java-1.8.0-openjdk/pr3575-rh1567204.patch

# HG changeset patch
# User andrew
# Date 1525111445 -3600
#      Mon Apr 30 19:04:05 2018 +0100
# Node ID 388fc8da23044317c160678ffa8ff541c216a255
# Parent  556adf3a76aa81bf3918d7d46554dae7cc1d5c5c
PR3575: System cacerts database handling should not affect jssecacerts

diff --git openjdk.orig/jdk/src/share/classes/sun/security/ssl/TrustManagerFactoryImpl.java openjdk/jdk/src/share/classes/sun/security/ssl/TrustManagerFactoryImpl.java
--- openjdk.orig/jdk/src/share/classes/sun/security/ssl/TrustManagerFactoryImpl.java
+++ openjdk/jdk/src/share/classes/sun/security/ssl/TrustManagerFactoryImpl.java
@@ -162,7 +162,7 @@
          * Try:
          *      javax.net.ssl.trustStore  (if this variable exists, stop)
          *      jssecacerts
-         *      cacerts
+         *      cacerts (system and local)
          *
          * If none exists, we use an empty keystore.
          */
@@ -174,14 +174,14 @@
                     storeFile = new File(storeFileName);
                     fis = getFileInputStream(storeFile);
                 } else {
-                    /* Check system cacerts DB first; /etc/pki/java/cacerts */
-                    storeFile = new File(sep + "etc" + sep + "pki" + sep
-                                         + "java" + sep + "cacerts");
+                    String javaHome = props.get("javaHome");
+                    storeFile = new File(javaHome + sep + "lib" + sep
+                                         + "security" + sep +
+                                         "jssecacerts");
                     if ((fis = getFileInputStream(storeFile)) == null) {
-                        String javaHome = props.get("javaHome");
-                        storeFile = new File(javaHome + sep + "lib" + sep
-                                             + "security" + sep +
-                                             "jssecacerts");
+                        /* Check system cacerts DB first; /etc/pki/java/cacerts */
+                        storeFile = new File(sep + "etc" + sep + "pki" + sep
+                                             + "java" + sep + "cacerts");
                         if ((fis = getFileInputStream(storeFile)) == null) {
                             storeFile = new File(javaHome + sep + "lib" + sep
                                                  + "security" + sep +
Merge pathces from rhel7 2018-06-11 15:11:26 +00:00			`# HG changeset patch`
			`# User andrew`
			`# Date 1525111445 -3600`
			`# Mon Apr 30 19:04:05 2018 +0100`
			`# Node ID 388fc8da23044317c160678ffa8ff541c216a255`
			`# Parent 556adf3a76aa81bf3918d7d46554dae7cc1d5c5c`
			`PR3575: System cacerts database handling should not affect jssecacerts`

			`diff --git openjdk.orig/jdk/src/share/classes/sun/security/ssl/TrustManagerFactoryImpl.java openjdk/jdk/src/share/classes/sun/security/ssl/TrustManagerFactoryImpl.java`
			`--- openjdk.orig/jdk/src/share/classes/sun/security/ssl/TrustManagerFactoryImpl.java`
			`+++ openjdk/jdk/src/share/classes/sun/security/ssl/TrustManagerFactoryImpl.java`
			`@@ -162,7 +162,7 @@`
			`* Try:`
			`* javax.net.ssl.trustStore (if this variable exists, stop)`
			`* jssecacerts`
			`- * cacerts`
			`+ * cacerts (system and local)`
			`*`
			`* If none exists, we use an empty keystore.`
			`*/`
			`@@ -174,14 +174,14 @@`
			`storeFile = new File(storeFileName);`
			`fis = getFileInputStream(storeFile);`
			`} else {`
			`- /* Check system cacerts DB first; /etc/pki/java/cacerts */`
			`- storeFile = new File(sep + "etc" + sep + "pki" + sep`
			`- + "java" + sep + "cacerts");`
			`+ String javaHome = props.get("javaHome");`
			`+ storeFile = new File(javaHome + sep + "lib" + sep`
			`+ + "security" + sep +`
			`+ "jssecacerts");`
			`if ((fis = getFileInputStream(storeFile)) == null) {`
			`- String javaHome = props.get("javaHome");`
			`- storeFile = new File(javaHome + sep + "lib" + sep`
			`- + "security" + sep +`
			`- "jssecacerts");`
			`+ /* Check system cacerts DB first; /etc/pki/java/cacerts */`
			`+ storeFile = new File(sep + "etc" + sep + "pki" + sep`
			`+ + "java" + sep + "cacerts");`
			`if ((fis = getFileInputStream(storeFile)) == null) {`
			`storeFile = new File(javaHome + sep + "lib" + sep`
			`+ "security" + sep +`