From kelly.ohair at oracle.com Wed Jun 1 10:44:03 2011 From: kelly.ohair at oracle.com (kelly.ohair at oracle.com) Date: Wed, 01 Jun 2011 17:44:03 +0000 Subject: hg: jdk7/tl/jaxws: 7049699: Problem with xml/jax-ws Message-ID: <20110601174403.EC7BA47AC8@hg.openjdk.java.net> Changeset: bcca8afc019f Author: ohair Date: 2011-06-01 10:36 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jaxws/rev/bcca8afc019f 7049699: Problem with xml/jax-ws Reviewed-by: ramap ! jaxws.properties From jonathan.gibbons at oracle.com Wed Jun 1 11:27:46 2011 From: jonathan.gibbons at oracle.com (jonathan.gibbons at oracle.com) Date: Wed, 01 Jun 2011 18:27:46 +0000 Subject: hg: jdk7/tl/langtools: 7042623: Regression: javac silently crash when attributing non-existent annotation Message-ID: <20110601182750.84FAF47AD1@hg.openjdk.java.net> Changeset: 6762754eb7c0 Author: jjg Date: 2011-06-01 11:25 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/langtools/rev/6762754eb7c0 7042623: Regression: javac silently crash when attributing non-existent annotation Reviewed-by: mcimadamore ! src/share/classes/com/sun/tools/javac/comp/Check.java + test/tools/javac/T7042623.java + test/tools/javac/T7042623.out From sean.mullan at oracle.com Wed Jun 1 15:08:13 2011 From: sean.mullan at oracle.com (Sean Mullan) Date: Wed, 01 Jun 2011 18:08:13 -0400 Subject: Code Review request for 7050329 Message-ID: <4DE6B84D.7070907@oracle.com> Hi Alan, Would you be able to review my fix for 7050329? In the fix, I removed the dependency on the java.ext.dirs system property and the default java.policy file, which may contain implementation-specific content and thus could vary on JREs from other vendors. http://cr.openjdk.java.net/~mullan/webrevs/7050329/webrev.01/ (Note that the bug hasn't appeared on bugs.sun.com yet) Thanks, Sean From daniel.daugherty at oracle.com Wed Jun 1 20:44:37 2011 From: daniel.daugherty at oracle.com (daniel.daugherty at oracle.com) Date: Thu, 02 Jun 2011 03:44:37 +0000 Subject: hg: jdk8/tl/jdk: 2 new changesets Message-ID: <20110602034531.498AF47AED@hg.openjdk.java.net> Changeset: 0da0a4d22fba Author: dcubed Date: 2011-06-01 17:10 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0da0a4d22fba 7048308: 4/4 LoggingDeadlock3 test timeout is too small Summary: Change timeout for test from 15 seconds to 80 seconds. Reviewed-by: dholmes ! test/java/util/logging/LoggingDeadlock3.java Changeset: 4a221501079a Author: dcubed Date: 2011-06-01 17:11 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/4a221501079a 7045594: 4/4 fix for 6977677 introduced a ResourceBundle race Summary: Fix Logger.getLogger() ResourceBundle name race. Reviewed-by: dholmes, mchung ! src/share/classes/java/util/logging/Logger.java + test/java/util/logging/LoggerResourceBundleRace.java + test/java/util/logging/RacingThreadsTest.java From joe.darcy at oracle.com Wed Jun 1 23:56:48 2011 From: joe.darcy at oracle.com (joe.darcy at oracle.com) Date: Thu, 02 Jun 2011 06:56:48 +0000 Subject: hg: jdk8/tl/langtools: 7025784: Add SourceVersion.RELEASE_8; ... Message-ID: <20110602065653.A193C47AF5@hg.openjdk.java.net> Changeset: defdd98cb7ce Author: darcy Date: 2011-06-01 23:56 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/defdd98cb7ce 7025784: Add SourceVersion.RELEASE_8 7025786: Add -source 8 and -target 8 to javac 7025789: Change javac source and target default to 8 Reviewed-by: jjg ! src/share/classes/com/sun/tools/javac/code/Source.java ! src/share/classes/com/sun/tools/javac/jvm/Target.java ! src/share/classes/com/sun/tools/javac/processing/PrintingProcessor.java ! src/share/classes/javax/lang/model/SourceVersion.java ! test/tools/javac/6330997/T6330997.java ! test/tools/javac/api/T6395981.java ! test/tools/javac/processing/warnings/TestSourceVersionWarnings.java ! test/tools/javac/quid/T6999438.java ! test/tools/javac/versions/check.sh From Alan.Bateman at oracle.com Thu Jun 2 06:36:53 2011 From: Alan.Bateman at oracle.com (Alan Bateman) Date: Thu, 02 Jun 2011 14:36:53 +0100 Subject: Code Review request for 7050329 In-Reply-To: <4DE6B84D.7070907@oracle.com> References: <4DE6B84D.7070907@oracle.com> Message-ID: <4DE791F5.2020902@oracle.com> Sean Mullan wrote: > Hi Alan, > > Would you be able to review my fix for 7050329? In the fix, I removed > the dependency on the java.ext.dirs system property and the default > java.policy file, which may contain implementation-specific content > and thus could vary on JREs from other vendors. > > http://cr.openjdk.java.net/~mullan/webrevs/7050329/webrev.01/ > > (Note that the bug hasn't appeared on bugs.sun.com yet) > > Thanks, > Sean Looks okay to me. I assume a simpler fix would be to just change the split to use the path separator rather than ":". -Alan. From sean.mullan at oracle.com Thu Jun 2 07:03:00 2011 From: sean.mullan at oracle.com (Sean Mullan) Date: Thu, 02 Jun 2011 10:03:00 -0400 Subject: Code Review request for 7050329 In-Reply-To: <4DE791F5.2020902@oracle.com> References: <4DE6B84D.7070907@oracle.com> <4DE791F5.2020902@oracle.com> Message-ID: <4DE79814.9010209@oracle.com> On 6/2/11 9:36 AM, Alan Bateman wrote: > Sean Mullan wrote: >> Hi Alan, >> >> Would you be able to review my fix for 7050329? In the fix, I removed the >> dependency on the java.ext.dirs system property and the default java.policy >> file, which may contain implementation-specific content and thus could vary on >> JREs from other vendors. >> >> http://cr.openjdk.java.net/~mullan/webrevs/7050329/webrev.01/ >> >> (Note that the bug hasn't appeared on bugs.sun.com yet) >> >> Thanks, >> Sean > Looks okay to me. I assume a simpler fix would be to just change the split to > use the path separator rather than ":". Yes, but I wanted to completely avoid any dependency and potential additional parsing issues on java.ext.dirs, which can be extended to contain additional directories, etc. Similarly, I could not find a standard that *explicitly* states the default java.policy file must grant AllPermission to standard extensions. It is sort of implied by [1], but still not explicit in my opinion. Although I think it would be very rare to fail because of those cases, I still think this fix is better because it eliminates any doubt about that. --Sean [1] http://download.java.net/jdk7/docs/technotes/guides/extensions/spec.html#security From lance.andersen at oracle.com Thu Jun 2 09:03:03 2011 From: lance.andersen at oracle.com (lance.andersen at oracle.com) Date: Thu, 02 Jun 2011 16:03:03 +0000 Subject: hg: jdk7/tl/jdk: 7049107: Cannot call initCause() on BatchUpdateException Message-ID: <20110602160345.151E547B0B@hg.openjdk.java.net> Changeset: a00f48c96345 Author: lancea Date: 2011-06-02 12:02 -0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/a00f48c96345 7049107: Cannot call initCause() on BatchUpdateException Reviewed-by: darcy ! src/share/classes/java/sql/BatchUpdateException.java From lana.steuck at oracle.com Fri Jun 3 21:50:26 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Sat, 04 Jun 2011 04:50:26 +0000 Subject: hg: jdk7/tl: 2 new changesets Message-ID: <20110604045026.DD14A47B87@hg.openjdk.java.net> Changeset: 4373d87e6f37 Author: schien Date: 2011-05-26 20:19 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/rev/4373d87e6f37 Added tag jdk7-b144 for changeset 7203965666a4 ! .hgtags Changeset: 55e9ebf03218 Author: lana Date: 2011-06-02 13:37 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/rev/55e9ebf03218 Merge From lana.steuck at oracle.com Fri Jun 3 21:50:31 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Sat, 04 Jun 2011 04:50:31 +0000 Subject: hg: jdk7/tl/jaxp: 2 new changesets Message-ID: <20110604045031.B05D047B88@hg.openjdk.java.net> Changeset: bee49f47043f Author: schien Date: 2011-05-26 20:19 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jaxp/rev/bee49f47043f Added tag jdk7-b144 for changeset 39bf6dcaab23 ! .hgtags Changeset: 10ca7570f47f Author: lana Date: 2011-06-02 13:37 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jaxp/rev/10ca7570f47f Merge From lana.steuck at oracle.com Fri Jun 3 21:50:25 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Sat, 04 Jun 2011 04:50:25 +0000 Subject: hg: jdk7/tl/corba: 3 new changesets Message-ID: <20110604045032.D2E3747B89@hg.openjdk.java.net> Changeset: 7033a5756ad5 Author: katleman Date: 2011-05-25 13:31 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/corba/rev/7033a5756ad5 7044486: open jdk repos have files with incorrect copyright headers, which can end up in src bundles Reviewed-by: ohair, trims ! src/share/classes/com/sun/corba/se/impl/transport/CorbaTransportManagerImpl.java Changeset: 74eb715474f2 Author: schien Date: 2011-05-26 20:19 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/corba/rev/74eb715474f2 Added tag jdk7-b144 for changeset 7033a5756ad5 ! .hgtags Changeset: 77ec0541aa2a Author: lana Date: 2011-06-02 13:37 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/corba/rev/77ec0541aa2a Merge From lana.steuck at oracle.com Fri Jun 3 21:50:36 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Sat, 04 Jun 2011 04:50:36 +0000 Subject: hg: jdk7/tl/jaxws: 2 new changesets Message-ID: <20110604045036.36B9C47B8A@hg.openjdk.java.net> Changeset: 6158298d2b94 Author: schien Date: 2011-05-26 20:19 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jaxws/rev/6158298d2b94 Added tag jdk7-b144 for changeset 6bd683f2d527 ! .hgtags Changeset: 42bfba80beb7 Author: lana Date: 2011-06-02 13:37 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jaxws/rev/42bfba80beb7 Merge From lana.steuck at oracle.com Fri Jun 3 21:50:43 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Sat, 04 Jun 2011 04:50:43 +0000 Subject: hg: jdk7/tl/langtools: 3 new changesets Message-ID: <20110604045052.325F747B8B@hg.openjdk.java.net> Changeset: 8eb952f43b11 Author: katleman Date: 2011-05-25 13:32 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/langtools/rev/8eb952f43b11 7044486: open jdk repos have files with incorrect copyright headers, which can end up in src bundles Reviewed-by: ohair, trims ! src/share/classes/com/sun/source/tree/UnionTypeTree.java ! src/share/classes/com/sun/tools/classfile/ClassTranslator.java ! src/share/classes/com/sun/tools/classfile/Dependencies.java ! src/share/classes/javax/lang/model/util/AbstractTypeVisitor7.java ! src/share/classes/javax/lang/model/util/ElementKindVisitor7.java ! test/tools/javac/4241573/T4241573.java ! test/tools/javac/6508981/TestInferBinaryName.java ! test/tools/javac/TryWithResources/DuplicateResource.java ! test/tools/javac/api/6411310/Test.java ! test/tools/javac/api/T6838467.java ! test/tools/javac/api/T6877206.java ! test/tools/javac/api/TestClientCodeWrapper.java ! test/tools/javac/api/TestJavacTask_Lock.java ! test/tools/javac/api/TestJavacTask_Multiple.java ! test/tools/javac/api/TestJavacTask_ParseAttrGen.java ! test/tools/javac/multicatch/model/ModelChecker.java ! test/tools/javac/processing/model/element/TestMissingElement2/TestMissingGenericInterface1.java ! test/tools/javac/processing/model/element/TestMissingElement2/TestMissingGenericInterface2.java ! test/tools/javac/processing/model/element/TestMissingElement2/TestMissingInterface.java ! test/tools/javac/processing/model/util/deprecation/TestDeprecation.java ! test/tools/javac/tree/T6963934.java Changeset: 9f25c6a3ac23 Author: schien Date: 2011-05-26 20:20 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/langtools/rev/9f25c6a3ac23 Added tag jdk7-b144 for changeset 8eb952f43b11 ! .hgtags Changeset: c455e2ae5c93 Author: lana Date: 2011-06-02 13:38 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/langtools/rev/c455e2ae5c93 Merge From lana.steuck at oracle.com Fri Jun 3 21:50:38 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Sat, 04 Jun 2011 04:50:38 +0000 Subject: hg: jdk7/tl/hotspot: 32 new changesets Message-ID: <20110604045141.EEF5447B8C@hg.openjdk.java.net> Changeset: 2aa9ddbb9e60 Author: jmasa Date: 2011-05-03 10:30 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/2aa9ddbb9e60 7041789: 30% perf regression with c2/arm following 7017732 Summary: Implement a more accurate is_scavengable() Reviewed-by: stefank, jcoomes, ysr ! src/share/vm/code/nmethod.cpp ! src/share/vm/code/nmethod.hpp ! src/share/vm/gc_implementation/g1/g1CollectedHeap.cpp ! src/share/vm/gc_implementation/g1/g1CollectedHeap.hpp ! src/share/vm/gc_implementation/parallelScavenge/parallelScavengeHeap.cpp ! src/share/vm/gc_implementation/parallelScavenge/parallelScavengeHeap.hpp ! src/share/vm/gc_implementation/parallelScavenge/parallelScavengeHeap.inline.hpp ! src/share/vm/gc_interface/collectedHeap.hpp ! src/share/vm/memory/genCollectedHeap.cpp ! src/share/vm/memory/genCollectedHeap.hpp ! src/share/vm/memory/sharedHeap.cpp ! src/share/vm/oops/instanceRefKlass.cpp Changeset: 69293e516993 Author: johnc Date: 2011-05-17 00:56 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/69293e516993 7041440: G1: assert(obj->is_oop_or_null(true )) failed: Error # Summary: During an evacuation pause clear the region fields of any concurrent marking task whose local finger points into the collection set as the values in the region fields will become stale. Clearing these fields causes the concurrent mark task to claim a new region when marking restarts after the pause. Reviewed-by: tonyp, iveresov ! src/share/vm/gc_implementation/g1/concurrentMark.cpp ! src/share/vm/gc_implementation/g1/concurrentMark.hpp ! src/share/vm/gc_implementation/g1/g1CollectedHeap.cpp Changeset: ea4859d7fee7 Author: brutisso Date: 2011-05-18 13:19 +0200 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/ea4859d7fee7 Merge Changeset: 03b943e6c025 Author: dholmes Date: 2011-05-15 23:57 -0400 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/03b943e6c025 7035744: jprt no longer does open-only builds Summary: Added Open (OpenJDK) and Emb (Embedded) build flavours to JPRT. Added a few open builds and basic sanity tests to the normal JDK7 JPRT submission job. Reviewed-by: ohair, jcoomes, bobv, kvn ! make/jprt.gmk ! make/jprt.properties Changeset: 8bec9b249a6e Author: dholmes Date: 2011-05-17 09:29 -0400 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/8bec9b249a6e Merge Changeset: 3f3325361b86 Author: kamg Date: 2011-05-18 10:12 -0400 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/3f3325361b86 Merge Changeset: 38569792a45a Author: kvn Date: 2011-05-16 14:21 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/38569792a45a 7044725: -XX:-UnrollLimitCheck -Xcomp : Exception: String index out of range: 29488 Summary: Fix problems in new RCE code. Reviewed-by: never ! src/share/vm/opto/loopTransform.cpp ! src/share/vm/opto/loopnode.hpp Changeset: f52ed367b66d Author: never Date: 2011-05-16 22:16 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/f52ed367b66d 6996747: SIGSEGV in nmethod::cleanup_inline_caches / CompiledIC::verify Reviewed-by: kvn, iveresov ! src/share/vm/runtime/globals.hpp ! src/share/vm/runtime/sweeper.cpp ! src/share/vm/runtime/sweeper.hpp ! src/share/vm/runtime/thread.cpp ! src/share/vm/runtime/thread.hpp Changeset: 33ae33516634 Author: bdelsart Date: 2011-05-17 16:50 +0200 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/33ae33516634 7045515: ARM assembly code for JSR 292 ricochet frames Summary: ARM ricochet port and minor fixes in shared debug code Reviewed-by: jrose, vladidan ! src/share/vm/prims/methodHandleWalk.cpp ! src/share/vm/prims/methodHandles.hpp Changeset: 231c2b41ea4d Author: kvn Date: 2011-05-17 12:26 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/231c2b41ea4d 7045570: compiler/5091921/Test7005594.java failed because not enough space for object heap Summary: fixed tests. Reviewed-by: iveresov, never ! test/compiler/5091921/Test6890943.sh ! test/compiler/5091921/Test7005594.java + test/compiler/5091921/Test7005594.sh Changeset: 2848194272f4 Author: jrose Date: 2011-05-17 15:43 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/2848194272f4 7044892: JSR 292: API entry points sometimes throw the wrong exceptions or doesn't throw the expected one Summary: Fix to 7042656: JSR292: invokeExact/Generic doesn't throw UnsupportedOperationException if invoked via Method.invoke Reviewed-by: never ! src/share/vm/prims/methodHandles.cpp Changeset: a80577f854f9 Author: never Date: 2011-05-17 19:11 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/a80577f854f9 7045513: JSR 292 inlining causes crashes in methodHandleWalk.cpp Reviewed-by: jrose ! agent/src/share/classes/sun/jvm/hotspot/CommandProcessor.java + agent/src/share/classes/sun/jvm/hotspot/code/AdapterBlob.java ! agent/src/share/classes/sun/jvm/hotspot/code/CodeBlob.java ! agent/src/share/classes/sun/jvm/hotspot/code/CodeCache.java + agent/src/share/classes/sun/jvm/hotspot/code/RicochetBlob.java ! src/cpu/x86/vm/methodHandles_x86.cpp ! src/share/vm/ci/ciMethodHandle.cpp ! src/share/vm/interpreter/bytecodeTracer.cpp ! src/share/vm/opto/idealGraphPrinter.cpp ! src/share/vm/prims/methodHandleWalk.cpp ! src/share/vm/prims/methodHandleWalk.hpp ! src/share/vm/prims/methodHandles.cpp ! src/share/vm/runtime/globals.hpp ! src/share/vm/runtime/thread.cpp ! src/share/vm/runtime/vmStructs.cpp Changeset: b79e8b4ecd76 Author: never Date: 2011-05-17 19:15 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/b79e8b4ecd76 Merge ! src/share/vm/prims/methodHandles.cpp Changeset: 1be2f0c40a34 Author: never Date: 2011-05-18 11:45 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/1be2f0c40a34 Merge Changeset: 62f39d40ebf1 Author: trims Date: 2011-05-20 05:24 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/62f39d40ebf1 7040781: Bump the HS21 build number to 14 Summary: Update the HS21 build number to 14 Reviewed-by: jcoomes ! make/hotspot_version Changeset: 278445be9145 Author: trims Date: 2011-05-24 14:02 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/278445be9145 Added tag hs21-b13 for changeset c149193c768b ! .hgtags Changeset: 01e01c25d24a Author: trims Date: 2011-05-24 14:07 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/01e01c25d24a Merge ! .hgtags Changeset: fe189d4a44e9 Author: katleman Date: 2011-05-25 13:31 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/fe189d4a44e9 7044486: open jdk repos have files with incorrect copyright headers, which can end up in src bundles Reviewed-by: ohair, trims ! agent/src/share/classes/sun/jvm/hotspot/runtime/ServiceThread.java ! make/linux/README ! make/windows/projectfiles/kernel/Makefile ! src/cpu/x86/vm/vm_version_x86.cpp ! src/cpu/x86/vm/vm_version_x86.hpp ! src/os_cpu/solaris_sparc/vm/solaris_sparc.s ! src/share/tools/hsdis/README ! src/share/vm/gc_implementation/g1/heapRegionSet.hpp ! src/share/vm/gc_implementation/g1/heapRegionSet.inline.hpp ! src/share/vm/gc_implementation/g1/heapRegionSets.hpp ! src/share/vm/gc_implementation/parNew/parCardTableModRefBS.cpp ! src/share/vm/utilities/yieldingWorkgroup.cpp Changeset: d920485ae93b Author: schien Date: 2011-05-26 20:19 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/d920485ae93b Added tag jdk7-b144 for changeset fe189d4a44e9 ! .hgtags Changeset: 2b27ef5c2173 Author: kvn Date: 2011-05-20 12:46 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/2b27ef5c2173 7046096: SEGV IN C2 WITH 6U25 Summary: Missing fail flag set in strings concatenation code. Reviewed-by: never ! src/share/vm/opto/stringopts.cpp Changeset: cfbca4d74a61 Author: jcoomes Date: 2011-05-20 22:27 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/cfbca4d74a61 Merge Changeset: 789d04408ca3 Author: kvn Date: 2011-05-21 11:44 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/789d04408ca3 7045693: java/util/EnumSet/EnumSetBash.java still failing intermittently Summary: New limit for unrolled loop should be set only for zero trip guard and loop iteration test. Reviewed-by: never ! src/share/vm/opto/loopTransform.cpp Changeset: b55f5bd7ec66 Author: kvn Date: 2011-05-21 13:59 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/b55f5bd7ec66 7045506: assert(!can_reshape || !new_phi) failed: for igvn new phi should be hooked Summary: Replace the assert in PhiNode::Ideal with check to avoid transformation of new phi. Reviewed-by: never ! src/share/vm/opto/cfgnode.cpp Changeset: 7523488edce5 Author: kvn Date: 2011-05-24 12:54 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/7523488edce5 7047300: VM crashes with assert(_base == InstPtr) failed: Not an object pointer Summary: The code incorrectly used is_instptr() instead of is_oopptr() to get const_oop. Reviewed-by: never ! src/share/vm/opto/output.cpp Changeset: ccf072cdba91 Author: iveresov Date: 2011-05-24 15:30 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/ccf072cdba91 7046893: LP64 problem with double_quadword in c1_LIRAssembler_x86.cpp Summary: Fixed invalid casts in address computation Reviewed-by: kvn, never Contributed-by: thomas.salter at unisys.com ! src/cpu/x86/vm/c1_LIRAssembler_x86.cpp Changeset: 28a9fe9534ea Author: kvn Date: 2011-05-24 20:24 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/28a9fe9534ea 7048030: is_scavengable changes causing compiler to embed more constants Summary: ciObject::can_be_constant() and should_be_constant() should use is_perm() instead of !is_scavengable() Reviewed-by: never, jrose ! src/share/vm/ci/ciObject.cpp ! src/share/vm/ci/ciObject.hpp Changeset: 7db2b9499c36 Author: never Date: 2011-05-25 16:04 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/7db2b9499c36 7046732: JSR 292 assert(result == cpce->f1()) failed: expected result for assembly code Reviewed-by: kvn, iveresov, jrose ! src/share/vm/interpreter/interpreterRuntime.cpp Changeset: 2d4b2b833d29 Author: coleenp Date: 2011-05-27 15:04 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/2d4b2b833d29 7033141: assert(has_cp_cache(i)) failed: oob Summary: Unrewrite bytecodes for OOM error allocating the constant pool cache. Reviewed-by: dcubed, acorn, never ! src/share/vm/interpreter/rewriter.cpp ! src/share/vm/interpreter/rewriter.hpp ! src/share/vm/oops/instanceKlass.cpp ! src/share/vm/oops/instanceKlass.hpp ! src/share/vm/oops/methodOop.cpp ! src/share/vm/prims/jvmtiRedefineClasses.cpp ! src/share/vm/prims/methodHandleWalk.cpp Changeset: 8cbcd406c42e Author: ysr Date: 2011-05-27 15:05 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/8cbcd406c42e 7042740: CMS: assert(n> q) failed: Looping at: ... blockOffsetTable.cpp:557 Summary: Do a one-step look-ahead, when sweeping free or garbage blocks, to avoid overstepping sweep limit, which may become a non-block-boundary because of a heap expansion delta coalescing with a previously co-terminal free block. Reviewed-by: brutisso, tonyp ! src/share/vm/gc_implementation/concurrentMarkSweep/compactibleFreeListSpace.hpp ! src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp ! src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.hpp ! src/share/vm/memory/blockOffsetTable.cpp Changeset: b36598cf2c62 Author: jcoomes Date: 2011-05-27 23:55 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/b36598cf2c62 Merge Changeset: 472fc37e14a9 Author: jcoomes Date: 2011-05-27 23:55 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/472fc37e14a9 7049385: Bump the HS21 build number to 15 Summary: Update the HS21 build number to 15 Reviewed-by: trims ! make/hotspot_version Changeset: 63d3fb179034 Author: lana Date: 2011-06-02 13:37 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/63d3fb179034 Merge From lana.steuck at oracle.com Fri Jun 3 21:51:02 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Sat, 04 Jun 2011 04:51:02 +0000 Subject: hg: jdk7/tl/jdk: 26 new changesets Message-ID: <20110604045527.2A4D347B8D@hg.openjdk.java.net> Changeset: 20bf5b0970e9 Author: jrose Date: 2011-05-17 19:48 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/20bf5b0970e9 7032850: MethodHandle.invokeGeneric throws unspecified RuntimeException if parameterized method is called Summary: Implement invocation corner cases, including correct type conversions and interface type enforcement. Reviewed-by: never ! src/share/classes/java/lang/invoke/AdapterMethodHandle.java ! src/share/classes/java/lang/invoke/InvokeGeneric.java ! src/share/classes/java/lang/invoke/MethodHandle.java ! src/share/classes/java/lang/invoke/MethodHandleImpl.java ! src/share/classes/java/lang/invoke/MethodHandles.java ! src/share/classes/sun/invoke/util/Wrapper.java ! test/java/lang/invoke/6991596/Test6991596.java ! test/java/lang/invoke/InvokeGenericTest.java Changeset: 9828d98bcf18 Author: jrose Date: 2011-05-17 19:48 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/9828d98bcf18 7044892: JSR 292: API entry points sometimes throw the wrong exceptions or doesn't throw the expected one Summary: point-fixes for 7038847, 7038860, 7042656, 7042829, 7041853, and several other reports Reviewed-by: never, kvn ! src/share/classes/java/lang/invoke/AdapterMethodHandle.java ! src/share/classes/java/lang/invoke/BoundMethodHandle.java ! src/share/classes/java/lang/invoke/FilterGeneric.java ! src/share/classes/java/lang/invoke/FilterOneArgument.java ! src/share/classes/java/lang/invoke/FromGeneric.java ! src/share/classes/java/lang/invoke/MethodHandle.java ! src/share/classes/java/lang/invoke/MethodHandleImpl.java ! src/share/classes/java/lang/invoke/MethodHandleStatics.java ! src/share/classes/java/lang/invoke/MethodHandles.java ! src/share/classes/java/lang/invoke/MethodType.java ! src/share/classes/java/lang/invoke/MethodTypeForm.java ! src/share/classes/java/lang/invoke/SpreadGeneric.java ! src/share/classes/java/lang/invoke/ToGeneric.java ! test/java/lang/invoke/MethodHandlesTest.java Changeset: be4b9e596352 Author: trims Date: 2011-05-20 05:24 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/be4b9e596352 Merge Changeset: 127560d6f6e6 Author: trims Date: 2011-05-24 14:11 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/127560d6f6e6 Merge Changeset: 23bdcede4e39 Author: katleman Date: 2011-05-25 13:32 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/23bdcede4e39 7044486: open jdk repos have files with incorrect copyright headers, which can end up in src bundles Reviewed-by: ohair, trims ! src/linux/doc/man/ja/keytool.1 ! src/linux/doc/man/keytool.1 ! src/share/classes/java/io/SerialCallbackContext.java ! src/share/classes/sun/io/ByteToCharCp833.java ! src/share/classes/sun/io/CharToByteCp833.java ! src/share/classes/sun/misc/FpUtils.java ! src/share/classes/sun/security/provider/certpath/URICertStore.java ! src/solaris/doc/sun/man/man1/ja/keytool.1 ! src/solaris/doc/sun/man/man1/keytool.1 ! test/com/sun/net/httpserver/Test10.java ! test/java/awt/List/ScrollOutside/ScrollOut.java ! test/java/awt/event/MouseWheelEvent/InfiniteRecursion/InfiniteRecursion.java ! test/java/awt/event/MouseWheelEvent/InfiniteRecursion/InfiniteRecursion_1.java ! test/java/awt/event/MouseWheelEvent/InfiniteRecursion/InfiniteRecursion_2.java ! test/java/awt/event/MouseWheelEvent/InfiniteRecursion/InfiniteRecursion_3.java ! test/java/awt/event/MouseWheelEvent/InfiniteRecursion/InfiniteRecursion_4.java ! test/java/awt/image/IncorrectSampleMaskTest.java ! test/java/lang/invoke/MethodTypeTest.java ! test/java/rmi/server/UnicastRemoteObject/exportObject/GcDuringExport.java ! test/java/util/EnumMap/DistinctEntrySetElements.java ! test/java/util/EnumMap/EntrySetIteratorRemoveInvalidatesEntry.java ! test/java/util/EnumMap/SimpleSerialization.java ! test/java/util/EnumSet/LargeEnumIteratorRemoveResilience.java ! test/java/util/EnumSet/SmallEnumIteratorRemoveResilience.java ! test/java/util/Hashtable/SerializationDeadlock.java ! test/java/util/Hashtable/SimpleSerialization.java ! test/java/util/IdentityHashMap/DistinctEntrySetElements.java ! test/java/util/IdentityHashMap/EntrySetIteratorRemoveInvalidatesEntry.java ! test/java/util/Vector/SerializationDeadlock.java ! test/java/util/Vector/SimpleSerialization.java ! test/java/util/concurrent/ConcurrentHashMap/DistinctEntrySetElements.java ! test/java/util/zip/ZipFile/ClearStaleZipFileInputStreams.java ! test/sun/net/InetAddress/nameservice/chaining/META-INF/services/sun.net.spi.nameservice.NameServiceDescriptor ! test/tools/launcher/TestHelper.java ! test/tools/pack200/CommandLineTests.java ! test/tools/pack200/Pack200Test.java ! test/tools/pack200/Utils.java Changeset: c344779fab58 Author: schien Date: 2011-05-26 20:20 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/c344779fab58 Added tag jdk7-b144 for changeset 23bdcede4e39 ! .hgtags Changeset: f09930d526ba Author: jrose Date: 2011-05-26 17:37 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/f09930d526ba 7032323: code changes for JSR 292 EG adjustments to API, through Public Review Summary: API code changes and javadoc changes following JSR 292 Public Review comments, through PFD Reviewed-by: never ! src/share/classes/java/lang/BootstrapMethodError.java ! src/share/classes/java/lang/ClassValue.java ! src/share/classes/java/lang/invoke/AdapterMethodHandle.java ! src/share/classes/java/lang/invoke/BoundMethodHandle.java ! src/share/classes/java/lang/invoke/CallSite.java ! src/share/classes/java/lang/invoke/ConstantCallSite.java ! src/share/classes/java/lang/invoke/Invokers.java ! src/share/classes/java/lang/invoke/MemberName.java ! src/share/classes/java/lang/invoke/MethodHandle.java ! src/share/classes/java/lang/invoke/MethodHandleImpl.java ! src/share/classes/java/lang/invoke/MethodHandleNatives.java + src/share/classes/java/lang/invoke/MethodHandleProxies.java ! src/share/classes/java/lang/invoke/MethodHandles.java ! src/share/classes/java/lang/invoke/MethodType.java ! src/share/classes/java/lang/invoke/MutableCallSite.java ! src/share/classes/java/lang/invoke/SwitchPoint.java ! src/share/classes/java/lang/invoke/package-info.java ! src/share/classes/sun/invoke/util/ValueConversions.java ! src/share/classes/sun/invoke/util/VerifyAccess.java ! src/share/classes/sun/invoke/util/Wrapper.java ! test/java/lang/invoke/6998541/Test6998541.java ! test/java/lang/invoke/InvokeDynamicPrintArgs.java ! test/java/lang/invoke/InvokeGenericTest.java ! test/java/lang/invoke/JavaDocExamplesTest.java ! test/java/lang/invoke/MethodHandlesTest.java ! test/java/lang/invoke/indify/Indify.java Changeset: 81f957f86ba5 Author: jcoomes Date: 2011-05-27 19:03 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/81f957f86ba5 Merge Changeset: bc97b962330e Author: mfang Date: 2011-05-26 20:32 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/bc97b962330e 7045184: GTK L&F doesn't have hotkeys in jdk7 b141, while b139 has. Reviewed-by: yhuang, ogino ! src/share/classes/com/sun/java/swing/plaf/gtk/resources/gtk.properties Changeset: 6943c4d9caa3 Author: mfang Date: 2011-05-31 13:58 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/6943c4d9caa3 Merge Changeset: 7c5bc5a807ee Author: dholmes Date: 2011-05-27 19:04 -0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/7c5bc5a807ee 7024120: Verify reduced JRE contents for java 7 Summary: stripped all symbols from libs and executables to reduce JRE size. Restored missing classes needed to pass JCK in headless mode Reviewed-by: bobv, ohair ! make/common/Defs-embedded.gmk ! make/common/Release-embedded.gmk Changeset: f4895b3fe1be Author: dholmes Date: 2011-05-31 17:28 -0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/f4895b3fe1be Merge Changeset: eab27338b3d9 Author: schien Date: 2011-06-01 11:16 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/eab27338b3d9 Merge Changeset: 8d91855a1f4e Author: prr Date: 2011-05-27 13:25 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/8d91855a1f4e 7046587: Outlines in OTF/CFF fonts are misclassified as quadratic curves Reviewed-by: igor ! src/share/classes/sun/font/FileFontStrike.java ! src/share/classes/sun/font/FontScaler.java ! src/share/classes/sun/font/FreetypeFontScaler.java ! src/share/classes/sun/font/NullFontScaler.java Changeset: 0b0b92707cf5 Author: bae Date: 2011-05-30 12:05 +0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/0b0b92707cf5 7032904: XRender: Java2Demo : Infinite loop in Java_sun_java2d_loops_MaskBlit_MaskBlit on OEL 5.6 x64 Reviewed-by: prr ! src/solaris/classes/sun/awt/X11GraphicsEnvironment.java ! src/solaris/native/sun/java2d/x11/XRBackendNative.c Changeset: 290daca0a693 Author: prr Date: 2011-05-30 22:00 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/290daca0a693 7049874: OpenJDK Build breakage fix: freetypescaler.c needs to match updated signature Reviewed-by: lana, igor ! src/share/native/sun/font/freetypeScaler.c Changeset: b351af09bfa3 Author: lana Date: 2011-06-02 13:35 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/b351af09bfa3 Merge Changeset: d2081a1f417f Author: bagiras Date: 2011-05-27 11:45 +0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/d2081a1f417f 7045174: Most of the tests in awt area fails with jdk 7b142 on windows with -Xcheck:jni Reviewed-by: art, denis ! src/windows/native/sun/windows/awt_Object.cpp ! src/windows/native/sun/windows/awt_Toolkit.cpp Changeset: 000a845b1e38 Author: denis Date: 2011-05-28 12:56 +0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/000a845b1e38 7046325: Broken links in java.awt.Toolkit's javadoc Reviewed-by: dav, yan ! src/share/classes/java/awt/Toolkit.java Changeset: eab94f59b6dc Author: dcherepanov Date: 2011-05-30 13:25 +0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/eab94f59b6dc 7045354: Korean IME's Hanja candidate window is not displayed on IMFDemo Reviewed-by: art, ant ! src/windows/native/sun/windows/awt_Component.cpp Changeset: f05164caa490 Author: serb Date: 2011-05-30 17:16 +0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/f05164caa490 7045193: interactive JCK tests java_awt/interactive/FileDialogTests fail Reviewed-by: dcherepanov, dav, art, denis ! src/solaris/classes/sun/awt/X11/GtkFileDialogPeer.java Changeset: b955226868af Author: lana Date: 2011-06-02 13:36 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/b955226868af Merge Changeset: 1fbaf2b688a6 Author: rupashka Date: 2011-05-24 11:37 +0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/1fbaf2b688a6 7045593: Possible Regression : JTextfield cursor placement behavior algorithm has changed. Reviewed-by: peterz ! src/share/classes/javax/swing/text/Utilities.java + test/javax/swing/text/Utilities/bug7045593.java Changeset: 442237d3ec2c Author: rupashka Date: 2011-05-28 11:55 +0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/442237d3ec2c 7048204: NPE from NimbusLookAndFeel.addDefault Reviewed-by: peterz ! src/share/classes/javax/swing/plaf/nimbus/NimbusLookAndFeel.java + test/javax/swing/plaf/nimbus/Test7048204.java Changeset: 386516fdf40b Author: lana Date: 2011-06-02 13:37 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/386516fdf40b Merge Changeset: 39de8937c1d8 Author: lana Date: 2011-06-02 13:38 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/39de8937c1d8 Merge From alan.bateman at oracle.com Sat Jun 4 03:19:35 2011 From: alan.bateman at oracle.com (alan.bateman at oracle.com) Date: Sat, 04 Jun 2011 10:19:35 +0000 Subject: hg: jdk7/tl/jdk: 7050358: (fs spec) Path.toUri doesn't allow custom providers to use opaque URIs Message-ID: <20110604101958.B7C1647BA3@hg.openjdk.java.net> Changeset: 53d759eb580c Author: alanb Date: 2011-06-04 11:18 +0100 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/53d759eb580c 7050358: (fs spec) Path.toUri doesn't allow custom providers to use opaque URIs Reviewed-by: sherman ! src/share/classes/java/nio/file/Path.java From sean.mullan at oracle.com Sat Jun 4 06:54:53 2011 From: sean.mullan at oracle.com (sean.mullan at oracle.com) Date: Sat, 04 Jun 2011 13:54:53 +0000 Subject: hg: jdk7/tl/jdk: 2 new changesets Message-ID: <20110604135522.BDF2B47BAB@hg.openjdk.java.net> Changeset: 49aef5a5416e Author: mullan Date: 2011-06-04 06:45 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/49aef5a5416e 7050329: test/java/security/Policy/GetPermissions/JarURL.java fails on Windows Reviewed-by: alanb ! test/java/security/Policy/GetPermissions/JarURL.java + test/java/security/Policy/GetPermissions/JarURL.policy Changeset: 1f39ca0b9598 Author: mullan Date: 2011-06-04 06:52 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/1f39ca0b9598 Merge From weijun.wang at oracle.com Tue Jun 7 23:03:56 2011 From: weijun.wang at oracle.com (weijun.wang at oracle.com) Date: Wed, 08 Jun 2011 06:03:56 +0000 Subject: hg: jdk8/tl/jdk: 7043737: klist does not detect non-existing keytab Message-ID: <20110608060420.4C85047CBE@hg.openjdk.java.net> Changeset: 9b678733fa51 Author: weijun Date: 2011-06-08 14:01 +0800 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/9b678733fa51 7043737: klist does not detect non-existing keytab Reviewed-by: valeriep ! src/windows/classes/sun/security/krb5/internal/tools/Klist.java + test/sun/security/krb5/tools/ktmissing.sh From michael.x.mcmahon at oracle.com Wed Jun 8 02:58:35 2011 From: michael.x.mcmahon at oracle.com (michael.x.mcmahon at oracle.com) Date: Wed, 08 Jun 2011 09:58:35 +0000 Subject: hg: jdk7/tl/jdk: 7050028: ISE "zip file closed" from JarURLConnection.getInputStream on JDK 7 when !useCaches Message-ID: <20110608095855.20FCB47CCB@hg.openjdk.java.net> Changeset: 6e961c328276 Author: michaelm Date: 2011-06-08 10:56 +0100 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/6e961c328276 7050028: ISE "zip file closed" from JarURLConnection.getInputStream on JDK 7 when !useCaches Reviewed-by: chegar, alanb ! src/share/classes/sun/misc/URLClassPath.java + test/java/net/URLClassLoader/B7050028.java From jim.holmlund at sun.com Thu Jun 9 15:27:51 2011 From: jim.holmlund at sun.com (jim.holmlund at sun.com) Date: Thu, 09 Jun 2011 22:27:51 +0000 Subject: hg: jdk7/tl/langtools: 7052782: Two langtools regression tests fail due to fix for 7034977 which removed the invokeGeneric method Message-ID: <20110609222758.066F447DE6@hg.openjdk.java.net> Changeset: 347349c981f2 Author: jjh Date: 2011-06-09 09:13 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/langtools/rev/347349c981f2 7052782: Two langtools regression tests fail due to fix for 7034977 which removed the invokeGeneric method Summary: Change the tests to call invoke instead of invokeGeneric Reviewed-by: jrose, mcimadamore ! test/tools/javac/meth/InvokeMH.java ! test/tools/javac/meth/XlintWarn.java From dag.wanvik at oracle.com Fri Jun 10 09:16:39 2011 From: dag.wanvik at oracle.com (dag.wanvik at oracle.com) Date: Fri, 10 Jun 2011 16:16:39 +0000 Subject: hg: jdk7/tl/jdk: 7046557: Changes to the Java DB README files in JDK7 Message-ID: <20110610161651.7858847E9C@hg.openjdk.java.net> Changeset: b6ced5ad7a62 Author: dwanvik Date: 2011-06-10 17:44 +0200 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/b6ced5ad7a62 7046557: Changes to the Java DB README files in JDK7 Summary: Update /README.html with correct mention of Java DB, add JDK specific README files to /db and /demo/db. Reviewed-by: ohair ! make/common/Release.gmk From weijun.wang at oracle.com Mon Jun 13 04:55:15 2011 From: weijun.wang at oracle.com (Weijun Wang) Date: Mon, 13 Jun 2011 19:55:15 +0800 Subject: code review request: NTLM SASL mech JCK conformance bugs Message-ID: <4DF5FAA3.9060709@oracle.com> Hi Vinnie http://cr.openjdk.java.net/~weijun/7043847/webrev.00/ There are 5 bugs, you can see them in the webrev. This fix is for JDK 8. I guess I'll need >=2 reviewers for backporting to JDK 7u2. Thanks Max From joe.darcy at oracle.com Mon Jun 13 12:20:59 2011 From: joe.darcy at oracle.com (joe.darcy at oracle.com) Date: Mon, 13 Jun 2011 19:20:59 +0000 Subject: hg: jdk8/tl/jdk: 7052122: Update JDK_MINOR_VERSION for JDK 8 Message-ID: <20110613192128.2A2EB47FDB@hg.openjdk.java.net> Changeset: 958eea7dd46e Author: darcy Date: 2011-06-13 12:17 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/958eea7dd46e 7052122: Update JDK_MINOR_VERSION for JDK 8 Reviewed-by: mr, katleman ! make/common/shared/Defs.gmk ! make/docs/Makefile From joe.darcy at oracle.com Mon Jun 13 12:21:36 2011 From: joe.darcy at oracle.com (joe.darcy at oracle.com) Date: Mon, 13 Jun 2011 19:21:36 +0000 Subject: hg: jdk8/tl/langtools: 7052122: Update JDK_MINOR_VERSION for JDK 8 Message-ID: <20110613192141.A20EA47FDC@hg.openjdk.java.net> Changeset: 3b1fd4ac2e71 Author: darcy Date: 2011-06-13 12:17 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/3b1fd4ac2e71 7052122: Update JDK_MINOR_VERSION for JDK 8 Reviewed-by: mr, katleman + test/tools/javac/processing/model/TestSourceVersion.java From weijun.wang at oracle.com Tue Jun 14 04:19:56 2011 From: weijun.wang at oracle.com (Weijun Wang) Date: Tue, 14 Jun 2011 19:19:56 +0800 Subject: code review request: 7054428: test/java/security/SecureClassLoader/DefineClassByteBuffer.java error Message-ID: <4DF743DC.9080602@oracle.com> Hi Alan The last excluded test in jdk_security1: http://cr.openjdk.java.net/~weijun/7054428/webrev.00/ I'm not an NIO expert, but the test looks too wrong. Is there any chance for it to pass in the last 8 years? Thanks Max -------- Original Message -------- *Change Request ID*: 7054428 *Synopsis*: test/java/security/SecureClassLoader/DefineClassByteBuffer.java error From fweimer at bfk.de Tue Jun 14 04:26:58 2011 From: fweimer at bfk.de (Florian Weimer) Date: Tue, 14 Jun 2011 11:26:58 +0000 Subject: Null-check-in-finally pattern in javax/security documentation Message-ID: <821uywzm9p.fsf@mid.bfk.de> It seems to me this incorrect advice should be removed from the documentation, like this: diff -r 7a341c412ea9 -r 77b101812a2e src/share/classes/java/security/KeyStore.java --- a/src/share/classes/java/security/KeyStore.java Tue Jun 07 14:01:12 2011 -0700 +++ b/src/share/classes/java/security/KeyStore.java Tue Jun 14 13:16:19 2011 +0200 @@ -113,14 +113,11 @@ * // get user password and file input stream * char[] password = getPassword(); * - * java.io.FileInputStream fis = null; + * java.io.FileInputStream fis = new java.io.FileInputStream("keyStoreName"); * try { - * fis = new java.io.FileInputStream("keyStoreName"); * ks.load(fis, password); * } finally { - * if (fis != null) { - * fis.close(); - * } + * fis.close(); * } * * @@ -146,14 +143,11 @@ * ks.setEntry("secretKeyAlias", skEntry, protParam); * * // store away the keystore - * java.io.FileOutputStream fos = null; + * java.io.FileOutputStream fos = new java.io.FileOutputStream("newKeyStoreName"); * try { - * fos = new java.io.FileOutputStream("newKeyStoreName"); * ks.store(fos, password); * } finally { - * if (fos != null) { - * fos.close(); - * } + * fos.close(); * } * * diff -r 7a341c412ea9 -r 77b101812a2e src/share/classes/java/security/cert/X509CRL.java --- a/src/share/classes/java/security/cert/X509CRL.java Tue Jun 07 14:01:12 2011 -0700 +++ b/src/share/classes/java/security/cert/X509CRL.java Tue Jun 14 13:16:19 2011 +0200 @@ -94,15 +94,12 @@ * CRLs are instantiated using a certificate factory. The following is an * example of how to instantiate an X.509 CRL: *

- * InputStream inStream = null;
+ * InputStream inStream = new FileInputStream("fileName-of-crl");
  * try {
- *     inStream = new FileInputStream("fileName-of-crl");
  *     CertificateFactory cf = CertificateFactory.getInstance("X.509");
  *     X509CRL crl = (X509CRL)cf.generateCRL(inStream);
  * } finally {
- *     if (inStream != null) {
- *         inStream.close();
- *     }
+ *     inStream.close();
  * }
  * 
* diff -r 7a341c412ea9 -r 77b101812a2e src/share/classes/java/security/cert/X509Certificate.java --- a/src/share/classes/java/security/cert/X509Certificate.java Tue Jun 07 14:01:12 2011 -0700 +++ b/src/share/classes/java/security/cert/X509Certificate.java Tue Jun 14 13:16:19 2011 +0200 @@ -89,15 +89,12 @@ * Certificates are instantiated using a certificate factory. The following is * an example of how to instantiate an X.509 certificate: *
- * InputStream inStream = null;
+ * InputStream inStream = new FileInputStream("fileName-of-cert");
  * try {
- *     inStream = new FileInputStream("fileName-of-cert");
  *     CertificateFactory cf = CertificateFactory.getInstance("X.509");
  *     X509Certificate cert = (X509Certificate)cf.generateCertificate(inStream);
  * } finally {
- *     if (inStream != null) {
- *         inStream.close();
- *     }
+ *     inStream.close();
  * }
  * 
* There are also instances in actual code (in javax/crypto/JceSecurity.java, for instance), but changing them is probably not worth it. -- Florian Weimer BFK edv-consulting GmbH http://www.bfk.de/ Kriegsstra?e 100 tel: +49-721-96201-1 D-76133 Karlsruhe fax: +49-721-96201-99 From chris.hegarty at oracle.com Tue Jun 14 05:43:32 2011 From: chris.hegarty at oracle.com (Chris Hegarty) Date: Tue, 14 Jun 2011 13:43:32 +0100 Subject: Null-check-in-finally pattern in javax/security documentation In-Reply-To: <821uywzm9p.fsf@mid.bfk.de> References: <821uywzm9p.fsf@mid.bfk.de> Message-ID: <4DF75774.8020703@oracle.com> In fact this looks like a good candidate for try-with-resources. -Chris. On 06/14/11 12:26 PM, Florian Weimer wrote: > It seems to me this incorrect advice should be removed from the > documentation, like this: > > diff -r 7a341c412ea9 -r 77b101812a2e src/share/classes/java/security/KeyStore.java > --- a/src/share/classes/java/security/KeyStore.java Tue Jun 07 14:01:12 2011 -0700 > +++ b/src/share/classes/java/security/KeyStore.java Tue Jun 14 13:16:19 2011 +0200 > @@ -113,14 +113,11 @@ > * // get user password and file input stream > * char[] password = getPassword(); > * > - * java.io.FileInputStream fis = null; > + * java.io.FileInputStream fis = new java.io.FileInputStream("keyStoreName"); > * try { > - * fis = new java.io.FileInputStream("keyStoreName"); > * ks.load(fis, password); > * } finally { > - * if (fis != null) { > - * fis.close(); > - * } > + * fis.close(); > * } > * > * > @@ -146,14 +143,11 @@ > * ks.setEntry("secretKeyAlias", skEntry, protParam); > * > * // store away the keystore > - * java.io.FileOutputStream fos = null; > + * java.io.FileOutputStream fos = new java.io.FileOutputStream("newKeyStoreName"); > * try { > - * fos = new java.io.FileOutputStream("newKeyStoreName"); > * ks.store(fos, password); > * } finally { > - * if (fos != null) { > - * fos.close(); > - * } > + * fos.close(); > * } > * > * > diff -r 7a341c412ea9 -r 77b101812a2e src/share/classes/java/security/cert/X509CRL.java > --- a/src/share/classes/java/security/cert/X509CRL.java Tue Jun 07 14:01:12 2011 -0700 > +++ b/src/share/classes/java/security/cert/X509CRL.java Tue Jun 14 13:16:19 2011 +0200 > @@ -94,15 +94,12 @@ > * CRLs are instantiated using a certificate factory. The following is an > * example of how to instantiate an X.509 CRL: > *

> - * InputStream inStream = null;
> + * InputStream inStream = new FileInputStream("fileName-of-crl");
>    * try {
> - *     inStream = new FileInputStream("fileName-of-crl");
>    *     CertificateFactory cf = CertificateFactory.getInstance("X.509");
>    *     X509CRL crl = (X509CRL)cf.generateCRL(inStream);
>    * } finally {
> - *     if (inStream != null) {
> - *         inStream.close();
> - *     }
> + *     inStream.close();
>    * }
>    *
> * > diff -r 7a341c412ea9 -r 77b101812a2e src/share/classes/java/security/cert/X509Certificate.java > --- a/src/share/classes/java/security/cert/X509Certificate.java Tue Jun 07 14:01:12 2011 -0700 > +++ b/src/share/classes/java/security/cert/X509Certificate.java Tue Jun 14 13:16:19 2011 +0200 > @@ -89,15 +89,12 @@ > * Certificates are instantiated using a certificate factory. The following is > * an example of how to instantiate an X.509 certificate: > *
> - * InputStream inStream = null;
> + * InputStream inStream = new FileInputStream("fileName-of-cert");
>    * try {
> - *     inStream = new FileInputStream("fileName-of-cert");
>    *     CertificateFactory cf = CertificateFactory.getInstance("X.509");
>    *     X509Certificate cert = (X509Certificate)cf.generateCertificate(inStream);
>    * } finally {
> - *     if (inStream != null) {
> - *         inStream.close();
> - *     }
> + *     inStream.close();
>    * }
>    *
> * > > There are also instances in actual code (in > javax/crypto/JceSecurity.java, for instance), but changing them is > probably not worth it. > From Alan.Bateman at oracle.com Tue Jun 14 05:47:50 2011 From: Alan.Bateman at oracle.com (Alan Bateman) Date: Tue, 14 Jun 2011 13:47:50 +0100 Subject: code review request: 7054428: test/java/security/SecureClassLoader/DefineClassByteBuffer.java error In-Reply-To: <4DF743DC.9080602@oracle.com> References: <4DF743DC.9080602@oracle.com> Message-ID: <4DF75876.2040002@oracle.com> Weijun Wang wrote: > Hi Alan > > The last excluded test in jdk_security1: > > http://cr.openjdk.java.net/~weijun/7054428/webrev.00/ > > I'm not an NIO expert, but the test looks too wrong. Is there any > chance for it to pass in the last 8 years? I don't think L104-105 is needed. I agree with L109 and L113. The last 3 buffers also have the wrong position. I haven't studied this test before but it looks to me that it's not actually doing what it should be and the dummy class loaders aren't actually loading Test. My guess the test failure in samevm mode is because of the mapped byte buffer and also leaving the file open in readClassFile. -Alan. From Alan.Bateman at oracle.com Tue Jun 14 05:53:23 2011 From: Alan.Bateman at oracle.com (Alan Bateman) Date: Tue, 14 Jun 2011 13:53:23 +0100 Subject: code review request: 7054428: test/java/security/SecureClassLoader/DefineClassByteBuffer.java error In-Reply-To: <4DF743DC.9080602@oracle.com> References: <4DF743DC.9080602@oracle.com> Message-ID: <4DF759C3.4020706@oracle.com> Weijun Wang wrote: > Hi Alan > > The last excluded test in jdk_security1: > > http://cr.openjdk.java.net/~weijun/7054428/webrev.00/ > > I'm not an NIO expert, but the test looks too wrong. Is there any > chance for it to pass in the last 8 years? I don't think L104-105 is needed. I agree with L109 and L113. The last 3 buffers also have the wrong position. I haven't studied this test before but it looks to me that it's not actually doing what it should be and the dummy class loaders aren't actually loading Test. My guess the test failure in samevm mode is because of the mapped byte buffer and also leaving the file open in readClassFile. -Alan. From sean.mullan at oracle.com Tue Jun 14 06:45:36 2011 From: sean.mullan at oracle.com (Sean Mullan) Date: Tue, 14 Jun 2011 09:45:36 -0400 Subject: Null-check-in-finally pattern in javax/security documentation In-Reply-To: <4DF75774.8020703@oracle.com> References: <821uywzm9p.fsf@mid.bfk.de> <4DF75774.8020703@oracle.com> Message-ID: <4DF76600.40303@oracle.com> I was thinking the same thing. I'll file a bug to have this fixed in JDK 8. --Sean On 06/14/2011 08:43 AM, Chris Hegarty wrote: > In fact this looks like a good candidate for try-with-resources. > > -Chris. > > On 06/14/11 12:26 PM, Florian Weimer wrote: >> It seems to me this incorrect advice should be removed from the >> documentation, like this: >> >> diff -r 7a341c412ea9 -r 77b101812a2e >> src/share/classes/java/security/KeyStore.java >> --- a/src/share/classes/java/security/KeyStore.java Tue Jun 07 >> 14:01:12 2011 -0700 >> +++ b/src/share/classes/java/security/KeyStore.java Tue Jun 14 >> 13:16:19 2011 +0200 >> @@ -113,14 +113,11 @@ >> * // get user password and file input stream >> * char[] password = getPassword(); >> * >> - * java.io.FileInputStream fis = null; >> + * java.io.FileInputStream fis = new >> java.io.FileInputStream("keyStoreName"); >> * try { >> - * fis = new java.io.FileInputStream("keyStoreName"); >> * ks.load(fis, password); >> * } finally { >> - * if (fis != null) { >> - * fis.close(); >> - * } >> + * fis.close(); >> * } >> * >> * >> @@ -146,14 +143,11 @@ >> * ks.setEntry("secretKeyAlias", skEntry, protParam); >> * >> * // store away the keystore >> - * java.io.FileOutputStream fos = null; >> + * java.io.FileOutputStream fos = new >> java.io.FileOutputStream("newKeyStoreName"); >> * try { >> - * fos = new java.io.FileOutputStream("newKeyStoreName"); >> * ks.store(fos, password); >> * } finally { >> - * if (fos != null) { >> - * fos.close(); >> - * } >> + * fos.close(); >> * } >> * >> * >> diff -r 7a341c412ea9 -r 77b101812a2e >> src/share/classes/java/security/cert/X509CRL.java >> --- a/src/share/classes/java/security/cert/X509CRL.java Tue Jun 07 >> 14:01:12 2011 -0700 >> +++ b/src/share/classes/java/security/cert/X509CRL.java Tue Jun 14 >> 13:16:19 2011 +0200 >> @@ -94,15 +94,12 @@ >> * CRLs are instantiated using a certificate factory. The following is an >> * example of how to instantiate an X.509 CRL: >> *

>> - * InputStream inStream = null;
>> + * InputStream inStream = new FileInputStream("fileName-of-crl");
>> * try {
>> - * inStream = new FileInputStream("fileName-of-crl");
>> * CertificateFactory cf = CertificateFactory.getInstance("X.509");
>> * X509CRL crl = (X509CRL)cf.generateCRL(inStream);
>> * } finally {
>> - * if (inStream != null) {
>> - * inStream.close();
>> - * }
>> + * inStream.close();
>> * }
>> *
>> * >> diff -r 7a341c412ea9 -r 77b101812a2e >> src/share/classes/java/security/cert/X509Certificate.java >> --- a/src/share/classes/java/security/cert/X509Certificate.java Tue >> Jun 07 14:01:12 2011 -0700 >> +++ b/src/share/classes/java/security/cert/X509Certificate.java Tue >> Jun 14 13:16:19 2011 +0200 >> @@ -89,15 +89,12 @@ >> * Certificates are instantiated using a certificate factory. The >> following is >> * an example of how to instantiate an X.509 certificate: >> *
>> - * InputStream inStream = null;
>> + * InputStream inStream = new FileInputStream("fileName-of-cert");
>> * try {
>> - * inStream = new FileInputStream("fileName-of-cert");
>> * CertificateFactory cf = CertificateFactory.getInstance("X.509");
>> * X509Certificate cert =
>> (X509Certificate)cf.generateCertificate(inStream);
>> * } finally {
>> - * if (inStream != null) {
>> - * inStream.close();
>> - * }
>> + * inStream.close();
>> * }
>> *
>> * >> >> There are also instances in actual code (in >> javax/crypto/JceSecurity.java, for instance), but changing them is >> probably not worth it. >> From weijun.wang at oracle.com Tue Jun 14 07:18:54 2011 From: weijun.wang at oracle.com (Weijun Wang) Date: Tue, 14 Jun 2011 22:18:54 +0800 Subject: code review request: 7054428: test/java/security/SecureClassLoader/DefineClassByteBuffer.java error In-Reply-To: <4DF759C3.4020706@oracle.com> References: <4DF743DC.9080602@oracle.com> <4DF759C3.4020706@oracle.com> Message-ID: <4DF76DCE.8060209@oracle.com> Without L104, array is empty, and L108 and L112 fill zeros into buffers. I also just noticed that the dummy class loaders are only used in samevm. When running as othervm or standalone, findClass() method is never called. It seems in othervm mode, the TestClass.class is in the same directory as the main class and it's loaded directly by the URLClassLoader (?). I've updated the code changes to first rename the compiled file, so that the URLClassLoader will be find it. The new test runs OK for both samevm and othervm. I've even added a counter to make sure dummy class loader get used. http://cr.openjdk.java.net/~weijun/7054428/webrev.01 JPRT also OK at -- http://jprt-web.us.oracle.com/archive/2011/06/2011-06-14-140902.ww155710.jdk//JobStatus.txt Thanks Max On 06/14/2011 08:53 PM, Alan Bateman wrote: > Weijun Wang wrote: >> Hi Alan >> >> The last excluded test in jdk_security1: >> >> http://cr.openjdk.java.net/~weijun/7054428/webrev.00/ >> >> I'm not an NIO expert, but the test looks too wrong. Is there any >> chance for it to pass in the last 8 years? > I don't think L104-105 is needed. I agree with L109 and L113. The last 3 > buffers also have the wrong position. > > I haven't studied this test before but it looks to me that it's not > actually doing what it should be and the dummy class loaders aren't > actually loading Test. > > My guess the test failure in samevm mode is because of the mapped byte > buffer and also leaving the file open in readClassFile. > > -Alan. From sean.coffey at oracle.com Tue Jun 14 10:02:19 2011 From: sean.coffey at oracle.com (sean.coffey at oracle.com) Date: Tue, 14 Jun 2011 17:02:19 +0000 Subject: hg: jdk8/tl/jdk: 7049774: UID construction appears to hang if time changed backwards Message-ID: <20110614170229.3352B47012@hg.openjdk.java.net> Changeset: 08fdfdb19ad6 Author: coffeys Date: 2011-06-14 18:05 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/08fdfdb19ad6 7049774: UID construction appears to hang if time changed backwards Reviewed-by: alanb, dholmes, chegar, mduigou ! src/share/classes/java/rmi/server/UID.java From joe.darcy at oracle.com Tue Jun 14 12:31:57 2011 From: joe.darcy at oracle.com (joe.darcy at oracle.com) Date: Tue, 14 Jun 2011 19:31:57 +0000 Subject: hg: jdk8/tl/jdk: 7054669: javadoc warnings from java.awt.Toolkit Message-ID: <20110614193222.3762D47019@hg.openjdk.java.net> Changeset: 4e7a9fa84dea Author: darcy Date: 2011-06-14 12:31 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/4e7a9fa84dea 7054669: javadoc warnings from java.awt.Toolkit Reviewed-by: anthony ! src/share/classes/java/awt/Toolkit.java From joe.darcy at oracle.com Tue Jun 14 19:28:55 2011 From: joe.darcy at oracle.com (Joe Darcy) Date: Tue, 14 Jun 2011 19:28:55 -0700 Subject: Code review request for 7041252 Use j.u.Objects.equals in security classes Message-ID: <4DF818E7.2060109@oracle.com> Hello. Please review this change to replace use of private two-argument equals methods with the platform Objects.equals method introduced in JDK 7: 7041252 Use j.u.Objects.equals in security classes http://cr.openjdk.java.net/~darcy/7041252.0/ Patch below. I ran the java/security and sun/security tests with this patch and they all pass except for sun/security/pkcs11/KeyAgreement/TestDH.java. However, that test also fails for me on a build without this change. Thanks, -Joe --- old/src/share/classes/sun/security/tools/KeyTool.java 2011-06-14 18:20:09.000000000 -0700 +++ new/src/share/classes/sun/security/tools/KeyTool.java 2011-06-14 18:20:09.000000000 -0700 @@ -4193,15 +4193,11 @@ return "Pair[" + fst + "," + snd + "]"; } - private static boolean equals(Object x, Object y) { - return (x == null && y == null) || (x != null && x.equals(y)); - } - public boolean equals(Object other) { return other instanceof Pair && - equals(fst, ((Pair)other).fst) && - equals(snd, ((Pair)other).snd); + Objects.equals(fst, ((Pair)other).fst) && + Objects.equals(snd, ((Pair)other).snd); } public int hashCode() { --- old/src/share/classes/sun/security/x509/DistributionPoint.java 2011-06-14 18:20:10.000000000 -0700 +++ new/src/share/classes/sun/security/x509/DistributionPoint.java 2011-06-14 18:20:10.000000000 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -319,13 +319,6 @@ } /** - * Utility function for a.equals(b) where both a and b may be null. - */ - private static boolean equals(Object a, Object b) { - return (a == null) ? (b == null) : a.equals(b); - } - - /** * Compare an object to this DistributionPoint for equality. * * @param obj Object to be compared to this @@ -340,9 +333,9 @@ } DistributionPoint other = (DistributionPoint)obj; - boolean equal = equals(this.fullName, other.fullName) - && equals(this.relativeName, other.relativeName) - && equals(this.crlIssuer, other.crlIssuer) + boolean equal = Objects.equals(this.fullName, other.fullName) + && Objects.equals(this.relativeName, other.relativeName) + && Objects.equals(this.crlIssuer, other.crlIssuer) && Arrays.equals(this.reasonFlags, other.reasonFlags); return equal; } --- old/src/share/classes/sun/security/x509/DistributionPointName.java 2011-06-14 18:20:11.000000000 -0700 +++ new/src/share/classes/sun/security/x509/DistributionPointName.java 2011-06-14 18:20:10.000000000 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -201,8 +201,8 @@ } DistributionPointName other = (DistributionPointName)obj; - return equals(this.fullName, other.fullName) && - equals(this.relativeName, other.relativeName); + return Objects.equals(this.fullName, other.fullName) && + Objects.equals(this.relativeName, other.relativeName); } /** @@ -239,11 +239,4 @@ return sb.toString(); } - - /* - * Utility function for a.equals(b) where both a and b may be null. - */ - private static boolean equals(Object a, Object b) { - return (a == null) ? (b == null) : a.equals(b); - } } From weijun.wang at oracle.com Tue Jun 14 20:40:45 2011 From: weijun.wang at oracle.com (Weijun Wang) Date: Wed, 15 Jun 2011 11:40:45 +0800 Subject: Code review request for 7041252 Use j.u.Objects.equals in security classes In-Reply-To: <4DF818E7.2060109@oracle.com> References: <4DF818E7.2060109@oracle.com> Message-ID: <4DF829BD.9060402@oracle.com> Code changes look fine. Thanks Max On 06/15/2011 10:28 AM, Joe Darcy wrote: > Hello. > > Please review this change to replace use of private two-argument equals > methods with the platform Objects.equals method introduced in JDK 7: > > 7041252 Use j.u.Objects.equals in security classes > http://cr.openjdk.java.net/~darcy/7041252.0/ > > Patch below. > > I ran the java/security and sun/security tests with this patch and they > all pass except for sun/security/pkcs11/KeyAgreement/TestDH.java. > However, that test also fails for me on a build without this change. > > Thanks, > > -Joe > > --- old/src/share/classes/sun/security/tools/KeyTool.java 2011-06-14 > 18:20:09.000000000 -0700 > +++ new/src/share/classes/sun/security/tools/KeyTool.java 2011-06-14 > 18:20:09.000000000 -0700 > @@ -4193,15 +4193,11 @@ > return "Pair[" + fst + "," + snd + "]"; > } > > - private static boolean equals(Object x, Object y) { > - return (x == null && y == null) || (x != null && x.equals(y)); > - } > - > public boolean equals(Object other) { > return > other instanceof Pair && > - equals(fst, ((Pair)other).fst) && > - equals(snd, ((Pair)other).snd); > + Objects.equals(fst, ((Pair)other).fst) && > + Objects.equals(snd, ((Pair)other).snd); > } > > public int hashCode() { > --- old/src/share/classes/sun/security/x509/DistributionPoint.java > 2011-06-14 18:20:10.000000000 -0700 > +++ new/src/share/classes/sun/security/x509/DistributionPoint.java > 2011-06-14 18:20:10.000000000 -0700 > @@ -1,5 +1,5 @@ > /* > - * Copyright (c) 2002, 2006, Oracle and/or its affiliates. All rights > reserved. > + * Copyright (c) 2002, 2011, Oracle and/or its affiliates. All rights > reserved. > * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. > * > * This code is free software; you can redistribute it and/or modify it > @@ -319,13 +319,6 @@ > } > > /** > - * Utility function for a.equals(b) where both a and b may be null. > - */ > - private static boolean equals(Object a, Object b) { > - return (a == null) ? (b == null) : a.equals(b); > - } > - > - /** > * Compare an object to this DistributionPoint for equality. > * > * @param obj Object to be compared to this > @@ -340,9 +333,9 @@ > } > DistributionPoint other = (DistributionPoint)obj; > > - boolean equal = equals(this.fullName, other.fullName) > - && equals(this.relativeName, other.relativeName) > - && equals(this.crlIssuer, other.crlIssuer) > + boolean equal = Objects.equals(this.fullName, other.fullName) > + && Objects.equals(this.relativeName, other.relativeName) > + && Objects.equals(this.crlIssuer, other.crlIssuer) > && Arrays.equals(this.reasonFlags, other.reasonFlags); > return equal; > } > --- old/src/share/classes/sun/security/x509/DistributionPointName.java > 2011-06-14 18:20:11.000000000 -0700 > +++ new/src/share/classes/sun/security/x509/DistributionPointName.java > 2011-06-14 18:20:10.000000000 -0700 > @@ -1,5 +1,5 @@ > /* > - * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. > + * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights > reserved. > * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. > * > * This code is free software; you can redistribute it and/or modify it > @@ -201,8 +201,8 @@ > } > DistributionPointName other = (DistributionPointName)obj; > > - return equals(this.fullName, other.fullName) && > - equals(this.relativeName, other.relativeName); > + return Objects.equals(this.fullName, other.fullName) && > + Objects.equals(this.relativeName, other.relativeName); > } > > /** > @@ -239,11 +239,4 @@ > > return sb.toString(); > } > - > - /* > - * Utility function for a.equals(b) where both a and b may be null. > - */ > - private static boolean equals(Object a, Object b) { > - return (a == null) ? (b == null) : a.equals(b); > - } > } > From weijun.wang at oracle.com Wed Jun 15 01:45:48 2011 From: weijun.wang at oracle.com (Weijun Wang) Date: Wed, 15 Jun 2011 16:45:48 +0800 Subject: test/java/security/spec/EllipticCurveMatch.java othervm? Message-ID: <4DF8713C.3040400@oracle.com> Hi Vinnie Why does this test run in /othervm mode? Thanks Max From vincent.x.ryan at oracle.com Wed Jun 15 02:00:12 2011 From: vincent.x.ryan at oracle.com (Vincent Ryan) Date: Wed, 15 Jun 2011 10:00:12 +0100 Subject: test/java/security/spec/EllipticCurveMatch.java othervm? In-Reply-To: <4DF8713C.3040400@oracle.com> References: <4DF8713C.3040400@oracle.com> Message-ID: <4DF8749C.6060404@oracle.com> On 06/15/11 09:45, Weijun Wang wrote: > Hi Vinnie > > Why does this test run in /othervm mode? > > Thanks > Max It was failing due to SecureRandom problems on some platforms when run in samevm mode. I think it was related to a lack of entropy. From weijun.wang at oracle.com Wed Jun 15 02:04:29 2011 From: weijun.wang at oracle.com (Weijun Wang) Date: Wed, 15 Jun 2011 17:04:29 +0800 Subject: test/java/security/spec/EllipticCurveMatch.java othervm? In-Reply-To: <4DF8749C.6060404@oracle.com> References: <4DF8713C.3040400@oracle.com> <4DF8749C.6060404@oracle.com> Message-ID: <4DF8759D.5030802@oracle.com> Oh, is it possible to use a non-Secure Random? Thanks Max On 06/15/2011 05:00 PM, Vincent Ryan wrote: > On 06/15/11 09:45, Weijun Wang wrote: >> Hi Vinnie >> >> Why does this test run in /othervm mode? >> >> Thanks >> Max > > It was failing due to SecureRandom problems on some platforms when run in samevm > mode. I think it was related to a lack of entropy. From vincent.x.ryan at oracle.com Wed Jun 15 02:11:55 2011 From: vincent.x.ryan at oracle.com (Vincent Ryan) Date: Wed, 15 Jun 2011 10:11:55 +0100 Subject: test/java/security/spec/EllipticCurveMatch.java othervm? In-Reply-To: <4DF8759D.5030802@oracle.com> References: <4DF8713C.3040400@oracle.com> <4DF8749C.6060404@oracle.com> <4DF8759D.5030802@oracle.com> Message-ID: <4DF8775B.4020707@oracle.com> On 06/15/11 10:04, Weijun Wang wrote: > Oh, is it possible to use a non-Secure Random? Since it's just a test: yes. Or even use fixed seed values and avoid (Secure)Random entirely. The test was contributed so I didn't alter it significantly. > > Thanks > Max > > > On 06/15/2011 05:00 PM, Vincent Ryan wrote: >> On 06/15/11 09:45, Weijun Wang wrote: >>> Hi Vinnie >>> >>> Why does this test run in /othervm mode? >>> >>> Thanks >>> Max >> >> It was failing due to SecureRandom problems on some platforms when run in samevm >> mode. I think it was related to a lack of entropy. From Alan.Bateman at oracle.com Wed Jun 15 03:56:29 2011 From: Alan.Bateman at oracle.com (Alan Bateman) Date: Wed, 15 Jun 2011 11:56:29 +0100 Subject: code review request: 7054428: test/java/security/SecureClassLoader/DefineClassByteBuffer.java error In-Reply-To: <4DF76DCE.8060209@oracle.com> References: <4DF743DC.9080602@oracle.com> <4DF759C3.4020706@oracle.com> <4DF76DCE.8060209@oracle.com> Message-ID: <4DF88FDD.9080005@oracle.com> Weijun Wang wrote: > Without L104, array is empty, and L108 and L112 fill zeros into buffers. > > I also just noticed that the dummy class loaders are only used in > samevm. When running as othervm or standalone, findClass() method is > never called. > > It seems in othervm mode, the TestClass.class is in the same directory > as the main class and it's loaded directly by the URLClassLoader (?). > > I've updated the code changes to first rename the compiled file, so > that the URLClassLoader will be find it. The new test runs OK for both > samevm and othervm. I've even added a counter to make sure dummy class > loader get used. > > http://cr.openjdk.java.net/~weijun/7054428/webrev.01 I assume the original author just didn't realize that delegation meant that TestClass was being loaded by the parent loader. Anyway, the changes look okay to me. I guess an alternative would be to compile TestClass into a different directory rather than renaming it. Now back to the original issue. My guess is that it was failing in samevm mode because readClassFile leaves the file open and it would be good to fix that. We might also need to do something with the file mapping. -Alan From weijun.wang at oracle.com Wed Jun 15 04:19:26 2011 From: weijun.wang at oracle.com (Weijun Wang) Date: Wed, 15 Jun 2011 19:19:26 +0800 Subject: code review request: 7054428: test/java/security/SecureClassLoader/DefineClassByteBuffer.java error In-Reply-To: <4DF88FDD.9080005@oracle.com> References: <4DF743DC.9080602@oracle.com> <4DF759C3.4020706@oracle.com> <4DF76DCE.8060209@oracle.com> <4DF88FDD.9080005@oracle.com> Message-ID: <4DF8953E.8010306@oracle.com> > Now back to the original issue. My guess is that it was failing in > samevm mode because readClassFile leaves the file open and it would > be good to fix that. We might also need to do something with the > file mapping. But the current test passes without closing the stream, even on Windows. I guess it's because the file opened is not in scratch directory and needs not be cleaned up. If we have to close the stream/channel, it seems the references need to saved in DummyClassLoader's static fields and cleaned up in another static method called in a finally clause of the test's main method. The reason the original test failed in samevm is that buffers[DIRECT_BUFFER].flip() is not called and its remaining() is zero, and causes the error: java.lang.ClassFormatError: Truncated class file Thanks Max On 06/15/2011 06:56 PM, Alan Bateman wrote: > Weijun Wang wrote: >> Without L104, array is empty, and L108 and L112 fill zeros into >> buffers. >> >> I also just noticed that the dummy class loaders are only used in >> samevm. When running as othervm or standalone, findClass() method >> is never called. >> >> It seems in othervm mode, the TestClass.class is in the same >> directory as the main class and it's loaded directly by the >> URLClassLoader (?). >> >> I've updated the code changes to first rename the compiled file, so >> that the URLClassLoader will be find it. The new test runs OK for >> both samevm and othervm. I've even added a counter to make sure >> dummy class loader get used. >> >> http://cr.openjdk.java.net/~weijun/7054428/webrev.01 > I assume the original author just didn't realize that delegation > meant that TestClass was being loaded by the parent loader. > > Anyway, the changes look okay to me. I guess an alternative would be > to compile TestClass into a different directory rather than renaming > it. > > > -Alan From Alan.Bateman at oracle.com Wed Jun 15 04:26:31 2011 From: Alan.Bateman at oracle.com (Alan Bateman) Date: Wed, 15 Jun 2011 12:26:31 +0100 Subject: code review request: 7054428: test/java/security/SecureClassLoader/DefineClassByteBuffer.java error In-Reply-To: <4DF8953E.8010306@oracle.com> References: <4DF743DC.9080602@oracle.com> <4DF759C3.4020706@oracle.com> <4DF76DCE.8060209@oracle.com> <4DF88FDD.9080005@oracle.com> <4DF8953E.8010306@oracle.com> Message-ID: <4DF896E7.5020701@oracle.com> Weijun Wang wrote: > > But the current test passes without closing the stream, even on > Windows. I guess it's because the file opened is not in scratch > directory and needs not be cleaned up. > > If we have to close the stream/channel, it seems the references need > to saved in DummyClassLoader's static fields and cleaned up in another > static method called in a finally clause of the test's main method. > > The reason the original test failed in samevm is that > buffers[DIRECT_BUFFER].flip() is not called and its remaining() is > zero, and causes the error: > > java.lang.ClassFormatError: Truncated class file You are right, the file is the test.src directory and so isn't subject to the clean-up. In that case I'm okay with the proposed changes. I do think we should still close the FileChannel in readClassFile. Once a file mapping is created then the FileChannel can be closed and this would help avoid open file descriptors building up - this can happen when running hunreds of tests in the same VM. -Alan. From weijun.wang at oracle.com Wed Jun 15 04:47:40 2011 From: weijun.wang at oracle.com (Weijun Wang) Date: Wed, 15 Jun 2011 19:47:40 +0800 Subject: code review request: 7054428: test/java/security/SecureClassLoader/DefineClassByteBuffer.java error In-Reply-To: <4DF896E7.5020701@oracle.com> References: <4DF743DC.9080602@oracle.com> <4DF759C3.4020706@oracle.com> <4DF76DCE.8060209@oracle.com> <4DF88FDD.9080005@oracle.com> <4DF8953E.8010306@oracle.com> <4DF896E7.5020701@oracle.com> Message-ID: <4DF89BDC.7070309@oracle.com> I've just tried try (FileInputStream fin = new FileInputStream(f); FileChannel fc = fin.getChannel()) { return fc.map(FileChannel.MapMode.READ_ONLY, 0, fc.size()); } and it succeeds. So both the channel and stream can be closed and the file mapping is still usable? Thanks Max On 06/15/2011 07:26 PM, Alan Bateman wrote: > Weijun Wang wrote: >> >> But the current test passes without closing the stream, even on >> Windows. I guess it's because the file opened is not in scratch >> directory and needs not be cleaned up. >> >> If we have to close the stream/channel, it seems the references need >> to saved in DummyClassLoader's static fields and cleaned up in another >> static method called in a finally clause of the test's main method. >> >> The reason the original test failed in samevm is that >> buffers[DIRECT_BUFFER].flip() is not called and its remaining() is >> zero, and causes the error: >> >> java.lang.ClassFormatError: Truncated class file > You are right, the file is the test.src directory and so isn't subject > to the clean-up. In that case I'm okay with the proposed changes. I do > think we should still close the FileChannel in readClassFile. Once a > file mapping is created then the FileChannel can be closed and this > would help avoid open file descriptors building up - this can happen > when running hunreds of tests in the same VM. > > -Alan. From Alan.Bateman at oracle.com Wed Jun 15 04:57:33 2011 From: Alan.Bateman at oracle.com (Alan Bateman) Date: Wed, 15 Jun 2011 12:57:33 +0100 Subject: code review request: 7054428: test/java/security/SecureClassLoader/DefineClassByteBuffer.java error In-Reply-To: <4DF89BDC.7070309@oracle.com> References: <4DF743DC.9080602@oracle.com> <4DF759C3.4020706@oracle.com> <4DF76DCE.8060209@oracle.com> <4DF88FDD.9080005@oracle.com> <4DF8953E.8010306@oracle.com> <4DF896E7.5020701@oracle.com> <4DF89BDC.7070309@oracle.com> Message-ID: <4DF89E2D.7010305@oracle.com> Weijun Wang wrote: > : > > So both the channel and stream can be closed and the file mapping is > still usable? Yes, it's not specified in the map method that once a mapping is established that it is not dependent on the channel. So no problem closing the channel. -Alan. From joe.darcy at oracle.com Wed Jun 15 08:37:50 2011 From: joe.darcy at oracle.com (joe.darcy at oracle.com) Date: Wed, 15 Jun 2011 15:37:50 +0000 Subject: hg: jdk8/tl/jdk: 7041252: Use j.u.Objects.equals in security classes Message-ID: <20110615153816.E9AF74704F@hg.openjdk.java.net> Changeset: 33e6291f3251 Author: darcy Date: 2011-06-15 08:37 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/33e6291f3251 7041252: Use j.u.Objects.equals in security classes Reviewed-by: weijun ! src/share/classes/sun/security/tools/KeyTool.java ! src/share/classes/sun/security/x509/DistributionPoint.java ! src/share/classes/sun/security/x509/DistributionPointName.java From alan.bateman at oracle.com Fri Jun 17 08:58:49 2011 From: alan.bateman at oracle.com (alan.bateman at oracle.com) Date: Fri, 17 Jun 2011 15:58:49 +0000 Subject: hg: jdk7/tl/jdk: 7055508: (aio) EXCEPTION_ACCESS_VIOLATION in AsynchronousSocketChannel.connect on Windows 7 Message-ID: <20110617155901.5FBA9470D2@hg.openjdk.java.net> Changeset: c46f97579fe6 Author: alanb Date: 2011-06-17 16:47 +0100 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/c46f97579fe6 7055508: (aio) EXCEPTION_ACCESS_VIOLATION in AsynchronousSocketChannel.connect on Windows 7 Reviewed-by: chegar ! src/windows/native/sun/nio/ch/WindowsAsynchronousSocketChannelImpl.c From joe.darcy at oracle.com Fri Jun 17 10:35:18 2011 From: joe.darcy at oracle.com (joe.darcy at oracle.com) Date: Fri, 17 Jun 2011 17:35:18 +0000 Subject: hg: jdk8/tl/jdk: 7021922: java.lang.annoation.IncompleteExceptions throws NPE when type is null Message-ID: <20110617173544.D26B1470D6@hg.openjdk.java.net> Changeset: 85480980cd5e Author: darcy Date: 2011-06-17 10:34 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/85480980cd5e 7021922: java.lang.annoation.IncompleteExceptions throws NPE when type is null Reviewed-by: alanb, forax ! src/share/classes/java/lang/annotation/IncompleteAnnotationException.java + test/java/lang/annotation/TestIncompleteAnnotationExceptionNPE.java From sean.mullan at oracle.com Fri Jun 17 11:58:49 2011 From: sean.mullan at oracle.com (Sean Mullan) Date: Fri, 17 Jun 2011 14:58:49 -0400 Subject: Null-check-in-finally pattern in javax/security documentation In-Reply-To: <4DF76600.40303@oracle.com> References: <821uywzm9p.fsf@mid.bfk.de> <4DF75774.8020703@oracle.com> <4DF76600.40303@oracle.com> Message-ID: <4DFBA3E9.3090202@oracle.com> Bug has been filed. See: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7054969 --Sean On 6/14/11 9:45 AM, Sean Mullan wrote: > I was thinking the same thing. I'll file a bug to have this fixed in JDK 8. > > --Sean > > On 06/14/2011 08:43 AM, Chris Hegarty wrote: >> In fact this looks like a good candidate for try-with-resources. >> >> -Chris. >> >> On 06/14/11 12:26 PM, Florian Weimer wrote: >>> It seems to me this incorrect advice should be removed from the >>> documentation, like this: >>> >>> diff -r 7a341c412ea9 -r 77b101812a2e >>> src/share/classes/java/security/KeyStore.java >>> --- a/src/share/classes/java/security/KeyStore.java Tue Jun 07 >>> 14:01:12 2011 -0700 >>> +++ b/src/share/classes/java/security/KeyStore.java Tue Jun 14 >>> 13:16:19 2011 +0200 >>> @@ -113,14 +113,11 @@ >>> * // get user password and file input stream >>> * char[] password = getPassword(); >>> * >>> - * java.io.FileInputStream fis = null; >>> + * java.io.FileInputStream fis = new >>> java.io.FileInputStream("keyStoreName"); >>> * try { >>> - * fis = new java.io.FileInputStream("keyStoreName"); >>> * ks.load(fis, password); >>> * } finally { >>> - * if (fis != null) { >>> - * fis.close(); >>> - * } >>> + * fis.close(); >>> * } >>> * >>> * >>> @@ -146,14 +143,11 @@ >>> * ks.setEntry("secretKeyAlias", skEntry, protParam); >>> * >>> * // store away the keystore >>> - * java.io.FileOutputStream fos = null; >>> + * java.io.FileOutputStream fos = new >>> java.io.FileOutputStream("newKeyStoreName"); >>> * try { >>> - * fos = new java.io.FileOutputStream("newKeyStoreName"); >>> * ks.store(fos, password); >>> * } finally { >>> - * if (fos != null) { >>> - * fos.close(); >>> - * } >>> + * fos.close(); >>> * } >>> * >>> * >>> diff -r 7a341c412ea9 -r 77b101812a2e >>> src/share/classes/java/security/cert/X509CRL.java >>> --- a/src/share/classes/java/security/cert/X509CRL.java Tue Jun 07 >>> 14:01:12 2011 -0700 >>> +++ b/src/share/classes/java/security/cert/X509CRL.java Tue Jun 14 >>> 13:16:19 2011 +0200 >>> @@ -94,15 +94,12 @@ >>> * CRLs are instantiated using a certificate factory. The following is an >>> * example of how to instantiate an X.509 CRL: >>> *

>>> - * InputStream inStream = null;
>>> + * InputStream inStream = new FileInputStream("fileName-of-crl");
>>> * try {
>>> - * inStream = new FileInputStream("fileName-of-crl");
>>> * CertificateFactory cf = CertificateFactory.getInstance("X.509");
>>> * X509CRL crl = (X509CRL)cf.generateCRL(inStream);
>>> * } finally {
>>> - * if (inStream != null) {
>>> - * inStream.close();
>>> - * }
>>> + * inStream.close();
>>> * }
>>> *
>>> * >>> diff -r 7a341c412ea9 -r 77b101812a2e >>> src/share/classes/java/security/cert/X509Certificate.java >>> --- a/src/share/classes/java/security/cert/X509Certificate.java Tue >>> Jun 07 14:01:12 2011 -0700 >>> +++ b/src/share/classes/java/security/cert/X509Certificate.java Tue >>> Jun 14 13:16:19 2011 +0200 >>> @@ -89,15 +89,12 @@ >>> * Certificates are instantiated using a certificate factory. The >>> following is >>> * an example of how to instantiate an X.509 certificate: >>> *
>>> - * InputStream inStream = null;
>>> + * InputStream inStream = new FileInputStream("fileName-of-cert");
>>> * try {
>>> - * inStream = new FileInputStream("fileName-of-cert");
>>> * CertificateFactory cf = CertificateFactory.getInstance("X.509");
>>> * X509Certificate cert =
>>> (X509Certificate)cf.generateCertificate(inStream);
>>> * } finally {
>>> - * if (inStream != null) {
>>> - * inStream.close();
>>> - * }
>>> + * inStream.close();
>>> * }
>>> *
>>> * >>> >>> There are also instances in actual code (in >>> javax/crypto/JceSecurity.java, for instance), but changing them is >>> probably not worth it. >>> > From kumar.x.srinivasan at oracle.com Fri Jun 17 15:29:30 2011 From: kumar.x.srinivasan at oracle.com (kumar.x.srinivasan at oracle.com) Date: Fri, 17 Jun 2011 22:29:30 +0000 Subject: hg: jdk8/tl/jdk: 7043125: TEST: tools/launcher/VersionCheck.java fails just against openjdk7 (b141 & b138-nightly) promoted Message-ID: <20110617222939.EF497470E3@hg.openjdk.java.net> Changeset: e373b4c95b4b Author: ksrini Date: 2011-06-17 15:17 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/e373b4c95b4b 7043125: TEST: tools/launcher/VersionCheck.java fails just against openjdk7 (b141 & b138-nightly) promoted Reviewed-by: darcy ! test/tools/launcher/ExecutionEnvironment.java ! test/tools/launcher/VersionCheck.java From alan.bateman at oracle.com Sun Jun 19 03:33:00 2011 From: alan.bateman at oracle.com (alan.bateman at oracle.com) Date: Sun, 19 Jun 2011 10:33:00 +0000 Subject: hg: jdk8/tl/jdk: 7056489: test/com/sun/jndi/ldap/ReadTimeoutTest.java hangs or times out Message-ID: <20110619103331.744674713D@hg.openjdk.java.net> Changeset: b29888e74be3 Author: alanb Date: 2011-06-19 11:15 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/b29888e74be3 7056489: test/com/sun/jndi/ldap/ReadTimeoutTest.java hangs or times out Reviewed-by: forax, vinnie ! test/ProblemList.txt ! test/com/sun/jndi/ldap/ReadTimeoutTest.java From weijun.wang at oracle.com Mon Jun 20 02:39:20 2011 From: weijun.wang at oracle.com (weijun.wang at oracle.com) Date: Mon, 20 Jun 2011 09:39:20 +0000 Subject: hg: jdk8/tl/jdk: 7054428: test/java/security/SecureClassLoader/DefineClassByteBuffer.java error Message-ID: <20110620093950.06BB54716C@hg.openjdk.java.net> Changeset: 82706552f7a3 Author: weijun Date: 2011-06-20 17:38 +0800 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/82706552f7a3 7054428: test/java/security/SecureClassLoader/DefineClassByteBuffer.java error Reviewed-by: alanb ! test/ProblemList.txt ! test/java/security/SecureClassLoader/DefineClassByteBuffer.java From chris.hegarty at oracle.com Mon Jun 20 03:28:54 2011 From: chris.hegarty at oracle.com (chris.hegarty at oracle.com) Date: Mon, 20 Jun 2011 10:28:54 +0000 Subject: hg: jdk8/tl/jdk: 7051516: ThreadLocalRandom seed is never initialized so all instances generate the same sequence Message-ID: <20110620102904.A01764716E@hg.openjdk.java.net> Changeset: 411d02c13385 Author: dl Date: 2011-06-20 12:27 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/411d02c13385 7051516: ThreadLocalRandom seed is never initialized so all instances generate the same sequence Reviewed-by: chegar, dholmes, mduigou ! src/share/classes/java/util/Random.java From weijun.wang at oracle.com Mon Jun 20 04:19:02 2011 From: weijun.wang at oracle.com (weijun.wang at oracle.com) Date: Mon, 20 Jun 2011 11:19:02 +0000 Subject: hg: jdk8/tl/jdk: 7054918: jdk_security1 test target cleanup Message-ID: <20110620111912.6F3BA47171@hg.openjdk.java.net> Changeset: a015dda3bdc6 Author: weijun Date: 2011-06-20 19:17 +0800 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/a015dda3bdc6 7054918: jdk_security1 test target cleanup Reviewed-by: alanb, smarks, vinnie ! test/ProblemList.txt ! test/java/security/BasicPermission/PermClass.java ! test/java/security/BasicPermission/SerialVersion.java ! test/java/security/KeyFactory/Failover.java ! test/java/security/KeyPairGenerator/Failover.java ! test/java/security/Provider/ChangeProviders.java ! test/java/security/Provider/GetInstance.java ! test/java/security/Provider/RemoveProvider.java ! test/java/security/Provider/Turkish.java ! test/java/security/Security/ClassLoaderDeadlock/Deadlock2.sh ! test/java/security/Security/NoInstalledProviders.java ! test/java/security/Security/SynchronizedAccess.java ! test/java/security/Security/removing/RemoveProviders.java ! test/java/security/UnresolvedPermission/Equals.java ! test/java/security/spec/EllipticCurveMatch.java + test/java/security/testlibrary/ProvidersSnapshot.java From fweimer at bfk.de Mon Jun 20 06:06:20 2011 From: fweimer at bfk.de (Florian Weimer) Date: Mon, 20 Jun 2011 13:06:20 +0000 Subject: Fix for: 6415637: PKCS#12 key stores with empty passwords Message-ID: <82sjr4ejoz.fsf@mid.bfk.de> Hi, the patch below fixes two issues with PKCS#12 key stores: 1. The password and salt expansion resulted in a division by zero for empty password strings. 2. Practically speaking, there are two different ways of deriving keys from an empty passphrase: the terminating NUL character is required by the specification, but is left out by some implementations (including OpenJDK if the first bug is fixed). OpenSSL tries to decrypt with both encodings, and the patch implements that as well. It is difficult to properly implement the retry behavior without changing any interfaces, so this patch uses "\0" for the password *without* a NUL terminator. This is a bit confusing, but it ensures that passing an empty string as the password creates a PKCS#12 store which is compliant with the specification. Because of the division of zero issue, the second change does not actually change behavior. Presumably, this does not count as a small change, so BFK needs to sign a contributor agreement. Is the sun.com email address still the right one to submit the scanned copy? Florian diff -r 77b101812a2e -r c49309b998ec src/share/classes/com/sun/crypto/provider/PBEKey.java --- a/src/share/classes/com/sun/crypto/provider/PBEKey.java Tue Jun 14 13:16:19 2011 +0200 +++ b/src/share/classes/com/sun/crypto/provider/PBEKey.java Fri Jun 17 15:05:06 2011 +0200 @@ -56,9 +56,12 @@ // Should allow an empty password. passwd = new char[0]; } - for (int i=0; i '\u007E')) { - throw new InvalidKeySpecException("Password is not ASCII"); + // Accept "\0" to signify "zero-length password with no terminator". + if (!(passwd.length == 1 && passwd[0] == 0)) { + for (int i=0; i '\u007E')) { + throw new InvalidKeySpecException("Password is not ASCII"); + } } } this.key = new byte[passwd.length]; diff -r 77b101812a2e -r c49309b998ec src/share/classes/com/sun/crypto/provider/PKCS12PBECipherCore.java --- a/src/share/classes/com/sun/crypto/provider/PKCS12PBECipherCore.java Tue Jun 14 13:16:19 2011 +0200 +++ b/src/share/classes/com/sun/crypto/provider/PKCS12PBECipherCore.java Fri Jun 17 15:05:06 2011 +0200 @@ -60,11 +60,15 @@ static byte[] derive(char[] chars, byte[] salt, int ic, int n, int type) { - // Add in trailing NULL terminator. - int length = chars.length*2; - if (length != 0) { - length += 2; - } + // Add in trailing NULL terminator. Special case: + // no terminator if password is "\0". + int length = chars.length*2; + if (length == 2 && chars[0] == 0) { + chars = new char[0]; + length = 0; + } else + length += 2; + byte[] passwd = new byte[length]; for (int i = 0, j = 0; i < chars.length; i++, j+=2) { passwd[j] = (byte) ((chars[i] >>> 8) & 0xFF); @@ -133,6 +137,8 @@ } private static void concat(byte[] src, byte[] dst, int start, int len) { + if (src.length == 0) + return; int loop = len / src.length; int off, i; for (i = 0, off = 0; i < loop; i++, off += src.length) diff -r 77b101812a2e -r c49309b998ec src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java --- a/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java Tue Jun 14 13:16:19 2011 +0200 +++ b/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java Fri Jun 17 15:05:06 2011 +0200 @@ -256,11 +256,25 @@ } try { - // Use JCE - SecretKey skey = getPBEKey(password); - Cipher cipher = Cipher.getInstance(algOid.toString()); - cipher.init(Cipher.DECRYPT_MODE, skey, algParams); - byte[] privateKeyInfo = cipher.doFinal(encryptedKey); + byte[] privateKeyInfo; + while (true) { + try { + // Use JCE + SecretKey skey = getPBEKey(password); + Cipher cipher = Cipher.getInstance(algOid.toString()); + cipher.init(Cipher.DECRYPT_MODE, skey, algParams); + privateKeyInfo = cipher.doFinal(encryptedKey); + break; + } catch (Exception e) { + if (password.length == 0) { + // Retry using an empty password + // without a NULL terminator. + password = new char[1]; + continue; + } + throw e; + } + } PKCS8EncodedKeySpec kspec = new PKCS8EncodedKeySpec(privateKeyInfo); @@ -1272,18 +1286,26 @@ ObjectIdentifier algOid = in.getOID(); AlgorithmParameters algParams = parseAlgParameters(in); - try { - // Use JCE - SecretKey skey = getPBEKey(password); - Cipher cipher = Cipher.getInstance(algOid.toString()); - cipher.init(Cipher.DECRYPT_MODE, skey, algParams); - safeContentsData = cipher.doFinal(safeContentsData); - - } catch (Exception e) { - IOException ioe = new IOException("failed to decrypt safe" - + " contents entry: " + e); - ioe.initCause(e); - throw ioe; + while (true) { + try { + // Use JCE + SecretKey skey = getPBEKey(password); + Cipher cipher = Cipher.getInstance(algOid.toString()); + cipher.init(Cipher.DECRYPT_MODE, skey, algParams); + safeContentsData = cipher.doFinal(safeContentsData); + break; + } catch (Exception e) { + if (password.length == 0) { + // Retry using an empty password + // without a NULL terminator. + password = new char[1]; + continue; + } + IOException ioe = new IOException( + "failed to decrypt safe contents entry: " + e); + ioe.initCause(e); + throw ioe; + } } } else { throw new IOException("public key protected PKCS12" + diff -r 77b101812a2e -r c49309b998ec test/sun/security/pkcs12/Bug6415637.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/pkcs12/Bug6415637.java Fri Jun 17 15:05:06 2011 +0200 @@ -0,0 +1,291 @@ +import java.io.ByteArrayInputStream; +import java.math.BigInteger; +import java.security.KeyStore; +import java.security.cert.X509Certificate; +import java.security.interfaces.RSAPrivateCrtKey; + +/* + * @test + * @bug 6415637 + * @summary Support PKCS#12 key stores protected with an empty password + * @author Florian Weimer + */ + +public class Bug6415637 { + + public static void main(String[] args) throws Exception { + check(WITH_NULL); + check(WITHOUT_NULL); + } + + private static void check(String encodedBlob) throws Exception { + byte[] blob = new byte[encodedBlob.length() * 2]; + for (int i = 0; i < blob.length; ) { + final char ch = encodedBlob.charAt(i / 2); + blob[i++] = (byte) (ch >> 8); + blob[i++] = (byte) ch; + } + KeyStore store = KeyStore.getInstance("PKCS12"); + store.load(new ByteArrayInputStream(blob), new char[0]); + if (!store.aliases().nextElement().equals("test")) + throw new Exception("test alias not found"); + KeyStore.PrivateKeyEntry e = + (KeyStore.PrivateKeyEntry) store.getEntry("test", + new KeyStore.PasswordProtection(new char[0])); + X509Certificate cert = (X509Certificate) e.getCertificateChain()[0]; + if (!cert.getSubjectDN().toString().equals("CN=Test Key")) + throw new Exception("invalid certificate subject DN"); + RSAPrivateCrtKey key = (RSAPrivateCrtKey) e.getPrivateKey(); + if (!key.getPublicExponent().equals(BigInteger.valueOf(65537))) + throw new Exception("invalid public exponent"); + } + + private static final String WITH_NULL = + "\u3082\u097c\u0201\u0330\u8209\u3606\u092a\u8648\u86f7\u0d01" + + "\u0701\ua082\u0927\u0482\u0923\u3082\u091f\u3082\u0564\u0609" + + "\u2a86\u4886\uf70d\u0107\u01a0\u8205\u5504\u8205\u5130\u8205" + + "\u4d30\u8205\u4906\u0b2a\u8648\u86f7\u0d01\u0c0a\u0102\ua082" + + "\u04fa\u3082\u04f6\u3028\u060a\u2a86\u4886\uf70d\u010c\u0103" + + "\u301a\u0414\u8317\ucfd6\u89ab\uc03b\u79d6\u4c45\u1b10\uc3bd" + + "\u3923\ub806\u0202\u0400\u0482\u04c8\ud51d\uf953\ud79e\u92c6" + + "\u83c0\u92dc\ucd05\u69ab\ucc1b\ud538\u2ed9\u7796\ua426\uc14e" + + "\udcbf\ue541\u40be\ud264\u3b5b\uf51f\u8e1a\u892f\u2813\ucdd6" + + "\uf72e\uef55\u35ef\u4620\ude18\ued5e\ufae0\ubed4\uf84e\u276b" + + "\u3596\uc33f\ub251\ue617\u6e00\ua80f\u6c82\u4acd\u7303\u26be" + + "\uffb5\u1e49\u5fb1\uf87c\ua873\ue60a\u7415\u655c\u39f1\ucf16" + + "\u8f5c\u85c6\u4100\u4130\u565b\u649a\u60d6\u6054\u868d\u7267" + + "\u97a8\u8492\uc5a0\udb5e\u2880\udf55\ub0ee\ua641\u8224\u76d2" + + "\u9b1e\u2a67\u1e32\ue1fc\u0a77\u435b\u669f\ued00\u6c30\u963f" + + "\u7ee3\uc5c8\u198f\u8ede\u30e1\u015d\u1195\uc850\u3371\ub9e5" + + "\u6968\u84c3\ub0e4\u22b7\u2a08\u4a9d\u9166\ua9ba\ud945\u0529" + + "\ue1e7\u8aba\ub4ef\u7445\udc9a\ucf73\ud77b\ufafe\ue1df\u3180" + + "\u9585\ued73\uca40\u06b0\ufdee\u95ba\u1aa3\ubd67\ua5c1\u84b4" + + "\u4b50\uc1e1\u4547\ud837\u21bc\uac0d\u0a65\uebb5\u7281\ud9bc" + + "\u2e2c\ua9bc\u7714\u0fc0\uab41\uce09\ud5e8\u5f8c\uc35d\uba6e" + + "\u98a2\u95c3\u87ff\uba8c\u056a\udc9f\uf254\u3d38\uf40a\u77dd" + + "\u4e30\u01de\ubef7\ud288\ue59c\ua143\ub30b\ud0ae\u63b9\u138b" + + "\uc793\u3474\u18ca\udeed\u78d9\u2ae8\u63cc\ua5d1\u6779\u0229" + + "\u7b72\ucfd4\ueecb\ue167\u08c0\u7556\u181d\u8d62\uc401\ub092" + + "\u8cf5\ued71\uf29f\u843e\u13e1\u7e7b\uf589\u0329\u92bd\ud0e3" + + "\u8dcc\u7541\uf195\ueef2\u3f3a\ueb01\uf5b0\u1869\u2216\uf351" + + "\u488d\udffb\u6243\u1121\u9447\u8a3a\u006f\u008c\ue2b3\ued31" + + "\u7f57\u6492\ue02f\u6f68\u387d\u58c0\uaadf\u2ee3\uf304\u3de9" + + "\u9741\u47fa\udde8\ufe8a\u679a\u597d\u8c7c\u9c71\u570e\u1dbd" + + "\ud555\ue853\uff63\u0fcb\u4b28\u3691\u33c8\uc31f\uc510\u6cba" + + "\ud92c\u6462\u733a\u739e\uc792\ud861\u743e\u3bd3\u006b\u2276" + + "\u9fb3\u0a31\u1eb3\ub97e\u4a80\uc076\uaabc\u35a0\u678d\u17c3" + + "\ua225\ua77c\u7d9c\uef2d\u83e2\u6996\uba70\uf6f8\u79a1\u9399" + + "\uc86b\u1cc5\ub2a5\u02c1\ud676\ua274\u4933\u6c60\u6832\ub0be" + + "\u5354\u5af9\uae23\u0963\u722d\u9ad2\u4461\ub768\u2068\u0ccb" + + "\u94fd\u88ac\u0f58\u3bc0\u212d\u30c8\u8860\uf7c9\u1dde\ub6b4" + + "\u3549\u5bcd\ucf83\u9420\u3a40\u16ad\uc4d7\ucd87\ue73a\ue1c7" + + "\u21df\u7f4f\u8659\u9f79\u5b36\uf206\uac66\uc9f3\u6336\u164d" + + "\u9046\uf4d5\u285d\ufcd8\ubd55\u1fb9\ua533\u9101\u1e87\uc7b0" + + "\u64e9\u3817\u216c\u8d41\uba51\u743a\uc74e\ue4ab\u2820\u972f" + + "\ue191\u85b4\u0ea7\ud896\u23cf\u7df5\u1653\ua9f3\ub724\ucbc9" + + "\u9738\ud2f8\u464e\ucf12\u99b8\u64e0\uf03b\u8d02\u85a8\uab52" + + "\u8da3\uea34\ube99\ue5f8\u2b38\ub082\u399d\ue61e\u64a1\u7f90" + + "\u26e9\ueb74\u6107\ufe2f\u82ca\u87a5\u3028\u8e1f\ue859\u61d4" + + "\ud26d\u23a9\uaadc\u02a7\u8ab2\u43d4\uf6b9\udf7a\u8935\u45a4" + + "\ufad6\ue7e4\u92b7\u35d7\u1044\u8ed3\u74ef\uaaa9\u713f\u6ebc" + + "\u1158\u5e5c\u7522\ufe17\ua515\u59a1\u75dd\ue7ac\uafd9\u16a9" + + "\u190e\u18fc\uc041\ufc9e\u3e16\u60c4\ufe51\u6d53\ufa52\u4c08" + + "\uce2a\ue546\u017b\ud96b\ube18\u8cb9\udd50\ued40\u14b0\u7da1" + + "\u2f2c\ubf9d\uc7c7\u1b73\ua155\ucaf8\ue54d\uebb0\u160a\ubd64" + + "\u5ef7\ue1cf\u4633\u86c1\ubc91\u839d\ub148\u9f31\uf2b1\ud133" + + "\u168f\u9374\u4667\u6aa9\u0482\ua2a6\ub5c0\ud9b7\ua070\uf6bd" + + "\u16fe\u0f41\u986b\u3d33\u7cb9\u291d\u24f0\u704a\uc946\u10a2" + + "\udbcf\u6c5f\u5a83\u5507\u036e\ube9f\uf60a\u9da8\u72dd\u23c9" + + "\u8878\udd67\uf486\u1384\u751f\u4694\uee3c\udc2e\ud5d7\ud99a" + + "\u5ee2\u5455\ub82d\u1837\u336d\u5724\u635b\ubd0b\u2e7c\u92be" + + "\u2110\u9c0e\u1662\u43f6\u62ae\u32e3\uaea4\u1cc5\uadc0\u7511" + + "\u6ad4\u0228\ue399\u5741\u2050\ue31a\u7dc8\uf6db\u67bb\u994a" + + "\u5b5a\uaac6\u2210\u95b0\u462e\u0684\u335e\uac36\u7ab9\uab1e" + + "\u0b75\u0f05\u74c5\ufcb3\ua0a5\ube7e\u45f8\u92d5\u3399\u7dd6" + + "\uf96e\u7e01\u7823\u6690\u231c\u4c47\u2d10\u7e7f\u5eb8\u70dd" + + "\u98d2\u6204\u3a92\u3990\u502b\u7cdb\u952a\ufa97\uea3b\ud990" + + "\u436f\uf33a\u070d\u2aff\u7497\u2591\u37e4\ua590\ue7ba\u2c1e" + + "\u53d9\u73fa\udc53\u944f\ua3a5\u5093\u33a4\uf080\u1193\u37f2" + + "\u7642\ub033\u7f90\u9b44\uff89\ue6ef\u81be\u9e6e\u68a4\u5a00" + + "\u9232\u4372\u40aa\u2748\u229d\u534d\u316b\u6e89\ufcb7\uff2e" + + "\ub654\u1649\ucb13\u3c28\u4940\u43aa\uc07d\u247c\u313c\u3017" + + "\u0609\u2a86\u4886\uf70d\u0109\u1431\u0a1e\u0800\u7400\u6500" + + "\u7300\u7430\u2106\u092a\u8648\u86f7\u0d01\u0915\u3114\u0412" + + "\u5469\u6d65\u2031\u3330\u3833\u3132\u3234\u3236\u3437\u3082" + + "\u03b3\u0609\u2a86\u4886\uf70d\u0107\u06a0\u8203\ua430\u8203" + + "\ua002\u0100\u3082\u0399\u0609\u2a86\u4886\uf70d\u0107\u0130" + + "\u2806\u0a2a\u8648\u86f7\u0d01\u0c01\u0630\u1a04\u14de\ud8d8" + + "\ua792\uf9d9\u6875\ua51d\u98ec\udf03\uc2b6\u5100\u8a02\u0204" + + "\u0080\u8203\u6074\ub909\u3c60\ua522\ue4ac\u0f60\u2396\u7baa" + + "\ud208\ub76c\u89a5\ue4ef\u205d\u2062\u4a5b\ua684\uceae\u01b9" + + "\u1e7a\u6e03\ud996\u555a\u615b\uba70\u406f\u80a9\u901e\ua947" + + "\u5b8f\u73f3\udea3\ud8b1\u9782\uac87\u231a\udcd2\u3ef0\u3a17" + + "\u4092\u509f\u0e79\u4cd7\u8516\u5111\uebe1\u86e0\uc548\u5ffc" + + "\u9a99\u11ed\uef13\u17af\u2707\u8984\u8770\u7064\u1943\u1dd3" + + "\u45cf\u9f80\u65f8\u9b3e\u1f70\u6bd0\uc726\u5506\ufb20\u6bdc" + + "\uba8c\u0b19\ucd01\ud0f0\u7040\udf63\u48a5\udf5f\u6559\u1b33" + + "\ubdae\u8183\uc13f\ued10\ud6dc\ud0f0\u6a7f\ubc36\uc7ca\u320f" + + "\u50b8\ud422\ufd99\u8843\u65e8\ue201\u843b\u64ee\ub891\u3ba2" + + "\uecae\ufda0\u72d6\u8394\u2551\ufc44\u3778\u27c3\u061a\u6d3b" + + "\ubd80\ue010\u06df\u39e7\u3d6a\u5ae2\u93fa\u4de4\u938f\u6f27" + + "\ufd39\u4380\u60da\uf215\u79d4\uf6f1\ua02f\u959a\ua0ea\u1c38" + + "\u80e3\u2744\u7506\u54b3\u77ad\u18ce\ucfec\u555e\u7bbe\u2e2f" + + "\u9900\ub2ef\ua5b9\ubdf0\u5e15\ua681\u92c7\u4f86\u2e1a\ub893" + + "\u01fc\u01d2\ub674\uff19\u04c3\ua1a0\u2cea\u72e0\ua8f1\u1358" + + "\ube79\u7caa\u269d\u728a\ue435\u37bd\u6495\uc106\u8830\u9b17" + + "\ue16d\uef78\uae2b\u5313\u1c96\uc0ee\u3098\ud743\ucd1c\u7407" + + "\uf4f9\uee72\ub95e\u31e7\u6435\u0173\u0336\u93c5\u8a1b\u05b4" + + "\u4359\uc4be\ud92b\u8d21\u83a9\u32b7\u6433\ua9bc\u27c2\ud842" + + "\ua4f2\u81c5\ua86c\u2fd2\uba30\u53bd\uc277\u659f\u203b\u60e5" + + "\u37f7\u0984\u31c2\u838a\u2107\u5840\u6411\u1b8d\u044e\ub0b6" + + "\uf558\ue6d3\u62bb\u5464\uf83a\u4d5b\uf153\u9e18\ua353\ubd05" + + "\uf204\ud543\u037d\ue5aa\u473a\ueb13\uac19\u0494\ua08e\u76c3" + + "\ufbd7\u9f1c\u8ca9\u57ad\ud218\uc018\u67ac\u0ae9\ub559\ufe38" + + "\u5641\uec0c\ue0ee\u606c\u1989\ue5a2\uff09\u8c61\u1386\ueb51" + + "\u7cbd\u95cd\u80c5\u3532\u8605\u596d\u4cfd\u7797\u1e82\ud2fe" + + "\uad6b\ua16e\ub6cf\u8fce\ud5a9\u207f\u1d0a\udabe\uc3a6\u5633" + + "\u2023\u925f\u809f\uee7c\u5362\u5fd9\u8dfc\u6b5f\uc95b\u0ae9" + + "\u7b26\u9e5b\u97e8\u9d6e\uaf91\u6d1a\u1d19\ufc27\u0815\uccbc" + + "\u83d4\u2ce2\ue06e\u21a1\u88da\u09af\u9671\uc510\uac23\u398d" + + "\ubea2\ua9a1\uf0d3\u490d\ub94b\u7ff7\u6636\ub1fa\u9b10\u1be3" + + "\u179b\u6a8a\u4a6c\ude1f\u5da7\u7c02\u96ec\u70ac\u5045\udd2c" + + "\u9f6d\uc37d\u5ba6\u4895\ue142\u0db9\uf2dc\uba2e\ud054\ud33e" + + "\u1ed9\u144b\u5d85\u9156\u3a90\ue8cd\u0a01\u67f5\ua81b\u4f56" + + "\u99dd\u4950\ua551\uacdb\udf31\u1f05\u7169\u3231\u0071\u80ec" + + "\ua4e9\ud74e\u62cf\u8931\u11f1\uc925\u0319\uabd4\ufb86\u73c2" + + "\u1479\u005b\uf05d\u4f8d\u44e4\u942b\ud338\ud05d\u2b3b\uf6f5" + + "\udc0d\uf741\u798b\ud8e9\u36a5\u577b\u8a95\ud773\uffcb\u17b3" + + "\u7174\u9616\u9b5e\ua577\u983c\u6e7a\u6cc8\u4a04\u042b\u503e" + + "\ud744\ub65e\ue5de\ufa24\u8c71\u1127\ud47f\ud290\ufd4c\u5cbb" + + "\u0e21\u77fd\u6553\ub82b\ucb49\u41e7\u8e3d\u4539\u925d\u6ba9" + + "\uae47\u391c\ua79e\ub6e2\u7142\u7cb3\u02f5\u6495\u7a85\u2dea" + + "\u787b\u22b7\u6ec2\uea8d\uf930\u3d30\u2130\u0906\u052b\u0e03" + + "\u021a\u0500\u0414\ubfef\u99f5\u0bb0\uc9b3\uf96a\ue267\u6bc0" + + "\u0202\u6d78\ub923\u0414\u5500\u095a\u2a04\u2d7e\u708d\u9779" + + "\u9bdb\u2c4f\u82f2\uf89f\u0202\u0400"; + + private static final String WITHOUT_NULL = + "\u3082\u097c\u0201\u0330\u8209\u3606\u092a\u8648\u86f7\u0d01" + + "\u0701\ua082\u0927\u0482\u0923\u3082\u091f\u3082\u0564\u0609" + + "\u2a86\u4886\uf70d\u0107\u01a0\u8205\u5504\u8205\u5130\u8205" + + "\u4d30\u8205\u4906\u0b2a\u8648\u86f7\u0d01\u0c0a\u0102\ua082" + + "\u04fa\u3082\u04f6\u3028\u060a\u2a86\u4886\uf70d\u010c\u0103" + + "\u301a\u0414\ud258\ubbe7\ub641\ud196\u4969\u3c88\u70f1\u8c97" + + "\u95b1\u8bf3\u0202\u0400\u0482\u04c8\u096a\u4686\uf519\u61da" + + "\u1b3b\uebfd\u89b1\u044b\u3bd8\u79a7\ud022\ud880\ud173\ucde1" + + "\ud2c1\u2c5d\u8ebb\u6bd4\u46db\ub90b\u04b9\ub091\ud1f3\ud468" + + "\u3e93\u2c88\uca5a\u1c54\u5342\u1eca\u8565\ubbbd\ua022\u1ead" + + "\ud0bb\u1a8c\u69cf\uf0f4\ucbfb\u488a\ube99\uf190\ue01c\ud87d" + + "\u78ca\u9e5c\u82f9\u76ad\u811f\u37d0\u272b\u0481\u500c\u0a27" + + "\u08d3\ub637\u3e39\u6db1\ubcba\ue354\u6924\ua9d5\u3555\u20d6" + + "\u4c6b\u3189\u5f91\u382c\uf351\u4de2\ubade\u2a14\uea84\u16b6" + + "\uf7f7\u36de\ubba6\ue952\u5f5d\u8243\u2318\ucf3d\u8ac8\u33d3" + + "\u706c\ue3db\u6619\u7935\u7300\u89b3\u0bcd\uca9f\u0333\ua450" + + "\u1be1\u3e42\ub465\uced5\ub055\u5843\uf40f\ua0f2\u6fea\u94fa" + + "\ua51e\u4b5d\u93c9\ucb2e\u977e\uafd9\u2a2f\u784b\u0320\u5550" + + "\u273f\u469f\uc42b\u2ce7\uedea\u4e0d\u54a5\u1a25\u4fac\ue346" + + "\u2102\u7ab6\uea86\u554f\u7706\u8a80\uf6dd\u04f8\u3b37\u005a" + + "\u4562\u2ef8\u59f9\u32b7\u31c0\ue7dc\ucbde\ue0e1\u2fd9\u0960" + + "\u3e7a\ub4e5\u2a58\u1e2b\uef14\u9a44\u5444\u806d\uc475\u12ab" + + "\ucc3d\ua03b\ubd52\ubf1c\ua9a6\u58aa\uee8b\u96c2\ud0c9\ua029" + + "\u1db4\ub118\u4807\uecaa\ue182\uabb7\ud9ed\u66c5\u2c80\uc6a6" + + "\u3f54\ubc73\u2632\ue1b0\u0d74\u001c\u5740\uc74b\ufadb\u25b4" + + "\ua10e\u3191\u69e6\u0861\u452b\u955c\uac56\ud3c4\u86b7\u45f8" + + "\u777a\uc336\u8cc7\ud471\u76b6\u11d8\ueb84\u14e4\uf44f\uc9ff" + + "\u8929\u0d84\ubcfe\u8cc2\u9d07\u94e6\u1cf9\u19b5\u773a\u012d" + + "\u0453\u4ff3\u40f2\ub144\ufc80\u571c\u0e13\uf890\u9fed\u2045" + + "\u7baf\ufd88\u4920\u2b86\u491d\uecf8\ua5d9\u1e12\u48c7\u2c84" + + "\u3fbe\u4df5\u11ce\u7b81\u83fc\u3efa\u697d\u1f3d\u8d81\u01b0" + + "\u0bf1\u9012\u697f\u3b25\u3574\u5286\udded\u5be0\u7e92\u0a02" + + "\ua486\ud19b\ue0b5\ua05c\u5ac2\u0ad5\u0d04\ua763\ub5c8\uf7e6" + + "\u6e77\u2df3\ub9e7\uda30\ufccb\u7642\u5dc1\udf1f\uc922\uff69" + + "\u4471\u4749\u937a\ud77d\u7c0d\u917c\uf2ef\u122c\u13b2\u8943" + + "\u33aa\uad59\u86e8\u21c4\ueaa0\uf200\ue5f3\u6da0\ue8ef\uce7e" + + "\u37b2\u3ddf\u0480\u08fc\uf89a\ud927\u3f5b\u75d3\ubdfe\u6ebd" + + "\ufab1\u9f54\u1c20\u625b\u1391\u2af0\u43ba\u4395\udf22\u299e" + + "\uf3bf\u7750\u5f68\u0120\u0ee0\u6960\ud939\u621f\uf845\u0025" + + "\ue33c\u7ed9\ueadf\u0005\u6306\u7274\u5e67\ucf7a\uf3c6\u7371" + + "\u487b\u79d7\u2142\ubc1a\ubfe4\u3536\u15db\ufe23\u4352\u6321" + + "\u329d\uc251\u84c8\ufc0e\uc0ca\u5be6\uf530\u0177\ud9cb\ud132" + + "\uf752\u3f26\uda90\ud9cf\u2e46\u3e09\u5d9a\u6902\udb3e\ub06c" + + "\u722d\uf498\u3e93\u6cae\u43b5\u535a\u1cd1\uf0b2\u8d80\u9e53" + + "\ue02e\uf782\u01ce\u5063\u73d1\u5571\uf0e7\ufa22\u7e48\u0c31" + + "\u4642\u29fd\udcab\ue8d4\u7a77\u0880\u4855\u88c7\u7aa5\u0d9c" + + "\uf8b7\uc91c\u127d\u2dd7\ude53\u9d3f\u132b\u965c\ubc80\udd97" + + "\u87bf\ua0e8\ub2a2\u4e1f\u98fd\u72f3\u16ea\uc415\u5be3\ue8df" + + "\u5681\u1f11\u4e3a\uac5d\u1684\u6602\ueb14\u0a96\ufcef\uaebf" + + "\u1f2e\ud1a9\u435c\uf4e5\ub6b4\uaae2\u8244\u96a4\u0d3a\u752f" + + "\uce21\u1bc9\u219e\uf17b\ud95e\ucd12\u1b0a\ucb85\ub0cd\u4ecb" + + "\u6bb4\u5f7c\u2a93\ubb24\u9d7c\u6822\u80cd\u3f54\u78ad\u4fde" + + "\ud57f\uec1d\ub54c\u0d78\u5946\u84c1\ua9ad\u0dea\u0292\ub279" + + "\u1c76\u817e\ub910\ub1fa\ub1c0\u839d\u9eca\u6f83\u8211\u4112" + + "\u440c\u4fbd\u6ef2\u897d\udfa9\ude9e\u1aef\u0f21\u26fb\uaca4" + + "\u637e\ub072\u264f\ud24d\u9357\uc801\u0b84\u2d34\ueddf\u6063" + + "\udc5d\u90dd\u5c62\ufb48\u8c5e\u7c4e\u3bdb\ub590\u7a75\udbd1" + + "\udd78\uc8be\u5915\u7c8b\u8874\u578d\u3116\ub65a\uab8e\ud2ef" + + "\u5d35\ubf8b\u2828\u8983\ua790\uedcf\u9698\ue023\u5786\u627b" + + "\u9037\u1db7\u900e\u1f45\u0001\u7cf8\u14fd\ue437\u0dfd\ucacc" + + "\u5edf\u1742\u7f6e\u612a\ud57d\udca0\u73a4\ud601\uc7f0\uca0e" + + "\u5a44\u00b4\u233a\u84f2\u95b5\u5f16\uc291\u04fb\u369d\u6b99" + + "\ue127\u493f\u66be\u86e9\u9672\u2849\u64a7\u851b\ue420\u8491" + + "\ueb07\u6563\uc753\uc28e\ucad5\uec05\u6920\u8955\u5605\u25f6" + + "\u6193\ubee5\u7a1a\ub73d\ucc27\uc8ce\u7179\u57c1\u7a2a\u37c1" + + "\ua6c7\u2d8a\u4025\uc97d\u8c9d\u7b4b\u1ad5\uc6d7\u50fc\u246d" + + "\u91a9\ua55d\u677a\udc83\u04c7\u3e14\u9950\u420c\udf02\u749b" + + "\ude88\u5459\u2074\ua4ae\ud12d\uaf60\uba98\u630d\u313c\u3017" + + "\u0609\u2a86\u4886\uf70d\u0109\u1431\u0a1e\u0800\u7400\u6500" + + "\u7300\u7430\u2106\u092a\u8648\u86f7\u0d01\u0915\u3114\u0412" + + "\u5469\u6d65\u2031\u3330\u3833\u3132\u3431\u3138\u3238\u3082" + + "\u03b3\u0609\u2a86\u4886\uf70d\u0107\u06a0\u8203\ua430\u8203" + + "\ua002\u0100\u3082\u0399\u0609\u2a86\u4886\uf70d\u0107\u0130" + + "\u2806\u0a2a\u8648\u86f7\u0d01\u0c01\u0630\u1a04\u14af\ud4f5" + + "\u0ff4\u0ede\u0da0\u6cc5\ufd9d\u3502\uae5e\u4cef\u3102\u0204" + + "\u0080\u8203\u6028\ua7e6\u088b\u56b6\uf453\u9747\u68ec\uc064" + + "\u2254\u693f\u25c5\uaa39\u3d87\uc97c\uc558\u5194\u7553\ude3a" + + "\u4575\u9d85\ud843\u2bd0\ua2e8\u244f\u8593\uac84\u54b4\ubdc6" + + "\ucea6\uba1a\ud3da\ua510\uee9d\uaf31\ub5c2\u3329\u0fed\u0e08" + + "\u426b\u46fe\udcc5\u0979\ua9ed\u3123\u9a50\ud222\u3fc0\u771a" + + "\u6f55\u9664\ud56f\u6b03\u6020\u78a4\u63b2\ue35e\u0816\u43a7" + + "\u1909\u52e1\u8183\u1b8d\u9f5b\u19e4\uad73\u8461\ucc86\u3b49" + + "\u322e\ue9d9\u3c66\uea22\u091e\u6621\ua8bf\u0169\u72d0\u535e" + + "\u77dc\u1002\ubded\u7a91\u6cee\u58fa\uc295\uae8e\ue009\uabe9" + + "\u6638\ucaea\u8bbf\uca27\udef5\u2881\u72ec\u8aa5\u582b\u9d6e" + + "\u26bb\u3c70\u8bd6\uf5ec\u34ae\ua967\u5bb1\u22cb\u4b74\u0e50" + + "\u5062\uc6f7\u7cb4\u58a3\uf43d\u57c0\u9654\u2f9c\u9308\u4546" + + "\u6f4a\u37fe\u8d5d\u1465\u8621\u4cd8\u68d6\u0456\u96a4\ud3e2" + + "\u76d1\u2675\u7654\u7649\u10e9\u9d0e\u8b04\uffb6\u020a\u2eb4" + + "\uf24f\u150e\u7f0d\uf41b\u2c76\u538f\uc2df\u79dc\u0472\u1119" + + "\uc148\ue2e8\u1820\ucd45\u08a7\u6bcd\u6eb0\ubd0a\ufff4\uec28" + + "\u819b\u2adb\uefc8\ue8f7\ue233\u6535\uc938\u9771\u3681\u87cf" + + "\u3a24\u4c71\ue1df\u3e19\u259c\uae5b\u27ed\u8a67\uf3e6\u7af0" + + "\u48e1\uc542\uc471\ud8f4\ue317\u46e9\u0b4f\uec45\ua1d3\u2b88" + + "\u8a22\udda1\u7c1a\u273c\ua0f7\u8bac\u3771\u28d2\u6ef8\u28d2" + + "\ud83c\u196f\ue3fd\u9c79\u4305\u01b8\u3490\u0a91\ue4f3\uebc6" + + "\u25a2\u7dd2\u72db\u7531\ucfca\u432f\u2beb\uc649\uf9c5\uc533" + + "\u9f3a\ua611\u935c\ubca6\ud293\u54d6\u0dd1\u0aff\u82fb\u2d69" + + "\u3da0\u3b33\u0986\u45b3\u3353\ub968\u7348\u454f\u9117\ub3dc" + + "\ud7af\u06ca\ua34a\u9357\ue22f\uad3d\u4c76\ub386\ua8d7\u2a90" + + "\u6d17\u9321\u7b00\u21e4\u1994\u9d18\u6439\u04c8\u8282\ub269" + + "\uf786\u75c6\ua505\u983a\ua075\uffa0\ud662\u6ae5\ub126\u96d1" + + "\u9e5e\u346b\ub7ee\ub0a3\u4ee8\ud204\u77ec\u2325\u5da8\ua326" + + "\ua018\u0fd8\ue50e\u93cc\ucc40\u2d89\u2ffb\u54e0\u091a\u19fd" + + "\u45d7\uc0ab\u77a2\u66ae\u794b\u6644\u21c3\ud782\u1e9e\u53e5" + + "\u782e\u55e8\ud44e\u93e8\u379e\u5aa8\u353b\u95de\u7bc1\ucaf3" + + "\u5223\ub5e9\uacbb\ub86b\u6014\u0626\ue7ad\ufd93\ue43a\ud864" + + "\u1e6d\u14b2\ua12a\u94c5\u2ed9\ua7f7\u14f4\u0cbd\uca3b\u7c21" + + "\ua85a\uf834\u6c99\ue1aa\u3832\u2515\u8170\u3c93\u7def\u94fe" + + "\u9c3d\u4ab0\u73ed\u6c72\u8b94\ua407\uc719\uad1e\u6306\u4167" + + "\u921e\uae53\u3fd4\uf569\u6f0b\u82b0\u0ca6\ud61f\ud526\u23c9" + + "\u168d\u4baf\ucc4f\ud8a2\uc64a\ud649\u55e3\u7019\u8f20\u680c" + + "\u5581\u2cb1\ub3a4\u3e37\u5fd3\ua3ca\uc115\u979c\uf910\u3797" + + "\u05cb\u51d6\u74a4\uc5c0\u597b\uf27f\ud5e2\ue8ac\u4f3d\uc0c3" + + "\u9594\u7799\u6876\ub1a3\u059a\uff03\uc2ee\uc8c2\uf224\u3720" + + "\u9177\uabdb\u9202\u18d8\uffbe\u0516\u2a76\uedb5\ufe9e\u6d65" + + "\u4c35\ue4cb\u75aa\u02be\ud24c\ua482\ufc67\ue4f9\u70c7\u3567" + + "\ufc3f\uaa89\ue80a\u6507\u0a65\u4e18\uf919\u071d\u423c\u1756" + + "\u30e5\u37f3\u19b3\u10fb\u6c30\u3d30\u2130\u0906\u052b\u0e03" + + "\u021a\u0500\u0414\ufd05\u4444\ud347\u673c\u6da4\udb7c\u0733" + + "\ud7bf\ud263\uc6b2\u0414\udd17\u155e\u2d4c\u25cb\ua028\u1a23" + + "\ub8b0\uf6be\u925f\ude3a\u0202\u0400"; + +} -- Florian Weimer BFK edv-consulting GmbH http://www.bfk.de/ Kriegsstra?e 100 tel: +49-721-96201-1 D-76133 Karlsruhe fax: +49-721-96201-99 From lana.steuck at oracle.com Mon Jun 20 14:56:21 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Mon, 20 Jun 2011 21:56:21 +0000 Subject: hg: jdk7/tl: Added tag jdk7-b145 for changeset 55e9ebf03218 Message-ID: <20110620215622.1FE224718B@hg.openjdk.java.net> Changeset: 2d38c2a79c14 Author: schien Date: 2011-06-07 14:00 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/rev/2d38c2a79c14 Added tag jdk7-b145 for changeset 55e9ebf03218 ! .hgtags From lana.steuck at oracle.com Mon Jun 20 14:56:27 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Mon, 20 Jun 2011 21:56:27 +0000 Subject: hg: jdk7/tl/corba: Added tag jdk7-b145 for changeset 77ec0541aa2a Message-ID: <20110620215628.B977D4718C@hg.openjdk.java.net> Changeset: 770227a4087e Author: schien Date: 2011-06-07 14:00 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/corba/rev/770227a4087e Added tag jdk7-b145 for changeset 77ec0541aa2a ! .hgtags From lana.steuck at oracle.com Mon Jun 20 14:56:40 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Mon, 20 Jun 2011 21:56:40 +0000 Subject: hg: jdk7/tl/jaxws: 11 new changesets Message-ID: <20110620215640.F3DDC4718D@hg.openjdk.java.net> Changeset: 6ec12c60ad13 Author: schien Date: 2011-06-07 14:01 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jaxws/rev/6ec12c60ad13 Added tag jdk7-b145 for changeset 42bfba80beb7 ! .hgtags Changeset: 581dab3f0773 Author: asaha Date: 2011-04-21 16:15 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jaxws/rev/581dab3f0773 Merge Changeset: 26610bb80151 Author: asaha Date: 2011-05-04 12:00 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jaxws/rev/26610bb80151 Merge Changeset: c6ff860428c7 Author: asaha Date: 2011-05-05 22:28 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jaxws/rev/c6ff860428c7 Merge Changeset: f4e1caef46d0 Author: asaha Date: 2011-05-24 11:11 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jaxws/rev/f4e1caef46d0 Merge Changeset: 9896cee00786 Author: asaha Date: 2011-05-26 17:25 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jaxws/rev/9896cee00786 Merge Changeset: d1febdcb0351 Author: asaha Date: 2011-05-26 21:36 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jaxws/rev/d1febdcb0351 Merge Changeset: 239c80c331da Author: asaha Date: 2011-06-06 10:19 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jaxws/rev/239c80c331da Merge Changeset: 09412171ca4b Author: asaha Date: 2011-06-03 07:54 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jaxws/rev/09412171ca4b Merge Changeset: 9d8fd0982fb8 Author: asaha Date: 2011-06-06 10:54 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jaxws/rev/9d8fd0982fb8 Merge Changeset: 05469dd4c366 Author: lana Date: 2011-06-15 16:04 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jaxws/rev/05469dd4c366 Merge From lana.steuck at oracle.com Mon Jun 20 14:56:45 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Mon, 20 Jun 2011 21:56:45 +0000 Subject: hg: jdk7/tl/jaxp: Added tag jdk7-b145 for changeset 10ca7570f47f Message-ID: <20110620215645.0C0404718E@hg.openjdk.java.net> Changeset: bcd31fa1e3c6 Author: schien Date: 2011-06-07 14:01 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jaxp/rev/bcd31fa1e3c6 Added tag jdk7-b145 for changeset 10ca7570f47f ! .hgtags From lana.steuck at oracle.com Mon Jun 20 14:56:54 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Mon, 20 Jun 2011 21:56:54 +0000 Subject: hg: jdk7/tl/langtools: 15 new changesets Message-ID: <20110620215727.4C4C94718F@hg.openjdk.java.net> Changeset: 9ff91d0e7154 Author: schien Date: 2011-06-07 14:01 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/langtools/rev/9ff91d0e7154 Added tag jdk7-b145 for changeset c455e2ae5c93 ! .hgtags Changeset: b8a2c9c87018 Author: lana Date: 2011-06-10 11:44 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/langtools/rev/b8a2c9c87018 Merge Changeset: 588d366d96df Author: asaha Date: 2011-04-21 16:16 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/langtools/rev/588d366d96df Merge Changeset: 219b522d09e4 Author: asaha Date: 2011-05-04 12:00 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/langtools/rev/219b522d09e4 Merge Changeset: 145d832616d3 Author: asaha Date: 2011-05-05 22:30 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/langtools/rev/145d832616d3 Merge Changeset: 8b6e015ae7d0 Author: asaha Date: 2011-05-24 11:12 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/langtools/rev/8b6e015ae7d0 Merge - test/tools/javac/generics/diamond/7030150/Neg01.java - test/tools/javac/generics/diamond/7030150/Neg01.out - test/tools/javac/generics/diamond/7030150/Neg02.java - test/tools/javac/generics/diamond/7030150/Neg02.out - test/tools/javac/generics/diamond/7030150/Neg03.java - test/tools/javac/generics/diamond/7030150/Neg03.out - test/tools/javac/generics/diamond/7030150/Pos01.java - test/tools/javac/generics/diamond/7030150/Pos02.java Changeset: 35cc19ae29b5 Author: asaha Date: 2011-05-26 17:26 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/langtools/rev/35cc19ae29b5 Merge Changeset: 8b65930602c3 Author: asaha Date: 2011-05-26 21:42 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/langtools/rev/8b65930602c3 Merge Changeset: 0adb806caf9d Author: asaha Date: 2011-06-06 10:22 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/langtools/rev/0adb806caf9d Merge Changeset: bb1fdcebde01 Author: asaha Date: 2011-06-03 07:54 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/langtools/rev/bb1fdcebde01 Merge Changeset: 8ed03b0e3c9c Author: asaha Date: 2011-06-06 11:08 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/langtools/rev/8ed03b0e3c9c Merge Changeset: f494ca4bca0d Author: lana Date: 2011-06-15 16:11 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/langtools/rev/f494ca4bca0d Merge Changeset: 7eba9df190ae Author: bpatel Date: 2011-06-17 20:12 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/langtools/rev/7eba9df190ae 7052425: Change the look and feel of the javadoc generate HTML pages using stylesheet Reviewed-by: jjg ! src/share/classes/com/sun/tools/doclets/formats/html/HtmlDoclet.java + src/share/classes/com/sun/tools/doclets/internal/toolkit/resources/background.gif - src/share/classes/com/sun/tools/doclets/internal/toolkit/resources/inherit.gif ! src/share/classes/com/sun/tools/doclets/internal/toolkit/resources/stylesheet.css + src/share/classes/com/sun/tools/doclets/internal/toolkit/resources/tab.gif + src/share/classes/com/sun/tools/doclets/internal/toolkit/resources/titlebar.gif + src/share/classes/com/sun/tools/doclets/internal/toolkit/resources/titlebar_end.gif ! test/com/sun/javadoc/AccessH1/AccessH1.java ! test/com/sun/javadoc/testStylesheet/TestStylesheet.java Changeset: c3a3440fe6e8 Author: bpatel Date: 2011-06-17 20:14 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/langtools/rev/c3a3440fe6e8 Merge Changeset: 9425dd4f53d5 Author: schien Date: 2011-06-18 09:04 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/langtools/rev/9425dd4f53d5 Merge From lana.steuck at oracle.com Mon Jun 20 14:57:16 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Mon, 20 Jun 2011 21:57:16 +0000 Subject: hg: jdk7/tl/hotspot: 42 new changesets Message-ID: <20110620215834.D28B147190@hg.openjdk.java.net> Changeset: 9340a27154cb Author: kvn Date: 2011-05-25 21:17 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/9340a27154cb 7048332: Cadd_cmpLTMask doesn't handle 64-bit tmp register properly Summary: Use ins_encode %{ %} form to encode cadd_cmpLTMask() instruction and remove unused code. Reviewed-by: never ! src/cpu/x86/vm/x86_64.ad + test/compiler/7048332/Test7048332.java Changeset: ea0da5474c23 Author: kvn Date: 2011-05-27 12:47 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/ea0da5474c23 7047069: Array can dynamically change size when assigned to an object field Summary: Fix initialization of a newly-allocated array with arraycopy Reviewed-by: never ! src/share/vm/opto/library_call.cpp + test/compiler/7047069/Test7047069.java Changeset: 88559690c95a Author: never Date: 2011-05-26 14:44 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/88559690c95a 7047961: JSR 292 MethodHandleWalk swap args doesn't handle T_LONG and T_DOUBLE properly Reviewed-by: kvn, jrose ! src/share/vm/prims/methodHandleWalk.cpp ! src/share/vm/prims/methodHandleWalk.hpp ! src/share/vm/prims/methodHandles.cpp Changeset: 442ef93966a9 Author: iveresov Date: 2011-05-26 13:15 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/442ef93966a9 7047491: C1: registers saved incorrectly when calling checkcast_arraycopy stub Summary: Save and restore the argument registers around the call to checkcast_arraycopy Reviewed-by: never, roland ! src/cpu/x86/vm/c1_LIRAssembler_x86.cpp Changeset: 3f7a95be91ef Author: iveresov Date: 2011-06-01 12:15 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/3f7a95be91ef Merge Changeset: 7c907a50c1bb Author: iveresov Date: 2011-06-01 14:46 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/7c907a50c1bb Merge Changeset: f88fb2fa90cf Author: kvn Date: 2011-05-31 10:05 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/f88fb2fa90cf 6956668: misbehavior of XOR operator (^) with int Summary: optimize cmp_ne(xor(X,1),0) to cmp_eq(X,0) only for boolean values X. Reviewed-by: never ! src/share/vm/opto/subnode.cpp + test/compiler/6956668/Test6956668.java Changeset: ba550512d3b2 Author: jrose Date: 2011-06-01 23:25 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/ba550512d3b2 7049415: Failure of resolution of sym.reference to the c.s.s. should be wrapped in BootstrapMethodError Summary: Delegate invokedynamic linkage errors to MethodHandleNatives.raiseException. Reviewed-by: never ! src/share/vm/classfile/systemDictionary.hpp ! src/share/vm/classfile/vmSymbols.hpp ! src/share/vm/interpreter/linkResolver.cpp ! src/share/vm/prims/methodHandles.cpp ! src/share/vm/prims/methodHandles.hpp Changeset: c76d5f44a3fe Author: jrose Date: 2011-06-01 23:25 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/c76d5f44a3fe 7049410: JSR 292 old method name MethodHandle.invokeGeneric should not be accepted by the JVM Summary: change the default setting of the flag AllowInvokeGeneric to false Reviewed-by: never ! src/share/vm/runtime/globals.hpp Changeset: deaa3ce90583 Author: coleenp Date: 2011-06-02 14:17 -0400 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/deaa3ce90583 7049928: VM crashes with "assert(_adapter != NULL) failed: must have" at methodOop.cpp:63 Summary: Removed extra change from another bug fix that caused this regression Reviewed-by: phh, dcubed, kvn, kamg, never ! src/share/vm/oops/methodOop.cpp Changeset: e5ae807761b8 Author: trims Date: 2011-06-03 17:09 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/e5ae807761b8 Added tag hs21-b14 for changeset 62f39d40ebf1 ! .hgtags Changeset: 82a81d5c5700 Author: trims Date: 2011-06-03 20:13 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/82a81d5c5700 Merge Changeset: 48ceeec759b6 Author: schien Date: 2011-06-07 14:00 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/48ceeec759b6 Added tag jdk7-b145 for changeset 82a81d5c5700 ! .hgtags Changeset: 12537a93a848 Author: asaha Date: 2011-04-08 21:37 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/12537a93a848 Merge Changeset: 540930dc854d Author: kamg Date: 2011-04-12 16:42 -0400 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/540930dc854d 7020373: JSR rewriting can overflow memory address size variables Summary: Abort if incoming classfile's parameters would cause overflows Reviewed-by: coleenp, dcubed, never ! src/share/vm/oops/generateOopMap.cpp + test/runtime/7020373/Test7020373.sh + test/runtime/7020373/testcase.jar Changeset: f0914807c671 Author: asaha Date: 2011-04-20 07:43 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/f0914807c671 Merge Changeset: bad27cd3f646 Author: asaha Date: 2011-04-21 08:12 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/bad27cd3f646 Merge Changeset: 5e00ed79c8bb Author: asaha Date: 2011-04-21 16:38 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/5e00ed79c8bb Merge Changeset: c97b08c7d72a Author: asaha Date: 2011-04-21 22:07 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/c97b08c7d72a Merge Changeset: 5def270bc147 Author: zgu Date: 2011-04-15 09:34 -0400 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/5def270bc147 7016797: Hotspot: securely/restrictive load dlls and new API for loading system dlls Summary: Created Windows Dll wrapped to handle jdk6 and jdk7 platform requirements, also provided more restictive Dll search orders for Windows system Dlls. Reviewed-by: acorn, dcubed, ohair, alanb ! make/windows/makefiles/compile.make ! src/os/windows/vm/decoder_windows.cpp ! src/os/windows/vm/jvm_windows.h ! src/os/windows/vm/os_windows.cpp ! src/os/windows/vm/os_windows.hpp Changeset: 089aee76df10 Author: asaha Date: 2011-05-04 16:38 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/089aee76df10 Merge ! src/os/windows/vm/os_windows.cpp Changeset: ba2db55ddf8b Author: asaha Date: 2011-05-05 22:28 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/ba2db55ddf8b Merge - make/linux/makefiles/cscope.make - make/solaris/makefiles/cscope.make Changeset: 66c17ec20ee2 Author: asaha Date: 2011-05-06 14:32 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/66c17ec20ee2 Merge Changeset: 7c948af3e651 Author: asaha Date: 2011-05-24 11:09 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/7c948af3e651 Merge ! src/os/windows/vm/os_windows.cpp Changeset: ec7055a259a6 Author: asaha Date: 2011-05-26 17:24 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/ec7055a259a6 Merge Changeset: 8d5208b557b3 Author: asaha Date: 2011-05-26 21:36 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/8d5208b557b3 Merge Changeset: 7bf54248da9f Author: asaha Date: 2011-06-06 10:18 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/7bf54248da9f Merge Changeset: a983caeb2b3e Author: asaha Date: 2011-06-03 07:53 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/a983caeb2b3e Merge Changeset: 0e9653efc6ea Author: asaha Date: 2011-06-06 10:55 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/0e9653efc6ea Merge Changeset: a884a8b0ec6d Author: asaha Date: 2011-06-15 14:59 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/a884a8b0ec6d 7055247: Ignore test of # 7020373 Reviewed-by: dcubed ! test/runtime/7020373/Test7020373.sh Changeset: 9d7c66d9a203 Author: lana Date: 2011-06-15 16:04 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/9d7c66d9a203 Merge Changeset: f56542cb325a Author: never Date: 2011-06-02 13:36 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/f56542cb325a 7050554: JSR 292 - need optimization for selectAlternative Reviewed-by: kvn, jrose ! src/share/vm/ci/ciCallProfile.hpp ! src/share/vm/ci/ciMethodHandle.cpp ! src/share/vm/ci/ciMethodHandle.hpp ! src/share/vm/compiler/compileBroker.cpp ! src/share/vm/opto/callGenerator.cpp ! src/share/vm/opto/callGenerator.hpp ! src/share/vm/opto/doCall.cpp Changeset: f7d55ea6ee56 Author: never Date: 2011-06-03 22:31 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/f7d55ea6ee56 7045514: SPARC assembly code for JSR 292 ricochet frames Reviewed-by: kvn, jrose ! src/cpu/sparc/vm/assembler_sparc.cpp ! src/cpu/sparc/vm/assembler_sparc.hpp ! src/cpu/sparc/vm/assembler_sparc.inline.hpp ! src/cpu/sparc/vm/frame_sparc.cpp ! src/cpu/sparc/vm/methodHandles_sparc.cpp + src/cpu/sparc/vm/methodHandles_sparc.hpp ! src/cpu/sparc/vm/registerMap_sparc.hpp ! src/cpu/sparc/vm/runtime_sparc.cpp ! src/cpu/sparc/vm/sharedRuntime_sparc.cpp ! src/cpu/sparc/vm/stubRoutines_sparc.hpp ! src/cpu/sparc/vm/templateInterpreter_sparc.cpp ! src/cpu/x86/vm/assembler_x86.cpp ! src/cpu/x86/vm/methodHandles_x86.cpp ! src/cpu/x86/vm/methodHandles_x86.hpp ! src/cpu/x86/vm/runtime_x86_32.cpp ! src/cpu/x86/vm/sharedRuntime_x86_32.cpp ! src/cpu/x86/vm/sharedRuntime_x86_64.cpp ! src/cpu/x86/vm/stubRoutines_x86_32.hpp ! src/cpu/x86/vm/stubRoutines_x86_64.hpp ! src/share/vm/compiler/oopMap.cpp ! src/share/vm/opto/runtime.cpp ! src/share/vm/prims/methodHandleWalk.cpp ! src/share/vm/prims/methodHandleWalk.hpp ! src/share/vm/prims/methodHandles.cpp ! src/share/vm/prims/methodHandles.hpp ! src/share/vm/runtime/sharedRuntime.cpp ! src/share/vm/runtime/sharedRuntime.hpp Changeset: 293f68bda347 Author: kvn Date: 2011-06-04 10:36 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/293f68bda347 7050280: assert(u->as_Unlock()->is_eliminated()) failed: sanity Summary: Mark all associated (same box and obj) lock and unlock nodes for elimination if some of them marked already. Reviewed-by: iveresov, never ! src/share/vm/opto/escape.cpp ! src/share/vm/opto/macro.cpp ! src/share/vm/opto/macro.hpp Changeset: 14d3cdeabc9f Author: trims Date: 2011-06-07 16:40 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/14d3cdeabc9f Added tag hs21-b15 for changeset 82a81d5c5700 ! .hgtags Changeset: 67c0f5f5deac Author: trims Date: 2011-06-07 16:44 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/67c0f5f5deac Merge Changeset: 07c2e7ffd1fc Author: jrose Date: 2011-06-08 17:04 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/07c2e7ffd1fc 7047697: MethodHandle.invokeExact call for wrong method causes VM failure if run with -Xcomp Reviewed-by: never, twisti ! src/cpu/x86/vm/assembler_x86.cpp ! src/cpu/x86/vm/assembler_x86.hpp ! src/cpu/x86/vm/frame_x86.inline.hpp ! src/cpu/x86/vm/methodHandles_x86.cpp ! src/share/vm/code/pcDesc.cpp Changeset: 15e7628f9e92 Author: trims Date: 2011-06-16 19:26 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/15e7628f9e92 Merge Changeset: fc043ce2136c Author: trims Date: 2011-06-16 19:26 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/fc043ce2136c 7055788: Bump the HS21 build number to 16 Summary: Update the HS21 build number to 16 Reviewed-by: jcoomes ! make/hotspot_version Changeset: a9b8b43b115f Author: never Date: 2011-06-14 14:41 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/a9b8b43b115f 7052219: JSR 292: Crash in ~BufferBlob::MethodHandles adapters Reviewed-by: twisti, kvn, jrose ! src/cpu/sparc/vm/methodHandles_sparc.cpp ! src/cpu/x86/vm/methodHandles_x86.cpp ! src/share/vm/prims/methodHandleWalk.cpp ! src/share/vm/prims/methodHandles.cpp ! src/share/vm/prims/methodHandles.hpp ! src/share/vm/runtime/globals.hpp ! src/share/vm/runtime/stubCodeGenerator.cpp ! src/share/vm/runtime/stubCodeGenerator.hpp Changeset: 3275a6560cf7 Author: twisti Date: 2011-06-14 12:25 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/3275a6560cf7 7053520: JSR292: crash in invokedynamic with C1 using tiered and compressed oops Reviewed-by: iveresov, never ! src/share/vm/c1/c1_LIRGenerator.cpp Changeset: 38fa55e5e792 Author: never Date: 2011-06-16 13:46 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/38fa55e5e792 7055355: JSR 292: crash while throwing WrongMethodTypeException Reviewed-by: jrose, twisti, bdelsart ! src/cpu/sparc/vm/methodHandles_sparc.cpp ! src/cpu/sparc/vm/stubGenerator_sparc.cpp ! src/cpu/sparc/vm/templateInterpreter_sparc.cpp ! src/cpu/x86/vm/methodHandles_x86.cpp ! src/cpu/x86/vm/stubGenerator_x86_32.cpp ! src/cpu/x86/vm/stubGenerator_x86_64.cpp ! src/cpu/x86/vm/templateInterpreter_x86_32.cpp ! src/cpu/x86/vm/templateInterpreter_x86_64.cpp ! src/cpu/zero/vm/cppInterpreter_zero.cpp ! src/share/vm/interpreter/interpreterRuntime.cpp ! src/share/vm/interpreter/interpreterRuntime.hpp ! src/share/vm/interpreter/templateInterpreter.cpp ! src/share/vm/interpreter/templateInterpreterGenerator.hpp ! src/share/vm/prims/methodHandles.cpp ! src/share/vm/runtime/sharedRuntime.cpp ! src/share/vm/runtime/sharedRuntime.hpp ! src/share/vm/runtime/stubRoutines.cpp ! src/share/vm/runtime/stubRoutines.hpp From lana.steuck at oracle.com Mon Jun 20 14:59:22 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Mon, 20 Jun 2011 21:59:22 +0000 Subject: hg: jdk7/tl/jdk: 52 new changesets Message-ID: <20110620220803.CCB6947192@hg.openjdk.java.net> Changeset: 8318d03e1766 Author: jrose Date: 2011-06-01 23:56 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/8318d03e1766 7049415: Failure of resolution of sym.reference to the c.s.s. should be wrapped in BootstrapMethodError Summary: Wrap invokedynamic linkage errors in BootstrapMethodError, as needed. Reviewed-by: never ! src/share/classes/java/lang/invoke/MethodHandleNatives.java Changeset: 0b8b6eace473 Author: jrose Date: 2011-06-01 23:56 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/0b8b6eace473 7050328: (jsr-292) findConstructor throws ExceptionInInitializerError if run under SecurityManager Summary: Wrap system property and reflection accesses under doPrivileged. Ensure constant pool linkage bypasses the SM as specified. Reviewed-by: kvn, never ! src/share/classes/java/lang/invoke/MethodHandleImpl.java ! src/share/classes/java/lang/invoke/MethodHandleNatives.java ! src/share/classes/java/lang/invoke/MethodHandleStatics.java ! src/share/classes/java/lang/invoke/MethodHandles.java ! src/share/classes/sun/invoke/util/ValueConversions.java ! test/java/lang/invoke/InvokeDynamicPrintArgs.java Changeset: 34481a4012c3 Author: jrose Date: 2011-06-01 23:56 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/34481a4012c3 7049122: java/lang/invoke/RicochetTest.java with MAX_ARITY=255 in -Xcomp mode overflows code cache Summary: reduce the scope of the unit test (mark high water mark of testing with @ignore tags) Reviewed-by: never ! test/java/lang/invoke/RicochetTest.java Changeset: 802994506203 Author: jrose Date: 2011-06-03 11:20 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/802994506203 7051206: JSR 292 method name SwitchPoint.isValid is misleading to unwary users; should be hasBeenInvalidated Reviewed-by: kvn, never, ysr ! src/share/classes/java/lang/invoke/SwitchPoint.java ! test/java/lang/invoke/JavaDocExamplesTest.java Changeset: e8e6cdff5995 Author: trims Date: 2011-06-03 20:13 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/e8e6cdff5995 Merge Changeset: 8f19b165347b Author: bae Date: 2011-06-04 23:08 +0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/8f19b165347b 7042594: 3 testis api/java_awt/Color/ICC_ProfileRGB/index.html fail against RI b138 OEL6x64. Reviewed-by: prr ! src/share/classes/java/awt/color/ICC_Profile.java ! src/share/native/sun/java2d/cmm/lcms/LCMS.c ! src/share/native/sun/java2d/cmm/lcms/cmsio0.c ! test/sun/java2d/cmm/ProfileOp/ReadWriteProfileTest.java + test/sun/java2d/cmm/ProfileOp/SetDataTest.java Changeset: bbb4cef2208b Author: lana Date: 2011-06-04 17:30 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/bbb4cef2208b Merge Changeset: 03a828e368ca Author: rupashka Date: 2011-06-04 01:13 +0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/03a828e368ca 6977587: GTK L&F: jnlp: java.io.IOException thrown when choosing more than 1 file in the dialog Reviewed-by: alexp ! src/share/classes/com/sun/java/swing/plaf/gtk/GTKFileChooserUI.java Changeset: 6c9c55ae313b Author: lana Date: 2011-06-03 22:14 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/6c9c55ae313b Merge Changeset: e81d259442ed Author: lana Date: 2011-06-04 17:32 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/e81d259442ed Merge Changeset: 1e04b38b3824 Author: lana Date: 2011-06-04 17:33 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/1e04b38b3824 Merge Changeset: 7a341c412ea9 Author: schien Date: 2011-06-07 14:01 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/7a341c412ea9 Added tag jdk7-b145 for changeset 1e04b38b3824 ! .hgtags Changeset: ae731399e525 Author: dav Date: 2011-06-07 22:58 +0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/ae731399e525 7048568: Crash in Java_sun_awt_Win32GraphicsEnvironment_isVistaOS Reviewed-by: dcherepanov, art, amenkov ! src/windows/native/sun/windows/awt_Win32GraphicsDevice.cpp Changeset: f08fcae94813 Author: lana Date: 2011-06-10 11:43 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/f08fcae94813 Merge Changeset: 646ab254ff80 Author: lana Date: 2011-06-10 11:44 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/646ab254ff80 Merge Changeset: aca0dc2b921c Author: weijun Date: 2011-02-09 11:50 +0800 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/aca0dc2b921c 6618658: Deserialization allows creation of mutable SignedObject Reviewed-by: hawtin, mullan ! src/share/classes/java/security/SignedObject.java + test/java/security/SignedObject/Correctness.java Changeset: df445f522425 Author: bae Date: 2011-02-17 12:21 +0300 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/df445f522425 7013519: [parfait] Integer overflows in 2D code Reviewed-by: prr, valeriep ! src/share/native/sun/awt/image/jpeg/imageioJPEG.c ! src/share/native/sun/font/layout/SunLayoutEngine.cpp Changeset: ccb2fcfb6d6b Author: chegar Date: 2011-02-18 13:31 +0000 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/ccb2fcfb6d6b 7013969: NetworkInterface.toString can reveal bindings Reviewed-by: alanb, michaelm, hawtin ! src/share/classes/java/net/NetworkInterface.java Changeset: 026adaac71f1 Author: dcherepanov Date: 2011-02-25 15:54 +0300 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/026adaac71f1 7012520: Heap overflow vulnerability in FileDialog.show() Reviewed-by: art, anthony ! src/windows/native/sun/windows/awt_FileDialog.cpp Changeset: d489f00d6c65 Author: flar Date: 2011-03-02 05:35 -0800 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/d489f00d6c65 7016495: Crash in Java 2D transforming an image with scale close to zero Reviewed-by: prr, bae ! src/share/classes/sun/java2d/pipe/DrawImage.java ! src/share/native/sun/java2d/loops/TransformHelper.c + test/java/awt/image/BufferedImage/TinyScale.java Changeset: fe27fe44ac51 Author: ksrini Date: 2011-03-03 14:16 -0800 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/fe27fe44ac51 7016985: (launcher) implement safe secure dll loading Reviewed-by: mchung ! src/windows/bin/java_md.c Changeset: 0efa64f13302 Author: chegar Date: 2011-04-05 14:49 +0100 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/0efa64f13302 7033865: JDK: Add private API for secure/restrictive loading of system dlls Reviewed-by: alanb ! src/share/native/common/jdk_util.h + src/solaris/native/common/jdk_util_md.h ! src/windows/native/common/jdk_util_md.c + src/windows/native/common/jdk_util_md.h Changeset: 67992a58bfba Author: ksrini Date: 2011-04-05 16:19 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/67992a58bfba 7032593: DLL_LOADING: Upgrade solution to 7016985 to reflect JDK7 solution Reviewed-by: mchung, asaha ! src/windows/bin/java_md.c Changeset: 7181441faf72 Author: dcherepanov Date: 2011-04-08 16:44 +0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/7181441faf72 7003962: AWT: securely load DLLs and launch executables using fully qualified path Reviewed-by: art, bae, alanb ! src/windows/native/sun/java2d/d3d/D3DPipelineManager.cpp ! src/windows/native/sun/java2d/opengl/OGLFuncs_md.h ! src/windows/native/sun/windows/DllUtil.cpp ! src/windows/native/sun/windows/DllUtil.h ! src/windows/native/sun/windows/ShellFolder2.cpp ! src/windows/native/sun/windows/ThemeReader.cpp ! src/windows/native/sun/windows/awt_Mlib.cpp ! src/windows/native/sun/windows/awt_TextArea.cpp ! src/windows/native/sun/windows/awt_TrayIcon.cpp ! src/windows/native/sun/windows/awt_Win32GraphicsEnv.cpp ! src/windows/native/sun/windows/stdhdrs.h Changeset: 05a3923f516f Author: dcherepanov Date: 2011-04-08 17:58 +0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/05a3923f516f 7035077: Minor addition to the changes for 7003962 Reviewed-by: chegar ! src/windows/native/sun/windows/DllUtil.cpp Changeset: afcc1530e68b Author: asaha Date: 2011-04-08 10:27 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/afcc1530e68b Merge - make/java/dyn/Makefile - src/share/classes/java/dyn/CallSite.java - src/share/classes/java/dyn/ClassValue.java - src/share/classes/java/dyn/ConstantCallSite.java - src/share/classes/java/dyn/InvokeDynamic.java - src/share/classes/java/dyn/InvokeDynamicBootstrapError.java - src/share/classes/java/dyn/Linkage.java - src/share/classes/java/dyn/MethodHandle.java - src/share/classes/java/dyn/MethodHandles.java - src/share/classes/java/dyn/MethodType.java - src/share/classes/java/dyn/MethodTypeForm.java - src/share/classes/java/dyn/MutableCallSite.java - src/share/classes/java/dyn/SwitchPoint.java - src/share/classes/java/dyn/VolatileCallSite.java - src/share/classes/java/dyn/WrongMethodTypeException.java - src/share/classes/java/dyn/package-info.java - src/share/classes/sun/dyn/Access.java - src/share/classes/sun/dyn/AdapterMethodHandle.java - src/share/classes/sun/dyn/BoundMethodHandle.java - src/share/classes/sun/dyn/CallSiteImpl.java - src/share/classes/sun/dyn/DirectMethodHandle.java - src/share/classes/sun/dyn/FilterGeneric.java - src/share/classes/sun/dyn/FilterOneArgument.java - src/share/classes/sun/dyn/FromGeneric.java - src/share/classes/sun/dyn/InvokeGeneric.java - src/share/classes/sun/dyn/Invokers.java - src/share/classes/sun/dyn/MemberName.java - src/share/classes/sun/dyn/MethodHandleImpl.java - src/share/classes/sun/dyn/MethodHandleNatives.java - src/share/classes/sun/dyn/MethodTypeImpl.java - src/share/classes/sun/dyn/SpreadGeneric.java - src/share/classes/sun/dyn/ToGeneric.java - src/share/classes/sun/dyn/WrapperInstance.java - src/share/classes/sun/dyn/anon/AnonymousClassLoader.java - src/share/classes/sun/dyn/anon/ConstantPoolParser.java - src/share/classes/sun/dyn/anon/ConstantPoolPatch.java - src/share/classes/sun/dyn/anon/ConstantPoolVisitor.java - src/share/classes/sun/dyn/anon/InvalidConstantPoolFormatException.java - src/share/classes/sun/dyn/empty/Empty.java - src/share/classes/sun/dyn/package-info.java - src/share/classes/sun/dyn/util/BytecodeDescriptor.java - src/share/classes/sun/dyn/util/BytecodeName.java - src/share/classes/sun/dyn/util/ValueConversions.java - src/share/classes/sun/dyn/util/VerifyAccess.java - src/share/classes/sun/dyn/util/VerifyType.java - src/share/classes/sun/dyn/util/Wrapper.java - src/share/classes/sun/dyn/util/package-info.java ! src/share/native/sun/awt/image/jpeg/imageioJPEG.c - test/java/dyn/ClassValueTest.java - test/java/dyn/InvokeDynamicPrintArgs.java - test/java/dyn/InvokeGenericTest.java - test/java/dyn/JavaDocExamplesTest.java - test/java/dyn/MethodHandlesTest.java - test/java/dyn/MethodTypeTest.java - test/java/dyn/indify/Indify.java Changeset: 557bd9b5d92f Author: asaha Date: 2011-04-08 10:31 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/557bd9b5d92f Merge Changeset: e142148d8b54 Author: asaha Date: 2011-04-12 14:23 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/e142148d8b54 Merge - src/share/classes/sun/security/ssl/DefaultSSLContextImpl.java Changeset: 76e0e562b617 Author: dcherepanov Date: 2011-04-15 17:06 +0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/76e0e562b617 7036952: build warning after the changes for 7003962 Reviewed-by: art, bae ! src/windows/native/sun/java2d/opengl/OGLFuncs_md.h Changeset: f8eddc85cc02 Author: zgu Date: 2011-04-15 09:53 -0400 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/f8eddc85cc02 7003964: SERV: securely load DLLs and launch executables using fully qualified path Summary: Linked in Windows libraries that are available on jdk7 supported platforms, and used GetModuleHandle instead of LoadLibrary for already loaded Dlls. Reviewed-by: dcubed, alanb ! make/com/sun/tools/attach/Makefile ! src/windows/classes/sun/tools/attach/WindowsAttachProvider.java ! src/windows/native/sun/tools/attach/WindowsAttachProvider.c ! src/windows/native/sun/tools/attach/WindowsVirtualMachine.c ! src/windows/native/sun/tracing/dtrace/jvm_symbols_md.c ! src/windows/npt/npt_md.h Changeset: 0865aa0ad9b2 Author: zgu Date: 2011-04-19 10:26 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/0865aa0ad9b2 Merge Changeset: 6f8a4d334fb2 Author: asaha Date: 2011-04-20 09:31 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/6f8a4d334fb2 Merge ! make/com/sun/tools/attach/Makefile ! src/share/classes/java/net/NetworkInterface.java ! src/share/native/sun/awt/image/jpeg/imageioJPEG.c ! src/windows/bin/java_md.c ! src/windows/native/sun/windows/awt_TrayIcon.cpp ! src/windows/native/sun/windows/awt_Win32GraphicsEnv.cpp Changeset: f3645b5d6e62 Author: asaha Date: 2011-04-20 21:24 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/f3645b5d6e62 Merge Changeset: b626f78c57e1 Author: asaha Date: 2011-04-21 08:38 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/b626f78c57e1 Merge Changeset: cec45f3353be Author: asaha Date: 2011-04-21 08:37 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/cec45f3353be Merge Changeset: 6133c9ee3a01 Author: asaha Date: 2011-04-21 08:39 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/6133c9ee3a01 Merge Changeset: dd06e8d3da91 Author: asaha Date: 2011-04-21 15:43 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/dd06e8d3da91 Merge Changeset: b2295905901a Author: asaha Date: 2011-04-21 16:42 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/b2295905901a Merge - src/share/classes/sun/security/ssl/DefaultSSLContextImpl.java Changeset: 3fedf261fb4f Author: valeriep Date: 2011-04-26 15:59 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/3fedf261fb4f 7003952: SEC: securely load DLLs and launch executables using fully qualified path Summary: Enforce full path when specifying library locations. Reviewed-by: wetmore, ohair ! make/sun/security/pkcs11/Makefile ! src/share/classes/sun/security/pkcs11/Config.java ! src/share/classes/sun/security/pkcs11/Secmod.java ! src/share/native/sun/security/pkcs11/j2secmod.c + test/sun/security/pkcs11/Provider/Absolute.cfg + test/sun/security/pkcs11/Provider/Absolute.java Changeset: 94ea3b8288f1 Author: alexp Date: 2011-05-04 11:35 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/94ea3b8288f1 7020198: ImageIcon creates Component with null acc Reviewed-by: rupashka, hawtin ! src/share/classes/javax/swing/ImageIcon.java Changeset: e6fdfb249e31 Author: asaha Date: 2011-05-04 16:39 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/e6fdfb249e31 Merge - src/share/native/sun/font/layout/Features.h ! src/windows/native/sun/windows/awt_FileDialog.cpp - test/javax/swing/text/GlyphView/6539700/bug6539700.java Changeset: 49244980d692 Author: asaha Date: 2011-05-05 22:29 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/49244980d692 Merge - src/share/classes/sun/security/util/SignatureFileManifest.java Changeset: 647b031200f0 Author: asaha Date: 2011-05-06 14:33 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/647b031200f0 Merge Changeset: 92b5197e9ff5 Author: asaha Date: 2011-05-26 21:37 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/92b5197e9ff5 Merge ! src/windows/native/sun/java2d/d3d/D3DPipelineManager.cpp ! src/windows/native/sun/windows/awt_TrayIcon.cpp Changeset: cca9ea306c6e Author: asaha Date: 2011-05-26 21:51 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/cca9ea306c6e Merge Changeset: dab3e66ebda7 Author: lana Date: 2011-06-06 19:04 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/dab3e66ebda7 Merge Changeset: 9f17be5136d1 Author: wetmore Date: 2011-06-09 14:24 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/9f17be5136d1 7052537: java/security/Security/NotInstalledProviders.java is causing -samevm tests to fail. Reviewed-by: valeriep, asaha, alanb ! test/java/security/Security/NoInstalledProviders.java Changeset: 4961be00d3b5 Author: lana Date: 2011-06-15 16:10 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/4961be00d3b5 Merge Changeset: cf0632d2db2c Author: jrose Date: 2011-06-14 22:47 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/cf0632d2db2c 7052202: JSR 292: Crash in sun.invoke.util.ValueConversions.fillArray Summary: Fix corner cases involving MethodHandles.permuteArguments with long or double argument lists. Reviewed-by: twisti, never ! src/share/classes/java/lang/invoke/AdapterMethodHandle.java ! src/share/classes/java/lang/invoke/MethodHandleImpl.java ! src/share/classes/java/lang/invoke/MethodHandleNatives.java ! src/share/classes/java/lang/invoke/SwitchPoint.java + test/java/lang/invoke/PermuteArgsTest.java Changeset: a65fa0f6717e Author: trims Date: 2011-06-17 16:25 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/a65fa0f6717e Merge Changeset: c102e1221afa Author: lana Date: 2011-06-17 10:27 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/c102e1221afa Merge Changeset: 539e576793a8 Author: lana Date: 2011-06-18 10:12 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/539e576793a8 Merge From joe.darcy at oracle.com Mon Jun 20 17:21:09 2011 From: joe.darcy at oracle.com (joe.darcy at oracle.com) Date: Tue, 21 Jun 2011 00:21:09 +0000 Subject: hg: jdk8/tl/jdk: 7055295: (reflect) add conventional constructor to GenericSignatureFormatError Message-ID: <20110621002131.4BCCA471A5@hg.openjdk.java.net> Changeset: 3c8f939ced1c Author: darcy Date: 2011-06-20 17:20 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/3c8f939ced1c 7055295: (reflect) add conventional constructor to GenericSignatureFormatError Reviewed-by: lancea, mduigou ! src/share/classes/java/lang/reflect/GenericSignatureFormatError.java From weijun.wang at oracle.com Mon Jun 20 20:49:53 2011 From: weijun.wang at oracle.com (Weijun Wang) Date: Tue, 21 Jun 2011 11:49:53 +0800 Subject: Fix for: 6415637: PKCS#12 key stores with empty passwords In-Reply-To: <82sjr4ejoz.fsf@mid.bfk.de> References: <82sjr4ejoz.fsf@mid.bfk.de> Message-ID: <4E0014E1.3000108@oracle.com> Hi Florian Thanks for looking into this. The following bug is for this special purpose: 6879539? enable empty password support for pkcs12 keystore http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6879539 and it's now still in code review mode: http://cr.openjdk.java.net/~weijun/6879539/webrev.01/ http://cr.openjdk.java.net/~weijun/6880619/webrev.00/ It seems our implementations are the same. At first sight, your codes seem to use "char{}" as default and "char{0}" as alternative. But then, in your updated derive() method, "char{}" goes to "byte{0,0}" and "char{0}" goes to "byte{}". Finally, "byte{0,0}" always becomes the default key for an empty password. I think the sun.com still works for SCA/OCA. At least that's written on http://openjdk.java.net/contribute/. Thanks Max On 06/20/2011 09:06 PM, Florian Weimer wrote: > Hi, > > the patch below fixes two issues with PKCS#12 key stores: > > 1. The password and salt expansion resulted in a division by zero for > empty password strings. > > 2. Practically speaking, there are two different ways of deriving keys > from an empty passphrase: the terminating NUL character is required > by the specification, but is left out by some implementations > (including OpenJDK if the first bug is fixed). OpenSSL tries to > decrypt with both encodings, and the patch implements that as well. > It is difficult to properly implement the retry behavior without > changing any interfaces, so this patch uses "\0" for the password > *without* a NUL terminator. This is a bit confusing, but it ensures > that passing an empty string as the password creates a PKCS#12 store > which is compliant with the specification. > > Because of the division of zero issue, the second change does not > actually change behavior. > > Presumably, this does not count as a small change, so BFK needs to sign > a contributor agreement. Is the sun.com email address still the right > one to submit the scanned copy? > > Florian > > diff -r 77b101812a2e -r c49309b998ec src/share/classes/com/sun/crypto/provider/PBEKey.java > --- a/src/share/classes/com/sun/crypto/provider/PBEKey.java Tue Jun 14 13:16:19 2011 +0200 > +++ b/src/share/classes/com/sun/crypto/provider/PBEKey.java Fri Jun 17 15:05:06 2011 +0200 > @@ -56,9 +56,12 @@ > // Should allow an empty password. > passwd = new char[0]; > } > - for (int i=0; i - if ((passwd[i]< '\u0020') || (passwd[i]> '\u007E')) { > - throw new InvalidKeySpecException("Password is not ASCII"); > + // Accept "\0" to signify "zero-length password with no terminator". > + if (!(passwd.length == 1&& passwd[0] == 0)) { > + for (int i=0; i + if ((passwd[i]< '\u0020') || (passwd[i]> '\u007E')) { > + throw new InvalidKeySpecException("Password is not ASCII"); > + } > } > } > this.key = new byte[passwd.length]; > diff -r 77b101812a2e -r c49309b998ec src/share/classes/com/sun/crypto/provider/PKCS12PBECipherCore.java > --- a/src/share/classes/com/sun/crypto/provider/PKCS12PBECipherCore.java Tue Jun 14 13:16:19 2011 +0200 > +++ b/src/share/classes/com/sun/crypto/provider/PKCS12PBECipherCore.java Fri Jun 17 15:05:06 2011 +0200 > @@ -60,11 +60,15 @@ > > static byte[] derive(char[] chars, byte[] salt, > int ic, int n, int type) { > - // Add in trailing NULL terminator. > - int length = chars.length*2; > - if (length != 0) { > - length += 2; > - } > + // Add in trailing NULL terminator. Special case: > + // no terminator if password is "\0". > + int length = chars.length*2; > + if (length == 2&& chars[0] == 0) { > + chars = new char[0]; > + length = 0; > + } else > + length += 2; > + > byte[] passwd = new byte[length]; > for (int i = 0, j = 0; i< chars.length; i++, j+=2) { > passwd[j] = (byte) ((chars[i]>>> 8)& 0xFF); > @@ -133,6 +137,8 @@ > } > > private static void concat(byte[] src, byte[] dst, int start, int len) { > + if (src.length == 0) > + return; > int loop = len / src.length; > int off, i; > for (i = 0, off = 0; i< loop; i++, off += src.length) > diff -r 77b101812a2e -r c49309b998ec src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java > --- a/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java Tue Jun 14 13:16:19 2011 +0200 > +++ b/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java Fri Jun 17 15:05:06 2011 +0200 > @@ -256,11 +256,25 @@ > } > > try { > - // Use JCE > - SecretKey skey = getPBEKey(password); > - Cipher cipher = Cipher.getInstance(algOid.toString()); > - cipher.init(Cipher.DECRYPT_MODE, skey, algParams); > - byte[] privateKeyInfo = cipher.doFinal(encryptedKey); > + byte[] privateKeyInfo; > + while (true) { > + try { > + // Use JCE > + SecretKey skey = getPBEKey(password); > + Cipher cipher = Cipher.getInstance(algOid.toString()); > + cipher.init(Cipher.DECRYPT_MODE, skey, algParams); > + privateKeyInfo = cipher.doFinal(encryptedKey); > + break; > + } catch (Exception e) { > + if (password.length == 0) { > + // Retry using an empty password > + // without a NULL terminator. > + password = new char[1]; > + continue; > + } > + throw e; > + } > + } > > PKCS8EncodedKeySpec kspec = new PKCS8EncodedKeySpec(privateKeyInfo); > > @@ -1272,18 +1286,26 @@ > ObjectIdentifier algOid = in.getOID(); > AlgorithmParameters algParams = parseAlgParameters(in); > > - try { > - // Use JCE > - SecretKey skey = getPBEKey(password); > - Cipher cipher = Cipher.getInstance(algOid.toString()); > - cipher.init(Cipher.DECRYPT_MODE, skey, algParams); > - safeContentsData = cipher.doFinal(safeContentsData); > - > - } catch (Exception e) { > - IOException ioe = new IOException("failed to decrypt safe" > - + " contents entry: " + e); > - ioe.initCause(e); > - throw ioe; > + while (true) { > + try { > + // Use JCE > + SecretKey skey = getPBEKey(password); > + Cipher cipher = Cipher.getInstance(algOid.toString()); > + cipher.init(Cipher.DECRYPT_MODE, skey, algParams); > + safeContentsData = cipher.doFinal(safeContentsData); > + break; > + } catch (Exception e) { > + if (password.length == 0) { > + // Retry using an empty password > + // without a NULL terminator. > + password = new char[1]; > + continue; > + } > + IOException ioe = new IOException( > + "failed to decrypt safe contents entry: " + e); > + ioe.initCause(e); > + throw ioe; > + } > } > } else { > throw new IOException("public key protected PKCS12" + > diff -r 77b101812a2e -r c49309b998ec test/sun/security/pkcs12/Bug6415637.java > --- /dev/null Thu Jan 01 00:00:00 1970 +0000 > +++ b/test/sun/security/pkcs12/Bug6415637.java Fri Jun 17 15:05:06 2011 +0200 > @@ -0,0 +1,291 @@ > +import java.io.ByteArrayInputStream; > +import java.math.BigInteger; > +import java.security.KeyStore; > +import java.security.cert.X509Certificate; > +import java.security.interfaces.RSAPrivateCrtKey; > + > +/* > + * @test > + * @bug 6415637 > + * @summary Support PKCS#12 key stores protected with an empty password > + * @author Florian Weimer > + */ > + > +public class Bug6415637 { > + > + public static void main(String[] args) throws Exception { > + check(WITH_NULL); > + check(WITHOUT_NULL); > + } > + > + private static void check(String encodedBlob) throws Exception { > + byte[] blob = new byte[encodedBlob.length() * 2]; > + for (int i = 0; i< blob.length; ) { > + final char ch = encodedBlob.charAt(i / 2); > + blob[i++] = (byte) (ch>> 8); > + blob[i++] = (byte) ch; > + } > + KeyStore store = KeyStore.getInstance("PKCS12"); > + store.load(new ByteArrayInputStream(blob), new char[0]); > + if (!store.aliases().nextElement().equals("test")) > + throw new Exception("test alias not found"); > + KeyStore.PrivateKeyEntry e = > + (KeyStore.PrivateKeyEntry) store.getEntry("test", > + new KeyStore.PasswordProtection(new char[0])); > + X509Certificate cert = (X509Certificate) e.getCertificateChain()[0]; > + if (!cert.getSubjectDN().toString().equals("CN=Test Key")) > + throw new Exception("invalid certificate subject DN"); > + RSAPrivateCrtKey key = (RSAPrivateCrtKey) e.getPrivateKey(); > + if (!key.getPublicExponent().equals(BigInteger.valueOf(65537))) > + throw new Exception("invalid public exponent"); > + } > + > + private static final String WITH_NULL = > + "\u3082\u097c\u0201\u0330\u8209\u3606\u092a\u8648\u86f7\u0d01" + > + "\u0701\ua082\u0927\u0482\u0923\u3082\u091f\u3082\u0564\u0609" + > + "\u2a86\u4886\uf70d\u0107\u01a0\u8205\u5504\u8205\u5130\u8205" + > + "\u4d30\u8205\u4906\u0b2a\u8648\u86f7\u0d01\u0c0a\u0102\ua082" + > + "\u04fa\u3082\u04f6\u3028\u060a\u2a86\u4886\uf70d\u010c\u0103" + > + "\u301a\u0414\u8317\ucfd6\u89ab\uc03b\u79d6\u4c45\u1b10\uc3bd" + > + "\u3923\ub806\u0202\u0400\u0482\u04c8\ud51d\uf953\ud79e\u92c6" + > + "\u83c0\u92dc\ucd05\u69ab\ucc1b\ud538\u2ed9\u7796\ua426\uc14e" + > + "\udcbf\ue541\u40be\ud264\u3b5b\uf51f\u8e1a\u892f\u2813\ucdd6" + > + "\uf72e\uef55\u35ef\u4620\ude18\ued5e\ufae0\ubed4\uf84e\u276b" + > + "\u3596\uc33f\ub251\ue617\u6e00\ua80f\u6c82\u4acd\u7303\u26be" + > + "\uffb5\u1e49\u5fb1\uf87c\ua873\ue60a\u7415\u655c\u39f1\ucf16" + > + "\u8f5c\u85c6\u4100\u4130\u565b\u649a\u60d6\u6054\u868d\u7267" + > + "\u97a8\u8492\uc5a0\udb5e\u2880\udf55\ub0ee\ua641\u8224\u76d2" + > + "\u9b1e\u2a67\u1e32\ue1fc\u0a77\u435b\u669f\ued00\u6c30\u963f" + > + "\u7ee3\uc5c8\u198f\u8ede\u30e1\u015d\u1195\uc850\u3371\ub9e5" + > + "\u6968\u84c3\ub0e4\u22b7\u2a08\u4a9d\u9166\ua9ba\ud945\u0529" + > + "\ue1e7\u8aba\ub4ef\u7445\udc9a\ucf73\ud77b\ufafe\ue1df\u3180" + > + "\u9585\ued73\uca40\u06b0\ufdee\u95ba\u1aa3\ubd67\ua5c1\u84b4" + > + "\u4b50\uc1e1\u4547\ud837\u21bc\uac0d\u0a65\uebb5\u7281\ud9bc" + > + "\u2e2c\ua9bc\u7714\u0fc0\uab41\uce09\ud5e8\u5f8c\uc35d\uba6e" + > + "\u98a2\u95c3\u87ff\uba8c\u056a\udc9f\uf254\u3d38\uf40a\u77dd" + > + "\u4e30\u01de\ubef7\ud288\ue59c\ua143\ub30b\ud0ae\u63b9\u138b" + > + "\uc793\u3474\u18ca\udeed\u78d9\u2ae8\u63cc\ua5d1\u6779\u0229" + > + "\u7b72\ucfd4\ueecb\ue167\u08c0\u7556\u181d\u8d62\uc401\ub092" + > + "\u8cf5\ued71\uf29f\u843e\u13e1\u7e7b\uf589\u0329\u92bd\ud0e3" + > + "\u8dcc\u7541\uf195\ueef2\u3f3a\ueb01\uf5b0\u1869\u2216\uf351" + > + "\u488d\udffb\u6243\u1121\u9447\u8a3a\u006f\u008c\ue2b3\ued31" + > + "\u7f57\u6492\ue02f\u6f68\u387d\u58c0\uaadf\u2ee3\uf304\u3de9" + > + "\u9741\u47fa\udde8\ufe8a\u679a\u597d\u8c7c\u9c71\u570e\u1dbd" + > + "\ud555\ue853\uff63\u0fcb\u4b28\u3691\u33c8\uc31f\uc510\u6cba" + > + "\ud92c\u6462\u733a\u739e\uc792\ud861\u743e\u3bd3\u006b\u2276" + > + "\u9fb3\u0a31\u1eb3\ub97e\u4a80\uc076\uaabc\u35a0\u678d\u17c3" + > + "\ua225\ua77c\u7d9c\uef2d\u83e2\u6996\uba70\uf6f8\u79a1\u9399" + > + "\uc86b\u1cc5\ub2a5\u02c1\ud676\ua274\u4933\u6c60\u6832\ub0be" + > + "\u5354\u5af9\uae23\u0963\u722d\u9ad2\u4461\ub768\u2068\u0ccb" + > + "\u94fd\u88ac\u0f58\u3bc0\u212d\u30c8\u8860\uf7c9\u1dde\ub6b4" + > + "\u3549\u5bcd\ucf83\u9420\u3a40\u16ad\uc4d7\ucd87\ue73a\ue1c7" + > + "\u21df\u7f4f\u8659\u9f79\u5b36\uf206\uac66\uc9f3\u6336\u164d" + > + "\u9046\uf4d5\u285d\ufcd8\ubd55\u1fb9\ua533\u9101\u1e87\uc7b0" + > + "\u64e9\u3817\u216c\u8d41\uba51\u743a\uc74e\ue4ab\u2820\u972f" + > + "\ue191\u85b4\u0ea7\ud896\u23cf\u7df5\u1653\ua9f3\ub724\ucbc9" + > + "\u9738\ud2f8\u464e\ucf12\u99b8\u64e0\uf03b\u8d02\u85a8\uab52" + > + "\u8da3\uea34\ube99\ue5f8\u2b38\ub082\u399d\ue61e\u64a1\u7f90" + > + "\u26e9\ueb74\u6107\ufe2f\u82ca\u87a5\u3028\u8e1f\ue859\u61d4" + > + "\ud26d\u23a9\uaadc\u02a7\u8ab2\u43d4\uf6b9\udf7a\u8935\u45a4" + > + "\ufad6\ue7e4\u92b7\u35d7\u1044\u8ed3\u74ef\uaaa9\u713f\u6ebc" + > + "\u1158\u5e5c\u7522\ufe17\ua515\u59a1\u75dd\ue7ac\uafd9\u16a9" + > + "\u190e\u18fc\uc041\ufc9e\u3e16\u60c4\ufe51\u6d53\ufa52\u4c08" + > + "\uce2a\ue546\u017b\ud96b\ube18\u8cb9\udd50\ued40\u14b0\u7da1" + > + "\u2f2c\ubf9d\uc7c7\u1b73\ua155\ucaf8\ue54d\uebb0\u160a\ubd64" + > + "\u5ef7\ue1cf\u4633\u86c1\ubc91\u839d\ub148\u9f31\uf2b1\ud133" + > + "\u168f\u9374\u4667\u6aa9\u0482\ua2a6\ub5c0\ud9b7\ua070\uf6bd" + > + "\u16fe\u0f41\u986b\u3d33\u7cb9\u291d\u24f0\u704a\uc946\u10a2" + > + "\udbcf\u6c5f\u5a83\u5507\u036e\ube9f\uf60a\u9da8\u72dd\u23c9" + > + "\u8878\udd67\uf486\u1384\u751f\u4694\uee3c\udc2e\ud5d7\ud99a" + > + "\u5ee2\u5455\ub82d\u1837\u336d\u5724\u635b\ubd0b\u2e7c\u92be" + > + "\u2110\u9c0e\u1662\u43f6\u62ae\u32e3\uaea4\u1cc5\uadc0\u7511" + > + "\u6ad4\u0228\ue399\u5741\u2050\ue31a\u7dc8\uf6db\u67bb\u994a" + > + "\u5b5a\uaac6\u2210\u95b0\u462e\u0684\u335e\uac36\u7ab9\uab1e" + > + "\u0b75\u0f05\u74c5\ufcb3\ua0a5\ube7e\u45f8\u92d5\u3399\u7dd6" + > + "\uf96e\u7e01\u7823\u6690\u231c\u4c47\u2d10\u7e7f\u5eb8\u70dd" + > + "\u98d2\u6204\u3a92\u3990\u502b\u7cdb\u952a\ufa97\uea3b\ud990" + > + "\u436f\uf33a\u070d\u2aff\u7497\u2591\u37e4\ua590\ue7ba\u2c1e" + > + "\u53d9\u73fa\udc53\u944f\ua3a5\u5093\u33a4\uf080\u1193\u37f2" + > + "\u7642\ub033\u7f90\u9b44\uff89\ue6ef\u81be\u9e6e\u68a4\u5a00" + > + "\u9232\u4372\u40aa\u2748\u229d\u534d\u316b\u6e89\ufcb7\uff2e" + > + "\ub654\u1649\ucb13\u3c28\u4940\u43aa\uc07d\u247c\u313c\u3017" + > + "\u0609\u2a86\u4886\uf70d\u0109\u1431\u0a1e\u0800\u7400\u6500" + > + "\u7300\u7430\u2106\u092a\u8648\u86f7\u0d01\u0915\u3114\u0412" + > + "\u5469\u6d65\u2031\u3330\u3833\u3132\u3234\u3236\u3437\u3082" + > + "\u03b3\u0609\u2a86\u4886\uf70d\u0107\u06a0\u8203\ua430\u8203" + > + "\ua002\u0100\u3082\u0399\u0609\u2a86\u4886\uf70d\u0107\u0130" + > + "\u2806\u0a2a\u8648\u86f7\u0d01\u0c01\u0630\u1a04\u14de\ud8d8" + > + "\ua792\uf9d9\u6875\ua51d\u98ec\udf03\uc2b6\u5100\u8a02\u0204" + > + "\u0080\u8203\u6074\ub909\u3c60\ua522\ue4ac\u0f60\u2396\u7baa" + > + "\ud208\ub76c\u89a5\ue4ef\u205d\u2062\u4a5b\ua684\uceae\u01b9" + > + "\u1e7a\u6e03\ud996\u555a\u615b\uba70\u406f\u80a9\u901e\ua947" + > + "\u5b8f\u73f3\udea3\ud8b1\u9782\uac87\u231a\udcd2\u3ef0\u3a17" + > + "\u4092\u509f\u0e79\u4cd7\u8516\u5111\uebe1\u86e0\uc548\u5ffc" + > + "\u9a99\u11ed\uef13\u17af\u2707\u8984\u8770\u7064\u1943\u1dd3" + > + "\u45cf\u9f80\u65f8\u9b3e\u1f70\u6bd0\uc726\u5506\ufb20\u6bdc" + > + "\uba8c\u0b19\ucd01\ud0f0\u7040\udf63\u48a5\udf5f\u6559\u1b33" + > + "\ubdae\u8183\uc13f\ued10\ud6dc\ud0f0\u6a7f\ubc36\uc7ca\u320f" + > + "\u50b8\ud422\ufd99\u8843\u65e8\ue201\u843b\u64ee\ub891\u3ba2" + > + "\uecae\ufda0\u72d6\u8394\u2551\ufc44\u3778\u27c3\u061a\u6d3b" + > + "\ubd80\ue010\u06df\u39e7\u3d6a\u5ae2\u93fa\u4de4\u938f\u6f27" + > + "\ufd39\u4380\u60da\uf215\u79d4\uf6f1\ua02f\u959a\ua0ea\u1c38" + > + "\u80e3\u2744\u7506\u54b3\u77ad\u18ce\ucfec\u555e\u7bbe\u2e2f" + > + "\u9900\ub2ef\ua5b9\ubdf0\u5e15\ua681\u92c7\u4f86\u2e1a\ub893" + > + "\u01fc\u01d2\ub674\uff19\u04c3\ua1a0\u2cea\u72e0\ua8f1\u1358" + > + "\ube79\u7caa\u269d\u728a\ue435\u37bd\u6495\uc106\u8830\u9b17" + > + "\ue16d\uef78\uae2b\u5313\u1c96\uc0ee\u3098\ud743\ucd1c\u7407" + > + "\uf4f9\uee72\ub95e\u31e7\u6435\u0173\u0336\u93c5\u8a1b\u05b4" + > + "\u4359\uc4be\ud92b\u8d21\u83a9\u32b7\u6433\ua9bc\u27c2\ud842" + > + "\ua4f2\u81c5\ua86c\u2fd2\uba30\u53bd\uc277\u659f\u203b\u60e5" + > + "\u37f7\u0984\u31c2\u838a\u2107\u5840\u6411\u1b8d\u044e\ub0b6" + > + "\uf558\ue6d3\u62bb\u5464\uf83a\u4d5b\uf153\u9e18\ua353\ubd05" + > + "\uf204\ud543\u037d\ue5aa\u473a\ueb13\uac19\u0494\ua08e\u76c3" + > + "\ufbd7\u9f1c\u8ca9\u57ad\ud218\uc018\u67ac\u0ae9\ub559\ufe38" + > + "\u5641\uec0c\ue0ee\u606c\u1989\ue5a2\uff09\u8c61\u1386\ueb51" + > + "\u7cbd\u95cd\u80c5\u3532\u8605\u596d\u4cfd\u7797\u1e82\ud2fe" + > + "\uad6b\ua16e\ub6cf\u8fce\ud5a9\u207f\u1d0a\udabe\uc3a6\u5633" + > + "\u2023\u925f\u809f\uee7c\u5362\u5fd9\u8dfc\u6b5f\uc95b\u0ae9" + > + "\u7b26\u9e5b\u97e8\u9d6e\uaf91\u6d1a\u1d19\ufc27\u0815\uccbc" + > + "\u83d4\u2ce2\ue06e\u21a1\u88da\u09af\u9671\uc510\uac23\u398d" + > + "\ubea2\ua9a1\uf0d3\u490d\ub94b\u7ff7\u6636\ub1fa\u9b10\u1be3" + > + "\u179b\u6a8a\u4a6c\ude1f\u5da7\u7c02\u96ec\u70ac\u5045\udd2c" + > + "\u9f6d\uc37d\u5ba6\u4895\ue142\u0db9\uf2dc\uba2e\ud054\ud33e" + > + "\u1ed9\u144b\u5d85\u9156\u3a90\ue8cd\u0a01\u67f5\ua81b\u4f56" + > + "\u99dd\u4950\ua551\uacdb\udf31\u1f05\u7169\u3231\u0071\u80ec" + > + "\ua4e9\ud74e\u62cf\u8931\u11f1\uc925\u0319\uabd4\ufb86\u73c2" + > + "\u1479\u005b\uf05d\u4f8d\u44e4\u942b\ud338\ud05d\u2b3b\uf6f5" + > + "\udc0d\uf741\u798b\ud8e9\u36a5\u577b\u8a95\ud773\uffcb\u17b3" + > + "\u7174\u9616\u9b5e\ua577\u983c\u6e7a\u6cc8\u4a04\u042b\u503e" + > + "\ud744\ub65e\ue5de\ufa24\u8c71\u1127\ud47f\ud290\ufd4c\u5cbb" + > + "\u0e21\u77fd\u6553\ub82b\ucb49\u41e7\u8e3d\u4539\u925d\u6ba9" + > + "\uae47\u391c\ua79e\ub6e2\u7142\u7cb3\u02f5\u6495\u7a85\u2dea" + > + "\u787b\u22b7\u6ec2\uea8d\uf930\u3d30\u2130\u0906\u052b\u0e03" + > + "\u021a\u0500\u0414\ubfef\u99f5\u0bb0\uc9b3\uf96a\ue267\u6bc0" + > + "\u0202\u6d78\ub923\u0414\u5500\u095a\u2a04\u2d7e\u708d\u9779" + > + "\u9bdb\u2c4f\u82f2\uf89f\u0202\u0400"; > + > + private static final String WITHOUT_NULL = > + "\u3082\u097c\u0201\u0330\u8209\u3606\u092a\u8648\u86f7\u0d01" + > + "\u0701\ua082\u0927\u0482\u0923\u3082\u091f\u3082\u0564\u0609" + > + "\u2a86\u4886\uf70d\u0107\u01a0\u8205\u5504\u8205\u5130\u8205" + > + "\u4d30\u8205\u4906\u0b2a\u8648\u86f7\u0d01\u0c0a\u0102\ua082" + > + "\u04fa\u3082\u04f6\u3028\u060a\u2a86\u4886\uf70d\u010c\u0103" + > + "\u301a\u0414\ud258\ubbe7\ub641\ud196\u4969\u3c88\u70f1\u8c97" + > + "\u95b1\u8bf3\u0202\u0400\u0482\u04c8\u096a\u4686\uf519\u61da" + > + "\u1b3b\uebfd\u89b1\u044b\u3bd8\u79a7\ud022\ud880\ud173\ucde1" + > + "\ud2c1\u2c5d\u8ebb\u6bd4\u46db\ub90b\u04b9\ub091\ud1f3\ud468" + > + "\u3e93\u2c88\uca5a\u1c54\u5342\u1eca\u8565\ubbbd\ua022\u1ead" + > + "\ud0bb\u1a8c\u69cf\uf0f4\ucbfb\u488a\ube99\uf190\ue01c\ud87d" + > + "\u78ca\u9e5c\u82f9\u76ad\u811f\u37d0\u272b\u0481\u500c\u0a27" + > + "\u08d3\ub637\u3e39\u6db1\ubcba\ue354\u6924\ua9d5\u3555\u20d6" + > + "\u4c6b\u3189\u5f91\u382c\uf351\u4de2\ubade\u2a14\uea84\u16b6" + > + "\uf7f7\u36de\ubba6\ue952\u5f5d\u8243\u2318\ucf3d\u8ac8\u33d3" + > + "\u706c\ue3db\u6619\u7935\u7300\u89b3\u0bcd\uca9f\u0333\ua450" + > + "\u1be1\u3e42\ub465\uced5\ub055\u5843\uf40f\ua0f2\u6fea\u94fa" + > + "\ua51e\u4b5d\u93c9\ucb2e\u977e\uafd9\u2a2f\u784b\u0320\u5550" + > + "\u273f\u469f\uc42b\u2ce7\uedea\u4e0d\u54a5\u1a25\u4fac\ue346" + > + "\u2102\u7ab6\uea86\u554f\u7706\u8a80\uf6dd\u04f8\u3b37\u005a" + > + "\u4562\u2ef8\u59f9\u32b7\u31c0\ue7dc\ucbde\ue0e1\u2fd9\u0960" + > + "\u3e7a\ub4e5\u2a58\u1e2b\uef14\u9a44\u5444\u806d\uc475\u12ab" + > + "\ucc3d\ua03b\ubd52\ubf1c\ua9a6\u58aa\uee8b\u96c2\ud0c9\ua029" + > + "\u1db4\ub118\u4807\uecaa\ue182\uabb7\ud9ed\u66c5\u2c80\uc6a6" + > + "\u3f54\ubc73\u2632\ue1b0\u0d74\u001c\u5740\uc74b\ufadb\u25b4" + > + "\ua10e\u3191\u69e6\u0861\u452b\u955c\uac56\ud3c4\u86b7\u45f8" + > + "\u777a\uc336\u8cc7\ud471\u76b6\u11d8\ueb84\u14e4\uf44f\uc9ff" + > + "\u8929\u0d84\ubcfe\u8cc2\u9d07\u94e6\u1cf9\u19b5\u773a\u012d" + > + "\u0453\u4ff3\u40f2\ub144\ufc80\u571c\u0e13\uf890\u9fed\u2045" + > + "\u7baf\ufd88\u4920\u2b86\u491d\uecf8\ua5d9\u1e12\u48c7\u2c84" + > + "\u3fbe\u4df5\u11ce\u7b81\u83fc\u3efa\u697d\u1f3d\u8d81\u01b0" + > + "\u0bf1\u9012\u697f\u3b25\u3574\u5286\udded\u5be0\u7e92\u0a02" + > + "\ua486\ud19b\ue0b5\ua05c\u5ac2\u0ad5\u0d04\ua763\ub5c8\uf7e6" + > + "\u6e77\u2df3\ub9e7\uda30\ufccb\u7642\u5dc1\udf1f\uc922\uff69" + > + "\u4471\u4749\u937a\ud77d\u7c0d\u917c\uf2ef\u122c\u13b2\u8943" + > + "\u33aa\uad59\u86e8\u21c4\ueaa0\uf200\ue5f3\u6da0\ue8ef\uce7e" + > + "\u37b2\u3ddf\u0480\u08fc\uf89a\ud927\u3f5b\u75d3\ubdfe\u6ebd" + > + "\ufab1\u9f54\u1c20\u625b\u1391\u2af0\u43ba\u4395\udf22\u299e" + > + "\uf3bf\u7750\u5f68\u0120\u0ee0\u6960\ud939\u621f\uf845\u0025" + > + "\ue33c\u7ed9\ueadf\u0005\u6306\u7274\u5e67\ucf7a\uf3c6\u7371" + > + "\u487b\u79d7\u2142\ubc1a\ubfe4\u3536\u15db\ufe23\u4352\u6321" + > + "\u329d\uc251\u84c8\ufc0e\uc0ca\u5be6\uf530\u0177\ud9cb\ud132" + > + "\uf752\u3f26\uda90\ud9cf\u2e46\u3e09\u5d9a\u6902\udb3e\ub06c" + > + "\u722d\uf498\u3e93\u6cae\u43b5\u535a\u1cd1\uf0b2\u8d80\u9e53" + > + "\ue02e\uf782\u01ce\u5063\u73d1\u5571\uf0e7\ufa22\u7e48\u0c31" + > + "\u4642\u29fd\udcab\ue8d4\u7a77\u0880\u4855\u88c7\u7aa5\u0d9c" + > + "\uf8b7\uc91c\u127d\u2dd7\ude53\u9d3f\u132b\u965c\ubc80\udd97" + > + "\u87bf\ua0e8\ub2a2\u4e1f\u98fd\u72f3\u16ea\uc415\u5be3\ue8df" + > + "\u5681\u1f11\u4e3a\uac5d\u1684\u6602\ueb14\u0a96\ufcef\uaebf" + > + "\u1f2e\ud1a9\u435c\uf4e5\ub6b4\uaae2\u8244\u96a4\u0d3a\u752f" + > + "\uce21\u1bc9\u219e\uf17b\ud95e\ucd12\u1b0a\ucb85\ub0cd\u4ecb" + > + "\u6bb4\u5f7c\u2a93\ubb24\u9d7c\u6822\u80cd\u3f54\u78ad\u4fde" + > + "\ud57f\uec1d\ub54c\u0d78\u5946\u84c1\ua9ad\u0dea\u0292\ub279" + > + "\u1c76\u817e\ub910\ub1fa\ub1c0\u839d\u9eca\u6f83\u8211\u4112" + > + "\u440c\u4fbd\u6ef2\u897d\udfa9\ude9e\u1aef\u0f21\u26fb\uaca4" + > + "\u637e\ub072\u264f\ud24d\u9357\uc801\u0b84\u2d34\ueddf\u6063" + > + "\udc5d\u90dd\u5c62\ufb48\u8c5e\u7c4e\u3bdb\ub590\u7a75\udbd1" + > + "\udd78\uc8be\u5915\u7c8b\u8874\u578d\u3116\ub65a\uab8e\ud2ef" + > + "\u5d35\ubf8b\u2828\u8983\ua790\uedcf\u9698\ue023\u5786\u627b" + > + "\u9037\u1db7\u900e\u1f45\u0001\u7cf8\u14fd\ue437\u0dfd\ucacc" + > + "\u5edf\u1742\u7f6e\u612a\ud57d\udca0\u73a4\ud601\uc7f0\uca0e" + > + "\u5a44\u00b4\u233a\u84f2\u95b5\u5f16\uc291\u04fb\u369d\u6b99" + > + "\ue127\u493f\u66be\u86e9\u9672\u2849\u64a7\u851b\ue420\u8491" + > + "\ueb07\u6563\uc753\uc28e\ucad5\uec05\u6920\u8955\u5605\u25f6" + > + "\u6193\ubee5\u7a1a\ub73d\ucc27\uc8ce\u7179\u57c1\u7a2a\u37c1" + > + "\ua6c7\u2d8a\u4025\uc97d\u8c9d\u7b4b\u1ad5\uc6d7\u50fc\u246d" + > + "\u91a9\ua55d\u677a\udc83\u04c7\u3e14\u9950\u420c\udf02\u749b" + > + "\ude88\u5459\u2074\ua4ae\ud12d\uaf60\uba98\u630d\u313c\u3017" + > + "\u0609\u2a86\u4886\uf70d\u0109\u1431\u0a1e\u0800\u7400\u6500" + > + "\u7300\u7430\u2106\u092a\u8648\u86f7\u0d01\u0915\u3114\u0412" + > + "\u5469\u6d65\u2031\u3330\u3833\u3132\u3431\u3138\u3238\u3082" + > + "\u03b3\u0609\u2a86\u4886\uf70d\u0107\u06a0\u8203\ua430\u8203" + > + "\ua002\u0100\u3082\u0399\u0609\u2a86\u4886\uf70d\u0107\u0130" + > + "\u2806\u0a2a\u8648\u86f7\u0d01\u0c01\u0630\u1a04\u14af\ud4f5" + > + "\u0ff4\u0ede\u0da0\u6cc5\ufd9d\u3502\uae5e\u4cef\u3102\u0204" + > + "\u0080\u8203\u6028\ua7e6\u088b\u56b6\uf453\u9747\u68ec\uc064" + > + "\u2254\u693f\u25c5\uaa39\u3d87\uc97c\uc558\u5194\u7553\ude3a" + > + "\u4575\u9d85\ud843\u2bd0\ua2e8\u244f\u8593\uac84\u54b4\ubdc6" + > + "\ucea6\uba1a\ud3da\ua510\uee9d\uaf31\ub5c2\u3329\u0fed\u0e08" + > + "\u426b\u46fe\udcc5\u0979\ua9ed\u3123\u9a50\ud222\u3fc0\u771a" + > + "\u6f55\u9664\ud56f\u6b03\u6020\u78a4\u63b2\ue35e\u0816\u43a7" + > + "\u1909\u52e1\u8183\u1b8d\u9f5b\u19e4\uad73\u8461\ucc86\u3b49" + > + "\u322e\ue9d9\u3c66\uea22\u091e\u6621\ua8bf\u0169\u72d0\u535e" + > + "\u77dc\u1002\ubded\u7a91\u6cee\u58fa\uc295\uae8e\ue009\uabe9" + > + "\u6638\ucaea\u8bbf\uca27\udef5\u2881\u72ec\u8aa5\u582b\u9d6e" + > + "\u26bb\u3c70\u8bd6\uf5ec\u34ae\ua967\u5bb1\u22cb\u4b74\u0e50" + > + "\u5062\uc6f7\u7cb4\u58a3\uf43d\u57c0\u9654\u2f9c\u9308\u4546" + > + "\u6f4a\u37fe\u8d5d\u1465\u8621\u4cd8\u68d6\u0456\u96a4\ud3e2" + > + "\u76d1\u2675\u7654\u7649\u10e9\u9d0e\u8b04\uffb6\u020a\u2eb4" + > + "\uf24f\u150e\u7f0d\uf41b\u2c76\u538f\uc2df\u79dc\u0472\u1119" + > + "\uc148\ue2e8\u1820\ucd45\u08a7\u6bcd\u6eb0\ubd0a\ufff4\uec28" + > + "\u819b\u2adb\uefc8\ue8f7\ue233\u6535\uc938\u9771\u3681\u87cf" + > + "\u3a24\u4c71\ue1df\u3e19\u259c\uae5b\u27ed\u8a67\uf3e6\u7af0" + > + "\u48e1\uc542\uc471\ud8f4\ue317\u46e9\u0b4f\uec45\ua1d3\u2b88" + > + "\u8a22\udda1\u7c1a\u273c\ua0f7\u8bac\u3771\u28d2\u6ef8\u28d2" + > + "\ud83c\u196f\ue3fd\u9c79\u4305\u01b8\u3490\u0a91\ue4f3\uebc6" + > + "\u25a2\u7dd2\u72db\u7531\ucfca\u432f\u2beb\uc649\uf9c5\uc533" + > + "\u9f3a\ua611\u935c\ubca6\ud293\u54d6\u0dd1\u0aff\u82fb\u2d69" + > + "\u3da0\u3b33\u0986\u45b3\u3353\ub968\u7348\u454f\u9117\ub3dc" + > + "\ud7af\u06ca\ua34a\u9357\ue22f\uad3d\u4c76\ub386\ua8d7\u2a90" + > + "\u6d17\u9321\u7b00\u21e4\u1994\u9d18\u6439\u04c8\u8282\ub269" + > + "\uf786\u75c6\ua505\u983a\ua075\uffa0\ud662\u6ae5\ub126\u96d1" + > + "\u9e5e\u346b\ub7ee\ub0a3\u4ee8\ud204\u77ec\u2325\u5da8\ua326" + > + "\ua018\u0fd8\ue50e\u93cc\ucc40\u2d89\u2ffb\u54e0\u091a\u19fd" + > + "\u45d7\uc0ab\u77a2\u66ae\u794b\u6644\u21c3\ud782\u1e9e\u53e5" + > + "\u782e\u55e8\ud44e\u93e8\u379e\u5aa8\u353b\u95de\u7bc1\ucaf3" + > + "\u5223\ub5e9\uacbb\ub86b\u6014\u0626\ue7ad\ufd93\ue43a\ud864" + > + "\u1e6d\u14b2\ua12a\u94c5\u2ed9\ua7f7\u14f4\u0cbd\uca3b\u7c21" + > + "\ua85a\uf834\u6c99\ue1aa\u3832\u2515\u8170\u3c93\u7def\u94fe" + > + "\u9c3d\u4ab0\u73ed\u6c72\u8b94\ua407\uc719\uad1e\u6306\u4167" + > + "\u921e\uae53\u3fd4\uf569\u6f0b\u82b0\u0ca6\ud61f\ud526\u23c9" + > + "\u168d\u4baf\ucc4f\ud8a2\uc64a\ud649\u55e3\u7019\u8f20\u680c" + > + "\u5581\u2cb1\ub3a4\u3e37\u5fd3\ua3ca\uc115\u979c\uf910\u3797" + > + "\u05cb\u51d6\u74a4\uc5c0\u597b\uf27f\ud5e2\ue8ac\u4f3d\uc0c3" + > + "\u9594\u7799\u6876\ub1a3\u059a\uff03\uc2ee\uc8c2\uf224\u3720" + > + "\u9177\uabdb\u9202\u18d8\uffbe\u0516\u2a76\uedb5\ufe9e\u6d65" + > + "\u4c35\ue4cb\u75aa\u02be\ud24c\ua482\ufc67\ue4f9\u70c7\u3567" + > + "\ufc3f\uaa89\ue80a\u6507\u0a65\u4e18\uf919\u071d\u423c\u1756" + > + "\u30e5\u37f3\u19b3\u10fb\u6c30\u3d30\u2130\u0906\u052b\u0e03" + > + "\u021a\u0500\u0414\ufd05\u4444\ud347\u673c\u6da4\udb7c\u0733" + > + "\ud7bf\ud263\uc6b2\u0414\udd17\u155e\u2d4c\u25cb\ua028\u1a23" + > + "\ub8b0\uf6be\u925f\ude3a\u0202\u0400"; > + > +} > > From fweimer at bfk.de Tue Jun 21 04:02:14 2011 From: fweimer at bfk.de (Florian Weimer) Date: Tue, 21 Jun 2011 11:02:14 +0000 Subject: Fix for: 6415637: PKCS#12 key stores with empty passwords In-Reply-To: <4E0014E1.3000108@oracle.com> (Weijun Wang's message of "Tue, 21 Jun 2011 11:49:53 +0800") References: <82sjr4ejoz.fsf@mid.bfk.de> <4E0014E1.3000108@oracle.com> Message-ID: <82hb7j78i1.fsf@mid.bfk.de> * Weijun Wang: > Thanks for looking into this. > > The following bug is for this special purpose: > > 6879539? enable empty password support for pkcs12 keystore > http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6879539 Oh, thanks, I totally missed that. > and it's now still in code review mode: > > http://cr.openjdk.java.net/~weijun/6879539/webrev.01/ > http://cr.openjdk.java.net/~weijun/6880619/webrev.00/ > > It seems our implementations are the same. At first sight, your codes > seem to use "char{}" as default and "char{0}" as alternative. But > then, in your updated derive() method, "char{}" goes to "byte{0,0}" > and "char{0}" goes to "byte{}". Finally, "byte{0,0}" always becomes > the default key for an empty password. I used the opposite logic so that encoding with and without NUL termination is supported, and lack of a trailing NUL results in compliant behavior. I'm not sure if we eventually need to support lack of NUL termination for non-empty passwords, too. Regarding your version, I think you should not share the ZERO value across calls because you do not completely control which implementing methods you call. Do you plan to restructure the code to address the related bug 6974037? I believe the MAC check should come first, as a matter of cryptographic hygiene. -- Florian Weimer BFK edv-consulting GmbH http://www.bfk.de/ Kriegsstra?e 100 tel: +49-721-96201-1 D-76133 Karlsruhe fax: +49-721-96201-99 From alan.bateman at oracle.com Tue Jun 21 08:12:39 2011 From: alan.bateman at oracle.com (alan.bateman at oracle.com) Date: Tue, 21 Jun 2011 15:12:39 +0000 Subject: hg: jdk8/tl/jdk: 7056815: test/java/lang/ClassLoader/deadlock/TestOneWayDelegate.sh times out intermittently on busy machine Message-ID: <20110621151248.EE68C471CF@hg.openjdk.java.net> Changeset: 70f14c2db078 Author: alanb Date: 2011-06-21 16:11 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/70f14c2db078 7056815: test/java/lang/ClassLoader/deadlock/TestOneWayDelegate.sh times out intermittently on busy machine Reviewed-by: mchung ! test/java/lang/ClassLoader/deadlock/TestOneWayDelegate.sh From alan.bateman at oracle.com Wed Jun 22 07:14:39 2011 From: alan.bateman at oracle.com (alan.bateman at oracle.com) Date: Wed, 22 Jun 2011 14:14:39 +0000 Subject: hg: jdk8/tl/jdk: 7056447: test/java/lang/management/ManagementFactory/MBeanServerMXBeanUnsupportedTest.java fails in agentvm Message-ID: <20110622141507.DFCFC4721F@hg.openjdk.java.net> Changeset: 0bde4bed86e5 Author: alanb Date: 2011-06-22 15:13 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0bde4bed86e5 7056447: test/java/lang/management/ManagementFactory/MBeanServerMXBeanUnsupportedTest.java fails in agentvm Reviewed-by: emcmanus ! test/java/lang/management/ManagementFactory/MBeanServerMXBeanUnsupportedTest.java From jeff.dinkins at oracle.com Wed Jun 22 11:06:38 2011 From: jeff.dinkins at oracle.com (jeff.dinkins at oracle.com) Date: Wed, 22 Jun 2011 18:06:38 +0000 Subject: hg: jdk7/tl: 7057046: Add embedded license to THIRD PARTY README Message-ID: <20110622180638.D316547228@hg.openjdk.java.net> Changeset: 8da980eedab6 Author: jeff Date: 2011-06-22 10:09 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/rev/8da980eedab6 7057046: Add embedded license to THIRD PARTY README Reviewed-by: lana ! THIRD_PARTY_README From jeff.dinkins at oracle.com Wed Jun 22 11:06:57 2011 From: jeff.dinkins at oracle.com (jeff.dinkins at oracle.com) Date: Wed, 22 Jun 2011 18:06:57 +0000 Subject: hg: jdk7/tl/corba: 7057046: Add embedded license to THIRD PARTY README Message-ID: <20110622180659.42B9A47229@hg.openjdk.java.net> Changeset: bba0e37d7006 Author: jeff Date: 2011-06-22 10:10 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/corba/rev/bba0e37d7006 7057046: Add embedded license to THIRD PARTY README Reviewed-by: lana ! THIRD_PARTY_README From jeff.dinkins at oracle.com Wed Jun 22 11:07:33 2011 From: jeff.dinkins at oracle.com (jeff.dinkins at oracle.com) Date: Wed, 22 Jun 2011 18:07:33 +0000 Subject: hg: jdk7/tl/hotspot: 7057046: Add embedded license to THIRD PARTY README Message-ID: <20110622180742.DE82F4722A@hg.openjdk.java.net> Changeset: f6ba9007b2c6 Author: jeff Date: 2011-06-22 10:10 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/hotspot/rev/f6ba9007b2c6 7057046: Add embedded license to THIRD PARTY README Reviewed-by: lana ! THIRD_PARTY_README From jeff.dinkins at oracle.com Wed Jun 22 11:09:11 2011 From: jeff.dinkins at oracle.com (jeff.dinkins at oracle.com) Date: Wed, 22 Jun 2011 18:09:11 +0000 Subject: hg: jdk7/tl/jaxp: 7057046: Add embedded license to THIRD PARTY README Message-ID: <20110622180911.91F714722B@hg.openjdk.java.net> Changeset: eed2486cb10b Author: jeff Date: 2011-06-22 10:10 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jaxp/rev/eed2486cb10b 7057046: Add embedded license to THIRD PARTY README Reviewed-by: lana ! THIRD_PARTY_README From jeff.dinkins at oracle.com Wed Jun 22 11:09:26 2011 From: jeff.dinkins at oracle.com (jeff.dinkins at oracle.com) Date: Wed, 22 Jun 2011 18:09:26 +0000 Subject: hg: jdk7/tl/jaxws: 7057046: Add embedded license to THIRD PARTY README Message-ID: <20110622180926.B7A834722C@hg.openjdk.java.net> Changeset: 632e38191caa Author: jeff Date: 2011-06-22 10:10 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jaxws/rev/632e38191caa 7057046: Add embedded license to THIRD PARTY README Reviewed-by: lana ! THIRD_PARTY_README From jeff.dinkins at oracle.com Wed Jun 22 11:09:39 2011 From: jeff.dinkins at oracle.com (jeff.dinkins at oracle.com) Date: Wed, 22 Jun 2011 18:09:39 +0000 Subject: hg: jdk7/tl/jdk: 7057046: Add embedded license to THIRD PARTY README Message-ID: <20110622181012.A0AEC4722D@hg.openjdk.java.net> Changeset: cfd7602f5c52 Author: jeff Date: 2011-06-22 10:11 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/cfd7602f5c52 7057046: Add embedded license to THIRD PARTY README Reviewed-by: lana ! THIRD_PARTY_README From jeff.dinkins at oracle.com Wed Jun 22 11:11:24 2011 From: jeff.dinkins at oracle.com (jeff.dinkins at oracle.com) Date: Wed, 22 Jun 2011 18:11:24 +0000 Subject: hg: jdk7/tl/langtools: 7057046: Add embedded license to THIRD PARTY README Message-ID: <20110622181128.193864722E@hg.openjdk.java.net> Changeset: a72412b148d7 Author: jeff Date: 2011-06-22 10:11 -0700 URL: http://hg.openjdk.java.net/jdk7/tl/langtools/rev/a72412b148d7 7057046: Add embedded license to THIRD PARTY README Reviewed-by: lana ! THIRD_PARTY_README From joe.darcy at oracle.com Wed Jun 22 17:07:26 2011 From: joe.darcy at oracle.com (joe.darcy at oracle.com) Date: Thu, 23 Jun 2011 00:07:26 +0000 Subject: hg: jdk8/tl/langtools: 6449184: Provide JavacProcessingEnvironment.getWriter Message-ID: <20110623000731.38FB24724B@hg.openjdk.java.net> Changeset: 4844a9fd3a62 Author: darcy Date: 2011-06-22 17:07 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/4844a9fd3a62 6449184: Provide JavacProcessingEnvironment.getWriter Reviewed-by: jjg ! src/share/classes/com/sun/tools/javac/processing/JavacProcessingEnvironment.java ! test/tools/javac/util/T6597678.java From weijun.wang at oracle.com Wed Jun 22 18:27:29 2011 From: weijun.wang at oracle.com (weijun.wang at oracle.com) Date: Thu, 23 Jun 2011 01:27:29 +0000 Subject: hg: jdk8/tl/jdk: 7055362: jdk_security2 test target cleanup Message-ID: <20110623012748.1C45647250@hg.openjdk.java.net> Changeset: febb7f557135 Author: weijun Date: 2011-06-23 09:27 +0800 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/febb7f557135 7055362: jdk_security2 test target cleanup Reviewed-by: alanb ! test/Makefile ! test/ProblemList.txt ! test/com/sun/crypto/provider/Cipher/DES/Sealtest.java ! test/com/sun/crypto/provider/Cipher/RSA/TestOAEP_KAT.java ! test/javax/crypto/EncryptedPrivateKeyInfo/GetKeySpecException.java ! test/javax/crypto/JceSecurity/SunJCE_BC_LoadOrdering.java From xuelei.fan at oracle.com Wed Jun 22 19:39:34 2011 From: xuelei.fan at oracle.com (xuelei.fan at oracle.com) Date: Thu, 23 Jun 2011 02:39:34 +0000 Subject: hg: jdk8/tl/jdk: 6952814: sun/security/ssl/com/sun/net/ssl/internal/ssl/InputRecord/InterruptedIO.java failing in PIT Message-ID: <20110623023944.952C147253@hg.openjdk.java.net> Changeset: 3b7193ab0d87 Author: xuelei Date: 2011-06-22 19:37 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/3b7193ab0d87 6952814: sun/security/ssl/com/sun/net/ssl/internal/ssl/InputRecord/InterruptedIO.java failing in PIT Reviewed-by: alanb - test/sun/security/ssl/com/sun/net/ssl/internal/ssl/InputRecord/InterruptedIO.java From xuelei.fan at oracle.com Wed Jun 22 20:51:52 2011 From: xuelei.fan at oracle.com (Xuelei Fan) Date: Thu, 23 Jun 2011 11:51:52 +0800 Subject: Code review request: 7057022 test/sun/security/pkcs11/fips/ClientJSSEServerJSSE.java has invalid jtreg tags Message-ID: <4E02B858.7050104@oracle.com> bug detail: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7057022 webrev: http://cr.openjdk.java.net/~xuelei/7057022/webrev.00/ Thanks, Xuelei From xuelei.fan at oracle.com Wed Jun 22 21:21:52 2011 From: xuelei.fan at oracle.com (xuelei.fan at oracle.com) Date: Thu, 23 Jun 2011 04:21:52 +0000 Subject: hg: jdk8/tl/jdk: 7058271: Remove InterruptedIO.java record from ProblemList.txt Message-ID: <20110623042202.2746447258@hg.openjdk.java.net> Changeset: 57265bf4b36b Author: xuelei Date: 2011-06-22 21:21 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/57265bf4b36b 7058271: Remove InterruptedIO.java record from ProblemList.txt Reviewed-by: weijun ! test/ProblemList.txt From chris.hegarty at oracle.com Thu Jun 23 04:00:58 2011 From: chris.hegarty at oracle.com (chris.hegarty at oracle.com) Date: Thu, 23 Jun 2011 11:00:58 +0000 Subject: hg: jdk8/tl/jdk: 7057935: com/sun/nio/sctp tests should be moved out of jdk_nio and into their own target, jdk_sctp Message-ID: <20110623110118.EB03047267@hg.openjdk.java.net> Changeset: 6b2c14dfe9b9 Author: chegar Date: 2011-06-23 13:00 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/6b2c14dfe9b9 7057935: com/sun/nio/sctp tests should be moved out of jdk_nio and into their own target, jdk_sctp Reviewed-by: alanb ! test/Makefile ! test/ProblemList.txt From chris.hegarty at oracle.com Thu Jun 23 04:16:04 2011 From: chris.hegarty at oracle.com (chris.hegarty at oracle.com) Date: Thu, 23 Jun 2011 11:16:04 +0000 Subject: hg: jdk8/tl/jdk: 7021010: java/lang/Thread/ThreadStateTest.java fails intermittently Message-ID: <20110623111614.1B93447268@hg.openjdk.java.net> Changeset: ae7211979179 Author: chegar Date: 2011-06-23 13:15 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/ae7211979179 7021010: java/lang/Thread/ThreadStateTest.java fails intermittently Reviewed-by: dholmes, alanb, mchung ! test/ProblemList.txt ! test/java/lang/Thread/ThreadStateTest.java From xuelei.fan at oracle.com Thu Jun 23 04:25:02 2011 From: xuelei.fan at oracle.com (xuelei.fan at oracle.com) Date: Thu, 23 Jun 2011 11:25:02 +0000 Subject: hg: jdk8/tl/jdk: 7057022: test/sun/security/pkcs11/fips/ClientJSSEServerJSSE.java has invalid jtreg tags Message-ID: <20110623112512.042954726A@hg.openjdk.java.net> Changeset: cd7adb545f71 Author: xuelei Date: 2011-06-23 04:23 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/cd7adb545f71 7057022: test/sun/security/pkcs11/fips/ClientJSSEServerJSSE.java has invalid jtreg tags Reviewed-by: weijun ! test/sun/security/pkcs11/fips/ClientJSSEServerJSSE.java From sean.mullan at oracle.com Thu Jun 23 06:03:37 2011 From: sean.mullan at oracle.com (Sean Mullan) Date: Thu, 23 Jun 2011 09:03:37 -0400 Subject: Code review request: 7057022 test/sun/security/pkcs11/fips/ClientJSSEServerJSSE.java has invalid jtreg tags In-Reply-To: <4E02B858.7050104@oracle.com> References: <4E02B858.7050104@oracle.com> Message-ID: <4E0339A9.7010306@oracle.com> Looks good. --Sean On 6/22/11 11:51 PM, Xuelei Fan wrote: > bug detail: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7057022 > webrev: http://cr.openjdk.java.net/~xuelei/7057022/webrev.00/ > > Thanks, > Xuelei From jonathan.gibbons at oracle.com Thu Jun 23 11:49:47 2011 From: jonathan.gibbons at oracle.com (jonathan.gibbons at oracle.com) Date: Thu, 23 Jun 2011 18:49:47 +0000 Subject: hg: jdk8/tl/langtools: 7058174: Reduce langtools build warnings Message-ID: <20110623184949.E19194727D@hg.openjdk.java.net> Changeset: 18002d039806 Author: jjg Date: 2011-06-23 11:49 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/18002d039806 7058174: Reduce langtools build warnings Reviewed-by: jjg Contributed-by: alexandre.boulgakov at oracle.com ! make/build.xml ! make/tools/CompileProperties/CompileProperties.java From joe.darcy at oracle.com Thu Jun 23 14:58:17 2011 From: joe.darcy at oracle.com (joe.darcy at oracle.com) Date: Thu, 23 Jun 2011 21:58:17 +0000 Subject: hg: jdk8/tl/jdk: 6253144: Long narrowing conversion should describe the algorithm used and implied "risks" Message-ID: <20110623215838.983EE4728C@hg.openjdk.java.net> Changeset: 151756a4037b Author: darcy Date: 2011-06-23 14:57 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/151756a4037b 6253144: Long narrowing conversion should describe the algorithm used and implied "risks" Reviewed-by: mduigou, alanb ! src/share/classes/java/lang/Byte.java ! src/share/classes/java/lang/Double.java ! src/share/classes/java/lang/Float.java ! src/share/classes/java/lang/Integer.java ! src/share/classes/java/lang/Long.java ! src/share/classes/java/lang/Number.java ! src/share/classes/java/lang/Short.java ! src/share/classes/java/util/concurrent/atomic/AtomicInteger.java ! src/share/classes/java/util/concurrent/atomic/AtomicLong.java From weijun.wang at oracle.com Wed Jun 22 17:48:46 2011 From: weijun.wang at oracle.com (Weijun Wang) Date: Thu, 23 Jun 2011 08:48:46 +0800 Subject: code review request: 6330275: Rework the PaddingTest regression test. (was Re: Fwd: jdk_security2 tests) In-Reply-To: <4E0282D2.2040708@oracle.com> References: <4E006369.3010808@oracle.com> <4E0282D2.2040708@oracle.com> Message-ID: <4E028D6E.1040503@oracle.com> http://cr.openjdk.java.net/~weijun/6330275/webrev.00/ Thanks Max On 06/23/2011 08:03 AM, Brad Wetmore wrote: > No, feel free to take it. > > Brad > > > > On 6/21/2011 2:24 AM, Weijun Wang wrote: >> Hi Brad >> >> >>> # Timed out, Solaris 10 64bit sparcv9 >>> com/sun/crypto/provider/Cipher/DES/PaddingTest.java generic-all >>> >>> This test has not generated random numbers (all key material in byte[] >>> constants) so there is no entropy pool issue. One special thing is that >>> it calls the external diff command on two files but only prints out the >>> result with no exception thrown when the files are different (6330275). >> >> I see you're RE for . Are you working on it now? >> >> Thanks >> Max >> From lana.steuck at oracle.com Thu Jun 23 17:31:49 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Fri, 24 Jun 2011 00:31:49 +0000 Subject: hg: jdk8/tl: 7 new changesets Message-ID: <20110624003150.2276D4729B@hg.openjdk.java.net> Changeset: 4373d87e6f37 Author: schien Date: 2011-05-26 20:19 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/rev/4373d87e6f37 Added tag jdk7-b144 for changeset 7203965666a4 ! .hgtags Changeset: 93d2590fd849 Author: jeff Date: 2011-05-27 14:57 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/rev/93d2590fd849 7045697: JDK7 THIRD PARTY README update Reviewed-by: lana ! THIRD_PARTY_README Changeset: 55e9ebf03218 Author: lana Date: 2011-06-02 13:37 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/rev/55e9ebf03218 Merge Changeset: 2d38c2a79c14 Author: schien Date: 2011-06-07 14:00 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/rev/2d38c2a79c14 Added tag jdk7-b145 for changeset 55e9ebf03218 ! .hgtags Changeset: 404bd0b9385f Author: schien Date: 2011-06-08 10:20 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/rev/404bd0b9385f Merge Changeset: 3e0b96f8f6a0 Author: schien Date: 2011-06-20 16:24 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/rev/3e0b96f8f6a0 Added tag jdk7-b146 for changeset 2d38c2a79c14 ! .hgtags Changeset: 29e7e1474b5e Author: schien Date: 2011-06-20 17:28 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/rev/29e7e1474b5e Merge From lana.steuck at oracle.com Thu Jun 23 17:32:03 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Fri, 24 Jun 2011 00:32:03 +0000 Subject: hg: jdk8/tl/jaxws: 18 new changesets Message-ID: <20110624003204.198C44729C@hg.openjdk.java.net> Changeset: 6158298d2b94 Author: schien Date: 2011-05-26 20:19 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxws/rev/6158298d2b94 Added tag jdk7-b144 for changeset 6bd683f2d527 ! .hgtags Changeset: c902e39c384e Author: jeff Date: 2011-05-27 15:01 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxws/rev/c902e39c384e 7045697: JDK7 THIRD PARTY README update Reviewed-by: lana ! THIRD_PARTY_README Changeset: bcca8afc019f Author: ohair Date: 2011-06-01 10:36 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxws/rev/bcca8afc019f 7049699: Problem with xml/jax-ws Reviewed-by: ramap ! jaxws.properties Changeset: 42bfba80beb7 Author: lana Date: 2011-06-02 13:37 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxws/rev/42bfba80beb7 Merge Changeset: 6ec12c60ad13 Author: schien Date: 2011-06-07 14:01 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxws/rev/6ec12c60ad13 Added tag jdk7-b145 for changeset 42bfba80beb7 ! .hgtags Changeset: 1b7851b9e113 Author: schien Date: 2011-06-08 10:21 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxws/rev/1b7851b9e113 Merge Changeset: 581dab3f0773 Author: asaha Date: 2011-04-21 16:15 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxws/rev/581dab3f0773 Merge Changeset: 26610bb80151 Author: asaha Date: 2011-05-04 12:00 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxws/rev/26610bb80151 Merge Changeset: c6ff860428c7 Author: asaha Date: 2011-05-05 22:28 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxws/rev/c6ff860428c7 Merge Changeset: f4e1caef46d0 Author: asaha Date: 2011-05-24 11:11 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxws/rev/f4e1caef46d0 Merge Changeset: 9896cee00786 Author: asaha Date: 2011-05-26 17:25 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxws/rev/9896cee00786 Merge Changeset: d1febdcb0351 Author: asaha Date: 2011-05-26 21:36 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxws/rev/d1febdcb0351 Merge Changeset: 239c80c331da Author: asaha Date: 2011-06-06 10:19 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxws/rev/239c80c331da Merge Changeset: 09412171ca4b Author: asaha Date: 2011-06-03 07:54 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxws/rev/09412171ca4b Merge Changeset: 9d8fd0982fb8 Author: asaha Date: 2011-06-06 10:54 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxws/rev/9d8fd0982fb8 Merge Changeset: 05469dd4c366 Author: lana Date: 2011-06-15 16:04 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxws/rev/05469dd4c366 Merge Changeset: faa394edbfe3 Author: schien Date: 2011-06-20 16:25 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxws/rev/faa394edbfe3 Added tag jdk7-b146 for changeset 05469dd4c366 ! .hgtags Changeset: 9244c440c0df Author: schien Date: 2011-06-20 17:28 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxws/rev/9244c440c0df Merge From lana.steuck at oracle.com Thu Jun 23 17:32:07 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Fri, 24 Jun 2011 00:32:07 +0000 Subject: hg: jdk8/tl/jaxp: 9 new changesets Message-ID: <20110624003207.83B724729D@hg.openjdk.java.net> Changeset: bee49f47043f Author: schien Date: 2011-05-26 20:19 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxp/rev/bee49f47043f Added tag jdk7-b144 for changeset 39bf6dcaab23 ! .hgtags Changeset: bdf77cbd9958 Author: ohair Date: 2011-05-19 08:38 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxp/rev/bdf77cbd9958 7044493: Incorrectly formated GPL headers in JDK7 JAXP source drop Reviewed-by: joehw ! jaxp.properties Changeset: 775dd77e4730 Author: lana Date: 2011-05-20 21:00 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxp/rev/775dd77e4730 Merge Changeset: a70a042c8600 Author: jeff Date: 2011-05-27 15:01 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxp/rev/a70a042c8600 7045697: JDK7 THIRD PARTY README update Reviewed-by: lana ! THIRD_PARTY_README Changeset: 10ca7570f47f Author: lana Date: 2011-06-02 13:37 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxp/rev/10ca7570f47f Merge Changeset: bcd31fa1e3c6 Author: schien Date: 2011-06-07 14:01 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxp/rev/bcd31fa1e3c6 Added tag jdk7-b145 for changeset 10ca7570f47f ! .hgtags Changeset: bae5f389d17b Author: schien Date: 2011-06-08 10:21 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxp/rev/bae5f389d17b Merge Changeset: 9a4d09f33f01 Author: schien Date: 2011-06-20 16:25 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxp/rev/9a4d09f33f01 Added tag jdk7-b146 for changeset bcd31fa1e3c6 ! .hgtags Changeset: 03692de33ca8 Author: schien Date: 2011-06-20 17:28 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jaxp/rev/03692de33ca8 Merge From lana.steuck at oracle.com Thu Jun 23 17:31:55 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Fri, 24 Jun 2011 00:31:55 +0000 Subject: hg: jdk8/tl/corba: 10 new changesets Message-ID: <20110624003212.371074729E@hg.openjdk.java.net> Changeset: 7033a5756ad5 Author: katleman Date: 2011-05-25 13:31 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/corba/rev/7033a5756ad5 7044486: open jdk repos have files with incorrect copyright headers, which can end up in src bundles Reviewed-by: ohair, trims ! src/share/classes/com/sun/corba/se/impl/transport/CorbaTransportManagerImpl.java Changeset: 74eb715474f2 Author: schien Date: 2011-05-26 20:19 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/corba/rev/74eb715474f2 Added tag jdk7-b144 for changeset 7033a5756ad5 ! .hgtags Changeset: 93e77c49b3bb Author: miroslawzn Date: 2011-05-26 13:05 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/corba/rev/93e77c49b3bb 7046882: Regression : JDK 7b123 : Enum exchanged as parameters using CORBA call results in Exception Reviewed-by: raginip ! src/share/classes/com/sun/corba/se/impl/io/ObjectStreamClass.java Changeset: 643f267ca234 Author: jeff Date: 2011-05-27 14:58 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/corba/rev/643f267ca234 7045697: JDK7 THIRD PARTY README update Reviewed-by: lana ! THIRD_PARTY_README Changeset: 7839048ec99e Author: jeff Date: 2011-05-27 15:27 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/corba/rev/7839048ec99e Merge Changeset: 77ec0541aa2a Author: lana Date: 2011-06-02 13:37 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/corba/rev/77ec0541aa2a Merge Changeset: 770227a4087e Author: schien Date: 2011-06-07 14:00 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/corba/rev/770227a4087e Added tag jdk7-b145 for changeset 77ec0541aa2a ! .hgtags Changeset: e85ff90212ad Author: schien Date: 2011-06-08 10:20 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/corba/rev/e85ff90212ad Merge Changeset: 36f0efbc66ef Author: schien Date: 2011-06-20 16:25 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/corba/rev/36f0efbc66ef Added tag jdk7-b146 for changeset 770227a4087e ! .hgtags Changeset: abe4723b9b7f Author: schien Date: 2011-06-20 17:28 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/corba/rev/abe4723b9b7f Merge From lana.steuck at oracle.com Thu Jun 23 17:32:24 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Fri, 24 Jun 2011 00:32:24 +0000 Subject: hg: jdk8/tl/langtools: 27 new changesets Message-ID: <20110624003321.4549C4729F@hg.openjdk.java.net> Changeset: 8eb952f43b11 Author: katleman Date: 2011-05-25 13:32 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/8eb952f43b11 7044486: open jdk repos have files with incorrect copyright headers, which can end up in src bundles Reviewed-by: ohair, trims ! src/share/classes/com/sun/source/tree/UnionTypeTree.java ! src/share/classes/com/sun/tools/classfile/ClassTranslator.java ! src/share/classes/com/sun/tools/classfile/Dependencies.java ! src/share/classes/javax/lang/model/util/AbstractTypeVisitor7.java ! src/share/classes/javax/lang/model/util/ElementKindVisitor7.java ! test/tools/javac/4241573/T4241573.java ! test/tools/javac/6508981/TestInferBinaryName.java ! test/tools/javac/TryWithResources/DuplicateResource.java ! test/tools/javac/api/6411310/Test.java ! test/tools/javac/api/T6838467.java ! test/tools/javac/api/T6877206.java ! test/tools/javac/api/TestClientCodeWrapper.java ! test/tools/javac/api/TestJavacTask_Lock.java ! test/tools/javac/api/TestJavacTask_Multiple.java ! test/tools/javac/api/TestJavacTask_ParseAttrGen.java ! test/tools/javac/multicatch/model/ModelChecker.java ! test/tools/javac/processing/model/element/TestMissingElement2/TestMissingGenericInterface1.java ! test/tools/javac/processing/model/element/TestMissingElement2/TestMissingGenericInterface2.java ! test/tools/javac/processing/model/element/TestMissingElement2/TestMissingInterface.java ! test/tools/javac/processing/model/util/deprecation/TestDeprecation.java ! test/tools/javac/tree/T6963934.java Changeset: 9f25c6a3ac23 Author: schien Date: 2011-05-26 20:20 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/9f25c6a3ac23 Added tag jdk7-b144 for changeset 8eb952f43b11 ! .hgtags Changeset: 6bb526ccf5ff Author: mcimadamore Date: 2011-05-23 11:55 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/6bb526ccf5ff 7046348: Regression: javac complains of missing classfile for a seemingly unrelated interface Summary: Types.implementation forces unnecessary symbol completion on superinterfaces of a given type Reviewed-by: jjg ! src/share/classes/com/sun/tools/javac/code/Symbol.java ! src/share/classes/com/sun/tools/javac/code/Types.java ! src/share/classes/com/sun/tools/javac/comp/Check.java + test/tools/javac/scope/7046348/EagerInterfaceCompletionTest.java Changeset: 6211df69f7e0 Author: jeff Date: 2011-05-27 15:02 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/6211df69f7e0 7045697: JDK7 THIRD PARTY README update Reviewed-by: lana ! THIRD_PARTY_README Changeset: 6762754eb7c0 Author: jjg Date: 2011-06-01 11:25 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/6762754eb7c0 7042623: Regression: javac silently crash when attributing non-existent annotation Reviewed-by: mcimadamore ! src/share/classes/com/sun/tools/javac/comp/Check.java + test/tools/javac/T7042623.java + test/tools/javac/T7042623.out Changeset: c455e2ae5c93 Author: lana Date: 2011-06-02 13:38 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/c455e2ae5c93 Merge Changeset: 9ff91d0e7154 Author: schien Date: 2011-06-07 14:01 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/9ff91d0e7154 Added tag jdk7-b145 for changeset c455e2ae5c93 ! .hgtags Changeset: f27b6f45a449 Author: schien Date: 2011-06-08 10:25 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/f27b6f45a449 Merge Changeset: 347349c981f2 Author: jjh Date: 2011-06-09 09:13 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/347349c981f2 7052782: Two langtools regression tests fail due to fix for 7034977 which removed the invokeGeneric method Summary: Change the tests to call invoke instead of invokeGeneric Reviewed-by: jrose, mcimadamore ! test/tools/javac/meth/InvokeMH.java ! test/tools/javac/meth/XlintWarn.java Changeset: b8a2c9c87018 Author: lana Date: 2011-06-10 11:44 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/b8a2c9c87018 Merge Changeset: 588d366d96df Author: asaha Date: 2011-04-21 16:16 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/588d366d96df Merge Changeset: 219b522d09e4 Author: asaha Date: 2011-05-04 12:00 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/219b522d09e4 Merge Changeset: 145d832616d3 Author: asaha Date: 2011-05-05 22:30 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/145d832616d3 Merge Changeset: 8b6e015ae7d0 Author: asaha Date: 2011-05-24 11:12 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/8b6e015ae7d0 Merge - test/tools/javac/generics/diamond/7030150/Neg01.java - test/tools/javac/generics/diamond/7030150/Neg01.out - test/tools/javac/generics/diamond/7030150/Neg02.java - test/tools/javac/generics/diamond/7030150/Neg02.out - test/tools/javac/generics/diamond/7030150/Neg03.java - test/tools/javac/generics/diamond/7030150/Neg03.out - test/tools/javac/generics/diamond/7030150/Pos01.java - test/tools/javac/generics/diamond/7030150/Pos02.java Changeset: 35cc19ae29b5 Author: asaha Date: 2011-05-26 17:26 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/35cc19ae29b5 Merge Changeset: 8b65930602c3 Author: asaha Date: 2011-05-26 21:42 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/8b65930602c3 Merge Changeset: 0adb806caf9d Author: asaha Date: 2011-06-06 10:22 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/0adb806caf9d Merge Changeset: bb1fdcebde01 Author: asaha Date: 2011-06-03 07:54 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/bb1fdcebde01 Merge Changeset: 8ed03b0e3c9c Author: asaha Date: 2011-06-06 11:08 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/8ed03b0e3c9c Merge Changeset: f494ca4bca0d Author: lana Date: 2011-06-15 16:11 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/f494ca4bca0d Merge Changeset: 7eba9df190ae Author: bpatel Date: 2011-06-17 20:12 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/7eba9df190ae 7052425: Change the look and feel of the javadoc generate HTML pages using stylesheet Reviewed-by: jjg ! src/share/classes/com/sun/tools/doclets/formats/html/HtmlDoclet.java + src/share/classes/com/sun/tools/doclets/internal/toolkit/resources/background.gif - src/share/classes/com/sun/tools/doclets/internal/toolkit/resources/inherit.gif ! src/share/classes/com/sun/tools/doclets/internal/toolkit/resources/stylesheet.css + src/share/classes/com/sun/tools/doclets/internal/toolkit/resources/tab.gif + src/share/classes/com/sun/tools/doclets/internal/toolkit/resources/titlebar.gif + src/share/classes/com/sun/tools/doclets/internal/toolkit/resources/titlebar_end.gif ! test/com/sun/javadoc/AccessH1/AccessH1.java ! test/com/sun/javadoc/testStylesheet/TestStylesheet.java Changeset: c3a3440fe6e8 Author: bpatel Date: 2011-06-17 20:14 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/c3a3440fe6e8 Merge Changeset: 9425dd4f53d5 Author: schien Date: 2011-06-18 09:04 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/9425dd4f53d5 Merge Changeset: 436fb6aeda5a Author: schien Date: 2011-06-20 16:25 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/436fb6aeda5a Added tag jdk7-b146 for changeset 9425dd4f53d5 ! .hgtags Changeset: 06b6bbbe2787 Author: schien Date: 2011-06-20 17:39 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/06b6bbbe2787 Merge - src/share/classes/com/sun/tools/doclets/internal/toolkit/resources/inherit.gif Changeset: d59414955614 Author: lana Date: 2011-06-22 23:26 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/d59414955614 Merge - src/share/classes/com/sun/tools/doclets/internal/toolkit/resources/inherit.gif Changeset: 9eb36cac6b64 Author: lana Date: 2011-06-23 17:30 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/9eb36cac6b64 Merge From lana.steuck at oracle.com Thu Jun 23 17:35:52 2011 From: lana.steuck at oracle.com (lana.steuck at oracle.com) Date: Fri, 24 Jun 2011 00:35:52 +0000 Subject: hg: jdk8/tl/jdk: 93 new changesets Message-ID: <20110624005043.95DA0472A0@hg.openjdk.java.net> Changeset: 23bdcede4e39 Author: katleman Date: 2011-05-25 13:32 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/23bdcede4e39 7044486: open jdk repos have files with incorrect copyright headers, which can end up in src bundles Reviewed-by: ohair, trims ! src/linux/doc/man/ja/keytool.1 ! src/linux/doc/man/keytool.1 ! src/share/classes/java/io/SerialCallbackContext.java ! src/share/classes/sun/io/ByteToCharCp833.java ! src/share/classes/sun/io/CharToByteCp833.java ! src/share/classes/sun/misc/FpUtils.java ! src/share/classes/sun/security/provider/certpath/URICertStore.java ! src/solaris/doc/sun/man/man1/ja/keytool.1 ! src/solaris/doc/sun/man/man1/keytool.1 ! test/com/sun/net/httpserver/Test10.java ! test/java/awt/List/ScrollOutside/ScrollOut.java ! test/java/awt/event/MouseWheelEvent/InfiniteRecursion/InfiniteRecursion.java ! test/java/awt/event/MouseWheelEvent/InfiniteRecursion/InfiniteRecursion_1.java ! test/java/awt/event/MouseWheelEvent/InfiniteRecursion/InfiniteRecursion_2.java ! test/java/awt/event/MouseWheelEvent/InfiniteRecursion/InfiniteRecursion_3.java ! test/java/awt/event/MouseWheelEvent/InfiniteRecursion/InfiniteRecursion_4.java ! test/java/awt/image/IncorrectSampleMaskTest.java ! test/java/lang/invoke/MethodTypeTest.java ! test/java/rmi/server/UnicastRemoteObject/exportObject/GcDuringExport.java ! test/java/util/EnumMap/DistinctEntrySetElements.java ! test/java/util/EnumMap/EntrySetIteratorRemoveInvalidatesEntry.java ! test/java/util/EnumMap/SimpleSerialization.java ! test/java/util/EnumSet/LargeEnumIteratorRemoveResilience.java ! test/java/util/EnumSet/SmallEnumIteratorRemoveResilience.java ! test/java/util/Hashtable/SerializationDeadlock.java ! test/java/util/Hashtable/SimpleSerialization.java ! test/java/util/IdentityHashMap/DistinctEntrySetElements.java ! test/java/util/IdentityHashMap/EntrySetIteratorRemoveInvalidatesEntry.java ! test/java/util/Vector/SerializationDeadlock.java ! test/java/util/Vector/SimpleSerialization.java ! test/java/util/concurrent/ConcurrentHashMap/DistinctEntrySetElements.java ! test/java/util/zip/ZipFile/ClearStaleZipFileInputStreams.java ! test/sun/net/InetAddress/nameservice/chaining/META-INF/services/sun.net.spi.nameservice.NameServiceDescriptor ! test/tools/launcher/TestHelper.java ! test/tools/pack200/CommandLineTests.java ! test/tools/pack200/Pack200Test.java ! test/tools/pack200/Utils.java Changeset: c344779fab58 Author: schien Date: 2011-05-26 20:20 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/c344779fab58 Added tag jdk7-b144 for changeset 23bdcede4e39 ! .hgtags Changeset: f09930d526ba Author: jrose Date: 2011-05-26 17:37 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f09930d526ba 7032323: code changes for JSR 292 EG adjustments to API, through Public Review Summary: API code changes and javadoc changes following JSR 292 Public Review comments, through PFD Reviewed-by: never ! src/share/classes/java/lang/BootstrapMethodError.java ! src/share/classes/java/lang/ClassValue.java ! src/share/classes/java/lang/invoke/AdapterMethodHandle.java ! src/share/classes/java/lang/invoke/BoundMethodHandle.java ! src/share/classes/java/lang/invoke/CallSite.java ! src/share/classes/java/lang/invoke/ConstantCallSite.java ! src/share/classes/java/lang/invoke/Invokers.java ! src/share/classes/java/lang/invoke/MemberName.java ! src/share/classes/java/lang/invoke/MethodHandle.java ! src/share/classes/java/lang/invoke/MethodHandleImpl.java ! src/share/classes/java/lang/invoke/MethodHandleNatives.java + src/share/classes/java/lang/invoke/MethodHandleProxies.java ! src/share/classes/java/lang/invoke/MethodHandles.java ! src/share/classes/java/lang/invoke/MethodType.java ! src/share/classes/java/lang/invoke/MutableCallSite.java ! src/share/classes/java/lang/invoke/SwitchPoint.java ! src/share/classes/java/lang/invoke/package-info.java ! src/share/classes/sun/invoke/util/ValueConversions.java ! src/share/classes/sun/invoke/util/VerifyAccess.java ! src/share/classes/sun/invoke/util/Wrapper.java ! test/java/lang/invoke/6998541/Test6998541.java ! test/java/lang/invoke/InvokeDynamicPrintArgs.java ! test/java/lang/invoke/InvokeGenericTest.java ! test/java/lang/invoke/JavaDocExamplesTest.java ! test/java/lang/invoke/MethodHandlesTest.java ! test/java/lang/invoke/indify/Indify.java Changeset: 81f957f86ba5 Author: jcoomes Date: 2011-05-27 19:03 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/81f957f86ba5 Merge Changeset: bc97b962330e Author: mfang Date: 2011-05-26 20:32 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/bc97b962330e 7045184: GTK L&F doesn't have hotkeys in jdk7 b141, while b139 has. Reviewed-by: yhuang, ogino ! src/share/classes/com/sun/java/swing/plaf/gtk/resources/gtk.properties Changeset: 6943c4d9caa3 Author: mfang Date: 2011-05-31 13:58 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/6943c4d9caa3 Merge Changeset: 7c5bc5a807ee Author: dholmes Date: 2011-05-27 19:04 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/7c5bc5a807ee 7024120: Verify reduced JRE contents for java 7 Summary: stripped all symbols from libs and executables to reduce JRE size. Restored missing classes needed to pass JCK in headless mode Reviewed-by: bobv, ohair ! make/common/Defs-embedded.gmk ! make/common/Release-embedded.gmk Changeset: f4895b3fe1be Author: dholmes Date: 2011-05-31 17:28 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f4895b3fe1be Merge Changeset: eab27338b3d9 Author: schien Date: 2011-06-01 11:16 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/eab27338b3d9 Merge Changeset: 8d91855a1f4e Author: prr Date: 2011-05-27 13:25 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/8d91855a1f4e 7046587: Outlines in OTF/CFF fonts are misclassified as quadratic curves Reviewed-by: igor ! src/share/classes/sun/font/FileFontStrike.java ! src/share/classes/sun/font/FontScaler.java ! src/share/classes/sun/font/FreetypeFontScaler.java ! src/share/classes/sun/font/NullFontScaler.java Changeset: 0b0b92707cf5 Author: bae Date: 2011-05-30 12:05 +0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0b0b92707cf5 7032904: XRender: Java2Demo : Infinite loop in Java_sun_java2d_loops_MaskBlit_MaskBlit on OEL 5.6 x64 Reviewed-by: prr ! src/solaris/classes/sun/awt/X11GraphicsEnvironment.java ! src/solaris/native/sun/java2d/x11/XRBackendNative.c Changeset: 290daca0a693 Author: prr Date: 2011-05-30 22:00 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/290daca0a693 7049874: OpenJDK Build breakage fix: freetypescaler.c needs to match updated signature Reviewed-by: lana, igor ! src/share/native/sun/font/freetypeScaler.c Changeset: b351af09bfa3 Author: lana Date: 2011-06-02 13:35 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/b351af09bfa3 Merge Changeset: d2081a1f417f Author: bagiras Date: 2011-05-27 11:45 +0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/d2081a1f417f 7045174: Most of the tests in awt area fails with jdk 7b142 on windows with -Xcheck:jni Reviewed-by: art, denis ! src/windows/native/sun/windows/awt_Object.cpp ! src/windows/native/sun/windows/awt_Toolkit.cpp Changeset: 000a845b1e38 Author: denis Date: 2011-05-28 12:56 +0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/000a845b1e38 7046325: Broken links in java.awt.Toolkit's javadoc Reviewed-by: dav, yan ! src/share/classes/java/awt/Toolkit.java Changeset: eab94f59b6dc Author: dcherepanov Date: 2011-05-30 13:25 +0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/eab94f59b6dc 7045354: Korean IME's Hanja candidate window is not displayed on IMFDemo Reviewed-by: art, ant ! src/windows/native/sun/windows/awt_Component.cpp Changeset: f05164caa490 Author: serb Date: 2011-05-30 17:16 +0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f05164caa490 7045193: interactive JCK tests java_awt/interactive/FileDialogTests fail Reviewed-by: dcherepanov, dav, art, denis ! src/solaris/classes/sun/awt/X11/GtkFileDialogPeer.java Changeset: b955226868af Author: lana Date: 2011-06-02 13:36 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/b955226868af Merge Changeset: 1fbaf2b688a6 Author: rupashka Date: 2011-05-24 11:37 +0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/1fbaf2b688a6 7045593: Possible Regression : JTextfield cursor placement behavior algorithm has changed. Reviewed-by: peterz ! src/share/classes/javax/swing/text/Utilities.java + test/javax/swing/text/Utilities/bug7045593.java Changeset: 442237d3ec2c Author: rupashka Date: 2011-05-28 11:55 +0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/442237d3ec2c 7048204: NPE from NimbusLookAndFeel.addDefault Reviewed-by: peterz ! src/share/classes/javax/swing/plaf/nimbus/NimbusLookAndFeel.java + test/javax/swing/plaf/nimbus/Test7048204.java Changeset: 386516fdf40b Author: lana Date: 2011-06-02 13:37 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/386516fdf40b Merge Changeset: 0a80650409e1 Author: mullan Date: 2011-05-24 14:15 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0a80650409e1 7044443: Permissions resolved incorrectly for jar protocol (Patch from bugs.openjdk.java.net) Reviewed-by: alanb, chegar Contributed-by: dbhole at redhat.com ! src/share/classes/sun/security/provider/PolicyFile.java + test/java/security/Policy/GetPermissions/JarURL.java Changeset: ace2dfdecda1 Author: mullan Date: 2011-05-24 14:32 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/ace2dfdecda1 Merge Changeset: 70942be348af Author: jeff Date: 2011-05-27 15:02 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/70942be348af 7045697: JDK7 THIRD PARTY README update Reviewed-by: lana ! THIRD_PARTY_README Changeset: b49a0af85821 Author: vinnie Date: 2011-05-30 16:37 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/b49a0af85821 7049173: Replace the software license for ECC native code Reviewed-by: alanb ! src/share/native/sun/security/ec/impl/ec.c ! src/share/native/sun/security/ec/impl/ec.h ! src/share/native/sun/security/ec/impl/ec2.h ! src/share/native/sun/security/ec/impl/ec2_163.c ! src/share/native/sun/security/ec/impl/ec2_193.c ! src/share/native/sun/security/ec/impl/ec2_233.c ! src/share/native/sun/security/ec/impl/ec2_aff.c ! src/share/native/sun/security/ec/impl/ec2_mont.c ! src/share/native/sun/security/ec/impl/ec_naf.c ! src/share/native/sun/security/ec/impl/ecc_impl.h ! src/share/native/sun/security/ec/impl/ecdecode.c ! src/share/native/sun/security/ec/impl/ecl-curve.h ! src/share/native/sun/security/ec/impl/ecl-exp.h ! src/share/native/sun/security/ec/impl/ecl-priv.h ! src/share/native/sun/security/ec/impl/ecl.c ! src/share/native/sun/security/ec/impl/ecl.h ! src/share/native/sun/security/ec/impl/ecl_curve.c ! src/share/native/sun/security/ec/impl/ecl_gf.c ! src/share/native/sun/security/ec/impl/ecl_mult.c ! src/share/native/sun/security/ec/impl/ecp.h ! src/share/native/sun/security/ec/impl/ecp_192.c ! src/share/native/sun/security/ec/impl/ecp_224.c ! src/share/native/sun/security/ec/impl/ecp_256.c ! src/share/native/sun/security/ec/impl/ecp_384.c ! src/share/native/sun/security/ec/impl/ecp_521.c ! src/share/native/sun/security/ec/impl/ecp_aff.c ! src/share/native/sun/security/ec/impl/ecp_jac.c ! src/share/native/sun/security/ec/impl/ecp_jm.c ! src/share/native/sun/security/ec/impl/ecp_mont.c ! src/share/native/sun/security/ec/impl/logtab.h ! src/share/native/sun/security/ec/impl/mp_gf2m-priv.h ! src/share/native/sun/security/ec/impl/mp_gf2m.c ! src/share/native/sun/security/ec/impl/mp_gf2m.h ! src/share/native/sun/security/ec/impl/mpi-config.h ! src/share/native/sun/security/ec/impl/mpi-priv.h ! src/share/native/sun/security/ec/impl/mpi.c ! src/share/native/sun/security/ec/impl/mpi.h ! src/share/native/sun/security/ec/impl/mplogic.c ! src/share/native/sun/security/ec/impl/mplogic.h ! src/share/native/sun/security/ec/impl/mpmontg.c ! src/share/native/sun/security/ec/impl/mpprime.h ! src/share/native/sun/security/ec/impl/oid.c ! src/share/native/sun/security/ec/impl/secitem.c ! src/share/native/sun/security/ec/impl/secoidt.h Changeset: 4ed7c877a463 Author: michaelm Date: 2011-05-30 23:36 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/4ed7c877a463 7042550: Reintegrate 6569621 Reviewed-by: chegar, alanb ! src/share/classes/java/net/InetAddress.java ! src/share/classes/java/net/Socket.java ! src/share/classes/java/net/SocketPermission.java + src/share/classes/sun/net/RegisteredDomain.java ! src/share/classes/sun/net/www/URLConnection.java ! src/share/classes/sun/net/www/http/HttpClient.java Changeset: c79a089ae13b Author: wetmore Date: 2011-05-31 12:45 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/c79a089ae13b 7042097: JDK 7's Unlimited Cryptographic Policy bundle text files must be updated. Reviewed-by: valeriep ! make/javax/crypto/Makefile Changeset: a00f48c96345 Author: lancea Date: 2011-06-02 12:02 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/a00f48c96345 7049107: Cannot call initCause() on BatchUpdateException Reviewed-by: darcy ! src/share/classes/java/sql/BatchUpdateException.java Changeset: 39de8937c1d8 Author: lana Date: 2011-06-02 13:38 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/39de8937c1d8 Merge Changeset: 8318d03e1766 Author: jrose Date: 2011-06-01 23:56 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/8318d03e1766 7049415: Failure of resolution of sym.reference to the c.s.s. should be wrapped in BootstrapMethodError Summary: Wrap invokedynamic linkage errors in BootstrapMethodError, as needed. Reviewed-by: never ! src/share/classes/java/lang/invoke/MethodHandleNatives.java Changeset: 0b8b6eace473 Author: jrose Date: 2011-06-01 23:56 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0b8b6eace473 7050328: (jsr-292) findConstructor throws ExceptionInInitializerError if run under SecurityManager Summary: Wrap system property and reflection accesses under doPrivileged. Ensure constant pool linkage bypasses the SM as specified. Reviewed-by: kvn, never ! src/share/classes/java/lang/invoke/MethodHandleImpl.java ! src/share/classes/java/lang/invoke/MethodHandleNatives.java ! src/share/classes/java/lang/invoke/MethodHandleStatics.java ! src/share/classes/java/lang/invoke/MethodHandles.java ! src/share/classes/sun/invoke/util/ValueConversions.java ! test/java/lang/invoke/InvokeDynamicPrintArgs.java Changeset: 34481a4012c3 Author: jrose Date: 2011-06-01 23:56 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/34481a4012c3 7049122: java/lang/invoke/RicochetTest.java with MAX_ARITY=255 in -Xcomp mode overflows code cache Summary: reduce the scope of the unit test (mark high water mark of testing with @ignore tags) Reviewed-by: never ! test/java/lang/invoke/RicochetTest.java Changeset: 802994506203 Author: jrose Date: 2011-06-03 11:20 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/802994506203 7051206: JSR 292 method name SwitchPoint.isValid is misleading to unwary users; should be hasBeenInvalidated Reviewed-by: kvn, never, ysr ! src/share/classes/java/lang/invoke/SwitchPoint.java ! test/java/lang/invoke/JavaDocExamplesTest.java Changeset: e8e6cdff5995 Author: trims Date: 2011-06-03 20:13 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/e8e6cdff5995 Merge Changeset: 8f19b165347b Author: bae Date: 2011-06-04 23:08 +0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/8f19b165347b 7042594: 3 testis api/java_awt/Color/ICC_ProfileRGB/index.html fail against RI b138 OEL6x64. Reviewed-by: prr ! src/share/classes/java/awt/color/ICC_Profile.java ! src/share/native/sun/java2d/cmm/lcms/LCMS.c ! src/share/native/sun/java2d/cmm/lcms/cmsio0.c ! test/sun/java2d/cmm/ProfileOp/ReadWriteProfileTest.java + test/sun/java2d/cmm/ProfileOp/SetDataTest.java Changeset: bbb4cef2208b Author: lana Date: 2011-06-04 17:30 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/bbb4cef2208b Merge Changeset: 03a828e368ca Author: rupashka Date: 2011-06-04 01:13 +0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/03a828e368ca 6977587: GTK L&F: jnlp: java.io.IOException thrown when choosing more than 1 file in the dialog Reviewed-by: alexp ! src/share/classes/com/sun/java/swing/plaf/gtk/GTKFileChooserUI.java Changeset: 6c9c55ae313b Author: lana Date: 2011-06-03 22:14 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/6c9c55ae313b Merge Changeset: e81d259442ed Author: lana Date: 2011-06-04 17:32 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/e81d259442ed Merge Changeset: 53d759eb580c Author: alanb Date: 2011-06-04 11:18 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/53d759eb580c 7050358: (fs spec) Path.toUri doesn't allow custom providers to use opaque URIs Reviewed-by: sherman ! src/share/classes/java/nio/file/Path.java Changeset: 49aef5a5416e Author: mullan Date: 2011-06-04 06:45 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/49aef5a5416e 7050329: test/java/security/Policy/GetPermissions/JarURL.java fails on Windows Reviewed-by: alanb ! test/java/security/Policy/GetPermissions/JarURL.java + test/java/security/Policy/GetPermissions/JarURL.policy Changeset: 1f39ca0b9598 Author: mullan Date: 2011-06-04 06:52 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/1f39ca0b9598 Merge Changeset: 1e04b38b3824 Author: lana Date: 2011-06-04 17:33 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/1e04b38b3824 Merge Changeset: 7a341c412ea9 Author: schien Date: 2011-06-07 14:01 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/7a341c412ea9 Added tag jdk7-b145 for changeset 1e04b38b3824 ! .hgtags Changeset: e7493c32e598 Author: schien Date: 2011-06-08 10:24 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/e7493c32e598 Merge Changeset: ae731399e525 Author: dav Date: 2011-06-07 22:58 +0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/ae731399e525 7048568: Crash in Java_sun_awt_Win32GraphicsEnvironment_isVistaOS Reviewed-by: dcherepanov, art, amenkov ! src/windows/native/sun/windows/awt_Win32GraphicsDevice.cpp Changeset: f08fcae94813 Author: lana Date: 2011-06-10 11:43 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f08fcae94813 Merge Changeset: 6e961c328276 Author: michaelm Date: 2011-06-08 10:56 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/6e961c328276 7050028: ISE "zip file closed" from JarURLConnection.getInputStream on JDK 7 when !useCaches Reviewed-by: chegar, alanb ! src/share/classes/sun/misc/URLClassPath.java + test/java/net/URLClassLoader/B7050028.java Changeset: b6ced5ad7a62 Author: dwanvik Date: 2011-06-10 17:44 +0200 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/b6ced5ad7a62 7046557: Changes to the Java DB README files in JDK7 Summary: Update /README.html with correct mention of Java DB, add JDK specific README files to /db and /demo/db. Reviewed-by: ohair ! make/common/Release.gmk Changeset: 646ab254ff80 Author: lana Date: 2011-06-10 11:44 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/646ab254ff80 Merge Changeset: aca0dc2b921c Author: weijun Date: 2011-02-09 11:50 +0800 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/aca0dc2b921c 6618658: Deserialization allows creation of mutable SignedObject Reviewed-by: hawtin, mullan ! src/share/classes/java/security/SignedObject.java + test/java/security/SignedObject/Correctness.java Changeset: df445f522425 Author: bae Date: 2011-02-17 12:21 +0300 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/df445f522425 7013519: [parfait] Integer overflows in 2D code Reviewed-by: prr, valeriep ! src/share/native/sun/awt/image/jpeg/imageioJPEG.c ! src/share/native/sun/font/layout/SunLayoutEngine.cpp Changeset: ccb2fcfb6d6b Author: chegar Date: 2011-02-18 13:31 +0000 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/ccb2fcfb6d6b 7013969: NetworkInterface.toString can reveal bindings Reviewed-by: alanb, michaelm, hawtin ! src/share/classes/java/net/NetworkInterface.java Changeset: 026adaac71f1 Author: dcherepanov Date: 2011-02-25 15:54 +0300 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/026adaac71f1 7012520: Heap overflow vulnerability in FileDialog.show() Reviewed-by: art, anthony ! src/windows/native/sun/windows/awt_FileDialog.cpp Changeset: d489f00d6c65 Author: flar Date: 2011-03-02 05:35 -0800 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/d489f00d6c65 7016495: Crash in Java 2D transforming an image with scale close to zero Reviewed-by: prr, bae ! src/share/classes/sun/java2d/pipe/DrawImage.java ! src/share/native/sun/java2d/loops/TransformHelper.c + test/java/awt/image/BufferedImage/TinyScale.java Changeset: fe27fe44ac51 Author: ksrini Date: 2011-03-03 14:16 -0800 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/fe27fe44ac51 7016985: (launcher) implement safe secure dll loading Reviewed-by: mchung ! src/windows/bin/java_md.c Changeset: 0efa64f13302 Author: chegar Date: 2011-04-05 14:49 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0efa64f13302 7033865: JDK: Add private API for secure/restrictive loading of system dlls Reviewed-by: alanb ! src/share/native/common/jdk_util.h + src/solaris/native/common/jdk_util_md.h ! src/windows/native/common/jdk_util_md.c + src/windows/native/common/jdk_util_md.h Changeset: 67992a58bfba Author: ksrini Date: 2011-04-05 16:19 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/67992a58bfba 7032593: DLL_LOADING: Upgrade solution to 7016985 to reflect JDK7 solution Reviewed-by: mchung, asaha ! src/windows/bin/java_md.c Changeset: 7181441faf72 Author: dcherepanov Date: 2011-04-08 16:44 +0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/7181441faf72 7003962: AWT: securely load DLLs and launch executables using fully qualified path Reviewed-by: art, bae, alanb ! src/windows/native/sun/java2d/d3d/D3DPipelineManager.cpp ! src/windows/native/sun/java2d/opengl/OGLFuncs_md.h ! src/windows/native/sun/windows/DllUtil.cpp ! src/windows/native/sun/windows/DllUtil.h ! src/windows/native/sun/windows/ShellFolder2.cpp ! src/windows/native/sun/windows/ThemeReader.cpp ! src/windows/native/sun/windows/awt_Mlib.cpp ! src/windows/native/sun/windows/awt_TextArea.cpp ! src/windows/native/sun/windows/awt_TrayIcon.cpp ! src/windows/native/sun/windows/awt_Win32GraphicsEnv.cpp ! src/windows/native/sun/windows/stdhdrs.h Changeset: 05a3923f516f Author: dcherepanov Date: 2011-04-08 17:58 +0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/05a3923f516f 7035077: Minor addition to the changes for 7003962 Reviewed-by: chegar ! src/windows/native/sun/windows/DllUtil.cpp Changeset: afcc1530e68b Author: asaha Date: 2011-04-08 10:27 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/afcc1530e68b Merge - make/java/dyn/Makefile - src/share/classes/java/dyn/CallSite.java - src/share/classes/java/dyn/ClassValue.java - src/share/classes/java/dyn/ConstantCallSite.java - src/share/classes/java/dyn/InvokeDynamic.java - src/share/classes/java/dyn/InvokeDynamicBootstrapError.java - src/share/classes/java/dyn/Linkage.java - src/share/classes/java/dyn/MethodHandle.java - src/share/classes/java/dyn/MethodHandles.java - src/share/classes/java/dyn/MethodType.java - src/share/classes/java/dyn/MethodTypeForm.java - src/share/classes/java/dyn/MutableCallSite.java - src/share/classes/java/dyn/SwitchPoint.java - src/share/classes/java/dyn/VolatileCallSite.java - src/share/classes/java/dyn/WrongMethodTypeException.java - src/share/classes/java/dyn/package-info.java - src/share/classes/sun/dyn/Access.java - src/share/classes/sun/dyn/AdapterMethodHandle.java - src/share/classes/sun/dyn/BoundMethodHandle.java - src/share/classes/sun/dyn/CallSiteImpl.java - src/share/classes/sun/dyn/DirectMethodHandle.java - src/share/classes/sun/dyn/FilterGeneric.java - src/share/classes/sun/dyn/FilterOneArgument.java - src/share/classes/sun/dyn/FromGeneric.java - src/share/classes/sun/dyn/InvokeGeneric.java - src/share/classes/sun/dyn/Invokers.java - src/share/classes/sun/dyn/MemberName.java - src/share/classes/sun/dyn/MethodHandleImpl.java - src/share/classes/sun/dyn/MethodHandleNatives.java - src/share/classes/sun/dyn/MethodTypeImpl.java - src/share/classes/sun/dyn/SpreadGeneric.java - src/share/classes/sun/dyn/ToGeneric.java - src/share/classes/sun/dyn/WrapperInstance.java - src/share/classes/sun/dyn/anon/AnonymousClassLoader.java - src/share/classes/sun/dyn/anon/ConstantPoolParser.java - src/share/classes/sun/dyn/anon/ConstantPoolPatch.java - src/share/classes/sun/dyn/anon/ConstantPoolVisitor.java - src/share/classes/sun/dyn/anon/InvalidConstantPoolFormatException.java - src/share/classes/sun/dyn/empty/Empty.java - src/share/classes/sun/dyn/package-info.java - src/share/classes/sun/dyn/util/BytecodeDescriptor.java - src/share/classes/sun/dyn/util/BytecodeName.java - src/share/classes/sun/dyn/util/ValueConversions.java - src/share/classes/sun/dyn/util/VerifyAccess.java - src/share/classes/sun/dyn/util/VerifyType.java - src/share/classes/sun/dyn/util/Wrapper.java - src/share/classes/sun/dyn/util/package-info.java ! src/share/native/sun/awt/image/jpeg/imageioJPEG.c - test/java/dyn/ClassValueTest.java - test/java/dyn/InvokeDynamicPrintArgs.java - test/java/dyn/InvokeGenericTest.java - test/java/dyn/JavaDocExamplesTest.java - test/java/dyn/MethodHandlesTest.java - test/java/dyn/MethodTypeTest.java - test/java/dyn/indify/Indify.java Changeset: 557bd9b5d92f Author: asaha Date: 2011-04-08 10:31 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/557bd9b5d92f Merge Changeset: e142148d8b54 Author: asaha Date: 2011-04-12 14:23 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/e142148d8b54 Merge - src/share/classes/sun/security/ssl/DefaultSSLContextImpl.java Changeset: 76e0e562b617 Author: dcherepanov Date: 2011-04-15 17:06 +0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/76e0e562b617 7036952: build warning after the changes for 7003962 Reviewed-by: art, bae ! src/windows/native/sun/java2d/opengl/OGLFuncs_md.h Changeset: f8eddc85cc02 Author: zgu Date: 2011-04-15 09:53 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f8eddc85cc02 7003964: SERV: securely load DLLs and launch executables using fully qualified path Summary: Linked in Windows libraries that are available on jdk7 supported platforms, and used GetModuleHandle instead of LoadLibrary for already loaded Dlls. Reviewed-by: dcubed, alanb ! make/com/sun/tools/attach/Makefile ! src/windows/classes/sun/tools/attach/WindowsAttachProvider.java ! src/windows/native/sun/tools/attach/WindowsAttachProvider.c ! src/windows/native/sun/tools/attach/WindowsVirtualMachine.c ! src/windows/native/sun/tracing/dtrace/jvm_symbols_md.c ! src/windows/npt/npt_md.h Changeset: 0865aa0ad9b2 Author: zgu Date: 2011-04-19 10:26 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0865aa0ad9b2 Merge Changeset: 6f8a4d334fb2 Author: asaha Date: 2011-04-20 09:31 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/6f8a4d334fb2 Merge ! make/com/sun/tools/attach/Makefile ! src/share/classes/java/net/NetworkInterface.java ! src/share/native/sun/awt/image/jpeg/imageioJPEG.c ! src/windows/bin/java_md.c ! src/windows/native/sun/windows/awt_TrayIcon.cpp ! src/windows/native/sun/windows/awt_Win32GraphicsEnv.cpp Changeset: f3645b5d6e62 Author: asaha Date: 2011-04-20 21:24 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f3645b5d6e62 Merge Changeset: b626f78c57e1 Author: asaha Date: 2011-04-21 08:38 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/b626f78c57e1 Merge Changeset: cec45f3353be Author: asaha Date: 2011-04-21 08:37 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/cec45f3353be Merge Changeset: 6133c9ee3a01 Author: asaha Date: 2011-04-21 08:39 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/6133c9ee3a01 Merge Changeset: dd06e8d3da91 Author: asaha Date: 2011-04-21 15:43 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/dd06e8d3da91 Merge Changeset: b2295905901a Author: asaha Date: 2011-04-21 16:42 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/b2295905901a Merge - src/share/classes/sun/security/ssl/DefaultSSLContextImpl.java Changeset: 3fedf261fb4f Author: valeriep Date: 2011-04-26 15:59 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/3fedf261fb4f 7003952: SEC: securely load DLLs and launch executables using fully qualified path Summary: Enforce full path when specifying library locations. Reviewed-by: wetmore, ohair ! make/sun/security/pkcs11/Makefile ! src/share/classes/sun/security/pkcs11/Config.java ! src/share/classes/sun/security/pkcs11/Secmod.java ! src/share/native/sun/security/pkcs11/j2secmod.c + test/sun/security/pkcs11/Provider/Absolute.cfg + test/sun/security/pkcs11/Provider/Absolute.java Changeset: 94ea3b8288f1 Author: alexp Date: 2011-05-04 11:35 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/94ea3b8288f1 7020198: ImageIcon creates Component with null acc Reviewed-by: rupashka, hawtin ! src/share/classes/javax/swing/ImageIcon.java Changeset: e6fdfb249e31 Author: asaha Date: 2011-05-04 16:39 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/e6fdfb249e31 Merge - src/share/native/sun/font/layout/Features.h ! src/windows/native/sun/windows/awt_FileDialog.cpp - test/javax/swing/text/GlyphView/6539700/bug6539700.java Changeset: 49244980d692 Author: asaha Date: 2011-05-05 22:29 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/49244980d692 Merge - src/share/classes/sun/security/util/SignatureFileManifest.java Changeset: 647b031200f0 Author: asaha Date: 2011-05-06 14:33 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/647b031200f0 Merge Changeset: 92b5197e9ff5 Author: asaha Date: 2011-05-26 21:37 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/92b5197e9ff5 Merge ! src/windows/native/sun/java2d/d3d/D3DPipelineManager.cpp ! src/windows/native/sun/windows/awt_TrayIcon.cpp Changeset: cca9ea306c6e Author: asaha Date: 2011-05-26 21:51 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/cca9ea306c6e Merge Changeset: dab3e66ebda7 Author: lana Date: 2011-06-06 19:04 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/dab3e66ebda7 Merge Changeset: 9f17be5136d1 Author: wetmore Date: 2011-06-09 14:24 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/9f17be5136d1 7052537: java/security/Security/NotInstalledProviders.java is causing -samevm tests to fail. Reviewed-by: valeriep, asaha, alanb ! test/java/security/Security/NoInstalledProviders.java Changeset: 4961be00d3b5 Author: lana Date: 2011-06-15 16:10 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/4961be00d3b5 Merge Changeset: cf0632d2db2c Author: jrose Date: 2011-06-14 22:47 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/cf0632d2db2c 7052202: JSR 292: Crash in sun.invoke.util.ValueConversions.fillArray Summary: Fix corner cases involving MethodHandles.permuteArguments with long or double argument lists. Reviewed-by: twisti, never ! src/share/classes/java/lang/invoke/AdapterMethodHandle.java ! src/share/classes/java/lang/invoke/MethodHandleImpl.java ! src/share/classes/java/lang/invoke/MethodHandleNatives.java ! src/share/classes/java/lang/invoke/SwitchPoint.java + test/java/lang/invoke/PermuteArgsTest.java Changeset: a65fa0f6717e Author: trims Date: 2011-06-17 16:25 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/a65fa0f6717e Merge Changeset: c46f97579fe6 Author: alanb Date: 2011-06-17 16:47 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/c46f97579fe6 7055508: (aio) EXCEPTION_ACCESS_VIOLATION in AsynchronousSocketChannel.connect on Windows 7 Reviewed-by: chegar ! src/windows/native/sun/nio/ch/WindowsAsynchronousSocketChannelImpl.c Changeset: c102e1221afa Author: lana Date: 2011-06-17 10:27 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/c102e1221afa Merge Changeset: 539e576793a8 Author: lana Date: 2011-06-18 10:12 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/539e576793a8 Merge Changeset: 7b4f4230fecf Author: schien Date: 2011-06-20 16:25 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/7b4f4230fecf Added tag jdk7-b146 for changeset 539e576793a8 ! .hgtags Changeset: f2928d86aab0 Author: schien Date: 2011-06-20 17:38 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f2928d86aab0 Merge Changeset: 5838c5bd185d Author: lana Date: 2011-06-22 23:23 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/5838c5bd185d Merge ! src/share/classes/java/awt/Toolkit.java ! test/java/security/Security/NoInstalledProviders.java Changeset: 5dedb265ba3e Author: lana Date: 2011-06-23 14:56 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/5dedb265ba3e Merge Changeset: b037a8bc1be8 Author: lana Date: 2011-06-23 17:21 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/b037a8bc1be8 Merge From alan.bateman at oracle.com Fri Jun 24 11:32:51 2011 From: alan.bateman at oracle.com (alan.bateman at oracle.com) Date: Fri, 24 Jun 2011 18:32:51 +0000 Subject: hg: jdk8/tl/jdk: 6965150: TEST_BUG: java/nio/channels/AsynchronousSocketChannel/Basic.java takes too long Message-ID: <20110624183316.F009A472D9@hg.openjdk.java.net> Changeset: 0ad50d4ed1cf Author: alanb Date: 2011-06-24 19:30 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/0ad50d4ed1cf 6965150: TEST_BUG: java/nio/channels/AsynchronousSocketChannel/Basic.java takes too long Reviewed-by: chegar ! test/java/nio/channels/AsynchronousSocketChannel/Basic.java From joe.darcy at oracle.com Fri Jun 24 13:52:35 2011 From: joe.darcy at oracle.com (joe.darcy at oracle.com) Date: Fri, 24 Jun 2011 20:52:35 +0000 Subject: hg: jdk8/tl/langtools: 6575445: Update annotation processor to only use java.util.ServiceLoader Message-ID: <20110624205237.9EB87472E2@hg.openjdk.java.net> Changeset: f74e4269a50a Author: darcy Date: 2011-06-24 13:52 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/f74e4269a50a 6575445: Update annotation processor to only use java.util.ServiceLoader Reviewed-by: jjg ! src/share/classes/com/sun/tools/javac/processing/JavacProcessingEnvironment.java ! src/share/classes/com/sun/tools/javac/resources/compiler.properties ! test/tools/javac/diags/examples.not-yet.txt From valerie.peng at oracle.com Fri Jun 24 17:15:56 2011 From: valerie.peng at oracle.com (Valerie (Yu-Ching) Peng) Date: Fri, 24 Jun 2011 17:15:56 -0700 Subject: Review request for 6414899 and 7058133 Message-ID: <4E0528BC.3010704@oracle.com> Vinnie, Can you please review the fixes for the following bugs? 6414899 "P11Digest should support cloning" 7058133 "Javah should use the freshly built classes instead of those from the BOOTDIR jdk" Webrev: http://cr.openjdk.java.net/~valeriep/6414899/webrev.00/ http://cr.openjdk.java.net/~valeriep/7058133/webrev.00/ Well, the Solaris implementation for message digest cloning is quite buggy, so I left the message digest mechanisms disabled. Thanks, Valerie From bradford.wetmore at oracle.com Fri Jun 24 17:43:14 2011 From: bradford.wetmore at oracle.com (Brad Wetmore) Date: Fri, 24 Jun 2011 17:43:14 -0700 Subject: Code review request: 7057022 test/sun/security/pkcs11/fips/ClientJSSEServerJSSE.java has invalid jtreg tags In-Reply-To: <4E0339A9.7010306@oracle.com> References: <4E02B858.7050104@oracle.com> <4E0339A9.7010306@oracle.com> Message-ID: <4E052F22.6070108@oracle.com> Ditto. brad On 6/23/2011 6:03 AM, Sean Mullan wrote: > Looks good. > > --Sean > > On 6/22/11 11:51 PM, Xuelei Fan wrote: >> bug detail: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7057022 >> webrev: http://cr.openjdk.java.net/~xuelei/7057022/webrev.00/ >> >> Thanks, >> Xuelei From mike.duigou at oracle.com Sat Jun 25 12:00:26 2011 From: mike.duigou at oracle.com (mike.duigou at oracle.com) Date: Sat, 25 Jun 2011 12:00:26 -0700 (PDT) Subject: Auto Reply: security-dev Digest, Vol 48, Issue 25 Message-ID: I am on vacation until July 11, 2011. For urgent matters contact my manager frances.ho at oracle.com or for very urgent matters call my cell phone at five one zero nine one eight five seven two zero. From michael.x.mcmahon at oracle.com Mon Jun 27 04:16:56 2011 From: michael.x.mcmahon at oracle.com (michael.x.mcmahon at oracle.com) Date: Mon, 27 Jun 2011 11:16:56 +0000 Subject: hg: jdk8/tl/jdk: 7059777: Remove lang tests from Problemlist.txt Message-ID: <20110627111719.E2DF647365@hg.openjdk.java.net> Changeset: 113c75db6c8b Author: michaelm Date: 2011-06-27 12:15 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/113c75db6c8b 7059777: Remove lang tests from Problemlist.txt Reviewed-by: alanb ! test/ProblemList.txt From kumar.x.srinivasan at oracle.com Mon Jun 27 12:22:43 2011 From: kumar.x.srinivasan at oracle.com (kumar.x.srinivasan at oracle.com) Date: Mon, 27 Jun 2011 19:22:43 +0000 Subject: hg: jdk8/tl/jdk: 7046007: (launcher) Improve usage information for -verbose option Message-ID: <20110627192308.E9DB347377@hg.openjdk.java.net> Changeset: a053c28304e8 Author: ksrini Date: 2011-06-27 12:21 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/a053c28304e8 7046007: (launcher) Improve usage information for -verbose option Reviewed-by: darcy, alanb ! src/share/classes/sun/launcher/resources/launcher.properties From xuelei.fan at oracle.com Mon Jun 27 18:29:43 2011 From: xuelei.fan at oracle.com (Xuelei Fan) Date: Tue, 28 Jun 2011 09:29:43 +0800 Subject: Code review request: 7059709, java/jsse, close the IO in a final block Message-ID: <4E092E87.5050904@oracle.com> webrev: http://cr.openjdk.java.net/~xuelei/7059709/webrev.00/ Thanks, Xuelei From dfpomeroy at gmail.com Mon Jun 27 20:59:21 2011 From: dfpomeroy at gmail.com (David Pomeroy) Date: Mon, 27 Jun 2011 20:59:21 -0700 Subject: sun.security.provider.certpath.DistributionPointFetcher Message-ID: Hello All, I am trying to get a servlet to download and check a CRL. The CRLDP is in the client's certificate and the CRL is marked "indirect CRL" so that it can be signed by a different key than the client cert issuer. The following block of code is invoked but the DistributionPointFetcher can't seem to build a valid path and a CRLException is thrown. My assumption was this would work if I included the CRL signing certificate in my truststore. What I find odd while stepping through this in a debugger is that the "certStores" object contains only the client certificate which is to be validated, so it makes sense that X509CertSelector doesn't find the right cert in there. Has anyone got indirect CRLs validated before? I'd be interested in the details of a test setup that works. I can provide more details of my test setup if necessary. Thanks, David // Obtain and validate the certification path for the complete // CRL issuer (if indirect CRL). If a key usage extension is present // in the CRL issuer's certificate, verify that the cRLSign bit is set. if (indirectCRL) { X509CertSelector certSel = new X509CertSelector(); certSel.setSubject(crlIssuer.asX500Principal()); boolean[] crlSign = {false,false,false,false,false,false,true}; certSel.setKeyUsage(crlSign); PKIXBuilderParameters params = null; try { params = new PKIXBuilderParameters (Collections.singleton(anchor), certSel); } catch (InvalidAlgorithmParameterException iape) { throw new CRLException(iape); } params.setCertStores(certStores); params.setSigProvider(provider); try { CertPathBuilder builder = CertPathBuilder.getInstance("PKIX"); PKIXCertPathBuilderResult result = (PKIXCertPathBuilderResult) builder.build(params); prevKey = result.getPublicKey(); } catch (Exception e) { throw new CRLException(e); } } -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.openjdk.java.net/pipermail/security-dev/attachments/20110627/caf92c06/attachment.html From Xuelei.Fan at Oracle.Com Mon Jun 27 22:05:05 2011 From: Xuelei.Fan at Oracle.Com (Xuelei.Fan at Oracle.Com) Date: Tue, 28 Jun 2011 13:05:05 +0800 Subject: sun.security.provider.certpath.DistributionPointFetcher In-Reply-To: References: Message-ID: <613F86DC-EF47-4936-967B-2538BB3FCD1B@Oracle.Com> Can you provide the code to reproduce the exception? Or is it possible attach the CertPath building debugger log? Xuelei On Jun 28, 2011, at 11:59 AM, David Pomeroy wrote: > Hello All, > > I am trying to get a servlet to download and check a CRL. The CRLDP is in the client's certificate and the CRL is marked "indirect CRL" so that it can be signed by a different key than the client cert issuer. The following block of code is invoked but the DistributionPointFetcher can't seem to build a valid path and a CRLException is thrown. My assumption was this would work if I included the CRL signing certificate in my truststore. What I find odd while stepping through this in a debugger is that the "certStores" object contains only the client certificate which is to be validated, so it makes sense that X509CertSelector doesn't find the right cert in there. > > Has anyone got indirect CRLs validated before? I'd be interested in the details of a test setup that works. I can provide more details of my test setup if necessary. > > Thanks, David > > > // Obtain and validate the certification path for the complete > // CRL issuer (if indirect CRL). If a key usage extension is present > // in the CRL issuer's certificate, verify that the cRLSign bit is set. > if (indirectCRL) { > X509CertSelector certSel = new X509CertSelector(); > certSel.setSubject(crlIssuer.asX500Principal()); > boolean[] crlSign = {false,false,false,false,false,false,true}; > certSel.setKeyUsage(crlSign); > PKIXBuilderParameters params = null; > try { > params = new PKIXBuilderParameters > (Collections.singleton(anchor), certSel); > } catch (InvalidAlgorithmParameterException iape) { > throw new CRLException(iape); > } > params.setCertStores(certStores); > params.setSigProvider(provider); > try { > CertPathBuilder builder = CertPathBuilder.getInstance("PKIX"); > PKIXCertPathBuilderResult result = > (PKIXCertPathBuilderResult) builder.build(params); > prevKey = result.getPublicKey(); > } catch (Exception e) { > throw new CRLException(e); > } > } From david.holmes at oracle.com Tue Jun 28 00:48:59 2011 From: david.holmes at oracle.com (david.holmes at oracle.com) Date: Tue, 28 Jun 2011 07:48:59 +0000 Subject: hg: jdk8/tl/jdk: 7039182: PPC: NIO: java.io.IOException: Invalid argument in sun.nio.ch.FileDispatcherImpl.read0 Message-ID: <20110628074919.BA2E5473A9@hg.openjdk.java.net> Changeset: 3abc52f0a4dc Author: dholmes Date: 2011-06-27 20:13 -0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/3abc52f0a4dc 7039182: PPC: NIO: java.io.IOException: Invalid argument in sun.nio.ch.FileDispatcherImpl.read0 Summary: Allow platform specific files to be located at build time instead of generating them Reviewed-by: alanb, ohair ! make/common/Defs-embedded.gmk ! make/java/nio/Makefile From michael.x.mcmahon at oracle.com Tue Jun 28 02:10:45 2011 From: michael.x.mcmahon at oracle.com (michael.x.mcmahon at oracle.com) Date: Tue, 28 Jun 2011 09:10:45 +0000 Subject: hg: jdk8/tl/jdk: 2 new changesets Message-ID: <20110628091105.E2810473AD@hg.openjdk.java.net> Changeset: 7b5a0a141b8b Author: michaelm Date: 2011-06-28 10:07 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/7b5a0a141b8b 7058832: com/sun/net/httpserver/bugs/B6373555.java failing intermittently Reviewed-by: alanb ! test/com/sun/net/httpserver/bugs/B6373555.java Changeset: 585cc4a4528d Author: michaelm Date: 2011-06-28 10:09 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/585cc4a4528d Merge From sean.mullan at oracle.com Tue Jun 28 05:46:01 2011 From: sean.mullan at oracle.com (Sean Mullan) Date: Tue, 28 Jun 2011 08:46:01 -0400 Subject: sun.security.provider.certpath.DistributionPointFetcher In-Reply-To: <613F86DC-EF47-4936-967B-2538BB3FCD1B@Oracle.Com> References: <613F86DC-EF47-4936-967B-2538BB3FCD1B@Oracle.Com> Message-ID: <4E09CD09.2040406@oracle.com> Are you using JDK 7? There were some bugs fixed with indirect CRLs in JDK 7. Also, make sure you set the system property com.sun.security.enableCRLDP to the value true when running, ex: java -Dcom.sun.security.enableCRLDP=true ... --Sean On 6/28/11 1:05 AM, Xuelei.Fan at Oracle.Com wrote: > Can you provide the code to reproduce the exception? Or is it possible attach > the CertPath building debugger log? > > Xuelei > > On Jun 28, 2011, at 11:59 AM, David Pomeroy wrote: > >> Hello All, >> >> I am trying to get a servlet to download and check a CRL. The CRLDP is in >> the client's certificate and the CRL is marked "indirect CRL" so that it >> can be signed by a different key than the client cert issuer. The >> following block of code is invoked but the DistributionPointFetcher can't >> seem to build a valid path and a CRLException is thrown. My assumption was >> this would work if I included the CRL signing certificate in my truststore. >> What I find odd while stepping through this in a debugger is that the >> "certStores" object contains only the client certificate which is to be >> validated, so it makes sense that X509CertSelector doesn't find the right >> cert in there. >> >> Has anyone got indirect CRLs validated before? I'd be interested in the >> details of a test setup that works. I can provide more details of my test >> setup if necessary. >> >> Thanks, David >> >> >> // Obtain and validate the certification path for the complete // CRL >> issuer (if indirect CRL). If a key usage extension is present // in the CRL >> issuer's certificate, verify that the cRLSign bit is set. if (indirectCRL) >> { X509CertSelector certSel = new X509CertSelector(); >> certSel.setSubject(crlIssuer.asX500Principal()); boolean[] crlSign = >> {false,false,false,false,false,false,true}; certSel.setKeyUsage(crlSign); >> PKIXBuilderParameters params = null; try { params = new >> PKIXBuilderParameters (Collections.singleton(anchor), certSel); } catch >> (InvalidAlgorithmParameterException iape) { throw new CRLException(iape); >> } params.setCertStores(certStores); params.setSigProvider(provider); try { >> CertPathBuilder builder = CertPathBuilder.getInstance("PKIX"); >> PKIXCertPathBuilderResult result = (PKIXCertPathBuilderResult) >> builder.build(params); prevKey = result.getPublicKey(); } catch (Exception >> e) { throw new CRLException(e); } } From dfpomeroy at gmail.com Tue Jun 28 09:57:22 2011 From: dfpomeroy at gmail.com (David Pomeroy) Date: Tue, 28 Jun 2011 09:57:22 -0700 Subject: sun.security.provider.certpath.DistributionPointFetcher In-Reply-To: <613F86DC-EF47-4936-967B-2538BB3FCD1B@Oracle.Com> References: <613F86DC-EF47-4936-967B-2538BB3FCD1B@Oracle.Com> Message-ID: Hi Xuelei, Attached is the certpath debug output. Here is some more info about my test setup. Dev Root CA issued Dev Sub CA Dev Sub CA issued client cert Dev Root CA issued Dev Crl Server cert Crl is issued by Dev Crl Server, URL is http://localhost/crl.crl Dev Root CA, Dev Sub CA, and Dev Crl Server have all been added to the server's truststore. I have specified the issuer distribution point in the CRL, onlyContainsUserCerts=true, onlyContainsCACerts=false, indirectCRL=true, onlyContainsAttributeCerts=false The client cert specifies crlIssuer=Dev Crl Server. Thanks, Dave On Mon, Jun 27, 2011 at 10:05 PM, Xuelei.Fan at Oracle.Com < Xuelei.Fan at oracle.com> wrote: > Can you provide the code to reproduce the exception? Or is it possible > attach the CertPath building debugger log? > > Xuelei > > On Jun 28, 2011, at 11:59 AM, David Pomeroy wrote: > > > Hello All, > > > > I am trying to get a servlet to download and check a CRL. The CRLDP is > in the client's certificate and the CRL is marked "indirect CRL" so that it > can be signed by a different key than the client cert issuer. The following > block of code is invoked but the DistributionPointFetcher can't seem to > build a valid path and a CRLException is thrown. My assumption was this > would work if I included the CRL signing certificate in my truststore. What > I find odd while stepping through this in a debugger is that the > "certStores" object contains only the client certificate which is to be > validated, so it makes sense that X509CertSelector doesn't find the right > cert in there. > > > > Has anyone got indirect CRLs validated before? I'd be interested in the > details of a test setup that works. I can provide more details of my test > setup if necessary. > > > > Thanks, David > > > > > > // Obtain and validate the certification path for the complete > > // CRL issuer (if indirect CRL). If a key usage extension is > present > > // in the CRL issuer's certificate, verify that the cRLSign bit > is set. > > if (indirectCRL) { > > X509CertSelector certSel = new X509CertSelector(); > > certSel.setSubject(crlIssuer.asX500Principal()); > > boolean[] crlSign = > {false,false,false,false,false,false,true}; > > certSel.setKeyUsage(crlSign); > > PKIXBuilderParameters params = null; > > try { > > params = new PKIXBuilderParameters > > (Collections.singleton(anchor), certSel); > > } catch (InvalidAlgorithmParameterException iape) { > > throw new CRLException(iape); > > } > > params.setCertStores(certStores); > > params.setSigProvider(provider); > > try { > > CertPathBuilder builder = > CertPathBuilder.getInstance("PKIX"); > > PKIXCertPathBuilderResult result = > > (PKIXCertPathBuilderResult) builder.build(params); > > prevKey = result.getPublicKey(); > > } catch (Exception e) { > > throw new CRLException(e); > > } > > } > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.openjdk.java.net/pipermail/security-dev/attachments/20110628/5c5f9762/attachment.html -------------- next part -------------- certpath: PKIXCertPathValidator.engineValidate()... certpath: PKIXCertPathValidator.engineValidate() reversing certpath... certpath: PKIXCertPathValidator.engineValidate() anchor.getTrustedCert() != null certpath: PKIXCertPathValidator.isWorthTrying() checking if this trusted cert is worth trying ... certpath: NO - don't try this trustedCert certpath: PKIXCertPathValidator.engineValidate() anchor.getTrustedCert() != null certpath: PKIXCertPathValidator.isWorthTrying() checking if this trusted cert is worth trying ... certpath: NO - don't try this trustedCert certpath: PKIXCertPathValidator.engineValidate() anchor.getTrustedCert() != null certpath: PKIXCertPathValidator.isWorthTrying() checking if this trusted cert is worth trying ... certpath: YES - try this trustedCert certpath: anchor.getTrustedCert().getSubjectX500Principal() = CN=Dev Sub CA certpath: -------------------------------------------------------------- certpath: Executing PKIX certification path validation algorithm. certpath: Checking cert1 ... certpath: Set of critical extensions: certpath: 2.5.29.15 certpath: 2.5.29.37 certpath: 2.5.29.19 certpath: -Using checker1 ... [sun.security.provider.certpath.AlgorithmChecker] certpath: -checker1 validation succeeded certpath: -Using checker2 ... [sun.security.provider.certpath.KeyChecker] certpath: -checker2 validation succeeded certpath: -Using checker3 ... [sun.security.provider.certpath.ConstraintsChecker] certpath: ---checking basic constraints... certpath: i = 1 certpath: maxPathLength = 1 certpath: after processing, maxPathLength = 1 certpath: basic constraints verified. certpath: ---checking name constraints... certpath: prevNC = null certpath: newNC = null certpath: mergedNC = null certpath: name constraints verified. certpath: -checker3 validation succeeded certpath: -Using checker4 ... [sun.security.provider.certpath.PolicyChecker] certpath: PolicyChecker.checkPolicy() ---checking certificate policies... certpath: PolicyChecker.checkPolicy() certIndex = 1 certpath: PolicyChecker.checkPolicy() BEFORE PROCESSING: explicitPolicy = 2 certpath: PolicyChecker.checkPolicy() BEFORE PROCESSING: policyMapping = 2 certpath: PolicyChecker.checkPolicy() BEFORE PROCESSING: inhibitAnyPolicy = 2 certpath: PolicyChecker.checkPolicy() BEFORE PROCESSING: policyTree = anyPolicy ROOT certpath: PolicyChecker.processPolicies() no policies present in cert certpath: PolicyChecker.checkPolicy() AFTER PROCESSING: explicitPolicy = 2 certpath: PolicyChecker.checkPolicy() AFTER PROCESSING: policyMapping = 2 certpath: PolicyChecker.checkPolicy() AFTER PROCESSING: inhibitAnyPolicy = 2 certpath: PolicyChecker.checkPolicy() AFTER PROCESSING: policyTree = null certpath: PolicyChecker.checkPolicy() certificate policies verified certpath: -checker4 validation succeeded certpath: -Using checker5 ... [sun.security.provider.certpath.BasicChecker] certpath: ---checking timestamp:Tue Jun 28 09:14:19 PDT 2011... certpath: timestamp verified. certpath: ---checking subject/issuer name chaining... certpath: subject/issuer name chaining verified. certpath: ---checking signature... certpath: signature verified. certpath: BasicChecker.updateState issuer: CN=Dev Sub CA; subject: CN=234159080345657; serial#: 1250 certpath: -checker5 validation succeeded certpath: -Using checker6 ... [sun.security.provider.certpath.CrlRevocationChecker] certpath: CrlRevocationChecker.verifyRevocationStatus() ---checking revocation status... certpath: DistributionPointFetcher.getCRLs: Checking CRLDPs for CN=234159080345657 certpath: Trying to fetch CRL from DP http://localhost/crl.crl certpath: CertStore URI:http://localhost/crl.crl certpath: Downloading new CRL... certpath: idpName: URIName: http://localhost/crl.crl certpath: pointName: URIName: http://localhost/crl.crl certpath: SunCertPathBuilder.engineBuild([ [ Trust Anchors: [[ Trusted CA cert: [ [ Version: V3 Subject: CN=Dev Sub CA Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5 Key: Sun RSA public key, 2048 bits modulus: 31696243932874256364335990637094427770482150137369453879629054046277594694178299662030613175940051336592870418113037419713357290194638536691606561721465520703526043819995453182453582996601875791731978172486235451952100860390268691062261564472533003331397217240833053175303404082306509973352439625645600600400408333148563265268164313890699450748266186324338577359913955542853478283626859231040995581139161097669581270909389409188385131437359048571882558660942248026022064839125345179031998211043815799677884832277271147572182551216847408958538553541983556420628304268943945349378863098906567967665152779703018233229929 public exponent: 65537 Validity: [From: Sat Jun 25 14:32:02 PDT 2011, To: Sat Aug 24 14:32:02 PDT 2030] Issuer: CN=Dev Root CA SerialNumber: [ 01f4] Certificate Extensions: 2 [1]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ Key_CertSign Crl_Sign ] [2]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:true PathLen:0 ] ] Algorithm: [SHA1withRSA] Signature: 0000: 18 8C C1 CA 2D F8 C4 3B AC F2 F4 29 87 70 E9 BE ....-..;...).p.. 0010: BF 55 69 BC 50 17 37 7A 94 10 05 64 D9 58 5E 8F .Ui.P.7z...d.X^. 0020: 56 9C 38 F6 C8 E6 F9 08 DF 86 B0 E7 1A 4D 0A 8E V.8..........M.. 0030: 85 E6 BE F4 D4 90 CF B5 AD D4 49 77 DC FE 51 7C ..........Iw..Q. 0040: A8 07 AB 07 30 52 1A 91 4C 9F 65 67 BF 74 73 C1 ....0R..L.eg.ts. 0050: 8A E6 E7 64 19 40 1B 01 66 A1 F0 9D 15 FE F4 E5 ...d. at ..f....... 0060: C3 79 50 53 FF 6D BD A3 06 46 5B 87 79 E5 DE BB .yPS.m...F[.y... 0070: 94 2B 1E 8B 4C DF A3 EA CD C0 D4 F9 41 3B CA BE .+..L.......A;.. 0080: 18 AC 8F 50 03 94 9A EF A1 6E 05 75 C4 E3 EC E8 ...P.....n.u.... 0090: 85 79 CE 6C 31 70 27 93 9E 51 16 67 A1 81 1B C7 .y.l1p'..Q.g.... 00A0: 3F DC FD E5 01 21 9C 21 44 71 7B A9 57 F8 57 79 ?....!.!Dq..W.Wy 00B0: 45 6F 37 5F F8 A4 DE CA 0A 06 7C C3 8B 94 22 67 Eo7_.........."g 00C0: 9A 93 8B D2 51 E6 3F 1F 09 24 A8 23 70 04 95 F7 ....Q.?..$.#p... 00D0: 48 42 F6 D2 D2 54 43 E9 0F C9 04 85 5E EA 46 31 HB...TC.....^.F1 00E0: 8A CF E8 F3 9C 76 D2 DE 9B ED F7 1C 15 C1 02 05 .....v.......... 00F0: D7 ED 18 6B 74 CC 80 9D 2F 3D BF EC 24 20 00 E6 ...kt.../=..$ .. ] ] Initial Policy OIDs: any Validity Date: null Signature Provider: null Default Revocation Enabled: true Explicit Policy Required: false Policy Mapping Inhibited: false Any Policy Inhibited: false Policy Qualifiers Rejected: true Target Cert Constraints: X509CertSelector: [ Subject: CN=Dev CRL Server, matchAllSubjectAltNames flag: true Key Usage: KeyUsage [ Crl_Sign ] ] Certification Path Checkers: [[]] CertStores: [[java.security.cert.CertStore at e4b3b8]] ] Maximum Path Length: 5 ] ) certpath: SunCertPathBuilder.buildForward()... certpath: SunCertPathBuilder.depthFirstSearchForward(CN=Dev CRL Server, State [ issuerDN of last cert: null traversedCACerts: 0 init: true keyParamsNeeded: false subjectNamesTraversed: []] ) certpath: ForwardBuilder.getMatchingCerts()... certpath: ForwardBuilder.getMatchingEECerts()... certpath: X509CertSelector.match(SN: 4e2 Issuer: CN=Dev Sub CA Subject: CN=234159080345657) certpath: X509CertSelector.match: subject DNs don't match certpath: ForwardBuilder.getMatchingCACerts()... certpath: ForwardBuilder.getMatchingCACerts(): ca is target certpath: X509CertSelector.match(SN: 1f4 Issuer: CN=Dev Root CA Subject: CN=Dev Sub CA) certpath: X509CertSelector.match: subject DNs don't match certpath: X509CertSelector.match(SN: 4e2 Issuer: CN=Dev Sub CA Subject: CN=234159080345657) certpath: X509CertSelector.match: subject DNs don't match certpath: ForwardBuilder.getMatchingCACerts: found 0 CA certs certpath: SunCertPathBuilder.depthFirstSearchForward(): certs.size=0 certpath: SunCertPathBuilder.engineBuild: 2nd pass certpath: SunCertPathBuilder.buildForward()... certpath: SunCertPathBuilder.depthFirstSearchForward(CN=Dev CRL Server State [ issuerDN of last cert: null traversedCACerts: 0 init: true keyParamsNeeded: false subjectNamesTraversed: []] ) certpath: ForwardBuilder.getMatchingCerts()... certpath: ForwardBuilder.getMatchingEECerts()... certpath: X509CertSelector.match(SN: 4e2 Issuer: CN=Dev Sub CA Subject: CN=234159080345657) certpath: X509CertSelector.match: subject DNs don't match certpath: ForwardBuilder.getMatchingCACerts()... certpath: ForwardBuilder.getMatchingCACerts(): ca is target certpath: X509CertSelector.match(SN: 1f4 Issuer: CN=Dev Root CA Subject: CN=Dev Sub CA) certpath: X509CertSelector.match: subject DNs don't match certpath: X509CertSelector.match(SN: 4e2 Issuer: CN=Dev Sub CA Subject: CN=234159080345657) certpath: X509CertSelector.match: subject DNs don't match certpath: ForwardBuilder.getMatchingCACerts: found 0 CA certs certpath: SunCertPathBuilder.depthFirstSearchForward(): certs.size=0 certpath: Exception verifying CRL: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target java.security.cert.CRLException: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.provider.certpath.DistributionPointFetcher.verifyCRL(DistributionPointFetcher.java:540) at sun.security.provider.certpath.DistributionPointFetcher.getCRLs(DistributionPointFetcher.java:195) at sun.security.provider.certpath.DistributionPointFetcher.getCRLs(DistributionPointFetcher.java:121) at sun.security.provider.certpath.CrlRevocationChecker.verifyRevocationStatus(CrlRevocationChecker.java:309) at sun.security.provider.certpath.CrlRevocationChecker.verifyRevocationStatus(CrlRevocationChecker.java:248) at sun.security.provider.certpath.CrlRevocationChecker.check(CrlRevocationChecker.java:189) at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:131) at sun.security.provider.certpath.PKIXCertPathValidator.doValidate(PKIXCertPathValidator.java:325) at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:187) at java.security.cert.CertPathValidator.validate(CertPathValidator.java:267) at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:283) at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:271) at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191) at sun.security.validator.Validator.validate(Validator.java:235) at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:147) at sun.security.ssl.X509TrustManagerImpl.checkClientTrusted(X509TrustManagerImpl.java:188) at sun.security.ssl.X509TrustManagerImpl.checkClientTrusted(X509TrustManagerImpl.java:258) at sun.security.ssl.ServerHandshaker.clientCertificate(ServerHandshaker.java:1414) at sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:179) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:610) at sun.security.ssl.Handshaker$1.run(Handshaker.java:550) at sun.security.ssl.Handshaker$1.run(Handshaker.java:548) at java.security.AccessController.doPrivileged(Native Method) at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:969) ************ at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603) at java.lang.Thread.run(Thread.java:636) Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:197) at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:255) at sun.security.provider.certpath.DistributionPointFetcher.verifyCRL(DistributionPointFetcher.java:536) ... 43 more certpath: Returning 0 CRLs certpath: CrlRevocationChecker.verifyRevocationStatus() crls.size() = 0 certpath: CrlRevocationChecker.verifyRevocationStatus() approved crls.size() = 0 certpath: CrlRevocationChecker.verifyWithSeparateSigningKey() ---checking revocation status... certpath: CrlRevocationChecker.buildToNewKey() starting work certpath: CrlRevocationChecker.buildToNewKey() about to try build ... certpath: SunCertPathBuilder.engineBuild([ [ Trust Anchors: [[ Trusted CA cert: [ [ Version: V3 Subject: CN=Dev Sub CA Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5 Key: Sun RSA public key, 2048 bits modulus: 31696243932874256364335990637094427770482150137369453879629054046277594694178299662030613175940051336592870418113037419713357290194638536691606561721465520703526043819995453182453582996601875791731978172486235451952100860390268691062261564472533003331397217240833053175303404082306509973352439625645600600400408333148563265268164313890699450748266186324338577359913955542853478283626859231040995581139161097669581270909389409188385131437359048571882558660942248026022064839125345179031998211043815799677884832277271147572182551216847408958538553541983556420628304268943945349378863098906567967665152779703018233229929 public exponent: 65537 Validity: [From: Sat Jun 25 14:32:02 PDT 2011, To: Sat Aug 24 14:32:02 PDT 2030] Issuer: CN=Dev Root CA SerialNumber: [ 01f4] Certificate Extensions: 2 [1]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ Key_CertSign Crl_Sign ] [2]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:true PathLen:0 ] ] Algorithm: [SHA1withRSA] Signature: 0000: 18 8C C1 CA 2D F8 C4 3B AC F2 F4 29 87 70 E9 BE ....-..;...).p.. 0010: BF 55 69 BC 50 17 37 7A 94 10 05 64 D9 58 5E 8F .Ui.P.7z...d.X^. 0020: 56 9C 38 F6 C8 E6 F9 08 DF 86 B0 E7 1A 4D 0A 8E V.8..........M.. 0030: 85 E6 BE F4 D4 90 CF B5 AD D4 49 77 DC FE 51 7C ..........Iw..Q. 0040: A8 07 AB 07 30 52 1A 91 4C 9F 65 67 BF 74 73 C1 ....0R..L.eg.ts. 0050: 8A E6 E7 64 19 40 1B 01 66 A1 F0 9D 15 FE F4 E5 ...d. at ..f....... 0060: C3 79 50 53 FF 6D BD A3 06 46 5B 87 79 E5 DE BB .yPS.m...F[.y... 0070: 94 2B 1E 8B 4C DF A3 EA CD C0 D4 F9 41 3B CA BE .+..L.......A;.. 0080: 18 AC 8F 50 03 94 9A EF A1 6E 05 75 C4 E3 EC E8 ...P.....n.u.... 0090: 85 79 CE 6C 31 70 27 93 9E 51 16 67 A1 81 1B C7 .y.l1p'..Q.g.... 00A0: 3F DC FD E5 01 21 9C 21 44 71 7B A9 57 F8 57 79 ?....!.!Dq..W.Wy 00B0: 45 6F 37 5F F8 A4 DE CA 0A 06 7C C3 8B 94 22 67 Eo7_.........."g 00C0: 9A 93 8B D2 51 E6 3F 1F 09 24 A8 23 70 04 95 F7 ....Q.?..$.#p... 00D0: 48 42 F6 D2 D2 54 43 E9 0F C9 04 85 5E EA 46 31 HB...TC.....^.F1 00E0: 8A CF E8 F3 9C 76 D2 DE 9B ED F7 1C 15 C1 02 05 .....v.......... 00F0: D7 ED 18 6B 74 CC 80 9D 2F 3D BF EC 24 20 00 E6 ...kt.../=..$ .. ] ] Initial Policy OIDs: any Validity Date: null Signature Provider: null Default Revocation Enabled: false Explicit Policy Required: false Policy Mapping Inhibited: false Any Policy Inhibited: false Policy Qualifiers Rejected: true Target Cert Constraints: RejectCertSelector: [ X509CertSelector: [ Subject: CN=Dev Sub CA, matchAllSubjectAltNames flag: true Key Usage: KeyUsage [ Crl_Sign ] ][Sun RSA public key, 2048 bits modulus: 31696243932874256364335990637094427770482150137369453879629054046277594694178299662030613175940051336592870418113037419713357290194638536691606561721465520703526043819995453182453582996601875791731978172486235451952100860390268691062261564472533003331397217240833053175303404082306509973352439625645600600400408333148563265268164313890699450748266186324338577359913955542853478283626859231040995581139161097669581270909389409188385131437359048571882558660942248026022064839125345179031998211043815799677884832277271147572182551216847408958538553541983556420628304268943945349378863098906567967665152779703018233229929 public exponent: 65537]] Certification Path Checkers: [[]] CertStores: [[]] ] Maximum Path Length: 5 ] ) certpath: SunCertPathBuilder.buildForward()... certpath: SunCertPathBuilder.depthFirstSearchForward(CN=Dev Sub CA State [ issuerDN of last cert: null traversedCACerts: 0 init: true keyParamsNeeded: false subjectNamesTraversed: []] ) certpath: ForwardBuilder.getMatchingCerts()... certpath: ForwardBuilder.getMatchingEECerts()... certpath: ForwardBuilder.getMatchingCACerts()... certpath: ForwardBuilder.getMatchingCACerts(): ca is target certpath: X509CertSelector.match(SN: 1f4 Issuer: CN=Dev Root CA Subject: CN=Dev Sub CA) certpath: X509CertSelector.match returning: true certpath: RejectCertSelector.match: bad key certpath: ForwardBuilder.getMatchingCACerts: found 0 CA certs certpath: SunCertPathBuilder.depthFirstSearchForward(): certs.size=0 certpath: SunCertPathBuilder.engineBuild: 2nd pass certpath: SunCertPathBuilder.buildForward()... certpath: SunCertPathBuilder.depthFirstSearchForward(CN=Dev Sub CA State [ issuerDN of last cert: null traversedCACerts: 0 init: true keyParamsNeeded: false subjectNamesTraversed: []] ) certpath: ForwardBuilder.getMatchingCerts()... certpath: ForwardBuilder.getMatchingEECerts()... certpath: ForwardBuilder.getMatchingCACerts()... certpath: ForwardBuilder.getMatchingCACerts(): ca is target certpath: X509CertSelector.match(SN: 1f4 Issuer: CN=Dev Root CA Subject: CN=Dev Sub CA) certpath: X509CertSelector.match returning: true certpath: RejectCertSelector.match: bad key certpath: ForwardBuilder.getMatchingCACerts: found 0 CA certs certpath: SunCertPathBuilder.depthFirstSearchForward(): certs.size=0 From xuelei.fan at oracle.com Tue Jun 28 10:01:24 2011 From: xuelei.fan at oracle.com (Xuelei Fan) Date: Wed, 29 Jun 2011 01:01:24 +0800 Subject: sun.security.provider.certpath.DistributionPointFetcher In-Reply-To: References: <613F86DC-EF47-4936-967B-2538BB3FCD1B@Oracle.Com> Message-ID: <4E0A08E4.2060305@oracle.com> Thanks for the feedback, I will look into the log If I can get some time tomorrow. Thanks, Xuelei On 6/29/2011 12:57 AM, David Pomeroy wrote: > Hi Xuelei, > > Attached is the certpath debug output. > > Here is some more info about my test setup. > > Dev Root CA issued Dev Sub CA > Dev Sub CA issued client cert > Dev Root CA issued Dev Crl Server cert > Crl is issued by Dev Crl Server, URL is http://localhost/crl.crl > Dev Root CA, Dev Sub CA, and Dev Crl Server have all been added to the > server's truststore. > > I have specified the issuer distribution point in the CRL, > onlyContainsUserCerts=true, onlyContainsCACerts=false, indirectCRL=true, > onlyContainsAttributeCerts=false > > The client cert specifies crlIssuer=Dev Crl Server. > > Thanks, Dave > > > On Mon, Jun 27, 2011 at 10:05 PM, Xuelei.Fan at Oracle.Com > > wrote: > > Can you provide the code to reproduce the exception? Or is it > possible attach the CertPath building debugger log? > > Xuelei > > On Jun 28, 2011, at 11:59 AM, David Pomeroy > wrote: > > > Hello All, > > > > I am trying to get a servlet to download and check a CRL. The > CRLDP is in the client's certificate and the CRL is marked "indirect > CRL" so that it can be signed by a different key than the client > cert issuer. The following block of code is invoked but the > DistributionPointFetcher can't seem to build a valid path and a > CRLException is thrown. My assumption was this would work if I > included the CRL signing certificate in my truststore. What I find > odd while stepping through this in a debugger is that the > "certStores" object contains only the client certificate which is to > be validated, so it makes sense that X509CertSelector doesn't find > the right cert in there. > > > > Has anyone got indirect CRLs validated before? I'd be interested > in the details of a test setup that works. I can provide more > details of my test setup if necessary. > > > > Thanks, David > > > > > > // Obtain and validate the certification path for the complete > > // CRL issuer (if indirect CRL). If a key usage extension > is present > > // in the CRL issuer's certificate, verify that the > cRLSign bit is set. > > if (indirectCRL) { > > X509CertSelector certSel = new X509CertSelector(); > > certSel.setSubject(crlIssuer.asX500Principal()); > > boolean[] crlSign = > {false,false,false,false,false,false,true}; > > certSel.setKeyUsage(crlSign); > > PKIXBuilderParameters params = null; > > try { > > params = new PKIXBuilderParameters > > (Collections.singleton(anchor), certSel); > > } catch (InvalidAlgorithmParameterException iape) { > > throw new CRLException(iape); > > } > > params.setCertStores(certStores); > > params.setSigProvider(provider); > > try { > > CertPathBuilder builder = > CertPathBuilder.getInstance("PKIX"); > > PKIXCertPathBuilderResult result = > > (PKIXCertPathBuilderResult) builder.build(params); > > prevKey = result.getPublicKey(); > > } catch (Exception e) { > > throw new CRLException(e); > > } > > } > > From dfpomeroy at gmail.com Tue Jun 28 10:01:58 2011 From: dfpomeroy at gmail.com (David Pomeroy) Date: Tue, 28 Jun 2011 10:01:58 -0700 Subject: sun.security.provider.certpath.DistributionPointFetcher In-Reply-To: <4E09CD09.2040406@oracle.com> References: <613F86DC-EF47-4936-967B-2538BB3FCD1B@Oracle.Com> <4E09CD09.2040406@oracle.com> Message-ID: Hi Sean, I am using Open JDK 6. Are the indirect CRL bugs in JDK 6 documented anywhere? Are there any workarounds? I am setting enableCRLDP. Thanks, Dave On Tue, Jun 28, 2011 at 5:46 AM, Sean Mullan wrote: > Are you using JDK 7? There were some bugs fixed with indirect CRLs in JDK > 7. > > Also, make sure you set the system property com.sun.security.enableCRLDP to > the > value true when running, ex: java -Dcom.sun.security.**enableCRLDP=true > ... > > --Sean > > > On 6/28/11 1:05 AM, Xuelei.Fan at Oracle.Com wrote: > >> Can you provide the code to reproduce the exception? Or is it possible >> attach >> the CertPath building debugger log? >> >> Xuelei >> >> On Jun 28, 2011, at 11:59 AM, David Pomeroy wrote: >> >> Hello All, >>> >>> I am trying to get a servlet to download and check a CRL. The CRLDP is >>> in >>> the client's certificate and the CRL is marked "indirect CRL" so that it >>> can be signed by a different key than the client cert issuer. The >>> following block of code is invoked but the DistributionPointFetcher can't >>> seem to build a valid path and a CRLException is thrown. My assumption >>> was >>> this would work if I included the CRL signing certificate in my >>> truststore. >>> What I find odd while stepping through this in a debugger is that the >>> "certStores" object contains only the client certificate which is to be >>> validated, so it makes sense that X509CertSelector doesn't find the right >>> cert in there. >>> >>> Has anyone got indirect CRLs validated before? I'd be interested in the >>> details of a test setup that works. I can provide more details of my >>> test >>> setup if necessary. >>> >>> Thanks, David >>> >>> >>> // Obtain and validate the certification path for the complete // CRL >>> issuer (if indirect CRL). If a key usage extension is present // in the >>> CRL >>> issuer's certificate, verify that the cRLSign bit is set. if >>> (indirectCRL) >>> { X509CertSelector certSel = new X509CertSelector(); >>> certSel.setSubject(crlIssuer.**asX500Principal()); boolean[] crlSign = >>> {false,false,false,false,**false,false,true}; >>> certSel.setKeyUsage(crlSign); >>> PKIXBuilderParameters params = null; try { params = new >>> PKIXBuilderParameters (Collections.singleton(anchor)**, certSel); } >>> catch >>> (**InvalidAlgorithmParameterExcep**tion iape) { throw new >>> CRLException(iape); >>> } params.setCertStores(**certStores); params.setSigProvider(**provider); >>> try { >>> CertPathBuilder builder = CertPathBuilder.getInstance("**PKIX"); >>> PKIXCertPathBuilderResult result = (PKIXCertPathBuilderResult) >>> builder.build(params); prevKey = result.getPublicKey(); } catch >>> (Exception >>> e) { throw new CRLException(e); } } >>> >> -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.openjdk.java.net/pipermail/security-dev/attachments/20110628/e5e80e2d/attachment.html From sean.mullan at oracle.com Tue Jun 28 11:14:59 2011 From: sean.mullan at oracle.com (Sean Mullan) Date: Tue, 28 Jun 2011 14:14:59 -0400 Subject: sun.security.provider.certpath.DistributionPointFetcher In-Reply-To: References: <613F86DC-EF47-4936-967B-2538BB3FCD1B@Oracle.Com> <4E09CD09.2040406@oracle.com> Message-ID: <4E0A1A23.5020505@oracle.com> On 6/28/11 1:01 PM, David Pomeroy wrote: > Hi Sean, > > I am using Open JDK 6. Are the indirect CRL bugs in JDK 6 documented anywhere? > Are there any workarounds? See: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6509162 http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6542169 No known workarounds. It would help if you tested with JDK 7 [1] so we could verify if the problem has fixed. If it still fails with JDK 7, please file a bug (and attach a test program) at http://bugs.sun.com Thanks, Sean [1] http://jdk7.java.net/download.html > > I am setting enableCRLDP. > > Thanks, Dave > > On Tue, Jun 28, 2011 at 5:46 AM, Sean Mullan > wrote: > > Are you using JDK 7? There were some bugs fixed with indirect CRLs in JDK 7. > > Also, make sure you set the system property com.sun.security.enableCRLDP to the > value true when running, ex: java -Dcom.sun.security.__enableCRLDP=true ... > > --Sean > > > On 6/28/11 1:05 AM, Xuelei.Fan at Oracle.Com wrote: > > Can you provide the code to reproduce the exception? Or is it possible > attach > the CertPath building debugger log? > > Xuelei > > On Jun 28, 2011, at 11:59 AM, David Pomeroy > wrote: > > Hello All, > > I am trying to get a servlet to download and check a CRL. The CRLDP > is in > the client's certificate and the CRL is marked "indirect CRL" so that it > can be signed by a different key than the client cert issuer. The > following block of code is invoked but the DistributionPointFetcher > can't > seem to build a valid path and a CRLException is thrown. My > assumption was > this would work if I included the CRL signing certificate in my > truststore. > What I find odd while stepping through this in a debugger is that the > "certStores" object contains only the client certificate which is to be > validated, so it makes sense that X509CertSelector doesn't find the > right > cert in there. > > Has anyone got indirect CRLs validated before? I'd be interested in the > details of a test setup that works. I can provide more details of > my test > setup if necessary. > > Thanks, David > > > // Obtain and validate the certification path for the complete // CRL > issuer (if indirect CRL). If a key usage extension is present // in > the CRL > issuer's certificate, verify that the cRLSign bit is set. if > (indirectCRL) > { X509CertSelector certSel = new X509CertSelector(); > certSel.setSubject(crlIssuer.__asX500Principal()); boolean[] crlSign = > {false,false,false,false,__false,false,true}; > certSel.setKeyUsage(crlSign); > PKIXBuilderParameters params = null; try { params = new > PKIXBuilderParameters (Collections.singleton(anchor)__, certSel); } > catch > (__InvalidAlgorithmParameterExcep__tion iape) { throw new > CRLException(iape); > } params.setCertStores(__certStores); > params.setSigProvider(__provider); try { > CertPathBuilder builder = CertPathBuilder.getInstance("__PKIX"); > PKIXCertPathBuilderResult result = (PKIXCertPathBuilderResult) > builder.build(params); prevKey = result.getPublicKey(); } catch > (Exception > e) { throw new CRLException(e); } } > > From sean.mullan at oracle.com Tue Jun 28 11:46:12 2011 From: sean.mullan at oracle.com (Sean Mullan) Date: Tue, 28 Jun 2011 14:46:12 -0400 Subject: Code review request: 7059709, java/jsse, close the IO in a final block In-Reply-To: <4E092E87.5050904@oracle.com> References: <4E092E87.5050904@oracle.com> Message-ID: <4E0A2174.4070607@oracle.com> On 6/27/11 9:29 PM, Xuelei Fan wrote: > webrev: http://cr.openjdk.java.net/~xuelei/7059709/webrev.00/ It seems you could restructure this code by moving the instantiation of the FileInputStream down just before the KeyStore.load and use a try-with-resources block instead. --Sean From stuart.marks at oracle.com Tue Jun 28 13:31:36 2011 From: stuart.marks at oracle.com (Stuart Marks) Date: Tue, 28 Jun 2011 13:31:36 -0700 Subject: Code review request: 7059709, java/jsse, close the IO in a final block In-Reply-To: <4E0A2174.4070607@oracle.com> References: <4E092E87.5050904@oracle.com> <4E0A2174.4070607@oracle.com> Message-ID: <4E0A3A28.2040008@oracle.com> On 6/28/11 11:46 AM, Sean Mullan wrote: > On 6/27/11 9:29 PM, Xuelei Fan wrote: >> webrev: http://cr.openjdk.java.net/~xuelei/7059709/webrev.00/ > > It seems you could restructure this code by moving the instantiation of the > FileInputStream down just before the KeyStore.load and use a try-with-resources > block instead. I had thought of this too but using try-with-resources for either of these cases isn't obvious. One difficulty is that the FileInputStreams are only initialized if some condition is true, otherwise they're left null. That is, simplified, FileInputStream fis = null; if (...condition...) { fis = ...initialization... } // process fis if non-null To use try-with-resources, you'd have to do something like put the conditional within the initialization expression. The only way to do this in-line in Java is to use the ternary (?:) operator, like so: try (FileInputStream fis = ...condition... ? ...initialization... : null) { // process fis if non-null } or the conditional could be evaluated prior to the try, with the resource variable being an alias: FileInputStream fis = null; if (...condition...) { fis = ...initialization... } try (FileInputStream fis2 = fis) { // process fis2 if non-null } or even by refactoring the conditional initialization into a separate method: try (FileInputStream fis = openFileOrReturnNull(...)) { // process fis if non-null } Another approach would be to call KeyStore.load() from the different condition arms, instead of conditionally initializing a variable: if (...condition...) { try (FileInputStream fis = ...initialization...) { ks.load(fis, passwd); } } else { ks.load(null, passwd); } This initializes the input streams closer to where they're used, but this might change the behavior if an error occurs while opening the stream; additional initializations or even side effects might occur before the error is reached. I haven't inspected the code thoroughly to determine whether this is the case. It also puts big initialization expression into the t-w-r, which might be ugly. Now, as you might know, I'm a big fan of try-with-resources, but using it here brings in a potentially large restructuring. This might or might not be warranted for this particular change; I don't know the tradeoffs involved in this code. s'marks From dfpomeroy at gmail.com Tue Jun 28 13:51:58 2011 From: dfpomeroy at gmail.com (David Pomeroy) Date: Tue, 28 Jun 2011 13:51:58 -0700 Subject: sun.security.provider.certpath.DistributionPointFetcher In-Reply-To: <4E0A1A23.5020505@oracle.com> References: <613F86DC-EF47-4936-967B-2538BB3FCD1B@Oracle.Com> <4E09CD09.2040406@oracle.com> <4E0A1A23.5020505@oracle.com> Message-ID: Hi Sean, openjdk7 complained that my Crl Server certificate did not contain a Subject Key Identifier. Once I added this, validating the indirect CRL issuer worked as expected. When I switched back to openjdk6, the CRL validation still fails. I have attached the certpath debug from each jvm. If you look at the line "certpath: SunCertPathBuilder.engineBuild([", jdk6 only adds my Sub CA certificate as a trusted source, where jdk7 adds all 3 certs from the truststore, including the Crl Issuer's certificate. Perhaps jdk6 is looking for specific criteria in the trusted certificates for use in validating the CRL? When I switched back to sun jdk 6, I got a different error. It's as if it is not even trying to build a verification path at all. I attached that debug as well. Thanks for jdk7 suggestion, I definitely learned something. However, I'd really like to get this working on a version 6 jvm. Any workaround suggestions from you or the group would be greatly appreciated. Thanks, Dave On Tue, Jun 28, 2011 at 11:14 AM, Sean Mullan wrote: > On 6/28/11 1:01 PM, David Pomeroy wrote: > >> Hi Sean, >> >> I am using Open JDK 6. Are the indirect CRL bugs in JDK 6 documented >> anywhere? >> Are there any workarounds? >> > > See: > > http://bugs.sun.com/**bugdatabase/view_bug.do?bug_**id=6509162 > http://bugs.sun.com/**bugdatabase/view_bug.do?bug_**id=6542169 > > No known workarounds. It would help if you tested with JDK 7 [1] so we > could verify if the problem has fixed. > > If it still fails with JDK 7, please file a bug (and attach a test program) > at http://bugs.sun.com > > Thanks, > Sean > > [1] http://jdk7.java.net/download.**html > > >> I am setting enableCRLDP. >> >> Thanks, Dave >> >> On Tue, Jun 28, 2011 at 5:46 AM, Sean Mullan > > wrote: >> >> Are you using JDK 7? There were some bugs fixed with indirect CRLs in >> JDK 7. >> >> Also, make sure you set the system property >> com.sun.security.enableCRLDP to the >> value true when running, ex: java -Dcom.sun.security.__**enableCRLDP=true >> ... >> >> --Sean >> >> >> On 6/28/11 1:05 AM, Xuelei.Fan at Oracle.Com wrote: >> >> Can you provide the code to reproduce the exception? Or is it >> possible >> attach >> the CertPath building debugger log? >> >> Xuelei >> >> On Jun 28, 2011, at 11:59 AM, David Pomeroy> > wrote: >> >> >> Hello All, >> >> I am trying to get a servlet to download and check a CRL. The >> CRLDP >> is in >> the client's certificate and the CRL is marked "indirect CRL" >> so that it >> can be signed by a different key than the client cert issuer. >> The >> following block of code is invoked but the >> DistributionPointFetcher >> can't >> seem to build a valid path and a CRLException is thrown. My >> assumption was >> this would work if I included the CRL signing certificate in my >> truststore. >> What I find odd while stepping through this in a debugger is >> that the >> "certStores" object contains only the client certificate which >> is to be >> validated, so it makes sense that X509CertSelector doesn't find >> the >> right >> cert in there. >> >> Has anyone got indirect CRLs validated before? I'd be >> interested in the >> details of a test setup that works. I can provide more details >> of >> my test >> setup if necessary. >> >> Thanks, David >> >> >> // Obtain and validate the certification path for the complete >> // CRL >> issuer (if indirect CRL). If a key usage extension is present >> // in >> the CRL >> issuer's certificate, verify that the cRLSign bit is set. if >> (indirectCRL) >> { X509CertSelector certSel = new X509CertSelector(); >> certSel.setSubject(crlIssuer._**_asX500Principal()); boolean[] >> crlSign = >> {false,false,false,false,__**false,false,true}; >> certSel.setKeyUsage(crlSign); >> PKIXBuilderParameters params = null; try { params = new >> PKIXBuilderParameters (Collections.singleton(anchor)**__, >> certSel); } >> catch >> (__**InvalidAlgorithmParameterExcep**__tion iape) { throw new >> >> CRLException(iape); >> } params.setCertStores(__**certStores); >> params.setSigProvider(__**provider); try { >> CertPathBuilder builder = CertPathBuilder.getInstance("_** >> _PKIX"); >> PKIXCertPathBuilderResult result = (PKIXCertPathBuilderResult) >> builder.build(params); prevKey = result.getPublicKey(); } catch >> (Exception >> e) { throw new CRLException(e); } } >> >> >> -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.openjdk.java.net/pipermail/security-dev/attachments/20110628/e04100c1/attachment.html -------------- next part -------------- certpath: PKIXCertPathValidator.engineValidate()... certpath: PKIXCertPathValidator.engineValidate() reversing certpath... certpath: PKIXCertPathValidator.engineValidate() anchor.getTrustedCert() != null certpath: PKIXCertPathValidator.isWorthTrying() checking if this trusted cert is worth trying ... certpath: YES - try this trustedCert certpath: anchor.getTrustedCert().getSubjectX500Principal() = CN=Dev Sub CA, OU= certpath: -------------------------------------------------------------- certpath: Executing PKIX certification path validation algorithm. certpath: Checking cert1 ... certpath: Set of critical extensions: certpath: 2.5.29.15 certpath: 2.5.29.37 certpath: 2.5.29.19 certpath: -Using checker1 ... [sun.security.provider.certpath.AlgorithmChecker] certpath: -checker1 validation succeeded certpath: -Using checker2 ... [sun.security.provider.certpath.KeyChecker] certpath: -checker2 validation succeeded certpath: -Using checker3 ... [sun.security.provider.certpath.ConstraintsChecker] certpath: ---checking basic constraints... certpath: i = 1 certpath: maxPathLength = 1 certpath: after processing, maxPathLength = 1 certpath: basic constraints verified. certpath: ---checking name constraints... certpath: prevNC = null certpath: newNC = null certpath: mergedNC = null certpath: name constraints verified. certpath: -checker3 validation succeeded certpath: -Using checker4 ... [sun.security.provider.certpath.PolicyChecker] certpath: PolicyChecker.checkPolicy() ---checking certificate policies... certpath: PolicyChecker.checkPolicy() certIndex = 1 certpath: PolicyChecker.checkPolicy() BEFORE PROCESSING: explicitPolicy = 2 certpath: PolicyChecker.checkPolicy() BEFORE PROCESSING: policyMapping = 2 certpath: PolicyChecker.checkPolicy() BEFORE PROCESSING: inhibitAnyPolicy = 2 certpath: PolicyChecker.checkPolicy() BEFORE PROCESSING: policyTree = anyPolicy ROOT certpath: PolicyChecker.processPolicies() no policies present in cert certpath: PolicyChecker.checkPolicy() AFTER PROCESSING: explicitPolicy = 2 certpath: PolicyChecker.checkPolicy() AFTER PROCESSING: policyMapping = 2 certpath: PolicyChecker.checkPolicy() AFTER PROCESSING: inhibitAnyPolicy = 2 certpath: PolicyChecker.checkPolicy() AFTER PROCESSING: policyTree = null certpath: PolicyChecker.checkPolicy() certificate policies verified certpath: -checker4 validation succeeded certpath: -Using checker5 ... [sun.security.provider.certpath.BasicChecker] certpath: ---checking timestamp:Tue Jun 28 13:22:23 PDT 2011... certpath: timestamp verified. certpath: ---checking subject/issuer name chaining... certpath: subject/issuer name chaining verified. certpath: ---checking signature... certpath: signature verified. certpath: BasicChecker.updateState issuer: CN=Dev Sub CA, OU=; subject: CN=234159080345657; serial#: 1250 certpath: -checker5 validation succeeded certpath: -Using checker6 ... [sun.security.provider.certpath.CrlRevocationChecker] certpath: CrlRevocationChecker.verifyRevocationStatus() ---checking revocation status... certpath: DistributionPointFetcher.getCRLs: Checking CRLDPs for CN=234159080345657 certpath: Trying to fetch CRL from DP http://localhost/crl.crl certpath: CertStore URI:http://localhost/crl.crl certpath: Downloading new CRL... certpath: idpName: URIName: http://localhost/crl.crl certpath: pointName: URIName: http://localhost/crl.crl certpath: SunCertPathBuilder.engineBuild([ [ Trust Anchors: [[ Trusted CA cert: [ [ Version: V3 Subject: CN=Dev Sub CA, OU= Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5 Key: Sun RSA public key, 2048 bits modulus: 31696243932874256364335990637094427770482150137369453879629054046277594694178299662030613175940051336592870418113037419713357290194638536691606561721465520703526043819995453182453582996601875791731978172486235451952100860390268691062261564472533003331397217240833053175303404082306509973352439625645600600400408333148563265268164313890699450748266186324338577359913955542853478283626859231040995581139161097669581270909389409188385131437359048571882558660942248026022064839125345179031998211043815799677884832277271147572182551216847408958538553541983556420628304268943945349378863098906567967665152779703018233229929 public exponent: 65537 Validity: [From: Sat Jun 25 14:32:02 PDT 2011, To: Sat Aug 24 14:32:02 PDT 2030] Issuer: CN=Dev Root CA, OU= SerialNumber: [ 01f4] Certificate Extensions: 2 [1]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ Key_CertSign Crl_Sign ] [2]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:true PathLen:0 ] ] Algorithm: [SHA1withRSA] Signature: 0000: 18 8C C1 CA 2D F8 C4 3B AC F2 F4 29 87 70 E9 BE ....-..;...).p.. 0010: BF 55 69 BC 50 17 37 7A 94 10 05 64 D9 58 5E 8F .Ui.P.7z...d.X^. 0020: 56 9C 38 F6 C8 E6 F9 08 DF 86 B0 E7 1A 4D 0A 8E V.8..........M.. 0030: 85 E6 BE F4 D4 90 CF B5 AD D4 49 77 DC FE 51 7C ..........Iw..Q. 0040: A8 07 AB 07 30 52 1A 91 4C 9F 65 67 BF 74 73 C1 ....0R..L.eg.ts. 0050: 8A E6 E7 64 19 40 1B 01 66 A1 F0 9D 15 FE F4 E5 ...d. at ..f....... 0060: C3 79 50 53 FF 6D BD A3 06 46 5B 87 79 E5 DE BB .yPS.m...F[.y... 0070: 94 2B 1E 8B 4C DF A3 EA CD C0 D4 F9 41 3B CA BE .+..L.......A;.. 0080: 18 AC 8F 50 03 94 9A EF A1 6E 05 75 C4 E3 EC E8 ...P.....n.u.... 0090: 85 79 CE 6C 31 70 27 93 9E 51 16 67 A1 81 1B C7 .y.l1p'..Q.g.... 00A0: 3F DC FD E5 01 21 9C 21 44 71 7B A9 57 F8 57 79 ?....!.!Dq..W.Wy 00B0: 45 6F 37 5F F8 A4 DE CA 0A 06 7C C3 8B 94 22 67 Eo7_.........."g 00C0: 9A 93 8B D2 51 E6 3F 1F 09 24 A8 23 70 04 95 F7 ....Q.?..$.#p... 00D0: 48 42 F6 D2 D2 54 43 E9 0F C9 04 85 5E EA 46 31 HB...TC.....^.F1 00E0: 8A CF E8 F3 9C 76 D2 DE 9B ED F7 1C 15 C1 02 05 .....v.......... 00F0: D7 ED 18 6B 74 CC 80 9D 2F 3D BF EC 24 20 00 E6 ...kt.../=..$ .. ] ] Initial Policy OIDs: any Validity Date: null Signature Provider: null Default Revocation Enabled: true Explicit Policy Required: false Policy Mapping Inhibited: false Any Policy Inhibited: false Policy Qualifiers Rejected: true Target Cert Constraints: X509CertSelector: [ Subject: CN=Dev CRL Server,OU= matchAllSubjectAltNames flag: true Key Usage: KeyUsage [ Crl_Sign ] ] Certification Path Checkers: [[]] CertStores: [[java.security.cert.CertStore at 101f935]] ] Maximum Path Length: 5 ] ) certpath: SunCertPathBuilder.buildForward()... certpath: SunCertPathBuilder.depthFirstSearchForward(CN=Dev CRL Server, OU=, State [ issuerDN of last cert: null traversedCACerts: 0 init: true keyParamsNeeded: false subjectNamesTraversed: []] ) certpath: ForwardBuilder.getMatchingCerts()... certpath: ForwardBuilder.getMatchingEECerts()... certpath: X509CertSelector.match(SN: 4e2 Issuer: CN=Dev Sub CA, OU= Subject: CN=234159080345657) certpath: X509CertSelector.match: subject DNs don't match certpath: ForwardBuilder.getMatchingCACerts()... certpath: ForwardBuilder.getMatchingCACerts(): ca is target certpath: X509CertSelector.match(SN: 1f4 Issuer: CN=Dev Root CA, OU= Subject: CN=Dev Sub CA, OU=) certpath: X509CertSelector.match: subject DNs don't match certpath: X509CertSelector.match(SN: 4e2 Issuer: CN=Dev Sub CA, OU= Subject: CN=234159080345657) certpath: X509CertSelector.match: subject DNs don't match certpath: ForwardBuilder.getMatchingCACerts: found 0 CA certs certpath: SunCertPathBuilder.depthFirstSearchForward(): certs.size=0 certpath: SunCertPathBuilder.engineBuild: 2nd pass certpath: SunCertPathBuilder.buildForward()... certpath: SunCertPathBuilder.depthFirstSearchForward(CN=Dev CRL Server, OU=, State [ issuerDN of last cert: null traversedCACerts: 0 init: true keyParamsNeeded: false subjectNamesTraversed: []] ) certpath: ForwardBuilder.getMatchingCerts()... certpath: ForwardBuilder.getMatchingEECerts()... certpath: X509CertSelector.match(SN: 4e2 Issuer: CN=Dev Sub CA, OU= Subject: CN=234159080345657) certpath: X509CertSelector.match: subject DNs don't match certpath: ForwardBuilder.getMatchingCACerts()... certpath: ForwardBuilder.getMatchingCACerts(): ca is target certpath: X509CertSelector.match(SN: 1f4 Issuer: CN=Dev Root CA, OU= Subject: CN=Dev Sub CA, OU=) certpath: X509CertSelector.match: subject DNs don't match certpath: X509CertSelector.match(SN: 4e2 Issuer: CN=Dev Sub CA, OU= Subject: CN=234159080345657) certpath: X509CertSelector.match: subject DNs don't match certpath: ForwardBuilder.getMatchingCACerts: found 0 CA certs certpath: SunCertPathBuilder.depthFirstSearchForward(): certs.size=0 certpath: Exception verifying CRL: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target java.security.cert.CRLException: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.provider.certpath.DistributionPointFetcher.verifyCRL(DistributionPointFetcher.java:540) at sun.security.provider.certpath.DistributionPointFetcher.getCRLs(DistributionPointFetcher.java:195) at sun.security.provider.certpath.DistributionPointFetcher.getCRLs(DistributionPointFetcher.java:121) at sun.security.provider.certpath.CrlRevocationChecker.verifyRevocationStatus(CrlRevocationChecker.java:309) at sun.security.provider.certpath.CrlRevocationChecker.verifyRevocationStatus(CrlRevocationChecker.java:248) at sun.security.provider.certpath.CrlRevocationChecker.check(CrlRevocationChecker.java:189) at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:131) at sun.security.provider.certpath.PKIXCertPathValidator.doValidate(PKIXCertPathValidator.java:325) at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:187) at java.security.cert.CertPathValidator.validate(CertPathValidator.java:267) at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:283) at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:271) at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191) at sun.security.validator.Validator.validate(Validator.java:235) at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:147) at sun.security.ssl.X509TrustManagerImpl.checkClientTrusted(X509TrustManagerImpl.java:188) at sun.security.ssl.X509TrustManagerImpl.checkClientTrusted(X509TrustManagerImpl.java:258) at sun.security.ssl.ServerHandshaker.clientCertificate(ServerHandshaker.java:1414) at sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:179) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:610) at sun.security.ssl.Handshaker$1.run(Handshaker.java:550) at sun.security.ssl.Handshaker$1.run(Handshaker.java:548) at java.security.AccessController.doPrivileged(Native Method) at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:969) ******************* at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603) at java.lang.Thread.run(Thread.java:636) Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:197) at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:255) at sun.security.provider.certpath.DistributionPointFetcher.verifyCRL(DistributionPointFetcher.java:536) ... 43 more certpath: Returning 0 CRLs certpath: CrlRevocationChecker.verifyRevocationStatus() crls.size() = 0 certpath: CrlRevocationChecker.verifyRevocationStatus() approved crls.size() = 0 certpath: CrlRevocationChecker.verifyWithSeparateSigningKey() ---checking revocation status... certpath: CrlRevocationChecker.buildToNewKey() starting work certpath: CrlRevocationChecker.buildToNewKey() about to try build ... certpath: SunCertPathBuilder.engineBuild([ [ Trust Anchors: [[ Trusted CA cert: [ [ Version: V3 Subject: CN=Dev Sub CA, OU= Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5 Key: Sun RSA public key, 2048 bits modulus: 31696243932874256364335990637094427770482150137369453879629054046277594694178299662030613175940051336592870418113037419713357290194638536691606561721465520703526043819995453182453582996601875791731978172486235451952100860390268691062261564472533003331397217240833053175303404082306509973352439625645600600400408333148563265268164313890699450748266186324338577359913955542853478283626859231040995581139161097669581270909389409188385131437359048571882558660942248026022064839125345179031998211043815799677884832277271147572182551216847408958538553541983556420628304268943945349378863098906567967665152779703018233229929 public exponent: 65537 Validity: [From: Sat Jun 25 14:32:02 PDT 2011, To: Sat Aug 24 14:32:02 PDT 2030] Issuer: CN=Dev Root CA, OU= SerialNumber: [ 01f4] Certificate Extensions: 2 [1]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ Key_CertSign Crl_Sign ] [2]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:true PathLen:0 ] ] Algorithm: [SHA1withRSA] Signature: 0000: 18 8C C1 CA 2D F8 C4 3B AC F2 F4 29 87 70 E9 BE ....-..;...).p.. 0010: BF 55 69 BC 50 17 37 7A 94 10 05 64 D9 58 5E 8F .Ui.P.7z...d.X^. 0020: 56 9C 38 F6 C8 E6 F9 08 DF 86 B0 E7 1A 4D 0A 8E V.8..........M.. 0030: 85 E6 BE F4 D4 90 CF B5 AD D4 49 77 DC FE 51 7C ..........Iw..Q. 0040: A8 07 AB 07 30 52 1A 91 4C 9F 65 67 BF 74 73 C1 ....0R..L.eg.ts. 0050: 8A E6 E7 64 19 40 1B 01 66 A1 F0 9D 15 FE F4 E5 ...d. at ..f....... 0060: C3 79 50 53 FF 6D BD A3 06 46 5B 87 79 E5 DE BB .yPS.m...F[.y... 0070: 94 2B 1E 8B 4C DF A3 EA CD C0 D4 F9 41 3B CA BE .+..L.......A;.. 0080: 18 AC 8F 50 03 94 9A EF A1 6E 05 75 C4 E3 EC E8 ...P.....n.u.... 0090: 85 79 CE 6C 31 70 27 93 9E 51 16 67 A1 81 1B C7 .y.l1p'..Q.g.... 00A0: 3F DC FD E5 01 21 9C 21 44 71 7B A9 57 F8 57 79 ?....!.!Dq..W.Wy 00B0: 45 6F 37 5F F8 A4 DE CA 0A 06 7C C3 8B 94 22 67 Eo7_.........."g 00C0: 9A 93 8B D2 51 E6 3F 1F 09 24 A8 23 70 04 95 F7 ....Q.?..$.#p... 00D0: 48 42 F6 D2 D2 54 43 E9 0F C9 04 85 5E EA 46 31 HB...TC.....^.F1 00E0: 8A CF E8 F3 9C 76 D2 DE 9B ED F7 1C 15 C1 02 05 .....v.......... 00F0: D7 ED 18 6B 74 CC 80 9D 2F 3D BF EC 24 20 00 E6 ...kt.../=..$ .. ] ] Initial Policy OIDs: any Validity Date: null Signature Provider: null Default Revocation Enabled: false Explicit Policy Required: false Policy Mapping Inhibited: false Any Policy Inhibited: false Policy Qualifiers Rejected: true Target Cert Constraints: RejectCertSelector: [ X509CertSelector: [ Subject: CN=Dev Sub CA,OU= matchAllSubjectAltNames flag: true Key Usage: KeyUsage [ Crl_Sign ] ][Sun RSA public key, 2048 bits modulus: 31696243932874256364335990637094427770482150137369453879629054046277594694178299662030613175940051336592870418113037419713357290194638536691606561721465520703526043819995453182453582996601875791731978172486235451952100860390268691062261564472533003331397217240833053175303404082306509973352439625645600600400408333148563265268164313890699450748266186324338577359913955542853478283626859231040995581139161097669581270909389409188385131437359048571882558660942248026022064839125345179031998211043815799677884832277271147572182551216847408958538553541983556420628304268943945349378863098906567967665152779703018233229929 public exponent: 65537]] Certification Path Checkers: [[]] CertStores: [[]] ] Maximum Path Length: 5 ] ) certpath: SunCertPathBuilder.buildForward()... certpath: SunCertPathBuilder.depthFirstSearchForward(CN=Dev Sub CA, OU=, State [ issuerDN of last cert: null traversedCACerts: 0 init: true keyParamsNeeded: false subjectNamesTraversed: []] ) certpath: ForwardBuilder.getMatchingCerts()... certpath: ForwardBuilder.getMatchingEECerts()... certpath: ForwardBuilder.getMatchingCACerts()... certpath: ForwardBuilder.getMatchingCACerts(): ca is target certpath: X509CertSelector.match(SN: 1f4 Issuer: CN=Dev Root CA, OU= Subject: CN=Dev Sub CA, OU=) certpath: X509CertSelector.match returning: true certpath: RejectCertSelector.match: bad key certpath: ForwardBuilder.getMatchingCACerts: found 0 CA certs certpath: SunCertPathBuilder.depthFirstSearchForward(): certs.size=0 certpath: SunCertPathBuilder.engineBuild: 2nd pass certpath: SunCertPathBuilder.buildForward()... certpath: SunCertPathBuilder.depthFirstSearchForward(CN=Dev Sub CA, OU=, State [ issuerDN of last cert: null traversedCACerts: 0 init: true keyParamsNeeded: false subjectNamesTraversed: []] ) certpath: ForwardBuilder.getMatchingCerts()... certpath: ForwardBuilder.getMatchingEECerts()... certpath: ForwardBuilder.getMatchingCACerts()... certpath: ForwardBuilder.getMatchingCACerts(): ca is target certpath: X509CertSelector.match(SN: 1f4 Issuer: CN=Dev Root CA, OU= Subject: CN=Dev Sub CA, OU=) certpath: X509CertSelector.match returning: true certpath: RejectCertSelector.match: bad key certpath: ForwardBuilder.getMatchingCACerts: found 0 CA certs certpath: SunCertPathBuilder.depthFirstSearchForward(): certs.size=0 certpath: PKIXCertPathValidator.engineValidate() anchor.getTrustedCert() != null certpath: PKIXCertPathValidator.isWorthTrying() checking if this trusted cert is worth trying ... certpath: NO - don't try this trustedCert certpath: PKIXCertPathValidator.engineValidate() anchor.getTrustedCert() != null certpath: PKIXCertPathValidator.isWorthTrying() checking if this trusted cert is worth trying ... certpath: NO - don't try this trustedCert -------------- next part -------------- certpath: PKIXCertPathValidator.engineValidate()... certpath: PKIXCertPathValidator.engineValidate() reversing certpath... certpath: PKIXCertPathValidator.engineValidate() anchor.getTrustedCert() != null certpath: PKIXCertPathValidator.isWorthTrying() checking if this trusted cert is worth trying ... certpath: X509CertSelector.match(SN: 1f5 Issuer: CN=Dev Root CA, OU= Subject: CN=Dev CRL Server, OU=) certpath: X509CertSelector.match: subject DNs don't match certpath: NO - don't try this trustedCert certpath: PKIXCertPathValidator.engineValidate() anchor.getTrustedCert() != null certpath: PKIXCertPathValidator.isWorthTrying() checking if this trusted cert is worth trying ... certpath: X509CertSelector.match(SN: b3ea5693a7cf4afa Issuer: CN=Dev Root CA, OU= Subject: CN=Dev Root CA, OU=) certpath: X509CertSelector.match: subject DNs don't match certpath: NO - don't try this trustedCert certpath: PKIXCertPathValidator.engineValidate() anchor.getTrustedCert() != null certpath: PKIXCertPathValidator.isWorthTrying() checking if this trusted cert is worth trying ... certpath: X509CertSelector.match(SN: 1f4 Issuer: CN=Dev Root CA, OU= Subject: CN=Dev Sub CA, OU=) certpath: X509CertSelector.match returning: true certpath: YES - try this trustedCert certpath: anchor.getTrustedCert().getSubjectX500Principal() = CN=Dev Sub CA, OU= certpath: -------------------------------------------------------------- certpath: Executing PKIX certification path validation algorithm. certpath: Checking cert1 ... certpath: Set of critical extensions: certpath: 2.5.29.15 certpath: 2.5.29.37 certpath: 2.5.29.19 certpath: -Using checker1 ... [sun.security.provider.certpath.AlgorithmChecker] certpath: -checker1 validation succeeded certpath: -Using checker2 ... [sun.security.provider.certpath.KeyChecker] certpath: -checker2 validation succeeded certpath: -Using checker3 ... [sun.security.provider.certpath.ConstraintsChecker] certpath: ---checking basic constraints... certpath: i = 1 certpath: maxPathLength = 1 certpath: after processing, maxPathLength = 1 certpath: basic constraints verified. certpath: ---checking name constraints... certpath: prevNC = null certpath: newNC = null certpath: mergedNC = null certpath: name constraints verified. certpath: -checker3 validation succeeded certpath: -Using checker4 ... [sun.security.provider.certpath.PolicyChecker] certpath: PolicyChecker.checkPolicy() ---checking certificate policies... certpath: PolicyChecker.checkPolicy() certIndex = 1 certpath: PolicyChecker.checkPolicy() BEFORE PROCESSING: explicitPolicy = 2 certpath: PolicyChecker.checkPolicy() BEFORE PROCESSING: policyMapping = 2 certpath: PolicyChecker.checkPolicy() BEFORE PROCESSING: inhibitAnyPolicy = 2 certpath: PolicyChecker.checkPolicy() BEFORE PROCESSING: policyTree = anyPolicy ROOT certpath: PolicyChecker.processPolicies() no policies present in cert certpath: PolicyChecker.checkPolicy() AFTER PROCESSING: explicitPolicy = 2 certpath: PolicyChecker.checkPolicy() AFTER PROCESSING: policyMapping = 2 certpath: PolicyChecker.checkPolicy() AFTER PROCESSING: inhibitAnyPolicy = 2 certpath: PolicyChecker.checkPolicy() AFTER PROCESSING: policyTree = null certpath: PolicyChecker.checkPolicy() certificate policies verified certpath: -checker4 validation succeeded certpath: -Using checker5 ... [sun.security.provider.certpath.BasicChecker] certpath: ---checking timestamp:Tue Jun 28 13:30:06 PDT 2011... certpath: timestamp verified. certpath: ---checking subject/issuer name chaining... certpath: subject/issuer name chaining verified. certpath: ---checking signature... certpath: signature verified. certpath: BasicChecker.updateState issuer: CN=Dev Sub CA, OU=; subject: CN=234159080345657; serial#: 1250 certpath: -checker5 validation succeeded certpath: -Using checker6 ... [sun.security.provider.certpath.CrlRevocationChecker] certpath: CrlRevocationChecker.verifyRevocationStatus() ---checking revocation status... certpath: DistributionPointFetcher.getCRLs: Checking CRLDPs for CN=234159080345657 certpath: Trying to fetch CRL from DP http://localhost/crl.crl certpath: CertStore URI:http://localhost/crl.crl certpath: Downloading new CRL... certpath: X509CertSelector.match(SN: 4e2 Issuer: CN=Dev Sub CA, OU= Subject: CN=234159080345657) certpath: X509CertSelector.match: serial numbers don't match certpath: idpName: URIName: http://localhost/crl.crl certpath: pointName: URIName: http://localhost/crl.crl certpath: SunCertPathBuilder.engineBuild([ [ Trust Anchors: [[ Trusted CA cert: [ [ Version: V3 Subject: CN=Dev CRL Server, OU= Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5 Key: Sun RSA public key, 2048 bits modulus: 24980366566383945128638357643794029657029045285943186164830889713742551362834167749389432614152878205152916895906818990222151469157749651975682716226521532551743772795359453663649043513571251909768572269499685840508696152707071851577848778512215737819165921470035012545204842514052321365290071098904759989627164571514184109529328628823584694433836465743357765488634438929322668458043955741015078693955669985576547644836720749936335018182113335320658128424355652830916053592288791634131577649438646298447356797700915904869154681646356170626662519966969445719045002066347129088251919800891736186127801862898591100517741 public exponent: 65537 Validity: [From: Tue Jun 28 13:12:40 PDT 2011, To: Tue Aug 27 13:12:40 PDT 2030] Issuer: CN=Dev Root CA, OU= SerialNumber: [ 01f5] Certificate Extensions: 3 [1]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: B6 61 7F D0 F4 35 07 D6 8A 94 23 9F F3 43 7F 3D .a...5....#..C.= 0010: B9 47 B8 2A .G.* ] ] [2]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ Crl_Sign ] [3]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:false PathLen: undefined ] ] Algorithm: [SHA1withRSA] Signature: 0000: 32 FF C1 5C 86 D5 8B 18 76 32 0E D7 D7 CF 80 79 2..\....v2.....y 0010: 63 1E 4C CA 13 8C 12 D6 3D A4 35 8C B2 3E 73 D7 c.L.....=.5..>s. 0020: 62 73 B9 1A 1B CC E4 CB DB 65 BB 06 55 02 1B B0 bs.......e..U... 0030: 3B 18 02 0D E0 CB 11 51 E2 09 8F 1A 02 E4 89 E5 ;......Q........ 0040: F5 E8 A6 80 FF 46 29 1A 26 7C 34 1E 27 22 CC 3A .....F).&.4.'".: 0050: 55 49 74 79 C8 81 3F 4B 09 48 DF 55 FB 5E AC 5E UIty..?K.H.U.^.^ 0060: 0C FC 7C 82 F3 4A 78 9E C1 8D 54 70 01 F5 DC 40 .....Jx...Tp...@ 0070: 2A EB 0B 2C 28 78 28 EA 0A CB 16 05 0F 34 A3 77 *..,(x(......4.w 0080: A1 38 73 C6 60 A4 BB 80 C6 DC B4 2D 87 DB 08 B5 .8s.`......-.... 0090: 36 B5 A9 61 8E AA D3 6B A1 8A 75 84 D0 F9 9F 20 6..a...k..u.... 00A0: 69 85 48 2C E6 77 7C 51 A9 94 64 57 20 74 2A 55 i.H,.w.Q..dW t*U 00B0: 2D 84 50 DA 88 18 12 87 53 85 BD 30 F2 9B ED 25 -.P.....S..0...% 00C0: 22 E3 83 C3 85 B2 C6 ED 29 E4 2C D0 0A DE F4 9F ".......).,..... 00D0: 23 F2 61 1A AD 06 F0 69 96 F7 55 F4 A5 EB 62 6C #.a....i..U...bl 00E0: 69 25 9A E1 24 3D DE 5C B7 2C 8B 8F 57 89 87 73 i%..$=.\.,..W..s 00F0: CC A9 FA AB BE 98 C7 18 83 58 A5 4C 48 3A B5 48 .........X.LH:.H ] , [ Trusted CA cert: [ [ Version: V3 Subject: CN=Dev Root CA, OU= Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5 Key: Sun RSA public key, 2048 bits modulus: 24637538804312205538510193595756724743325964269149416473394433546273135490969532105800215896570721673979864000715385570349798964196021422587598377112256888670572719359535872155212046138681275316524517840249828650662576857366275328692936166990172596647562891910011544929645642031355229648076882498870763322728297961825305636336880972539564887325894581099371420734033338545900589971532305701911274609225936502298743355013219541966106004726727418768005124171502080427307695896502316295331353703554687316602668770219332060142717112374169447603885749795034258281027062466095065057099231648298625670334329042316857245052951 public exponent: 65537 Validity: [From: Tue Jun 28 12:37:41 PDT 2011, To: Tue Aug 27 12:37:41 PDT 2030] Issuer: CN=Dev Root CA, OU= SerialNumber: [ b3ea5693 a7cf4afa] Certificate Extensions: 2 [1]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ DigitalSignature Key_CertSign Crl_Sign ] [2]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:true PathLen:1 ] ] Algorithm: [SHA1withRSA] Signature: 0000: 7B ED 50 86 50 BD 5A 19 DA EB A1 53 A1 D8 4C 40 ..P.P.Z....S..L@ 0010: ED 67 1E C8 4C E6 6D 1E 95 E6 B6 31 F2 FC 63 0C .g..L.m....1..c. 0020: EE 51 82 FD 33 BC 0D 7F FF F6 7D 98 4C 6C DA 94 .Q..3.......Ll.. 0030: 8E 6F 4C 7B B8 AF 77 63 93 71 AB 2D 06 75 64 D0 .oL...wc.q.-.ud. 0040: 3F 41 71 E3 0D 13 9E BE 27 57 81 C1 78 4C DE FF ?Aq.....'W..xL.. 0050: 83 36 41 D3 15 12 E3 86 B7 9D 17 90 46 4D 5C 4C .6A.........FM\L 0060: 55 B1 0D F1 42 B1 69 C7 ED CC 40 DC 73 70 60 44 U...B.i... at .sp`D 0070: 92 8F 30 EF 33 22 FB EC 0A 23 A6 1C 06 25 89 65 ..0.3"...#...%.e 0080: 61 39 53 EA AB E2 7E 4C A9 7D 2A D6 A1 E6 25 9F a9S....L..*...%. 0090: E4 1B A6 30 9A 25 C0 13 0D CF EC F3 2E 6D D5 E5 ...0.%.......m.. 00A0: 87 69 FC FA 7A 55 1C 67 9D 50 F2 AE 77 6C C8 E5 .i..zU.g.P..wl.. 00B0: CD 24 D9 26 51 BA 83 E4 9A 1F 60 8E A0 83 AF CA .$.&Q.....`..... 00C0: E8 EC BE 62 46 44 6C 81 E1 2C 85 EA 87 F9 F3 90 ...bFDl..,...... 00D0: EB 90 75 5D 28 8B 29 7F 1A F0 3A 80 84 E0 99 4F ..u](.)...:....O 00E0: 68 61 90 B7 89 A5 94 68 4D 61 99 29 A3 69 D4 6E ha.....hMa.).i.n 00F0: 25 17 91 F7 E1 1E FD CA 18 3C 57 97 80 5F 34 4E %........ References: <4E092E87.5050904@oracle.com> <4E0A2174.4070607@oracle.com> <4E0A3A28.2040008@oracle.com> Message-ID: <4E0A594F.3050504@oracle.com> While I was thinking the same thing as Sean/Stuart, it's not clear how much risk you would be refactoring a lot of code just to use this language feature. It's pretty clear (to me anyway) what you were intending here. Brad On 6/28/2011 1:31 PM, Stuart Marks wrote: > On 6/28/11 11:46 AM, Sean Mullan wrote: >> On 6/27/11 9:29 PM, Xuelei Fan wrote: >>> webrev: http://cr.openjdk.java.net/~xuelei/7059709/webrev.00/ >> >> It seems you could restructure this code by moving the instantiation >> of the >> FileInputStream down just before the KeyStore.load and use a >> try-with-resources >> block instead. > > I had thought of this too but using try-with-resources for either of > these cases isn't obvious. > > One difficulty is that the FileInputStreams are only initialized if some > condition is true, otherwise they're left null. That is, simplified, > > FileInputStream fis = null; > if (...condition...) { > fis = ...initialization... > } > // process fis if non-null > > To use try-with-resources, you'd have to do something like put the > conditional within the initialization expression. The only way to do > this in-line in Java is to use the ternary (?:) operator, like so: > > try (FileInputStream fis = ...condition... ? ...initialization... : null) { > // process fis if non-null > } > > or the conditional could be evaluated prior to the try, with the > resource variable being an alias: > > FileInputStream fis = null; > if (...condition...) { > fis = ...initialization... > } > try (FileInputStream fis2 = fis) { > // process fis2 if non-null > } > > or even by refactoring the conditional initialization into a separate > method: > > try (FileInputStream fis = openFileOrReturnNull(...)) { > // process fis if non-null > } > > Another approach would be to call KeyStore.load() from the different > condition arms, instead of conditionally initializing a variable: > > if (...condition...) { > try (FileInputStream fis = ...initialization...) { > ks.load(fis, passwd); > } > } else { > ks.load(null, passwd); > } > > This initializes the input streams closer to where they're used, but > this might change the behavior if an error occurs while opening the > stream; additional initializations or even side effects might occur > before the error is reached. I haven't inspected the code thoroughly to > determine whether this is the case. It also puts big initialization > expression into the t-w-r, which might be ugly. > > Now, as you might know, I'm a big fan of try-with-resources, but using > it here brings in a potentially large restructuring. This might or might > not be warranted for this particular change; I don't know the tradeoffs > involved in this code. > > s'marks From Xuelei.Fan at Oracle.Com Tue Jun 28 17:36:26 2011 From: Xuelei.Fan at Oracle.Com (Xuelei.Fan at Oracle.Com) Date: Wed, 29 Jun 2011 08:36:26 +0800 Subject: sun.security.provider.certpath.DistributionPointFetcher In-Reply-To: References: <613F86DC-EF47-4936-967B-2538BB3FCD1B@Oracle.Com> <4E09CD09.2040406@oracle.com> <4E0A1A23.5020505@oracle.com> Message-ID: <9CBAEDD6-B5AA-43D3-9A2D-7EDBA2654ABF@Oracle.Com> On Jun 29, 2011, at 4:51 AM, David Pomeroy wrote: > Hi Sean, > > openjdk7 complained that my Crl Server certificate did not contain a Subject Key Identifier. It's a must-to-have field to comply with RFC 5280. > Once I added this, validating the indirect CRL issuer worked as expected. > Glad to know it works in JDK 7. > When I switched back to openjdk6, the CRL validation still fails. I have attached the certpath debug from each jvm. If you look at the line "certpath: SunCertPathBuilder.engineBuild([", jdk6 only adds my Sub CA certificate as a trusted source, where jdk7 adds all 3 certs from the truststore, including the Crl Issuer's certificate. Perhaps jdk6 is looking for specific criteria in the trusted certificates for use in validating the CRL? > > When I switched back to sun jdk 6, I got a different error. It's as if it is not even trying to build a verification path at all. I attached that debug as well. > > Thanks for jdk7 suggestion, I definitely learned something. However, I'd really like to get this working on a version 6 jvm. Any workaround suggestions from you or the group would be greatly appreciated. No known workaround. You may be able to disable certificate status checking in the default provider, and check the certificate status by a customized PKIXCertPathChecker. Xuelei > > Thanks, Dave > > > On Tue, Jun 28, 2011 at 11:14 AM, Sean Mullan wrote: > On 6/28/11 1:01 PM, David Pomeroy wrote: > Hi Sean, > > I am using Open JDK 6. Are the indirect CRL bugs in JDK 6 documented anywhere? > Are there any workarounds? > > See: > > http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6509162 > http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6542169 > > No known workarounds. It would help if you tested with JDK 7 [1] so we could verify if the problem has fixed. > > If it still fails with JDK 7, please file a bug (and attach a test program) at http://bugs.sun.com > > Thanks, > Sean > > [1] http://jdk7.java.net/download.html > > > I am setting enableCRLDP. > > Thanks, Dave > > On Tue, Jun 28, 2011 at 5:46 AM, Sean Mullan > wrote: > > Are you using JDK 7? There were some bugs fixed with indirect CRLs in JDK 7. > > Also, make sure you set the system property com.sun.security.enableCRLDP to the > value true when running, ex: java -Dcom.sun.security.__enableCRLDP=true ... > > --Sean > > > On 6/28/11 1:05 AM, Xuelei.Fan at Oracle.Com wrote: > > Can you provide the code to reproduce the exception? Or is it possible > attach > the CertPath building debugger log? > > Xuelei > > On Jun 28, 2011, at 11:59 AM, David Pomeroy > wrote: > > > Hello All, > > I am trying to get a servlet to download and check a CRL. The CRLDP > is in > the client's certificate and the CRL is marked "indirect CRL" so that it > can be signed by a different key than the client cert issuer. The > following block of code is invoked but the DistributionPointFetcher > can't > seem to build a valid path and a CRLException is thrown. My > assumption was > this would work if I included the CRL signing certificate in my > truststore. > What I find odd while stepping through this in a debugger is that the > "certStores" object contains only the client certificate which is to be > validated, so it makes sense that X509CertSelector doesn't find the > right > cert in there. > > Has anyone got indirect CRLs validated before? I'd be interested in the > details of a test setup that works. I can provide more details of > my test > setup if necessary. > > Thanks, David > > > // Obtain and validate the certification path for the complete // CRL > issuer (if indirect CRL). If a key usage extension is present // in > the CRL > issuer's certificate, verify that the cRLSign bit is set. if > (indirectCRL) > { X509CertSelector certSel = new X509CertSelector(); > certSel.setSubject(crlIssuer.__asX500Principal()); boolean[] crlSign = > {false,false,false,false,__false,false,true}; > certSel.setKeyUsage(crlSign); > PKIXBuilderParameters params = null; try { params = new > PKIXBuilderParameters (Collections.singleton(anchor)__, certSel); } > catch > (__InvalidAlgorithmParameterExcep__tion iape) { throw new > > CRLException(iape); > } params.setCertStores(__certStores); > params.setSigProvider(__provider); try { > CertPathBuilder builder = CertPathBuilder.getInstance("__PKIX"); > PKIXCertPathBuilderResult result = (PKIXCertPathBuilderResult) > builder.build(params); prevKey = result.getPublicKey(); } catch > (Exception > e) { throw new CRLException(e); } } > > > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.openjdk.java.net/pipermail/security-dev/attachments/20110629/73af57b5/attachment.html From Xuelei.Fan at Oracle.Com Tue Jun 28 16:38:53 2011 From: Xuelei.Fan at Oracle.Com (Xuelei.Fan at Oracle.Com) Date: Wed, 29 Jun 2011 07:38:53 +0800 Subject: Code review request: 7059709, java/jsse, close the IO in a final block In-Reply-To: <4E0A594F.3050504@oracle.com> References: <4E092E87.5050904@oracle.com> <4E0A2174.4070607@oracle.com> <4E0A3A28.2040008@oracle.com> <4E0A594F.3050504@oracle.com> Message-ID: <146B08A7-929F-4531-AF51-6C000106833A@Oracle.Com> I found the bug when I was learning the t-w-r feature. But just as Stuart thoroughly analysis, I failed to find a easy way to use t-w-r for these two updates. Thanks for all of the feedback. Xuelei On Jun 29, 2011, at 6:44 AM, Brad Wetmore wrote: > While I was thinking the same thing as Sean/Stuart, it's not clear how much risk you would be refactoring a lot of code just to use this language feature. > > It's pretty clear (to me anyway) what you were intending here. > > Brad > > > > > On 6/28/2011 1:31 PM, Stuart Marks wrote: >> On 6/28/11 11:46 AM, Sean Mullan wrote: >>> On 6/27/11 9:29 PM, Xuelei Fan wrote: >>>> webrev: http://cr.openjdk.java.net/~xuelei/7059709/webrev.00/ >>> >>> It seems you could restructure this code by moving the instantiation >>> of the >>> FileInputStream down just before the KeyStore.load and use a >>> try-with-resources >>> block instead. >> >> I had thought of this too but using try-with-resources for either of >> these cases isn't obvious. >> >> One difficulty is that the FileInputStreams are only initialized if some >> condition is true, otherwise they're left null. That is, simplified, >> >> FileInputStream fis = null; >> if (...condition...) { >> fis = ...initialization... >> } >> // process fis if non-null >> >> To use try-with-resources, you'd have to do something like put the >> conditional within the initialization expression. The only way to do >> this in-line in Java is to use the ternary (?:) operator, like so: >> >> try (FileInputStream fis = ...condition... ? ...initialization... : null) { >> // process fis if non-null >> } >> >> or the conditional could be evaluated prior to the try, with the >> resource variable being an alias: >> >> FileInputStream fis = null; >> if (...condition...) { >> fis = ...initialization... >> } >> try (FileInputStream fis2 = fis) { >> // process fis2 if non-null >> } >> >> or even by refactoring the conditional initialization into a separate >> method: >> >> try (FileInputStream fis = openFileOrReturnNull(...)) { >> // process fis if non-null >> } >> >> Another approach would be to call KeyStore.load() from the different >> condition arms, instead of conditionally initializing a variable: >> >> if (...condition...) { >> try (FileInputStream fis = ...initialization...) { >> ks.load(fis, passwd); >> } >> } else { >> ks.load(null, passwd); >> } >> >> This initializes the input streams closer to where they're used, but >> this might change the behavior if an error occurs while opening the >> stream; additional initializations or even side effects might occur >> before the error is reached. I haven't inspected the code thoroughly to >> determine whether this is the case. It also puts big initialization >> expression into the t-w-r, which might be ugly. >> >> Now, as you might know, I'm a big fan of try-with-resources, but using >> it here brings in a potentially large restructuring. This might or might >> not be warranted for this particular change; I don't know the tradeoffs >> involved in this code. >> >> s'marks From jonathan.gibbons at oracle.com Thu Jun 30 12:01:15 2011 From: jonathan.gibbons at oracle.com (jonathan.gibbons at oracle.com) Date: Thu, 30 Jun 2011 19:01:15 +0000 Subject: hg: jdk8/tl/langtools: 7060926: Attr.PostAttrAnalyzer misses a case Message-ID: <20110630190117.B9B09470AD@hg.openjdk.java.net> Changeset: 858ae8fec72f Author: jjg Date: 2011-06-30 12:00 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/858ae8fec72f 7060926: Attr.PostAttrAnalyzer misses a case Reviewed-by: mcimadamore ! src/share/classes/com/sun/tools/javac/comp/Attr.java + test/tools/javac/failover/FailOver15.java + test/tools/javac/failover/FailOver15.out From kumar.x.srinivasan at oracle.com Thu Jun 30 14:34:19 2011 From: kumar.x.srinivasan at oracle.com (kumar.x.srinivasan at oracle.com) Date: Thu, 30 Jun 2011 21:34:19 +0000 Subject: hg: jdk8/tl/langtools: 7059905: (javadoc) promote method visibility for netbeans usage Message-ID: <20110630213421.29A3E470B9@hg.openjdk.java.net> Changeset: b0909f992710 Author: ksrini Date: 2011-06-30 14:33 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/b0909f992710 7059905: (javadoc) promote method visibility for netbeans usage Reviewed-by: jjg, bpatel ! src/share/classes/com/sun/tools/javadoc/AnnotationTypeDocImpl.java ! src/share/classes/com/sun/tools/javadoc/AnnotationTypeElementDocImpl.java ! src/share/classes/com/sun/tools/javadoc/DocEnv.java ! src/share/classes/com/sun/tools/javadoc/DocImpl.java ! src/share/classes/com/sun/tools/javadoc/JavadocClassReader.java ! src/share/classes/com/sun/tools/javadoc/JavadocMemberEnter.java ! src/share/classes/com/sun/tools/javadoc/PackageDocImpl.java