[PATCH FOR REVIEW] Allow OpenJDK to be built with the unlimited crypto policy (original) (raw)

Andrew Hughes gnu.andrew at redhat.com
Thu Sep 27 16:50:26 UTC 2012

----- Original Message -----

>> Will you be putting this back yourself? If so let me know when >> you >> go >> in, and I can update the bug once you're in. >> > > I will, though I'll need a bug ID for it. I presume tl is ok as > the > forest to use? This going into 8? Then yes.

At first, yes. Do you have any objections to me proposing it for 7u too, in due course?

7201205: Add Makefile configuration option to build with unlimited crypto in OpenJDK.

Great, thanks! I'll push it.

Brad

>> Mark wrote: >> > The summary is that it was just easier to remove unused >> > classes >> > that >> > made the code tricky to understand for no good reason except >> > for >> > some >> > secret proprietary code. >> >> Unfortunately, Oracle and some of our commercial (non-OpenJDK) >> licensees >> still depend on that tricky code. :( I'd personally love to >> strip >> it >> all out, but we have to balance all of its consumers (Oracle SE >> and >> ME, >> commercial source/binary licensees, OpenJDK, etc.) >> >> Andrew wrote: >> > I'm sure it would be easy enough to dump those classes if >> > Oracle >> > started producing OpenJDK binaries licensed under the GPL, >> > rather >> > than binaries from their proprietary fork. >> >> Unfortunately, not likely in our current export/import climate. >> > > Yes, this is what I thought. We just have to make sure to test > well > before shipping binaries. > >> Brad >> >> >

-- Andrew :)

Free Java Software Engineer Red Hat, Inc. (http://www.redhat.com)

PGP Key: 248BDC07 (https://keys.indymedia.org/) Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07

More information about the security-dev mailing list