Auto sync2gitlab import of java-1.8.0-openjdk-1.8.0.362.b01-0.3.ea.el8.src.rpm
This commit is contained in:
parent
081af06831
commit
3041751b03
1
.gitignore
vendored
1
.gitignore
vendored
@ -1,2 +1,3 @@
|
|||||||
/openjdk-shenandoah-jdk8u-shenandoah-jdk8u352-b08-4curve.tar.xz
|
/openjdk-shenandoah-jdk8u-shenandoah-jdk8u352-b08-4curve.tar.xz
|
||||||
/tapsets-icedtea-3.15.0.tar.xz
|
/tapsets-icedtea-3.15.0.tar.xz
|
||||||
|
/openjdk-shenandoah-jdk8u-shenandoah-jdk8u362-b01-4curve.tar.xz
|
||||||
|
52
NEWS
52
NEWS
@ -3,6 +3,45 @@ Key:
|
|||||||
JDK-X - https://bugs.openjdk.java.net/browse/JDK-X
|
JDK-X - https://bugs.openjdk.java.net/browse/JDK-X
|
||||||
CVE-XXXX-YYYY: https://cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
|
CVE-XXXX-YYYY: https://cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
|
||||||
|
|
||||||
|
New in release OpenJDK 8u362 (2022-01-17):
|
||||||
|
===========================================
|
||||||
|
Live versions of these release notes can be found at:
|
||||||
|
* https://bit.ly/openjdk8u362
|
||||||
|
* https://builds.shipilev.net/backports-monitor/release-notes-openjdk8u362.html
|
||||||
|
|
||||||
|
* Other changes
|
||||||
|
- JDK-8054066: com/sun/jdi/DoubleAgentTest.java fails with timeout
|
||||||
|
- JDK-8067941: [TESTBUG] Fix tests for OS with 64K page size.
|
||||||
|
- JDK-8071530: Update OS detection code to reflect Windows 10 version change
|
||||||
|
- JDK-8148005: One byte may be corrupted by get_datetime_string()
|
||||||
|
- JDK-8195607: sun/security/pkcs11/Secmod/TestNssDbSqlite.java failed with "NSS initialization failed" on NSS 3.34.1
|
||||||
|
- JDK-8206456: [TESTBUG] docker jtreg tests fail on systems without cpuset.effective_cpus / cpuset.effective_mems
|
||||||
|
- JDK-8253702: BigSur version number reported as 10.16, should be 11.nn
|
||||||
|
- JDK-8265527: tools/javac/diags/CheckExamples.java fails after JDK-8078024 8u backport
|
||||||
|
- JDK-8269850: Most JDK releases report macOS version 12 as 10.16 instead of 12.0
|
||||||
|
- JDK-8271459: C2: Missing NegativeArraySizeException when creating StringBuilder with negative capacity
|
||||||
|
- JDK-8273176: handle latest VS2019 in abstract_vm_version
|
||||||
|
- JDK-8274563: jfr/event/oldobject/TestClassLoaderLeak.java fails when GC cycles are not happening
|
||||||
|
- JDK-8274840: Update OS detection code to recognize Windows 11
|
||||||
|
- JDK-8283903: GetContainerCpuLoad does not return the correct result in share mode
|
||||||
|
- JDK-8288928: Incorrect GPL header in pnglibconf.h (backport of JDK-8185041)
|
||||||
|
- JDK-8292762: Remove .jcheck directories from jdk8u subcomponents
|
||||||
|
- JDK-8293181: Bump update version of OpenJDK: 8u362
|
||||||
|
- JDK-8293461: Add a test for JDK-8290832
|
||||||
|
- JDK-8293828: JFR: jfr/event/oldobject/TestClassLoaderLeak.java still fails when GC cycles are not happening
|
||||||
|
- JDK-8294863: Enable partial tier1 testing in GHA for JDK8
|
||||||
|
- JDK-8295164: JDK 8 jdi tests should not use tasklist command on Windows
|
||||||
|
|
||||||
|
Notes on individual issues:
|
||||||
|
===========================
|
||||||
|
|
||||||
|
hotspot/runtime:
|
||||||
|
|
||||||
|
JDK-8274840: Release Now Recognises Windows 11
|
||||||
|
==============================================
|
||||||
|
This release now correctly sets the `os.name` property to `Windows
|
||||||
|
11`, as would be expected.
|
||||||
|
|
||||||
New in release OpenJDK 8u352 (2022-10-18):
|
New in release OpenJDK 8u352 (2022-10-18):
|
||||||
===========================================
|
===========================================
|
||||||
Live versions of these release notes can be found at:
|
Live versions of these release notes can be found at:
|
||||||
@ -108,6 +147,19 @@ change might only impact existing code that would depend on
|
|||||||
PhantomReference being enqueued rather than when the referent be freed
|
PhantomReference being enqueued rather than when the referent be freed
|
||||||
from the heap.
|
from the heap.
|
||||||
|
|
||||||
|
core-libs/java.net:
|
||||||
|
|
||||||
|
JDK-8286918: Better HttpServer service
|
||||||
|
======================================
|
||||||
|
The HttpServer can be optionally configured with a maximum connection
|
||||||
|
limit by setting the jdk.httpserver.maxConnections system property. A
|
||||||
|
value of 0 or a negative integer is ignored and considered to
|
||||||
|
represent no connection limit. In the case of a positive integer
|
||||||
|
value, any newly accepted connections will be first checked against
|
||||||
|
the current count of established connections and, if the configured
|
||||||
|
limit has been reached, then the newly accepted connection will be
|
||||||
|
closed immediately.
|
||||||
|
|
||||||
security-libs/javax.net.ssl:
|
security-libs/javax.net.ssl:
|
||||||
|
|
||||||
JDK-8282859: Enable TLSv1.3 by Default on JDK 8 for Client Roles
|
JDK-8282859: Enable TLSv1.3 by Default on JDK 8 for Client Roles
|
||||||
|
@ -313,7 +313,7 @@
|
|||||||
# note, following three variables are sedded from update_sources if used correctly. Hardcode them rather there.
|
# note, following three variables are sedded from update_sources if used correctly. Hardcode them rather there.
|
||||||
%global shenandoah_project openjdk
|
%global shenandoah_project openjdk
|
||||||
%global shenandoah_repo shenandoah-jdk8u
|
%global shenandoah_repo shenandoah-jdk8u
|
||||||
%global openjdk_revision jdk8u352-b08
|
%global openjdk_revision jdk8u362-b01
|
||||||
%global shenandoah_revision shenandoah-%{openjdk_revision}
|
%global shenandoah_revision shenandoah-%{openjdk_revision}
|
||||||
# Define old aarch64/jdk8u tree variables for compatibility
|
# Define old aarch64/jdk8u tree variables for compatibility
|
||||||
%global project %{shenandoah_project}
|
%global project %{shenandoah_project}
|
||||||
@ -332,12 +332,12 @@
|
|||||||
%global updatever %(VERSION=%{whole_update}; echo ${VERSION##*u})
|
%global updatever %(VERSION=%{whole_update}; echo ${VERSION##*u})
|
||||||
# eg jdk8u60-b27 -> b27
|
# eg jdk8u60-b27 -> b27
|
||||||
%global buildver %(VERSION=%{version_tag}; echo ${VERSION##*-})
|
%global buildver %(VERSION=%{version_tag}; echo ${VERSION##*-})
|
||||||
%global rpmrelease 2
|
%global rpmrelease 3
|
||||||
# Define milestone (EA for pre-releases, GA ("fcs") for releases)
|
# Define milestone (EA for pre-releases, GA ("fcs") for releases)
|
||||||
# Release will be (where N is usually a number starting at 1):
|
# Release will be (where N is usually a number starting at 1):
|
||||||
# - 0.N%%{?extraver}%%{?dist} for EA releases,
|
# - 0.N%%{?extraver}%%{?dist} for EA releases,
|
||||||
# - N%%{?extraver}{?dist} for GA releases
|
# - N%%{?extraver}{?dist} for GA releases
|
||||||
%global is_ga 1
|
%global is_ga 0
|
||||||
%if %{is_ga}
|
%if %{is_ga}
|
||||||
%global milestone fcs
|
%global milestone fcs
|
||||||
%global milestone_version %{nil}
|
%global milestone_version %{nil}
|
||||||
@ -1446,10 +1446,10 @@ Patch202: jdk8035341-allow_using_system_installed_libpng.patch
|
|||||||
# 8042159: Allow using a system-installed lcms2
|
# 8042159: Allow using a system-installed lcms2
|
||||||
Patch203: jdk8042159-allow_using_system_installed_lcms2-root.patch
|
Patch203: jdk8042159-allow_using_system_installed_lcms2-root.patch
|
||||||
Patch204: jdk8042159-allow_using_system_installed_lcms2-jdk.patch
|
Patch204: jdk8042159-allow_using_system_installed_lcms2-jdk.patch
|
||||||
# JDK-8195607, PR3776, RH1760437: sun/security/pkcs11/Secmod/TestNssDbSqlite.java failed with "NSS initialization failed" on NSS 3.34.1
|
|
||||||
Patch580: jdk8195607-pr3776-rh1760437-nss_sqlite_db_config.patch
|
|
||||||
# JDK-8257794: Zero: assert(istate->_stack_limit == istate->_thread->last_Java_sp() + 1) failed: wrong on Linux/x86_32
|
# JDK-8257794: Zero: assert(istate->_stack_limit == istate->_thread->last_Java_sp() + 1) failed: wrong on Linux/x86_32
|
||||||
Patch581: jdk8257794-remove_broken_assert.patch
|
Patch581: jdk8257794-remove_broken_assert.patch
|
||||||
|
# JDK-8255559, RH2124390: Leak File Descriptors Because of ResolverLocalFilesystem#engineResolveURI()
|
||||||
|
Patch582: jdk8255559-rh2124390-file_descriptor_leak.patch
|
||||||
|
|
||||||
#############################################
|
#############################################
|
||||||
#
|
#
|
||||||
@ -1884,7 +1884,6 @@ sh %{SOURCE12}
|
|||||||
%patch571
|
%patch571
|
||||||
%patch574
|
%patch574
|
||||||
%patch112
|
%patch112
|
||||||
%patch580
|
|
||||||
%patch581
|
%patch581
|
||||||
%patch113
|
%patch113
|
||||||
|
|
||||||
@ -1898,6 +1897,8 @@ pushd %{top_level_dir_name}
|
|||||||
# tzdata updates targetted for 8u362
|
# tzdata updates targetted for 8u362
|
||||||
%patch2002 -p1
|
%patch2002 -p1
|
||||||
%patch2003 -p1
|
%patch2003 -p1
|
||||||
|
# fix for file leak in XML code
|
||||||
|
%patch582 -p1
|
||||||
popd
|
popd
|
||||||
|
|
||||||
# RPM-only fixes
|
# RPM-only fixes
|
||||||
@ -2218,10 +2219,6 @@ export SEC_DEBUG="-Djava.security.debug=properties"
|
|||||||
$JAVA_HOME/bin/java ${SEC_DEBUG} ${PROG} true
|
$JAVA_HOME/bin/java ${SEC_DEBUG} ${PROG} true
|
||||||
$JAVA_HOME/bin/java ${SEC_DEBUG} -Djava.security.disableSystemPropertiesFile=true ${PROG} false
|
$JAVA_HOME/bin/java ${SEC_DEBUG} -Djava.security.disableSystemPropertiesFile=true ${PROG} false
|
||||||
|
|
||||||
# Check correct vendor values have been set
|
|
||||||
$JAVA_HOME/bin/javac -d . %{SOURCE16}
|
|
||||||
$JAVA_HOME/bin/java $(echo $(basename %{SOURCE16})|sed "s|\.java||") "%{oj_vendor}" %{oj_vendor_url} %{oj_vendor_bug_url}
|
|
||||||
|
|
||||||
# Check java launcher has no SSB mitigation
|
# Check java launcher has no SSB mitigation
|
||||||
if ! nm $JAVA_HOME/bin/java | grep set_speculation ; then true ; else false; fi
|
if ! nm $JAVA_HOME/bin/java | grep set_speculation ; then true ; else false; fi
|
||||||
|
|
||||||
@ -2232,6 +2229,10 @@ nm $JAVA_HOME/bin/%{alt_java_name} | grep set_speculation
|
|||||||
if ! nm $JAVA_HOME/bin/%{alt_java_name} | grep set_speculation ; then true ; else false; fi
|
if ! nm $JAVA_HOME/bin/%{alt_java_name} | grep set_speculation ; then true ; else false; fi
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
|
# Check correct vendor values have been set
|
||||||
|
$JAVA_HOME/bin/javac -d . %{SOURCE16}
|
||||||
|
$JAVA_HOME/bin/java $(echo $(basename %{SOURCE16})|sed "s|\.java||") "%{oj_vendor}" %{oj_vendor_url} %{oj_vendor_bug_url}
|
||||||
|
|
||||||
# Check translations are available for new timezones
|
# Check translations are available for new timezones
|
||||||
$JAVA_HOME/bin/javac -d . %{SOURCE18}
|
$JAVA_HOME/bin/javac -d . %{SOURCE18}
|
||||||
$JAVA_HOME/bin/java $(echo $(basename %{SOURCE18})|sed "s|\.java||") JRE
|
$JAVA_HOME/bin/java $(echo $(basename %{SOURCE18})|sed "s|\.java||") JRE
|
||||||
@ -2705,15 +2706,32 @@ cjc.mainProgram(args)
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Sun Oct 16 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.352.b08-2
|
* Tue Jan 10 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.362.b01-0.3.ea
|
||||||
|
- Update to shenandoah-jdk8u362-b01 (EA)
|
||||||
|
- Update release notes for shenandoah-8u362-b01.
|
||||||
|
- Switch to EA mode for 8u362 pre-release builds.
|
||||||
|
- Drop JDK-8195607/PR3776/RH1760437 now this is upstream
|
||||||
|
- Related: rhbz#2150193
|
||||||
|
|
||||||
|
* Thu Nov 10 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.352.b08-3
|
||||||
|
- Add backport of JDK-8255559 to fix file descriptor leak in XML code
|
||||||
|
- Resolves: rhbz#2124390
|
||||||
|
|
||||||
|
* Wed Oct 19 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.352.b08-2
|
||||||
- Update to shenandoah-jdk8u352-b08 (GA)
|
- Update to shenandoah-jdk8u352-b08 (GA)
|
||||||
- Update release notes for shenandoah-8u352-b08.
|
- Update release notes for shenandoah-8u352-b08.
|
||||||
- Rebase FIPS patch against 8u352-b07
|
- Switch to GA mode for final release.
|
||||||
- Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173
|
- Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173
|
||||||
- Add test to ensure timezones can be translated
|
- Add test to ensure timezones can be translated
|
||||||
- * This tarball is embargoed until 2022-10-18 @ 1pm PT. *
|
|
||||||
- Resolves: rhbz#2133695
|
- Resolves: rhbz#2133695
|
||||||
|
|
||||||
|
* Wed Oct 12 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.352.b07-0.2.ea
|
||||||
|
- Update to shenandoah-jdk8u352-b07 (EA)
|
||||||
|
- Update release notes for shenandoah-8u352-b07.
|
||||||
|
- Switch to EA mode for 8u352 pre-release builds.
|
||||||
|
- Rebase FIPS patch against 8u352-b07
|
||||||
|
- Resolves: rhbz#2130612
|
||||||
|
|
||||||
* Tue Aug 30 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.345.b01-5
|
* Tue Aug 30 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.345.b01-5
|
||||||
- Switch to static builds, reducing system dependencies and making build more portable
|
- Switch to static builds, reducing system dependencies and making build more portable
|
||||||
- Resolves: rhbz#2048542
|
- Resolves: rhbz#2048542
|
||||||
|
@ -1,125 +0,0 @@
|
|||||||
# HG changeset patch
|
|
||||||
# User mbalao
|
|
||||||
# Date 1529971845 -28800
|
|
||||||
# Tue Jun 26 08:10:45 2018 +0800
|
|
||||||
# Node ID e9c20b7250cd98d16a67f2a30b34284c2caa01dc
|
|
||||||
# Parent 9f1aa2e38d90dd60522237d7414af6bdcf03c4ff
|
|
||||||
8195607, PR3776: sun/security/pkcs11/Secmod/TestNssDbSqlite.java failed with "NSS initialization failed" on NSS 3.34.1
|
|
||||||
Reviewed-by: valeriep, weijun
|
|
||||||
|
|
||||||
diff --git openjdk.orig/jdk/src/share/classes/sun/security/pkcs11/Secmod.java openjdk/jdk/src/share/classes/sun/security/pkcs11/Secmod.java
|
|
||||||
--- openjdk.orig/jdk/src/share/classes/sun/security/pkcs11/Secmod.java
|
|
||||||
+++ openjdk/jdk/src/share/classes/sun/security/pkcs11/Secmod.java
|
|
||||||
@@ -197,7 +197,7 @@
|
|
||||||
|
|
||||||
if (configDir != null) {
|
|
||||||
String configDirPath = null;
|
|
||||||
- String sqlPrefix = "sql:/";
|
|
||||||
+ String sqlPrefix = "sql:";
|
|
||||||
if (!configDir.startsWith(sqlPrefix)) {
|
|
||||||
configDirPath = configDir;
|
|
||||||
} else {
|
|
||||||
diff --git openjdk.orig/jdk/src/share/native/sun/security/pkcs11/j2secmod.c openjdk/jdk/src/share/native/sun/security/pkcs11/j2secmod.c
|
|
||||||
--- openjdk.orig/jdk/src/share/native/sun/security/pkcs11/j2secmod.c
|
|
||||||
+++ openjdk/jdk/src/share/native/sun/security/pkcs11/j2secmod.c
|
|
||||||
@@ -69,9 +69,14 @@
|
|
||||||
int res = 0;
|
|
||||||
FPTR_Initialize initialize =
|
|
||||||
(FPTR_Initialize)findFunction(env, jHandle, "NSS_Initialize");
|
|
||||||
+ #ifdef SECMOD_DEBUG
|
|
||||||
+ FPTR_GetError getError =
|
|
||||||
+ (FPTR_GetError)findFunction(env, jHandle, "PORT_GetError");
|
|
||||||
+ #endif // SECMOD_DEBUG
|
|
||||||
unsigned int flags = 0x00;
|
|
||||||
const char *configDir = NULL;
|
|
||||||
const char *functionName = NULL;
|
|
||||||
+ const char *configFile = NULL;
|
|
||||||
|
|
||||||
/* If we cannot initialize, exit now */
|
|
||||||
if (initialize == NULL) {
|
|
||||||
@@ -97,13 +102,18 @@
|
|
||||||
flags = 0x20; // NSS_INIT_OPTIMIZESPACE flag
|
|
||||||
}
|
|
||||||
|
|
||||||
+ configFile = "secmod.db";
|
|
||||||
+ if (configDir != NULL && strncmp("sql:", configDir, 4U) == 0) {
|
|
||||||
+ configFile = "pkcs11.txt";
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
/*
|
|
||||||
* If the NSS_Init function is requested then call NSS_Initialize to
|
|
||||||
* open the Cert, Key and Security Module databases, read only.
|
|
||||||
*/
|
|
||||||
if (strcmp("NSS_Init", functionName) == 0) {
|
|
||||||
flags = flags | 0x01; // NSS_INIT_READONLY flag
|
|
||||||
- res = initialize(configDir, "", "", "secmod.db", flags);
|
|
||||||
+ res = initialize(configDir, "", "", configFile, flags);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* If the NSS_InitReadWrite function is requested then call
|
|
||||||
@@ -111,7 +121,7 @@
|
|
||||||
* read/write.
|
|
||||||
*/
|
|
||||||
} else if (strcmp("NSS_InitReadWrite", functionName) == 0) {
|
|
||||||
- res = initialize(configDir, "", "", "secmod.db", flags);
|
|
||||||
+ res = initialize(configDir, "", "", configFile, flags);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* If the NSS_NoDB_Init function is requested then call
|
|
||||||
@@ -137,6 +147,13 @@
|
|
||||||
(*env)->ReleaseStringUTFChars(env, jConfigDir, configDir);
|
|
||||||
}
|
|
||||||
dprintf1("-res: %d\n", res);
|
|
||||||
+ #ifdef SECMOD_DEBUG
|
|
||||||
+ if (res == -1) {
|
|
||||||
+ if (getError != NULL) {
|
|
||||||
+ dprintf1("-NSS error: %d\n", getError());
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
+ #endif // SECMOD_DEBUG
|
|
||||||
|
|
||||||
return (res == 0) ? JNI_TRUE : JNI_FALSE;
|
|
||||||
}
|
|
||||||
diff --git openjdk.orig/jdk/src/solaris/native/sun/security/pkcs11/j2secmod_md.h openjdk/jdk/src/solaris/native/sun/security/pkcs11/j2secmod_md.h
|
|
||||||
--- openjdk.orig/jdk/src/solaris/native/sun/security/pkcs11/j2secmod_md.h
|
|
||||||
+++ openjdk/jdk/src/solaris/native/sun/security/pkcs11/j2secmod_md.h
|
|
||||||
@@ -34,6 +34,10 @@
|
|
||||||
const char *certPrefix, const char *keyPrefix,
|
|
||||||
const char *secmodName, unsigned int flags);
|
|
||||||
|
|
||||||
+#ifdef SECMOD_DEBUG
|
|
||||||
+typedef int (*FPTR_GetError)(void);
|
|
||||||
+#endif //SECMOD_DEBUG
|
|
||||||
+
|
|
||||||
// in secmod.h
|
|
||||||
//extern SECMODModule *SECMOD_LoadModule(char *moduleSpec,SECMODModule *parent,
|
|
||||||
// PRBool recurse);
|
|
||||||
diff --git openjdk.orig/jdk/test/sun/security/pkcs11/Secmod/pkcs11.txt openjdk/jdk/test/sun/security/pkcs11/Secmod/pkcs11.txt
|
|
||||||
new file mode 100644
|
|
||||||
--- /dev/null
|
|
||||||
+++ openjdk/jdk/test/sun/security/pkcs11/Secmod/pkcs11.txt
|
|
||||||
@@ -0,0 +1,4 @@
|
|
||||||
+library=
|
|
||||||
+name=NSS Internal PKCS #11 Module
|
|
||||||
+parameters=configdir='sql:./tmpdb' certPrefix='' keyPrefix='' secmod='' flags= updatedir='' updateCertPrefix='' updateKeyPrefix='' updateid='' updateTokenDescription=''
|
|
||||||
+NSS=Flags=internal,critical trustOrder=75 cipherOrder=100 slotParams=(1={slotFlags=[RSA,DSA,DH,RC2,RC4,DES,RANDOM,SHA1,MD5,MD2,SSL,TLS,AES,Camellia,SEED,SHA256,SHA512] askpw=any timeout=30})
|
|
||||||
diff --git openjdk.orig/jdk/test/sun/security/pkcs11/SecmodTest.java openjdk/jdk/test/sun/security/pkcs11/SecmodTest.java
|
|
||||||
--- openjdk.orig/jdk/test/sun/security/pkcs11/SecmodTest.java
|
|
||||||
+++ openjdk/jdk/test/sun/security/pkcs11/SecmodTest.java
|
|
||||||
@@ -55,7 +55,7 @@
|
|
||||||
|
|
||||||
DBDIR = System.getProperty("test.classes", ".") + SEP + "tmpdb";
|
|
||||||
if (useSqlite) {
|
|
||||||
- System.setProperty("pkcs11test.nss.db", "sql:/" + DBDIR);
|
|
||||||
+ System.setProperty("pkcs11test.nss.db", "sql:" + DBDIR);
|
|
||||||
} else {
|
|
||||||
System.setProperty("pkcs11test.nss.db", DBDIR);
|
|
||||||
}
|
|
||||||
@@ -67,6 +67,7 @@
|
|
||||||
if (useSqlite) {
|
|
||||||
copyFile("key4.db", BASE, DBDIR);
|
|
||||||
copyFile("cert9.db", BASE, DBDIR);
|
|
||||||
+ copyFile("pkcs11.txt", BASE, DBDIR);
|
|
||||||
} else {
|
|
||||||
copyFile("secmod.db", BASE, DBDIR);
|
|
||||||
copyFile("key3.db", BASE, DBDIR);
|
|
82
jdk8255559-rh2124390-file_descriptor_leak.patch
Normal file
82
jdk8255559-rh2124390-file_descriptor_leak.patch
Normal file
@ -0,0 +1,82 @@
|
|||||||
|
commit db11331cd62ad8bc4f5454c33a42280f419909d2
|
||||||
|
Author: Andrew John Hughes <andrew@openjdk.org>
|
||||||
|
Date: Wed Nov 9 15:49:09 2022 +0000
|
||||||
|
|
||||||
|
Backport d53072236c503295b893efa6372c869ac84fa688
|
||||||
|
|
||||||
|
diff --git a/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMReference.java b/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMReference.java
|
||||||
|
index c4cac5351cc..53de0490c5b 100644
|
||||||
|
--- a/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMReference.java
|
||||||
|
+++ b/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMReference.java
|
||||||
|
@@ -500,38 +500,44 @@ public final class DOMReference extends DOMStructure
|
||||||
|
}
|
||||||
|
|
||||||
|
boolean secVal = Utils.secureValidation(context);
|
||||||
|
- xi.setSecureValidation(secVal);
|
||||||
|
- if (context instanceof XMLSignContext && c14n11
|
||||||
|
- && !xi.isOctetStream() && !xi.isOutputStreamSet()) {
|
||||||
|
- TransformService spi = null;
|
||||||
|
- if (provider == null) {
|
||||||
|
- spi = TransformService.getInstance(c14nalg, "DOM");
|
||||||
|
- } else {
|
||||||
|
- try {
|
||||||
|
- spi = TransformService.getInstance(c14nalg, "DOM", provider);
|
||||||
|
- } catch (NoSuchAlgorithmException nsae) {
|
||||||
|
+ try {
|
||||||
|
+ xi.setSecureValidation(secVal);
|
||||||
|
+ if (context instanceof XMLSignContext && c14n11
|
||||||
|
+ && !xi.isOctetStream() && !xi.isOutputStreamSet()) {
|
||||||
|
+ TransformService spi = null;
|
||||||
|
+ if (provider == null) {
|
||||||
|
spi = TransformService.getInstance(c14nalg, "DOM");
|
||||||
|
+ } else {
|
||||||
|
+ try {
|
||||||
|
+ spi = TransformService.getInstance(c14nalg, "DOM", provider);
|
||||||
|
+ } catch (NoSuchAlgorithmException nsae) {
|
||||||
|
+ spi = TransformService.getInstance(c14nalg, "DOM");
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
- }
|
||||||
|
|
||||||
|
- DOMTransform t = new DOMTransform(spi);
|
||||||
|
- Element transformsElem = null;
|
||||||
|
- String dsPrefix = DOMUtils.getSignaturePrefix(context);
|
||||||
|
- if (allTransforms.isEmpty()) {
|
||||||
|
- transformsElem = DOMUtils.createElement(
|
||||||
|
- refElem.getOwnerDocument(),
|
||||||
|
- "Transforms", XMLSignature.XMLNS, dsPrefix);
|
||||||
|
- refElem.insertBefore(transformsElem,
|
||||||
|
- DOMUtils.getFirstChildElement(refElem));
|
||||||
|
+ DOMTransform t = new DOMTransform(spi);
|
||||||
|
+ Element transformsElem = null;
|
||||||
|
+ String dsPrefix = DOMUtils.getSignaturePrefix(context);
|
||||||
|
+ if (allTransforms.isEmpty()) {
|
||||||
|
+ transformsElem = DOMUtils.createElement(
|
||||||
|
+ refElem.getOwnerDocument(),
|
||||||
|
+ "Transforms", XMLSignature.XMLNS, dsPrefix);
|
||||||
|
+ refElem.insertBefore(transformsElem,
|
||||||
|
+ DOMUtils.getFirstChildElement(refElem));
|
||||||
|
+ } else {
|
||||||
|
+ transformsElem = DOMUtils.getFirstChildElement(refElem);
|
||||||
|
+ }
|
||||||
|
+ t.marshal(transformsElem, dsPrefix,
|
||||||
|
+ (DOMCryptoContext) context);
|
||||||
|
+ allTransforms.add(t);
|
||||||
|
+ xi.updateOutputStream(os, true);
|
||||||
|
} else {
|
||||||
|
- transformsElem = DOMUtils.getFirstChildElement(refElem);
|
||||||
|
+ xi.updateOutputStream(os);
|
||||||
|
+ }
|
||||||
|
+ } finally {
|
||||||
|
+ if(xi.getOctetStreamReal() != null) {
|
||||||
|
+ xi.getOctetStreamReal().close();
|
||||||
|
}
|
||||||
|
- t.marshal(transformsElem, dsPrefix,
|
||||||
|
- (DOMCryptoContext)context);
|
||||||
|
- allTransforms.add(t);
|
||||||
|
- xi.updateOutputStream(os, true);
|
||||||
|
- } else {
|
||||||
|
- xi.updateOutputStream(os);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
os.flush();
|
2
sources
2
sources
@ -1,2 +1,2 @@
|
|||||||
SHA512 (openjdk-shenandoah-jdk8u-shenandoah-jdk8u352-b08-4curve.tar.xz) = 64a3679f3c5159b5742aac14a1a07d860a33c98a06b705bd106f0e997e591751c2645e9037cb9b4f6093aac69456f28dacf90451f0b083e803db4e5cb35d349f
|
SHA512 (openjdk-shenandoah-jdk8u-shenandoah-jdk8u362-b01-4curve.tar.xz) = ac6238227dfb9714a87baf10e59c45c789300ef798dc38ec0145bbc0b09f23fcce1b617424aeade46a297690bb11c49be725c7a547419be905de2579385f9544
|
||||||
SHA512 (tapsets-icedtea-3.15.0.tar.xz) = c752a197cb3d812d50c35e11e4722772be40096c81d2a57933e0d9b8a3c708b9c157b8108a4e33a06ca7bb81648170994408c75d6f69d5ff12785d0c31009671
|
SHA512 (tapsets-icedtea-3.15.0.tar.xz) = c752a197cb3d812d50c35e11e4722772be40096c81d2a57933e0d9b8a3c708b9c157b8108a4e33a06ca7bb81648170994408c75d6f69d5ff12785d0c31009671
|
||||||
|
Loading…
Reference in New Issue
Block a user