RFR 8140422: Add mechanism to allow non default root CAs to be not subject to algorithm restrictions
Erik Joelsson
erik.joelsson at oracle.com
Sat Mar 12 15:37:01 UTC 2016
Hello Anthony,
I realize you followed the patterns already in the file and we
apparently haven't updated that file to follow latest standards. I would
like you to change the following:
$(ECHO) foo
should be
$(call LogInfo, foo)
and
$(MKDIR) -p foo
should be
$(call MakeDir, foo)
I also don't know what the "|| exit 1" is good for. I think it should
just be removed.
Finally for indentation, in recipes we recommend:
<tab>some command with arguments \
<tab><4 spaces>some more arguments
Otherwise it looks good.
/Erik
On 2016-03-11 22:43, Anthony Scarpino wrote:
>
> I updated the webrev and added the build-dev list as there are two
> makefile changes.
>
> http://cr.openjdk.java.net/~ascarpino/8140422/webrev.01/
>
> thanks
>
> Tony
>
> On 02/29/2016 08:55 AM, Anthony Scarpino wrote:
>> I need a code review of this change:
>>
>> Currently CertPath algorithm restrictions allow or deny all
>> certificates. This change adds the ability to reject certificate chains
>> that contain a restricted algorithm and the chain terminates at a root
>> CA; therefore, allowing a self-signed or chain that does not terminate
>> at a root CA.
>>
>> https://bugs.openjdk.java.net/browse/JDK-8140422
>
>
More information about the build-dev
mailing list