RFR[8u252] - MR3 - ALPN & RSASSA-PSS in Java SE 8

Andrew John Hughes gnu.andrew at redhat.com
Mon Feb 17 07:18:51 UTC 2020



On 13/02/2020 22:32, Bradford Wetmore wrote:

snip...

>>
>> I wasn't looking at the web pages, but just at the patch file
>> (https://cr.openjdk.java.net/~wetmore/MR3-codereview-8u252/PSS/webrev.01/jdk.patch)
>>
>> and comparing with the changesets from 11u.
> 
> I'm a hardcore webrev/frames guys, so I wouldn't have thought to closely
> look for this.
> 
> I believe I've discovered a "bug" in webrev when specifying specific
> revisions.  I use Mercurial Queues to handle my patches.  With these
> revisions:
> 
>     r1 = current tip
>     r2 = ALPN patch applied
>     r3 = PSS patch applied
> 
> If I have applied ALPN + PSS and I use:
> 
>     % webrev -r r2 -o webrev
> 
> to generate the PSS-only changes, I don't get the git headers.  If I
> don't specify -r, it defaults to r1 (current tip):
> 
>     % webrev -o webrev
> 
> Then I do see the git changes, but unfortunately both ALPN+PSS show up
> in a unified webrev.
> 

Yes, I've noticed this too when doing merges, as -r has to be used to
avoid webrev bringing in everything along one branch of the merge.

I'm not sure why though, as, in the script, the only difference when -r
is specified seems to be the revision used.

It does have its own logic for creating diffs so I can only imagine it
doesn't correctly pick up the rename when -r is used.

My best guess would be it doesn't pick up on renames correctly unless it
can see them in hg status.

>>> ---begin---
>>> 8230978: Add support for RSASSA-PSS Signature algorithm (Java SE 8)
>>> ...deleted...
>>> 8238502: sunmscapi.dll causing EXCEPTION_ACCESS_VIOLATION
>>> Summary: See comment in JDK-8230978 for details in Oracle JDK 8u and
>>> OpenJDK 8u
>>> Reviewed-by: valeriep, weijun, coffeys, pkoppula
>>> ---end---
>>>
>>
>> I'd still prefer it was something like:
>>
>> Summary: Contains elements of JDK-8051408 (see comments on JDK-8230978)
>>
>> the reason for this being that this changeset will then show up if
>> someone searches the repository for 8051408, but won't trigger the
>> database to create a backport issue for it.
> 
> Changed.
> 
>>> Did you want me to add you as a reviewer?
>>>
>>
>> Please.
> 
> Done.
> 
> Brad
> 

Thanks for the changes. Commits look good.
-- 
Andrew :)

Senior Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
Fingerprint = 5132 579D D154 0ED2 3E04  C5A0 CFDA 0F9B 3596 4222
https://keybase.io/gnu_andrew

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: OpenPGP digital signature
URL: <https://mail.openjdk.java.net/pipermail/security-dev/attachments/20200217/6ec7fb11/signature-0001.asc>


More information about the security-dev mailing list