Code review request: 8011402: Move blacklisting certificate logic from hard code to data
Weijun Wang
weijun.wang at oracle.com
Fri Sep 6 14:25:59 UTC 2013
On 9/6/13 10:07 PM, Erik Joelsson wrote:
> Hello Max,
>
> I couldn't find the link to the review but I'm guessing this is the one:
> http://cr.openjdk.java.net/~weijun/8011402/webrev.00/
Correct, sorry about that.
>> 3. Most important: it only works if both $(BLACKLISTED_CERTS_SRC_OPEN)
>> and $(BLACKLISTED_CERTS_SRC_CLOSED) already exists. Currently there is
>> no closed blacklist, but I still have to create an empty file there.
>> Otherwise, there will be
>>
>> make[2]: *** No rule to make target
>> `/space/repos/jdk8/tl/jdk/src/closed/share/lib/security/blacklisted.certs',
>> needed by
>> `/space/repos/jdk8/tl/build/macosx-x86_64-normal-server-release/jdk/lib/security/blacklisted.certs'.
>> Stop.
>>
>> Is there a way to make it work without adding that empty file?
> Yes:
> BLACKLISTED_CERTS_SRCS := /path/to/open/certs
> ifndef OPENJDK
> BLACKLISTED_CERTS_SRCS += /path/to/closed/certs
> endif
>
> $(BLACKLISTED_CERTS_DEST): $(BLACKLISTED_CERTS_SRCS)
> <do stuff>
It's that there is no /path/to/closed/certs file at all now, and I don't
want to just create an empty file to make the build work. What I am
looking for is
ifndef OPENJDK and exists(/path/to/closed/certs)
BLACKLISTED_CERTS_SRCS += /path/to/closed/certs
endif
Thanks
Max
>
> /Erik
>>
>> Thanks
>> Max
>
More information about the security-dev
mailing list