8263059: security/infra/java/security/cert/CertPathValidator/certification/ComodoCA.java fails due to revoked cert

[gnu-andrew]

Changes apply cleanly bar the ProblemList.txt removal as JDK-8243543 was never backported. This is much the same as the backports of JDK-8248899 (openjdk/jdk8u#35) and JDK-8243543 (openjdk/jdk8u#34)

All security/infra tests pass with the patch, with the exception of ActalisCA.java (problem listed) and the two tests fixed by the aforementioned PRs (will be fixed when 8u372-b05 is promoted & merged into jdk8u-dev)

---

Progress

• Change must be properly reviewed (1 review required, with at least 1 Reviewer)
• Change must not contain extraneous whitespace
• Commit message must refer to an issue

Issue

• JDK-8263059: security/infra/java/security/cert/CertPathValidator/certification/ComodoCA.java fails due to revoked cert

Reviewers

• Severin Gehwolf (@jerboaa - Reviewer)

Reviewing

Using git

Checkout this PR locally:
$ git fetch https://git.openjdk.org/jdk8u-dev.git pull/276/head:pull/276
$ git checkout pull/276

Update a local copy of the PR:
$ git checkout pull/276
$ git pull https://git.openjdk.org/jdk8u-dev.git pull/276/head

Using Skara CLI tools

Checkout this PR locally:
$ git pr checkout 276

View PR using the GUI difftool:
$ git pr show -t 276

Using diff file

Download this PR as a diff file:
https://git.openjdk.org/jdk8u-dev/pull/276.diff

Webrev

Link to Webrev Comment

[bridgekeeper]

👋 Welcome back andrew! A progress list of the required criteria for merging this PR into master will be added to the body of your pull request. There are additional pull request commands available for use with this pull request.

[openjdk]

This backport pull request has now been updated with issue from the original commit.

[mlbridge]

Webrevs

• 00: Full (574312a6)

[jerboaa]

Looks good to me.

[openjdk]

@gnu-andrew This change now passes all automated pre-integration checks.

After integration, the commit message for the final commit will be:

8263059: security/infra/java/security/cert/CertPathValidator/certification/ComodoCA.java fails due to revoked cert

Reviewed-by: sgehwolf

You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed.

At the time when this comment was updated there had been 17 new commits pushed to the master branch:

• cd40350: Merge
• 89aeae1: 8304053: Revert os specific stubs for SystemMetrics
• ebbd3a8: 8303828: [Solaris] Broken jdk8u build after JDK-8266391
• 5dc33f2: 8295530: Update Zlib Data Compression Library to Version 1.2.13
• ca1c3b1: 8302791: Add specific ClassLoader object to Proxy IllegalArgumentException message
• de0e5a2: 8152432: Implement setting jtreg @requires properties vm.flavor, vm.bits, vm.compMode
• ae6405f: 8289301: P11Cipher should not throw out of bounds exception during padding
• ad41d90: 8293232: Fix race condition in pkcs11 SessionManager
• d6f8151: 8282600: SSLSocketImpl should not use user_canceled workaround when not necessary
• a7fb08c: 8293815: P11PSSSignature.engineUpdate should not print debug messages during normal operation
• ... and 7 more: https://git.openjdk.org/jdk8u-dev/compare/b51619d24e0643aa0afdba87ac20b371dbb594e8...master

As there are no conflicts, your changes will automatically be rebased on top of these commits when integrating. If you prefer to avoid this automatic rebasing, please check the documentation for the /integrate command for further details.

➡️ To integrate this PR with the above commit message to the master branch, type /integrate in a new comment.

[gnu-andrew]

Looks good to me.

Thanks. Flagged for approval.

[gnu-andrew]

I see jdk8u-fix-yes.
/integrate

[openjdk]

Going to push as commit 1ee22a7.
Since your change was applied there have been 18 commits pushed to the master branch:

• d41618f: 8271199: Mutual TLS handshake fails signing client certificate with custom sensitive PKCS11 key
• cd40350: Merge
• 89aeae1: 8304053: Revert os specific stubs for SystemMetrics
• ebbd3a8: 8303828: [Solaris] Broken jdk8u build after JDK-8266391
• 5dc33f2: 8295530: Update Zlib Data Compression Library to Version 1.2.13
• ca1c3b1: 8302791: Add specific ClassLoader object to Proxy IllegalArgumentException message
• de0e5a2: 8152432: Implement setting jtreg @requires properties vm.flavor, vm.bits, vm.compMode
• ae6405f: 8289301: P11Cipher should not throw out of bounds exception during padding
• ad41d90: 8293232: Fix race condition in pkcs11 SessionManager
• d6f8151: 8282600: SSLSocketImpl should not use user_canceled workaround when not necessary
• ... and 8 more: https://git.openjdk.org/jdk8u-dev/compare/b51619d24e0643aa0afdba87ac20b371dbb594e8...master

Your commit was automatically rebased without conflicts.

[openjdk]

@gnu-andrew Pushed as commit 1ee22a7.

💡 You may see a message that your pull request was closed with unmerged commits. This can be safely ignored.