[PATCH FOR REVIEW] Allow OpenJDK to be built with the unlimited crypto policy
Brad Wetmore
bradford.wetmore at oracle.com
Wed Sep 26 02:30:43 UTC 2012
On 9/18/2012 7:39 AM, Andrew Hughes wrote:
> The following simple webrev will achieve what I think is needed:
>
> http://cr.openjdk.java.net/~andrew/100062/webrev.01/
>
> allowing OpenJDK to be built with the unlimited rather than limited
> crypto policy in place.
I got a chance to talk to Valerie, and what you've done looks good. I'm
"wetmore" if you need a reviewer, and I think Kelly has looked at it too.
> I just placed it within the OPENJDK ifdef so it
> won't interfere with the proprietary build at all, as obviously I
> can't test it
Please leave your new code check within the "ifdef OPENJDK".
Will you be putting this back yourself? If so let me know when you go
in, and I can update the bug once you're in.
Mark wrote:
> The summary is that it was just easier to remove unused classes that
> made the code tricky to understand for no good reason except for some
> secret proprietary code.
Unfortunately, Oracle and some of our commercial (non-OpenJDK) licensees
still depend on that tricky code. :( I'd personally love to strip it
all out, but we have to balance all of its consumers (Oracle SE and ME,
commercial source/binary licensees, OpenJDK, etc.)
Andrew wrote:
> I'm sure it would be easy enough to dump those classes if Oracle
> started producing OpenJDK binaries licensed under the GPL, rather
> than binaries from their proprietary fork.
Unfortunately, not likely in our current export/import climate.
Brad
More information about the security-dev
mailing list