-
Notifications
You must be signed in to change notification settings - Fork 155
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
8346587: Distrust TLS server certificates anchored by Camerfirma Root CAs #627
base: pr/626
Are you sure you want to change the base?
8346587: Distrust TLS server certificates anchored by Camerfirma Root CAs #627
Conversation
👋 Welcome back sgehwolf! A progress list of the required criteria for merging this PR into |
|
❗ This change is not yet ready to be integrated. |
This backport pull request has now been updated with issue from the original commit. |
Webrevs
|
…6587-camerfirma-root-distrust
|
…6587-camerfirma-root-distrust
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for proposing this backport. Looks good to me.
Please review this backport of adding distrust for certificates rooted by Camerfirma. The JDK 11u patch didn't apply cleanly due to the following reasons:
Set.of()
=>Collections.unmodifiableSet(new HashSet<>(Arrays.asList()))
inCamerfirmaTLSPolicy.java
LocalDate.ofInstant()
=>Date.toInstant().atZone(ZoneOffset.UTC).toLocalDate()
java.security-<os>
file duplications/test/lib
=>/lib/security
inCamerfirma.java
testTesting:
sun/security/ssl/X509TrustManagerImpl
including the newCamerfirma.java
test which fails for unpatched and passes with patched JDK 8u.Progress
Integration blocker
Issues
Reviewers
Reviewing
Using
git
Checkout this PR locally:
$ git fetch https://git.openjdk.org/jdk8u-dev.git pull/627/head:pull/627
$ git checkout pull/627
Update a local copy of the PR:
$ git checkout pull/627
$ git pull https://git.openjdk.org/jdk8u-dev.git pull/627/head
Using Skara CLI tools
Checkout this PR locally:
$ git pr checkout 627
View PR using the GUI difftool:
$ git pr show -t 627
Using diff file
Download this PR as a diff file:
https://git.openjdk.org/jdk8u-dev/pull/627.diff
Using Webrev
Link to Webrev Comment