7176627 (original) (raw)

Code Review for 7176627

Prepared by: mullan mullan on Wed Sep 5 15:13:59 EDT 2012
Workspace: /home/mullan/hg/jdk8/7176627
Compare against: /home/mullan/hg/jdk8/tl-jdk
Summary of changes: 197 lines changed: 136 ins; 21 del; 40 mod; 3995 unchg
Patch of changes: <7176627.patch>
Author comments: One of the new SQE tests for JEP 124 fails. This uses a PKIXRevocationChecker to check the revocation status of the certificate chain, and enables the PREFER_CRL and SOFT_FAIL options. It then simulates a network issue, preventing the CRL from being downloaded. Because SOFT_FAIL was enabled, the revocation check should pass but instead it fails with a CertPathValidatorException.The problem is that the new PKIXRevocationChecker.SOFT_FAIL option had only been implemented for OCSP and not for CRLs. The fix is a little tricky because CRLs are fetched from CertStores, which can be of various types (LDAP, Collection, or custom). It is not always clear if the cause of the CertStoreException is a network issue or not. Thus, a new method has been added that each CertStore can override to determine if the exception is a network issue or not. This solution works but is currently limited to our own CertStore implementations or standard CertStore types such as LDAP where we can make a best guess which exception is caused by a network issue. Thus, we may want to subsequently consider adding a new API (ex: a new CertStoreException indicating a network issue or a new method on CertStoreSpi) in the future.
Bug id: Bug Database
Legend: Modified file Deleted file New file

[Cdiffs](src/share/classes/sun/security/provider/certpath/CertStoreHelper.java.cdiff.html) [Udiffs](src/share/classes/sun/security/provider/certpath/CertStoreHelper.java.udiff.html) [Sdiffs](src/share/classes/sun/security/provider/certpath/CertStoreHelper.java.sdiff.html) [Frames](src/share/classes/sun/security/provider/certpath/CertStoreHelper.java.frames.html) [Old](src/share/classes/sun/security/provider/certpath/CertStoreHelper.java-.html) [New](src/share/classes/sun/security/provider/certpath/CertStoreHelper.java.html) [Patch](src/share/classes/sun/security/provider/certpath/CertStoreHelper.java.patch) [Raw](raw%5Ffiles/new/src/share/classes/sun/security/provider/certpath/CertStoreHelper.java) src/share/classes/sun/security/provider/certpath/CertStoreHelper.java

26 lines changed: 26 ins; 0 del; 0 mod; 122 unchg

[Cdiffs](src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java.cdiff.html) [Udiffs](src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java.udiff.html) [Sdiffs](src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java.sdiff.html) [Frames](src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java.frames.html) [Old](src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java-.html) [New](src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java.html) [Patch](src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java.patch) [Raw](raw%5Ffiles/new/src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java) src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java

67 lines changed: 37 ins; 8 del; 22 mod; 685 unchg

[Cdiffs](src/share/classes/sun/security/provider/certpath/ForwardBuilder.java.cdiff.html) [Udiffs](src/share/classes/sun/security/provider/certpath/ForwardBuilder.java.udiff.html) [Sdiffs](src/share/classes/sun/security/provider/certpath/ForwardBuilder.java.sdiff.html) [Frames](src/share/classes/sun/security/provider/certpath/ForwardBuilder.java.frames.html) [Old](src/share/classes/sun/security/provider/certpath/ForwardBuilder.java-.html) [New](src/share/classes/sun/security/provider/certpath/ForwardBuilder.java.html) [Patch](src/share/classes/sun/security/provider/certpath/ForwardBuilder.java.patch) [Raw](raw%5Ffiles/new/src/share/classes/sun/security/provider/certpath/ForwardBuilder.java) src/share/classes/sun/security/provider/certpath/ForwardBuilder.java

19 lines changed: 7 ins; 6 del; 6 mod; 879 unchg

[Cdiffs](src/share/classes/sun/security/provider/certpath/OCSP.java.cdiff.html) [Udiffs](src/share/classes/sun/security/provider/certpath/OCSP.java.udiff.html) [Sdiffs](src/share/classes/sun/security/provider/certpath/OCSP.java.sdiff.html) [Frames](src/share/classes/sun/security/provider/certpath/OCSP.java.frames.html) [Old](src/share/classes/sun/security/provider/certpath/OCSP.java-.html) [New](src/share/classes/sun/security/provider/certpath/OCSP.java.html) [Patch](src/share/classes/sun/security/provider/certpath/OCSP.java.patch) [Raw](raw%5Ffiles/new/src/share/classes/sun/security/provider/certpath/OCSP.java) src/share/classes/sun/security/provider/certpath/OCSP.java

3 lines changed: 0 ins; 0 del; 3 mod; 344 unchg

[Cdiffs](src/share/classes/sun/security/provider/certpath/PKIX.java.cdiff.html) [Udiffs](src/share/classes/sun/security/provider/certpath/PKIX.java.udiff.html) [Sdiffs](src/share/classes/sun/security/provider/certpath/PKIX.java.sdiff.html) [Frames](src/share/classes/sun/security/provider/certpath/PKIX.java.frames.html) [Old](src/share/classes/sun/security/provider/certpath/PKIX.java-.html) [New](src/share/classes/sun/security/provider/certpath/PKIX.java.html) [Patch](src/share/classes/sun/security/provider/certpath/PKIX.java.patch) [Raw](raw%5Ffiles/new/src/share/classes/sun/security/provider/certpath/PKIX.java) src/share/classes/sun/security/provider/certpath/PKIX.java

18 lines changed: 18 ins; 0 del; 0 mod; 289 unchg

[Cdiffs](src/share/classes/sun/security/provider/certpath/RevocationChecker.java.cdiff.html) [Udiffs](src/share/classes/sun/security/provider/certpath/RevocationChecker.java.udiff.html) [Sdiffs](src/share/classes/sun/security/provider/certpath/RevocationChecker.java.sdiff.html) [Frames](src/share/classes/sun/security/provider/certpath/RevocationChecker.java.frames.html) [Old](src/share/classes/sun/security/provider/certpath/RevocationChecker.java-.html) [New](src/share/classes/sun/security/provider/certpath/RevocationChecker.java.html) [Patch](src/share/classes/sun/security/provider/certpath/RevocationChecker.java.patch) [Raw](raw%5Ffiles/new/src/share/classes/sun/security/provider/certpath/RevocationChecker.java) src/share/classes/sun/security/provider/certpath/RevocationChecker.java

25 lines changed: 19 ins; 0 del; 6 mod; 1089 unchg

[Cdiffs](src/share/classes/sun/security/provider/certpath/URICertStore.java.cdiff.html) [Udiffs](src/share/classes/sun/security/provider/certpath/URICertStore.java.udiff.html) [Sdiffs](src/share/classes/sun/security/provider/certpath/URICertStore.java.sdiff.html) [Frames](src/share/classes/sun/security/provider/certpath/URICertStore.java.frames.html) [Old](src/share/classes/sun/security/provider/certpath/URICertStore.java-.html) [New](src/share/classes/sun/security/provider/certpath/URICertStore.java.html) [Patch](src/share/classes/sun/security/provider/certpath/URICertStore.java.patch) [Raw](raw%5Ffiles/new/src/share/classes/sun/security/provider/certpath/URICertStore.java) src/share/classes/sun/security/provider/certpath/URICertStore.java

14 lines changed: 9 ins; 4 del; 1 mod; 452 unchg

[Cdiffs](src/share/classes/sun/security/provider/certpath/ldap/LDAPCertStoreHelper.java.cdiff.html) [Udiffs](src/share/classes/sun/security/provider/certpath/ldap/LDAPCertStoreHelper.java.udiff.html) [Sdiffs](src/share/classes/sun/security/provider/certpath/ldap/LDAPCertStoreHelper.java.sdiff.html) [Frames](src/share/classes/sun/security/provider/certpath/ldap/LDAPCertStoreHelper.java.frames.html) [Old](src/share/classes/sun/security/provider/certpath/ldap/LDAPCertStoreHelper.java-.html) [New](src/share/classes/sun/security/provider/certpath/ldap/LDAPCertStoreHelper.java.html) [Patch](src/share/classes/sun/security/provider/certpath/ldap/LDAPCertStoreHelper.java.patch) [Raw](raw%5Ffiles/new/src/share/classes/sun/security/provider/certpath/ldap/LDAPCertStoreHelper.java) src/share/classes/sun/security/provider/certpath/ldap/LDAPCertStoreHelper.java

13 lines changed: 11 ins; 1 del; 1 mod; 69 unchg

[Cdiffs](src/share/classes/sun/security/provider/certpath/ssl/SSLServerCertStoreHelper.java.cdiff.html) [Udiffs](src/share/classes/sun/security/provider/certpath/ssl/SSLServerCertStoreHelper.java.udiff.html) [Sdiffs](src/share/classes/sun/security/provider/certpath/ssl/SSLServerCertStoreHelper.java.sdiff.html) [Frames](src/share/classes/sun/security/provider/certpath/ssl/SSLServerCertStoreHelper.java.frames.html) [Old](src/share/classes/sun/security/provider/certpath/ssl/SSLServerCertStoreHelper.java-.html) [New](src/share/classes/sun/security/provider/certpath/ssl/SSLServerCertStoreHelper.java.html) [Patch](src/share/classes/sun/security/provider/certpath/ssl/SSLServerCertStoreHelper.java.patch) [Raw](raw%5Ffiles/new/src/share/classes/sun/security/provider/certpath/ssl/SSLServerCertStoreHelper.java) src/share/classes/sun/security/provider/certpath/ssl/SSLServerCertStoreHelper.java

12 lines changed: 9 ins; 2 del; 1 mod; 66 unchg


This code review page was prepared using /home/mullan/bin/webrev(vers 23.18-hg).