Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

8339560: Unaddressed comments during code review of JDK-8337664 #20944

Closed
wants to merge 4 commits into from

Conversation

fguallini
Copy link
Member

@fguallini fguallini commented Sep 11, 2024

During the code review of JDK-8337664, several non-critical comments were raised but not addressed due to time constraints. This PR includes the following changes:

  1. Symantec and Entrust tests now reuse common code. The Distrust.java class contains this reusable code, making it easier to add new tests for distrusted roots in the future.
  2. In several instances where an Exception is thrown, it has been replaced with RuntimeException.
  3. Many Symantec test certs have already expired. To properly test the distrusted scenario, this change wraps the intermediate and root CA certs in NonExpiringTLSServerCert, which does not validate expiration.
  4. Package structure changed:
image

Progress

  • Change must be properly reviewed (1 review required, with at least 1 Reviewer)
  • Change must not contain extraneous whitespace
  • Commit message must refer to an issue

Issue

  • JDK-8339560: Unaddressed comments during code review of JDK-8337664 (Bug - P4)

Reviewers

Reviewing

Using git

Checkout this PR locally:
$ git fetch https://git.openjdk.org/jdk.git pull/20944/head:pull/20944
$ git checkout pull/20944

Update a local copy of the PR:
$ git checkout pull/20944
$ git pull https://git.openjdk.org/jdk.git pull/20944/head

Using Skara CLI tools

Checkout this PR locally:
$ git pr checkout 20944

View PR using the GUI difftool:
$ git pr show -t 20944

Using diff file

Download this PR as a diff file:
https://git.openjdk.org/jdk/pull/20944.diff

Webrev

Link to Webrev Comment

@bridgekeeper
Copy link

bridgekeeper bot commented Sep 11, 2024

👋 Welcome back fguallini! A progress list of the required criteria for merging this PR into master will be added to the body of your pull request. There are additional pull request commands available for use with this pull request.

@openjdk
Copy link

openjdk bot commented Sep 11, 2024

@fguallini This change now passes all automated pre-integration checks.

ℹ️ This project also has non-automated pre-integration requirements. Please see the file CONTRIBUTING.md for details.

After integration, the commit message for the final commit will be:

8339560: Unaddressed comments during code review of JDK-8337664

Reviewed-by: mullan

You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed.

At the time when this comment was updated there had been 222 new commits pushed to the master branch:

  • fb70325: 8338583: NMT: Malloc overhead is calculated incorrectly
  • 083b980: 8340568: Incorrect escaping of single quotes when pretty-printing character literals
  • d8790aa: 8340885: Desugar ZipCoder.Comparison
  • 120463d: 8339541: CSS rule is not specific enough
  • 1b9898a: 8340843: [PPC64/s390x] Error: ShouldNotReachHere() in TemplateInterpreterGenerator::generate_math_entry after 8338694
  • 9806d21: 8340808: RISC-V: Client build fails after JDK-8339738
  • 97a3933: 8339771: RISC-V: Reduce icache flushes
  • b1f8d2e: 8339935: Open source several AWT focus tests - series 5
  • 2e0554a: 8340710: Optimize DirectClassBuilder::build
  • 2d38af6: 8340587: Optimize StackMapGenerator$Frame::checkAssignableTo
  • ... and 212 more: https://git.openjdk.org/jdk/compare/125f743223f2beb6e73f520c48a9a2de7ba5dce7...master

As there are no conflicts, your changes will automatically be rebased on top of these commits when integrating. If you prefer to avoid this automatic rebasing, please check the documentation for the /integrate command for further details.

As you do not have Committer status in this project an existing Committer must agree to sponsor your change. Possible candidates are the reviewers of this PR (@seanjmullan) but any other Committer may sponsor as well.

➡️ To flag this PR as ready for integration with the above commit message, type /integrate in a new comment. (Afterwards, your sponsor types /sponsor in a new comment to perform the integration).

@openjdk
Copy link

openjdk bot commented Sep 11, 2024

@fguallini The following label will be automatically applied to this pull request:

  • security

When this pull request is ready to be reviewed, an "RFR" email will be sent to the corresponding mailing list. If you would like to change these labels, use the /label pull request command.

@openjdk openjdk bot added the security security-dev@openjdk.org label Sep 11, 2024
@fguallini fguallini marked this pull request as ready for review September 11, 2024 13:26
@openjdk openjdk bot added the rfr Pull request is ready for review label Sep 11, 2024
@mlbridge
Copy link

mlbridge bot commented Sep 11, 2024

Webrevs

* @bug 8337664
* @summary Check that TLS Server certificates chaining back to distrusted
* Entrust roots are invalid
* @library /test/lib
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you need /test/lib anymore?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, it won't compile otherwise because the helper class Distrusts still needs to import jdk.test.lib.security.SecurityUtils.

Copy link
Member

@seanjmullan seanjmullan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good.

@openjdk openjdk bot added the ready Pull request is ready to be integrated label Sep 24, 2024
@fguallini
Copy link
Member Author

/integrate

@openjdk openjdk bot added the sponsor Pull request is ready to be sponsored label Sep 25, 2024
@openjdk
Copy link

openjdk bot commented Sep 25, 2024

@fguallini
Your change (at version 7e7a30f) is now ready to be sponsored by a Committer.

@seanjmullan
Copy link
Member

/sponsor

@openjdk
Copy link

openjdk bot commented Sep 26, 2024

Going to push as commit 95d3e9d.
Since your change was applied there have been 238 commits pushed to the master branch:

Your commit was automatically rebased without conflicts.

@openjdk openjdk bot added the integrated Pull request has been integrated label Sep 26, 2024
@openjdk openjdk bot closed this Sep 26, 2024
@openjdk openjdk bot removed ready Pull request is ready to be integrated rfr Pull request is ready for review sponsor Pull request is ready to be sponsored labels Sep 26, 2024
@openjdk
Copy link

openjdk bot commented Sep 26, 2024

@seanjmullan @fguallini Pushed as commit 95d3e9d.

💡 You may see a message that your pull request was closed with unmerged commits. This can be safely ignored.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
integrated Pull request has been integrated security security-dev@openjdk.org
Development

Successfully merging this pull request may close these issues.

2 participants