Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openanolis
dragonwell8_jdk
提交
29367018
D
dragonwell8_jdk
项目概览
openanolis
/
dragonwell8_jdk
通知
4
Star
2
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
dragonwell8_jdk
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
29367018
编写于
7月 12, 2013
作者:
V
vinnie
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
8019627: RuntimeException gets obscured during OCSP cert revocation checking
Reviewed-by: mullan
上级
6fd41038
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
4 addition
and
28 deletion
+4
-28
src/share/classes/sun/security/provider/certpath/RevocationChecker.java
...ses/sun/security/provider/certpath/RevocationChecker.java
+2
-6
test/java/security/cert/CertPathValidator/OCSP/FailoverToCRL.java
...a/security/cert/CertPathValidator/OCSP/FailoverToCRL.java
+2
-22
未找到文件。
src/share/classes/sun/security/provider/certpath/RevocationChecker.java
浏览文件 @
29367018
...
...
@@ -675,12 +675,8 @@ class RevocationChecker extends PKIXRevocationChecker {
responderURI
,
respCert
,
params
.
date
(),
ocspExtensions
);
}
}
catch
(
Exception
e
)
{
if
(
e
instanceof
CertPathValidatorException
)
{
throw
(
CertPathValidatorException
)
e
;
}
else
{
throw
new
CertPathValidatorException
(
e
);
}
}
catch
(
IOException
e
)
{
throw
new
CertPathValidatorException
(
e
);
}
RevocationStatus
rs
=
...
...
test/java/security/cert/CertPathValidator/OCSP/FailoverToCRL.java
浏览文件 @
29367018
/*
* Copyright (c) 2009,
2013,
Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -23,7 +23,7 @@
/**
* @test
* @bug 6383095
8019259
* @bug 6383095
* @summary CRL revoked certificate failures masked by OCSP failures
*
* Note that the certificate validity is from Mar 16 14:55:35 2009 GMT to
...
...
@@ -254,32 +254,12 @@ public class FailoverToCRL {
CertPathValidator
validator
=
CertPathValidator
.
getInstance
(
"PKIX"
);
try
{
System
.
out
.
println
(
"Validating cert via OCSP: no responder URL"
);
validator
.
validate
(
path
,
params
);
}
catch
(
CertPathValidatorException
cpve
)
{
if
(
cpve
.
getReason
()
!=
BasicReason
.
REVOKED
)
{
throw
new
Exception
(
"unexpected exception, should be a REVOKED CPVE"
,
cpve
);
}
System
.
out
.
println
(
" successful failover to using CRLs"
);
}
java
.
security
.
cert
.
PKIXRevocationChecker
revocationChecker
=
(
java
.
security
.
cert
.
PKIXRevocationChecker
)
validator
.
getRevocationChecker
();
revocationChecker
.
setOCSPResponder
(
new
java
.
net
.
URI
(
"bad_ocsp_responder_url"
));
params
.
addCertPathChecker
(
revocationChecker
);
try
{
System
.
out
.
println
(
"Validating cert via OCSP: bad responder URL"
);
validator
.
validate
(
path
,
params
);
}
catch
(
CertPathValidatorException
cpve
)
{
if
(
cpve
.
getReason
()
!=
BasicReason
.
REVOKED
)
{
throw
new
Exception
(
"unexpected exception, should be a REVOKED CPVE"
,
cpve
);
}
System
.
out
.
println
(
" successful failover to using CRLs"
);
}
}
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录