On Mon, 23 Jun 2025 16:44:23 GMT, Alisen Chung wrote:
>> This issue is responsible for updating the translations of all the
>> localize(able) resources in the JDK since the previous L10n drop.
>
> Alisen Chung has updated the pull request incrementally with one additional
> commit since the las
On Tue, 24 Jun 2025 14:54:17 GMT, Weijun Wang wrote:
>> Thank you for the clarification.
>
> However, there is no space required between two Chinese sentences. In
> English, we usually write "I am here, and you are there." But in Chinese,
> with the full-width punct
On Wed, 18 Jun 2025 16:43:02 GMT, Alexey Ivanov wrote:
>> There is still only one space, the new one is a full width colon (U+FF1A).
>> Localization rules have been observed to make the switch from regular colons
>> (U+003A) into the full width version depending on the language.
>
> Thank you f
On Tue, 3 Jun 2025 07:55:06 GMT, Volkan Yazici wrote:
>> Passes the `Charset` read from the `stdin.encoding` system property while
>> creating `InputStreamReader` or `Scanner` instances for `System.in`.
>>
>> `stdin.encoding` is a recently added property for Java 25 in
>> [JDK-8350703](https:/
On Fri, 30 May 2025 13:59:06 GMT, Volkan Yazici wrote:
> > Have you thought about creating a helper method for this purpose even if
> > it's internal? At least, for the tests you can create one in `/test/lib`.
>
> Required changes are pretty minimal – passing
> `System.getProperty("stdin.encod
On Fri, 30 May 2025 11:07:30 GMT, Volkan Yazici wrote:
> Passes the `Charset` read from the `stdin.encoding` system property while
> creating `InputStreamReader` or `Scanner` instances for `System.in`.
>
> `stdin.encoding` is a recently added property for Java 25 in
> [JDK-8350703](https://bug
On Fri, 23 May 2025 14:59:07 GMT, Nizar Benalla wrote:
>> Please review this patch to fix some `javadoc` bugs in `java.base`.
>> Certain `@link` tags used to refer to private fields instead of public APIs.
>>
>> A couple of `@see` tags in the [serialization
>> page](https://download.java.net/ja
On Thu, 22 May 2025 15:18:43 GMT, Nizar Benalla wrote:
>> Please review this patch to fix some `javadoc` bugs in `java.base`.
>> Certain `@link` tags used to refer to private fields instead of public APIs.
>>
>> A couple of `@see` tags in the [serialization
>> page](https://download.java.net/ja
This is a routine update to synchronize with the [Mozilla Public Suffix
List](https://github.com/publicsuffix/list) for JDK 25, matching commit 823beb1
from 2025-05-12.
The test has been updated to reflect corresponding changes.
-
Commit messages:
- the fix
Changes: https://git.o
On Tue, 8 Apr 2025 18:14:53 GMT, Weijun Wang wrote:
> Finalize the KDF API.
This pull request has now been integrated.
Changeset: 079fccfa
Author: Weijun Wang
URL:
https://git.openjdk.org/jdk/commit/079fccfa9a03b890e698c52c689dea0f19f8fbee
Stats: 209 lines in 18 files chan
> Finalize the KDF API.
Weijun Wang has updated the pull request incrementally with one additional
commit since the last revision:
new algorithms in SunJCE
-
Changes:
- all: https://git.openjdk.org/jdk/pull/24520/files
- new: https://git.openjdk.org/jdk/pull/24520/fi
On Mon, 5 May 2025 20:04:46 GMT, Valerie Peng wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> fine tuning debug log and exception message
>
> test/jdk/com/sun/crypto/provider/KD
> Finalize the KDF API.
Weijun Wang has updated the pull request incrementally with one additional
commit since the last revision:
fine tuning debug log and exception message
-
Changes:
- all: https://git.openjdk.org/jdk/pull/24520/files
- new: https://git.openjdk.org/
On Fri, 2 May 2025 12:50:41 GMT, Sean Mullan wrote:
>> Weijun Wang has updated the pull request with a new target base due to a
>> merge or a rebase. The pull request now contains six commits:
>>
>> - merge
>> - add a positive debug log and update exception mes
> Finalize the KDF API.
Weijun Wang has updated the pull request with a new target base due to a merge
or a rebase. The pull request now contains six commits:
- merge
- add a positive debug log and update exception message
- enhancing exception messages and debug outputs
- update @si
> Finalize the KDF API.
Weijun Wang has updated the pull request incrementally with two additional
commits since the last revision:
- add a positive debug log and update exception message
- enhancing exception messages and debug outputs
-
Changes:
- all: ht
The private key encoding formats of ML-KEM and ML-DSA are updated to match the
latest IERTF drafts at:
https://datatracker.ietf.org/doc/html/draft-ietf-lamps-dilithium-certificates-08
and
https://datatracker.ietf.org/doc/html/draft-ietf-lamps-kyber-certificates-10.
New security/system properti
On Mon, 14 Apr 2025 16:14:03 GMT, Roger Riggs wrote:
>> The JavaIOFilePermissionAccess interface is removed from SharedSecrets and
>> its implementation (FilePermCompat.java) used by the test is moved to
>> java.io FilePermission where cross package access is not needed.
>> The test FilePermis
On Fri, 11 Apr 2025 21:26:08 GMT, Roger Riggs wrote:
> The JavaIOFilePermissionAccess interface is removed from SharedSecrets and
> its implementation (FilePermCompat.java) used by the test is moved to java.io
> FilePermission where cross package access is not needed.
> The test FilePermission
> Finalize the KDF API.
Weijun Wang has updated the pull request incrementally with one additional
commit since the last revision:
update @since tags as required by JEP 12
-
Changes:
- all: https://git.openjdk.org/jdk/pull/24520/files
- new: https://git.openjdk.org/jdk/p
> Finalize the KDF API.
Weijun Wang has updated the pull request incrementally with one additional
commit since the last revision:
add enum back
-
Changes:
- all: https://git.openjdk.org/jdk/pull/24520/files
- new: https://git.openjdk.org/jdk/pull/24520/files/4ff3b
On Tue, 8 Apr 2025 19:35:33 GMT, Chen Liang wrote:
>> Finalize the KDF API.
>
> src/java.base/share/classes/jdk/internal/javac/PreviewFeature.java line 82:
>
>> 80: MODULE_IMPORTS,
>> 81: @JEP(number=478, title="Key Derivation Function API",
>> status="Preview")
>> 82: K
Finalize the KDF API.
-
Commit messages:
- the change
Changes: https://git.openjdk.org/jdk/pull/24520/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=24520&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8353888
Stats: 42 lines in 16 files changed: 0 ins; 30 del; 12
On Tue, 25 Mar 2025 13:00:44 GMT, Mikhail Yankelevich
wrote:
>> Updating `jdk.test.lib.SecurityTools` class to have jar method accept
>> `List` parameter similar to `keytool` methods.
>> Currently this only accept String parameter, which is error prone with
>> missing space
>
> Mikhail Yankele
On Mon, 11 Nov 2024 09:51:35 GMT, Julian Waters wrote:
>> After 8339120, gcc began catching many different instances of unused code in
>> the Windows specific codebase. Some of these seem to be bugs. I've taken the
>> effort to mark out all the relevant globals and locals that trigger the
>> u
On Fri, 17 Jan 2025 18:19:56 GMT, Eirik Bjørsnøs wrote:
>> Please review this PR which adds the `final` modifier to non-subclassable
>> classes in `java.base`.
>>
>> The classes were identified using an automated analysis. See CSR for details.
>>
>> Besides simply adding the `final` access mod
On Fri, 20 Sep 2024 00:33:39 GMT, Weijun Wang wrote:
> `Asserts.assertNotEquals` shows "expected 12345 to not equal 12345" which
> sounds redundant, just say "expected not equals but was 12345".
>
> `Asserts.assertEqualsByteArray` uses the words "expe
On Thu, 19 Dec 2024 10:17:28 GMT, Daniel Jeliński wrote:
>> test/lib/jdk/test/lib/Asserts.java line 256:
>>
>>> 254: * @see #assertNotEqualsByteArray(byte[], byte[], String)
>>> 255: */
>>> 256: public static void assertNotEqualsByteArray(byte[] unexpected,
>>> byte[] actual) {
>>
On Thu, 19 Dec 2024 03:50:59 GMT, Valerie Peng wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> be precise in method spec
>
> test/lib/jdk/test/lib/Asserts.java line 448:
>
>>
he `assertEquals` style ""expected... but was...".
Weijun Wang has updated the pull request incrementally with one additional
commit since the last revision:
fix usages
-
Changes:
- all: https://git.openjdk.org/jdk/pull/21101/files
- new: https://git.openjdk.org/jdk/
On Thu, 19 Dec 2024 03:19:35 GMT, Valerie Peng wrote:
>> Correct, I'll fix.
>>
>> As for its usages (in `ML_KEM_Test.java` etc), I'll be happy to fix them. In
>> fact, I first noticed those inconsistency and then decided to make the
>> changes here. Would you prefer them to be fixed in this PR
On Wed, 18 Dec 2024 23:22:20 GMT, Martin Balao wrote:
>> We would like to propose an implementation of the HKDF algorithms for
>> SunPKCS11, aligned with the KDF API proposed for JDK 24 (see [JEP 478: Key
>> Derivation Function API
>> (Preview)](https://bugs.openjdk.org/browse/JDK-8189808)).
>
On Wed, 18 Dec 2024 23:31:55 GMT, Martin Balao wrote:
>> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java
>> line 737:
>>
>>> 735: m(CKM_CHACHA20_POLY1305));
>>> 736: d(SKF, "Generic", P11SecretKeyFactory,
>>> 737: m(CKM_GENE
On Wed, 18 Dec 2024 19:56:02 GMT, Martin Balao wrote:
>> We would like to propose an implementation of the HKDF algorithms for
>> SunPKCS11, aligned with the KDF API proposed for JDK 24 (see [JEP 478: Key
>> Derivation Function API
>> (Preview)](https://bugs.openjdk.org/browse/JDK-8189808)).
>
On Wed, 18 Dec 2024 17:01:30 GMT, Roger Riggs wrote:
>> SM Cleanup of common test library test/lib/...:
>>
>> Remove unnecessary catches of SecurityException
>> Remove AccessController and doPrivileged from SimpleSSLContext and
>> ProcessTools.
>
> Roger Riggs has updated the pull request incre
On Thu, 12 Dec 2024 04:14:22 GMT, Martin Balao wrote:
>> We would like to propose an implementation of the HKDF algorithms for
>> SunPKCS11, aligned with the KDF API proposed for JDK 24 (see [JEP 478: Key
>> Derivation Function API
>> (Preview)](https://bugs.openjdk.org/browse/JDK-8189808)).
>
On Wed, 18 Dec 2024 15:00:13 GMT, Roger Riggs wrote:
> SM Cleanup of common test library test/lib/...:
>
> Remove unnecessary catches of SecurityException
> Remove AccessController and doPrivileged from SimpleSSLContext and
> ProcessTools.
Looks good. I see some more in `test/lib/jdk/test/lib/
On Wed, 18 Dec 2024 02:37:05 GMT, Valerie Peng wrote:
>> test/lib/jdk/test/lib/Asserts.java line 244:
>>
>>> 242: * @see #assertEqualsByteArray(byte[], byte[], String)
>>> 243: */
>>> 244: public static void assertEqualsByteArray(byte[] expected, byte[]
>>> actual) {
>>
>> Based
he `assertEquals` style ""expected... but was...".
Weijun Wang has updated the pull request incrementally with one additional
commit since the last revision:
be precise in method spec
-
Changes:
- all: https://git.openjdk.org/jdk/pull/21101/files
- new: https://git.
On Thu, 12 Dec 2024 04:14:22 GMT, Martin Balao wrote:
>> We would like to propose an implementation of the HKDF algorithms for
>> SunPKCS11, aligned with the KDF API proposed for JDK 24 (see [JEP 478: Key
>> Derivation Function API
>> (Preview)](https://bugs.openjdk.org/browse/JDK-8189808)).
>
he `assertEquals` style ""expected... but was...".
Weijun Wang has updated the pull request with a new target base due to a merge
or a rebase. The incremental webrev excludes the unrelated changes brought in
by the merge/rebase. The pull request contains three additional commits sinc
On Tue, 17 Dec 2024 12:57:08 GMT, Daniel Jeliński wrote:
>> Are those calls from me? I know I haven't followed this pattern and I'm
>> thinking about fixing them later.
>>
>> The reason I want to make this change is to make it consistent with the
>> current `assertEquals` method that shows " e
On Tue, 17 Dec 2024 12:57:43 GMT, Daniel Jeliński wrote:
>> test/lib/jdk/test/lib/Asserts.java line 448:
>>
>>> 446: if ((lhs == rhs) || (lhs != null && lhs.equals(rhs))) {
>>> 447: msg = Objects.toString(msg, "assertNotEquals")
>>> 448: + ": expected not
On Mon, 16 Dec 2024 22:31:36 GMT, Valerie Peng wrote:
>> `Asserts.assertNotEquals` shows "expected 12345 to not equal 12345" which
>> sounds redundant, just say "expected not equals but was 12345".
>>
>> `Asserts.assertEqualsByteArray` uses the words "expected... to equal...".
>> Modify it to
On Mon, 16 Dec 2024 22:28:55 GMT, Valerie Peng wrote:
>> `Asserts.assertNotEquals` shows "expected 12345 to not equal 12345" which
>> sounds redundant, just say "expected not equals but was 12345".
>>
>> `Asserts.assertEqualsByteArray` uses the words "expected... to equal...".
>> Modify it to
On Thu, 12 Dec 2024 02:13:41 GMT, Martin Balao wrote:
>> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11KDF.java line
>> 154:
>>
>>> 152: long saltType = CKF_HKDF_SALT_NULL;
>>> 153: byte[] saltBytes = null;
>>> 154: P11Key p11SaltKey = null;
>>
>> For `Ex
On Wed, 11 Dec 2024 22:59:29 GMT, Martin Balao wrote:
>> We would like to propose an implementation of the HKDF algorithms for
>> SunPKCS11, aligned with the KDF API proposed for JDK 24 (see [JEP 478: Key
>> Derivation Function API
>> (Preview)](https://bugs.openjdk.org/browse/JDK-8189808)).
>
On Thu, 5 Dec 2024 22:36:12 GMT, Justin Lu wrote:
> Please review this PR which contains the open L10n drop changes for RDP1.
>
> I recommend viewing the improved diffs which are built out by Jon's tool
> here: https://cr.openjdk.org/~jlu/output/. As always, I can not confirm the
> correctnes
On Thu, 5 Dec 2024 22:36:12 GMT, Justin Lu wrote:
> Please review this PR which contains the open L10n drop changes for RDP1.
>
> I recommend viewing the improved diffs which are built out by Jon's tool
> here: https://cr.openjdk.org/~jlu/output/. As always, I can not confirm the
> correctnes
On Mon, 18 Nov 2024 23:01:41 GMT, Martin Balao wrote:
>> We would like to propose an implementation of the HKDF algorithms for
>> SunPKCS11, aligned with the KDF API proposed for JDK 24 (see [JEP 478: Key
>> Derivation Function API
>> (Preview)](https://bugs.openjdk.org/browse/JDK-8189808)).
>
On Mon, 18 Nov 2024 23:01:41 GMT, Martin Balao wrote:
>> We would like to propose an implementation of the HKDF algorithms for
>> SunPKCS11, aligned with the KDF API proposed for JDK 24 (see [JEP 478: Key
>> Derivation Function API
>> (Preview)](https://bugs.openjdk.org/browse/JDK-8189808)).
>
On Mon, 18 Nov 2024 23:01:41 GMT, Martin Balao wrote:
>> We would like to propose an implementation of the HKDF algorithms for
>> SunPKCS11, aligned with the KDF API proposed for JDK 24 (see [JEP 478: Key
>> Derivation Function API
>> (Preview)](https://bugs.openjdk.org/browse/JDK-8189808)).
>
On Wed, 4 Dec 2024 16:24:55 GMT, Sean Mullan wrote:
>> The internal `ProtectionDomain.doIntersectionPrivilege` methods can be
>> removed as all dependencies have been removed in post JEP 486 cleanup issues.
>
> Sean Mullan has updated the pull request incrementally with one additional
> commit
On Wed, 4 Dec 2024 15:59:44 GMT, Sean Mullan wrote:
>> The internal `ProtectionDomain.doIntersectionPrivilege` methods can be
>> removed as all dependencies have been removed in post JEP 486 cleanup issues.
>
> Sean Mullan has updated the pull request incrementally with one additional
> commit
On Wed, 4 Dec 2024 15:40:03 GMT, Sean Mullan wrote:
> The internal `ProtectionDomain.doIntersectionPrivilege` methods can be
> removed as all dependencies have been removed in post JEP 486 cleanup issues.
I see in `SharedSecrets` these 2 imports are useless. Not sure if you want to
take this c
On Fri, 8 Nov 2024 13:49:55 GMT, Sean Mullan wrote:
>> This is the implementation of JEP 486: Permanently Disable the Security
>> Manager. See [JEP 486](https://openjdk.org/jeps/486) for more details. The
>> [CSR](https://bugs.openjdk.org/browse/JDK-8338412) describes in detail the
>> main cha
On Mon, 4 Nov 2024 16:09:33 GMT, Weijun Wang wrote:
> The test was mistakenly put in a package as the library class it's testing.
> This is unnecessary since there is no internal field/method it needs access
> to.
This pull request has now been integrated.
Changeset: c
The test was mistakenly put in a package as the library class it's testing.
This is unnecessary since there is no internal field/method it needs access to.
-
Commit messages:
- 8343549: SeededSecureRandomTest needn't be in a package
Changes: https://git.openjdk.org/jdk/pull/21881/f
On Mon, 28 Oct 2024 21:02:00 GMT, Sean Mullan wrote:
>> Sean Mullan has updated the pull request with a new target base due to a
>> merge or a rebase. The pull request now contains 175 commits:
>>
>> - Merge remote-tracking branch 'jdk-sandbox/jep486' into JDK-8338411
>> - Specify that params
On Fri, 25 Oct 2024 21:14:25 GMT, Sean Mullan wrote:
>> src/java.base/share/classes/java/security/SecureClassLoader.java line 1:
>>
>>> 1: /*
>>
>> The class spec still mentions "permissions which are retrieved by the system
>> policy by default". Shall we remove it? Also, `getPermissions` alw
On Fri, 25 Oct 2024 20:53:23 GMT, Sean Mullan wrote:
>> src/java.base/share/classes/java/security/AccessControlContext.java line 141:
>>
>>> 139: throws AccessControlException
>>> 140: {
>>> 141: throw new AccessControlException("");
>>
>> No message for this exception?
>
>
On Thu, 24 Oct 2024 13:19:55 GMT, Sean Mullan wrote:
>> This is the implementation of JEP 486: Permanently Disable the Security
>> Manager. See [JEP 486](https://openjdk.org/jeps/486) for more details. The
>> [CSR](https://bugs.openjdk.org/browse/JDK-8338412) describes in detail the
>> main ch
On Mon, 21 Oct 2024 14:34:30 GMT, Julian Waters wrote:
> After 8339120, gcc began catching many different instances of unused code in
> the Windows specific codebase. Some of these seem to be bugs. I've taken the
> effort to mark out all the relevant globals and locals that trigger the
> unuse
On Fri, 18 Oct 2024 19:03:30 GMT, Sean Mullan wrote:
>> This is the implementation of JEP 486: Permanently Disable the Security
>> Manager. See [JEP 486](https://openjdk.org/jeps/486) for more details. The
>> [CSR](https://bugs.openjdk.org/browse/JDK-8338412) describes in detail the
>> main ch
On Fri, 18 Oct 2024 19:52:35 GMT, Sean Mullan wrote:
>> I assume for the second one above you mean
>> `javax.security.auth.kerberos.ServicePermission`. These classes still have a
>> lot of words like "grant" and "trust". I will make some changes to the
>> class descriptions of those classes,
On Wed, 16 Oct 2024 14:55:34 GMT, Jan Lahoda wrote:
>> Currently, running `java` without any parameters will lead to an output that
>> is a full `--help`, which is over 100 lines (on my computer at least), and
>> it feels overwhelming. And many people might actually want to run
>> JShell/REPL,
On Wed, 16 Oct 2024 20:51:49 GMT, Sean Mullan wrote:
>> src/jdk.security.jgss/share/classes/com/sun/security/jgss/InquireSecContextPermission.java
>> line 31:
>>
>>> 29:
>>> 30: /**
>>> 31: * This class is for GSS security context permissions.
>>
>> Why is the content of _this_ class modifie
On Mon, 14 Oct 2024 13:52:24 GMT, Sean Mullan wrote:
> This is the implementation of JEP 486: Permanently Disable the Security
> Manager. See [JEP 486](https://openjdk.org/jeps/486) for more details. The
> [CSR](https://bugs.openjdk.org/browse/JDK-8338412) describes in detail the
> main change
On Thu, 10 Oct 2024 16:37:24 GMT, Andrew Haley wrote:
>> The fourth preview of scoped values.
>
> Andrew Haley has updated the pull request incrementally with one additional
> commit since the last revision:
>
> Fix javadoc
The one line change in `Subject.java` is fine.
-
PR Co
On Tue, 8 Oct 2024 15:28:17 GMT, Jan Lahoda wrote:
> Currently, running `java` without any parameters will lead to an output that
> is a full `--help`, which is over 100 lines (on my computer at least), and it
> feels overwhelming. And many people might actually want to run JShell/REPL,
> not
`Asserts.assertNotEquals` shows "expected 12345 to not equal 12345" which
sounds redundant, just say "expected not equals but was 12345".
`Asserts.assertEqualsByteArray` uses the words "expected... to equal...".
Modify it to follow the `assertEquals` style ""expected... but was...".
---
On Mon, 17 Jun 2024 14:51:07 GMT, Weijun Wang wrote:
> Make sure `pd` is always the same object when `getProtectionDomain0` is null.
This pull request has now been integrated.
Changeset: c3226aae
Author: Weijun Wang
URL:
https://git.openjdk.org/jdk/com
On Tue, 16 Jul 2024 12:59:36 GMT, Alan Bateman wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> explain why the test is related to the fix
>
> test/jdk/java/lang/Class/ProtectionDom
> Make sure `pd` is always the same object when `getProtectionDomain0` is null.
Weijun Wang has updated the pull request incrementally with two additional
commits since the last revision:
- var to real type
- rename
-
Changes:
- all: https://git.openjdk.org/jdk/pull/19
On Mon, 17 Jun 2024 19:56:38 GMT, Sean Mullan wrote:
> AFAICT, the only test modified in this PR that actually enables a Security
> Manager is test/jdk/javax/management/security/AuthorizationTest.java. Is that
> test sufficient to exercise the code changes in this PR when an SM is enabled?
Whi
> Make sure `pd` is always the same object when `getProtectionDomain0` is null.
Weijun Wang has updated the pull request incrementally with one additional
commit since the last revision:
explain why the test is related to the fix
-
Changes:
- all: https://git.openjdk.org/
On Mon, 17 Jun 2024 15:11:29 GMT, Weijun Wang wrote:
>> test/jdk/java/lang/Class/ProtectionDomainRace.java line 42:
>>
>>> 40: try {
>>> 41: Subject.doAs(null, ac);
>>> 42: } catch (Throwable t) {
>&g
On Mon, 17 Jun 2024 15:08:26 GMT, Chen Liang wrote:
>> Make sure `pd` is always the same object when `getProtectionDomain0` is null.
>
> test/jdk/java/lang/Class/ProtectionDomainRace.java line 42:
>
>> 40: try {
>> 41: Subject.doAs(null, ac);
>> 42:
Make sure `pd` is always the same object when `getProtectionDomain0` is null.
-
Commit messages:
- chmod
- the fix
Changes: https://git.openjdk.org/jdk/pull/19752/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=19752&range=00
Issue: https://bugs.openjdk.org/browse/JDK-83
On Mon, 17 Jun 2024 10:03:27 GMT, Kevin Walls wrote:
>> JMX uses APIs related to the Security Mananger which are deprecated. Use of
>> AccessControlContext will be removed when Security Manager is removed.
>>
>> Until then, updates are needed to not require setting
>> -Djava.security.manager
On Fri, 14 Jun 2024 15:26:54 GMT, Kevin Walls wrote:
>> JMX uses APIs related to the Security Mananger which are deprecated. Use of
>> AccessControlContext will be removed when Security Manager is removed.
>>
>> Until then, updates are needed to not require setting
>> -Djava.security.manager
On Fri, 14 Jun 2024 14:00:58 GMT, Kevin Walls wrote:
>> src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java
>> line 1461:
>>
>>> 1459: throw rte;
>>> 1460: } else {
>>> 1461: throw new PrivilegedActionException(e);
On Fri, 14 Jun 2024 12:41:20 GMT, Kevin Walls wrote:
> Does noPermissionsACC add anything?
I don't know. My principal for this code change is that nothing is changed for
the SM-is-allowed case.
-
PR Comment: https://git.openjdk.org/jdk/pull/19624#issuecomment-2168203868
On Thu, 13 Jun 2024 20:54:25 GMT, Kevin Walls wrote:
>> JMX uses APIs related to the Security Mananger which are deprecated. Use of
>> AccessControlContext will be removed when Security Manager is removed.
>>
>> Until then, updates are needed to not require setting
>> -Djava.security.manager
On Tue, 11 Jun 2024 18:04:45 GMT, Kevin Walls wrote:
>> src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java
>> line 1301:
>>
>>> 1299: }
>>> 1300: };
>>> 1301: if (acc == null) {
>>
>> This is a comment to all the
On Tue, 11 Jun 2024 16:18:23 GMT, Kevin Walls wrote:
>> JMX uses APIs related to the Security Mananger which are deprecated. Use of
>> AccessControlContext will be removed when Security Manager is removed.
>>
>> Until then, updates are needed to not require setting
>> -Djava.security.manager
On Mon, 13 May 2024 11:47:38 GMT, Maurizio Cimadamore
wrote:
>> This PR implements [JEP 472](https://openjdk.org/jeps/472), by restricting
>> the use of JNI in the following ways:
>>
>> * `System::load` and `System::loadLibrary` are now restricted methods
>> * `Runtime::load` and `Runtime::loa
Update PSL to the latest upstream version.
-
Commit messages:
- the change
Changes: https://git.openjdk.org/jdk/pull/19127/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=19127&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8331864
Stats: 568 lines in 5 files chang
On Wed, 17 Jan 2024 23:41:53 GMT, Weijun Wang wrote:
> This code change adds an alternative implementation of user-based
> authorization `Subject` APIs that doesn't depend on Security Manager APIs.
> Depending on if the Security Manager is allowed, the methods store the
>
On Wed, 20 Mar 2024 14:45:50 GMT, Weijun Wang wrote:
>> This code change adds an alternative implementation of user-based
>> authorization `Subject` APIs that doesn't depend on Security Manager APIs.
>> Depending on if the Security Manager is allowed, the methods store
of the current `AccessControlContext`, then instead of storing the
> previous `AccessControlContext` object and passing it into `getSubject` to
> get the "previous" subject, the application should store the `current()`
> return value directly.
Weijun Wang has updated the pull reques
of the current `AccessControlContext`, then instead of storing the
> previous `AccessControlContext` object and passing it into `getSubject` to
> get the "previous" subject, the application should store the `current()`
> return value directly.
Weijun Wang has updated the pull reque
On Wed, 13 Mar 2024 19:53:40 GMT, Sean Mullan wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> revert changes to MBeanServerFileAccessController.java
>
> test/j
of the current `AccessControlContext`, then instead of storing the
> previous `AccessControlContext` object and passing it into `getSubject` to
> get the "previous" subject, the application should store the `current()`
> return value directly.
Weijun Wang has updated the pull reques
On Tue, 5 Mar 2024 16:49:01 GMT, Kevin Walls wrote:
>> Do you know where the subject is set? If it's set by a `doAs` call then it
>> will co-operate with `current()` no matter if SM is allowed. I tried to
>> search in the whole module and cannot find a `doAs` call. If it is also
>> through `Su
of the current `AccessControlContext`, then instead of storing the
> previous `AccessControlContext` object and passing it into `getSubject` to
> get the "previous" subject, the application should store the `current()`
> return value directly.
Weijun Wang has updated the pull reque
On Tue, 5 Mar 2024 11:36:53 GMT, Kevin Walls wrote:
>> I think we need @kevinjwalls or @dfuch to help advise on this.
>
> Right, this does not depend on the SM. All we need to do is get the Subject.
> This method implements the basic monitor (readonly) and control (readwrite)
> access.
> acces
of the current `AccessControlContext`, then instead of storing the
> previous `AccessControlContext` object and passing it into `getSubject` to
> get the "previous" subject, the application should store the `current()`
> return value directly.
Weijun Wang has updated the pull req
On Mon, 4 Mar 2024 16:17:14 GMT, Sean Mullan wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> fix MBeanServerFileAccessController, more test in SM
>
> src/java.base/share/classes/ja
On Mon, 4 Mar 2024 15:47:41 GMT, Sean Mullan wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> fix MBeanServerFileAccessController, more test in SM
>
> test/jdk/javax/security/auth/Subj
1 - 100 of 175 matches
Mail list logo
