8302111: Serialization considerations #1391
Conversation
|
👋 Welcome back goetz! A progress list of the required criteria for merging this PR into |
|
@GoeLin This change now passes all automated pre-integration checks. ℹ️ This project also has non-automated pre-integration requirements. Please see the file CONTRIBUTING.md for details. After integration, the commit message for the final commit will be: You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed. At the time when this comment was updated there had been 6 new commits pushed to the
Please see this link for an up-to-date comparison between the source branch of this pull request and the ➡️ To integrate this PR with the above commit message to the |
openjdk
bot
changed the title
|
This backport pull request has now been updated with issue from the original commit. |
openjdk
bot
added
backport
Webrevs
|
gnu-andrew
left a comment
gnu-andrew
left a comment
There was a problem hiding this comment.
Backport mostly looks good. The initialisation differences for l, x and y are also from JDK-8315974: "Make fields final in 'com.sun.crypto.provider' package". I presume, because the fields were now final, there could not be code paths that didn't initialise l and the initialisation of x and y could no longer be delegated to parseKeyBits.
On the subject of parseKeyBits, I think this method can now be removed, as it is in JDK-8315974. It is a private method that I don't see being called from anywhere else in those files.
|
Hi @gnu-andrew, |
gnu-andrew
left a comment
gnu-andrew
left a comment
There was a problem hiding this comment.
Thanks Goetz. I think this is good to go in now.
|
|
openjdk
bot
added
approval
|
/integrate |
|
Going to push as commit 17cb53a.
Your commit was automatically rebased without conflicts. |
openjdk
bot
removed
ready
2 participants
I think this is a valuable fix we need in 21. It secures deserialized data.
The code needed some resolves, but overall the change of
head fits well on the code in 21. In detail:
I resolved
src/java.base/share/classes/com/sun/crypto/provider/DHPrivateKey.java and
src/java.base/share/classes/com/sun/crypto/provider/DHPublicKey.java.
It does not apply as these changes are missing in 21:
8311170: Simplify and modernize equals and hashCode in security area
8315974: Make fields final in 'com.sun.crypto.provider' package
Both files have similar differences between head and 21:
In both files I resolved one larger chunk. Some of the removed code is different:
parseKeyBits() in 21, which executes similar code.
The new code is the same as in head.
In src/java.security.jgss/share/classes/sun/security/krb5/internal/KRBError.java, changes
8327818: Implement Kerberos debug with sun.security.util.Debug and again
8311170: Simplify and modernize equals and hashCode in security area
are missing in 21.
This only requires trivial resolves due to context differences.
I based this backport on the commit to head.
The commit to 22.0.2 is identical to that, except that it skips
two unnecessary empty lines in KRBError.java. I rather go
with the head version as this will make further backports
fit better.
This passed our nightly testing which includes the tests for the security implementations.
We run headless tier 1-4 on 8 platform with fastdebug, jck and further internal tests.
Progress
Issue
Reviewers
Reviewing
Using
gitCheckout this PR locally:
$ git fetch https://git.openjdk.org/jdk21u-dev.git pull/1391/head:pull/1391$ git checkout pull/1391Update a local copy of the PR:
$ git checkout pull/1391$ git pull https://git.openjdk.org/jdk21u-dev.git pull/1391/headUsing Skara CLI tools
Checkout this PR locally:
$ git pr checkout 1391View PR using the GUI difftool:
$ git pr show -t 1391Using diff file
Download this PR as a diff file:
https://git.openjdk.org/jdk21u-dev/pull/1391.diff
Using Webrev
Link to Webrev Comment