-
Notifications
You must be signed in to change notification settings - Fork 5.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
8265462: Handle multiple slots in the NSS Internal Module from SunPKCS11's Secmod #3661
Conversation
👋 Welcome back mbalao! A progress list of the required criteria for merging this PR into |
Webrevs
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Here are some comments. Rest looks fine. Thanks. Valerie
src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Secmod.java
Outdated
Show resolved
Hide resolved
@valeriepeng can you please take one more look at the changes? No regressions found in jdk/sun/security/pkcs11 tests category. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The updates look good. Thanks! Valerie
@martinuy This change now passes all automated pre-integration checks. ℹ️ This project also has non-automated pre-integration requirements. Please see the file CONTRIBUTING.md for details. After integration, the commit message for the final commit will be:
You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed. At the time when this comment was updated there had been 386 new commits pushed to the
As there are no conflicts, your changes will automatically be rebased on top of these commits when integrating. If you prefer to avoid this automatic rebasing, please check the documentation for the /integrate command for further details. ➡️ To integrate this PR with the above commit message to the |
/integrate |
@martinuy Since your change was applied there have been 389 commits pushed to the
Your commit was automatically rebased without conflicts. Pushed as commit bdbe23b. 💡 You may see a message that your pull request was closed with unmerged commits. This can be safely ignored. |
Hi,
Please find in this PR a proposal to fix JDK-8265462 [1].
With this fix, OpenJDK will only use the known slot IDs for the NSS Internal Module. If the NSS Internal Module has more slots (for example, as a result of an initialization sequence such as the one triggered from the libnsssysinit.so library), they will be ignored. The goal is to handle multiple-slots scenarios while keeping OpenJDK's previous behavior.
No regressions observed in the jdk/sun/security/pkcs11 tests category.
A new regression test was not added as part of this changeset because of its complexity. It would depend on a specific NSS configuration, or the NSS library would need to be mocked. I've done manual testing in my environment and JDK-8265462 [1] has further information about it.
Thanks,
Martin.-
--
[1] - https://bugs.openjdk.java.net/browse/JDK-8265462
Progress
Issue
Reviewers
Reviewing
Using
git
Checkout this PR locally:
$ git fetch https://git.openjdk.java.net/jdk pull/3661/head:pull/3661
$ git checkout pull/3661
Update a local copy of the PR:
$ git checkout pull/3661
$ git pull https://git.openjdk.java.net/jdk pull/3661/head
Using Skara CLI tools
Checkout this PR locally:
$ git pr checkout 3661
View PR using the GUI difftool:
$ git pr show -t 3661
Using diff file
Download this PR as a diff file:
https://git.openjdk.java.net/jdk/pull/3661.diff