stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
37,070 Commits 2 Branches 0 Tags 1.2 GiB
55101b0096
Commit Graph

668 Commits

Author SHA1 Message Date
Chris Hegarty
6c1acc1638 Merge 2013-10-04 14:51:17 +01:00
David Katleman
b4c28b3b28 Merge 2013-10-01 12:45:47 -07:00
Kumar Srinivasan
a210a6a74e 8020552: [launcher] changes to support removal of Solaris 32-bit distribution 
8023495: [infra] create 64-bit solaris bits with symlinks

Reviewed-by: ihse, tbell, dholmes, darcy, alanb, erikj, sla, martin
 2013-09-27 16:29:44 -07:00
Vinnie Ryan
f36ff9e467 8008171: Refactor KeyStore.DomainLoadStoreParameter as a standalone class 
Reviewed-by: mullan, weijun
 2013-10-09 10:48:44 +01:00
Weijun Wang
cccb39a270 8024302: Clarify jar verifications 
8023338: Update jarsigner to encourage timestamping

Reviewed-by: mullan, ahgross
 2013-09-19 10:40:16 +08:00
Xue-Lei Andrew Fan
d5c45c6cde 8024444: Change to use othervm mode of tests in SSLEngineImpl 
Reviewed-by: mullan
 2013-09-09 19:07:05 -07:00
Weijun Wang
a4c7971bdb 8024046: Test sun/security/krb5/runNameEquals.sh failed on 7u45 Embedded linux-ppc* 
Reviewed-by: xuelei
 2013-09-09 11:08:20 +08:00
Xue-Lei Andrew Fan
8b9c8247a8 7188657: There should be a way to reorder the JSSE ciphers 
Reviewed-by: weijun, wetmore
 2013-09-07 17:05:22 -07:00
Vinnie Ryan
cbe29b7b72 8008296: keytool utility doesn't support '-importpassword' command 
Reviewed-by: weijun
 2013-10-04 16:05:55 +01:00
Weijun Wang
5ae304e238 8012615: Realm.getRealmsList returns realms list in wrong 
Reviewed-by: valeriep, xuelei
 2013-09-18 18:22:49 +08:00
Bradford Wetmore
47f46da3fa 8025694: Rename getStrongSecureRandom based on feedback 
8014838: getStrongSecureRandom() should require at least one implementation

Reviewed-by: mullan, darcy
 2013-10-02 09:38:57 -07:00
Artem Smotrakov
54ebd8d42e 8025123: SNI support in Kerberos cipher suites 
Reviewed-by: weijun, xuelei
 2013-10-01 20:25:44 -07:00
Anthony Scarpino
cf7cbcdce8 8004283: test/sun/security/pkcs11/KeyStore/SecretKeysBasic.sh failing intermittently 
Reviewed-by: vinnie
 2013-09-18 14:57:29 -07:00
Weijun Wang
b16be80c6b 8024861: Incomplete token triggers GSS-API NullPointerException 
Reviewed-by: mullan
 2013-09-27 15:25:18 +08:00
Weijun Wang
c5fd247e16 8022761: regression: SecurityException is NOT thrown while trying to pack a wrongly signed Indexed Jar file 
Reviewed-by: sherman
 2013-08-27 17:50:55 +08:00
Weijun Wang
849788a425 8015669: KerberosPrincipal::equals should ignore name-type 
Reviewed-by: mullan
 2013-08-27 17:50:52 +08:00
Xue-Lei Andrew Fan
cac8b88f48 8022228: Intermittent test failures in sun/security/ssl/javax/net/ssl/NewAPIs 
Reviewed-by: weijun
 2013-08-21 19:44:35 -07:00
Xue-Lei Andrew Fan
2e2313ef87 8020842: IDN do not throw IAE when hostname ends with a trailing dot 
Reviewed-by: weijun, michaelm
 2013-08-19 17:42:39 -07:00
Xue-Lei Andrew Fan
1cff90b335 8024068: sun/security/ssl/javax/net/ssl/ServerName/IllegalSNIName.java fails 
Reviewed-by: weijun
 2013-09-01 20:00:03 -07:00
Weijun Wang
9688bbb771 8021789: jarsigner parses alias as command line option (depending on locale) 
Reviewed-by: vinnie
 2013-08-02 08:59:37 +08:00
Anthony Scarpino
eae349e914 8020424: The NSS version should be detected before running crypto tests 
Reviewed-by: valeriep
 2013-07-29 13:43:24 -07:00
Anthony Scarpino
a7dbbbddcd 8012971: PKCS11Test hiding exception failures 
Reviewed-by: vinnie, valeriep
 2013-07-19 11:34:33 -07:00
Lana Steuck
ac26dd6009 Merge 2013-07-26 15:16:53 -07:00
Rajan Halade
26d9259db7 8019544: Need to run ProviderTest.java in othervm mode 
Reviewed-by: wetmore, xuelei, vinnie
 2013-07-26 14:16:53 -07:00
Lana Steuck
29041e2c4a Merge 2013-07-26 14:07:32 -07:00
Jason Uh
e01b8f673e 8016916: UnstructuredName should support DirectoryString 
Reviewed-by: mullan
 2013-07-24 12:48:10 -07:00
Lana Steuck
ee1b9621d9 Merge 2013-07-22 17:37:15 -07:00
Weijun Wang
2842af69c0 8019410: sun/security/krb5/auto/ReplayCacheTestProc.java 
Reviewed-by: mullan
 2013-07-13 08:47:49 +08:00
David Katleman
1ad2c364d6 8020414: JDK8 b98 source with GPL header errors 
Reviewed-by: darcy, lancea, iris
 2013-07-11 14:03:31 -07:00
Valerie Peng
a4223b53c1 8020321: Problem in PKCS11 regression test TestRSAKeyLength 
Corrected the "isValidKeyLength" array

Reviewed-by: xuelei
 2013-07-11 11:43:23 -07:00
Weijun Wang
2241a3720d 8019267: NPE in AbstractSaslImpl when trace level >= FINER in KRB5 
Reviewed-by: mullan
 2013-07-10 15:11:32 +08:00
Bradford Wetmore
2c7b97640d 8019341: Update CookieHttpsClientTest to use the newer framework 
Reviewed-by: xuelei, smarks, michaelm
 2013-07-05 18:22:58 -07:00
Xue-Lei Andrew Fan
d22a89a1ae 8017049: rename property jdk.tls.rejectClientInitializedRenego 
Reviewed-by: vinnie, wetmore, mullan
 2013-06-26 06:32:40 -07:00
Weijun Wang
cb9be51085 8017453: ReplayCache tests fail on multiple platforms 
Reviewed-by: xuelei
 2013-06-24 16:25:28 +08:00
Weijun Wang
af996219c7 8001326: Improve Kerberos caching 
Reviewed-by: valeriep
 2013-06-21 18:26:13 +08:00
Xue-Lei Andrew Fan
b0246ef1ae 8017157: catch more exception in test RejectClientRenego 
Reviewed-by: vinnie
 2013-06-20 07:48:49 -07:00
Xue-Lei Andrew Fan
1ead1fc8bc 7188658: Add possibility to disable client initiated renegotiation 
Reviewed-by: weijun, wetmore
 2013-06-19 02:33:07 -07:00
Xue-Lei Andrew Fan
7384a4704e 8000456: Add programmatic deadlock detection in SSLEngineDeadlock 
Reviewed-by: wetmore
 2013-06-18 18:50:13 -07:00
Weijun Wang
1e0ca48079 8015274: TEST_BUG: Step2: After selecting 'View Warning Log', it is empty instead of FileNotFound 
8015276: TEST_BUG: The 'ptool.test' can't be saved in the 'tmp' folder
8016158: Instruction is not clear on how to use keytool to create JKS store in case

Reviewed-by: mullan
 2013-06-13 10:00:00 +08:00
Weijun Wang
77e684366c 8014310: JAAS/Krb5LoginModule using des encytypes failure with NPE after JDK-8012679 
Reviewed-by: valeriep
 2013-06-13 09:59:29 +08:00
Pasi Eronen
b888136f12 8014618: Need to strip leading zeros in TlsPremasterSecret of DHKeyAgreement 
Reviewed-by: xuelei
 2013-05-30 22:02:43 -07:00
Weijun Wang
c43d7aa0de 8014196: ktab creates a file with zero kt_vno 
Reviewed-by: valeriep
 2013-05-24 17:15:43 +08:00
Vinnie Ryan
193ed72708 Merge 2013-05-16 02:43:58 -07:00
Stephen Flores
c39030c7b3 7194075: Various classes of sunec.jar are duplicated in rt.jar 
Reviewed-by: mullan, vinnie
 2013-05-14 18:08:18 +01:00
Valerie Peng
fe625d26a3 Merge 2013-05-13 16:52:33 -07:00
Anthony Scarpino
2c0b00cbe0 8001284: Buffer problems with SunPKCS11-Solaris and CKM_AES_CTR 
Changed output length calculation to include incomplete blocks for CTR mode.

Reviewed-by: valeriep
 2013-05-07 14:13:53 -07:00
Valerie Peng
94c8fa5cb1 7196009: SunPkcs11 provider fails to parse config path containing parenthesis 
Enhanced to allow quoted string as library path values.

Reviewed-by: weijun
 2013-05-07 14:06:19 -07:00
Weijun Wang
5ec35be1d2 8010192: Enable native JGSS provider on Mac 
Reviewed-by: valeriep
 2013-05-07 12:30:36 +08:00
Jason Uh
b762ba9ab4 8005922: TEST_BUG: There is no /tmp directory for windows system 
Reviewed-by: weijun
 2013-05-03 15:04:54 -07:00
Jason Uh
33196b314d 8007699: Move some tests from test/sun/security/provider/certpath/X509CertPath to closed repo 
Reviewed-by: mullan
 2013-05-09 12:00:46 -07:00
Weijun Wang
0c02ab3a5e 8012679: Let allow_weak_crypto default to false 
Reviewed-by: valeriep
 2013-05-08 08:25:34 +08:00
Weijun Wang
905250cdfe 8012082: SASL: auth-conf negotiated, but unencrypted data is accepted, reset to unencrypt 
Reviewed-by: vinnie
 2013-05-01 21:05:10 +08:00
Weijun Wang
70b23a07be 8005523: Unbound krb5 for TLS 
Reviewed-by: xuelei
 2013-04-27 18:25:16 +08:00
Alan Bateman
d51ab5c39c 8012530: test/sun/security/provider/SecureRandom/StrongSeedReader.java failing 
Reviewed-by: wetmore
 2013-04-25 17:10:36 -07:00
Weijun Wang
0ec3fd796b 8005527: [TEST_BUG] console.sh failed Automatically with exit code 1 
Reviewed-by: xuelei
 2013-04-22 11:39:53 +08:00
Weijun Wang
ab7ecdd1b3 8009636: JARSigner including TimeStamp PolicyID (TSAPolicyID) as defined in RFC3161 
Reviewed-by: mullan
 2013-04-19 15:41:11 +08:00
Vinnie Ryan
74d720c7b5 Merge 2013-04-17 02:53:02 -07:00
Weijun Wang
dfcf6055a7 8011124: Make KerberosTime immutable 
Reviewed-by: xuelei
 2013-04-17 10:15:33 +08:00
Bradford Wetmore
63a6638ebf 6425477: Better support for generation of high entropy random numbers 
Reviewed-by: xuelei, weijun, mullan
 2013-04-11 21:03:24 -07:00
Xue-Lei Andrew Fan
a973a4d533 8011680: Re-integrate AEAD implementation of JSSE 
It is a re-merge of JDK-7030966.

Reviewed-by: wetmore
 2013-04-11 18:57:14 -07:00
Weijun Wang
b02989edef 8011867: Accept unknown PKCS #9 attributes 
Reviewed-by: vinnie
 2013-04-11 11:09:50 +08:00
Weijun Wang
7d8e86633a 8005460: [findbugs] Probably returned array should be cloned 
Reviewed-by: xuelei
 2013-04-11 10:58:17 +08:00
Weijun Wang
4a64ecdf42 8010125: keytool -importkeystore could create a pkcs12 keystore with different storepass and keypass 
Reviewed-by: vinnie
 2013-03-28 20:27:53 +08:00
Weijun Wang
5f08966515 8009875: Provide a default udp_preference_limit for krb5.conf 
Reviewed-by: valeriep
 2013-03-23 11:49:39 +08:00
Lana Steuck
31330fc47a Merge 2013-03-12 19:04:49 -07:00
Bradford Wetmore
9e5da0ad31 8009925: Back out AEAD CipherSuites temporarily 
Reviewed-by: valeriep
 2013-03-12 15:31:49 -07:00
Weijun Wang
2ec1224ff0 8000653: SPNEGO tests fail at context.getDelegCred().getRemainingInitLifetime(mechOid) 
Reviewed-by: valeriep
 2013-03-09 17:27:58 +08:00
Sean Mullan
6190b5040a Merge 2013-03-01 16:15:23 -05:00
Sean Mullan
6cd495e473 8008908: Access denied when invoking Subject.doAsPrivileged() 
Wildcard principal names are not processed correctly

Reviewed-by: xuelei
 2013-03-01 16:12:50 -05:00
Xue-Lei Andrew Fan
9abb185430 7030966: Support AEAD CipherSuites 
Reviewed-by: weijun, wetmore, valeriep
 2013-03-01 02:34:34 -08:00
Edvard Wendelin
2f5be3ab0d Merge 2013-02-25 08:44:00 +01:00
Mark Sheppard
ec9e303630 8006182: cleanup to use java.util.Base64 in java security component, providers, and regression tests 
Refactored code to use java.util.Base64 Mime Encoder and Decoder as a replacement for sun.misc.BASE64Encoder and sun.misc.BASE64Decoder

Reviewed-by: vinnie, chegar, sherman
 2013-02-21 20:01:22 +00:00
Edvard Wendelin
cbfc80d987 Merge 2013-02-19 21:48:01 +01:00
David Holmes
390cc1d7a1 Merge 2013-02-17 16:44:19 -05:00
Vinnie Ryan
8f58ebc261 8007755: Support the logical grouping of keystores 
Reviewed-by: mullan
 2013-02-13 19:40:51 +00:00
Weijun Wang
d8233ec657 8001104: Unbound SASL service: the GSSAPI/krb5 mech 
Reviewed-by: valeriep
 2013-02-09 16:43:49 +08:00
Edvard Wendelin
11036fb4d5 Merge 2013-02-05 15:35:35 +01:00
Vinnie Ryan
85c0519ca6 8007483: attributes are ignored when loading keys from a PKCS12 keystore 
Reviewed-by: mullan
 2013-02-05 14:25:47 +00:00
David Holmes
eb1726c151 Merge 2013-02-04 18:08:50 -05:00
Vinnie Ryan
ddbfa5fe53 8006994: Cleanup PKCS12 tests to ensure streams get closed 
Reviewed-by: mullan
 2013-02-04 17:20:26 +00:00
Weijun Wang
0c6cb9cdc2 8006564: Test sun/security/util/Oid/S11N.sh fails with timeout on Linux 32-bit 
Reviewed-by: alanb
 2013-02-01 07:39:41 +08:00
Vinnie Ryan
3727e751f6 8006855: PKCS12 test failures due to unsupported algorithm 
Reviewed-by: mullan
 2013-01-24 16:44:15 +00:00
Vinnie Ryan
b680bc8ca7 8005408: KeyStore API enhancements 
Reviewed-by: mullan
 2013-01-23 23:13:54 +00:00
Chris Hegarty
12e480040a 8006669: sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/PostThruProxy.sh fails on mac 
Reviewed-by: alanb
 2013-01-23 14:45:44 +00:00
Alan Bateman
a23a1a942b 8004502: Compact Profiles contents 
Reviewed-by: dholmes, mchung
 2013-01-21 23:35:36 -05:00
Jason Uh
3d92cb12a6 8006092: SecurityPermission: printIdentity doesn't exist 
Reviewed-by: weijun
 2013-01-21 15:05:49 +08:00
Jason Uh
5d2a6972af 8005939: sun/security/x509/{X509CRLImplX509CertImpl}/Verify.java fail in confusing way when some providers not present 
Reviewed-by: mullan, weijun
 2013-01-16 13:35:17 -05:00
Jason Uh
68eb431db8 8005389: Backout fix for JDK-6500133 
Reviewed-by: mullan
 2013-01-16 09:51:21 -05:00
Alan Bateman
c12b624078 8005978: shell tests need to use the $COMPILEJDK for javac, jar and other tools 
Reviewed-by: chegar
 2013-01-11 20:19:55 +00:00
Sean Mullan
86b40c8697 Merge 2013-01-09 08:59:58 -05:00
Sean Mullan
d01edb0815 Merge 2013-01-08 19:02:55 -05:00
Sean Mullan
b492dc9bac 7019834: Eliminate dependency from PolicyFile to com.sun.security.auth.PrincipalComparator 
Add new java.security.Principal.implies method

Reviewed-by: alanb
 2013-01-08 19:00:12 -05:00
Weijun Wang
d9c892c9fd 8005447: default principal should act as anyone 
Reviewed-by: valeriep
 2013-01-08 14:54:56 +08:00
Lana Steuck
b7af263526 Merge 2012-12-28 18:36:41 -08:00
Xue-Lei Andrew Fan
6d41a58c82 7109274: Restrict the use of certificates with RSA keys less than 1024 bits 
This restriction is applied via the Java Security property, "jdk.certpath.disabledAlgorithms". This will impact providers that adhere to this security property.

Reviewed-by: mullan
 2012-12-28 00:48:12 -08:00
David Katleman
306cab1006 8004982: JDK8 source with GPL header errors 
Reviewed-by: ohair
 2012-12-20 16:24:50 -08:00
Weijun Wang
5ded9d47a1 7197159: accept different kvno if there no match 
Reviewed-by: xuelei
 2012-12-17 12:18:46 +08:00
Mark Sheppard
c9063f559f 8003890: corelibs test scripts should pass TESTVMOPTS 
Reviewed-by: chegar, alanb
 2012-12-13 14:47:35 +00:00
Jason Uh
e3c39dffe5 7193792: sun/security/pkcs11/ec/TestECDSA.java failing intermittently 
Reviewed-by: vinnie, wetmore
 2012-12-13 09:35:35 -05:00
Weijun Wang
2be2f20b65 8004488: wrong permissions checked in krb5 
Reviewed-by: xuelei
 2012-12-11 13:14:56 +08:00
Edvard Wendelin
f92370665e Merge 2013-02-03 23:25:38 +01:00
Xue-Lei Andrew Fan
eb66ce8b2e 8004184: security tests leave JSSEServer running 
Use othervm mode to release resources,  and correct the system properties issues in JSSE

Reviewed-by: chegar
 2012-12-03 06:00:19 -08:00
Weijun Wang
fdd109b467 7198507: [TEST_BUG] sun/security/tools/keytool/console.sh should be rewritten 
Reviewed-by: xuelei
 2012-12-03 17:14:03 +08:00
Weijun Wang
2aea4cbc8c 8002344: Krb5LoginModule config class does not return proper KDC list from DNS 
Co-authored-by: Severin Gehwolf <sgehwolf@redhat.com>
Reviewed-by: weijun
 2012-11-19 11:13:08 +08:00
Xue-Lei Andrew Fan
d0e329751f 8001569: Regression test GetPeerHost uses static port number 
Reviewed-by: weijun
 2012-11-09 01:15:04 -08:00
Jason Uh
fdfd7968f7 7198416: CertificateIssuerName and CertificateSubjectName are redundant 
Reviewed-by: mullan
 2012-11-08 12:51:25 -05:00
Weijun Wang
5fca8126cd 6355584: Introduce constrained Kerberos delegation 
Reviewed-by: valeriep
 2012-11-07 14:13:01 +08:00
Alan Bateman
430592a30e 7197491: update copyright year to match last edit in jdk8 jdk repository 
Reviewed-by: chegar, ksrini
 2012-11-02 15:50:11 +00:00
Weijun Wang
a60d4fd720 7110803: SASL service for multiple hostnames 
Reviewed-by: mullan
 2012-11-02 10:48:04 +08:00
Weijun Wang
14364d11d2 7195426: kdc_default_options not supported correctly 
Reviewed-by: xuelei
 2012-10-29 14:14:07 +08:00
Weijun Wang
620f0e5006 7184246: Simplify Config.get() of krb5 
Reviewed-by: xuelei
 2012-10-29 14:14:06 +08:00
Abhijit Saha
1cb7e050ff Merge 2012-10-26 10:01:13 -07:00
Xue-Lei Andrew Fan
b01d15feb0 8001466: Nightly regression test failure of SSLSocketSNISensitive.java 
Reviewed-by: weijun
 2012-10-24 08:25:29 -07:00
Weijun Wang
8744fd02bd 8001208: Fix for KRB5CCNAME not complete 
Reviewed-by: xuelei
 2012-10-23 10:02:23 +08:00
Xue-Lei Andrew Fan
1892ebf911 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server 
Reviewed-by: mullan, weijun, wetmore
 2012-10-18 01:14:00 -07:00
Stephen Flores
037bcf1683 7194449: String resources for Key Tool and Policy Tool should be in their respective packages 
Reviewed-by: alanb, weijun, mullan
 2012-10-14 22:58:59 +01:00
Weijun Wang
a5312cbadb 7201053: Krb5LoginModule shows NPE when both useTicketCache and storeKey are set to true 
Reviewed-by: mullan
 2012-10-08 10:42:43 +08:00
Xue-Lei Andrew Fan
c8ebc97b44 7192392: Better validation of client keys 
Also reviewed by Andrew Gross<Andrew.Gross@Oracle.COM>

Reviewed-by: vinnie
 2012-10-22 07:28:51 -07:00
Valerie Peng
a431f9851d 7044060: Need to support NSA Suite B Cryptography algorithms 
Add support for DSA parameter generation and OIDs for NSA Suite B algorithms.

Reviewed-by: vinnie
 2012-09-04 18:41:06 -07:00
Eric Wang
e0782017fe 7195733: TEST_BUG: sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/B6216082.java failing 
Reviewed-by: chegar, alanb, xuelei
 2012-09-04 02:24:51 -07:00
Vinnie Ryan
1ad2cb3303 7133495: [macosx] KeyChain KeyStore implementation retrieves only one private key entry 
Reviewed-by: weijun
 2012-02-14 11:18:32 +00:00
Alan Bateman
30d429cc25 8000268: sun/security/provider/X509Factory/BigCRL.java failing on Linux 32-bit 
Reviewed-by: mullan
 2012-10-02 12:23:16 +01:00
Weijun Wang
7ffcd7343f 7200682: TEST_BUG: keytool/autotest.sh still has problems with libsoftokn.so 
Reviewed-by: alanb, smarks
 2012-09-28 17:15:48 +08:00
Xue-Lei Andrew Fan
9c642ad1d2 7200295: CertificateRequest message is wrapping when using large numbers of Certs 
Reviewed-by: wetmore
 2012-09-26 21:05:40 -07:00
Weijun Wang
b86fae01ab 7196855: autotest.sh fails on ubuntu because libsoftokn.so not found 
Reviewed-by: vinnie
 2012-09-17 18:19:16 +08:00
John Zavgren
8fbd047f8c 6354758: rename old test HttpServer classes 
Reviewed-by: chegar, michaelm, khazra
 2012-09-07 15:30:17 +01:00
Stephen Flores
8081077ff5 6995421: Eliminate the static dependency to sun.security.ec.ECKeyFactory 
Reviewed-by: mullan, vinnie
 2012-08-30 14:40:57 -07:00
Weijun Wang
f7c2d784ae 7194472: FileKeyTab.java test fails on Windows 
Reviewed-by: alanb
 2012-08-28 17:25:07 +08:00
Weijun Wang
66f06a99dc 7152121: Krb5LoginModule no longer handles keyTabNames with "file:" prefix 
Reviewed-by: mullan
 2012-08-27 10:23:43 +08:00
Weijun Wang
d35a91d60d 7192202: Make sure keytool prints both unknown and unparseable extensions 
Reviewed-by: mullan
 2012-08-20 07:59:26 +08:00
Jason Uh
630647752a 6500133: REGRESSION: CertificateParsingException for CRL Distribution Point with blank 
Reviewed-by: mullan
 2012-08-17 14:32:50 -04:00
Vinnie Ryan
790c4cdcec 7190945: pkcs11 problem loading NSS libs on Ubuntu 
Reviewed-by: xuelei, alanb
 2012-08-13 14:06:44 +01:00
Jason Uh
1bbbba58c1 7026347: Certificate and X509CRL should have verify(PublicKey key, Provider sigProvider) 
Reviewed-by: mullan, xuelei, weijun
 2012-08-02 10:40:24 -04:00
Weijun Wang
cac7fc8e12 7187051: ShortRSAKeynnn.sh tests should do cleanup before start test 
Reviewed-by: xuelei
 2012-07-26 20:38:44 +08:00
Weijun Wang
3db0a0443c 7178649: TEST BUG: BadKdc3.java needs improvement to ignore the unlikely but possible timeout 
Reviewed-by: xuelei
 2012-07-21 19:56:55 +08:00
Weijun Wang
53170d594f 7180907: Jarsigner -verify fails if rsa file used sha-256 with authenticated attributes 
Reviewed-by: xuelei
 2012-07-21 19:56:53 +08:00
Weijun Wang
d7f3ef3fb7 7102106: TEST_BUG: sun/security/util/Oid/S11N.sh should be modified 
Reviewed-by: mullan
 2012-07-17 11:57:37 +08:00
Weijun Wang
8c0bafddc3 7183203: ShortRSAKeynnn.sh tests intermittent failure 
Reviewed-by: xuelei
 2012-07-17 11:28:16 +08:00
Vinnie Ryan
b530224aad 6880559: Enable PKCS11 64-bit windows builds 
Reviewed-by: valeriep
 2012-07-16 22:38:49 +01:00
Weijun Wang
3e4ca7604b 6966259: Make PrincipalName and Realm immutable 
Reviewed-by: xuelei
 2012-07-11 17:10:34 +08:00
Xue-Lei Andrew Fan
046f2c92e2 7180038: regression test failure, SSLEngineBadBufferArrayAccess.java 
Reviewed-by: weijun
 2012-07-03 20:29:16 -07:00
Lana Steuck
e51eadc837 Merge 2012-06-26 10:57:46 -07:00
Weijun Wang
911aeb6828 7176574: sun/security/krb5/auto/TcpTimeout.java failed with solaris-i586 
Reviewed-by: chegar
 2012-06-13 19:23:23 +08:00
Abhijit Saha
b74ef2f6b6 Merge 2012-06-07 12:31:10 -07:00
Xue-Lei Andrew Fan
c549cc814d 7174244: NPE in Krb5ProxyImpl.getServerKeys() 
Reviewed-by: weijun
 2012-06-06 18:18:58 -07:00
Weijun Wang
dfccae97eb 7174351: test/sun/security/tools/keytool/standard.sh failed after new Hashtable 
Reviewed-by: xuelei
 2012-06-06 10:05:54 +08:00
Weijun Wang
cef72cc08e 7172701: KDC tests cleanup 
Reviewed-by: xuelei
 2012-06-05 17:11:26 +08:00
Weijun Wang
f785c8a7a4 7162687: enhance KDC server availability detection 
Reviewed-by: valeriep
 2012-05-23 15:51:10 +08:00
Weijun Wang
d11c407c11 7170308: timing error in the krb5 test SSL.java 
Reviewed-by: xuelei
 2012-05-21 15:40:30 +08:00
Valerie Peng
2321d8e2b6 7169496: Problem with the SHA-224 support for SunMSCAPI provider 
Remove SHA224withRSA signature from SunMSCAPI provider due to lack of windows support.

Reviewed-by: vinnie
 2012-05-18 12:29:33 -07:00
Xue-Lei Andrew Fan
955e0697ba 7145960: sun/security/mscapi/ShortRSAKey1024.sh failing on windows 
Reviewed-by: vinnie, wetmore
 2012-05-17 21:59:26 -07:00
Xue-Lei Andrew Fan
9190ab1d6b 7167988: PKIX CertPathBuilder in reverse mode doesn't work if more than one trust anchor is specified 
Reviewed-by: mullan
 2012-05-14 07:26:53 -07:00
Valerie Peng
00cdcad12f Merge 2012-05-08 18:57:45 -07:00
Xue-Lei Andrew Fan
081be38b26 7166570: JSSE certificate validation has started to fail for certificate chains 
Reviewed-by: wetmore
 2012-05-08 18:08:49 -07:00
Valerie Peng
879e30901e 4963723: Implement SHA-224 
Add support for SHA-224, SHA224withRSA, SHA224withECDSA, HmacSHA224 and OAEPwithSHA-224AndMGF1Padding.

Reviewed-by: vinnie
 2012-05-08 17:57:48 -07:00
Abhijit Saha
9c3e5a2081 Merge 2012-05-08 07:34:53 -07:00
Abhijit Saha
d7dd0a253b Merge 2012-04-10 10:44:46 -07:00
Weijun Wang
9c8af427e8 7158329: NPE in sun.security.krb5.Credentials.acquireDefaultCreds() 
Reviewed-by: valeriep, jjg
 2012-04-10 12:15:03 +08:00
Bradford Wetmore
7775fea771 7142172: Custom TrustManagers that return null for getAcceptedIssuers will NPE 
Reviewed-by: xuelei
 2012-03-30 15:43:13 -07:00
Vinnie Ryan
c0c3fb980d 7152582: PKCS11 tests should use the NSS libraries available in the OS 
Reviewed-by: mullan
 2012-03-26 17:14:20 +01:00
Valerie Peng
3a8e9e6104 7146728: Inconsistent length for the generated secret using DH key agreement impl from SunJCE and PKCS11 
Always return the secret in the same length as the modulus.

Reviewed-by: wetmore
 2012-03-20 15:06:13 -07:00
Weijun Wang
7b947b7a42 7152176: More krb5 tests 
Reviewed-by: xuelei
 2012-03-20 19:12:21 +08:00
Alan Bateman
3ecf3e0fa1 7152866: Tests not run because they are missing the @run tag 
Reviewed-by: chegar, dholmes
 2012-03-12 10:17:18 +00:00
Alan Bateman
3269d85838 7113349: Initial changeset for Macosx port to jdk 
Co-authored-by: Alexander Potochkin <alexander.potochkin@oracle.com>
Co-authored-by: Alexander Zuev <alexander.zuev@oracle.com>
Co-authored-by: Andrew Brygin <andrew.brygin@oracle.com>
Co-authored-by: Artem Ananiev <artem.ananiev@oracle.com>
Co-authored-by: Alex Strange <astrange@apple.com>
Co-authored-by: Bino George <bino@apple.com>
Co-authored-by: Christine Lu <christine.lu@oracle.com>
Co-authored-by: David Katleman <david.katleman@oracle.com>
Co-authored-by: David Durrence <david_durrence@apple.com>
Co-authored-by: Dmitry Cherepanov <dmitry.cherepanov@oracle.com>
Co-authored-by: Greg Lewis <glewis@eyesbeyond.com>
Co-authored-by: Kevin Miller <kevin_m_miller@apple.com>
Co-authored-by: Kurt Miller <kurt@intricatesoftware.com>
Co-authored-by: Landon Fuller <landonf@plausiblelabs.com>
Co-authored-by: Leonid Romanov <leonid.romanov@oracle.com>
Co-authored-by: Loefty Walkowiak <loefty@apple.com>
Co-authored-by: Mark Reinhold <mark.reinhold@oracle.com>
Co-authored-by: Naoto Sato <naoto.sato@oracle.com>
Co-authored-by: Philip Race <philip.race@oracle.com>
Co-authored-by: Roger Hoover <rhoover@apple.com>
Co-authored-by: Scott Kovatch <scott.kovatch@oracle.com>
Co-authored-by: Sergey ByloKhov <sergey.bylokhov@oracle.com>
Co-authored-by: Mike Swingler <swingler@apple.com>
Co-authored-by: Tomas Hurka <tomas.hurka@oracle.com>
Reviewed-by: jjh, alanb, dholmes, anthony, ohrstrom, ksrini, jrose, weijun, smarks
 2012-03-06 20:34:38 +00:00
Vinnie Ryan
594e178180 7151109: backout CR 6988842 
Reviewed-by: mullan
 2012-03-05 14:13:29 +00:00
Vinnie Ryan
1e3b108ef9 6988842: jce/ECC test fails for SunPKCS11 provider using nss library 
Reviewed-by: mullan
 2012-03-02 17:24:08 +00:00
Weijun Wang
7902f129f5 7143872: Improve certificate extension processing 
Reviewed-by: mullan
 2012-02-29 14:06:00 +08:00
Lana Steuck
b697d670cb Merge 2012-02-28 18:01:54 -08:00
Sean Mullan
48ca85ec46 7147830: NullPointerException in java.security.Policy.implies() when the ProtectionDomain has a null code sou 
Reviewed-by: vinnie
 2012-02-27 11:44:50 -05:00
Lana Steuck
9c6aee1cdf Merge 2012-02-23 07:54:49 -08:00
Lana Steuck
cd51c0ed25 Merge 2012-02-23 00:14:45 -08:00
Weijun Wang
d21a6ce41f 7144530: KeyTab.getInstance(String) no longer handles keyTabNames with "file:" prefix 
Reviewed-by: valeriep
 2012-02-21 08:51:26 +08:00
Abhijit Saha
162d75c68c Merge 2012-02-20 11:31:53 -08:00
Vinnie Ryan
abfc726cc4 7142888: sun/security/tools/jarsigner/ec.sh fail on sparc 
Reviewed-by: xuelei
 2012-02-14 11:47:41 +00:00
Florian Weimer
9b65dbabc1 6879539: enable empty password support for pkcs12 keystore 
Reviewed-by: vinnie, weijun
 2012-02-10 11:41:22 +08:00
Weijun Wang
18a83d872b 6880619: reg tests for 6879540 
Reviewed-by: valeriep
 2012-02-08 11:44:36 +08:00
Bradford Wetmore
8ac9bc5858 7141910: Incorrect copyright dates on new test cases 
Reviewed-by: mullan
 2012-02-01 16:00:39 -08:00
Bradford Wetmore
08fe131e34 7126889: Incorrect SSLEngine debug output 
Reviewed-by: xuelei
 2012-01-26 17:16:05 -08:00
Xue-Lei Andrew Fan
830a24d326 7132248: sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/CookieHttpsClientTest.java failing 
Reviewed-by: alanb
 2012-01-23 04:44:16 -08:00
Chris Hegarty
c77eb16a79 7129083: CookieManager does not store cookies if url is read before setting cookie manager 
Reviewed-by: michaelm
 2012-01-16 18:05:29 +00:00
Weijun Wang
5cbd245bad 7118809: rcache deadlock 
Reviewed-by: valeriep
 2012-01-16 10:10:56 +08:00
Xue-Lei Andrew Fan
8b5551f1eb 7106773: 512 bits RSA key cannot work with SHA384 and SHA512 
Reviewed-by: weijun
 2012-01-12 03:39:37 -08:00
Xue-Lei Andrew Fan
74fcfe6c7e 7123519: problems with certification path 
Also including the contribution from Dennis Gu

Reviewed-by: mullan, weijun
 2012-01-09 20:55:52 -08:00
Valerie Peng
1081efba4f 6414899: P11Digest should support cloning 
Enhanced the PKCS11 Digest implementation to support cloning

Reviewed-by: vinnie
 2012-01-05 18:18:04 -08:00
Weijun Wang
440adedd51 7122169: TcpTimeout fail for various reasons 
Reviewed-by: alanb
 2011-12-22 15:35:55 +08:00
Weijun Wang
687f622f95 7115744: Do not call File::deleteOnExit in security tests 
Reviewed-by: xuelei
 2011-11-28 18:16:29 +08:00
Xue-Lei Andrew Fan
7115a56a21 7113275: compatibility issue with MD2 trust anchor and old X509TrustManager 
Also reviewed by Dennis.Gu@oracle.com

Reviewed-by: mullan
 2011-11-23 03:40:12 -08:00
Lana Steuck
9fb09f41b6 Merge 2011-11-14 18:18:22 -08:00
Abhijit Saha
f03cbcc678 Merge 2011-11-14 11:52:09 -08:00
Bradford Wetmore
becccc16ec 7053252: New regression test does not compile on windows-amd64 
Reviewed-by: valeriep
 2011-10-31 16:23:43 -07:00
Bradford Wetmore
089b5b16e3 7105780: Add SSLSocket client/SSLEngine server to templates directory 
Reviewed-by: xuelei
 2011-10-31 11:54:19 -07:00
Xue-Lei Andrew Fan
bdb9312b86 7105940: Test regression: KeyStore must be from provider SunPKCS11-NSSKeyStore 
Reviewed-by: weijun
 2011-10-28 07:18:54 -07:00
Bradford Wetmore
d25a9c128f 7031830: bad_record_mac failure on TLSv1.2 enabled connection with SSLEngine 
Reviewed-by: xuelei, weijun, asaha
 2011-10-18 11:58:57 -07:00
Weijun Wang
ab1010388d 7099399: cannot deal with CRL file larger than 16MB 
Reviewed-by: xuelei, mullan
 2011-10-17 17:11:26 +08:00
Sean Mullan
4bc227715b 6953295: Move few sun.security.{util, x509, pkcs} classes used by keytool/jarsigner to another package 
Reviewed-by: mchung
 2011-10-13 13:50:17 -04:00
Xue-Lei Andrew Fan
3c41c66fb1 7096936: issue in jsse/runtime 
7096937: TEST: com/sun/net/ssl/internal/ssl/GenSSLConfigs/main.java need modification as a result of TLS fix

Reviewed-by: wetmore, jdn, xuelei
 2011-09-30 18:47:53 -07:00
Xue-Lei Andrew Fan
73b50710f0 7064341: jsse/runtime security problem 
Reviewed-by: wetmore
 2011-09-29 17:31:30 -07:00
Weijun Wang
650bd8320d 7077646: gssapi wrap for CFX per-message tokens always set FLAG_ACCEPTOR_SUBKEY 
Reviewed-by: valeriep
 2011-09-28 14:21:11 +08:00
Weijun Wang
a912e7557c 7077640: gss wrap for cfx doesn't handle rrc != 0 
Reviewed-by: valeriep
 2011-09-28 14:21:10 +08:00
Weijun Wang
a099202006 7089889: Krb5LoginModule.login() throws an exception if used without a keytab 
Reviewed-by: xuelei, valeriep
 2011-09-28 14:21:10 +08:00
Weijun Wang
700ceee11e 7047200: keytool safe store 
Reviewed-by: xuelei
 2011-09-09 11:18:18 +08:00
Weijun Wang
ba77c3a48f 7067974: multiple ETYPE-INFO-ENTRY with same etype and different salt 
Reviewed-by: valeriep
 2011-09-07 08:56:55 +08:00
Weijun Wang
a37d582eec 7083664: test hard code of using c:/temp but this dir might not exist 
Reviewed-by: xuelei, ohair
 2011-08-31 09:22:50 +08:00
Weijun Wang
444f4d009b 7079144: concise_jarsigner.sh test often fails on solaris 
Reviewed-by: xuelei
 2011-08-15 11:43:09 +08:00
Weijun Wang
f769f7067f 7078816: /test/sun/security/pkcs11/KeyStore/SecretKeysBasic.sh failure 
Reviewed-by: alanb
 2011-08-15 10:42:41 +08:00
Weijun Wang
610c9dd4e3 7055363: jdk_security3 test target cleanup 
Reviewed-by: alanb, xuelei
 2011-08-12 12:26:31 +08:00
Weijun Wang
d159e01aeb 7076415: sun/security/krb5/runNameEquals.sh failed on sles 10 
Reviewed-by: xuelei
 2011-08-12 11:20:45 +08:00
Weijun Wang
840e8200ad 7061379: [Kerberos] Cross-realm authentication fails, due to nameType problem 
Reviewed-by: valeriep
 2011-08-04 18:18:45 +08:00
Xue-Lei Andrew Fan
2ee0410a0c 7068662: Reserve and restore the default locale 
Reviewed-by: alanb, weijun
 2011-07-29 02:50:58 -07:00
Chris Hegarty
281db94b24 6670868: StackOverFlow with bad authenticated Proxy tunnels 
Reviewed-by: michaelm
 2011-07-27 18:10:10 +01:00
Lana Steuck
371dfdfc58 Merge 2011-06-23 14:56:38 -07:00
Xue-Lei Andrew Fan
58f8a03a50 7057022: test/sun/security/pkcs11/fips/ClientJSSEServerJSSE.java has invalid jtreg tags 
Reviewed-by: weijun
 2011-06-23 04:23:50 -07:00
Lana Steuck
69ce407621 Merge 2011-06-22 23:23:58 -07:00
Xue-Lei Andrew Fan
5798f5bb9d 6952814: sun/security/ssl/com/sun/net/ssl/internal/ssl/InputRecord/InterruptedIO.java failing in PIT 
Reviewed-by: alanb
 2011-06-22 19:37:18 -07:00
Weijun Wang
9ce9d5e6ba 7043737: klist does not detect non-existing keytab 
Reviewed-by: valeriep
 2011-06-08 14:01:34 +08:00
Abhijit Saha
cfdb3ec24b Merge 2011-05-26 21:37:40 -07:00
Weijun Wang
61e1313498 7040151: SPNEGO GSS code does not parse tokens in accordance to RFC 2478 
Reviewed-by: valeriep
 2011-05-03 02:48:59 +08:00
Weijun Wang
317bcf10c2 7040916: DynamicKeyTab test fails on Windows 
Reviewed-by: xuelei
 2011-05-01 14:22:32 +08:00
Vinnie Ryan
f202396944 6578658: Request for raw RSA (NONEwithRSA) Signature support in SunMSCAPI 
Reviewed-by: wetmore
 2011-04-29 00:21:54 +01:00
Vinnie Ryan
5f5ccc0a66 Merge 2011-04-27 20:24:30 +01:00
Vinnie Ryan
8c88165312 6753664: Support SHA256 (and higher) in SunMSCAPI 
Reviewed-by: mullan
 2011-04-27 20:21:32 +01:00
Weijun Wang
a9a765fdfc 6950929: Failures on Solaris sparc 64bit sun/security/krb5/auto/BadKdc4.java (and linux?) 
Reviewed-by: xuelei
 2011-04-27 17:11:06 +08:00
Valerie Peng
b0c37f182f 7003952: SEC: securely load DLLs and launch executables using fully qualified path 
Enforce full path when specifying library locations.

Reviewed-by: wetmore, ohair
 2011-04-26 15:59:51 -07:00
Vinnie Ryan
dc6eb040b7 6931562: Support SunMSCAPI Security Provider in Windows 64-bit releases of JVM 
Reviewed-by: mullan
 2011-04-22 17:03:51 +01:00
Vinnie Ryan
5982362c7d Merge 2011-04-21 14:25:46 +01:00
Vinnie Ryan
c74acca8b0 6888925: SunMSCAPI's Cipher can't use RSA public keys obtained from other sources 
Reviewed-by: mullan
 2011-04-21 14:23:57 +01:00
Weijun Wang
68d5cd6f23 6894072: always refresh keytab 
Reviewed-by: valeriep
 2011-04-20 18:41:32 +08:00
Lana Steuck
b99716e22a Merge 2011-04-17 16:19:29 -07:00
Valerie Peng
16ddb7350c 7035115: sun/security/pkcs11/Provider/ConfigShortPath.java compilation failed 
Updated the test to use reflection and skip when SunPKCS11 provider not present.

Reviewed-by: weijun
 2011-04-15 15:56:12 -07:00
Kelly O'Hair
7c8e01891a Merge 2011-04-13 16:56:16 -07:00
Valerie Peng
86875ab33d 6986789: Sun pkcs11 provider fails to parse path name containing "+" 
Modified to accept '+' as valid character.

Reviewed-by: weijun
 2011-04-12 16:09:17 -07:00
Weijun Wang
6f7b1ef68a 7030180: AES 128/256 decrypt exception 
Reviewed-by: valeriep
 2011-04-11 10:22:39 +08:00
Xue-Lei Andrew Fan
2a48e38d0f 6976117: SSLContext.getInstance("TLSv1.1") returns SSLEngines/SSLSockets without TLSv1.1 enabled 
Reorg the SSLContext implementation

Reviewed-by: weijun
 2011-04-08 02:00:09 -07:00
Kelly O'Hair
d2b1e20c7d 7033660: Update copyright year to 2011 on any files changed in 2011 
Reviewed-by: dholmes
 2011-04-06 22:06:11 -07:00
Weijun Wang
2c02243de9 7032354: no-addresses should not be used on acceptor side 
Reviewed-by: valeriep
 2011-04-07 08:51:33 +08:00
Weijun Wang
680370af5b 7031536: test/sun/security/krb5/auto/HttpNegotiateServer.java should not use static ports 
Reviewed-by: xuelei
 2011-03-28 18:04:17 +08:00
Weijun Wang
1ce7eeaa52 7019384: Realm.getRealmsList returns realms list in wrong (reverse) order 
Reviewed-by: xuelei
 2011-03-28 18:04:10 +08:00
Xue-Lei Andrew Fan
4efe3a9cb7 7027797: take care of ECDH_anon/DH_anon server key exchange for TLS 1.2 
The signature of server key exanage message could be null

Reviewed-by: vinnie
 2011-03-21 22:02:00 -07:00
Xue-Lei Andrew Fan
7705e63e30 7022855: Export "PKIX" as the standard algorithm name of KeyManagerFactory 
Export the existing "NewSunX509" algorithm implementation using the standard name "PKIX"

Reviewed-by: weijun, wetmore
 2011-03-15 23:13:35 -07:00
Vinnie Ryan
328f8c8455 6986477: sun/security/mscapi/AccessKeyStore.sh test is failing on jdk7 
Reviewed-by: valeriep
 2011-03-11 09:55:03 +00:00
Valerie Peng
1daa47b01d 6994008: PKCS11 should support "RSA" and "RSA/ECB/NoPadding" ciphers 
Add support for RSA_X_509 mechanism and aliasing of "RSA" to "RSA/ECB/PKCS1Padding".

Reviewed-by: wetmore
 2011-03-07 14:14:37 -08:00
Weijun Wang
314c75c742 7020531: test: java/security/cert/CertificateFactory/openssl/OpenSSLCert.java file not closed after run 
Reviewed-by: alanb, smarks
 2011-03-01 16:22:22 +08:00
Weijun Wang
b777a1fbae 7021789: Remove jarsigner -crl option 
Reviewed-by: mullan
 2011-02-28 23:02:37 +08:00
Valerie Peng
4ce8048909 6604496: Support for CKM_AES_CTR (counter mode) 
Enhanced SunPKCS11 provider to support AES/CTR/NoPadding transformation.

Reviewed-by: vinnie
 2011-02-22 12:01:35 -08:00
Weijun Wang
d4fbb08ec0 7018928: test failure: sun/security/krb5/auto/SSL.java 
Reviewed-by: valeriep
 2011-02-15 12:11:15 +08:00
Sean Coffey
6ed5196d7d 7016897: Copyright header correction : test/sun/security/provider/SeedGenerator/SeedGeneratorChoice.java 
Reviewed-by: vinnie
 2011-02-03 11:28:04 +00:00
Xue-Lei Andrew Fan
85a3f20cef 7011497: new CertPathValidatorException.BasicReason enum constant for constrained algorithm 
Add new BasicReason and improve trust anchor searching method during cert path validation

Reviewed-by: mullan
 2011-02-01 04:45:10 -08:00
Stuart Marks
ba58eb7896 7012003: diamond conversion for ssl 
Reviewed-by: wetmore
 2011-01-14 15:31:45 -08:00
Stuart Marks
07549260db 7008713: diamond conversion of kerberos5 and security tools 
Reviewed-by: weijun
 2011-01-12 13:52:09 -08:00
Lana Steuck
fb91d40572 Merge 2011-01-04 17:05:38 -08:00
Kelly O'Hair
6b6a611c8e 6962318: Update copyright year 
Reviewed-by: xdono
 2010-12-28 15:53:50 -08:00
Valerie Peng
16faa79cf4 6581254: pkcs11 provider fails to parse configuration file contains windows short path 
Modified configuration parsing code to support "~".

Reviewed-by: weijun
 2010-12-22 18:30:34 -08:00
Weijun Wang
fdbca6b5f6 6975866: api/org_ietf/jgss/GSSContext/index.html#wrapUnwrapIOTest started to fail since jdk7 b102 
Reviewed-by: valeriep
 2010-12-17 11:03:33 +08:00
Sean Coffey
6c39971cb7 6998583: NativeSeedGenerator is making 8192 byte read requests from entropy pool on each init 
Reviewed-by: wetmore, andrew, vinnie
 2010-12-10 15:11:47 +00:00
Weijun Wang
d9f1152680 6896700: Validation of signatures succeed when it should fail 
Reviewed-by: wetmore
 2010-12-06 10:48:18 +08:00
Weijun Wang
6ad8ffe59b 7004168: jarsigner -verify checks for KeyUsage codesigning ext on all certs instead of just signing cert 
Reviewed-by: mullan
 2010-12-06 10:46:26 +08:00
Weijun Wang
1d7abe0313 7004035: signed jar with only META-INF/* inside is not verifiable 
Reviewed-by: mullan
 2010-12-06 10:46:18 +08:00
Weijun Wang
3281356d0f 7004721: ktarg.sh fails when there's no default realm 
Reviewed-by: xuelei
 2010-12-06 06:49:18 +08:00
Weijun Wang
9f743252e5 7002036: ktab return code changes on a error case 
Reviewed-by: valeriep
 2010-11-24 07:43:06 +08:00
Weijun Wang
11c0d2dbec 6979329: CCacheInputStream fails to read ticket cache files from Kerberos 1.8.1 
Reviewed-by: valeriep
 2010-11-22 09:43:58 +08:00
Valerie Peng
358ee90f29 6720456: New 4150 may have larger blowfish keysizes 
Changed to use TBD value instead of FAIL

Reviewed-by: weijun
 2010-11-19 17:05:47 -08:00
Valerie Peng
0ec3c185d5 6687725: Internal PKCS5Padding impl should throw IllegalBlockSizeException and not BadPaddingException 
Changed to throw IllegalBlockSizeException when the data length isn't multiples of block size

Reviewed-by: wetmore
 2010-11-15 14:38:41 -08:00
Weijun Wang
707e6f0318 6960894: Better AS-REQ creation and processing 
Reviewed-by: valeriep
 2010-11-12 21:33:14 +08:00
Weijun Wang
2fa98fdbd7 6987827: security/util/Resources.java needs improvement 
Reviewed-by: valeriep
 2010-11-11 15:51:12 +08:00
Weijun Wang
5b6c23c809 6952519: kdc_timeout is not being honoured when using TCP 
Reviewed-by: valeriep
 2010-11-09 08:34:11 +08:00
Weijun Wang
42b61014b3 6997740: ktab entry related test compilation error 
Reviewed-by: valeriep
 2010-11-06 09:11:18 +08:00
Xue-Lei Andrew Fan
f685cc171a 6916074: Add support for TLS 1.2 
6985179: To support Server Name Indication extension for JSSE client

Introduces the algorithm constraints to support signature and hash algorithm selection. Includes contributions from wetmore and weijung.

Reviewed-by: wetmore, weijun
 2010-11-01 22:02:35 -07:00
Xue-Lei Andrew Fan
aab01a90d7 4873188: Support TLS 1.1 
Reviewed-by: wetmore, weijun
 2010-10-30 18:39:17 +08:00
Weijun Wang
d2ef113186 6950546: "ktab -d name etype" to "ktab -d name [-e etype] [kvno | all | old]" 
6984764: kerberos fails if service side keytab is generated using JDK ktab

Reviewed-by: valeriep
 2010-10-28 21:14:44 +08:00
Chris Hegarty
0615bd9a48 Merge 2010-10-08 11:27:55 +01:00
Lana Steuck
53e6cf8989 Merge 2010-09-25 12:00:05 -07:00
Weijun Wang
b32aa9d2d5 6986868: TEST failure: sun/security/tools/jarsigner/crl.sh 
Reviewed-by: ohair
 2010-09-25 10:21:30 +08:00
Lana Steuck
a682d9348d Merge 2010-09-16 11:19:43 -07:00
Weijun Wang
ce46bf1737 6982840: sun/security/tools/jarsigner/emptymanifest.sh fails 
Reviewed-by: dholmes
 2010-09-14 10:18:16 +08:00
Kelly O'Hair
f7e31fc6c2 6982137: Rebranding pass 2 - missed copyright changes 
Reviewed-by: mbykov
 2010-09-09 16:26:46 -07:00
Weijun Wang
34198dbc4c 6976536: Solaris JREs do not have the krb5.kdc.bad.policy configured by default 
Reviewed-by: valeriep
 2010-08-19 11:26:32 +08:00
Chris Hegarty
784f62993b 6973030: NTLM proxy authentication fails with https 
Reviewed-by: michaelm
 2010-08-03 12:03:03 +01:00
Weijun Wang
9d92d626e3 6972005: ConfPlusProp.java test failure when DNS has info for realm 
Reviewed-by: xuelei
 2010-07-26 17:21:51 +08:00
Xue-Lei Andrew Fan
f5561769de 6867345: Turkish regional options cause NPE in sun.security.x509.AlgorithmId.algOID 
Reviewed-by: mullan, weijun
 2010-07-24 22:59:41 +08:00
Abhijit Saha
1e52a8c736 Merge 2010-07-16 09:26:55 -07:00
Weijun Wang
c20e1ffd6c 6670889: Keystore created under Hindi Locale causing ArrayIndexOutOfBoundsException 
Reviewed-by: chegar
 2010-07-13 20:27:01 +08:00
Abhijit Saha
97d968d3ff Merge 2010-06-24 10:56:00 -07:00
Weijun Wang
c93ecb6623 6946669: SSL/Krb5 should not call EncryptedData.reset(data, false) 
Reviewed-by: xuelei
 2010-06-24 14:26:35 +08:00
Weijun Wang
6426b52076 6844907: krb5 etype order should be from strong to weak 
Reviewed-by: valeriep
 2010-06-24 14:26:28 +08:00
Weijun Wang
4bdcad4b69 6958026: Problem with PKCS12 keystore 
Reviewed-by: mullan
 2010-06-24 14:26:22 +08:00
Weijun Wang
5141220c5e 6959292: regression: cannot login if session key and preauth does not use the same etype 
Reviewed-by: xuelei, valeriep
 2010-06-17 13:46:15 +08:00
Xue-Lei Andrew Fan
53a219bfee 6914943: Implement final TLS renegotiation fix 
RFC 5746 implementation

Reviewed-by: wetmore, weijun
 2010-06-12 00:42:51 -07:00
Weijun Wang
b0277a9631 6958869: regression: PKIXValidator fails when multiple trust anchors have same dn 
Reviewed-by: xuelei, wetmore, mullan
 2010-06-11 11:38:36 +08:00
Weijun Wang
2d9fcecd29 6951366: kerberos login failure on win2008 with AD set to win2000 compat mode 
Reviewed-by: valeriep, xuelei
 2010-06-04 19:28:53 +08:00
Weijun Wang
141897fe19 6950931: test fails on windows sun/security/tools/jarsigner/crl.sh 
Reviewed-by: wetmore, xuelei
 2010-06-01 10:52:42 +08:00
Lana Steuck
fd45b4188c Merge 2010-05-28 12:10:14 -07:00
Kelly O'Hair
fe008ae27a 6943119: Rebrand source copyright notices 
Reviewed-by: darcy, weijun
 2010-05-25 15:58:33 -07:00
Weijun Wang
235a3e379c 6948287: KDC test strange knvo 
Reviewed-by: xuelei
 2010-05-25 18:20:54 +08:00
Weijun Wang
480f0af4e8 6932525: Incorrect encryption types of KDC_REQ_BODY of AS-REQ with pre-authentication 
Reviewed-by: valeriep
 2010-05-24 10:05:04 +08:00
Weijun Wang
a7fbe2d858 6882687: KerberosTime too imprecise 
Reviewed-by: valeriep
 2010-05-24 09:37:02 +08:00
Weijun Wang
874ec0972c 6948803: CertPath validation regression caused by SHA1 replacement root and MD2 disable feature 
Reviewed-by: xuelei, mullan
 2010-05-24 09:28:06 +08:00
Weijun Wang
7c6813eb7a 6890876: jarsigner can add CRL info into signed jar 
Reviewed-by: mullan
 2010-05-06 13:42:52 +08:00
Weijun Wang
a94d06f6b7 6948909: Jarsigner removes MANIFEST.MF info for badly packages jar's 
Reviewed-by: mullan, xuelei
 2010-05-06 11:26:16 +08:00
Weijun Wang
20fbeb53cd 6844193: support max_retries in krb5.conf 
Reviewed-by: valeriep
 2010-04-29 15:51:10 +08:00
Weijun Wang
7cc72590c7 6856069: PrincipalName.clone() does not invoke super.clone() 
Reviewed-by: chegar
 2010-04-22 12:45:36 +08:00