> import javax.security.auth.callback.NameCallback; >>>>> import javax.security.auth.callback.PasswordCallback; >>>>> import javax.security.auth.login.AppConfigurationEntry; >>>>> import >>>>> javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag; >>>>> import javax.security.auth.login.Configuration; >>>>> import javax.security.auth.login.LoginContext; >>>>> >>>>> import com.sun.security.auth.module.Krb5LoginModule; >>>>> >>>>> public class LoginModuleExample { >>>>> >>>>> // Replace with the realm and KDC of the Windows domain. >>>>> private static final String REALM = "DEV-DEM.RECOMMIND.COM"; >>>>> private static final String KDC = "AU-DEV-DC01.dev-dem.recommind.com"; >>>>> >>>>> // Replace with the username and password of any account on the >>>>> // above domain. Account needs to be enabled and not locked out. >>>>> private static final String DOMAIN_USER = "sgr"; >>>>> private static final String DOMAIN_USER_PWD = "0rodriguez)"; >>>>> >>>>> private static final String EXAMPLE_SERVER_LOGIN = "example-server"; >>>>> >>>>> /** >>>>> * @param args >>>>> */ >>>>> public static void main(String[] args) { >>>>> >>>>> System.setProperty("java.security.krb5.realm", REALM); >>>>> System.setProperty("java.security.krb5.kdc", KDC); >>>>> >>>>> Configuration.setConfiguration(new CustomConfiguration()); >>>>> >>>>> try { >>>>> CallbackHandler handler = getUsernamePasswordHandler(DOMAIN_USER, >>>>> DOMAIN_USER_PWD); >>>>> >>>>> LoginContext loginContext = new LoginContext(EXAMPLE_SERVER_LOGIN, >>>>> handler); >>>>> >>>>> loginContext.login(); >>>>> >>>>> System.out.println("Login succeeded"); >>>>> } >>>>> catch (Exception e) { >>>>> >>>>> System.out.println("Login failed"); >>>>> e.printStackTrace(); >>>>> } >>>>> >>>>> } >>>>> >>>>> private static CallbackHandler getUsernamePasswordHandler(final >>>>> String username, final String password) { >>>>> >>>>> final CallbackHandler handler = new CallbackHandler() { >>>>> >>>>> public void handle(final Callback[] callback) { >>>>> for (int i = 0; i< callback.length; i++) { >>>>> if (callback[i] instanceof NameCallback) { >>>>> final NameCallback nameCallback = (NameCallback) callback[i]; >>>>> nameCallback.setName(username); >>>>> } >>>>> else if (callback[i] instanceof PasswordCallback) { >>>>> final PasswordCallback passCallback = (PasswordCallback) callback[i]; >>>>> passCallback.setPassword(password.toCharArray()); >>>>> } >>>>> } >>>>> } >>>>> }; >>>>> >>>>> return handler; >>>>> } >>>>> >>>>> final static class CustomConfiguration extends Configuration { >>>>> >>>>> @Override >>>>> public AppConfigurationEntry[] getAppConfigurationEntry(String name) { >>>>> >>>>> AppConfigurationEntry[] entries = new AppConfigurationEntry[0]; >>>>> >>>>> if (name.equals(EXAMPLE_SERVER_LOGIN)) { >>>>> String krbModule = Krb5LoginModule.class.getName(); >>>>> LoginModuleControlFlag flag = LoginModuleControlFlag.REQUIRED; >>>>> Map options = new HashMap(); >>>>> >>>>> options.put("storeKey", "true"); >>>>> options.put("useKeyTab", "false"); >>>>> options.put("isInitiator", "false"); >>>>> >>>>> AppConfigurationEntry entry = new AppConfigurationEntry(krbModule, >>>>> flag, options); >>>>> >>>>> entries = new AppConfigurationEntry[] { entry }; >>>>> } >>>>> >>>>> return entries; >>>>> } >>>>> } >>>>> } >>>>> >>>>> ---------- END SOURCE ---------- >>>>> >>>>> > From xuelei.fan at oracle.com Wed Sep 21 04:28:55 2011 From: xuelei.fan at oracle.com (Xuelei Fan) Date: Wed, 21 Sep 2011 12:28:55 +0800 Subject: code review request: 7089889: Krb5LoginModule.login() throws an exception if used without a keytab In-Reply-To: <4E796759.2010508@oracle.com> References: <4E72C9D8.6070206@oracle.com> <4E72E566.1080002@oracle.com> <4E7826E5.1090205@oracle.com> <4E795F60.5070809@oracle.com> <4E796759.2010508@oracle.com> Message-ID: <4E796807.1060704@oracle.com> It's OK. Xuelei On 9/21/2011 12:26 PM, Weijun Wang wrote: > > > On 09/21/2011 11:52 AM, Xuelei Fan wrote: >> On 9/20/2011 1:38 PM, Weijun Wang wrote: >>> Any more comment? >>> >>> Thanks >>> Max >>> >>> On 09/16/2011 01:57 PM, Weijun Wang wrote: >>>> >>>> >>>> On 09/16/2011 01:45 PM, Xuelei Fan wrote: >>>>> My first impression about the fix: >>>>> 1. Do you want to update getKeys() comments about isInitiator value? >>>> >>>> OK. I'll simply remove the "(in JAAS words, isInitiator=true and >>>> storeKey=true)" line. >>>> >> Do you also need to remove "This is used when the client supplies >> passowrd but need ...". I think it is the same as "in JAAS words, ...". > > But that's where it's called. Maybe I should say more: > > This is used when the client supplies password but need keys > to act as an acceptor. It can be called when the state is INIT > and returned keys are generated with default salt, or, after > AS-REQ is performed, might be updated by KDC. > >> >>>>> >>>>> 2. It seems that when isInitiator is true, getKeys() should throw >>>>> exception if the state is not OK, right? If so, it looks like that the >>>>> update of getKeys() will not throw ISE if the state is INIT. Does INIT >>>>> state is enough in such case? >>>> >>>> The KrbAsReqBuilder class does not know about isInitiator so it cannot >>>> make any decision based on it. I'll leave that to its caller. When >>>> username/password is provided, getKeys() can be called as soon as the >>>> object is created, and it returns keys with default salt. If AS-REQ is >>>> performed and state goes OK and the method is called again, the salt >>>> might be updated in PA-DATA. >>>> >> I'm not sure whether the getKeys() return the expected keys when the >> state is INIT. It should be OK as it is an internal class, but as >> requires that the caller always looks like: >> >> if (isInitiator) { >> // action to update the state to OK >> } >> encKeys = builder.getKeys(); > > Correct. In Krb5LoginModule, you can see > > if (isInitiator) { > // XXX Even if isInitiator=false, it might be > // better to do an AS-REQ so that keys can be > // updated with PA info > cred = builder.action().getCreds(); > } > if (storeKey) { > encKeys = builder.getKeys(); > // When encKeys is empty, the login actually fails. > // For compatibility, exception is thrown in commit(). > } > > This is the only place where this method is called. > >> >> Is getKeys() only be called by Krb5LoginModule.java? If not, I think we >> may need to rethink about the change of the behaviors. Otherwise, it is >> OK. However, is it a little simpler to update builder.getKeys() to >> builder.getKeys(boolean isInitiator)? > > Yes. But I won't add automatic AS-REQ inside it. The argument will only > be used for state check. Is that OK? > > Thanks > Max > > >> >> Xuelei >> >>>> Thanks >>>> Max >>>> >>>> >>>>> >>>>> Xuelei >>>>> >>>>> On Sep 16, 2011, at 12:00 PM, Weijun Wang >>>>> wrote: >>>>> >>>>>> Hi All >>>>>> >>>>>> Code changes at >>>>>> >>>>>> http://cr.openjdk.java.net/~weijun/7089889/webrev.00/ >>>>>> >>>>>> KrbAsReqBuilder maintains a state enforcement: at the beginning it's >>>>>> INIT, after doing an AS-REQ it's OK, and we used to only allow >>>>>> getKeys() to be called when the state is OK. Now if an acceptor has >>>>>> isInitiator=false, the OK state will never be reached. In most cases, >>>>>> an acceptor uses a keytab so getKeys() is not called. However, if it >>>>>> uses username/password (most likely in a peer-to-peer case and the >>>>>> acceptor chooses not to login), getKeys() is needed and an exception >>>>>> is thrown. >>>>>> >>>>>> This code change makes getKeys() callable at both INIT and OK states. >>>>>> In order to do this, the checkState() method now accepts varargs. >>>>>> >>>>>> I'll backport this to 7u2, and since 7u2 is now in phase 2, I think I >>>>>> need at least 2 reviewers. >>>>>> >>>>>> Thanks >>>>>> Max >>>>>> >>>>>> -------- Original Message -------- >>>>>> >>>>>> *Change Request ID*: 7089889 >>>>>> >>>>>> *Synopsis*: Krb5LoginModule.login() throws an exception if used >>>>>> without a keytab >>>>>> >>>>>> >>>>>> === *Description* >>>>>> ============================================================ >>>>>> FULL PRODUCT VERSION : >>>>>> java version "1.7.0" >>>>>> Java(TM) SE Runtime Environment (build 1.7.0-b147) >>>>>> Java HotSpot(TM) Client VM (build 21.0-b17, mixed mode, sharing) >>>>>> >>>>>> A DESCRIPTION OF THE PROBLEM : >>>>>> The call to LoginContext.login() fails with an exception if the >>>>>> LoginContext is configured to use Krb5LoginModule with the following >>>>>> options: >>>>>> >>>>>> storeKey="true" >>>>>> useKeyTab="false" >>>>>> isInitiator="false" >>>>>> >>>>>> This appears to be a regression due to an attempt to solve bug >>>>>> '6941083'. >>>>>> >>>>>> The following source code is taken from >>>>>> Kb5LoginModule.attemptAuthentication(false): >>>>>> >>>>>> if (ktab == null) { >>>>>> promptForPass(getPasswdFromSharedState); >>>>>> builder = new KrbAsReqBuilder(principal, password); >>>>>> if (isInitiator) { >>>>>> // XXX Even if isInitiator=false, it might be >>>>>> // better to do an AS-REQ so that keys can be >>>>>> // updated with PA info >>>>>> cred = builder.action().getCreds(); >>>>>> } >>>>>> if (storeKey) { >>>>>> encKeys = builder.getKeys(); >>>>>> // When encKeys is empty, the login actually fails. >>>>>> // For compatibility, exception is thrown in commit(). >>>>>> } >>>>>> } >>>>>> >>>>>> This code path results builder.getGeys() being called while the >>>>>> builder's state is 'INIT'. >>>>>> The builder asserts via checkState() that the state is REQ_OK, hence >>>>>> an exception. >>>>>> >>>>>> This is a regression, as JRE6 and prior versions called >>>>>> EncryptionKey.acquireSecretKeys() >>>>>> to obtain the keys in this case. >>>>>> >>>>>> REGRESSION. Last worked in version 6u26 >>>>>> >>>>>> STEPS TO FOLLOW TO REPRODUCE THE PROBLEM : >>>>>> See the executable test case below. Program should be run on a >>>>>> Windows machine that is joined to a domain. Replace 'REALM', 'KDC', >>>>>> 'DOMAIN_USER' and 'DOMAIN_USER_PWD' as appropriate before running >>>>>> >>>>>> EXPECTED VERSUS ACTUAL BEHAVIOR : >>>>>> EXPECTED - >>>>>> "Login succeeded" printed to console >>>>>> ACTUAL - >>>>>> "Login failed" printed to console. >>>>>> Exception stacktrace printed to strerr >>>>>> >>>>>> ERROR MESSAGES/STACK TRACES THAT OCCUR : >>>>>> javax.security.auth.login.LoginException: >>>>>> java.lang.IllegalStateException: Cannot get keys at REQ_OK state >>>>>> at sun.security.krb5.KrbAsReqBuilder.checkState(Unknown Source) >>>>>> at sun.security.krb5.KrbAsReqBuilder.getKeys(Unknown Source) >>>>>> at >>>>>> com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Unknown >>>>>> >>>>>> >>>>>> Source) >>>>>> at com.sun.security.auth.module.Krb5LoginModule.login(Unknown Source) >>>>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>>>>> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) >>>>>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) >>>>>> at java.lang.reflect.Method.invoke(Unknown Source) >>>>>> at javax.security.auth.login.LoginContext.invoke(Unknown Source) >>>>>> at javax.security.auth.login.LoginContext.access$000(Unknown Source) >>>>>> at javax.security.auth.login.LoginContext$4.run(Unknown Source) >>>>>> at javax.security.auth.login.LoginContext$4.run(Unknown Source) >>>>>> at java.security.AccessController.doPrivileged(Native Method) >>>>>> at javax.security.auth.login.LoginContext.invokePriv(Unknown Source) >>>>>> at javax.security.auth.login.LoginContext.login(Unknown Source) >>>>>> at LoginModuleExample.main(LoginModuleExample.java:43) >>>>>> >>>>>> at javax.security.auth.login.LoginContext.invoke(Unknown Source) >>>>>> at javax.security.auth.login.LoginContext.access$000(Unknown Source) >>>>>> at javax.security.auth.login.LoginContext$4.run(Unknown Source) >>>>>> at javax.security.auth.login.LoginContext$4.run(Unknown Source) >>>>>> at java.security.AccessController.doPrivileged(Native Method) >>>>>> at javax.security.auth.login.LoginContext.invokePriv(Unknown Source) >>>>>> at javax.security.auth.login.LoginContext.login(Unknown Source) >>>>>> at LoginModuleExample.main(LoginModuleExample.java:43) >>>>>> >>>>>> REPRODUCIBILITY : >>>>>> This bug can be reproduced always. >>>>>> >>>>>> ---------- BEGIN SOURCE ---------- >>>>>> import java.util.HashMap; >>>>>> import java.util.Map; >>>>>> >>>>>> import javax.security.auth.callback.Callback; >>>>>> import javax.security.auth.callback.CallbackHandler; >>>>>> import javax.security.auth.callback.NameCallback; >>>>>> import javax.security.auth.callback.PasswordCallback; >>>>>> import javax.security.auth.login.AppConfigurationEntry; >>>>>> import >>>>>> javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag; >>>>>> >>>>>> import javax.security.auth.login.Configuration; >>>>>> import javax.security.auth.login.LoginContext; >>>>>> >>>>>> import com.sun.security.auth.module.Krb5LoginModule; >>>>>> >>>>>> public class LoginModuleExample { >>>>>> >>>>>> // Replace with the realm and KDC of the Windows domain. >>>>>> private static final String REALM = "DEV-DEM.RECOMMIND.COM"; >>>>>> private static final String KDC = >>>>>> "AU-DEV-DC01.dev-dem.recommind.com"; >>>>>> >>>>>> // Replace with the username and password of any account on the >>>>>> // above domain. Account needs to be enabled and not locked out. >>>>>> private static final String DOMAIN_USER = "sgr"; >>>>>> private static final String DOMAIN_USER_PWD = "0rodriguez)"; >>>>>> >>>>>> private static final String EXAMPLE_SERVER_LOGIN = "example-server"; >>>>>> >>>>>> /** >>>>>> * @param args >>>>>> */ >>>>>> public static void main(String[] args) { >>>>>> >>>>>> System.setProperty("java.security.krb5.realm", REALM); >>>>>> System.setProperty("java.security.krb5.kdc", KDC); >>>>>> >>>>>> Configuration.setConfiguration(new CustomConfiguration()); >>>>>> >>>>>> try { >>>>>> CallbackHandler handler = getUsernamePasswordHandler(DOMAIN_USER, >>>>>> DOMAIN_USER_PWD); >>>>>> >>>>>> LoginContext loginContext = new LoginContext(EXAMPLE_SERVER_LOGIN, >>>>>> handler); >>>>>> >>>>>> loginContext.login(); >>>>>> >>>>>> System.out.println("Login succeeded"); >>>>>> } >>>>>> catch (Exception e) { >>>>>> >>>>>> System.out.println("Login failed"); >>>>>> e.printStackTrace(); >>>>>> } >>>>>> >>>>>> } >>>>>> >>>>>> private static CallbackHandler getUsernamePasswordHandler(final >>>>>> String username, final String password) { >>>>>> >>>>>> final CallbackHandler handler = new CallbackHandler() { >>>>>> >>>>>> public void handle(final Callback[] callback) { >>>>>> for (int i = 0; i< callback.length; i++) { >>>>>> if (callback[i] instanceof NameCallback) { >>>>>> final NameCallback nameCallback = (NameCallback) callback[i]; >>>>>> nameCallback.setName(username); >>>>>> } >>>>>> else if (callback[i] instanceof PasswordCallback) { >>>>>> final PasswordCallback passCallback = (PasswordCallback) callback[i]; >>>>>> passCallback.setPassword(password.toCharArray()); >>>>>> } >>>>>> } >>>>>> } >>>>>> }; >>>>>> >>>>>> return handler; >>>>>> } >>>>>> >>>>>> final static class CustomConfiguration extends Configuration { >>>>>> >>>>>> @Override >>>>>> public AppConfigurationEntry[] getAppConfigurationEntry(String >>>>>> name) { >>>>>> >>>>>> AppConfigurationEntry[] entries = new AppConfigurationEntry[0]; >>>>>> >>>>>> if (name.equals(EXAMPLE_SERVER_LOGIN)) { >>>>>> String krbModule = Krb5LoginModule.class.getName(); >>>>>> LoginModuleControlFlag flag = LoginModuleControlFlag.REQUIRED; >>>>>> Map options = new HashMap(); >>>>>> >>>>>> options.put("storeKey", "true"); >>>>>> options.put("useKeyTab", "false"); >>>>>> options.put("isInitiator", "false"); >>>>>> >>>>>> AppConfigurationEntry entry = new AppConfigurationEntry(krbModule, >>>>>> flag, options); >>>>>> >>>>>> entries = new AppConfigurationEntry[] { entry }; >>>>>> } >>>>>> >>>>>> return entries; >>>>>> } >>>>>> } >>>>>> } >>>>>> >>>>>> ---------- END SOURCE ---------- >>>>>> >>>>>> >> From weijun.wang at oracle.com Wed Sep 21 07:28:16 2011 From: weijun.wang at oracle.com (Weijun Wang) Date: Wed, 21 Sep 2011 15:28:16 +0800 Subject: code review request: 7089889: Krb5LoginModule.login() throws an exception if used without a keytab In-Reply-To: <4E796807.1060704@oracle.com> References: <4E72C9D8.6070206@oracle.com> <4E72E566.1080002@oracle.com> <4E7826E5.1090205@oracle.com> <4E795F60.5070809@oracle.com> <4E796759.2010508@oracle.com> <4E796807.1060704@oracle.com> Message-ID: <4E799210.6040505@oracle.com> Webrev updated: http://cr.openjdk.java.net/~weijun/7089889/webrev.01/ Thanks Max On 09/21/2011 12:28 PM, Xuelei Fan wrote: > It's OK. > > Xuelei > > On 9/21/2011 12:26 PM, Weijun Wang wrote: >> >> >> On 09/21/2011 11:52 AM, Xuelei Fan wrote: >>> On 9/20/2011 1:38 PM, Weijun Wang wrote: >>>> Any more comment? >>>> >>>> Thanks >>>> Max >>>> >>>> On 09/16/2011 01:57 PM, Weijun Wang wrote: >>>>> >>>>> >>>>> On 09/16/2011 01:45 PM, Xuelei Fan wrote: >>>>>> My first impression about the fix: >>>>>> 1. Do you want to update getKeys() comments about isInitiator value? >>>>> >>>>> OK. I'll simply remove the "(in JAAS words, isInitiator=true and >>>>> storeKey=true)" line. >>>>> >>> Do you also need to remove "This is used when the client supplies >>> passowrd but need ...". I think it is the same as "in JAAS words, ...". >> >> But that's where it's called. Maybe I should say more: >> >> This is used when the client supplies password but need keys >> to act as an acceptor. It can be called when the state is INIT >> and returned keys are generated with default salt, or, after >> AS-REQ is performed, might be updated by KDC. >> >>> >>>>>> >>>>>> 2. It seems that when isInitiator is true, getKeys() should throw >>>>>> exception if the state is not OK, right? If so, it looks like that the >>>>>> update of getKeys() will not throw ISE if the state is INIT. Does INIT >>>>>> state is enough in such case? >>>>> >>>>> The KrbAsReqBuilder class does not know about isInitiator so it cannot >>>>> make any decision based on it. I'll leave that to its caller. When >>>>> username/password is provided, getKeys() can be called as soon as the >>>>> object is created, and it returns keys with default salt. If AS-REQ is >>>>> performed and state goes OK and the method is called again, the salt >>>>> might be updated in PA-DATA. >>>>> >>> I'm not sure whether the getKeys() return the expected keys when the >>> state is INIT. It should be OK as it is an internal class, but as >>> requires that the caller always looks like: >>> >>> if (isInitiator) { >>> // action to update the state to OK >>> } >>> encKeys = builder.getKeys(); >> >> Correct. In Krb5LoginModule, you can see >> >> if (isInitiator) { >> // XXX Even if isInitiator=false, it might be >> // better to do an AS-REQ so that keys can be >> // updated with PA info >> cred = builder.action().getCreds(); >> } >> if (storeKey) { >> encKeys = builder.getKeys(); >> // When encKeys is empty, the login actually fails. >> // For compatibility, exception is thrown in commit(). >> } >> >> This is the only place where this method is called. >> >>> >>> Is getKeys() only be called by Krb5LoginModule.java? If not, I think we >>> may need to rethink about the change of the behaviors. Otherwise, it is >>> OK. However, is it a little simpler to update builder.getKeys() to >>> builder.getKeys(boolean isInitiator)? >> >> Yes. But I won't add automatic AS-REQ inside it. The argument will only >> be used for state check. Is that OK? >> >> Thanks >> Max >> >> >>> >>> Xuelei >>> >>>>> Thanks >>>>> Max >>>>> >>>>> >>>>>> >>>>>> Xuelei >>>>>> >>>>>> On Sep 16, 2011, at 12:00 PM, Weijun Wang >>>>>> wrote: >>>>>> >>>>>>> Hi All >>>>>>> >>>>>>> Code changes at >>>>>>> >>>>>>> http://cr.openjdk.java.net/~weijun/7089889/webrev.00/ >>>>>>> >>>>>>> KrbAsReqBuilder maintains a state enforcement: at the beginning it's >>>>>>> INIT, after doing an AS-REQ it's OK, and we used to only allow >>>>>>> getKeys() to be called when the state is OK. Now if an acceptor has >>>>>>> isInitiator=false, the OK state will never be reached. In most cases, >>>>>>> an acceptor uses a keytab so getKeys() is not called. However, if it >>>>>>> uses username/password (most likely in a peer-to-peer case and the >>>>>>> acceptor chooses not to login), getKeys() is needed and an exception >>>>>>> is thrown. >>>>>>> >>>>>>> This code change makes getKeys() callable at both INIT and OK states. >>>>>>> In order to do this, the checkState() method now accepts varargs. >>>>>>> >>>>>>> I'll backport this to 7u2, and since 7u2 is now in phase 2, I think I >>>>>>> need at least 2 reviewers. >>>>>>> >>>>>>> Thanks >>>>>>> Max >>>>>>> >>>>>>> -------- Original Message -------- >>>>>>> >>>>>>> *Change Request ID*: 7089889 >>>>>>> >>>>>>> *Synopsis*: Krb5LoginModule.login() throws an exception if used >>>>>>> without a keytab >>>>>>> >>>>>>> >>>>>>> === *Description* >>>>>>> ============================================================ >>>>>>> FULL PRODUCT VERSION : >>>>>>> java version "1.7.0" >>>>>>> Java(TM) SE Runtime Environment (build 1.7.0-b147) >>>>>>> Java HotSpot(TM) Client VM (build 21.0-b17, mixed mode, sharing) >>>>>>> >>>>>>> A DESCRIPTION OF THE PROBLEM : >>>>>>> The call to LoginContext.login() fails with an exception if the >>>>>>> LoginContext is configured to use Krb5LoginModule with the following >>>>>>> options: >>>>>>> >>>>>>> storeKey="true" >>>>>>> useKeyTab="false" >>>>>>> isInitiator="false" >>>>>>> >>>>>>> This appears to be a regression due to an attempt to solve bug >>>>>>> '6941083'. >>>>>>> >>>>>>> The following source code is taken from >>>>>>> Kb5LoginModule.attemptAuthentication(false): >>>>>>> >>>>>>> if (ktab == null) { >>>>>>> promptForPass(getPasswdFromSharedState); >>>>>>> builder = new KrbAsReqBuilder(principal, password); >>>>>>> if (isInitiator) { >>>>>>> // XXX Even if isInitiator=false, it might be >>>>>>> // better to do an AS-REQ so that keys can be >>>>>>> // updated with PA info >>>>>>> cred = builder.action().getCreds(); >>>>>>> } >>>>>>> if (storeKey) { >>>>>>> encKeys = builder.getKeys(); >>>>>>> // When encKeys is empty, the login actually fails. >>>>>>> // For compatibility, exception is thrown in commit(). >>>>>>> } >>>>>>> } >>>>>>> >>>>>>> This code path results builder.getGeys() being called while the >>>>>>> builder's state is 'INIT'. >>>>>>> The builder asserts via checkState() that the state is REQ_OK, hence >>>>>>> an exception. >>>>>>> >>>>>>> This is a regression, as JRE6 and prior versions called >>>>>>> EncryptionKey.acquireSecretKeys() >>>>>>> to obtain the keys in this case. >>>>>>> >>>>>>> REGRESSION. Last worked in version 6u26 >>>>>>> >>>>>>> STEPS TO FOLLOW TO REPRODUCE THE PROBLEM : >>>>>>> See the executable test case below. Program should be run on a >>>>>>> Windows machine that is joined to a domain. Replace 'REALM', 'KDC', >>>>>>> 'DOMAIN_USER' and 'DOMAIN_USER_PWD' as appropriate before running >>>>>>> >>>>>>> EXPECTED VERSUS ACTUAL BEHAVIOR : >>>>>>> EXPECTED - >>>>>>> "Login succeeded" printed to console >>>>>>> ACTUAL - >>>>>>> "Login failed" printed to console. >>>>>>> Exception stacktrace printed to strerr >>>>>>> >>>>>>> ERROR MESSAGES/STACK TRACES THAT OCCUR : >>>>>>> javax.security.auth.login.LoginException: >>>>>>> java.lang.IllegalStateException: Cannot get keys at REQ_OK state >>>>>>> at sun.security.krb5.KrbAsReqBuilder.checkState(Unknown Source) >>>>>>> at sun.security.krb5.KrbAsReqBuilder.getKeys(Unknown Source) >>>>>>> at >>>>>>> com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Unknown >>>>>>> >>>>>>> >>>>>>> Source) >>>>>>> at com.sun.security.auth.module.Krb5LoginModule.login(Unknown Source) >>>>>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>>>>>> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) >>>>>>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) >>>>>>> at java.lang.reflect.Method.invoke(Unknown Source) >>>>>>> at javax.security.auth.login.LoginContext.invoke(Unknown Source) >>>>>>> at javax.security.auth.login.LoginContext.access$000(Unknown Source) >>>>>>> at javax.security.auth.login.LoginContext$4.run(Unknown Source) >>>>>>> at javax.security.auth.login.LoginContext$4.run(Unknown Source) >>>>>>> at java.security.AccessController.doPrivileged(Native Method) >>>>>>> at javax.security.auth.login.LoginContext.invokePriv(Unknown Source) >>>>>>> at javax.security.auth.login.LoginContext.login(Unknown Source) >>>>>>> at LoginModuleExample.main(LoginModuleExample.java:43) >>>>>>> >>>>>>> at javax.security.auth.login.LoginContext.invoke(Unknown Source) >>>>>>> at javax.security.auth.login.LoginContext.access$000(Unknown Source) >>>>>>> at javax.security.auth.login.LoginContext$4.run(Unknown Source) >>>>>>> at javax.security.auth.login.LoginContext$4.run(Unknown Source) >>>>>>> at java.security.AccessController.doPrivileged(Native Method) >>>>>>> at javax.security.auth.login.LoginContext.invokePriv(Unknown Source) >>>>>>> at javax.security.auth.login.LoginContext.login(Unknown Source) >>>>>>> at LoginModuleExample.main(LoginModuleExample.java:43) >>>>>>> >>>>>>> REPRODUCIBILITY : >>>>>>> This bug can be reproduced always. >>>>>>> >>>>>>> ---------- BEGIN SOURCE ---------- >>>>>>> import java.util.HashMap; >>>>>>> import java.util.Map; >>>>>>> >>>>>>> import javax.security.auth.callback.Callback; >>>>>>> import javax.security.auth.callback.CallbackHandler; >>>>>>> import javax.security.auth.callback.NameCallback; >>>>>>> import javax.security.auth.callback.PasswordCallback; >>>>>>> import javax.security.auth.login.AppConfigurationEntry; >>>>>>> import >>>>>>> javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag; >>>>>>> >>>>>>> import javax.security.auth.login.Configuration; >>>>>>> import javax.security.auth.login.LoginContext; >>>>>>> >>>>>>> import com.sun.security.auth.module.Krb5LoginModule; >>>>>>> >>>>>>> public class LoginModuleExample { >>>>>>> >>>>>>> // Replace with the realm and KDC of the Windows domain. >>>>>>> private static final String REALM = "DEV-DEM.RECOMMIND.COM"; >>>>>>> private static final String KDC = >>>>>>> "AU-DEV-DC01.dev-dem.recommind.com"; >>>>>>> >>>>>>> // Replace with the username and password of any account on the >>>>>>> // above domain. Account needs to be enabled and not locked out. >>>>>>> private static final String DOMAIN_USER = "sgr"; >>>>>>> private static final String DOMAIN_USER_PWD = "0rodriguez)"; >>>>>>> >>>>>>> private static final String EXAMPLE_SERVER_LOGIN = "example-server"; >>>>>>> >>>>>>> /** >>>>>>> * @param args >>>>>>> */ >>>>>>> public static void main(String[] args) { >>>>>>> >>>>>>> System.setProperty("java.security.krb5.realm", REALM); >>>>>>> System.setProperty("java.security.krb5.kdc", KDC); >>>>>>> >>>>>>> Configuration.setConfiguration(new CustomConfiguration()); >>>>>>> >>>>>>> try { >>>>>>> CallbackHandler handler = getUsernamePasswordHandler(DOMAIN_USER, >>>>>>> DOMAIN_USER_PWD); >>>>>>> >>>>>>> LoginContext loginContext = new LoginContext(EXAMPLE_SERVER_LOGIN, >>>>>>> handler); >>>>>>> >>>>>>> loginContext.login(); >>>>>>> >>>>>>> System.out.println("Login succeeded"); >>>>>>> } >>>>>>> catch (Exception e) { >>>>>>> >>>>>>> System.out.println("Login failed"); >>>>>>> e.printStackTrace(); >>>>>>> } >>>>>>> >>>>>>> } >>>>>>> >>>>>>> private static CallbackHandler getUsernamePasswordHandler(final >>>>>>> String username, final String password) { >>>>>>> >>>>>>> final CallbackHandler handler = new CallbackHandler() { >>>>>>> >>>>>>> public void handle(final Callback[] callback) { >>>>>>> for (int i = 0; i< callback.length; i++) { >>>>>>> if (callback[i] instanceof NameCallback) { >>>>>>> final NameCallback nameCallback = (NameCallback) callback[i]; >>>>>>> nameCallback.setName(username); >>>>>>> } >>>>>>> else if (callback[i] instanceof PasswordCallback) { >>>>>>> final PasswordCallback passCallback = (PasswordCallback) callback[i]; >>>>>>> passCallback.setPassword(password.toCharArray()); >>>>>>> } >>>>>>> } >>>>>>> } >>>>>>> }; >>>>>>> >>>>>>> return handler; >>>>>>> } >>>>>>> >>>>>>> final static class CustomConfiguration extends Configuration { >>>>>>> >>>>>>> @Override >>>>>>> public AppConfigurationEntry[] getAppConfigurationEntry(String >>>>>>> name) { >>>>>>> >>>>>>> AppConfigurationEntry[] entries = new AppConfigurationEntry[0]; >>>>>>> >>>>>>> if (name.equals(EXAMPLE_SERVER_LOGIN)) { >>>>>>> String krbModule = Krb5LoginModule.class.getName(); >>>>>>> LoginModuleControlFlag flag = LoginModuleControlFlag.REQUIRED; >>>>>>> Map options = new HashMap(); >>>>>>> >>>>>>> options.put("storeKey", "true"); >>>>>>> options.put("useKeyTab", "false"); >>>>>>> options.put("isInitiator", "false"); >>>>>>> >>>>>>> AppConfigurationEntry entry = new AppConfigurationEntry(krbModule, >>>>>>> flag, options); >>>>>>> >>>>>>> entries = new AppConfigurationEntry[] { entry }; >>>>>>> } >>>>>>> >>>>>>> return entries; >>>>>>> } >>>>>>> } >>>>>>> } >>>>>>> >>>>>>> ---------- END SOURCE ---------- >>>>>>> >>>>>>> >>> > From Xuelei.Fan at Oracle.Com Wed Sep 21 07:34:29 2011 From: Xuelei.Fan at Oracle.Com (Xuelei Fan) Date: Wed, 21 Sep 2011 15:34:29 +0800 Subject: code review request: 7089889: Krb5LoginModule.login() throws an exception if used without a keytab In-Reply-To: <4E799210.6040505@oracle.com> References: <4E72C9D8.6070206@oracle.com> <4E72E566.1080002@oracle.com> <4E7826E5.1090205@oracle.com> <4E795F60.5070809@oracle.com> <4E796759.2010508@oracle.com> <4E796807.1060704@oracle.com> <4E799210.6040505@oracle.com> Message-ID: <656E975B-EA8B-4507-B17A-D58502F64A54@Oracle.Com> Looks fine to me. Xuelei On Sep 21, 2011, at 3:28 PM, Weijun Wang wrote: > Webrev updated: > > http://cr.openjdk.java.net/~weijun/7089889/webrev.01/ > > Thanks > Max > > > On 09/21/2011 12:28 PM, Xuelei Fan wrote: >> It's OK. >> >> Xuelei >> >> On 9/21/2011 12:26 PM, Weijun Wang wrote: >>> >>> >>> On 09/21/2011 11:52 AM, Xuelei Fan wrote: >>>> On 9/20/2011 1:38 PM, Weijun Wang wrote: >>>>> Any more comment? >>>>> >>>>> Thanks >>>>> Max >>>>> >>>>> On 09/16/2011 01:57 PM, Weijun Wang wrote: >>>>>> >>>>>> >>>>>> On 09/16/2011 01:45 PM, Xuelei Fan wrote: >>>>>>> My first impression about the fix: >>>>>>> 1. Do you want to update getKeys() comments about isInitiator value? >>>>>> >>>>>> OK. I'll simply remove the "(in JAAS words, isInitiator=true and >>>>>> storeKey=true)" line. >>>>>> >>>> Do you also need to remove "This is used when the client supplies >>>> passowrd but need ...". I think it is the same as "in JAAS words, ...". >>> >>> But that's where it's called. Maybe I should say more: >>> >>> This is used when the client supplies password but need keys >>> to act as an acceptor. It can be called when the state is INIT >>> and returned keys are generated with default salt, or, after >>> AS-REQ is performed, might be updated by KDC. >>> >>>> >>>>>>> >>>>>>> 2. It seems that when isInitiator is true, getKeys() should throw >>>>>>> exception if the state is not OK, right? If so, it looks like that the >>>>>>> update of getKeys() will not throw ISE if the state is INIT. Does INIT >>>>>>> state is enough in such case? >>>>>> >>>>>> The KrbAsReqBuilder class does not know about isInitiator so it cannot >>>>>> make any decision based on it. I'll leave that to its caller. When >>>>>> username/password is provided, getKeys() can be called as soon as the >>>>>> object is created, and it returns keys with default salt. If AS-REQ is >>>>>> performed and state goes OK and the method is called again, the salt >>>>>> might be updated in PA-DATA. >>>>>> >>>> I'm not sure whether the getKeys() return the expected keys when the >>>> state is INIT. It should be OK as it is an internal class, but as >>>> requires that the caller always looks like: >>>> >>>> if (isInitiator) { >>>> // action to update the state to OK >>>> } >>>> encKeys = builder.getKeys(); >>> >>> Correct. In Krb5LoginModule, you can see >>> >>> if (isInitiator) { >>> // XXX Even if isInitiator=false, it might be >>> // better to do an AS-REQ so that keys can be >>> // updated with PA info >>> cred = builder.action().getCreds(); >>> } >>> if (storeKey) { >>> encKeys = builder.getKeys(); >>> // When encKeys is empty, the login actually fails. >>> // For compatibility, exception is thrown in commit(). >>> } >>> >>> This is the only place where this method is called. >>> >>>> >>>> Is getKeys() only be called by Krb5LoginModule.java? If not, I think we >>>> may need to rethink about the change of the behaviors. Otherwise, it is >>>> OK. However, is it a little simpler to update builder.getKeys() to >>>> builder.getKeys(boolean isInitiator)? >>> >>> Yes. But I won't add automatic AS-REQ inside it. The argument will only >>> be used for state check. Is that OK? >>> >>> Thanks >>> Max >>> >>> >>>> >>>> Xuelei >>>> >>>>>> Thanks >>>>>> Max >>>>>> >>>>>> >>>>>>> >>>>>>> Xuelei >>>>>>> >>>>>>> On Sep 16, 2011, at 12:00 PM, Weijun Wang >>>>>>> wrote: >>>>>>> >>>>>>>> Hi All >>>>>>>> >>>>>>>> Code changes at >>>>>>>> >>>>>>>> http://cr.openjdk.java.net/~weijun/7089889/webrev.00/ >>>>>>>> >>>>>>>> KrbAsReqBuilder maintains a state enforcement: at the beginning it's >>>>>>>> INIT, after doing an AS-REQ it's OK, and we used to only allow >>>>>>>> getKeys() to be called when the state is OK. Now if an acceptor has >>>>>>>> isInitiator=false, the OK state will never be reached. In most cases, >>>>>>>> an acceptor uses a keytab so getKeys() is not called. However, if it >>>>>>>> uses username/password (most likely in a peer-to-peer case and the >>>>>>>> acceptor chooses not to login), getKeys() is needed and an exception >>>>>>>> is thrown. >>>>>>>> >>>>>>>> This code change makes getKeys() callable at both INIT and OK states. >>>>>>>> In order to do this, the checkState() method now accepts varargs. >>>>>>>> >>>>>>>> I'll backport this to 7u2, and since 7u2 is now in phase 2, I think I >>>>>>>> need at least 2 reviewers. >>>>>>>> >>>>>>>> Thanks >>>>>>>> Max >>>>>>>> >>>>>>>> -------- Original Message -------- >>>>>>>> >>>>>>>> *Change Request ID*: 7089889 >>>>>>>> >>>>>>>> *Synopsis*: Krb5LoginModule.login() throws an exception if used >>>>>>>> without a keytab >>>>>>>> >>>>>>>> >>>>>>>> === *Description* >>>>>>>> ============================================================ >>>>>>>> FULL PRODUCT VERSION : >>>>>>>> java version "1.7.0" >>>>>>>> Java(TM) SE Runtime Environment (build 1.7.0-b147) >>>>>>>> Java HotSpot(TM) Client VM (build 21.0-b17, mixed mode, sharing) >>>>>>>> >>>>>>>> A DESCRIPTION OF THE PROBLEM : >>>>>>>> The call to LoginContext.login() fails with an exception if the >>>>>>>> LoginContext is configured to use Krb5LoginModule with the following >>>>>>>> options: >>>>>>>> >>>>>>>> storeKey="true" >>>>>>>> useKeyTab="false" >>>>>>>> isInitiator="false" >>>>>>>> >>>>>>>> This appears to be a regression due to an attempt to solve bug >>>>>>>> '6941083'. >>>>>>>> >>>>>>>> The following source code is taken from >>>>>>>> Kb5LoginModule.attemptAuthentication(false): >>>>>>>> >>>>>>>> if (ktab == null) { >>>>>>>> promptForPass(getPasswdFromSharedState); >>>>>>>> builder = new KrbAsReqBuilder(principal, password); >>>>>>>> if (isInitiator) { >>>>>>>> // XXX Even if isInitiator=false, it might be >>>>>>>> // better to do an AS-REQ so that keys can be >>>>>>>> // updated with PA info >>>>>>>> cred = builder.action().getCreds(); >>>>>>>> } >>>>>>>> if (storeKey) { >>>>>>>> encKeys = builder.getKeys(); >>>>>>>> // When encKeys is empty, the login actually fails. >>>>>>>> // For compatibility, exception is thrown in commit(). >>>>>>>> } >>>>>>>> } >>>>>>>> >>>>>>>> This code path results builder.getGeys() being called while the >>>>>>>> builder's state is 'INIT'. >>>>>>>> The builder asserts via checkState() that the state is REQ_OK, hence >>>>>>>> an exception. >>>>>>>> >>>>>>>> This is a regression, as JRE6 and prior versions called >>>>>>>> EncryptionKey.acquireSecretKeys() >>>>>>>> to obtain the keys in this case. >>>>>>>> >>>>>>>> REGRESSION. Last worked in version 6u26 >>>>>>>> >>>>>>>> STEPS TO FOLLOW TO REPRODUCE THE PROBLEM : >>>>>>>> See the executable test case below. Program should be run on a >>>>>>>> Windows machine that is joined to a domain. Replace 'REALM', 'KDC', >>>>>>>> 'DOMAIN_USER' and 'DOMAIN_USER_PWD' as appropriate before running >>>>>>>> >>>>>>>> EXPECTED VERSUS ACTUAL BEHAVIOR : >>>>>>>> EXPECTED - >>>>>>>> "Login succeeded" printed to console >>>>>>>> ACTUAL - >>>>>>>> "Login failed" printed to console. >>>>>>>> Exception stacktrace printed to strerr >>>>>>>> >>>>>>>> ERROR MESSAGES/STACK TRACES THAT OCCUR : >>>>>>>> javax.security.auth.login.LoginException: >>>>>>>> java.lang.IllegalStateException: Cannot get keys at REQ_OK state >>>>>>>> at sun.security.krb5.KrbAsReqBuilder.checkState(Unknown Source) >>>>>>>> at sun.security.krb5.KrbAsReqBuilder.getKeys(Unknown Source) >>>>>>>> at >>>>>>>> com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Unknown >>>>>>>> >>>>>>>> >>>>>>>> Source) >>>>>>>> at com.sun.security.auth.module.Krb5LoginModule.login(Unknown Source) >>>>>>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>>>>>>> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) >>>>>>>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) >>>>>>>> at java.lang.reflect.Method.invoke(Unknown Source) >>>>>>>> at javax.security.auth.login.LoginContext.invoke(Unknown Source) >>>>>>>> at javax.security.auth.login.LoginContext.access$000(Unknown Source) >>>>>>>> at javax.security.auth.login.LoginContext$4.run(Unknown Source) >>>>>>>> at javax.security.auth.login.LoginContext$4.run(Unknown Source) >>>>>>>> at java.security.AccessController.doPrivileged(Native Method) >>>>>>>> at javax.security.auth.login.LoginContext.invokePriv(Unknown Source) >>>>>>>> at javax.security.auth.login.LoginContext.login(Unknown Source) >>>>>>>> at LoginModuleExample.main(LoginModuleExample.java:43) >>>>>>>> >>>>>>>> at javax.security.auth.login.LoginContext.invoke(Unknown Source) >>>>>>>> at javax.security.auth.login.LoginContext.access$000(Unknown Source) >>>>>>>> at javax.security.auth.login.LoginContext$4.run(Unknown Source) >>>>>>>> at javax.security.auth.login.LoginContext$4.run(Unknown Source) >>>>>>>> at java.security.AccessController.doPrivileged(Native Method) >>>>>>>> at javax.security.auth.login.LoginContext.invokePriv(Unknown Source) >>>>>>>> at javax.security.auth.login.LoginContext.login(Unknown Source) >>>>>>>> at LoginModuleExample.main(LoginModuleExample.java:43) >>>>>>>> >>>>>>>> REPRODUCIBILITY : >>>>>>>> This bug can be reproduced always. >>>>>>>> >>>>>>>> ---------- BEGIN SOURCE ---------- >>>>>>>> import java.util.HashMap; >>>>>>>> import java.util.Map; >>>>>>>> >>>>>>>> import javax.security.auth.callback.Callback; >>>>>>>> import javax.security.auth.callback.CallbackHandler; >>>>>>>> import javax.security.auth.callback.NameCallback; >>>>>>>> import javax.security.auth.callback.PasswordCallback; >>>>>>>> import javax.security.auth.login.AppConfigurationEntry; >>>>>>>> import >>>>>>>> javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag; >>>>>>>> >>>>>>>> import javax.security.auth.login.Configuration; >>>>>>>> import javax.security.auth.login.LoginContext; >>>>>>>> >>>>>>>> import com.sun.security.auth.module.Krb5LoginModule; >>>>>>>> >>>>>>>> public class LoginModuleExample { >>>>>>>> >>>>>>>> // Replace with the realm and KDC of the Windows domain. >>>>>>>> private static final String REALM = "DEV-DEM.RECOMMIND.COM"; >>>>>>>> private static final String KDC = >>>>>>>> "AU-DEV-DC01.dev-dem.recommind.com"; >>>>>>>> >>>>>>>> // Replace with the username and password of any account on the >>>>>>>> // above domain. Account needs to be enabled and not locked out. >>>>>>>> private static final String DOMAIN_USER = "sgr"; >>>>>>>> private static final String DOMAIN_USER_PWD = "0rodriguez)"; >>>>>>>> >>>>>>>> private static final String EXAMPLE_SERVER_LOGIN = "example-server"; >>>>>>>> >>>>>>>> /** >>>>>>>> * @param args >>>>>>>> */ >>>>>>>> public static void main(String[] args) { >>>>>>>> >>>>>>>> System.setProperty("java.security.krb5.realm", REALM); >>>>>>>> System.setProperty("java.security.krb5.kdc", KDC); >>>>>>>> >>>>>>>> Configuration.setConfiguration(new CustomConfiguration()); >>>>>>>> >>>>>>>> try { >>>>>>>> CallbackHandler handler = getUsernamePasswordHandler(DOMAIN_USER, >>>>>>>> DOMAIN_USER_PWD); >>>>>>>> >>>>>>>> LoginContext loginContext = new LoginContext(EXAMPLE_SERVER_LOGIN, >>>>>>>> handler); >>>>>>>> >>>>>>>> loginContext.login(); >>>>>>>> >>>>>>>> System.out.println("Login succeeded"); >>>>>>>> } >>>>>>>> catch (Exception e) { >>>>>>>> >>>>>>>> System.out.println("Login failed"); >>>>>>>> e.printStackTrace(); >>>>>>>> } >>>>>>>> >>>>>>>> } >>>>>>>> >>>>>>>> private static CallbackHandler getUsernamePasswordHandler(final >>>>>>>> String username, final String password) { >>>>>>>> >>>>>>>> final CallbackHandler handler = new CallbackHandler() { >>>>>>>> >>>>>>>> public void handle(final Callback[] callback) { >>>>>>>> for (int i = 0; i< callback.length; i++) { >>>>>>>> if (callback[i] instanceof NameCallback) { >>>>>>>> final NameCallback nameCallback = (NameCallback) callback[i]; >>>>>>>> nameCallback.setName(username); >>>>>>>> } >>>>>>>> else if (callback[i] instanceof PasswordCallback) { >>>>>>>> final PasswordCallback passCallback = (PasswordCallback) callback[i]; >>>>>>>> passCallback.setPassword(password.toCharArray()); >>>>>>>> } >>>>>>>> } >>>>>>>> } >>>>>>>> }; >>>>>>>> >>>>>>>> return handler; >>>>>>>> } >>>>>>>> >>>>>>>> final static class CustomConfiguration extends Configuration { >>>>>>>> >>>>>>>> @Override >>>>>>>> public AppConfigurationEntry[] getAppConfigurationEntry(String >>>>>>>> name) { >>>>>>>> >>>>>>>> AppConfigurationEntry[] entries = new AppConfigurationEntry[0]; >>>>>>>> >>>>>>>> if (name.equals(EXAMPLE_SERVER_LOGIN)) { >>>>>>>> String krbModule = Krb5LoginModule.class.getName(); >>>>>>>> LoginModuleControlFlag flag = LoginModuleControlFlag.REQUIRED; >>>>>>>> Map options = new HashMap(); >>>>>>>> >>>>>>>> options.put("storeKey", "true"); >>>>>>>> options.put("useKeyTab", "false"); >>>>>>>> options.put("isInitiator", "false"); >>>>>>>> >>>>>>>> AppConfigurationEntry entry = new AppConfigurationEntry(krbModule, >>>>>>>> flag, options); >>>>>>>> >>>>>>>> entries = new AppConfigurationEntry[] { entry }; >>>>>>>> } >>>>>>>> >>>>>>>> return entries; >>>>>>>> } >>>>>>>> } >>>>>>>> } >>>>>>>> >>>>>>>> ---------- END SOURCE ---------- >>>>>>>> >>>>>>>> >>>> >> From xuelei.fan at oracle.com Wed Sep 21 10:44:11 2011 From: xuelei.fan at oracle.com (Xuelei Fan) Date: Wed, 21 Sep 2011 18:44:11 +0800 Subject: Code review request: 7092375 Security libraries don't build with javac -Werror In-Reply-To: <4E78B0D9.3040203@oracle.com> References: <4E78B0D9.3040203@oracle.com> Message-ID: <4E79BFFB.1080104@oracle.com> 1. "src/share/classes/javax/security/auth/SubjectDomainCombiner.java": public Void run() { // Call refresh only caching is disallowed - javax.security.auth.Policy.getPolicy().refresh(); + refreshPolicy(); return null; } Personally, in general, I would not add a new method in order to cleanup the warning. What do you think if we suppress the warning at run() method? + @SuppressWarnings("deprecation") public Void run() { // Call refresh only caching is disallowed javax.security.auth.Policy.getPolicy().refresh(); return null; } 2. src/share/classes/javax/security/auth/x500/X500Principal.java + @SuppressWarnings("unchecked") public X500Principal(String name) { - this(name, (Map) Collections.EMPTY_MAP); + this(name,(Map)(Map) Collections.emptyMap()); } Personally, I would prefer the following update: public X500Principal(String name) { - this(name, (Map) Collections.EMPTY_MAP); + this(name, Collections.emptyMap()); } 3. src/share/classes/sun/security/ec/ECPublicKeyImpl.java protected void parseKeyBits() throws InvalidKeyException { try { AlgorithmParameters algParams = this.algid.getParameters(); params = algParams.getParameterSpec(ECParameterSpec.class); - w = ECParameters.decodePoint(key, params.getCurve()); + w = getDecodePoint(key, params.getCurve()); } catch (IOException e) { throw new InvalidKeyException("Invalid EC key", e); } catch (InvalidParameterSpecException e) { throw new InvalidKeyException("Invalid EC key", e); } } As #1, in general, I would not add a new method in order to cleanup the warning. What do you think if we suppress warnings in the method parseKeyBits() level? + @SuppressWarnings("deprecation") protected void parseKeyBits() throws InvalidKeyException { Otherwise, looks fine to me. Thanks for the cleanup. Xuelei On 9/20/2011 11:27 PM, Kurchi Hazra wrote: > Hi Xuelei, > > Can you please review these changes? > > Summary: > > 1. Small changes to Java files, mostly in > src/share/classes/javax/security and its subpackages to remove build > warnings. > > 2. Small changes to relevant makefiles to prevent > reintroduction of removed warnings. Added a new makefile to prevent > reintroduction of warnings in javax/security. > > > webrev:http://cr.openjdk.java.net/~xuelei/7092375/webrev.00/ > > Bug description: To appear on http://bugs.sun.com/bugdatabase > > > Thanks, > Kurchi > > From michael.x.mcmahon at oracle.com Wed Sep 21 13:56:42 2011 From: michael.x.mcmahon at oracle.com (michael.x.mcmahon at oracle.com) Date: Wed, 21 Sep 2011 13:56:42 +0000 Subject: hg: jdk8/tl/jdk: 2 new changesets Message-ID: <20110921135712.F2C4C47861@hg.openjdk.java.net> Changeset: 61a8c602cace Author: michaelm Date: 2011-09-21 14:51 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/61a8c602cace 7079012: test/java/net/NetworkInterface/NetParamsTest.java fails with SocketException getting mac address Reviewed-by: chegar, alanb ! src/solaris/native/java/net/NetworkInterface.c ! test/ProblemList.txt Changeset: e7c2bf7d9d33 Author: michaelm Date: 2011-09-21 14:54 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/e7c2bf7d9d33 Merge From sean.mullan at oracle.com Wed Sep 21 14:58:40 2011 From: sean.mullan at oracle.com (Sean Mullan) Date: Wed, 21 Sep 2011 10:58:40 -0400 Subject: Code review request: 7088502 Security libraries don't build with javac -Werror In-Reply-To: <4E7906DC.2060501@oracle.com> References: <4E73CEE2.1010507@oracle.com> <4E7796CE.2070307@oracle.com> <4E7906DC.2060501@oracle.com> Message-ID: <4E79FBA0.3090408@oracle.com> On 9/20/11 5:34 PM, Kurchi Hazra wrote: >> * MessageDigestAlgorithm.java >> >> [74-5] This is preferable: >> >> static ThreadLocal> instances=new >> ThreadLocal>() { >> protected Map initialize()... > The above does not work since the compiler complains that if ThreadLocal > is a HashMap, initialize() cannot override unless its return type is > also HashMap. Even if I change it to > static ThreadLocal> instances=new > ThreadLocal>() { > protected HashMap initialize()... > > the compiler throws an error as follows: > > ../../../../../../src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/MessageDigestAlgorithm.java:74: > error: incompatible types > static ThreadLocal> instances=new > ^ > required: ThreadLocal> > found: >> Try this instead? static ThreadLocal> instances = new ThreadLocal>() { protected Map initialValue() { return new HashMap(); }; }; >> * Canonicalizer20010315.java >> >> [209,314] I'm curious about these changes. Instead of adding a new >> method getSortedSetAsCollection and then suppressing the warnings for >> that, it seems like it would be sufficient to just suppress the >> warnings in this code, ex: >> >> @SuppressWarnings("unchecked") >> ... >> >> ns.getUnrenderedNodes(result); > > > I did not put it inside the code, since the method has many lines of > code and this would mean suppressing unchecked warnings generated > anywhere in the method. Ok, thanks for the explanation. >> * SignatureAlgorithm.java >> >> [130, 399, 434] change type to Class > If I make this change (and similar changes in other classes), I need to > cast at various places, and then I need to Suppress the unchecked > warnings. Is this preferable? > ../../../../../../src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithm.java:412: > warning: [unchecked] unchecked cast > > SignatureAlgorithm._algorithmHash.put(algorithmURI, (Class SignatureAlgorithmSpi>)Class.forName(implementingClass)); > ^ > required: Class > found: Class > where CAP#1 is a fresh type-variable: > CAP#1 extends Object from capture of ? > > > Is there a workaround? Not sure. If you can't figure out a workaround, then disregard my comment and keep the current code. Thanks, Sean From weijun.wang at oracle.com Thu Sep 22 04:06:08 2011 From: weijun.wang at oracle.com (weijun.wang at oracle.com) Date: Thu, 22 Sep 2011 04:06:08 +0000 Subject: hg: jdk8/tl/jdk: 7092627: use agentvm mode instead of samevm in regtests Message-ID: <20110922040626.49F8A4789D@hg.openjdk.java.net> Changeset: daf87c7be6a1 Author: weijun Date: 2011-09-22 12:05 +0800 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/daf87c7be6a1 7092627: use agentvm mode instead of samevm in regtests Reviewed-by: alanb, dsamersoff ! test/Makefile ! test/com/sun/jdi/sde/MangleStepTest.java ! test/java/util/logging/ParentLoggersTest.java From jonathan.gibbons at oracle.com Thu Sep 22 04:57:32 2011 From: jonathan.gibbons at oracle.com (jonathan.gibbons at oracle.com) Date: Thu, 22 Sep 2011 04:57:32 +0000 Subject: hg: jdk8/tl/langtools: 7092965: javac should not close processorClassLoader before end of compilation Message-ID: <20110922045736.D5E79478A0@hg.openjdk.java.net> Changeset: b0d5f00e69f7 Author: jjg Date: 2011-09-21 21:56 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/b0d5f00e69f7 7092965: javac should not close processorClassLoader before end of compilation Reviewed-by: darcy ! src/share/classes/com/sun/tools/javac/main/JavaCompiler.java ! src/share/classes/com/sun/tools/javac/processing/JavacProcessingEnvironment.java ! src/share/classes/com/sun/tools/javac/resources/compiler.properties ! test/tools/javac/diags/examples.not-yet.txt + test/tools/javac/processing/loader/testClose/TestClose.java + test/tools/javac/processing/loader/testClose/TestClose2.java From joe.darcy at oracle.com Thu Sep 22 06:22:30 2011 From: joe.darcy at oracle.com (joe.darcy at oracle.com) Date: Thu, 22 Sep 2011 06:22:30 +0000 Subject: hg: jdk8/tl/jdk: 7092404: Add Math.nextDown and Double.isFinite Message-ID: <20110922062248.CB872478A7@hg.openjdk.java.net> Changeset: 6b6b6ee2afd9 Author: darcy Date: 2011-09-21 23:22 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/6b6b6ee2afd9 7092404: Add Math.nextDown and Double.isFinite Reviewed-by: mduigou ! src/share/classes/java/lang/Double.java ! src/share/classes/java/lang/Float.java ! src/share/classes/java/lang/Math.java ! src/share/classes/java/lang/StrictMath.java ! src/share/classes/java/util/Formatter.java ! src/share/classes/sun/misc/FpUtils.java ! test/java/lang/Double/ParseHexFloatingPoint.java ! test/java/lang/Math/CeilAndFloorTests.java ! test/java/lang/Math/CubeRootTests.java ! test/java/lang/Math/Expm1Tests.java ! test/java/lang/Math/HyperbolicTests.java ! test/java/lang/Math/HypotTests.java ! test/java/lang/Math/IeeeRecommendedTests.java ! test/java/lang/Math/Log10Tests.java ! test/java/lang/Math/Log1pTests.java ! test/java/lang/Math/Rint.java ! test/java/util/Formatter/Basic-X.java.template ! test/java/util/Formatter/BasicBigDecimal.java ! test/java/util/Formatter/BasicBigInteger.java ! test/java/util/Formatter/BasicBoolean.java ! test/java/util/Formatter/BasicBooleanObject.java ! test/java/util/Formatter/BasicByte.java ! test/java/util/Formatter/BasicByteObject.java ! test/java/util/Formatter/BasicChar.java ! test/java/util/Formatter/BasicCharObject.java ! test/java/util/Formatter/BasicDateTime.java ! test/java/util/Formatter/BasicDouble.java ! test/java/util/Formatter/BasicDoubleObject.java ! test/java/util/Formatter/BasicFloat.java ! test/java/util/Formatter/BasicFloatObject.java ! test/java/util/Formatter/BasicInt.java ! test/java/util/Formatter/BasicIntObject.java ! test/java/util/Formatter/BasicLong.java ! test/java/util/Formatter/BasicLongObject.java ! test/java/util/Formatter/BasicShort.java ! test/java/util/Formatter/BasicShortObject.java From weijun.wang at oracle.com Thu Sep 22 15:05:31 2011 From: weijun.wang at oracle.com (Weijun Wang) Date: Thu, 22 Sep 2011 23:05:31 +0800 Subject: code review request: 7077646: gssapi wrap for CFX per-message tokens always set FLAG_ACCEPTOR_SUBKEY Message-ID: <4E7B4EBB.5090706@oracle.com> Webrev at http://cr.openjdk.java.net/~weijun/7077646/webrev.00/ According to RFC 4121 [1]: 2. Key Derivation for Per-Message Tokens ... During the context initiation and acceptance sequence, the acceptor MAY assert a subkey in the AP-REP message. If the acceptor asserts a subkey, the base key is the acceptor-asserted subkey and subsequent per-message tokens MUST be flagged with "AcceptorSubkey", as described in section 4.2.2. Otherwise, if the initiator asserts a subkey in the AP-REQ message, the base key is this subkey; if the initiator does not assert a subkey, the base key is the session key in the service ticket. Java has not checked where the key comes from and always sets the AcceptorSubkey on. This has worked well with the MIT impl because it seems the MIT impl only checks the flag if it should be on but doesn't when it should be off. However, Heimdal is more strict and check in both cases and an interop error happens between Java and Heimdal. In the customer's case, the Apple iChat program uses Heimdal's krb5 impl and cannot communicate well with the Openfire Java jabber server. I would like >= 2 reviewers so it can be backported to a 7u release. I'm still working on a 6u solution at the moment. Thanks Max [1] -------- Original Message -------- *Change Request ID*: 7077646 *Synopsis*: gssapi wrap for CFX per-message tokens always set FLAG_ACCEPTOR_SUBKEY Product: java Category: jgss Subcategory: krb5plugin === *Description* ============================================================ FULL PRODUCT VERSION : A DESCRIPTION OF THE PROBLEM : gssapi wrap for CFX per-message tokens always set FLAG_ACCEPTOR_SUBKEY even though the acceptor doesn't send a sub key. STEPS TO FOLLOW TO REPRODUCE THE PROBLEM : attach debugger to client and see that the the acceptor doesn't send a subkey in the authenticator, see what it sent FLAG_ACCEPTOR_SUBKEY in all per-message tokens. EXPECTED VERSUS ACTUAL BEHAVIOR : EXPECTED - send subkey or don't set flag. REPRODUCIBILITY : This bug can be reproduced always. From jonathan.gibbons at oracle.com Thu Sep 22 16:27:09 2011 From: jonathan.gibbons at oracle.com (jonathan.gibbons at oracle.com) Date: Thu, 22 Sep 2011 16:27:09 +0000 Subject: hg: jdk8/tl/langtools: 7075721: javac should have public enum for exit codes Message-ID: <20110922162712.23BC3478CE@hg.openjdk.java.net> Changeset: 497571d34112 Author: jjg Date: 2011-09-22 09:24 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/497571d34112 7075721: javac should have public enum for exit codes Reviewed-by: mcimadamore ! src/share/classes/com/sun/tools/javac/Main.java ! src/share/classes/com/sun/tools/javac/api/JavacTaskImpl.java ! src/share/classes/com/sun/tools/javac/main/Main.java ! test/tools/javac/diags/ArgTypeCompilerFactory.java ! test/tools/javac/diags/Example.java ! test/tools/javac/lib/CompileFail.java ! test/tools/javac/util/context/T7021650.java From kurchi.subhra.hazra at oracle.com Thu Sep 22 21:42:54 2011 From: kurchi.subhra.hazra at oracle.com (Kurchi Hazra) Date: Thu, 22 Sep 2011 14:42:54 -0700 Subject: Code review request: 7088502 Security libraries don't build with javac -Werror In-Reply-To: <4E79FBA0.3090408@oracle.com> References: <4E73CEE2.1010507@oracle.com> <4E7796CE.2070307@oracle.com> <4E7906DC.2060501@oracle.com> <4E79FBA0.3090408@oracle.com> Message-ID: <4E7BABDE.9020609@oracle.com> Hi Sean, The updated webrev with your comments incorporated: http://cr.openjdk.java.net/~mullan/kurchi/7088502/webrev.01/ For SignatureAlgorithm.java [130, 399, 434] change type to Class and similar changes, I have stuck to your comment, and suppressed the "unchecked" warnings at the places I had to cast. Thanks, Kurchi On 9/21/2011 7:58 AM, Sean Mullan wrote: > On 9/20/11 5:34 PM, Kurchi Hazra wrote: > >>> * MessageDigestAlgorithm.java >>> >>> [74-5] This is preferable: >>> >>> static ThreadLocal> instances=new >>> ThreadLocal>() { >>> protected Map initialize()... >> The above does not work since the compiler complains that if ThreadLocal >> is a HashMap, initialize() cannot override unless its return type is >> also HashMap. Even if I change it to >> static ThreadLocal> instances=new >> ThreadLocal>() { >> protected HashMap initialize()... >> >> the compiler throws an error as follows: >> >> ../../../../../../src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/MessageDigestAlgorithm.java:74: >> error: incompatible types >> static ThreadLocal> instances=new >> ^ >> required: ThreadLocal> >> found:>> > Try this instead? > > static ThreadLocal> instances = > new ThreadLocal>() { > > protected Map initialValue() { > return new HashMap(); > }; > }; > >>> * Canonicalizer20010315.java >>> >>> [209,314] I'm curious about these changes. Instead of adding a new >>> method getSortedSetAsCollection and then suppressing the warnings for >>> that, it seems like it would be sufficient to just suppress the >>> warnings in this code, ex: >>> >>> @SuppressWarnings("unchecked") >>> ... >>> >>> ns.getUnrenderedNodes(result); >> >> I did not put it inside the code, since the method has many lines of >> code and this would mean suppressing unchecked warnings generated >> anywhere in the method. > Ok, thanks for the explanation. > >>> * SignatureAlgorithm.java >>> >>> [130, 399, 434] change type to Class >> If I make this change (and similar changes in other classes), I need to >> cast at various places, and then I need to Suppress the unchecked >> warnings. Is this preferable? >> ../../../../../../src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithm.java:412: >> warning: [unchecked] unchecked cast >> >> SignatureAlgorithm._algorithmHash.put(algorithmURI, (Class> SignatureAlgorithmSpi>)Class.forName(implementingClass)); >> ^ >> required: Class >> found: Class >> where CAP#1 is a fresh type-variable: >> CAP#1 extends Object from capture of ? >> >> >> Is there a workaround? > Not sure. If you can't figure out a workaround, then disregard my comment and > keep the current code. > > Thanks, > Sean -- -Kurchi From mstjohns at comcast.net Thu Sep 22 22:18:57 2011 From: mstjohns at comcast.net (Michael StJohns) Date: Thu, 22 Sep 2011 18:18:57 -0400 Subject: 7054637 closed/lib/security/cacerts/VerifyCACerts.java failed on solaris 11 In-Reply-To: <4E70EFA9.6020707@oracle.com> References: <4E70EFA9.6020707@oracle.com> Message-ID: <20110922221905.40ECE6642@mail.openjdk.java.net> Hi Vincent - Sorry - it took me a few days to look at this. I can't support it. I think this the wrong way to do things - specifically the dependence on the presence of a PKCS11 attribute in the Vendor space. You've got a value in PKCS11Constants + /* Only the raw encoding for an EC point is supported */ + public static final long CKA_ENABLE_RAW_EC_POINT = (CKA_VENDOR_DEFINED | 1); + The problem is that this has a pretty good chance of colliding with an actual vendor defined value. For example, Utimaco has CKA_ATTRIBUTE_LIST 0x80000001 (same as CKA_VENDOR_DEFINED | 1). Instead, use the attribute list of the provider configuration. You'll have to mod sun.security.pkcs11.Config.java - but you won't have the changes in either PKCS11Constants or Functions that are currently there. The problem should be provider wide and not need a per-token config item. So the config file gets instead: useEcX963Encoding=true around line 13 of the .cfg file. Config.java sets the boolean useEcX963Encoding. P11ECKeyFactory.java checks "token.config.useEcX963Encoding". Avoid the use of the term "raw" please - that got us into a number of problems when revising PKCS11. It actually tends to mean just the concatenation of the X and Y points without a format identifier which is not what you mean here according to PKCS11. X9.63 encoding is 1 octet of format identifier - generally 04 for uncompressed - and 2N bytes of X and Y. ECPoint (as defined in PKCS11) is the X9.63 encoding wrapped in an ASN1 OctetString. Thanks! Mike At 02:17 PM 9/14/2011, Vincent Ryan wrote: >Please review the following fix to the SunPKCS11 JCE provider: > >http://cr.openjdk.java.net/~vinnie/7054637/webrev.00/ > >The problem is that some older PKCS11 tokens support only the raw encoding for >EC point in Elliptic Curve public keys. This fix introduces a configuration >attribute that controls whether the raw-encoding or DER-encoding shall be used. > >It aids interoperability between older and newer PKCS11 tokens. > >Thanks. -------------- next part -------------- An HTML attachment was scrubbed... URL: From kurchi.subhra.hazra at oracle.com Fri Sep 23 06:36:05 2011 From: kurchi.subhra.hazra at oracle.com (Kurchi Hazra) Date: Thu, 22 Sep 2011 23:36:05 -0700 Subject: Code review request: 7092375 Security libraries don't build with javac -Werror In-Reply-To: <4E79BFFB.1080104@oracle.com> References: <4E78B0D9.3040203@oracle.com> <4E79BFFB.1080104@oracle.com> Message-ID: <4E7C28D5.3040906@oracle.com> Hi Xuelei, Thanks a lot for your comments. Please find an updated webrev at : http://cr.openjdk.java.net/~xuelei/7092375/webrev.01/ Thanks, Kurchi On 9/21/2011 3:44 AM, Xuelei Fan wrote: > 1. "src/share/classes/javax/security/auth/SubjectDomainCombiner.java": > public Void run() { > // Call refresh only caching is disallowed > - javax.security.auth.Policy.getPolicy().refresh(); > + refreshPolicy(); > return null; > } > > Personally, in general, I would not add a new method in order to cleanup > the warning. > > What do you think if we suppress the warning at run() method? > + @SuppressWarnings("deprecation") > public Void run() { > // Call refresh only caching is disallowed > javax.security.auth.Policy.getPolicy().refresh(); > return null; > } > > > 2. src/share/classes/javax/security/auth/x500/X500Principal.java > + @SuppressWarnings("unchecked") > public X500Principal(String name) { > - this(name, (Map) Collections.EMPTY_MAP); > + this(name,(Map)(Map) Collections.emptyMap()); > } > > > Personally, I would prefer the following update: > public X500Principal(String name) { > - this(name, (Map) Collections.EMPTY_MAP); > + this(name, Collections.emptyMap()); > } > > 3. src/share/classes/sun/security/ec/ECPublicKeyImpl.java > > protected void parseKeyBits() throws InvalidKeyException { > try { > AlgorithmParameters algParams = this.algid.getParameters(); > params = algParams.getParameterSpec(ECParameterSpec.class); > - w = ECParameters.decodePoint(key, params.getCurve()); > + w = getDecodePoint(key, params.getCurve()); > } catch (IOException e) { > throw new InvalidKeyException("Invalid EC key", e); > } catch (InvalidParameterSpecException e) { > throw new InvalidKeyException("Invalid EC key", e); > } > } > > As #1, in general, I would not add a new method in order to cleanup the > warning. > > What do you think if we suppress warnings in the method parseKeyBits() > level? > + @SuppressWarnings("deprecation") > protected void parseKeyBits() throws InvalidKeyException { > > > Otherwise, looks fine to me. > > Thanks for the cleanup. > > Xuelei > > On 9/20/2011 11:27 PM, Kurchi Hazra wrote: >> Hi Xuelei, >> >> Can you please review these changes? >> >> Summary: >> >> 1. Small changes to Java files, mostly in >> src/share/classes/javax/security and its subpackages to remove build >> warnings. >> >> 2. Small changes to relevant makefiles to prevent >> reintroduction of removed warnings. Added a new makefile to prevent >> reintroduction of warnings in javax/security. >> >> >> webrev:http://cr.openjdk.java.net/~xuelei/7092375/webrev.00/ >> >> Bug description: To appear on http://bugs.sun.com/bugdatabase >> >> >> Thanks, >> Kurchi >> >> -- -Kurchi From Xuelei.Fan at Oracle.Com Fri Sep 23 07:00:21 2011 From: Xuelei.Fan at Oracle.Com (Xuelei Fan) Date: Fri, 23 Sep 2011 15:00:21 +0800 Subject: Code review request: 7092375 Security libraries don't build with javac -Werror In-Reply-To: <4E7C28D5.3040906@oracle.com> References: <4E78B0D9.3040203@oracle.com> <4E79BFFB.1080104@oracle.com> <4E7C28D5.3040906@oracle.com> Message-ID: I only reviewed my commented changes. If you updated other files, please let me know. Just one minor comment, read inlines, please. On Sep 23, 2011, at 2:36 PM, Kurchi Hazra wrote: > Hi Xuelei, > > Thanks a lot for your comments. Please find an updated webrev at : > http://cr.openjdk.java.net/~xuelei/7092375/webrev.01/ > > > Thanks, > Kurchi > > > > On 9/21/2011 3:44 AM, Xuelei Fan wrote: >> 1. "src/share/classes/javax/security/auth/SubjectDomainCombiner.java": >> public Void run() { >> // Call refresh only caching is disallowed >> - javax.security.auth.Policy.getPolicy().refresh(); >> + refreshPolicy(); >> return null; >> } >> >> Personally, in general, I would not add a new method in order to cleanup >> the warning. >> >> What do you think if we suppress the warning at run() method? >> + @SuppressWarnings("deprecation") >> public Void run() { >> // Call refresh only caching is disallowed >> javax.security.auth.Policy.getPolicy().refresh(); >> return null; >> } >> >> >> 2. src/share/classes/javax/security/auth/x500/X500Principal.java >> + @SuppressWarnings("unchecked") >> public X500Principal(String name) { >> - this(name, (Map) Collections.EMPTY_MAP); >> + this(name,(Map)(Map) Collections.emptyMap()); >> } >> >> >> Personally, I would prefer the following update: >> public X500Principal(String name) { >> - this(name, (Map) Collections.EMPTY_MAP); >> + this(name, Collections.emptyMap()); >> } I don't think we need the suppress warnings annotation on this method any more. Otherwise, look fine to me. Xuelei >> >> 3. src/share/classes/sun/security/ec/ECPublicKeyImpl.java >> >> protected void parseKeyBits() throws InvalidKeyException { >> try { >> AlgorithmParameters algParams = this.algid.getParameters(); >> params = algParams.getParameterSpec(ECParameterSpec.class); >> - w = ECParameters.decodePoint(key, params.getCurve()); >> + w = getDecodePoint(key, params.getCurve()); >> } catch (IOException e) { >> throw new InvalidKeyException("Invalid EC key", e); >> } catch (InvalidParameterSpecException e) { >> throw new InvalidKeyException("Invalid EC key", e); >> } >> } >> >> As #1, in general, I would not add a new method in order to cleanup the >> warning. >> >> What do you think if we suppress warnings in the method parseKeyBits() >> level? >> + @SuppressWarnings("deprecation") >> protected void parseKeyBits() throws InvalidKeyException { >> >> >> Otherwise, looks fine to me. >> >> Thanks for the cleanup. >> >> Xuelei >> >> On 9/20/2011 11:27 PM, Kurchi Hazra wrote: >>> Hi Xuelei, >>> >>> Can you please review these changes? >>> >>> Summary: >>> >>> 1. Small changes to Java files, mostly in >>> src/share/classes/javax/security and its subpackages to remove build >>> warnings. >>> >>> 2. Small changes to relevant makefiles to prevent >>> reintroduction of removed warnings. Added a new makefile to prevent >>> reintroduction of warnings in javax/security. >>> >>> >>> webrev:http://cr.openjdk.java.net/~xuelei/7092375/webrev.00/ >>> >>> Bug description: To appear on http://bugs.sun.com/bugdatabase >>> >>> >>> Thanks, >>> Kurchi >>> >>> > > -- > -Kurchi > From chris.hegarty at oracle.com Fri Sep 23 15:03:02 2011 From: chris.hegarty at oracle.com (chris.hegarty at oracle.com) Date: Fri, 23 Sep 2011 15:03:02 +0000 Subject: hg: jdk8/tl/jdk: 7091003: ScheduledExecutorService never executes Runnable with corePoolSize of zero Message-ID: <20110923150324.316CE4790C@hg.openjdk.java.net> Changeset: 8dab38c07b6b Author: dl Date: 2011-09-23 14:24 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/8dab38c07b6b 7091003: ScheduledExecutorService never executes Runnable with corePoolSize of zero Reviewed-by: dholmes, chegar ! src/share/classes/java/util/concurrent/ScheduledThreadPoolExecutor.java ! src/share/classes/java/util/concurrent/ThreadPoolExecutor.java + test/java/util/concurrent/ScheduledThreadPoolExecutor/ZeroCorePoolSize.java From vincent.x.ryan at oracle.com Fri Sep 23 15:41:37 2011 From: vincent.x.ryan at oracle.com (Vincent Ryan) Date: Fri, 23 Sep 2011 16:41:37 +0100 Subject: 7054637 closed/lib/security/cacerts/VerifyCACerts.java failed on solaris 11 In-Reply-To: <201109222219.p8MMJ42d030120@rcsinet13.oracle.com> References: <4E70EFA9.6020707@oracle.com> <201109222219.p8MMJ42d030120@rcsinet13.oracle.com> Message-ID: <4E7CA8B1.8020708@oracle.com> Thanks for your feedback Michael. I agree that your provider-based solution is preferable. Here's a revised webrev: http://cr.openjdk.java.net/~vinnie/7054637/webrev.01/ On 09/22/11 11:18 PM, Michael StJohns wrote: > Hi Vincent - > > Sorry - it took me a few days to look at this. I can't support it. > > I think this the wrong way to do things - specifically the dependence on the > presence of a PKCS11 attribute in the Vendor space. > > You've got a value in PKCS11Constants > > > + /* Only the raw encoding for an EC point is > supported */ > + public static final long CKA_ENABLE_RAW_EC_POINT = > (CKA_VENDOR_DEFINED | 1); > + > > > The problem is that this has a pretty good chance of colliding with an actual > vendor defined value. For example, Utimaco has CKA_ATTRIBUTE_LIST 0x80000001 > (same as CKA_VENDOR_DEFINED | 1). > > Instead, use the attribute list of the provider configuration. You'll have to > mod sun.security.pkcs11.Config.java - but you won't have the changes in either > PKCS11Constants or Functions that are currently there. > > > The problem should be provider wide and not need a per-token config item. > > So the config file gets instead: > > useEcX963Encoding=true around line 13 of the .cfg file. > > Config.java sets the boolean useEcX963Encoding. > > P11ECKeyFactory.java checks "token.config.useEcX963Encoding". > > Avoid the use of the term "raw" please - that got us into a number of problems > when revising PKCS11. It actually tends to mean just the concatenation of the X > and Y points without a format identifier which is not what you mean here > according to PKCS11. X9.63 encoding is 1 octet of format identifier - generally > 04 for uncompressed - and 2N bytes of X and Y. ECPoint (as defined in PKCS11) > is the X9.63 encoding wrapped in an ASN1 OctetString. > > > Thanks! Mike > > > At 02:17 PM 9/14/2011, Vincent Ryan wrote: >> Please review the following fix to the SunPKCS11 JCE provider: >> >> http://cr.openjdk.java.net/~vinnie/7054637/webrev.00/ >> >> The problem is that some older PKCS11 tokens support only the raw encoding for >> EC point in Elliptic Curve public keys. This fix introduces a configuration >> attribute that controls whether the raw-encoding or DER-encoding shall be used. >> >> It aids interoperability between older and newer PKCS11 tokens. >> >> Thanks. > From mstjohns at comcast.net Fri Sep 23 16:41:01 2011 From: mstjohns at comcast.net (Michael StJohns) Date: Fri, 23 Sep 2011 12:41:01 -0400 Subject: 7054637 closed/lib/security/cacerts/VerifyCACerts.java failed on solaris 11 In-Reply-To: <4E7CA8B1.8020708@oracle.com> References: <4E70EFA9.6020707@oracle.com> <201109222219.p8MMJ42d030120@rcsinet13.oracle.com> <4E7CA8B1.8020708@oracle.com> Message-ID: <20110923164108.5934F674B@mail.openjdk.java.net> Heh - I thought this looked familiar. Please take a look at my comments in bug 6763530, especially the fix for P11Key around line 1017. Would it make sense to back out the fix that was put into P11Key to fix that bug in favor of a provider based solution (e.g. same boolean check)? Otherwise I'm fine with this fix. Mike At 11:41 AM 9/23/2011, Vincent Ryan wrote: >Thanks for your feedback Michael. I agree that your provider-based solution is >preferable. Here's a revised webrev: > >http://cr.openjdk.java.net/~vinnie/7054637/webrev.01/ > > > >On 09/22/11 11:18 PM, Michael StJohns wrote: >> Hi Vincent - >> >> Sorry - it took me a few days to look at this. I can't support it. >> >> I think this the wrong way to do things - specifically the dependence on the >> presence of a PKCS11 attribute in the Vendor space. >> >> You've got a value in PKCS11Constants >> >> >> + /* Only the raw encoding for an EC point is >> supported */ >> + public static final long CKA_ENABLE_RAW_EC_POINT = >> (CKA_VENDOR_DEFINED | 1); >> + >> >> >> The problem is that this has a pretty good chance of colliding with an actual >> vendor defined value. For example, Utimaco has CKA_ATTRIBUTE_LIST 0x80000001 >> (same as CKA_VENDOR_DEFINED | 1). >> >> Instead, use the attribute list of the provider configuration. You'll have to >> mod sun.security.pkcs11.Config.java - but you won't have the changes in either >> PKCS11Constants or Functions that are currently there. >> >> >> The problem should be provider wide and not need a per-token config item. >> >> So the config file gets instead: >> >> useEcX963Encoding=true around line 13 of the .cfg file. >> >> Config.java sets the boolean useEcX963Encoding. >> >> P11ECKeyFactory.java checks "token.config.useEcX963Encoding". >> >> Avoid the use of the term "raw" please - that got us into a number of problems >> when revising PKCS11. It actually tends to mean just the concatenation of the X >> and Y points without a format identifier which is not what you mean here >> according to PKCS11. X9.63 encoding is 1 octet of format identifier - generally >> 04 for uncompressed - and 2N bytes of X and Y. ECPoint (as defined in PKCS11) >> is the X9.63 encoding wrapped in an ASN1 OctetString. >> >> >> Thanks! Mike >> >> >> At 02:17 PM 9/14/2011, Vincent Ryan wrote: >>> Please review the following fix to the SunPKCS11 JCE provider: >>> >>> http://cr.openjdk.java.net/~vinnie/7054637/webrev.00/ >>> >>> The problem is that some older PKCS11 tokens support only the raw encoding for >>> EC point in Elliptic Curve public keys. This fix introduces a configuration >>> attribute that controls whether the raw-encoding or DER-encoding shall be used. >>> >>> It aids interoperability between older and newer PKCS11 tokens. >>> >>> Thanks. >> From sean.mullan at oracle.com Fri Sep 23 18:54:48 2011 From: sean.mullan at oracle.com (Sean Mullan) Date: Fri, 23 Sep 2011 14:54:48 -0400 Subject: 7081804: Remove cause field from javax.xml.crypto.NoSuchMechnismException In-Reply-To: <4E74F05D.7090806@gmx.de> References: <4E525386.9000207@gmx.de> <4E52758D.2020208@oracle.com> <4E5E8AE3.3070402@gmx.de> <4E5FE753.2010705@oracle.com> <4E606D1D.6050509@gmx.de> <4E613565.1080801@oracle.com> <4E625E14.9060101@gmx.de> <4E67AF3D.2090609@oracle.com> <4E68FFBD.2030601@gmx.de> <4E6A13A2.2020503@gmx.de> <4E74F05D.7090806@gmx.de> Message-ID: <4E7CD5F8.9000501@oracle.com> On 9/17/11 3:09 PM, Sebastian Sickelmann wrote: >> i have updated the webrev [0]. >> But i think that L69 and L72 of the test should be changed to >> checkMutable and the implementation of the exceptions accordantly. That's an interesting question. The current implementation in your code is consistent with java.lang.ClassNotFoundException. I'm curious as to why they disallowed initCause to be called even if they were created using the constructors without Throwables. Any idea? Was this discussed in the other lists? >> [0] http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_3 >> >> -- Sebastian > Any comments / progress on this? Just a couple of minor comments on the test: - the copyright date should only include 2011 - some minor typos (line number in []): [26] s/in/is [43] s/validating/validate [98] s/checkImutable/checkImmutable --Sean From vincent.x.ryan at oracle.com Fri Sep 23 20:13:01 2011 From: vincent.x.ryan at oracle.com (Vincent Ryan) Date: Fri, 23 Sep 2011 21:13:01 +0100 Subject: 7054637 closed/lib/security/cacerts/VerifyCACerts.java failed on solaris 11 In-Reply-To: <201109231641.p8NGf8pB025305@acsinet11.oracle.com> References: <4E70EFA9.6020707@oracle.com> <201109222219.p8MMJ42d030120@rcsinet13.oracle.com> <4E7CA8B1.8020708@oracle.com> <201109231641.p8NGf8pB025305@acsinet11.oracle.com> Message-ID: <4E7CE84D.9080905@oracle.com> On 09/23/11 05:41 PM, Michael StJohns wrote: > Heh - I thought this looked familiar. > > Please take a look at my comments in bug 6763530, especially the fix for P11Key around line 1017. > I didn't see any comments from you in bug 6763530? > Would it make sense to back out the fix that was put into P11Key to fix that bug in favor of a provider based solution (e.g. same boolean check)? > I think the flexibility to decode either format regardless of the setting of the new configuration attribute is a useful benefit. However I'm not convinced that the decoder will ever need to parse an encoding that was not generated by it. > Otherwise I'm fine with this fix. > Great. Thanks. > Mike > > > At 11:41 AM 9/23/2011, Vincent Ryan wrote: >> Thanks for your feedback Michael. I agree that your provider-based solution is >> preferable. Here's a revised webrev: >> >> http://cr.openjdk.java.net/~vinnie/7054637/webrev.01/ >> >> >> >> On 09/22/11 11:18 PM, Michael StJohns wrote: >>> Hi Vincent - >>> >>> Sorry - it took me a few days to look at this. I can't support it. >>> >>> I think this the wrong way to do things - specifically the dependence on the >>> presence of a PKCS11 attribute in the Vendor space. >>> >>> You've got a value in PKCS11Constants >>> >>> >>> + /* Only the raw encoding for an EC point is >>> supported */ >>> + public static final long CKA_ENABLE_RAW_EC_POINT = >>> (CKA_VENDOR_DEFINED | 1); >>> + >>> >>> >>> The problem is that this has a pretty good chance of colliding with an actual >>> vendor defined value. For example, Utimaco has CKA_ATTRIBUTE_LIST 0x80000001 >>> (same as CKA_VENDOR_DEFINED | 1). >>> >>> Instead, use the attribute list of the provider configuration. You'll have to >>> mod sun.security.pkcs11.Config.java - but you won't have the changes in either >>> PKCS11Constants or Functions that are currently there. >>> >>> >>> The problem should be provider wide and not need a per-token config item. >>> >>> So the config file gets instead: >>> >>> useEcX963Encoding=true around line 13 of the .cfg file. >>> >>> Config.java sets the boolean useEcX963Encoding. >>> >>> P11ECKeyFactory.java checks "token.config.useEcX963Encoding". >>> >>> Avoid the use of the term "raw" please - that got us into a number of problems >>> when revising PKCS11. It actually tends to mean just the concatenation of the X >>> and Y points without a format identifier which is not what you mean here >>> according to PKCS11. X9.63 encoding is 1 octet of format identifier - generally >>> 04 for uncompressed - and 2N bytes of X and Y. ECPoint (as defined in PKCS11) >>> is the X9.63 encoding wrapped in an ASN1 OctetString. >>> >>> >>> Thanks! Mike >>> >>> >>> At 02:17 PM 9/14/2011, Vincent Ryan wrote: >>>> Please review the following fix to the SunPKCS11 JCE provider: >>>> >>>> http://cr.openjdk.java.net/~vinnie/7054637/webrev.00/ >>>> >>>> The problem is that some older PKCS11 tokens support only the raw encoding for >>>> EC point in Elliptic Curve public keys. This fix introduces a configuration >>>> attribute that controls whether the raw-encoding or DER-encoding shall be used. >>>> >>>> It aids interoperability between older and newer PKCS11 tokens. >>>> >>>> Thanks. >>> > > From valerie.peng at oracle.com Fri Sep 23 20:09:32 2011 From: valerie.peng at oracle.com (Valerie (Yu-Ching) Peng) Date: Fri, 23 Sep 2011 13:09:32 -0700 Subject: code review request: 7077646: gssapi wrap for CFX per-message tokens always set FLAG_ACCEPTOR_SUBKEY In-Reply-To: <4E7B4EBB.5090706@oracle.com> References: <4E7B4EBB.5090706@oracle.com> Message-ID: <4E7CE77C.4070504@oracle.com> The changes look good to me. Thanks, Valerie On 09/22/11 08:05, Weijun Wang wrote: > Webrev at > > http://cr.openjdk.java.net/~weijun/7077646/webrev.00/ > > According to RFC 4121 [1]: > > 2. Key Derivation for Per-Message Tokens > > ... > > During the context initiation and acceptance sequence, the acceptor > MAY assert a subkey in the AP-REP message. If the acceptor asserts a > subkey, the base key is the acceptor-asserted subkey and subsequent > per-message tokens MUST be flagged with "AcceptorSubkey", as > described in section 4.2.2. Otherwise, if the initiator asserts a > subkey in the AP-REQ message, the base key is this subkey; if the > initiator does not assert a subkey, the base key is the session key > in the service ticket. > > Java has not checked where the key comes from and always sets the > AcceptorSubkey on. This has worked well with the MIT impl because it > seems the MIT impl only checks the flag if it should be on but doesn't > when it should be off. However, Heimdal is more strict and check in > both cases and an interop error happens between Java and Heimdal. > > In the customer's case, the Apple iChat program uses Heimdal's krb5 > impl and cannot communicate well with the Openfire Java jabber server. > > I would like >= 2 reviewers so it can be backported to a 7u release. > I'm still working on a 6u solution at the moment. > > Thanks > Max > > [1] > > -------- Original Message -------- > *Change Request ID*: 7077646 > > *Synopsis*: gssapi wrap for CFX per-message tokens always set > FLAG_ACCEPTOR_SUBKEY > > Product: java > Category: jgss > Subcategory: krb5plugin > > === *Description* > ============================================================ > FULL PRODUCT VERSION : > > > A DESCRIPTION OF THE PROBLEM : > gssapi wrap for CFX per-message tokens always set FLAG_ACCEPTOR_SUBKEY > even though the acceptor doesn't send a sub key. > > > > STEPS TO FOLLOW TO REPRODUCE THE PROBLEM : > attach debugger to client and see that the the acceptor doesn't send a > subkey in the authenticator, see what it sent FLAG_ACCEPTOR_SUBKEY in > all per-message tokens. > > > > EXPECTED VERSUS ACTUAL BEHAVIOR : > EXPECTED - > send subkey or don't set flag. > > REPRODUCIBILITY : > This bug can be reproduced always. > From mstjohns at comcast.net Sat Sep 24 00:24:28 2011 From: mstjohns at comcast.net (Michael StJohns) Date: Fri, 23 Sep 2011 20:24:28 -0400 Subject: 7054637 closed/lib/security/cacerts/VerifyCACerts.java failed on solaris 11 In-Reply-To: <4E7CE84D.9080905@oracle.com> References: <4E70EFA9.6020707@oracle.com> <201109222219.p8MMJ42d030120@rcsinet13.oracle.com> <4E7CA8B1.8020708@oracle.com> <201109231641.p8NGf8pB025305@acsinet11.oracle.com> <4E7CE84D.9080905@oracle.com> Message-ID: <20110924002435.1C57A67B3@mail.openjdk.java.net> At 04:13 PM 9/23/2011, Vincent Ryan wrote: >On 09/23/11 05:41 PM, Michael StJohns wrote: >> Heh - I thought this looked familiar. >> >> Please take a look at my comments in bug 6763530, especially the fix for P11Key around line 1017. >> > >I didn't see any comments from you in bug 6763530? The 29 November comments are from me. >> Would it make sense to back out the fix that was put into P11Key to fix that bug in favor of a provider based solution (e.g. same boolean check)? >> > >I think the flexibility to decode either format regardless of the setting of >the new configuration attribute is a useful benefit. However I'm not convinced >that the decoder will ever need to parse an encoding that was not generated by >it. Yeah - I was thinking that having the encode/decode make sure they're doing the same thing was a good idea. But I think as written it will do the right thing, albeit slightly less efficiently. >> Otherwise I'm fine with this fix. >> > >Great. Thanks. > > >> Mike >> >> >> At 11:41 AM 9/23/2011, Vincent Ryan wrote: >>> Thanks for your feedback Michael. I agree that your provider-based solution is >>> preferable. Here's a revised webrev: >>> >>> http://cr.openjdk.java.net/~vinnie/7054637/webrev.01/ >>> >>> >>> >>> On 09/22/11 11:18 PM, Michael StJohns wrote: >>>> Hi Vincent - >>>> >>>> Sorry - it took me a few days to look at this. I can't support it. >>>> >>>> I think this the wrong way to do things - specifically the dependence on the >>>> presence of a PKCS11 attribute in the Vendor space. >>>> >>>> You've got a value in PKCS11Constants >>>> >>>> >>>> + /* Only the raw encoding for an EC point is >>>> supported */ >>>> + public static final long CKA_ENABLE_RAW_EC_POINT = >>>> (CKA_VENDOR_DEFINED | 1); >>>> + >>>> >>>> >>>> The problem is that this has a pretty good chance of colliding with an actual >>>> vendor defined value. For example, Utimaco has CKA_ATTRIBUTE_LIST 0x80000001 >>>> (same as CKA_VENDOR_DEFINED | 1). >>>> >>>> Instead, use the attribute list of the provider configuration. You'll have to >>>> mod sun.security.pkcs11.Config.java - but you won't have the changes in either >>>> PKCS11Constants or Functions that are currently there. >>>> >>>> >>>> The problem should be provider wide and not need a per-token config item. >>>> >>>> So the config file gets instead: >>>> >>>> useEcX963Encoding=true around line 13 of the .cfg file. >>>> >>>> Config.java sets the boolean useEcX963Encoding. >>>> >>>> P11ECKeyFactory.java checks "token.config.useEcX963Encoding". >>>> >>>> Avoid the use of the term "raw" please - that got us into a number of problems >>>> when revising PKCS11. It actually tends to mean just the concatenation of the X >>>> and Y points without a format identifier which is not what you mean here >>>> according to PKCS11. X9.63 encoding is 1 octet of format identifier - generally >>>> 04 for uncompressed - and 2N bytes of X and Y. ECPoint (as defined in PKCS11) >>>> is the X9.63 encoding wrapped in an ASN1 OctetString. >>>> >>>> >>>> Thanks! Mike >>>> >>>> >>>> At 02:17 PM 9/14/2011, Vincent Ryan wrote: >>>>> Please review the following fix to the SunPKCS11 JCE provider: >>>>> >>>>> http://cr.openjdk.java.net/~vinnie/7054637/webrev.00/ >>>>> >>>>> The problem is that some older PKCS11 tokens support only the raw encoding for >>>>> EC point in Elliptic Curve public keys. This fix introduces a configuration >>>>> attribute that controls whether the raw-encoding or DER-encoding shall be used. >>>>> >>>>> It aids interoperability between older and newer PKCS11 tokens. >>>>> >>>>> Thanks. >>>> >> >> From sebastian.sickelmann at gmx.de Sat Sep 24 09:55:40 2011 From: sebastian.sickelmann at gmx.de (Sebastian Sickelmann) Date: Sat, 24 Sep 2011 11:55:40 +0200 Subject: 7081804: Remove cause field from javax.xml.crypto.NoSuchMechnismException In-Reply-To: <4E7CD5F8.9000501@oracle.com> References: <4E525386.9000207@gmx.de> <4E52758D.2020208@oracle.com> <4E5E8AE3.3070402@gmx.de> <4E5FE753.2010705@oracle.com> <4E606D1D.6050509@gmx.de> <4E613565.1080801@oracle.com> <4E625E14.9060101@gmx.de> <4E67AF3D.2090609@oracle.com> <4E68FFBD.2030601@gmx.de> <4E6A13A2.2020503@gmx.de> <4E74F05D.7090806@gmx.de> <4E7CD5F8.9000501@oracle.com> Message-ID: <4E7DA91C.2000600@gmx.de> Am 23.09.2011 20:54, schrieb Sean Mullan: > On 9/17/11 3:09 PM, Sebastian Sickelmann wrote: > >>> i have updated the webrev [0]. >>> But i think that L69 and L72 of the test should be changed to >>> checkMutable and the implementation of the exceptions accordantly. > That's an interesting question. The current implementation in your code is > consistent with java.lang.ClassNotFoundException. I'm curious as to why they > disallowed initCause to be called even if they were created using the > constructors without Throwables. Any idea? Was this discussed in the other lists? I don't know. I can't find anything in the archives (don't know in which time i must search; The commit in ClassNotFoundException is prior rev 0) @core-libs-dev: Does someone remember why this solution was preferred for ClassNotFound? For javax/xml/crypto i would change it to my suggestion (to L69 and L72) above to not break behavior for JSR105. On the other side it would be nice to have a common behavoir on this for all Exceptions in JDK. There are 2 solutions that sound reasonable for me: 1. Preventing initCause when cause is given. And allowing initCause once (if created with an ctor without cause). 2. Preventing initCause in every exception class that has the 4 standard ctors. Only for those Exceptions without the "ctors with cause" the initCause can be called. I like both. No.1 is nearer to the behavoir we actually have and is more flexible than No.2. No.2 is more "secure". You cannot "inject" an cause in ex. after you catches the exception. But you must have the cause to initialize it before you create the exception, this is slightly more inflexible, even if i think this flexibility is not needed anywhere. >>> [0] http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_3 >>> >>> -- Sebastian >> Any comments / progress on this? > Just a couple of minor comments on the test: > > - the copyright date should only include 2011 > - some minor typos (line number in []): > > [26] s/in/is > [43] s/validating/validate > [98] s/checkImutable/checkImmutable > Updated webrev: http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_4 > --Sean -- Sebastian From weijun.wang at oracle.com Sat Sep 24 12:29:03 2011 From: weijun.wang at oracle.com (Weijun Wang) Date: Sat, 24 Sep 2011 20:29:03 +0800 Subject: code review request: 7077646: gssapi wrap for CFX per-message tokens always set FLAG_ACCEPTOR_SUBKEY In-Reply-To: <4E7CE77C.4070504@oracle.com> References: <4E7B4EBB.5090706@oracle.com> <4E7CE77C.4070504@oracle.com> Message-ID: <4E7DCD0F.90201@oracle.com> Thanks. Do you have time to look at 7077640: gss wrap for cfx doesn't handle rrc != 0 at http://cr.openjdk.java.net/~weijun/7077640/webrev.00 It was also reported by Heimdal. They always have a non-zero RRC. Thanks Max On 09/24/2011 04:09 AM, Valerie (Yu-Ching) Peng wrote: > The changes look good to me. > Thanks, > Valerie > On 09/22/11 08:05, Weijun Wang wrote: >> Webrev at >> >> http://cr.openjdk.java.net/~weijun/7077646/webrev.00/ >> >> According to RFC 4121 [1]: >> >> 2. Key Derivation for Per-Message Tokens >> >> ... >> >> During the context initiation and acceptance sequence, the acceptor >> MAY assert a subkey in the AP-REP message. If the acceptor asserts a >> subkey, the base key is the acceptor-asserted subkey and subsequent >> per-message tokens MUST be flagged with "AcceptorSubkey", as >> described in section 4.2.2. Otherwise, if the initiator asserts a >> subkey in the AP-REQ message, the base key is this subkey; if the >> initiator does not assert a subkey, the base key is the session key >> in the service ticket. >> >> Java has not checked where the key comes from and always sets the >> AcceptorSubkey on. This has worked well with the MIT impl because it >> seems the MIT impl only checks the flag if it should be on but doesn't >> when it should be off. However, Heimdal is more strict and check in >> both cases and an interop error happens between Java and Heimdal. >> >> In the customer's case, the Apple iChat program uses Heimdal's krb5 >> impl and cannot communicate well with the Openfire Java jabber server. >> >> I would like >= 2 reviewers so it can be backported to a 7u release. >> I'm still working on a 6u solution at the moment. >> >> Thanks >> Max >> >> [1] >> >> -------- Original Message -------- >> *Change Request ID*: 7077646 >> >> *Synopsis*: gssapi wrap for CFX per-message tokens always set >> FLAG_ACCEPTOR_SUBKEY >> >> Product: java >> Category: jgss >> Subcategory: krb5plugin >> >> === *Description* >> ============================================================ >> FULL PRODUCT VERSION : >> >> >> A DESCRIPTION OF THE PROBLEM : >> gssapi wrap for CFX per-message tokens always set FLAG_ACCEPTOR_SUBKEY >> even though the acceptor doesn't send a sub key. >> >> >> >> STEPS TO FOLLOW TO REPRODUCE THE PROBLEM : >> attach debugger to client and see that the the acceptor doesn't send a >> subkey in the authenticator, see what it sent FLAG_ACCEPTOR_SUBKEY in >> all per-message tokens. >> >> >> >> EXPECTED VERSUS ACTUAL BEHAVIOR : >> EXPECTED - >> send subkey or don't set flag. >> >> REPRODUCIBILITY : >> This bug can be reproduced always. >> > From lana.steuck at oracle.com Sun Sep 25 05:53:42 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Sun, 25 Sep 2011 05:53:42 +0000 Subject: hg: jdk8/tl: 2 new changesets Message-ID: <20110925055342.904494797F@hg.openjdk.java.net> Changeset: 28cf2aec4dd7 Author: schien Date: 2011-09-15 18:53 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/rev/28cf2aec4dd7 Added tag jdk8-b05 for changeset b910aac18c77 ! .hgtags Changeset: 39edfd9d8ff0 Author: lana Date: 2011-09-23 23:25 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/rev/39edfd9d8ff0 Merge From lana.steuck at oracle.com Sun Sep 25 05:53:44 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Sun, 25 Sep 2011 05:53:44 +0000 Subject: hg: jdk8/tl/jaxp: Added tag jdk8-b05 for changeset ff0a3d78e7a2 Message-ID: <20110925055344.90B6A47980@hg.openjdk.java.net> Changeset: d7b8192e7277 Author: schien Date: 2011-09-15 18:53 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxp/rev/d7b8192e7277 Added tag jdk8-b05 for changeset ff0a3d78e7a2 ! .hgtags From lana.steuck at oracle.com Sun Sep 25 05:53:42 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Sun, 25 Sep 2011 05:53:42 +0000 Subject: hg: jdk8/tl/corba: Added tag jdk8-b05 for changeset cc1b599b986a Message-ID: <20110925055346.2377D47981@hg.openjdk.java.net> Changeset: 45c43dde7ba7 Author: schien Date: 2011-09-15 18:53 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/corba/rev/45c43dde7ba7 Added tag jdk8-b05 for changeset cc1b599b986a ! .hgtags From lana.steuck at oracle.com Sun Sep 25 05:53:48 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Sun, 25 Sep 2011 05:53:48 +0000 Subject: hg: jdk8/tl/jaxws: Added tag jdk8-b05 for changeset 7d5d91fddbce Message-ID: <20110925055348.7578347982@hg.openjdk.java.net> Changeset: acffff22a946 Author: schien Date: 2011-09-15 18:53 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxws/rev/acffff22a946 Added tag jdk8-b05 for changeset 7d5d91fddbce ! .hgtags From lana.steuck at oracle.com Sun Sep 25 05:53:42 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Sun, 25 Sep 2011 05:53:42 +0000 Subject: hg: jdk8/tl/hotspot: Added tag jdk8-b05 for changeset dce7d24674f4 Message-ID: <20110925055354.A6DC047983@hg.openjdk.java.net> Changeset: 0db80d8e77fc Author: schien Date: 2011-09-15 18:53 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/hotspot/rev/0db80d8e77fc Added tag jdk8-b05 for changeset dce7d24674f4 ! .hgtags From lana.steuck at oracle.com Sun Sep 25 05:53:59 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Sun, 25 Sep 2011 05:53:59 +0000 Subject: hg: jdk8/tl/langtools: 3 new changesets Message-ID: <20110925055408.5E3CB47984@hg.openjdk.java.net> Changeset: 4e754e4b0a52 Author: schien Date: 2011-09-15 18:53 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/4e754e4b0a52 Added tag jdk8-b05 for changeset 5304c2a17d4b ! .hgtags Changeset: d2422276f9da Author: lana Date: 2011-09-19 19:41 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/d2422276f9da Merge Changeset: 0c6f79fc8441 Author: lana Date: 2011-09-23 23:30 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/0c6f79fc8441 Merge From lana.steuck at oracle.com Sun Sep 25 05:55:40 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Sun, 25 Sep 2011 05:55:40 +0000 Subject: hg: jdk8/tl/jdk: 16 new changesets Message-ID: <20110925055827.D672E47985@hg.openjdk.java.net> Changeset: 266f095ce636 Author: mbykov Date: 2011-09-09 15:21 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/266f095ce636 7087932: Wrong legal notice introduced in the JDK8 changeset c43af666d130 Reviewed-by: ohair, darcy ! src/share/classes/java/lang/VirtualMachineError.java Changeset: 0b32369b83d8 Author: schien Date: 2011-09-14 15:55 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0b32369b83d8 Merge Changeset: 907bcdbc2593 Author: schien Date: 2011-09-15 18:53 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/907bcdbc2593 Added tag jdk8-b05 for changeset 0b32369b83d8 ! .hgtags Changeset: fbfd97a14af1 Author: dbuck Date: 2011-09-02 04:28 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/fbfd97a14af1 7074386: fallback to fontconfig..bfc/properties if fontconfig... Summary: fallback to fontconfig..bfc/properties if fontconfig... is not found Reviewed-by: prr, robm ! src/share/classes/sun/awt/FontConfiguration.java Changeset: b8b6587b9574 Author: prr Date: 2011-09-06 13:40 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/b8b6587b9574 7050826: Hebrew characters are not rendered on OEL 5.6 Reviewed-by: bae, jgodinez ! src/solaris/native/sun/awt/fontpath.c Changeset: 22149eb5a8c9 Author: lana Date: 2011-09-09 17:22 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/22149eb5a8c9 Merge - make/com/oracle/net/Makefile - src/share/classes/sun/io/ByteToCharASCII.java - src/share/classes/sun/io/ByteToCharBig5.java - src/share/classes/sun/io/ByteToCharBig5_HKSCS.java - src/share/classes/sun/io/ByteToCharBig5_Solaris.java - src/share/classes/sun/io/ByteToCharConverter.java - src/share/classes/sun/io/ByteToCharCp037.java - src/share/classes/sun/io/ByteToCharCp1006.java - src/share/classes/sun/io/ByteToCharCp1025.java - src/share/classes/sun/io/ByteToCharCp1026.java - src/share/classes/sun/io/ByteToCharCp1046.java - src/share/classes/sun/io/ByteToCharCp1047.java - src/share/classes/sun/io/ByteToCharCp1097.java - src/share/classes/sun/io/ByteToCharCp1098.java - src/share/classes/sun/io/ByteToCharCp1112.java - src/share/classes/sun/io/ByteToCharCp1122.java - src/share/classes/sun/io/ByteToCharCp1123.java - src/share/classes/sun/io/ByteToCharCp1124.java - src/share/classes/sun/io/ByteToCharCp1140.java - src/share/classes/sun/io/ByteToCharCp1141.java - src/share/classes/sun/io/ByteToCharCp1142.java - src/share/classes/sun/io/ByteToCharCp1143.java - src/share/classes/sun/io/ByteToCharCp1144.java - src/share/classes/sun/io/ByteToCharCp1145.java - src/share/classes/sun/io/ByteToCharCp1146.java - src/share/classes/sun/io/ByteToCharCp1147.java - src/share/classes/sun/io/ByteToCharCp1148.java - src/share/classes/sun/io/ByteToCharCp1149.java - src/share/classes/sun/io/ByteToCharCp1250.java - src/share/classes/sun/io/ByteToCharCp1251.java - src/share/classes/sun/io/ByteToCharCp1252.java - src/share/classes/sun/io/ByteToCharCp1253.java - src/share/classes/sun/io/ByteToCharCp1254.java - src/share/classes/sun/io/ByteToCharCp1255.java - src/share/classes/sun/io/ByteToCharCp1256.java - src/share/classes/sun/io/ByteToCharCp1257.java - src/share/classes/sun/io/ByteToCharCp1258.java - src/share/classes/sun/io/ByteToCharCp1381.java - src/share/classes/sun/io/ByteToCharCp1383.java - src/share/classes/sun/io/ByteToCharCp273.java - src/share/classes/sun/io/ByteToCharCp277.java - src/share/classes/sun/io/ByteToCharCp278.java - src/share/classes/sun/io/ByteToCharCp280.java - src/share/classes/sun/io/ByteToCharCp284.java - src/share/classes/sun/io/ByteToCharCp285.java - src/share/classes/sun/io/ByteToCharCp297.java - src/share/classes/sun/io/ByteToCharCp33722.java - src/share/classes/sun/io/ByteToCharCp420.java - src/share/classes/sun/io/ByteToCharCp424.java - src/share/classes/sun/io/ByteToCharCp437.java - src/share/classes/sun/io/ByteToCharCp500.java - src/share/classes/sun/io/ByteToCharCp737.java - src/share/classes/sun/io/ByteToCharCp775.java - src/share/classes/sun/io/ByteToCharCp833.java - src/share/classes/sun/io/ByteToCharCp834.java - src/share/classes/sun/io/ByteToCharCp838.java - src/share/classes/sun/io/ByteToCharCp850.java - src/share/classes/sun/io/ByteToCharCp852.java - src/share/classes/sun/io/ByteToCharCp855.java - src/share/classes/sun/io/ByteToCharCp856.java - src/share/classes/sun/io/ByteToCharCp857.java - src/share/classes/sun/io/ByteToCharCp858.java - src/share/classes/sun/io/ByteToCharCp860.java - src/share/classes/sun/io/ByteToCharCp861.java - src/share/classes/sun/io/ByteToCharCp862.java - src/share/classes/sun/io/ByteToCharCp863.java - src/share/classes/sun/io/ByteToCharCp864.java - src/share/classes/sun/io/ByteToCharCp865.java - src/share/classes/sun/io/ByteToCharCp866.java - src/share/classes/sun/io/ByteToCharCp868.java - src/share/classes/sun/io/ByteToCharCp869.java - src/share/classes/sun/io/ByteToCharCp870.java - src/share/classes/sun/io/ByteToCharCp871.java - src/share/classes/sun/io/ByteToCharCp874.java - src/share/classes/sun/io/ByteToCharCp875.java - src/share/classes/sun/io/ByteToCharCp918.java - src/share/classes/sun/io/ByteToCharCp921.java - src/share/classes/sun/io/ByteToCharCp922.java - src/share/classes/sun/io/ByteToCharCp930.java - src/share/classes/sun/io/ByteToCharCp933.java - src/share/classes/sun/io/ByteToCharCp935.java - src/share/classes/sun/io/ByteToCharCp937.java - src/share/classes/sun/io/ByteToCharCp939.java - src/share/classes/sun/io/ByteToCharCp942.java - src/share/classes/sun/io/ByteToCharCp942C.java - src/share/classes/sun/io/ByteToCharCp943.java - src/share/classes/sun/io/ByteToCharCp943C.java - src/share/classes/sun/io/ByteToCharCp948.java - src/share/classes/sun/io/ByteToCharCp949.java - src/share/classes/sun/io/ByteToCharCp949C.java - src/share/classes/sun/io/ByteToCharCp950.java - src/share/classes/sun/io/ByteToCharCp964.java - src/share/classes/sun/io/ByteToCharCp970.java - src/share/classes/sun/io/ByteToCharDBCS_ASCII.java - src/share/classes/sun/io/ByteToCharDBCS_EBCDIC.java - src/share/classes/sun/io/ByteToCharDoubleByte.java - src/share/classes/sun/io/ByteToCharEUC.java - src/share/classes/sun/io/ByteToCharEUC2.java - src/share/classes/sun/io/ByteToCharEUC_CN.java - src/share/classes/sun/io/ByteToCharEUC_JP.java - src/share/classes/sun/io/ByteToCharEUC_JP_LINUX.java - src/share/classes/sun/io/ByteToCharEUC_JP_Solaris.java - src/share/classes/sun/io/ByteToCharEUC_KR.java - src/share/classes/sun/io/ByteToCharEUC_TW.java - src/share/classes/sun/io/ByteToCharGB18030.java - src/share/classes/sun/io/ByteToCharGB18030DB.java - src/share/classes/sun/io/ByteToCharGBK.java - src/share/classes/sun/io/ByteToCharISCII91.java - src/share/classes/sun/io/ByteToCharISO2022.java - src/share/classes/sun/io/ByteToCharISO2022CN.java - src/share/classes/sun/io/ByteToCharISO2022JP.java - src/share/classes/sun/io/ByteToCharISO2022KR.java - src/share/classes/sun/io/ByteToCharISO8859_1.java - src/share/classes/sun/io/ByteToCharISO8859_13.java - src/share/classes/sun/io/ByteToCharISO8859_15.java - src/share/classes/sun/io/ByteToCharISO8859_2.java - src/share/classes/sun/io/ByteToCharISO8859_3.java - src/share/classes/sun/io/ByteToCharISO8859_4.java - src/share/classes/sun/io/ByteToCharISO8859_5.java - src/share/classes/sun/io/ByteToCharISO8859_6.java - src/share/classes/sun/io/ByteToCharISO8859_7.java - src/share/classes/sun/io/ByteToCharISO8859_8.java - src/share/classes/sun/io/ByteToCharISO8859_9.java - src/share/classes/sun/io/ByteToCharJIS0201.java - src/share/classes/sun/io/ByteToCharJIS0208.java - src/share/classes/sun/io/ByteToCharJIS0208_Solaris.java - src/share/classes/sun/io/ByteToCharJIS0212.java - src/share/classes/sun/io/ByteToCharJIS0212_Solaris.java - src/share/classes/sun/io/ByteToCharJISAutoDetect.java - src/share/classes/sun/io/ByteToCharJohab.java - src/share/classes/sun/io/ByteToCharKOI8_R.java - src/share/classes/sun/io/ByteToCharMS874.java - src/share/classes/sun/io/ByteToCharMS932.java - src/share/classes/sun/io/ByteToCharMS936.java - src/share/classes/sun/io/ByteToCharMS949.java - src/share/classes/sun/io/ByteToCharMS950.java - src/share/classes/sun/io/ByteToCharMS950_HKSCS.java - src/share/classes/sun/io/ByteToCharMacArabic.java - src/share/classes/sun/io/ByteToCharMacCentralEurope.java - src/share/classes/sun/io/ByteToCharMacCroatian.java - src/share/classes/sun/io/ByteToCharMacCyrillic.java - src/share/classes/sun/io/ByteToCharMacDingbat.java - src/share/classes/sun/io/ByteToCharMacGreek.java - src/share/classes/sun/io/ByteToCharMacHebrew.java - src/share/classes/sun/io/ByteToCharMacIceland.java - src/share/classes/sun/io/ByteToCharMacRoman.java - src/share/classes/sun/io/ByteToCharMacRomania.java - src/share/classes/sun/io/ByteToCharMacSymbol.java - src/share/classes/sun/io/ByteToCharMacThai.java - src/share/classes/sun/io/ByteToCharMacTurkish.java - src/share/classes/sun/io/ByteToCharMacUkraine.java - src/share/classes/sun/io/ByteToCharPCK.java - src/share/classes/sun/io/ByteToCharSJIS.java - src/share/classes/sun/io/ByteToCharSingleByte.java - src/share/classes/sun/io/ByteToCharTIS620.java - src/share/classes/sun/io/ByteToCharUTF16.java - src/share/classes/sun/io/ByteToCharUTF8.java - src/share/classes/sun/io/ByteToCharUnicode.java - src/share/classes/sun/io/ByteToCharUnicodeBig.java - src/share/classes/sun/io/ByteToCharUnicodeBigUnmarked.java - src/share/classes/sun/io/ByteToCharUnicodeLittle.java - src/share/classes/sun/io/ByteToCharUnicodeLittleUnmarked.java - src/share/classes/sun/io/CharToByteASCII.java - src/share/classes/sun/io/CharToByteBig5.java - src/share/classes/sun/io/CharToByteBig5_HKSCS.java - src/share/classes/sun/io/CharToByteBig5_Solaris.java - src/share/classes/sun/io/CharToByteConverter.java - src/share/classes/sun/io/CharToByteCp037.java - src/share/classes/sun/io/CharToByteCp1006.java - src/share/classes/sun/io/CharToByteCp1025.java - src/share/classes/sun/io/CharToByteCp1026.java - src/share/classes/sun/io/CharToByteCp1046.java - src/share/classes/sun/io/CharToByteCp1047.java - src/share/classes/sun/io/CharToByteCp1097.java - src/share/classes/sun/io/CharToByteCp1098.java - src/share/classes/sun/io/CharToByteCp1112.java - src/share/classes/sun/io/CharToByteCp1122.java - src/share/classes/sun/io/CharToByteCp1123.java - src/share/classes/sun/io/CharToByteCp1124.java - src/share/classes/sun/io/CharToByteCp1140.java - src/share/classes/sun/io/CharToByteCp1141.java - src/share/classes/sun/io/CharToByteCp1142.java - src/share/classes/sun/io/CharToByteCp1143.java - src/share/classes/sun/io/CharToByteCp1144.java - src/share/classes/sun/io/CharToByteCp1145.java - src/share/classes/sun/io/CharToByteCp1146.java - src/share/classes/sun/io/CharToByteCp1147.java - src/share/classes/sun/io/CharToByteCp1148.java - src/share/classes/sun/io/CharToByteCp1149.java - src/share/classes/sun/io/CharToByteCp1250.java - src/share/classes/sun/io/CharToByteCp1251.java - src/share/classes/sun/io/CharToByteCp1252.java - src/share/classes/sun/io/CharToByteCp1253.java - src/share/classes/sun/io/CharToByteCp1254.java - src/share/classes/sun/io/CharToByteCp1255.java - src/share/classes/sun/io/CharToByteCp1256.java - src/share/classes/sun/io/CharToByteCp1257.java - src/share/classes/sun/io/CharToByteCp1258.java - src/share/classes/sun/io/CharToByteCp1381.java - src/share/classes/sun/io/CharToByteCp1383.java - src/share/classes/sun/io/CharToByteCp273.java - src/share/classes/sun/io/CharToByteCp277.java - src/share/classes/sun/io/CharToByteCp278.java - src/share/classes/sun/io/CharToByteCp280.java - src/share/classes/sun/io/CharToByteCp284.java - src/share/classes/sun/io/CharToByteCp285.java - src/share/classes/sun/io/CharToByteCp297.java - src/share/classes/sun/io/CharToByteCp33722.java - src/share/classes/sun/io/CharToByteCp420.java - src/share/classes/sun/io/CharToByteCp424.java - src/share/classes/sun/io/CharToByteCp437.java - src/share/classes/sun/io/CharToByteCp500.java - src/share/classes/sun/io/CharToByteCp737.java - src/share/classes/sun/io/CharToByteCp775.java - src/share/classes/sun/io/CharToByteCp833.java - src/share/classes/sun/io/CharToByteCp834.java - src/share/classes/sun/io/CharToByteCp838.java - src/share/classes/sun/io/CharToByteCp850.java - src/share/classes/sun/io/CharToByteCp852.java - src/share/classes/sun/io/CharToByteCp855.java - src/share/classes/sun/io/CharToByteCp856.java - src/share/classes/sun/io/CharToByteCp857.java - src/share/classes/sun/io/CharToByteCp858.java - src/share/classes/sun/io/CharToByteCp860.java - src/share/classes/sun/io/CharToByteCp861.java - src/share/classes/sun/io/CharToByteCp862.java - src/share/classes/sun/io/CharToByteCp863.java - src/share/classes/sun/io/CharToByteCp864.java - src/share/classes/sun/io/CharToByteCp865.java - src/share/classes/sun/io/CharToByteCp866.java - src/share/classes/sun/io/CharToByteCp868.java - src/share/classes/sun/io/CharToByteCp869.java - src/share/classes/sun/io/CharToByteCp870.java - src/share/classes/sun/io/CharToByteCp871.java - src/share/classes/sun/io/CharToByteCp874.java - src/share/classes/sun/io/CharToByteCp875.java - src/share/classes/sun/io/CharToByteCp918.java - src/share/classes/sun/io/CharToByteCp921.java - src/share/classes/sun/io/CharToByteCp922.java - src/share/classes/sun/io/CharToByteCp930.java - src/share/classes/sun/io/CharToByteCp933.java - src/share/classes/sun/io/CharToByteCp935.java - src/share/classes/sun/io/CharToByteCp937.java - src/share/classes/sun/io/CharToByteCp939.java - src/share/classes/sun/io/CharToByteCp942.java - src/share/classes/sun/io/CharToByteCp942C.java - src/share/classes/sun/io/CharToByteCp943.java - src/share/classes/sun/io/CharToByteCp943C.java - src/share/classes/sun/io/CharToByteCp948.java - src/share/classes/sun/io/CharToByteCp949.java - src/share/classes/sun/io/CharToByteCp949C.java - src/share/classes/sun/io/CharToByteCp950.java - src/share/classes/sun/io/CharToByteCp964.java - src/share/classes/sun/io/CharToByteCp970.java - src/share/classes/sun/io/CharToByteDBCS_ASCII.java - src/share/classes/sun/io/CharToByteDBCS_EBCDIC.java - src/share/classes/sun/io/CharToByteDoubleByte.java - src/share/classes/sun/io/CharToByteEUC.java - src/share/classes/sun/io/CharToByteEUC_CN.java - src/share/classes/sun/io/CharToByteEUC_JP.java - src/share/classes/sun/io/CharToByteEUC_JP_LINUX.java - src/share/classes/sun/io/CharToByteEUC_JP_Solaris.java - src/share/classes/sun/io/CharToByteEUC_KR.java - src/share/classes/sun/io/CharToByteEUC_TW.java - src/share/classes/sun/io/CharToByteGB18030.java - src/share/classes/sun/io/CharToByteGBK.java - src/share/classes/sun/io/CharToByteISCII91.java - src/share/classes/sun/io/CharToByteISO2022.java - src/share/classes/sun/io/CharToByteISO2022CN_CNS.java - src/share/classes/sun/io/CharToByteISO2022CN_GB.java - src/share/classes/sun/io/CharToByteISO2022JP.java - src/share/classes/sun/io/CharToByteISO2022KR.java - src/share/classes/sun/io/CharToByteISO8859_1.java - src/share/classes/sun/io/CharToByteISO8859_13.java - src/share/classes/sun/io/CharToByteISO8859_15.java - src/share/classes/sun/io/CharToByteISO8859_2.java - src/share/classes/sun/io/CharToByteISO8859_3.java - src/share/classes/sun/io/CharToByteISO8859_4.java - src/share/classes/sun/io/CharToByteISO8859_5.java - src/share/classes/sun/io/CharToByteISO8859_6.java - src/share/classes/sun/io/CharToByteISO8859_7.java - src/share/classes/sun/io/CharToByteISO8859_8.java - src/share/classes/sun/io/CharToByteISO8859_9.java - src/share/classes/sun/io/CharToByteJIS0201.java - src/share/classes/sun/io/CharToByteJIS0208.java - src/share/classes/sun/io/CharToByteJIS0208_Solaris.java - src/share/classes/sun/io/CharToByteJIS0212.java - src/share/classes/sun/io/CharToByteJIS0212_Solaris.java - src/share/classes/sun/io/CharToByteJohab.java - src/share/classes/sun/io/CharToByteKOI8_R.java - src/share/classes/sun/io/CharToByteMS874.java - src/share/classes/sun/io/CharToByteMS932.java - src/share/classes/sun/io/CharToByteMS936.java - src/share/classes/sun/io/CharToByteMS949.java - src/share/classes/sun/io/CharToByteMS950.java - src/share/classes/sun/io/CharToByteMS950_HKSCS.java - src/share/classes/sun/io/CharToByteMacArabic.java - src/share/classes/sun/io/CharToByteMacCentralEurope.java - src/share/classes/sun/io/CharToByteMacCroatian.java - src/share/classes/sun/io/CharToByteMacCyrillic.java - src/share/classes/sun/io/CharToByteMacDingbat.java - src/share/classes/sun/io/CharToByteMacGreek.java - src/share/classes/sun/io/CharToByteMacHebrew.java - src/share/classes/sun/io/CharToByteMacIceland.java - src/share/classes/sun/io/CharToByteMacRoman.java - src/share/classes/sun/io/CharToByteMacRomania.java - src/share/classes/sun/io/CharToByteMacSymbol.java - src/share/classes/sun/io/CharToByteMacThai.java - src/share/classes/sun/io/CharToByteMacTurkish.java - src/share/classes/sun/io/CharToByteMacUkraine.java - src/share/classes/sun/io/CharToBytePCK.java - src/share/classes/sun/io/CharToByteSJIS.java - src/share/classes/sun/io/CharToByteSingleByte.java - src/share/classes/sun/io/CharToByteTIS620.java - src/share/classes/sun/io/CharToByteUTF16.java - src/share/classes/sun/io/CharToByteUTF8.java - src/share/classes/sun/io/CharToByteUnicode.java - src/share/classes/sun/io/CharToByteUnicodeBig.java - src/share/classes/sun/io/CharToByteUnicodeBigUnmarked.java - src/share/classes/sun/io/CharToByteUnicodeLittle.java - src/share/classes/sun/io/CharToByteUnicodeLittleUnmarked.java - src/share/classes/sun/io/CharacterEncoding.java - src/share/classes/sun/io/ConversionBufferFullException.java - src/share/classes/sun/io/Converters.java - src/share/classes/sun/io/MalformedInputException.java - src/share/classes/sun/io/UnknownCharacterException.java - test/sun/nio/cs/TestISCII91.java Changeset: 22c60997bf3c Author: rupashka Date: 2011-08-30 13:07 +0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/22c60997bf3c 7080281: AbtsractButton.checkVerticalKey()/checkHorizontalKey() methods do not specify returned value Reviewed-by: alexp ! src/share/classes/javax/swing/AbstractButton.java Changeset: 970ff8d5bbe7 Author: denis Date: 2011-09-01 17:29 +0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/970ff8d5bbe7 7081012: REGRESSION:Component.transferFocusBackward invokes clearGlobalFocusOwner() Reviewed-by: ant ! src/share/classes/java/awt/Component.java Changeset: 25564f7b29c4 Author: denis Date: 2011-09-05 18:54 +0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/25564f7b29c4 7071248: IME composition window does not disappear when file dialog is closed : Japanese WinXP Reviewed-by: naoto, art ! src/windows/native/sun/windows/awt_FileDialog.cpp Changeset: 98bb40dbc144 Author: vikram Date: 2011-09-07 03:17 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/98bb40dbc144 7012783: JFileChooser fails to resolve DFS links on Windows Vista SP2 Summary: Changes to code to handle DFS links Reviewed-by: rupashka ! src/share/classes/javax/swing/plaf/basic/BasicFileChooserUI.java Changeset: 7fbc8d86c477 Author: rupashka Date: 2011-09-09 17:44 +0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/7fbc8d86c477 7024118: possible hardcoded mnemonic for JFileChooser metal and motif l&f Reviewed-by: alexp Contributed-by: Charles Lee ! src/share/classes/com/sun/java/swing/plaf/motif/MotifFileChooserUI.java ! src/share/classes/com/sun/java/swing/plaf/motif/MotifLookAndFeel.java ! src/share/classes/com/sun/java/swing/plaf/motif/resources/motif.properties ! src/share/classes/com/sun/java/swing/plaf/motif/resources/motif_de.properties ! src/share/classes/com/sun/java/swing/plaf/motif/resources/motif_es.properties ! src/share/classes/com/sun/java/swing/plaf/motif/resources/motif_fr.properties ! src/share/classes/com/sun/java/swing/plaf/motif/resources/motif_it.properties ! src/share/classes/com/sun/java/swing/plaf/motif/resources/motif_ja.properties ! src/share/classes/com/sun/java/swing/plaf/motif/resources/motif_ko.properties ! src/share/classes/com/sun/java/swing/plaf/motif/resources/motif_pt_BR.properties ! src/share/classes/com/sun/java/swing/plaf/motif/resources/motif_sv.properties ! src/share/classes/com/sun/java/swing/plaf/motif/resources/motif_zh_CN.properties ! src/share/classes/com/sun/java/swing/plaf/motif/resources/motif_zh_TW.properties ! src/share/classes/com/sun/java/swing/plaf/windows/WindowsFileChooserUI.java ! src/share/classes/com/sun/java/swing/plaf/windows/WindowsLookAndFeel.java ! src/share/classes/com/sun/java/swing/plaf/windows/resources/windows.properties ! src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_de.properties ! src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_es.properties ! src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_fr.properties ! src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_it.properties ! src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_ja.properties ! src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_ko.properties ! src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_pt_BR.properties ! src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_sv.properties ! src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_zh_CN.properties ! src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_zh_TW.properties ! src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal.properties ! src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_de.properties ! src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_es.properties ! src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_fr.properties ! src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_it.properties ! src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_ja.properties ! src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_ko.properties ! src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_pt_BR.properties ! src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_sv.properties ! src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_zh_CN.properties ! src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_zh_TW.properties ! src/share/classes/javax/swing/plaf/metal/MetalFileChooserUI.java ! src/share/classes/javax/swing/plaf/metal/MetalLookAndFeel.java Changeset: 8c7cecbc3567 Author: lana Date: 2011-09-09 17:23 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/8c7cecbc3567 Merge - make/com/oracle/net/Makefile - src/share/classes/sun/io/ByteToCharASCII.java - src/share/classes/sun/io/ByteToCharBig5.java - src/share/classes/sun/io/ByteToCharBig5_HKSCS.java - src/share/classes/sun/io/ByteToCharBig5_Solaris.java - src/share/classes/sun/io/ByteToCharConverter.java - src/share/classes/sun/io/ByteToCharCp037.java - src/share/classes/sun/io/ByteToCharCp1006.java - src/share/classes/sun/io/ByteToCharCp1025.java - src/share/classes/sun/io/ByteToCharCp1026.java - src/share/classes/sun/io/ByteToCharCp1046.java - src/share/classes/sun/io/ByteToCharCp1047.java - src/share/classes/sun/io/ByteToCharCp1097.java - src/share/classes/sun/io/ByteToCharCp1098.java - src/share/classes/sun/io/ByteToCharCp1112.java - src/share/classes/sun/io/ByteToCharCp1122.java - src/share/classes/sun/io/ByteToCharCp1123.java - src/share/classes/sun/io/ByteToCharCp1124.java - src/share/classes/sun/io/ByteToCharCp1140.java - src/share/classes/sun/io/ByteToCharCp1141.java - src/share/classes/sun/io/ByteToCharCp1142.java - src/share/classes/sun/io/ByteToCharCp1143.java - src/share/classes/sun/io/ByteToCharCp1144.java - src/share/classes/sun/io/ByteToCharCp1145.java - src/share/classes/sun/io/ByteToCharCp1146.java - src/share/classes/sun/io/ByteToCharCp1147.java - src/share/classes/sun/io/ByteToCharCp1148.java - src/share/classes/sun/io/ByteToCharCp1149.java - src/share/classes/sun/io/ByteToCharCp1250.java - src/share/classes/sun/io/ByteToCharCp1251.java - src/share/classes/sun/io/ByteToCharCp1252.java - src/share/classes/sun/io/ByteToCharCp1253.java - src/share/classes/sun/io/ByteToCharCp1254.java - src/share/classes/sun/io/ByteToCharCp1255.java - src/share/classes/sun/io/ByteToCharCp1256.java - src/share/classes/sun/io/ByteToCharCp1257.java - src/share/classes/sun/io/ByteToCharCp1258.java - src/share/classes/sun/io/ByteToCharCp1381.java - src/share/classes/sun/io/ByteToCharCp1383.java - src/share/classes/sun/io/ByteToCharCp273.java - src/share/classes/sun/io/ByteToCharCp277.java - src/share/classes/sun/io/ByteToCharCp278.java - src/share/classes/sun/io/ByteToCharCp280.java - src/share/classes/sun/io/ByteToCharCp284.java - src/share/classes/sun/io/ByteToCharCp285.java - src/share/classes/sun/io/ByteToCharCp297.java - src/share/classes/sun/io/ByteToCharCp33722.java - src/share/classes/sun/io/ByteToCharCp420.java - src/share/classes/sun/io/ByteToCharCp424.java - src/share/classes/sun/io/ByteToCharCp437.java - src/share/classes/sun/io/ByteToCharCp500.java - src/share/classes/sun/io/ByteToCharCp737.java - src/share/classes/sun/io/ByteToCharCp775.java - src/share/classes/sun/io/ByteToCharCp833.java - src/share/classes/sun/io/ByteToCharCp834.java - src/share/classes/sun/io/ByteToCharCp838.java - src/share/classes/sun/io/ByteToCharCp850.java - src/share/classes/sun/io/ByteToCharCp852.java - src/share/classes/sun/io/ByteToCharCp855.java - src/share/classes/sun/io/ByteToCharCp856.java - src/share/classes/sun/io/ByteToCharCp857.java - src/share/classes/sun/io/ByteToCharCp858.java - src/share/classes/sun/io/ByteToCharCp860.java - src/share/classes/sun/io/ByteToCharCp861.java - src/share/classes/sun/io/ByteToCharCp862.java - src/share/classes/sun/io/ByteToCharCp863.java - src/share/classes/sun/io/ByteToCharCp864.java - src/share/classes/sun/io/ByteToCharCp865.java - src/share/classes/sun/io/ByteToCharCp866.java - src/share/classes/sun/io/ByteToCharCp868.java - src/share/classes/sun/io/ByteToCharCp869.java - src/share/classes/sun/io/ByteToCharCp870.java - src/share/classes/sun/io/ByteToCharCp871.java - src/share/classes/sun/io/ByteToCharCp874.java - src/share/classes/sun/io/ByteToCharCp875.java - src/share/classes/sun/io/ByteToCharCp918.java - src/share/classes/sun/io/ByteToCharCp921.java - src/share/classes/sun/io/ByteToCharCp922.java - src/share/classes/sun/io/ByteToCharCp930.java - src/share/classes/sun/io/ByteToCharCp933.java - src/share/classes/sun/io/ByteToCharCp935.java - src/share/classes/sun/io/ByteToCharCp937.java - src/share/classes/sun/io/ByteToCharCp939.java - src/share/classes/sun/io/ByteToCharCp942.java - src/share/classes/sun/io/ByteToCharCp942C.java - src/share/classes/sun/io/ByteToCharCp943.java - src/share/classes/sun/io/ByteToCharCp943C.java - src/share/classes/sun/io/ByteToCharCp948.java - src/share/classes/sun/io/ByteToCharCp949.java - src/share/classes/sun/io/ByteToCharCp949C.java - src/share/classes/sun/io/ByteToCharCp950.java - src/share/classes/sun/io/ByteToCharCp964.java - src/share/classes/sun/io/ByteToCharCp970.java - src/share/classes/sun/io/ByteToCharDBCS_ASCII.java - src/share/classes/sun/io/ByteToCharDBCS_EBCDIC.java - src/share/classes/sun/io/ByteToCharDoubleByte.java - src/share/classes/sun/io/ByteToCharEUC.java - src/share/classes/sun/io/ByteToCharEUC2.java - src/share/classes/sun/io/ByteToCharEUC_CN.java - src/share/classes/sun/io/ByteToCharEUC_JP.java - src/share/classes/sun/io/ByteToCharEUC_JP_LINUX.java - src/share/classes/sun/io/ByteToCharEUC_JP_Solaris.java - src/share/classes/sun/io/ByteToCharEUC_KR.java - src/share/classes/sun/io/ByteToCharEUC_TW.java - src/share/classes/sun/io/ByteToCharGB18030.java - src/share/classes/sun/io/ByteToCharGB18030DB.java - src/share/classes/sun/io/ByteToCharGBK.java - src/share/classes/sun/io/ByteToCharISCII91.java - src/share/classes/sun/io/ByteToCharISO2022.java - src/share/classes/sun/io/ByteToCharISO2022CN.java - src/share/classes/sun/io/ByteToCharISO2022JP.java - src/share/classes/sun/io/ByteToCharISO2022KR.java - src/share/classes/sun/io/ByteToCharISO8859_1.java - src/share/classes/sun/io/ByteToCharISO8859_13.java - src/share/classes/sun/io/ByteToCharISO8859_15.java - src/share/classes/sun/io/ByteToCharISO8859_2.java - src/share/classes/sun/io/ByteToCharISO8859_3.java - src/share/classes/sun/io/ByteToCharISO8859_4.java - src/share/classes/sun/io/ByteToCharISO8859_5.java - src/share/classes/sun/io/ByteToCharISO8859_6.java - src/share/classes/sun/io/ByteToCharISO8859_7.java - src/share/classes/sun/io/ByteToCharISO8859_8.java - src/share/classes/sun/io/ByteToCharISO8859_9.java - src/share/classes/sun/io/ByteToCharJIS0201.java - src/share/classes/sun/io/ByteToCharJIS0208.java - src/share/classes/sun/io/ByteToCharJIS0208_Solaris.java - src/share/classes/sun/io/ByteToCharJIS0212.java - src/share/classes/sun/io/ByteToCharJIS0212_Solaris.java - src/share/classes/sun/io/ByteToCharJISAutoDetect.java - src/share/classes/sun/io/ByteToCharJohab.java - src/share/classes/sun/io/ByteToCharKOI8_R.java - src/share/classes/sun/io/ByteToCharMS874.java - src/share/classes/sun/io/ByteToCharMS932.java - src/share/classes/sun/io/ByteToCharMS936.java - src/share/classes/sun/io/ByteToCharMS949.java - src/share/classes/sun/io/ByteToCharMS950.java - src/share/classes/sun/io/ByteToCharMS950_HKSCS.java - src/share/classes/sun/io/ByteToCharMacArabic.java - src/share/classes/sun/io/ByteToCharMacCentralEurope.java - src/share/classes/sun/io/ByteToCharMacCroatian.java - src/share/classes/sun/io/ByteToCharMacCyrillic.java - src/share/classes/sun/io/ByteToCharMacDingbat.java - src/share/classes/sun/io/ByteToCharMacGreek.java - src/share/classes/sun/io/ByteToCharMacHebrew.java - src/share/classes/sun/io/ByteToCharMacIceland.java - src/share/classes/sun/io/ByteToCharMacRoman.java - src/share/classes/sun/io/ByteToCharMacRomania.java - src/share/classes/sun/io/ByteToCharMacSymbol.java - src/share/classes/sun/io/ByteToCharMacThai.java - src/share/classes/sun/io/ByteToCharMacTurkish.java - src/share/classes/sun/io/ByteToCharMacUkraine.java - src/share/classes/sun/io/ByteToCharPCK.java - src/share/classes/sun/io/ByteToCharSJIS.java - src/share/classes/sun/io/ByteToCharSingleByte.java - src/share/classes/sun/io/ByteToCharTIS620.java - src/share/classes/sun/io/ByteToCharUTF16.java - src/share/classes/sun/io/ByteToCharUTF8.java - src/share/classes/sun/io/ByteToCharUnicode.java - src/share/classes/sun/io/ByteToCharUnicodeBig.java - src/share/classes/sun/io/ByteToCharUnicodeBigUnmarked.java - src/share/classes/sun/io/ByteToCharUnicodeLittle.java - src/share/classes/sun/io/ByteToCharUnicodeLittleUnmarked.java - src/share/classes/sun/io/CharToByteASCII.java - src/share/classes/sun/io/CharToByteBig5.java - src/share/classes/sun/io/CharToByteBig5_HKSCS.java - src/share/classes/sun/io/CharToByteBig5_Solaris.java - src/share/classes/sun/io/CharToByteConverter.java - src/share/classes/sun/io/CharToByteCp037.java - src/share/classes/sun/io/CharToByteCp1006.java - src/share/classes/sun/io/CharToByteCp1025.java - src/share/classes/sun/io/CharToByteCp1026.java - src/share/classes/sun/io/CharToByteCp1046.java - src/share/classes/sun/io/CharToByteCp1047.java - src/share/classes/sun/io/CharToByteCp1097.java - src/share/classes/sun/io/CharToByteCp1098.java - src/share/classes/sun/io/CharToByteCp1112.java - src/share/classes/sun/io/CharToByteCp1122.java - src/share/classes/sun/io/CharToByteCp1123.java - src/share/classes/sun/io/CharToByteCp1124.java - src/share/classes/sun/io/CharToByteCp1140.java - src/share/classes/sun/io/CharToByteCp1141.java - src/share/classes/sun/io/CharToByteCp1142.java - src/share/classes/sun/io/CharToByteCp1143.java - src/share/classes/sun/io/CharToByteCp1144.java - src/share/classes/sun/io/CharToByteCp1145.java - src/share/classes/sun/io/CharToByteCp1146.java - src/share/classes/sun/io/CharToByteCp1147.java - src/share/classes/sun/io/CharToByteCp1148.java - src/share/classes/sun/io/CharToByteCp1149.java - src/share/classes/sun/io/CharToByteCp1250.java - src/share/classes/sun/io/CharToByteCp1251.java - src/share/classes/sun/io/CharToByteCp1252.java - src/share/classes/sun/io/CharToByteCp1253.java - src/share/classes/sun/io/CharToByteCp1254.java - src/share/classes/sun/io/CharToByteCp1255.java - src/share/classes/sun/io/CharToByteCp1256.java - src/share/classes/sun/io/CharToByteCp1257.java - src/share/classes/sun/io/CharToByteCp1258.java - src/share/classes/sun/io/CharToByteCp1381.java - src/share/classes/sun/io/CharToByteCp1383.java - src/share/classes/sun/io/CharToByteCp273.java - src/share/classes/sun/io/CharToByteCp277.java - src/share/classes/sun/io/CharToByteCp278.java - src/share/classes/sun/io/CharToByteCp280.java - src/share/classes/sun/io/CharToByteCp284.java - src/share/classes/sun/io/CharToByteCp285.java - src/share/classes/sun/io/CharToByteCp297.java - src/share/classes/sun/io/CharToByteCp33722.java - src/share/classes/sun/io/CharToByteCp420.java - src/share/classes/sun/io/CharToByteCp424.java - src/share/classes/sun/io/CharToByteCp437.java - src/share/classes/sun/io/CharToByteCp500.java - src/share/classes/sun/io/CharToByteCp737.java - src/share/classes/sun/io/CharToByteCp775.java - src/share/classes/sun/io/CharToByteCp833.java - src/share/classes/sun/io/CharToByteCp834.java - src/share/classes/sun/io/CharToByteCp838.java - src/share/classes/sun/io/CharToByteCp850.java - src/share/classes/sun/io/CharToByteCp852.java - src/share/classes/sun/io/CharToByteCp855.java - src/share/classes/sun/io/CharToByteCp856.java - src/share/classes/sun/io/CharToByteCp857.java - src/share/classes/sun/io/CharToByteCp858.java - src/share/classes/sun/io/CharToByteCp860.java - src/share/classes/sun/io/CharToByteCp861.java - src/share/classes/sun/io/CharToByteCp862.java - src/share/classes/sun/io/CharToByteCp863.java - src/share/classes/sun/io/CharToByteCp864.java - src/share/classes/sun/io/CharToByteCp865.java - src/share/classes/sun/io/CharToByteCp866.java - src/share/classes/sun/io/CharToByteCp868.java - src/share/classes/sun/io/CharToByteCp869.java - src/share/classes/sun/io/CharToByteCp870.java - src/share/classes/sun/io/CharToByteCp871.java - src/share/classes/sun/io/CharToByteCp874.java - src/share/classes/sun/io/CharToByteCp875.java - src/share/classes/sun/io/CharToByteCp918.java - src/share/classes/sun/io/CharToByteCp921.java - src/share/classes/sun/io/CharToByteCp922.java - src/share/classes/sun/io/CharToByteCp930.java - src/share/classes/sun/io/CharToByteCp933.java - src/share/classes/sun/io/CharToByteCp935.java - src/share/classes/sun/io/CharToByteCp937.java - src/share/classes/sun/io/CharToByteCp939.java - src/share/classes/sun/io/CharToByteCp942.java - src/share/classes/sun/io/CharToByteCp942C.java - src/share/classes/sun/io/CharToByteCp943.java - src/share/classes/sun/io/CharToByteCp943C.java - src/share/classes/sun/io/CharToByteCp948.java - src/share/classes/sun/io/CharToByteCp949.java - src/share/classes/sun/io/CharToByteCp949C.java - src/share/classes/sun/io/CharToByteCp950.java - src/share/classes/sun/io/CharToByteCp964.java - src/share/classes/sun/io/CharToByteCp970.java - src/share/classes/sun/io/CharToByteDBCS_ASCII.java - src/share/classes/sun/io/CharToByteDBCS_EBCDIC.java - src/share/classes/sun/io/CharToByteDoubleByte.java - src/share/classes/sun/io/CharToByteEUC.java - src/share/classes/sun/io/CharToByteEUC_CN.java - src/share/classes/sun/io/CharToByteEUC_JP.java - src/share/classes/sun/io/CharToByteEUC_JP_LINUX.java - src/share/classes/sun/io/CharToByteEUC_JP_Solaris.java - src/share/classes/sun/io/CharToByteEUC_KR.java - src/share/classes/sun/io/CharToByteEUC_TW.java - src/share/classes/sun/io/CharToByteGB18030.java - src/share/classes/sun/io/CharToByteGBK.java - src/share/classes/sun/io/CharToByteISCII91.java - src/share/classes/sun/io/CharToByteISO2022.java - src/share/classes/sun/io/CharToByteISO2022CN_CNS.java - src/share/classes/sun/io/CharToByteISO2022CN_GB.java - src/share/classes/sun/io/CharToByteISO2022JP.java - src/share/classes/sun/io/CharToByteISO2022KR.java - src/share/classes/sun/io/CharToByteISO8859_1.java - src/share/classes/sun/io/CharToByteISO8859_13.java - src/share/classes/sun/io/CharToByteISO8859_15.java - src/share/classes/sun/io/CharToByteISO8859_2.java - src/share/classes/sun/io/CharToByteISO8859_3.java - src/share/classes/sun/io/CharToByteISO8859_4.java - src/share/classes/sun/io/CharToByteISO8859_5.java - src/share/classes/sun/io/CharToByteISO8859_6.java - src/share/classes/sun/io/CharToByteISO8859_7.java - src/share/classes/sun/io/CharToByteISO8859_8.java - src/share/classes/sun/io/CharToByteISO8859_9.java - src/share/classes/sun/io/CharToByteJIS0201.java - src/share/classes/sun/io/CharToByteJIS0208.java - src/share/classes/sun/io/CharToByteJIS0208_Solaris.java - src/share/classes/sun/io/CharToByteJIS0212.java - src/share/classes/sun/io/CharToByteJIS0212_Solaris.java - src/share/classes/sun/io/CharToByteJohab.java - src/share/classes/sun/io/CharToByteKOI8_R.java - src/share/classes/sun/io/CharToByteMS874.java - src/share/classes/sun/io/CharToByteMS932.java - src/share/classes/sun/io/CharToByteMS936.java - src/share/classes/sun/io/CharToByteMS949.java - src/share/classes/sun/io/CharToByteMS950.java - src/share/classes/sun/io/CharToByteMS950_HKSCS.java - src/share/classes/sun/io/CharToByteMacArabic.java - src/share/classes/sun/io/CharToByteMacCentralEurope.java - src/share/classes/sun/io/CharToByteMacCroatian.java - src/share/classes/sun/io/CharToByteMacCyrillic.java - src/share/classes/sun/io/CharToByteMacDingbat.java - src/share/classes/sun/io/CharToByteMacGreek.java - src/share/classes/sun/io/CharToByteMacHebrew.java - src/share/classes/sun/io/CharToByteMacIceland.java - src/share/classes/sun/io/CharToByteMacRoman.java - src/share/classes/sun/io/CharToByteMacRomania.java - src/share/classes/sun/io/CharToByteMacSymbol.java - src/share/classes/sun/io/CharToByteMacThai.java - src/share/classes/sun/io/CharToByteMacTurkish.java - src/share/classes/sun/io/CharToByteMacUkraine.java - src/share/classes/sun/io/CharToBytePCK.java - src/share/classes/sun/io/CharToByteSJIS.java - src/share/classes/sun/io/CharToByteSingleByte.java - src/share/classes/sun/io/CharToByteTIS620.java - src/share/classes/sun/io/CharToByteUTF16.java - src/share/classes/sun/io/CharToByteUTF8.java - src/share/classes/sun/io/CharToByteUnicode.java - src/share/classes/sun/io/CharToByteUnicodeBig.java - src/share/classes/sun/io/CharToByteUnicodeBigUnmarked.java - src/share/classes/sun/io/CharToByteUnicodeLittle.java - src/share/classes/sun/io/CharToByteUnicodeLittleUnmarked.java - src/share/classes/sun/io/CharacterEncoding.java - src/share/classes/sun/io/ConversionBufferFullException.java - src/share/classes/sun/io/Converters.java - src/share/classes/sun/io/MalformedInputException.java - src/share/classes/sun/io/UnknownCharacterException.java - test/sun/nio/cs/TestISCII91.java Changeset: 0595eb21e9b5 Author: lana Date: 2011-09-12 15:49 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0595eb21e9b5 Merge Changeset: d8658f371633 Author: lana Date: 2011-09-12 16:59 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/d8658f371633 Merge ! src/share/classes/java/awt/Component.java Changeset: bdb870cc269e Author: lana Date: 2011-09-19 19:40 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/bdb870cc269e Merge Changeset: 651a7afae763 Author: lana Date: 2011-09-23 23:29 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/651a7afae763 Merge From Alan.Bateman at oracle.com Mon Sep 26 06:55:18 2011 From: Alan.Bateman at oracle.com (Alan Bateman) Date: Mon, 26 Sep 2011 07:55:18 +0100 Subject: code review rquest: 7094842: jaas/auth test/javax/security/auth/Subject/{Synch.java, Synch2.java, Synch3.java} loop forever in agentvm mode In-Reply-To: <4E7FC94F.1000800@oracle.com> References: <5452358.1316977247120.JavaMail.sbladm@swsblss4-new> <4E7FC94F.1000800@oracle.com> Message-ID: <4E8021D6.5090602@oracle.com> Weijun Wang wrote: > Hi Alan > > How did you notice the problem? The fans on the machine where I was running the tests were at maximum speed so I guessed we had a looping thread. I then used jstack to look at the thread dumps of each of the agent VMs, one was running Synch, the other Synch3 even though those tests had apparently passed. > > Webrev at > > http://cr.openjdk.java.net/~weijun/7094842/webrev.00 > > Here I change the threads to non-daemon, so that if there is anything > wrong, there will be a timeout (which sounds better than bringing all > tests slow). > > Although Synch2 is in othervm mode, I change the style also. Looks good to me, thanks for jumping on it. -Alan From weijun.wang at oracle.com Mon Sep 26 00:37:35 2011 From: weijun.wang at oracle.com (Weijun Wang) Date: Mon, 26 Sep 2011 08:37:35 +0800 Subject: code review rquest: 7094842: jaas/auth test/javax/security/auth/Subject/{Synch.java, Synch2.java, Synch3.java} loop forever in agentvm mode In-Reply-To: <5452358.1316977247120.JavaMail.sbladm@swsblss4-new> References: <5452358.1316977247120.JavaMail.sbladm@swsblss4-new> Message-ID: <4E7FC94F.1000800@oracle.com> Hi Alan How did you notice the problem? Webrev at http://cr.openjdk.java.net/~weijun/7094842/webrev.00 Here I change the threads to non-daemon, so that if there is anything wrong, there will be a timeout (which sounds better than bringing all tests slow). Although Synch2 is in othervm mode, I change the style also. *Jon*: shouldn't jtreg kill the daemon threads? I've submitted a testonly JPRT job on jdk_security3 for this. Thanks Max On 09/26/2011 03:00 AM, alan.bateman at oracle.com wrote: > *Change Request ID*: 7094842 > *Synopsis*: test/javax/security/auth/Subject/{Synch.java,Synch2.java,Synch3.java} loop forever in agentvm mode > > Product: java > Category: jaas > Subcategory: auth > > === *Description* ============================================================ > The following tests are unsuited for running in samevm or agentvm mode: > > test/javax/security/auth/Subject/Synch.java, > test/javax/security/auth/Subject/Synch2.java > test/javax/security/auth/Subject/Synch3.java > > Each of the tests starts a thread that spins forever and this causes all subsequent tests to run very slowly or timeout. > > These tests need to be fixed quickly so that they run in othervm mode. Alternatively a better solution is for the thread to terminate when the test completes. > From weijun.wang at oracle.com Mon Sep 26 09:14:09 2011 From: weijun.wang at oracle.com (weijun.wang at oracle.com) Date: Mon, 26 Sep 2011 09:14:09 +0000 Subject: hg: jdk8/tl/jdk: 7094842: test/javax/security/auth/Subject/{Synch.java, Synch2.java, Synch3.java} loop forever in agentvm mode Message-ID: <20110926091418.ADD72479BF@hg.openjdk.java.net> Changeset: 2116952e4459 Author: weijun Date: 2011-09-26 17:13 +0800 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/2116952e4459 7094842: test/javax/security/auth/Subject/{Synch.java,Synch2.java,Synch3.java} loop forever in agentvm mode Reviewed-by: alanb ! test/javax/security/auth/Subject/Synch.java ! test/javax/security/auth/Subject/Synch2.java ! test/javax/security/auth/Subject/Synch3.java From chris.hegarty at oracle.com Mon Sep 26 14:05:59 2011 From: chris.hegarty at oracle.com (chris.hegarty at oracle.com) Date: Mon, 26 Sep 2011 14:05:59 +0000 Subject: hg: jdk8/tl/jdk: 7094141: test/sun/misc/JarIndex/metaInfFilenames/Basic.java no longer compiles Message-ID: <20110926140622.4F2F0479CB@hg.openjdk.java.net> Changeset: 8876d1dec4d7 Author: chegar Date: 2011-09-26 15:04 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/8876d1dec4d7 7094141: test/sun/misc/JarIndex/metaInfFilenames/Basic.java no longer compiles Reviewed-by: alanb ! test/sun/misc/JarIndex/metaInfFilenames/Basic.java From sean.mullan at oracle.com Mon Sep 26 21:01:16 2011 From: sean.mullan at oracle.com (Sean Mullan) Date: Mon, 26 Sep 2011 17:01:16 -0400 Subject: Code review request: 7088502 Security libraries don't build with javac -Werror In-Reply-To: <4E7BABDE.9020609@oracle.com> References: <4E73CEE2.1010507@oracle.com> <4E7796CE.2070307@oracle.com> <4E7906DC.2060501@oracle.com> <4E79FBA0.3090408@oracle.com> <4E7BABDE.9020609@oracle.com> Message-ID: <4E80E81C.7050906@oracle.com> Hi Kurchi, The updated webrev looks good. --Sean On 9/22/11 5:42 PM, Kurchi Hazra wrote: > Hi Sean, > > > The updated webrev with your comments incorporated: > http://cr.openjdk.java.net/~mullan/kurchi/7088502/webrev.01/ > > For > SignatureAlgorithm.java > > [130, 399, 434] change type to Class > > > and similar changes, I have stuck to your comment, and suppressed the > "unchecked" warnings at the places I had to cast. > > > Thanks, > Kurchi > > > > On 9/21/2011 7:58 AM, Sean Mullan wrote: >> On 9/20/11 5:34 PM, Kurchi Hazra wrote: >> >>>> * MessageDigestAlgorithm.java >>>> >>>> [74-5] This is preferable: >>>> >>>> static ThreadLocal> instances=new >>>> ThreadLocal>() { >>>> protected Map initialize()... >>> The above does not work since the compiler complains that if ThreadLocal >>> is a HashMap, initialize() cannot override unless its return type is >>> also HashMap. Even if I change it to >>> static ThreadLocal> instances=new >>> ThreadLocal>() { >>> protected HashMap initialize()... >>> >>> the compiler throws an error as follows: >>> >>> ../../../../../../src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/MessageDigestAlgorithm.java:74: >>> error: incompatible types >>> static ThreadLocal> instances=new >>> ^ >>> required: ThreadLocal> >>> found:>> >> Try this instead? >> >> static ThreadLocal> instances = >> new ThreadLocal>() { >> >> protected Map initialValue() { >> return new HashMap(); >> }; >> }; >> >>>> * Canonicalizer20010315.java >>>> >>>> [209,314] I'm curious about these changes. Instead of adding a new >>>> method getSortedSetAsCollection and then suppressing the warnings for >>>> that, it seems like it would be sufficient to just suppress the >>>> warnings in this code, ex: >>>> >>>> @SuppressWarnings("unchecked") >>>> ... >>>> >>>> ns.getUnrenderedNodes(result); >>> >>> I did not put it inside the code, since the method has many lines of >>> code and this would mean suppressing unchecked warnings generated >>> anywhere in the method. >> Ok, thanks for the explanation. >> >>>> * SignatureAlgorithm.java >>>> >>>> [130, 399, 434] change type to Class >>> If I make this change (and similar changes in other classes), I need to >>> cast at various places, and then I need to Suppress the unchecked >>> warnings. Is this preferable? >>> ../../../../../../src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithm.java:412: >>> warning: [unchecked] unchecked cast >>> >>> SignatureAlgorithm._algorithmHash.put(algorithmURI, (Class>> SignatureAlgorithmSpi>)Class.forName(implementingClass)); >>> ^ >>> required: Class >>> found: Class >>> where CAP#1 is a fresh type-variable: >>> CAP#1 extends Object from capture of ? >>> >>> >>> Is there a workaround? >> Not sure. If you can't figure out a workaround, then disregard my comment and >> keep the current code. >> >> Thanks, >> Sean > From chris.hegarty at oracle.com Tue Sep 27 09:41:39 2011 From: chris.hegarty at oracle.com (chris.hegarty at oracle.com) Date: Tue, 27 Sep 2011 09:41:39 +0000 Subject: hg: jdk8/tl/jdk: 7084030: DatagramSocket.getLocalAddress inconsistent on XP/2003 when IPv6 enabled and socket is connected Message-ID: <20110927094200.4920C47A06@hg.openjdk.java.net> Changeset: 7f1aca641910 Author: chegar Date: 2011-09-26 11:48 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/7f1aca641910 7084030: DatagramSocket.getLocalAddress inconsistent on XP/2003 when IPv6 enabled and socket is connected Summary: Use family of connected IP address to retrieve desired local address of the datagram socket Reviewed-by: chegar Contributed-by: kurchi.subhra.hazra at oracle.com ! src/share/classes/java/net/AbstractPlainDatagramSocketImpl.java ! src/windows/classes/java/net/TwoStacksPlainDatagramSocketImpl.java ! src/windows/native/java/net/TwoStacksPlainDatagramSocketImpl.c + test/java/net/DatagramSocket/ChangingAddress.java From sean.mullan at oracle.com Tue Sep 27 15:38:14 2011 From: sean.mullan at oracle.com (Sean Mullan) Date: Tue, 27 Sep 2011 11:38:14 -0400 Subject: 7081804: Remove cause field from javax.xml.crypto.NoSuchMechnismException In-Reply-To: <4E7DA91C.2000600@gmx.de> References: <4E525386.9000207@gmx.de> <4E52758D.2020208@oracle.com> <4E5E8AE3.3070402@gmx.de> <4E5FE753.2010705@oracle.com> <4E606D1D.6050509@gmx.de> <4E613565.1080801@oracle.com> <4E625E14.9060101@gmx.de> <4E67AF3D.2090609@oracle.com> <4E68FFBD.2030601@gmx.de> <4E6A13A2.2020503@gmx.de> <4E74F05D.7090806@gmx.de> <4E7CD5F8.9000501@oracle.com> <4E7DA91C.2000600@gmx.de> Message-ID: <4E81EDE6.9050205@oracle.com> On 9/24/11 5:55 AM, Sebastian Sickelmann wrote: > Am 23.09.2011 20:54, schrieb Sean Mullan: >> On 9/17/11 3:09 PM, Sebastian Sickelmann wrote: >> >>>> i have updated the webrev [0]. >>>> But i think that L69 and L72 of the test should be changed to >>>> checkMutable and the implementation of the exceptions accordantly. >> That's an interesting question. The current implementation in your code is >> consistent with java.lang.ClassNotFoundException. I'm curious as to why they >> disallowed initCause to be called even if they were created using the >> constructors without Throwables. Any idea? Was this discussed in the other lists? > I don't know. I can't find anything in the archives (don't know in which > time i must search; The commit in ClassNotFoundException is prior rev 0) > > @core-libs-dev: Does someone remember why this solution was preferred > for ClassNotFound? See: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4385429 I think I know the reason. If you allow initCause to be called when a cause is not initially provided, then getCause will still return null, which seems wrong. > For javax/xml/crypto i would change it to my suggestion (to L69 and L72) > above to not break behavior for JSR105. On the other side it would be > nice to have a common behavoir on this for all Exceptions in JDK. > > There are 2 solutions that sound reasonable for me: > 1. Preventing initCause when cause is given. And allowing initCause once > (if created with an ctor without cause). > 2. Preventing initCause in every exception class that has the 4 standard > ctors. Only for those Exceptions without the "ctors with cause" the > initCause can be called. > > I like both. > No.1 is nearer to the behavoir we actually have and is more flexible > than No.2. > No.2 is more "secure". You cannot "inject" an cause in ex. after you > catches the exception. But you must have the cause to initialize it > before you create the exception, this is slightly more inflexible, even > if i think this flexibility is not needed anywhere. > > >>>> [0] http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_3 >>>> >>>> -- Sebastian >>> Any comments / progress on this? >> Just a couple of minor comments on the test: >> >> - the copyright date should only include 2011 >> - some minor typos (line number in []): >> >> [26] s/in/is >> [43] s/validating/validate >> [98] s/checkImutable/checkImmutable >> > Updated webrev: > > http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_4 BTW, the popup ads on this site are very annoying. Can you move your webrev to a different site? --Sean From sean.mullan at oracle.com Tue Sep 27 19:50:04 2011 From: sean.mullan at oracle.com (sean.mullan at oracle.com) Date: Tue, 27 Sep 2011 19:50:04 +0000 Subject: hg: jdk8/tl/jdk: 7088502: Security libraries don't build with javac -Werror Message-ID: <20110927195022.E8CEE47A21@hg.openjdk.java.net> Changeset: 62e1389fdb0a Author: mullan Date: 2011-09-26 17:20 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/62e1389fdb0a 7088502: Security libraries don't build with javac -Werror Summary: Changes to files in src/share/classes/com/sun/org/apache/xml/internal/security and its subpackages to remove warnings Reviewed-by: mullan Contributed-by: kurchi.subhra.hazra at oracle.com ! make/com/sun/org/apache/xml/Makefile ! src/share/classes/com/sun/org/apache/xml/internal/security/Init.java ! src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/JCEMapper.java ! src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/MessageDigestAlgorithm.java ! src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithm.java ! src/share/classes/com/sun/org/apache/xml/internal/security/c14n/Canonicalizer.java ! src/share/classes/com/sun/org/apache/xml/internal/security/c14n/CanonicalizerSpi.java ! src/share/classes/com/sun/org/apache/xml/internal/security/c14n/helper/AttrCompare.java ! src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11.java ! src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315.java ! src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315Excl.java ! src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/CanonicalizerBase.java ! src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/NameSpaceSymbTable.java ! src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/UtfHelpper.java ! src/share/classes/com/sun/org/apache/xml/internal/security/encryption/AgreementMethod.java ! src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptionMethod.java ! src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptionProperties.java ! src/share/classes/com/sun/org/apache/xml/internal/security/encryption/EncryptionProperty.java ! src/share/classes/com/sun/org/apache/xml/internal/security/encryption/Reference.java ! src/share/classes/com/sun/org/apache/xml/internal/security/encryption/ReferenceList.java ! src/share/classes/com/sun/org/apache/xml/internal/security/encryption/XMLCipher.java ! src/share/classes/com/sun/org/apache/xml/internal/security/keys/KeyInfo.java ! src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolver.java ! src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolverSpi.java ! src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/implementations/RetrievalMethodResolver.java ! src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/StorageResolver.java ! src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/StorageResolverSpi.java ! src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/implementations/CertsInFilesystemDirectoryResolver.java ! src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/implementations/KeyStoreResolver.java ! src/share/classes/com/sun/org/apache/xml/internal/security/keys/storage/implementations/SingleCertificateResolver.java ! src/share/classes/com/sun/org/apache/xml/internal/security/signature/Manifest.java ! src/share/classes/com/sun/org/apache/xml/internal/security/signature/Reference.java ! src/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignatureInput.java ! src/share/classes/com/sun/org/apache/xml/internal/security/signature/XMLSignatureInputDebugger.java ! src/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transform.java ! src/share/classes/com/sun/org/apache/xml/internal/security/transforms/TransformSpi.java ! src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/FuncHere.java ! src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformXPath2Filter.java ! src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformXSLT.java ! src/share/classes/com/sun/org/apache/xml/internal/security/transforms/params/InclusiveNamespaces.java ! src/share/classes/com/sun/org/apache/xml/internal/security/utils/CachedXPathAPIHolder.java ! src/share/classes/com/sun/org/apache/xml/internal/security/utils/CachedXPathFuncHereAPI.java ! src/share/classes/com/sun/org/apache/xml/internal/security/utils/ElementProxy.java ! src/share/classes/com/sun/org/apache/xml/internal/security/utils/HelperNodeList.java ! src/share/classes/com/sun/org/apache/xml/internal/security/utils/IdResolver.java ! src/share/classes/com/sun/org/apache/xml/internal/security/utils/UnsyncBufferedOutputStream.java ! src/share/classes/com/sun/org/apache/xml/internal/security/utils/UnsyncByteArrayOutputStream.java ! src/share/classes/com/sun/org/apache/xml/internal/security/utils/XMLUtils.java ! src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/ResourceResolver.java ! src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/ResourceResolverSpi.java ! src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/implementations/ResolverDirectHTTP.java From valerie.peng at oracle.com Tue Sep 27 23:09:11 2011 From: valerie.peng at oracle.com (Valerie (Yu-Ching) Peng) Date: Tue, 27 Sep 2011 16:09:11 -0700 Subject: code review request: 7077640: gss wrap for cfx doesn't handle rrc != 0 In-Reply-To: <4E7820A9.1020409@oracle.com> References: <32412895.1313113261230.JavaMail.sbladm@swsblss4-new> <4E7820A9.1020409@oracle.com> Message-ID: <4E825797.4030603@oracle.com> Changes look good to me. Thanks, Valerie On 09/19/11 22:12, Weijun Wang wrote: > Code changes > > http://cr.openjdk.java.net/~weijun/7077640/webrev.00 > > The original handling of rrc != 0 is not correct. We did rotate the > bytes but have not reset the RRC field in the GSS message header > before calculating the checksum. According to RFC 4121 [1]: > > 4.2.4. Encryption and Checksum Operations > > .... > > In Wrap tokens that do not provide for confidentiality, the checksum > SHALL be calculated first over the to-be-signed plaintext data, and > then over the first 16 octets of the Wrap token (the "header", as > defined in section 4.2.6). Both the EC field and the RRC field in > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > the token header SHALL be filled with zeroes for the purpose of > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > calculating the checksum... > ^^^^^^^^^^^^^^^^^^^^^^^^ > > In the test, the Context.transmit() method is split into 4 basic > methods so that we have a chance to call wrap without confidentiality. > > Thanks > Max > > [1] http://tools.ietf.org/html/rfc4121#section-4.2.4 > > > On 08/12/2011 09:41 AM, weijun.wang at oracle.com wrote: >> *Change Request ID*: 7077640 >> >> *Synopsis*: gss wrap for cfx doesn't handle rrc != 0 >> >> Product: java >> Category: jgss >> Subcategory: krb5plugin >> >> === *Description* >> ============================================================ >> FULL PRODUCT VERSION : >> java version "1.6.0_26" >> >> A DESCRIPTION OF THE PROBLEM : >> gss wrap for cfx doesn't handle rrc != 0 >> >> Heimdal and mac os x always use an RRC != 0 >> >> >> >> STEPS TO FOLLOW TO REPRODUCE THE PROBLEM : >> git clone git at github.com:heimdal/heimdal.git >> cd heimdal >> sh autogen.sh >> ./configure >> make >> cd tests/java >> make check >> >> >> >> REPRODUCIBILITY : >> This bug can be reproduced always. From sebastian.sickelmann at gmx.de Wed Sep 28 04:36:07 2011 From: sebastian.sickelmann at gmx.de (Sebastian Sickelmann) Date: Wed, 28 Sep 2011 06:36:07 +0200 Subject: 7081804: Remove cause field from javax.xml.crypto.NoSuchMechnismException In-Reply-To: <4E81EDE6.9050205@oracle.com> References: <4E525386.9000207@gmx.de> <4E52758D.2020208@oracle.com> <4E5E8AE3.3070402@gmx.de> <4E5FE753.2010705@oracle.com> <4E606D1D.6050509@gmx.de> <4E613565.1080801@oracle.com> <4E625E14.9060101@gmx.de> <4E67AF3D.2090609@oracle.com> <4E68FFBD.2030601@gmx.de> <4E6A13A2.2020503@gmx.de> <4E74F05D.7090806@gmx.de> <4E7CD5F8.9000501@oracle.com> <4E7DA91C.2000600@gmx.de> <4E81EDE6.9050205@oracle.com> Message-ID: <4E82A437.30907@gmx.de> Am 27.09.2011 17:38, schrieb Sean Mullan: > On 9/24/11 5:55 AM, Sebastian Sickelmann wrote: >> Am 23.09.2011 20:54, schrieb Sean Mullan: >>> On 9/17/11 3:09 PM, Sebastian Sickelmann wrote: >>> >>>>> i have updated the webrev [0]. >>>>> But i think that L69 and L72 of the test should be changed to >>>>> checkMutable and the implementation of the exceptions accordantly. >>> That's an interesting question. The current implementation in your code is >>> consistent with java.lang.ClassNotFoundException. I'm curious as to why they >>> disallowed initCause to be called even if they were created using the >>> constructors without Throwables. Any idea? Was this discussed in the other lists? >> I don't know. I can't find anything in the archives (don't know in which >> time i must search; The commit in ClassNotFoundException is prior rev 0) >> >> @core-libs-dev: Does someone remember why this solution was preferred >> for ClassNotFound? > See: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4385429 > > I think I know the reason. If you allow initCause to be called when a cause is > not initially provided, then getCause will still return null, which seems wrong. > getCause() of Throwable and all classes that doesn't had a chaining before Throwable introduces it, doing this excact this way. Whats wrong on this? return (cause==this ? null : cause); // Where the initial value(uninitialied) of cause is this. >> For javax/xml/crypto i would change it to my suggestion (to L69 and L72) >> above to not break behavior for JSR105. On the other side it would be >> nice to have a common behavoir on this for all Exceptions in JDK. >> >> There are 2 solutions that sound reasonable for me: >> 1. Preventing initCause when cause is given. And allowing initCause once >> (if created with an ctor without cause). >> 2. Preventing initCause in every exception class that has the 4 standard >> ctors. Only for those Exceptions without the "ctors with cause" the >> initCause can be called. I think all exceptions that had no chaining before Throwable introduces it actually follow solution 1, where some of the Exceptions don't have a ctor with a cause. All those who had chaining before (ex. ClassNotFoundException) actually follow solution 2. But whats the correct solution? >> I like both. >> No.1 is nearer to the behavoir we actually have and is more flexible >> than No.2. >> No.2 is more "secure". You cannot "inject" an cause in ex. after you >> catches the exception. But you must have the cause to initialize it >> before you create the exception, this is slightly more inflexible, even >> if i think this flexibility is not needed anywhere. >> If i think longer about it, i like No.2 a bit more. It is nearer what i would expect how a exception should react on giving a cause. >>>>> [0] http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_3 >>>>> >>>>> -- Sebastian >>>> Any comments / progress on this? >>> Just a couple of minor comments on the test: >>> >>> - the copyright date should only include 2011 >>> - some minor typos (line number in []): >>> >>> [26] s/in/is >>> [43] s/validating/validate >>> [98] s/checkImutable/checkImmutable >>> >> Updated webrev: >> >> http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_4 > BTW, the popup ads on this site are very annoying. Can you move your webrev to a > different site? > Working on that. Sorry for the annoying ads. > --Sean -- Sebastian From weijun.wang at oracle.com Wed Sep 28 06:21:47 2011 From: weijun.wang at oracle.com (weijun.wang at oracle.com) Date: Wed, 28 Sep 2011 06:21:47 +0000 Subject: hg: jdk8/tl/jdk: 3 new changesets Message-ID: <20110928062227.E7E7B47A39@hg.openjdk.java.net> Changeset: 79582fcc8329 Author: weijun Date: 2011-09-28 14:21 +0800 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/79582fcc8329 7089889: Krb5LoginModule.login() throws an exception if used without a keytab Reviewed-by: xuelei, valeriep ! src/share/classes/com/sun/security/auth/module/Krb5LoginModule.java ! src/share/classes/sun/security/krb5/KrbAsReqBuilder.java + test/sun/security/krb5/auto/NoInitNoKeytab.java Changeset: 9b951304bd0a Author: weijun Date: 2011-09-28 14:21 +0800 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/9b951304bd0a 7077640: gss wrap for cfx doesn't handle rrc != 0 Reviewed-by: valeriep ! src/share/classes/sun/security/jgss/krb5/MessageToken_v2.java ! test/sun/security/krb5/auto/Context.java + test/sun/security/krb5/auto/RRC.java Changeset: 8d88e694441c Author: weijun Date: 2011-09-28 14:21 +0800 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/8d88e694441c 7077646: gssapi wrap for CFX per-message tokens always set FLAG_ACCEPTOR_SUBKEY Reviewed-by: valeriep ! src/share/classes/sun/security/jgss/krb5/AcceptSecContextToken.java ! src/share/classes/sun/security/jgss/krb5/InitSecContextToken.java ! src/share/classes/sun/security/jgss/krb5/Krb5Context.java ! src/share/classes/sun/security/jgss/krb5/MessageToken_v2.java + test/sun/security/krb5/auto/AcceptorSubKey.java From sebastian.sickelmann at gmx.de Fri Sep 30 18:15:25 2011 From: sebastian.sickelmann at gmx.de (Sebastian Sickelmann) Date: Fri, 30 Sep 2011 20:15:25 +0200 Subject: 7081804: Remove cause field from javax.xml.crypto.NoSuchMechnismException In-Reply-To: <4E82A437.30907@gmx.de> References: <4E525386.9000207@gmx.de> <4E52758D.2020208@oracle.com> <4E5E8AE3.3070402@gmx.de> <4E5FE753.2010705@oracle.com> <4E606D1D.6050509@gmx.de> <4E613565.1080801@oracle.com> <4E625E14.9060101@gmx.de> <4E67AF3D.2090609@oracle.com> <4E68FFBD.2030601@gmx.de> <4E6A13A2.2020503@gmx.de> <4E74F05D.7090806@gmx.de> <4E7CD5F8.9000501@oracle.com> <4E7DA91C.2000600@gmx.de> <4E81EDE6.9050205@oracle.com> <4E82A437.30907@gmx.de> Message-ID: <4E86073D.9050101@gmx.de> Am 28.09.2011 06:36, schrieb Sebastian Sickelmann: > Am 27.09.2011 17:38, schrieb Sean Mullan: >> On 9/24/11 5:55 AM, Sebastian Sickelmann wrote: >>> Am 23.09.2011 20:54, schrieb Sean Mullan: >>>> On 9/17/11 3:09 PM, Sebastian Sickelmann wrote: >>>> >>>>>> i have updated the webrev [0]. >>>>>> But i think that L69 and L72 of the test should be changed to >>>>>> checkMutable and the implementation of the exceptions accordantly. >>>> That's an interesting question. The current implementation in your >>>> code is >>>> consistent with java.lang.ClassNotFoundException. I'm curious as to >>>> why they >>>> disallowed initCause to be called even if they were created using the >>>> constructors without Throwables. Any idea? Was this discussed in >>>> the other lists? >>> I don't know. I can't find anything in the archives (don't know in >>> which >>> time i must search; The commit in ClassNotFoundException is prior >>> rev 0) >>> >>> @core-libs-dev: Does someone remember why this solution was preferred >>> for ClassNotFound? >> See: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4385429 >> >> I think I know the reason. If you allow initCause to be called when a >> cause is >> not initially provided, then getCause will still return null, which >> seems wrong. >> > getCause() of Throwable and all classes that doesn't had a chaining > before > Throwable introduces it, doing this excact this way. Whats wrong on this? > > return (cause==this ? null : cause); // Where the initial > value(uninitialied) of cause is this. Does this make sense? I actually not sure i understand you right. > > >>> For javax/xml/crypto i would change it to my suggestion (to L69 and >>> L72) >>> above to not break behavior for JSR105. On the other side it would be >>> nice to have a common behavoir on this for all Exceptions in JDK. >>> >>> There are 2 solutions that sound reasonable for me: >>> 1. Preventing initCause when cause is given. And allowing initCause >>> once >>> (if created with an ctor without cause). >>> 2. Preventing initCause in every exception class that has the 4 >>> standard >>> ctors. Only for those Exceptions without the "ctors with cause" the >>> initCause can be called. > I think all exceptions that had no chaining before Throwable > introduces it actually follow > solution 1, where some of the Exceptions don't have a ctor with a cause. > All those who had chaining before (ex. ClassNotFoundException) > actually follow > solution 2. > > But whats the correct solution? >>> I like both. >>> No.1 is nearer to the behavoir we actually have and is more flexible >>> than No.2. >>> No.2 is more "secure". You cannot "inject" an cause in ex. after you >>> catches the exception. But you must have the cause to initialize it >>> before you create the exception, this is slightly more inflexible, even >>> if i think this flexibility is not needed anywhere. >>> > If i think longer about it, i like No.2 a bit more. It is nearer what > i would expect how a exception should react on giving a cause. >>>>>> [0] >>>>>> http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_3 >>>>>> >>>>>> -- Sebastian >>>>> Any comments / progress on this? >>>> Just a couple of minor comments on the test: >>>> >>>> - the copyright date should only include 2011 >>>> - some minor typos (line number in []): >>>> >>>> [26] s/in/is >>>> [43] s/validating/validate >>>> [98] s/checkImutable/checkImmutable >>>> >>> Updated webrev: >>> >>> http://oss-patches.24.eu/openjdk8/NoSuchMechanismException/7011804_4 >> BTW, the popup ads on this site are very annoying. Can you move your >> webrev to a >> different site? Ok. Done this. Sorry for the annoying ads, again. http://dl.dropbox.com/u/43692695/oss-patches/openjdk8/NoSuchMechanismException/7011804_4/index.html >> > Working on that. Sorry for the annoying ads. >> --Sean > -- Sebastian