Auto sync2gitlab import of java-1.8.0-openjdk-1.8.0.362.b09-3.el8.src.rpm
This commit is contained in:
parent
8e7ece541a
commit
ef629904fd
1
.gitignore
vendored
1
.gitignore
vendored
@ -2,3 +2,4 @@ SOURCES/openjdk-shenandoah-jdk8u-shenandoah-jdk8u362-b08-4curve.tar.xz
|
|||||||
SOURCES/tapsets-icedtea-3.15.0.tar.xz
|
SOURCES/tapsets-icedtea-3.15.0.tar.xz
|
||||||
/openjdk-shenandoah-jdk8u-shenandoah-jdk8u362-b08-4curve.tar.xz
|
/openjdk-shenandoah-jdk8u-shenandoah-jdk8u362-b08-4curve.tar.xz
|
||||||
/tapsets-icedtea-3.15.0.tar.xz
|
/tapsets-icedtea-3.15.0.tar.xz
|
||||||
|
/openjdk-shenandoah-jdk8u-shenandoah-jdk8u362-b09-4curve.tar.xz
|
||||||
|
2
NEWS
2
NEWS
@ -84,6 +84,8 @@ Live versions of these release notes can be found at:
|
|||||||
- JDK-8297804: (tz) Update Timezone Data to 2022g
|
- JDK-8297804: (tz) Update Timezone Data to 2022g
|
||||||
- JDK-8299439: java/text/Format/NumberFormat/CurrencyFormat.java fails for hr_HR
|
- JDK-8299439: java/text/Format/NumberFormat/CurrencyFormat.java fails for hr_HR
|
||||||
- JDK-8299483: ProblemList java/text/Format/NumberFormat/CurrencyFormat.java
|
- JDK-8299483: ProblemList java/text/Format/NumberFormat/CurrencyFormat.java
|
||||||
|
- JDK-8300178: JDK-8286496 causes build failure on older GCC
|
||||||
|
- JDK-8300225: JDK-8288516 causes build failure on Windows + VS2010
|
||||||
|
|
||||||
Notes on individual issues:
|
Notes on individual issues:
|
||||||
===========================
|
===========================
|
||||||
|
@ -313,7 +313,7 @@
|
|||||||
# note, following three variables are sedded from update_sources if used correctly. Hardcode them rather there.
|
# note, following three variables are sedded from update_sources if used correctly. Hardcode them rather there.
|
||||||
%global shenandoah_project openjdk
|
%global shenandoah_project openjdk
|
||||||
%global shenandoah_repo shenandoah-jdk8u
|
%global shenandoah_repo shenandoah-jdk8u
|
||||||
%global openjdk_revision jdk8u362-b08
|
%global openjdk_revision jdk8u362-b09
|
||||||
%global shenandoah_revision shenandoah-%{openjdk_revision}
|
%global shenandoah_revision shenandoah-%{openjdk_revision}
|
||||||
# Define old aarch64/jdk8u tree variables for compatibility
|
# Define old aarch64/jdk8u tree variables for compatibility
|
||||||
%global project %{shenandoah_project}
|
%global project %{shenandoah_project}
|
||||||
@ -323,6 +323,8 @@
|
|||||||
%global icedteaver 3.15.0
|
%global icedteaver 3.15.0
|
||||||
# Define current Git revision for the FIPS support patches
|
# Define current Git revision for the FIPS support patches
|
||||||
%global fipsver 6d1aade0648
|
%global fipsver 6d1aade0648
|
||||||
|
# Define current Git revision for the cacerts patch
|
||||||
|
%global cacertsver 8139f2361c2
|
||||||
|
|
||||||
# e.g. aarch64-shenandoah-jdk8u212-b04-shenandoah-merge-2019-04-30 -> aarch64-shenandoah-jdk8u212-b04
|
# e.g. aarch64-shenandoah-jdk8u212-b04-shenandoah-merge-2019-04-30 -> aarch64-shenandoah-jdk8u212-b04
|
||||||
%global version_tag %(VERSION=%{revision}; echo ${VERSION%%-shenandoah-merge*})
|
%global version_tag %(VERSION=%{revision}; echo ${VERSION%%-shenandoah-merge*})
|
||||||
@ -1354,7 +1356,7 @@ Patch1000: rh1648249-add_commented_out_nss_cfg_provider_to_java_security.patch
|
|||||||
Patch1003: rh1582504-rsa_default_for_keytool.patch
|
Patch1003: rh1582504-rsa_default_for_keytool.patch
|
||||||
|
|
||||||
# Crypto policy and FIPS support patches
|
# Crypto policy and FIPS support patches
|
||||||
# Patch is generated from the fips tree at https://github.com/rh-openjdk/jdk11u/tree/fips
|
# Patch is generated from the fips tree at https://github.com/rh-openjdk/jdk8u/tree/fips
|
||||||
# as follows: git diff %%{openjdk_revision} common jdk > fips-8u-$(git show -s --format=%h HEAD).patch
|
# as follows: git diff %%{openjdk_revision} common jdk > fips-8u-$(git show -s --format=%h HEAD).patch
|
||||||
# Diff is limited to src and make subdirectories to exclude .github changes
|
# Diff is limited to src and make subdirectories to exclude .github changes
|
||||||
# Fixes currently included:
|
# Fixes currently included:
|
||||||
@ -1393,8 +1395,10 @@ Patch528: pr3083-rh1346460-for_ssl_debug_return_null_instead_of_exception_when_t
|
|||||||
# PR2888: OpenJDK should check for system cacerts database (e.g. /etc/pki/java/cacerts)
|
# PR2888: OpenJDK should check for system cacerts database (e.g. /etc/pki/java/cacerts)
|
||||||
# PR3575, RH1567204: System cacerts database handling should not affect jssecacerts
|
# PR3575, RH1567204: System cacerts database handling should not affect jssecacerts
|
||||||
# RH2055274: Revert default keystore to JAVA_HOME/jre/lib/security/cacerts in portable builds
|
# RH2055274: Revert default keystore to JAVA_HOME/jre/lib/security/cacerts in portable builds
|
||||||
# Must be applied after crypto policy patch as it also changes java.security
|
# Must be applied after the FIPS patch as it also changes java.security
|
||||||
Patch539: pr2888-rh2055274-support_system_cacerts.patch
|
# Patch is generated from the cacerts tree at https://github.com/rh-openjdk/jdk8u/tree/cacerts
|
||||||
|
# as follows: git diff fips > pr2888-rh2055274-support_system_cacerts-$(git show -s --format=%h HEAD).patch
|
||||||
|
Patch539: pr2888-rh2055274-support_system_cacerts-%{cacertsver}.patch
|
||||||
# enable build of speculative store bypass hardened alt-java
|
# enable build of speculative store bypass hardened alt-java
|
||||||
Patch600: rh1750419-redhat_alt_java.patch
|
Patch600: rh1750419-redhat_alt_java.patch
|
||||||
# JDK-8281098, PR3836: Extra compiler flags not passed to adlc build
|
# JDK-8281098, PR3836: Extra compiler flags not passed to adlc build
|
||||||
@ -2690,6 +2694,12 @@ cjc.mainProgram(args)
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Jan 24 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.362.b09-3
|
||||||
|
- Update cacerts patch to fix OPENJDK-1433 SecurityManager issue
|
||||||
|
- Update to shenandoah-jdk8u352-b09 (GA)
|
||||||
|
- Update release notes for shenandoah-8u352-b09.
|
||||||
|
- Resolves: rhbz#2162715
|
||||||
|
|
||||||
* Fri Jan 13 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.362.b08-3
|
* Fri Jan 13 2023 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.362.b08-3
|
||||||
- Update to shenandoah-jdk8u352-b08 (GA)
|
- Update to shenandoah-jdk8u352-b08 (GA)
|
||||||
- Update release notes for shenandoah-8u352-b08.
|
- Update release notes for shenandoah-8u352-b08.
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
diff --git a/jdk/src/share/classes/sun/security/ssl/TrustStoreManager.java b/jdk/src/share/classes/sun/security/ssl/TrustStoreManager.java
|
diff --git a/jdk/src/share/classes/sun/security/ssl/TrustStoreManager.java b/jdk/src/share/classes/sun/security/ssl/TrustStoreManager.java
|
||||||
index e7b4763db53..e8ec8467e6a 100644
|
index e7b4763db53..0005e56f528 100644
|
||||||
--- a/jdk/src/share/classes/sun/security/ssl/TrustStoreManager.java
|
--- a/jdk/src/share/classes/sun/security/ssl/TrustStoreManager.java
|
||||||
+++ b/jdk/src/share/classes/sun/security/ssl/TrustStoreManager.java
|
+++ b/jdk/src/share/classes/sun/security/ssl/TrustStoreManager.java
|
||||||
@@ -31,6 +31,7 @@ import java.security.*;
|
@@ -31,6 +31,7 @@ import java.security.*;
|
||||||
@ -19,16 +19,17 @@ index e7b4763db53..e8ec8467e6a 100644
|
|||||||
*/
|
*/
|
||||||
private static final class TrustStoreDescriptor {
|
private static final class TrustStoreDescriptor {
|
||||||
private static final String fileSep = File.separator;
|
private static final String fileSep = File.separator;
|
||||||
@@ -76,7 +77,7 @@ final class TrustStoreManager {
|
@@ -76,7 +77,8 @@ final class TrustStoreManager {
|
||||||
GetPropertyAction.privilegedGetProperty("java.home") +
|
GetPropertyAction.privilegedGetProperty("java.home") +
|
||||||
fileSep + "lib" + fileSep + "security";
|
fileSep + "lib" + fileSep + "security";
|
||||||
private static final String defaultStore =
|
private static final String defaultStore =
|
||||||
- defaultStorePath + fileSep + "cacerts";
|
- defaultStorePath + fileSep + "cacerts";
|
||||||
+ KeyStoreUtil.getCacertsKeyStoreFile().getPath();
|
+ AccessController.doPrivileged((PrivilegedAction<String>) () ->
|
||||||
|
+ KeyStoreUtil.getCacertsKeyStorePath());
|
||||||
private static final String jsseDefaultStore =
|
private static final String jsseDefaultStore =
|
||||||
defaultStorePath + fileSep + "jssecacerts";
|
defaultStorePath + fileSep + "jssecacerts";
|
||||||
|
|
||||||
@@ -139,6 +140,10 @@ final class TrustStoreManager {
|
@@ -139,6 +141,10 @@ final class TrustStoreManager {
|
||||||
String storePropPassword = System.getProperty(
|
String storePropPassword = System.getProperty(
|
||||||
"javax.net.ssl.trustStorePassword", "");
|
"javax.net.ssl.trustStorePassword", "");
|
||||||
|
|
||||||
@ -39,117 +40,56 @@ index e7b4763db53..e8ec8467e6a 100644
|
|||||||
String temporaryName = "";
|
String temporaryName = "";
|
||||||
File temporaryFile = null;
|
File temporaryFile = null;
|
||||||
long temporaryTime = 0L;
|
long temporaryTime = 0L;
|
||||||
@@ -146,21 +151,22 @@ final class TrustStoreManager {
|
@@ -160,7 +166,7 @@ final class TrustStoreManager {
|
||||||
String[] fileNames =
|
|
||||||
new String[] {storePropName, defaultStore};
|
|
||||||
for (String fileName : fileNames) {
|
|
||||||
- File f = new File(fileName);
|
|
||||||
- if (f.isFile() && f.canRead()) {
|
|
||||||
- temporaryName = fileName;;
|
|
||||||
- temporaryFile = f;
|
|
||||||
- temporaryTime = f.lastModified();
|
|
||||||
-
|
|
||||||
- break;
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
- // Not break, the file is inaccessible.
|
|
||||||
- if (SSLLogger.isOn &&
|
|
||||||
+ if (fileName != null && !"".equals(fileName)) {
|
|
||||||
+ File f = new File(fileName);
|
|
||||||
+ if (f.isFile() && f.canRead()) {
|
|
||||||
+ temporaryName = fileName;;
|
|
||||||
+ temporaryFile = f;
|
|
||||||
+ temporaryTime = f.lastModified();
|
|
||||||
+
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
+ // Not break, the file is inaccessible.
|
|
||||||
+ if (SSLLogger.isOn &&
|
|
||||||
SSLLogger.isOn("trustmanager")) {
|
SSLLogger.isOn("trustmanager")) {
|
||||||
- SSLLogger.fine(
|
SSLLogger.fine(
|
||||||
- "Inaccessible trust store: " +
|
"Inaccessible trust store: " +
|
||||||
- storePropName);
|
- storePropName);
|
||||||
+ SSLLogger.fine(
|
+ fileName);
|
||||||
+ "Inaccessible trust store: " +
|
|
||||||
+ fileName);
|
|
||||||
+ }
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
diff --git a/jdk/src/share/classes/sun/security/tools/KeyStoreUtil.java b/jdk/src/share/classes/sun/security/tools/KeyStoreUtil.java
|
diff --git a/jdk/src/share/classes/sun/security/tools/KeyStoreUtil.java b/jdk/src/share/classes/sun/security/tools/KeyStoreUtil.java
|
||||||
index fcc77786da1..f554f83a8b4 100644
|
index fcc77786da1..3a4388964cc 100644
|
||||||
--- a/jdk/src/share/classes/sun/security/tools/KeyStoreUtil.java
|
--- a/jdk/src/share/classes/sun/security/tools/KeyStoreUtil.java
|
||||||
+++ b/jdk/src/share/classes/sun/security/tools/KeyStoreUtil.java
|
+++ b/jdk/src/share/classes/sun/security/tools/KeyStoreUtil.java
|
||||||
@@ -33,7 +33,10 @@ import java.io.InputStreamReader;
|
@@ -41,6 +41,8 @@ import java.text.Collator;
|
||||||
|
import java.util.Locale;
|
||||||
|
import java.util.ResourceBundle;
|
||||||
|
|
||||||
import java.net.URL;
|
+import sun.security.util.SecurityProperties;
|
||||||
|
+
|
||||||
+import java.security.AccessController;
|
/**
|
||||||
import java.security.KeyStore;
|
* <p> This class provides several utilities to <code>KeyStore</code>.
|
||||||
+import java.security.PrivilegedAction;
|
*
|
||||||
+import java.security.Security;
|
@@ -54,6 +56,8 @@ public class KeyStoreUtil {
|
||||||
|
|
||||||
import java.security.cert.X509Certificate;
|
|
||||||
import java.text.Collator;
|
|
||||||
@@ -54,6 +57,33 @@ public class KeyStoreUtil {
|
|
||||||
|
|
||||||
private static final String JKS = "jks";
|
private static final String JKS = "jks";
|
||||||
|
|
||||||
+ private static final String PROP_NAME = "security.systemCACerts";
|
+ private static final String SYSTEM_CA_CERTS_PROP = "security.systemCACerts";
|
||||||
+
|
|
||||||
+ /**
|
|
||||||
+ * Returns the value of the security property propName, which can be overridden
|
|
||||||
+ * by a system property of the same name
|
|
||||||
+ *
|
|
||||||
+ * @param propName the name of the system or security property
|
|
||||||
+ * @return the value of the system or security property
|
|
||||||
+ */
|
|
||||||
+ @SuppressWarnings("removal")
|
|
||||||
+ public static String privilegedGetOverridable(String propName) {
|
|
||||||
+ if (System.getSecurityManager() == null) {
|
|
||||||
+ return getOverridableProperty(propName);
|
|
||||||
+ } else {
|
|
||||||
+ return AccessController.doPrivileged((PrivilegedAction<String>) () -> getOverridableProperty(propName));
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ private static String getOverridableProperty(String propName) {
|
|
||||||
+ String val = System.getProperty(propName);
|
|
||||||
+ if (val == null) {
|
|
||||||
+ return Security.getProperty(propName);
|
|
||||||
+ } else {
|
|
||||||
+ return val;
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
+
|
+
|
||||||
/**
|
/**
|
||||||
* Returns true if the certificate is self-signed, false otherwise.
|
* Returns true if the certificate is self-signed, false otherwise.
|
||||||
*/
|
*/
|
||||||
@@ -96,20 +126,38 @@ public class KeyStoreUtil {
|
@@ -96,16 +100,30 @@ public class KeyStoreUtil {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
+ /**
|
+ /**
|
||||||
+ * Returns the path to the cacerts DB
|
+ * Returns the path to the cacerts DB
|
||||||
+ */
|
+ */
|
||||||
+ public static File getCacertsKeyStoreFile()
|
+ public static String getCacertsKeyStorePath()
|
||||||
+ {
|
+ {
|
||||||
|
+ // Check system DB first, preferring system property over security one
|
||||||
|
+ String systemDB = SecurityProperties
|
||||||
|
+ .privilegedGetOverridable(SYSTEM_CA_CERTS_PROP);
|
||||||
|
+ if (systemDB != null && !"".equals(systemDB) &&
|
||||||
|
+ (new File(systemDB)).isFile()) {
|
||||||
|
+ return systemDB;
|
||||||
|
+ }
|
||||||
+ String sep = File.separator;
|
+ String sep = File.separator;
|
||||||
+ File file = null;
|
+ return System.getProperty("java.home") + sep
|
||||||
+ /* Check system cacerts DB first, preferring system property over security property */
|
+ + "lib" + sep + "security" + sep + "cacerts";
|
||||||
+ String systemDB = privilegedGetOverridable(PROP_NAME);
|
|
||||||
+ if (systemDB != null && !"".equals(systemDB)) {
|
|
||||||
+ file = new File(systemDB);
|
|
||||||
+ }
|
|
||||||
+ if (file == null || !file.exists()) {
|
|
||||||
+ file = new File(System.getProperty("java.home") + sep
|
|
||||||
+ + "lib" + sep + "security" + sep
|
|
||||||
+ + "cacerts");
|
|
||||||
+ }
|
|
||||||
+ if (file.exists()) {
|
|
||||||
+ return file;
|
|
||||||
+ }
|
|
||||||
+ return null;
|
|
||||||
+ }
|
+ }
|
||||||
+
|
+
|
||||||
/**
|
/**
|
||||||
@ -162,27 +102,21 @@ index fcc77786da1..f554f83a8b4 100644
|
|||||||
- File file = new File(System.getProperty("java.home") + sep
|
- File file = new File(System.getProperty("java.home") + sep
|
||||||
- + "lib" + sep + "security" + sep
|
- + "lib" + sep + "security" + sep
|
||||||
- + "cacerts");
|
- + "cacerts");
|
||||||
- if (!file.exists()) {
|
+ File file = new File(getCacertsKeyStorePath());
|
||||||
- return null;
|
if (!file.exists()) {
|
||||||
- }
|
return null;
|
||||||
KeyStore caks = null;
|
}
|
||||||
+ File file = getCacertsKeyStoreFile();
|
|
||||||
+ if (file == null) { return null; }
|
|
||||||
try (FileInputStream fis = new FileInputStream(file)) {
|
|
||||||
caks = KeyStore.getInstance(JKS);
|
|
||||||
caks.load(fis, null);
|
|
||||||
diff --git a/jdk/src/share/lib/security/java.security-aix b/jdk/src/share/lib/security/java.security-aix
|
diff --git a/jdk/src/share/lib/security/java.security-aix b/jdk/src/share/lib/security/java.security-aix
|
||||||
index bfe0c593adb..093bc09bf95 100644
|
index 681a24b905d..ecb8bc43a6c 100644
|
||||||
--- a/jdk/src/share/lib/security/java.security-aix
|
--- a/jdk/src/share/lib/security/java.security-aix
|
||||||
+++ b/jdk/src/share/lib/security/java.security-aix
|
+++ b/jdk/src/share/lib/security/java.security-aix
|
||||||
@@ -294,6 +294,13 @@ security.overridePropertiesFile=true
|
@@ -294,6 +294,12 @@ security.overridePropertiesFile=true
|
||||||
#
|
#
|
||||||
security.useSystemPropertiesFile=false
|
security.useSystemPropertiesFile=false
|
||||||
|
|
||||||
+#
|
+#
|
||||||
+# Specifies the system certificate store
|
+# Specifies the system certificate store
|
||||||
+# This property may be disabled using
|
+# This property may be disabled using an empty value
|
||||||
+# -Djava.security.disableSystemCACerts=true
|
|
||||||
+#
|
+#
|
||||||
+security.systemCACerts=${java.home}/lib/security/cacerts
|
+security.systemCACerts=${java.home}/lib/security/cacerts
|
||||||
+
|
+
|
||||||
@ -190,17 +124,16 @@ index bfe0c593adb..093bc09bf95 100644
|
|||||||
# Determines the default key and trust manager factory algorithms for
|
# Determines the default key and trust manager factory algorithms for
|
||||||
# the javax.net.ssl package.
|
# the javax.net.ssl package.
|
||||||
diff --git a/jdk/src/share/lib/security/java.security-linux b/jdk/src/share/lib/security/java.security-linux
|
diff --git a/jdk/src/share/lib/security/java.security-linux b/jdk/src/share/lib/security/java.security-linux
|
||||||
index 9d1c8fe8a8e..16c9281cc1f 100644
|
index 789c19a8cba..2546fdec9b2 100644
|
||||||
--- a/jdk/src/share/lib/security/java.security-linux
|
--- a/jdk/src/share/lib/security/java.security-linux
|
||||||
+++ b/jdk/src/share/lib/security/java.security-linux
|
+++ b/jdk/src/share/lib/security/java.security-linux
|
||||||
@@ -307,6 +307,13 @@ security.overridePropertiesFile=true
|
@@ -307,6 +307,12 @@ security.overridePropertiesFile=true
|
||||||
#
|
#
|
||||||
security.useSystemPropertiesFile=false
|
security.useSystemPropertiesFile=false
|
||||||
|
|
||||||
+#
|
+#
|
||||||
+# Specifies the system certificate store
|
+# Specifies the system certificate store
|
||||||
+# This property may be disabled using
|
+# This property may be disabled using an empty value
|
||||||
+# -Djava.security.disableSystemCACerts=true
|
|
||||||
+#
|
+#
|
||||||
+security.systemCACerts=${java.home}/lib/security/cacerts
|
+security.systemCACerts=${java.home}/lib/security/cacerts
|
||||||
+
|
+
|
||||||
@ -208,17 +141,16 @@ index 9d1c8fe8a8e..16c9281cc1f 100644
|
|||||||
# Determines the default key and trust manager factory algorithms for
|
# Determines the default key and trust manager factory algorithms for
|
||||||
# the javax.net.ssl package.
|
# the javax.net.ssl package.
|
||||||
diff --git a/jdk/src/share/lib/security/java.security-macosx b/jdk/src/share/lib/security/java.security-macosx
|
diff --git a/jdk/src/share/lib/security/java.security-macosx b/jdk/src/share/lib/security/java.security-macosx
|
||||||
index 19047c61097..43e034cdeaf 100644
|
index d4da666af3b..1a20027c02b 100644
|
||||||
--- a/jdk/src/share/lib/security/java.security-macosx
|
--- a/jdk/src/share/lib/security/java.security-macosx
|
||||||
+++ b/jdk/src/share/lib/security/java.security-macosx
|
+++ b/jdk/src/share/lib/security/java.security-macosx
|
||||||
@@ -297,6 +297,13 @@ security.overridePropertiesFile=true
|
@@ -297,6 +297,12 @@ security.overridePropertiesFile=true
|
||||||
#
|
#
|
||||||
security.useSystemPropertiesFile=false
|
security.useSystemPropertiesFile=false
|
||||||
|
|
||||||
+#
|
+#
|
||||||
+# Specifies the system certificate store
|
+# Specifies the system certificate store
|
||||||
+# This property may be disabled using
|
+# This property may be disabled using an empty value
|
||||||
+# -Djava.security.disableSystemCACerts=true
|
|
||||||
+#
|
+#
|
||||||
+security.systemCACerts=${java.home}/lib/security/cacerts
|
+security.systemCACerts=${java.home}/lib/security/cacerts
|
||||||
+
|
+
|
||||||
@ -226,17 +158,16 @@ index 19047c61097..43e034cdeaf 100644
|
|||||||
# Determines the default key and trust manager factory algorithms for
|
# Determines the default key and trust manager factory algorithms for
|
||||||
# the javax.net.ssl package.
|
# the javax.net.ssl package.
|
||||||
diff --git a/jdk/src/share/lib/security/java.security-solaris b/jdk/src/share/lib/security/java.security-solaris
|
diff --git a/jdk/src/share/lib/security/java.security-solaris b/jdk/src/share/lib/security/java.security-solaris
|
||||||
index 7eda556ae13..325937e97fb 100644
|
index 300132384a1..6299e0a3c7b 100644
|
||||||
--- a/jdk/src/share/lib/security/java.security-solaris
|
--- a/jdk/src/share/lib/security/java.security-solaris
|
||||||
+++ b/jdk/src/share/lib/security/java.security-solaris
|
+++ b/jdk/src/share/lib/security/java.security-solaris
|
||||||
@@ -295,6 +295,13 @@ security.overridePropertiesFile=true
|
@@ -295,6 +295,12 @@ security.overridePropertiesFile=true
|
||||||
#
|
#
|
||||||
security.useSystemPropertiesFile=false
|
security.useSystemPropertiesFile=false
|
||||||
|
|
||||||
+#
|
+#
|
||||||
+# Specifies the system certificate store
|
+# Specifies the system certificate store
|
||||||
+# This property may be disabled using
|
+# This property may be disabled using an empty value
|
||||||
+# -Djava.security.disableSystemCACerts=true
|
|
||||||
+#
|
+#
|
||||||
+security.systemCACerts=${java.home}/lib/security/cacerts
|
+security.systemCACerts=${java.home}/lib/security/cacerts
|
||||||
+
|
+
|
||||||
@ -244,17 +175,16 @@ index 7eda556ae13..325937e97fb 100644
|
|||||||
# Determines the default key and trust manager factory algorithms for
|
# Determines the default key and trust manager factory algorithms for
|
||||||
# the javax.net.ssl package.
|
# the javax.net.ssl package.
|
||||||
diff --git a/jdk/src/share/lib/security/java.security-windows b/jdk/src/share/lib/security/java.security-windows
|
diff --git a/jdk/src/share/lib/security/java.security-windows b/jdk/src/share/lib/security/java.security-windows
|
||||||
index dfa1a669aa9..92ef777e065 100644
|
index 64db5a5cd1e..823994f3466 100644
|
||||||
--- a/jdk/src/share/lib/security/java.security-windows
|
--- a/jdk/src/share/lib/security/java.security-windows
|
||||||
+++ b/jdk/src/share/lib/security/java.security-windows
|
+++ b/jdk/src/share/lib/security/java.security-windows
|
||||||
@@ -297,6 +297,13 @@ security.overridePropertiesFile=true
|
@@ -297,6 +297,12 @@ security.overridePropertiesFile=true
|
||||||
#
|
#
|
||||||
security.useSystemPropertiesFile=false
|
security.useSystemPropertiesFile=false
|
||||||
|
|
||||||
+#
|
+#
|
||||||
+# Specifies the system certificate store
|
+# Specifies the system certificate store
|
||||||
+# This property may be disabled using
|
+# This property may be disabled using an empty value
|
||||||
+# -Djava.security.disableSystemCACerts=true
|
|
||||||
+#
|
+#
|
||||||
+security.systemCACerts=${java.home}/lib/security/cacerts
|
+security.systemCACerts=${java.home}/lib/security/cacerts
|
||||||
+
|
+
|
2
sources
2
sources
@ -1,2 +1,2 @@
|
|||||||
SHA512 (openjdk-shenandoah-jdk8u-shenandoah-jdk8u362-b08-4curve.tar.xz) = e112367213834e0653218a099c8a75558b794702591407170e742a3df6bd5b0780cbf87b85e2a125a50d613ae00501d7ee5bd1708d03a75bca615ef83fc8239b
|
SHA512 (openjdk-shenandoah-jdk8u-shenandoah-jdk8u362-b09-4curve.tar.xz) = 2ed16c616189e7872ecf36c82e86b551b1e6efc4d11a93264db856f01191875a82ddaec3363b5f8296ea225a9a8edf4c0e1504ff27d8474088ba0b2f6fc061d5
|
||||||
SHA512 (tapsets-icedtea-3.15.0.tar.xz) = c752a197cb3d812d50c35e11e4722772be40096c81d2a57933e0d9b8a3c708b9c157b8108a4e33a06ca7bb81648170994408c75d6f69d5ff12785d0c31009671
|
SHA512 (tapsets-icedtea-3.15.0.tar.xz) = c752a197cb3d812d50c35e11e4722772be40096c81d2a57933e0d9b8a3c708b9c157b8108a4e33a06ca7bb81648170994408c75d6f69d5ff12785d0c31009671
|
||||||
|
Loading…
Reference in New Issue
Block a user