RFR: 8296734: JarVerifier:: mapSignersToCodeSource should cache in map [v4]
Weijun Wang
weijun at openjdk.org
Sat Nov 19 22:57:50 UTC 2022
On Sat, 19 Nov 2022 04:31:13 GMT, pandaapo <duke at openjdk.org> wrote:
>> The cache named `signerToCodeSource` in `JarVerifier` is never used now.
>
> pandaapo has updated the pull request incrementally with one additional commit since the last revision:
>
> Modify as reviews.
Great to see more lines removed. Since `entries2` in `JavaUtilJarAccess` is removed, I assume the `entries2` in `JarFile` is also useless, and there are 2 `newEntry` methods who claims to be invoked by `entries2`. Also, in `JarVerifier`, it seems all lines after `// Extended JavaUtilJarAccess CodeSource API Support` before `isTrustedManifestEntry` are related to those removed methods.
-------------
PR: https://git.openjdk.org/jdk/pull/11072
More information about the security-dev
mailing list