Compare commits
No commits in common. "imports/c9/java-1.8.0-openjdk-1.8.0.342.b07-1.el9_0" and "c8" have entirely different histories.
imports/c9
...
c8
|
|
@ -1,2 +1,2 @@
|
|||
SOURCES/openjdk-shenandoah-jdk8u-shenandoah-jdk8u342-b07-4curve.tar.xz
|
||||
SOURCES/shenandoah8u412-b08.tar.xz
|
||||
SOURCES/tapsets-icedtea-3.15.0.tar.xz
|
||||
|
|
|
|||
|
|
@ -1,2 +1,2 @@
|
|||
8c536a306b06fa2d7e6805c4f1a6f79776357926 SOURCES/openjdk-shenandoah-jdk8u-shenandoah-jdk8u342-b07-4curve.tar.xz
|
||||
9cb6b4c557e9a433fe4c16b3996f998335cec8a5 SOURCES/shenandoah8u412-b08.tar.xz
|
||||
7ae2cba67467825b2c2a5fec7aea041865023002 SOURCES/tapsets-icedtea-3.15.0.tar.xz
|
||||
|
|
|
|||
1832
SOURCES/NEWS
1832
SOURCES/NEWS
File diff suppressed because it is too large
Load Diff
|
|
@ -1,8 +1,34 @@
|
|||
Package of LTS OpenJDK 8
|
||||
OpenJDK have release cadence of 6 months. but 3/4 of them are Short Term Supported for 6 months only. This package is designed to harbore them. Currently it is build on openJDK 10. LTSs (next is 11) will go as separate packages.
|
||||
OpenJDK 8 is a Long-Term Support (LTS) release of the Java platform.
|
||||
|
||||
JDK8 is last LTS release of Java platform. It is bringing many cool improvements - http://openjdk.java.net/projects/jdk/8/ and is landing to your RHEL. Where it will be maintained for several years. You will always be allowed to install Used LTSs in build root, and alongside via alternatives.
|
||||
For a list of major changes in OpenJDK 8 (java-1.8.0-openjdk), see the
|
||||
upstream release page: https://openjdk.org/projects/jdk8/features
|
||||
|
||||
See announcement: http://mail.openjdk.java.net/pipermail/discuss/2017-September/004281.html
|
||||
See java SIG plans: https://jvanek.fedorapeople.org/devconf/2018/changesInjavaReleaseProcess.pdf
|
||||
# Rebuilding the OpenJDK package
|
||||
|
||||
The OpenJDK packages are now created from a single build which is then
|
||||
packaged for different major versions of Red Hat Enterprise Linux
|
||||
(RHEL). This allows the OpenJDK team to focus their efforts on the
|
||||
development and testing of this single build, rather than having
|
||||
multiple builds which only differ by the platform they were built on.
|
||||
|
||||
This does make rebuilding the package slightly more complicated than a
|
||||
normal package. Modifications should be made to the
|
||||
`java-1.8.0-openjdk-portable.specfile` file, which can be found with
|
||||
this README file in the source RPM or installed in the documentation
|
||||
tree by the `java-1.8.0-openjdk-headless` RPM.
|
||||
|
||||
Once the modified `java-1.8.0-openjdk-portable` RPMs are built, they
|
||||
should be installed and will produce a number of tarballs in the
|
||||
`/usr/lib/jvm` directory. The `java-1.8.0-openjdk` RPMs can then be
|
||||
built, which will use these tarballs to create the usual RPMs found in
|
||||
RHEL. The `java-1.8.0-openjdk-portable` RPMs can be uninstalled once
|
||||
the desired final RPMs are produced.
|
||||
|
||||
Note that the `java-1.8.0-openjdk.spec` file has a hard requirement on
|
||||
the exact version of java-1.8.0-openjdk-portable to use, so this will
|
||||
need to be modified if the version or rpmrelease values are changed in
|
||||
`java-1.8.0-openjdk-portable.specfile`.
|
||||
|
||||
To reduce the number of RPMs involved, the `fastdebug` and `slowdebug`
|
||||
builds may be disabled using `--without fastdebug` and `--without
|
||||
slowdebug`.
|
||||
|
|
|
|||
|
|
@ -1,3 +1,20 @@
|
|||
/* TestSecurityProperties -- Ensure system security properties can be used to
|
||||
enable the crypto policies.
|
||||
Copyright (C) 2022 Red Hat, Inc.
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU Affero General Public License as
|
||||
published by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU Affero General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU Affero General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
import java.io.File;
|
||||
import java.io.FileInputStream;
|
||||
import java.security.Security;
|
||||
|
|
|
|||
|
|
@ -0,0 +1,160 @@
|
|||
/* TestTranslations -- Ensure translations are available for new timezones
|
||||
Copyright (C) 2022 Red Hat, Inc.
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU Affero General Public License as
|
||||
published by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU Affero General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU Affero General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
import java.text.DateFormatSymbols;
|
||||
|
||||
import java.time.ZoneId;
|
||||
import java.time.format.TextStyle;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
import java.util.Locale;
|
||||
import java.util.Objects;
|
||||
import java.util.TimeZone;
|
||||
|
||||
public class TestTranslations {
|
||||
|
||||
private static Map<Locale,String[]> KYIV, CIUDAD_JUAREZ;
|
||||
|
||||
static {
|
||||
Map<Locale,String[]> map = new HashMap<Locale,String[]>();
|
||||
map.put(Locale.US, new String[] { "Eastern European Time", "GMT+02:00", "EET",
|
||||
"Eastern European Summer Time", "GMT+03:00", "EEST",
|
||||
"Eastern European Time", "GMT+02:00", "EET"});
|
||||
map.put(Locale.FRANCE, new String[] { "Heure d'Europe de l'Est", "UTC+02:00", "EET",
|
||||
"Heure d'\u00e9t\u00e9 d'Europe de l'Est", "UTC+03:00", "EEST",
|
||||
"Heure d'Europe de l'Est", "UTC+02:00", "EET"});
|
||||
map.put(Locale.GERMANY, new String[] { "Osteurop\u00e4ische Zeit", "OEZ", "OEZ",
|
||||
"Osteurop\u00e4ische Sommerzeit", "OESZ", "OESZ",
|
||||
"Osteurop\u00e4ische Zeit", "OEZ", "OEZ"});
|
||||
KYIV = Collections.unmodifiableMap(map);
|
||||
|
||||
map = new HashMap<Locale,String[]>();
|
||||
map.put(Locale.US, new String[] { "Mountain Standard Time", "MST", "MST",
|
||||
"Mountain Daylight Time", "MDT", "MDT",
|
||||
"Mountain Time", "MT", "MT"});
|
||||
map.put(Locale.FRANCE, new String[] { "Heure normale des Rocheuses", "UTC\u221207:00", "MST",
|
||||
"Heure avanc\u00e9e des Rocheuses", "UTC\u221206:00", "MDT",
|
||||
"Rocheuses", "UTC\u221207:00", "MT"});
|
||||
map.put(Locale.GERMANY, new String[] { "Rocky Mountains Normalzeit", "GMT-07:00", "MST",
|
||||
"Rocky Mountains Sommerzeit", "GMT-06:00", "MDT",
|
||||
"Zeitzone Mountain", "GMT-07:00", "MT"});
|
||||
CIUDAD_JUAREZ = Collections.unmodifiableMap(map);
|
||||
}
|
||||
|
||||
|
||||
public static void main(String[] args) {
|
||||
if (args.length < 1) {
|
||||
System.err.println("Test must be started with the name of the locale provider.");
|
||||
System.exit(1);
|
||||
}
|
||||
|
||||
System.out.println("Checking sanity of full zone string set...");
|
||||
boolean invalid = Arrays.stream(Locale.getAvailableLocales())
|
||||
.peek(l -> System.out.println("Locale: " + l))
|
||||
.map(l -> DateFormatSymbols.getInstance(l).getZoneStrings())
|
||||
.flatMap(zs -> Arrays.stream(zs))
|
||||
.flatMap(names -> Arrays.stream(names))
|
||||
.filter(name -> Objects.isNull(name) || name.isEmpty())
|
||||
.findAny()
|
||||
.isPresent();
|
||||
if (invalid) {
|
||||
System.err.println("Zone string for a locale returned null or empty string");
|
||||
System.exit(2);
|
||||
}
|
||||
|
||||
String localeProvider = args[0];
|
||||
testZone(localeProvider, KYIV,
|
||||
new String[] { "Europe/Kiev", "Europe/Kyiv", "Europe/Uzhgorod", "Europe/Zaporozhye" });
|
||||
testZone(localeProvider, CIUDAD_JUAREZ,
|
||||
new String[] { "America/Cambridge_Bay", "America/Ciudad_Juarez" });
|
||||
}
|
||||
|
||||
private static void testZone(String localeProvider, Map<Locale,String[]> exp, String[] ids) {
|
||||
for (Locale l : exp.keySet()) {
|
||||
String[] expected = exp.get(l);
|
||||
System.out.printf("Expected values for %s are %s\n", l, Arrays.toString(expected));
|
||||
for (String id : ids) {
|
||||
String expectedShortStd = null;
|
||||
String expectedShortDST = null;
|
||||
String expectedShortGen = null;
|
||||
|
||||
System.out.printf("Checking locale %s for %s...\n", l, id);
|
||||
|
||||
if ("JRE".equals(localeProvider)) {
|
||||
expectedShortStd = expected[2];
|
||||
expectedShortDST = expected[5];
|
||||
expectedShortGen = expected[8];
|
||||
} else if ("CLDR".equals(localeProvider)) {
|
||||
expectedShortStd = expected[1];
|
||||
expectedShortDST = expected[4];
|
||||
expectedShortGen = expected[7];
|
||||
} else {
|
||||
System.err.printf("Invalid locale provider %s\n", localeProvider);
|
||||
System.exit(3);
|
||||
}
|
||||
System.out.printf("Locale Provider is %s, using short values %s, %s and %s\n",
|
||||
localeProvider, expectedShortStd, expectedShortDST, expectedShortGen);
|
||||
|
||||
String longStd = TimeZone.getTimeZone(id).getDisplayName(false, TimeZone.LONG, l);
|
||||
String shortStd = TimeZone.getTimeZone(id).getDisplayName(false, TimeZone.SHORT, l);
|
||||
String longDST = TimeZone.getTimeZone(id).getDisplayName(true, TimeZone.LONG, l);
|
||||
String shortDST = TimeZone.getTimeZone(id).getDisplayName(true, TimeZone.SHORT, l);
|
||||
String longGen = ZoneId.of(id).getDisplayName(TextStyle.FULL, l);
|
||||
String shortGen = ZoneId.of(id).getDisplayName(TextStyle.SHORT, l);
|
||||
|
||||
if (!expected[0].equals(longStd)) {
|
||||
System.err.printf("Long standard display name for %s in %s was %s, expected %s\n",
|
||||
id, l, longStd, expected[0]);
|
||||
System.exit(4);
|
||||
}
|
||||
|
||||
if (!expectedShortStd.equals(shortStd)) {
|
||||
System.err.printf("Short standard display name for %s in %s was %s, expected %s\n",
|
||||
id, l, shortStd, expectedShortStd);
|
||||
System.exit(5);
|
||||
}
|
||||
|
||||
if (!expected[3].equals(longDST)) {
|
||||
System.err.printf("Long DST display name for %s in %s was %s, expected %s\n",
|
||||
id, l, longDST, expected[3]);
|
||||
System.exit(6);
|
||||
}
|
||||
|
||||
if (!expectedShortDST.equals(shortDST)) {
|
||||
System.err.printf("Short DST display name for %s in %s was %s, expected %s\n",
|
||||
id, l, shortDST, expectedShortDST);
|
||||
System.exit(7);
|
||||
}
|
||||
|
||||
if (!expected[6].equals(longGen)) {
|
||||
System.err.printf("Long generic display name for %s in %s was %s, expected %s\n",
|
||||
id, l, longGen, expected[6]);
|
||||
System.exit(8);
|
||||
}
|
||||
|
||||
if (!expectedShortGen.equals(shortGen)) {
|
||||
System.err.printf("Short generic display name for %s in %s was %s, expected %s\n",
|
||||
id, l, shortGen, expectedShortGen);
|
||||
System.exit(9);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -11,7 +11,7 @@ index 151e5a109f8..a8761b500e0 100644
|
|||
LIB_SETUP_ON_WINDOWS
|
||||
|
||||
diff --git a/common/autoconf/generated-configure.sh b/common/autoconf/generated-configure.sh
|
||||
index e77ce854dc5..ec6e9b27ca5 100644
|
||||
index 71fabf4dbb3..17f4f50673d 100644
|
||||
--- a/common/autoconf/generated-configure.sh
|
||||
+++ b/common/autoconf/generated-configure.sh
|
||||
@@ -651,6 +651,9 @@ LLVM_CONFIG
|
||||
|
|
@ -124,7 +124,7 @@ index e77ce854dc5..ec6e9b27ca5 100644
|
|||
#
|
||||
# Copyright (c) 2011, 2015, Oracle and/or its affiliates. All rights reserved.
|
||||
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||
@@ -49290,6 +49351,157 @@ fi
|
||||
@@ -49304,6 +49365,157 @@ fi
|
||||
LIBS="$save_LIBS"
|
||||
|
||||
|
||||
|
|
@ -1532,7 +1532,7 @@ index ffee2c1603b..98119479823 100644
|
|||
"FIPS mode: KeyStore must be " +
|
||||
"from provider " + SunJSSE.cryptoProvider.getName());
|
||||
diff --git a/jdk/src/share/classes/sun/security/ssl/SSLContextImpl.java b/jdk/src/share/classes/sun/security/ssl/SSLContextImpl.java
|
||||
index cd0e9e98df9..fba760187c0 100644
|
||||
index 820e10164fc..6fe2c29389f 100644
|
||||
--- a/jdk/src/share/classes/sun/security/ssl/SSLContextImpl.java
|
||||
+++ b/jdk/src/share/classes/sun/security/ssl/SSLContextImpl.java
|
||||
@@ -31,6 +31,7 @@ import java.security.*;
|
||||
|
|
@ -1627,8 +1627,8 @@ index cd0e9e98df9..fba760187c0 100644
|
|||
+ };
|
||||
+ }
|
||||
return new ProtocolVersion[]{
|
||||
ProtocolVersion.TLS13,
|
||||
ProtocolVersion.TLS12,
|
||||
ProtocolVersion.TLS11,
|
||||
diff --git a/jdk/src/share/classes/sun/security/ssl/SunJSSE.java b/jdk/src/share/classes/sun/security/ssl/SunJSSE.java
|
||||
index 2845dc37938..52337a7b6cf 100644
|
||||
--- a/jdk/src/share/classes/sun/security/ssl/SunJSSE.java
|
||||
|
|
@ -1659,7 +1659,7 @@ index 2845dc37938..52337a7b6cf 100644
|
|||
"sun.security.ssl.SSLContextImpl$TLSContext");
|
||||
if (isfips == false) {
|
||||
diff --git a/jdk/src/share/lib/security/java.security-aix b/jdk/src/share/lib/security/java.security-aix
|
||||
index d3d64b3facd..bfe0c593adb 100644
|
||||
index 7a93d4e6b59..681a24b905d 100644
|
||||
--- a/jdk/src/share/lib/security/java.security-aix
|
||||
+++ b/jdk/src/share/lib/security/java.security-aix
|
||||
@@ -287,6 +287,13 @@ package.definition=sun.,\
|
||||
|
|
@ -1677,7 +1677,7 @@ index d3d64b3facd..bfe0c593adb 100644
|
|||
# Determines the default key and trust manager factory algorithms for
|
||||
# the javax.net.ssl package.
|
||||
diff --git a/jdk/src/share/lib/security/java.security-linux b/jdk/src/share/lib/security/java.security-linux
|
||||
index db610d4bfbb..9d1c8fe8a8e 100644
|
||||
index 145a84f94cf..789c19a8cba 100644
|
||||
--- a/jdk/src/share/lib/security/java.security-linux
|
||||
+++ b/jdk/src/share/lib/security/java.security-linux
|
||||
@@ -75,6 +75,14 @@ security.provider.7=com.sun.security.sasl.Provider
|
||||
|
|
@ -1722,7 +1722,7 @@ index db610d4bfbb..9d1c8fe8a8e 100644
|
|||
# Determines the default key and trust manager factory algorithms for
|
||||
# the javax.net.ssl package.
|
||||
diff --git a/jdk/src/share/lib/security/java.security-macosx b/jdk/src/share/lib/security/java.security-macosx
|
||||
index a919ba3d5cd..19047c61097 100644
|
||||
index 35fa140d7a5..d4da666af3b 100644
|
||||
--- a/jdk/src/share/lib/security/java.security-macosx
|
||||
+++ b/jdk/src/share/lib/security/java.security-macosx
|
||||
@@ -290,6 +290,13 @@ package.definition=sun.,\
|
||||
|
|
@ -1740,7 +1740,7 @@ index a919ba3d5cd..19047c61097 100644
|
|||
# Determines the default key and trust manager factory algorithms for
|
||||
# the javax.net.ssl package.
|
||||
diff --git a/jdk/src/share/lib/security/java.security-solaris b/jdk/src/share/lib/security/java.security-solaris
|
||||
index 86265ba5fb6..7eda556ae13 100644
|
||||
index f79ba37ddb9..300132384a1 100644
|
||||
--- a/jdk/src/share/lib/security/java.security-solaris
|
||||
+++ b/jdk/src/share/lib/security/java.security-solaris
|
||||
@@ -288,6 +288,13 @@ package.definition=sun.,\
|
||||
|
|
@ -1758,7 +1758,7 @@ index 86265ba5fb6..7eda556ae13 100644
|
|||
# Determines the default key and trust manager factory algorithms for
|
||||
# the javax.net.ssl package.
|
||||
diff --git a/jdk/src/share/lib/security/java.security-windows b/jdk/src/share/lib/security/java.security-windows
|
||||
index 9b4bda23cbe..dfa1a669aa9 100644
|
||||
index d70503ce95f..64db5a5cd1e 100644
|
||||
--- a/jdk/src/share/lib/security/java.security-windows
|
||||
+++ b/jdk/src/share/lib/security/java.security-windows
|
||||
@@ -290,6 +290,13 @@ package.definition=sun.,\
|
||||
File diff suppressed because it is too large
Load Diff
|
|
@ -0,0 +1,286 @@
|
|||
# HG changeset patch
|
||||
# User sherman
|
||||
# Date 1505950914 25200
|
||||
# Wed Sep 20 16:41:54 2017 -0700
|
||||
# Node ID 723486922bfe4c17e3f5c067ce5e97229842fbcd
|
||||
# Parent c8ac05bbe47771b3dafa2e7fc9a95d86d68d7c07
|
||||
8186464: ZipFile cannot read some InfoZip ZIP64 zip files
|
||||
Reviewed-by: martin
|
||||
|
||||
diff --git openjdk.orig/jdk/src/share/demo/nio/zipfs/src/com/sun/nio/zipfs/ZipFileSystem.java openjdk/jdk/src/share/demo/nio/zipfs/src/com/sun/nio/zipfs/ZipFileSystem.java
|
||||
index 26e2a5bf9e9..2630c118817 100644
|
||||
--- openjdk.orig/jdk/src/share/demo/nio/zipfs/src/com/sun/nio/zipfs/ZipFileSystem.java
|
||||
+++ openjdk/jdk/src/share/demo/nio/zipfs/src/com/sun/nio/zipfs/ZipFileSystem.java
|
||||
@@ -92,6 +92,7 @@ public class ZipFileSystem extends FileSystem {
|
||||
private final boolean createNew; // create a new zip if not exists
|
||||
private static final boolean isWindows =
|
||||
System.getProperty("os.name").startsWith("Windows");
|
||||
+ private final boolean forceEnd64;
|
||||
|
||||
// a threshold, in bytes, to decide whether to create a temp file
|
||||
// for outputstream of a zip entry
|
||||
@@ -112,12 +113,13 @@ public class ZipFileSystem extends FileSystem {
|
||||
if (this.defaultDir.charAt(0) != '/')
|
||||
throw new IllegalArgumentException("default dir should be absolute");
|
||||
|
||||
+ this.forceEnd64 = "true".equals(env.get("forceZIP64End"));
|
||||
this.provider = provider;
|
||||
this.zfpath = zfpath;
|
||||
if (Files.notExists(zfpath)) {
|
||||
if (createNew) {
|
||||
try (OutputStream os = Files.newOutputStream(zfpath, CREATE_NEW, WRITE)) {
|
||||
- new END().write(os, 0);
|
||||
+ new END().write(os, 0, forceEnd64);
|
||||
}
|
||||
} else {
|
||||
throw new FileSystemNotFoundException(zfpath.toString());
|
||||
@@ -1014,28 +1016,36 @@ public class ZipFileSystem extends FileSystem {
|
||||
end.cenoff = ENDOFF(buf);
|
||||
end.comlen = ENDCOM(buf);
|
||||
end.endpos = pos + i;
|
||||
- if (end.cenlen == ZIP64_MINVAL ||
|
||||
- end.cenoff == ZIP64_MINVAL ||
|
||||
- end.centot == ZIP64_MINVAL32)
|
||||
- {
|
||||
- // need to find the zip64 end;
|
||||
- byte[] loc64 = new byte[ZIP64_LOCHDR];
|
||||
- if (readFullyAt(loc64, 0, loc64.length, end.endpos - ZIP64_LOCHDR)
|
||||
- != loc64.length) {
|
||||
- return end;
|
||||
- }
|
||||
- long end64pos = ZIP64_LOCOFF(loc64);
|
||||
- byte[] end64buf = new byte[ZIP64_ENDHDR];
|
||||
- if (readFullyAt(end64buf, 0, end64buf.length, end64pos)
|
||||
- != end64buf.length) {
|
||||
- return end;
|
||||
- }
|
||||
- // end64 found, re-calcualte everything.
|
||||
- end.cenlen = ZIP64_ENDSIZ(end64buf);
|
||||
- end.cenoff = ZIP64_ENDOFF(end64buf);
|
||||
- end.centot = (int)ZIP64_ENDTOT(end64buf); // assume total < 2g
|
||||
- end.endpos = end64pos;
|
||||
+ // try if there is zip64 end;
|
||||
+ byte[] loc64 = new byte[ZIP64_LOCHDR];
|
||||
+ if (end.endpos < ZIP64_LOCHDR ||
|
||||
+ readFullyAt(loc64, 0, loc64.length, end.endpos - ZIP64_LOCHDR)
|
||||
+ != loc64.length ||
|
||||
+ !locator64SigAt(loc64, 0)) {
|
||||
+ return end;
|
||||
+ }
|
||||
+ long end64pos = ZIP64_LOCOFF(loc64);
|
||||
+ byte[] end64buf = new byte[ZIP64_ENDHDR];
|
||||
+ if (readFullyAt(end64buf, 0, end64buf.length, end64pos)
|
||||
+ != end64buf.length ||
|
||||
+ !end64SigAt(end64buf, 0)) {
|
||||
+ return end;
|
||||
+ }
|
||||
+ // end64 found,
|
||||
+ long cenlen64 = ZIP64_ENDSIZ(end64buf);
|
||||
+ long cenoff64 = ZIP64_ENDOFF(end64buf);
|
||||
+ long centot64 = ZIP64_ENDTOT(end64buf);
|
||||
+ // double-check
|
||||
+ if (cenlen64 != end.cenlen && end.cenlen != ZIP64_MINVAL ||
|
||||
+ cenoff64 != end.cenoff && end.cenoff != ZIP64_MINVAL ||
|
||||
+ centot64 != end.centot && end.centot != ZIP64_MINVAL32) {
|
||||
+ return end;
|
||||
}
|
||||
+ // to use the end64 values
|
||||
+ end.cenlen = cenlen64;
|
||||
+ end.cenoff = cenoff64;
|
||||
+ end.centot = (int)centot64; // assume total < 2g
|
||||
+ end.endpos = end64pos;
|
||||
return end;
|
||||
}
|
||||
}
|
||||
@@ -1201,7 +1211,7 @@ public class ZipFileSystem extends FileSystem {
|
||||
|
||||
// sync the zip file system, if there is any udpate
|
||||
private void sync() throws IOException {
|
||||
- //System.out.printf("->sync(%s) starting....!%n", toString());
|
||||
+ // System.out.printf("->sync(%s) starting....!%n", toString());
|
||||
// check ex-closer
|
||||
if (!exChClosers.isEmpty()) {
|
||||
for (ExChannelCloser ecc : exChClosers) {
|
||||
@@ -1292,7 +1302,7 @@ public class ZipFileSystem extends FileSystem {
|
||||
}
|
||||
end.centot = elist.size();
|
||||
end.cenlen = written - end.cenoff;
|
||||
- end.write(os, written);
|
||||
+ end.write(os, written, forceEnd64);
|
||||
}
|
||||
if (!streams.isEmpty()) {
|
||||
//
|
||||
@@ -1849,8 +1859,8 @@ public class ZipFileSystem extends FileSystem {
|
||||
long endpos;
|
||||
int disktot;
|
||||
|
||||
- void write(OutputStream os, long offset) throws IOException {
|
||||
- boolean hasZip64 = false;
|
||||
+ void write(OutputStream os, long offset, boolean forceEnd64) throws IOException {
|
||||
+ boolean hasZip64 = forceEnd64; // false;
|
||||
long xlen = cenlen;
|
||||
long xoff = cenoff;
|
||||
if (xlen >= ZIP64_MINVAL) {
|
||||
@@ -1875,8 +1885,8 @@ public class ZipFileSystem extends FileSystem {
|
||||
writeShort(os, 45); // version needed to extract
|
||||
writeInt(os, 0); // number of this disk
|
||||
writeInt(os, 0); // central directory start disk
|
||||
- writeLong(os, centot); // number of directory entires on disk
|
||||
- writeLong(os, centot); // number of directory entires
|
||||
+ writeLong(os, centot); // number of directory entries on disk
|
||||
+ writeLong(os, centot); // number of directory entries
|
||||
writeLong(os, cenlen); // length of central directory
|
||||
writeLong(os, cenoff); // offset of central directory
|
||||
|
||||
diff --git openjdk.orig/jdk/src/share/native/java/util/zip/zip_util.c openjdk/jdk/src/share/native/java/util/zip/zip_util.c
|
||||
index 5fd6fea049d..858e5814e92 100644
|
||||
--- openjdk.orig/jdk/src/share/native/java/util/zip/zip_util.c
|
||||
+++ openjdk/jdk/src/share/native/java/util/zip/zip_util.c
|
||||
@@ -385,6 +385,9 @@ findEND64(jzfile *zip, void *end64buf, jlong endpos)
|
||||
{
|
||||
char loc64[ZIP64_LOCHDR];
|
||||
jlong end64pos;
|
||||
+ if (endpos < ZIP64_LOCHDR) {
|
||||
+ return -1;
|
||||
+ }
|
||||
if (readFullyAt(zip->zfd, loc64, ZIP64_LOCHDR, endpos - ZIP64_LOCHDR) == -1) {
|
||||
return -1; // end64 locator not found
|
||||
}
|
||||
@@ -567,6 +570,7 @@ readCEN(jzfile *zip, jint knownTotal)
|
||||
{
|
||||
/* Following are unsigned 32-bit */
|
||||
jlong endpos, end64pos, cenpos, cenlen, cenoff;
|
||||
+ jlong cenlen64, cenoff64, centot64;
|
||||
/* Following are unsigned 16-bit */
|
||||
jint total, tablelen, i, j;
|
||||
unsigned char *cenbuf = NULL;
|
||||
@@ -594,13 +598,20 @@ readCEN(jzfile *zip, jint knownTotal)
|
||||
cenlen = ENDSIZ(endbuf);
|
||||
cenoff = ENDOFF(endbuf);
|
||||
total = ENDTOT(endbuf);
|
||||
- if (cenlen == ZIP64_MAGICVAL || cenoff == ZIP64_MAGICVAL ||
|
||||
- total == ZIP64_MAGICCOUNT) {
|
||||
- unsigned char end64buf[ZIP64_ENDHDR];
|
||||
- if ((end64pos = findEND64(zip, end64buf, endpos)) != -1) {
|
||||
- cenlen = ZIP64_ENDSIZ(end64buf);
|
||||
- cenoff = ZIP64_ENDOFF(end64buf);
|
||||
- total = (jint)ZIP64_ENDTOT(end64buf);
|
||||
+ unsigned char end64buf[ZIP64_ENDHDR];
|
||||
+ if ((end64pos = findEND64(zip, end64buf, endpos)) != -1) {
|
||||
+ // end64 candidate found,
|
||||
+ cenlen64 = ZIP64_ENDSIZ(end64buf);
|
||||
+ cenoff64 = ZIP64_ENDOFF(end64buf);
|
||||
+ centot64 = ZIP64_ENDTOT(end64buf);
|
||||
+ // double-check
|
||||
+ if ((cenlen64 == cenlen || cenlen == ZIP64_MAGICVAL) &&
|
||||
+ (cenoff64 == cenoff || cenoff == ZIP64_MAGICVAL) &&
|
||||
+ (centot64 == total || total == ZIP64_MAGICCOUNT)) {
|
||||
+ // to use the end64 values
|
||||
+ cenlen = cenlen64;
|
||||
+ cenoff = cenoff64;
|
||||
+ total = (jint)centot64;
|
||||
endpos = end64pos;
|
||||
endhdrlen = ZIP64_ENDHDR;
|
||||
}
|
||||
diff --git openjdk.orig/jdk/test/java/util/zip/ZipFile/ReadZip.java openjdk/jdk/test/java/util/zip/ZipFile/ReadZip.java
|
||||
index ffe8a8ed712..9b380003893 100644
|
||||
--- openjdk.orig/jdk/test/java/util/zip/ZipFile/ReadZip.java
|
||||
+++ openjdk/jdk/test/java/util/zip/ZipFile/ReadZip.java
|
||||
@@ -22,7 +22,7 @@
|
||||
*/
|
||||
|
||||
/* @test
|
||||
- * @bug 4241361 4842702 4985614 6646605 5032358 6923692 6233323 8144977 8184993
|
||||
+ * @bug 4241361 4842702 4985614 6646605 5032358 6923692 6233323 8144977 8184993 8186464
|
||||
* @summary Make sure we can read a zip file.
|
||||
@key randomness
|
||||
* @run main/othervm ReadZip
|
||||
@@ -31,12 +31,24 @@
|
||||
*/
|
||||
|
||||
import java.io.*;
|
||||
+import java.net.URI;
|
||||
import java.nio.file.Files;
|
||||
+import java.nio.file.FileSystem;
|
||||
+import java.nio.file.FileSystems;
|
||||
+import java.nio.file.Path;
|
||||
import java.nio.file.Paths;
|
||||
import java.nio.file.StandardCopyOption;
|
||||
import java.nio.file.StandardOpenOption;
|
||||
+import java.util.Collections;
|
||||
+import java.util.HashMap;
|
||||
+import java.util.List;
|
||||
+import java.util.Map;
|
||||
import java.util.zip.*;
|
||||
|
||||
+import sun.misc.IOUtils;
|
||||
+
|
||||
+import static java.nio.charset.StandardCharsets.US_ASCII;
|
||||
+
|
||||
public class ReadZip {
|
||||
private static void unreached (Object o)
|
||||
throws Exception
|
||||
@@ -144,8 +156,6 @@ public class ReadZip {
|
||||
newZip.delete();
|
||||
}
|
||||
|
||||
-
|
||||
-
|
||||
// Throw a FNF exception when read a non-existing zip file
|
||||
try { unreached (new ZipFile(
|
||||
new File(System.getProperty("test.src", "."),
|
||||
@@ -153,5 +163,54 @@ public class ReadZip {
|
||||
+ String.valueOf(new java.util.Random().nextInt())
|
||||
+ ".zip")));
|
||||
} catch (FileNotFoundException fnfe) {}
|
||||
+
|
||||
+ // read a zip file with ZIP64 end
|
||||
+ Path path = Paths.get(System.getProperty("test.dir", ""), "end64.zip");
|
||||
+ try {
|
||||
+ URI uri = URI.create("jar:" + path.toUri());
|
||||
+ Map<String, Object> env = new HashMap<>();
|
||||
+ env.put("create", "true");
|
||||
+ env.put("forceZIP64End", "true");
|
||||
+ try (FileSystem fs = FileSystems.newFileSystem(uri, env)) {
|
||||
+ Files.write(fs.getPath("hello"), "hello".getBytes());
|
||||
+ }
|
||||
+ try (ZipFile zf = new ZipFile(path.toFile())) {
|
||||
+ if (!"hello".equals(new String(IOUtils.readAllBytes(zf.getInputStream(new ZipEntry("hello"))),
|
||||
+ US_ASCII)))
|
||||
+ throw new RuntimeException("zipfile: read entry failed");
|
||||
+ } catch (IOException x) {
|
||||
+ throw new RuntimeException("zipfile: zip64 end failed");
|
||||
+ }
|
||||
+ try (FileSystem fs = FileSystems.newFileSystem(uri, Collections.emptyMap())) {
|
||||
+ if (!"hello".equals(new String(Files.readAllBytes(fs.getPath("hello")))))
|
||||
+ throw new RuntimeException("zipfs: read entry failed");
|
||||
+ } catch (IOException x) {
|
||||
+ throw new RuntimeException("zipfile: zip64 end failed");
|
||||
+ }
|
||||
+ } finally {
|
||||
+ Files.deleteIfExists(path);
|
||||
+ }
|
||||
+
|
||||
+ // read a zip file created via "echo hello | zip dst.zip -", which uses
|
||||
+ // ZIP64 end record
|
||||
+ if (Files.notExists(Paths.get("/usr/bin/zip")))
|
||||
+ return;
|
||||
+ try {
|
||||
+ Process zip = new ProcessBuilder("zip", path.toString().toString(), "-").start();
|
||||
+ OutputStream os = zip.getOutputStream();
|
||||
+ os.write("hello".getBytes(US_ASCII));
|
||||
+ os.close();
|
||||
+ zip.waitFor();
|
||||
+ if (zip.exitValue() == 0 && Files.exists(path)) {
|
||||
+ try (ZipFile zf = new ZipFile(path.toFile())) {
|
||||
+ if (!"hello".equals(new String(IOUtils.readAllBytes(zf.getInputStream(new ZipEntry("-"))))))
|
||||
+ throw new RuntimeException("zipfile: read entry failed");
|
||||
+ } catch (IOException x) {
|
||||
+ throw new RuntimeException("zipfile: zip64 end failed");
|
||||
+ }
|
||||
+ }
|
||||
+ } finally {
|
||||
+ Files.deleteIfExists(path);
|
||||
+ }
|
||||
}
|
||||
}
|
||||
|
|
@ -1,125 +0,0 @@
|
|||
# HG changeset patch
|
||||
# User mbalao
|
||||
# Date 1529971845 -28800
|
||||
# Tue Jun 26 08:10:45 2018 +0800
|
||||
# Node ID e9c20b7250cd98d16a67f2a30b34284c2caa01dc
|
||||
# Parent 9f1aa2e38d90dd60522237d7414af6bdcf03c4ff
|
||||
8195607, PR3776: sun/security/pkcs11/Secmod/TestNssDbSqlite.java failed with "NSS initialization failed" on NSS 3.34.1
|
||||
Reviewed-by: valeriep, weijun
|
||||
|
||||
diff --git openjdk.orig/jdk/src/share/classes/sun/security/pkcs11/Secmod.java openjdk/jdk/src/share/classes/sun/security/pkcs11/Secmod.java
|
||||
--- openjdk.orig/jdk/src/share/classes/sun/security/pkcs11/Secmod.java
|
||||
+++ openjdk/jdk/src/share/classes/sun/security/pkcs11/Secmod.java
|
||||
@@ -197,7 +197,7 @@
|
||||
|
||||
if (configDir != null) {
|
||||
String configDirPath = null;
|
||||
- String sqlPrefix = "sql:/";
|
||||
+ String sqlPrefix = "sql:";
|
||||
if (!configDir.startsWith(sqlPrefix)) {
|
||||
configDirPath = configDir;
|
||||
} else {
|
||||
diff --git openjdk.orig/jdk/src/share/native/sun/security/pkcs11/j2secmod.c openjdk/jdk/src/share/native/sun/security/pkcs11/j2secmod.c
|
||||
--- openjdk.orig/jdk/src/share/native/sun/security/pkcs11/j2secmod.c
|
||||
+++ openjdk/jdk/src/share/native/sun/security/pkcs11/j2secmod.c
|
||||
@@ -69,9 +69,14 @@
|
||||
int res = 0;
|
||||
FPTR_Initialize initialize =
|
||||
(FPTR_Initialize)findFunction(env, jHandle, "NSS_Initialize");
|
||||
+ #ifdef SECMOD_DEBUG
|
||||
+ FPTR_GetError getError =
|
||||
+ (FPTR_GetError)findFunction(env, jHandle, "PORT_GetError");
|
||||
+ #endif // SECMOD_DEBUG
|
||||
unsigned int flags = 0x00;
|
||||
const char *configDir = NULL;
|
||||
const char *functionName = NULL;
|
||||
+ const char *configFile = NULL;
|
||||
|
||||
/* If we cannot initialize, exit now */
|
||||
if (initialize == NULL) {
|
||||
@@ -97,13 +102,18 @@
|
||||
flags = 0x20; // NSS_INIT_OPTIMIZESPACE flag
|
||||
}
|
||||
|
||||
+ configFile = "secmod.db";
|
||||
+ if (configDir != NULL && strncmp("sql:", configDir, 4U) == 0) {
|
||||
+ configFile = "pkcs11.txt";
|
||||
+ }
|
||||
+
|
||||
/*
|
||||
* If the NSS_Init function is requested then call NSS_Initialize to
|
||||
* open the Cert, Key and Security Module databases, read only.
|
||||
*/
|
||||
if (strcmp("NSS_Init", functionName) == 0) {
|
||||
flags = flags | 0x01; // NSS_INIT_READONLY flag
|
||||
- res = initialize(configDir, "", "", "secmod.db", flags);
|
||||
+ res = initialize(configDir, "", "", configFile, flags);
|
||||
|
||||
/*
|
||||
* If the NSS_InitReadWrite function is requested then call
|
||||
@@ -111,7 +121,7 @@
|
||||
* read/write.
|
||||
*/
|
||||
} else if (strcmp("NSS_InitReadWrite", functionName) == 0) {
|
||||
- res = initialize(configDir, "", "", "secmod.db", flags);
|
||||
+ res = initialize(configDir, "", "", configFile, flags);
|
||||
|
||||
/*
|
||||
* If the NSS_NoDB_Init function is requested then call
|
||||
@@ -137,6 +147,13 @@
|
||||
(*env)->ReleaseStringUTFChars(env, jConfigDir, configDir);
|
||||
}
|
||||
dprintf1("-res: %d\n", res);
|
||||
+ #ifdef SECMOD_DEBUG
|
||||
+ if (res == -1) {
|
||||
+ if (getError != NULL) {
|
||||
+ dprintf1("-NSS error: %d\n", getError());
|
||||
+ }
|
||||
+ }
|
||||
+ #endif // SECMOD_DEBUG
|
||||
|
||||
return (res == 0) ? JNI_TRUE : JNI_FALSE;
|
||||
}
|
||||
diff --git openjdk.orig/jdk/src/solaris/native/sun/security/pkcs11/j2secmod_md.h openjdk/jdk/src/solaris/native/sun/security/pkcs11/j2secmod_md.h
|
||||
--- openjdk.orig/jdk/src/solaris/native/sun/security/pkcs11/j2secmod_md.h
|
||||
+++ openjdk/jdk/src/solaris/native/sun/security/pkcs11/j2secmod_md.h
|
||||
@@ -34,6 +34,10 @@
|
||||
const char *certPrefix, const char *keyPrefix,
|
||||
const char *secmodName, unsigned int flags);
|
||||
|
||||
+#ifdef SECMOD_DEBUG
|
||||
+typedef int (*FPTR_GetError)(void);
|
||||
+#endif //SECMOD_DEBUG
|
||||
+
|
||||
// in secmod.h
|
||||
//extern SECMODModule *SECMOD_LoadModule(char *moduleSpec,SECMODModule *parent,
|
||||
// PRBool recurse);
|
||||
diff --git openjdk.orig/jdk/test/sun/security/pkcs11/Secmod/pkcs11.txt openjdk/jdk/test/sun/security/pkcs11/Secmod/pkcs11.txt
|
||||
new file mode 100644
|
||||
--- /dev/null
|
||||
+++ openjdk/jdk/test/sun/security/pkcs11/Secmod/pkcs11.txt
|
||||
@@ -0,0 +1,4 @@
|
||||
+library=
|
||||
+name=NSS Internal PKCS #11 Module
|
||||
+parameters=configdir='sql:./tmpdb' certPrefix='' keyPrefix='' secmod='' flags= updatedir='' updateCertPrefix='' updateKeyPrefix='' updateid='' updateTokenDescription=''
|
||||
+NSS=Flags=internal,critical trustOrder=75 cipherOrder=100 slotParams=(1={slotFlags=[RSA,DSA,DH,RC2,RC4,DES,RANDOM,SHA1,MD5,MD2,SSL,TLS,AES,Camellia,SEED,SHA256,SHA512] askpw=any timeout=30})
|
||||
diff --git openjdk.orig/jdk/test/sun/security/pkcs11/SecmodTest.java openjdk/jdk/test/sun/security/pkcs11/SecmodTest.java
|
||||
--- openjdk.orig/jdk/test/sun/security/pkcs11/SecmodTest.java
|
||||
+++ openjdk/jdk/test/sun/security/pkcs11/SecmodTest.java
|
||||
@@ -55,7 +55,7 @@
|
||||
|
||||
DBDIR = System.getProperty("test.classes", ".") + SEP + "tmpdb";
|
||||
if (useSqlite) {
|
||||
- System.setProperty("pkcs11test.nss.db", "sql:/" + DBDIR);
|
||||
+ System.setProperty("pkcs11test.nss.db", "sql:" + DBDIR);
|
||||
} else {
|
||||
System.setProperty("pkcs11test.nss.db", DBDIR);
|
||||
}
|
||||
@@ -67,6 +67,7 @@
|
||||
if (useSqlite) {
|
||||
copyFile("key4.db", BASE, DBDIR);
|
||||
copyFile("cert9.db", BASE, DBDIR);
|
||||
+ copyFile("pkcs11.txt", BASE, DBDIR);
|
||||
} else {
|
||||
copyFile("secmod.db", BASE, DBDIR);
|
||||
copyFile("key3.db", BASE, DBDIR);
|
||||
|
|
@ -1,12 +0,0 @@
|
|||
diff --git openjdk.orig/hotspot/src/os/linux/vm/perfMemory_linux.cpp openjdk/hotspot/src/os/linux/vm/perfMemory_linux.cpp
|
||||
--- openjdk.orig/hotspot/src/os/linux/vm/perfMemory_linux.cpp
|
||||
+++ openjdk/hotspot/src/os/linux/vm/perfMemory_linux.cpp
|
||||
@@ -878,7 +878,7 @@
|
||||
|
||||
// open the file
|
||||
int result;
|
||||
- RESTARTABLE(::open(filename, oflags), result);
|
||||
+ RESTARTABLE(::open(filename, oflags, 0), result);
|
||||
if (result == OS_ERR) {
|
||||
if (errno == ENOENT) {
|
||||
THROW_MSG_(vmSymbols::java_lang_IllegalArgumentException(),
|
||||
|
|
@ -1,26 +0,0 @@
|
|||
diff --git openjdk.orig/jdk/src/share/classes/com/sun/jndi/ldap/LdapCtxFactory.java openjdk/jdk/src/share/classes/com/sun/jndi/ldap/LdapCtxFactory.java
|
||||
index cf4becb7db..4ab2ac0a31 100644
|
||||
--- openjdk.orig/jdk/src/share/classes/com/sun/jndi/ldap/LdapCtxFactory.java
|
||||
+++ openjdk/jdk/src/share/classes/com/sun/jndi/ldap/LdapCtxFactory.java
|
||||
@@ -189,6 +189,10 @@ final public class LdapCtxFactory implements ObjectFactory, InitialContextFactor
|
||||
ctx = getLdapCtxFromUrl(
|
||||
r.getDomainName(), url, new LdapURL(u), env);
|
||||
return ctx;
|
||||
+ } catch (AuthenticationException e) {
|
||||
+ // do not retry on a different endpoint to avoid blocking
|
||||
+ // the user if authentication credentials are wrong.
|
||||
+ throw e;
|
||||
} catch (NamingException e) {
|
||||
// try the next element
|
||||
lastException = e;
|
||||
@@ -241,6 +245,10 @@ final public class LdapCtxFactory implements ObjectFactory, InitialContextFactor
|
||||
for (String u : urls) {
|
||||
try {
|
||||
return getUsingURL(u, env);
|
||||
+ } catch (AuthenticationException e) {
|
||||
+ // do not retry on a different URL to avoid blocking
|
||||
+ // the user if authentication credentials are wrong.
|
||||
+ throw e;
|
||||
} catch (NamingException e) {
|
||||
ex = e;
|
||||
}
|
||||
|
|
@ -7,10 +7,11 @@
|
|||
8074839: Resolve disabled warnings for libunpack and the unpack200 binary
|
||||
Reviewed-by: dholmes, ksrini
|
||||
|
||||
diff --git openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/bytes.h openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/bytes.h
|
||||
--- openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/bytes.h
|
||||
diff --git openjdk.orig/jdk/src/share/native/com/sun/java/util/jar/pack/bytes.h openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/bytes.h
|
||||
index bdaf95a2f6a..60c5b4f2a69 100644
|
||||
--- openjdk.orig/jdk/src/share/native/com/sun/java/util/jar/pack/bytes.h
|
||||
+++ openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/bytes.h
|
||||
@@ -63,7 +63,7 @@
|
||||
@@ -63,7 +63,7 @@ struct bytes {
|
||||
bytes res;
|
||||
res.ptr = ptr + beg;
|
||||
res.len = end - beg;
|
||||
|
|
@ -19,10 +20,11 @@ diff --git openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/bytes.h openj
|
|||
return res;
|
||||
}
|
||||
// building C strings inside byte buffers:
|
||||
diff --git openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/jni.cpp openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/jni.cpp
|
||||
--- openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/jni.cpp
|
||||
diff --git openjdk.orig/jdk/src/share/native/com/sun/java/util/jar/pack/jni.cpp openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/jni.cpp
|
||||
index 5fbc7261fb3..4c002e779d8 100644
|
||||
--- openjdk.orig/jdk/src/share/native/com/sun/java/util/jar/pack/jni.cpp
|
||||
+++ openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/jni.cpp
|
||||
@@ -292,7 +292,7 @@
|
||||
@@ -292,7 +292,7 @@ Java_com_sun_java_util_jar_pack_NativeUnpack_getUnusedInput(JNIEnv *env, jobject
|
||||
|
||||
if (uPtr->aborting()) {
|
||||
THROW_IOE(uPtr->get_abort_message());
|
||||
|
|
@ -31,16 +33,16 @@ diff --git openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/jni.cpp openj
|
|||
}
|
||||
|
||||
// We have fetched all the files.
|
||||
@@ -310,7 +310,7 @@
|
||||
JNIEXPORT jlong JNICALL
|
||||
Java_com_sun_java_util_jar_pack_NativeUnpack_finish(JNIEnv *env, jobject pObj) {
|
||||
unpacker* uPtr = get_unpacker(env, pObj, false);
|
||||
@@ -312,7 +312,7 @@ Java_com_sun_java_util_jar_pack_NativeUnpack_finish(JNIEnv *env, jobject pObj) {
|
||||
// There's no need to create a new unpacker here if we don't already have one
|
||||
// just to immediatly free it afterwards.
|
||||
unpacker* uPtr = get_unpacker(env, pObj, /* noCreate= */ true);
|
||||
- CHECK_EXCEPTION_RETURN_VALUE(uPtr, NULL);
|
||||
+ CHECK_EXCEPTION_RETURN_VALUE(uPtr, 0);
|
||||
size_t consumed = uPtr->input_consumed();
|
||||
// free_unpacker() will set the unpacker field on 'pObj' to null
|
||||
free_unpacker(env, pObj, uPtr);
|
||||
return consumed;
|
||||
@@ -320,6 +320,7 @@
|
||||
@@ -323,6 +323,7 @@ JNIEXPORT jboolean JNICALL
|
||||
Java_com_sun_java_util_jar_pack_NativeUnpack_setOption(JNIEnv *env, jobject pObj,
|
||||
jstring pProp, jstring pValue) {
|
||||
unpacker* uPtr = get_unpacker(env, pObj);
|
||||
|
|
@ -48,10 +50,11 @@ diff --git openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/jni.cpp openj
|
|||
const char* prop = env->GetStringUTFChars(pProp, JNI_FALSE);
|
||||
CHECK_EXCEPTION_RETURN_VALUE(prop, false);
|
||||
const char* value = env->GetStringUTFChars(pValue, JNI_FALSE);
|
||||
diff --git openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/main.cpp openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/main.cpp
|
||||
--- openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/main.cpp
|
||||
diff --git openjdk.orig/jdk/src/share/native/com/sun/java/util/jar/pack/main.cpp openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/main.cpp
|
||||
index 6fbc43a18ae..722c8baaff0 100644
|
||||
--- openjdk.orig/jdk/src/share/native/com/sun/java/util/jar/pack/main.cpp
|
||||
+++ openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/main.cpp
|
||||
@@ -142,31 +142,28 @@
|
||||
@@ -142,31 +142,28 @@ static const char* nbasename(const char* progname) {
|
||||
return progname;
|
||||
}
|
||||
|
||||
|
|
@ -101,10 +104,11 @@ diff --git openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/main.cpp open
|
|||
}
|
||||
}
|
||||
|
||||
diff --git openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.cpp openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.cpp
|
||||
--- openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.cpp
|
||||
diff --git openjdk.orig/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.cpp openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.cpp
|
||||
index 56f391b1e87..f0a25f8cd20 100644
|
||||
--- openjdk.orig/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.cpp
|
||||
+++ openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.cpp
|
||||
@@ -222,9 +222,9 @@
|
||||
@@ -225,9 +225,9 @@ struct entry {
|
||||
}
|
||||
|
||||
#ifdef PRODUCT
|
||||
|
|
@ -116,7 +120,7 @@ diff --git openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.cpp op
|
|||
#endif
|
||||
};
|
||||
|
||||
@@ -715,13 +715,13 @@
|
||||
@@ -718,13 +718,13 @@ void unpacker::read_file_header() {
|
||||
// Now we can size the whole archive.
|
||||
// Read everything else into a mega-buffer.
|
||||
rp = hdr.rp;
|
||||
|
|
@ -134,7 +138,7 @@ diff --git openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.cpp op
|
|||
abort("EOF reading fixed input buffer");
|
||||
return;
|
||||
}
|
||||
@@ -735,7 +735,7 @@
|
||||
@@ -738,7 +738,7 @@ void unpacker::read_file_header() {
|
||||
return;
|
||||
}
|
||||
input.set(U_NEW(byte, add_size(header_size_0, archive_size, C_SLOP)),
|
||||
|
|
@ -143,7 +147,7 @@ diff --git openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.cpp op
|
|||
CHECK;
|
||||
assert(input.limit()[0] == 0);
|
||||
// Move all the bytes we read initially into the real buffer.
|
||||
@@ -958,13 +958,13 @@
|
||||
@@ -961,13 +961,13 @@ void cpool::init(unpacker* u_, int counts[CONSTANT_Limit]) {
|
||||
nentries = next_entry;
|
||||
|
||||
// place a limit on future CP growth:
|
||||
|
|
@ -159,7 +163,7 @@ diff --git openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.cpp op
|
|||
|
||||
// Note that this CP does not include "empty" entries
|
||||
// for longs and doubles. Those are introduced when
|
||||
@@ -982,8 +982,9 @@
|
||||
@@ -985,8 +985,9 @@ void cpool::init(unpacker* u_, int counts[CONSTANT_Limit]) {
|
||||
}
|
||||
|
||||
// Initialize *all* our entries once
|
||||
|
|
@ -170,7 +174,7 @@ diff --git openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.cpp op
|
|||
|
||||
initGroupIndexes();
|
||||
// Initialize hashTab to a generous power-of-two size.
|
||||
@@ -3677,21 +3678,22 @@
|
||||
@@ -3681,21 +3682,22 @@ void cpool::computeOutputIndexes() {
|
||||
|
||||
unpacker* debug_u;
|
||||
|
||||
|
|
@ -197,7 +201,7 @@ diff --git openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.cpp op
|
|||
case CONSTANT_Signature:
|
||||
if (value.b.ptr == null)
|
||||
return ref(0)->string();
|
||||
@@ -3711,26 +3713,28 @@
|
||||
@@ -3715,26 +3717,28 @@ char* entry::string() {
|
||||
break;
|
||||
default:
|
||||
if (nrefs == 0) {
|
||||
|
|
@ -235,10 +239,11 @@ diff --git openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.cpp op
|
|||
}
|
||||
|
||||
void print_cp_entries(int beg, int end) {
|
||||
diff --git openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.h openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.h
|
||||
--- openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.h
|
||||
diff --git openjdk.orig/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.h openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.h
|
||||
index cec7a88b24e..ed5f3336a59 100644
|
||||
--- openjdk.orig/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.h
|
||||
+++ openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.h
|
||||
@@ -209,7 +209,7 @@
|
||||
@@ -209,7 +209,7 @@ struct unpacker {
|
||||
byte* rp; // read pointer (< rplimit <= input.limit())
|
||||
byte* rplimit; // how much of the input block has been read?
|
||||
julong bytes_read;
|
||||
|
|
@ -247,10 +252,11 @@ diff --git openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.h open
|
|||
|
||||
// callback to read at least one byte, up to available input
|
||||
typedef jlong (*read_input_fn_t)(unpacker* self, void* buf, jlong minlen, jlong maxlen);
|
||||
diff --git openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/utils.cpp openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/utils.cpp
|
||||
--- openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/utils.cpp
|
||||
diff --git openjdk.orig/jdk/src/share/native/com/sun/java/util/jar/pack/utils.cpp openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/utils.cpp
|
||||
index e5197e1a3f1..40a10055ea5 100644
|
||||
--- openjdk.orig/jdk/src/share/native/com/sun/java/util/jar/pack/utils.cpp
|
||||
+++ openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/utils.cpp
|
||||
@@ -81,7 +81,7 @@
|
||||
@@ -81,7 +81,7 @@ void breakpoint() { } // hook for debugger
|
||||
int assert_failed(const char* p) {
|
||||
char message[1<<12];
|
||||
sprintf(message, "@assert failed: %s\n", p);
|
||||
|
|
@ -259,10 +265,11 @@ diff --git openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/utils.cpp ope
|
|||
breakpoint();
|
||||
unpack_abort(message);
|
||||
return 0;
|
||||
diff --git openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/zip.cpp openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/zip.cpp
|
||||
--- openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/zip.cpp
|
||||
diff --git openjdk.orig/jdk/src/share/native/com/sun/java/util/jar/pack/zip.cpp openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/zip.cpp
|
||||
index f58c94956c0..343da3e183b 100644
|
||||
--- openjdk.orig/jdk/src/share/native/com/sun/java/util/jar/pack/zip.cpp
|
||||
+++ openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/zip.cpp
|
||||
@@ -84,7 +84,7 @@
|
||||
@@ -84,7 +84,7 @@ void jar::init(unpacker* u_) {
|
||||
}
|
||||
|
||||
// Write data to the ZIP output stream.
|
||||
|
|
@ -271,7 +278,7 @@ diff --git openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/zip.cpp openj
|
|||
while (len > 0) {
|
||||
int rc = (int)fwrite(buff, 1, len, jarfp);
|
||||
if (rc <= 0) {
|
||||
@@ -323,12 +323,12 @@
|
||||
@@ -323,12 +323,12 @@ void jar::write_central_directory() {
|
||||
// Total number of disks (int)
|
||||
header64[36] = (ushort)SWAP_BYTES(1);
|
||||
header64[37] = 0;
|
||||
|
|
@ -286,10 +293,11 @@ diff --git openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/zip.cpp openj
|
|||
|
||||
PRINTCR((2, "writing zip comment\n"));
|
||||
// Write the comment.
|
||||
diff --git openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/zip.h openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/zip.h
|
||||
--- openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/zip.h
|
||||
diff --git openjdk.orig/jdk/src/share/native/com/sun/java/util/jar/pack/zip.h openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/zip.h
|
||||
index 14ffc9d65bd..9877f6f68ca 100644
|
||||
--- openjdk.orig/jdk/src/share/native/com/sun/java/util/jar/pack/zip.h
|
||||
+++ openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/zip.h
|
||||
@@ -68,8 +68,8 @@
|
||||
@@ -68,8 +68,8 @@ struct jar {
|
||||
}
|
||||
|
||||
// Private Methods
|
||||
|
|
|
|||
|
|
@ -1,63 +0,0 @@
|
|||
# HG changeset patch
|
||||
# User andrew
|
||||
# Date 1459487045 -3600
|
||||
# Fri Apr 01 06:04:05 2016 +0100
|
||||
# Node ID 3334efeacd8327a14b7d2f392f4546e3c29c594b
|
||||
# Parent 6b81fd2227d14226f2121f2d51b464536925686e
|
||||
PR2888: OpenJDK should check for system cacerts database (e.g. /etc/pki/java/cacerts)
|
||||
PR3575: System cacerts database handling should not affect jssecacerts
|
||||
|
||||
diff --git openjdk.orig/jdk/src/share/classes/sun/security/ssl/TrustStoreManager.java openjdk/jdk/src/share/classes/sun/security/ssl/TrustStoreManager.java
|
||||
--- openjdk.orig/jdk/src/share/classes/sun/security/ssl/TrustStoreManager.java
|
||||
+++ openjdk/jdk/src/share/classes/sun/security/ssl/TrustStoreManager.java
|
||||
@@ -72,7 +72,7 @@
|
||||
* The preference of the default trusted KeyStore is:
|
||||
* javax.net.ssl.trustStore
|
||||
* jssecacerts
|
||||
- * cacerts
|
||||
+ * cacerts (system and local)
|
||||
*/
|
||||
private static final class TrustStoreDescriptor {
|
||||
private static final String fileSep = File.separator;
|
||||
@@ -83,6 +83,10 @@
|
||||
defaultStorePath + fileSep + "cacerts";
|
||||
private static final String jsseDefaultStore =
|
||||
defaultStorePath + fileSep + "jssecacerts";
|
||||
+ /* Check system cacerts DB: /etc/pki/java/cacerts */
|
||||
+ private static final String systemStore =
|
||||
+ fileSep + "etc" + fileSep + "pki" +
|
||||
+ fileSep + "java" + fileSep + "cacerts";
|
||||
|
||||
// the trust store name
|
||||
private final String storeName;
|
||||
@@ -146,7 +150,8 @@
|
||||
long temporaryTime = 0L;
|
||||
if (!"NONE".equals(storePropName)) {
|
||||
String[] fileNames =
|
||||
- new String[] {storePropName, defaultStore};
|
||||
+ new String[] {storePropName,
|
||||
+ systemStore, defaultStore};
|
||||
for (String fileName : fileNames) {
|
||||
File f = new File(fileName);
|
||||
if (f.isFile() && f.canRead()) {
|
||||
diff --git openjdk.orig/jdk/src/share/classes/sun/security/tools/KeyStoreUtil.java openjdk/jdk/src/share/classes/sun/security/tools/KeyStoreUtil.java
|
||||
--- openjdk.orig/jdk/src/share/classes/sun/security/tools/KeyStoreUtil.java
|
||||
+++ openjdk/jdk/src/share/classes/sun/security/tools/KeyStoreUtil.java
|
||||
@@ -108,9 +108,14 @@
|
||||
throws Exception
|
||||
{
|
||||
String sep = File.separator;
|
||||
- File file = new File(System.getProperty("java.home") + sep
|
||||
- + "lib" + sep + "security" + sep
|
||||
- + "cacerts");
|
||||
+ /* Check system cacerts DB first; /etc/pki/java/cacerts */
|
||||
+ File file = new File(sep + "etc" + sep + "pki" + sep
|
||||
+ + "java" + sep + "cacerts");
|
||||
+ if (!file.exists()) {
|
||||
+ file = new File(System.getProperty("java.home") + sep
|
||||
+ + "lib" + sep + "security" + sep
|
||||
+ + "cacerts");
|
||||
+ }
|
||||
if (!file.exists()) {
|
||||
return null;
|
||||
}
|
||||
|
|
@ -0,0 +1,193 @@
|
|||
diff --git a/jdk/src/share/classes/sun/security/ssl/TrustStoreManager.java b/jdk/src/share/classes/sun/security/ssl/TrustStoreManager.java
|
||||
index e7b4763db53..0005e56f528 100644
|
||||
--- a/jdk/src/share/classes/sun/security/ssl/TrustStoreManager.java
|
||||
+++ b/jdk/src/share/classes/sun/security/ssl/TrustStoreManager.java
|
||||
@@ -31,6 +31,7 @@ import java.security.*;
|
||||
import java.security.cert.*;
|
||||
import java.util.*;
|
||||
import sun.security.action.*;
|
||||
+import sun.security.tools.KeyStoreUtil;
|
||||
import sun.security.validator.TrustStoreUtil;
|
||||
|
||||
/**
|
||||
@@ -68,7 +69,7 @@ final class TrustStoreManager {
|
||||
* The preference of the default trusted KeyStore is:
|
||||
* javax.net.ssl.trustStore
|
||||
* jssecacerts
|
||||
- * cacerts
|
||||
+ * cacerts (system and local)
|
||||
*/
|
||||
private static final class TrustStoreDescriptor {
|
||||
private static final String fileSep = File.separator;
|
||||
@@ -76,7 +77,8 @@ final class TrustStoreManager {
|
||||
GetPropertyAction.privilegedGetProperty("java.home") +
|
||||
fileSep + "lib" + fileSep + "security";
|
||||
private static final String defaultStore =
|
||||
- defaultStorePath + fileSep + "cacerts";
|
||||
+ AccessController.doPrivileged((PrivilegedAction<String>) () ->
|
||||
+ KeyStoreUtil.getCacertsKeyStorePath());
|
||||
private static final String jsseDefaultStore =
|
||||
defaultStorePath + fileSep + "jssecacerts";
|
||||
|
||||
@@ -139,6 +141,10 @@ final class TrustStoreManager {
|
||||
String storePropPassword = System.getProperty(
|
||||
"javax.net.ssl.trustStorePassword", "");
|
||||
|
||||
+ if (SSLLogger.isOn && SSLLogger.isOn("trustmanager")) {
|
||||
+ SSLLogger.fine("Default store: " + defaultStore);
|
||||
+ }
|
||||
+
|
||||
String temporaryName = "";
|
||||
File temporaryFile = null;
|
||||
long temporaryTime = 0L;
|
||||
@@ -160,7 +166,7 @@ final class TrustStoreManager {
|
||||
SSLLogger.isOn("trustmanager")) {
|
||||
SSLLogger.fine(
|
||||
"Inaccessible trust store: " +
|
||||
- storePropName);
|
||||
+ fileName);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
diff --git a/jdk/src/share/classes/sun/security/tools/KeyStoreUtil.java b/jdk/src/share/classes/sun/security/tools/KeyStoreUtil.java
|
||||
index fcc77786da1..3a4388964cc 100644
|
||||
--- a/jdk/src/share/classes/sun/security/tools/KeyStoreUtil.java
|
||||
+++ b/jdk/src/share/classes/sun/security/tools/KeyStoreUtil.java
|
||||
@@ -41,6 +41,8 @@ import java.text.Collator;
|
||||
import java.util.Locale;
|
||||
import java.util.ResourceBundle;
|
||||
|
||||
+import sun.security.util.SecurityProperties;
|
||||
+
|
||||
/**
|
||||
* <p> This class provides several utilities to <code>KeyStore</code>.
|
||||
*
|
||||
@@ -54,6 +56,8 @@ public class KeyStoreUtil {
|
||||
|
||||
private static final String JKS = "jks";
|
||||
|
||||
+ private static final String SYSTEM_CA_CERTS_PROP = "security.systemCACerts";
|
||||
+
|
||||
/**
|
||||
* Returns true if the certificate is self-signed, false otherwise.
|
||||
*/
|
||||
@@ -96,16 +100,30 @@ public class KeyStoreUtil {
|
||||
}
|
||||
}
|
||||
|
||||
+ /**
|
||||
+ * Returns the path to the cacerts DB
|
||||
+ */
|
||||
+ public static String getCacertsKeyStorePath()
|
||||
+ {
|
||||
+ // Check system DB first, preferring system property over security one
|
||||
+ String systemDB = SecurityProperties
|
||||
+ .privilegedGetOverridable(SYSTEM_CA_CERTS_PROP);
|
||||
+ if (systemDB != null && !"".equals(systemDB) &&
|
||||
+ (new File(systemDB)).isFile()) {
|
||||
+ return systemDB;
|
||||
+ }
|
||||
+ String sep = File.separator;
|
||||
+ return System.getProperty("java.home") + sep
|
||||
+ + "lib" + sep + "security" + sep + "cacerts";
|
||||
+ }
|
||||
+
|
||||
/**
|
||||
* Returns the keystore with the configured CA certificates.
|
||||
*/
|
||||
public static KeyStore getCacertsKeyStore()
|
||||
throws Exception
|
||||
{
|
||||
- String sep = File.separator;
|
||||
- File file = new File(System.getProperty("java.home") + sep
|
||||
- + "lib" + sep + "security" + sep
|
||||
- + "cacerts");
|
||||
+ File file = new File(getCacertsKeyStorePath());
|
||||
if (!file.exists()) {
|
||||
return null;
|
||||
}
|
||||
diff --git a/jdk/src/share/lib/security/java.security-aix b/jdk/src/share/lib/security/java.security-aix
|
||||
index 681a24b905d..ecb8bc43a6c 100644
|
||||
--- a/jdk/src/share/lib/security/java.security-aix
|
||||
+++ b/jdk/src/share/lib/security/java.security-aix
|
||||
@@ -294,6 +294,12 @@ security.overridePropertiesFile=true
|
||||
#
|
||||
security.useSystemPropertiesFile=false
|
||||
|
||||
+#
|
||||
+# Specifies the system certificate store
|
||||
+# This property may be disabled using an empty value
|
||||
+#
|
||||
+security.systemCACerts=${java.home}/lib/security/cacerts
|
||||
+
|
||||
#
|
||||
# Determines the default key and trust manager factory algorithms for
|
||||
# the javax.net.ssl package.
|
||||
diff --git a/jdk/src/share/lib/security/java.security-linux b/jdk/src/share/lib/security/java.security-linux
|
||||
index 789c19a8cba..2546fdec9b2 100644
|
||||
--- a/jdk/src/share/lib/security/java.security-linux
|
||||
+++ b/jdk/src/share/lib/security/java.security-linux
|
||||
@@ -307,6 +307,12 @@ security.overridePropertiesFile=true
|
||||
#
|
||||
security.useSystemPropertiesFile=false
|
||||
|
||||
+#
|
||||
+# Specifies the system certificate store
|
||||
+# This property may be disabled using an empty value
|
||||
+#
|
||||
+security.systemCACerts=${java.home}/lib/security/cacerts
|
||||
+
|
||||
#
|
||||
# Determines the default key and trust manager factory algorithms for
|
||||
# the javax.net.ssl package.
|
||||
diff --git a/jdk/src/share/lib/security/java.security-macosx b/jdk/src/share/lib/security/java.security-macosx
|
||||
index d4da666af3b..1a20027c02b 100644
|
||||
--- a/jdk/src/share/lib/security/java.security-macosx
|
||||
+++ b/jdk/src/share/lib/security/java.security-macosx
|
||||
@@ -297,6 +297,12 @@ security.overridePropertiesFile=true
|
||||
#
|
||||
security.useSystemPropertiesFile=false
|
||||
|
||||
+#
|
||||
+# Specifies the system certificate store
|
||||
+# This property may be disabled using an empty value
|
||||
+#
|
||||
+security.systemCACerts=${java.home}/lib/security/cacerts
|
||||
+
|
||||
#
|
||||
# Determines the default key and trust manager factory algorithms for
|
||||
# the javax.net.ssl package.
|
||||
diff --git a/jdk/src/share/lib/security/java.security-solaris b/jdk/src/share/lib/security/java.security-solaris
|
||||
index 300132384a1..6299e0a3c7b 100644
|
||||
--- a/jdk/src/share/lib/security/java.security-solaris
|
||||
+++ b/jdk/src/share/lib/security/java.security-solaris
|
||||
@@ -295,6 +295,12 @@ security.overridePropertiesFile=true
|
||||
#
|
||||
security.useSystemPropertiesFile=false
|
||||
|
||||
+#
|
||||
+# Specifies the system certificate store
|
||||
+# This property may be disabled using an empty value
|
||||
+#
|
||||
+security.systemCACerts=${java.home}/lib/security/cacerts
|
||||
+
|
||||
#
|
||||
# Determines the default key and trust manager factory algorithms for
|
||||
# the javax.net.ssl package.
|
||||
diff --git a/jdk/src/share/lib/security/java.security-windows b/jdk/src/share/lib/security/java.security-windows
|
||||
index 64db5a5cd1e..823994f3466 100644
|
||||
--- a/jdk/src/share/lib/security/java.security-windows
|
||||
+++ b/jdk/src/share/lib/security/java.security-windows
|
||||
@@ -297,6 +297,12 @@ security.overridePropertiesFile=true
|
||||
#
|
||||
security.useSystemPropertiesFile=false
|
||||
|
||||
+#
|
||||
+# Specifies the system certificate store
|
||||
+# This property may be disabled using an empty value
|
||||
+#
|
||||
+security.systemCACerts=${java.home}/lib/security/cacerts
|
||||
+
|
||||
#
|
||||
# Determines the default key and trust manager factory algorithms for
|
||||
# the javax.net.ssl package.
|
||||
|
|
@ -17,7 +17,7 @@ fi
|
|||
d=`mktemp -d`
|
||||
NW=$d/$f
|
||||
pushd $d
|
||||
jar xf $ORIG
|
||||
unzip $ORIG
|
||||
cat $M
|
||||
# sed -i "s/Created-By.*/Created-By: 1.7.0/g" $M
|
||||
sed -i "s/Created-By.*/Created-By: $2/g" $M
|
||||
|
|
|
|||
|
|
@ -1,66 +0,0 @@
|
|||
diff --git a/src/share/classes/com/sun/crypto/provider/DHParameterGenerator.java b/src/share/classes/com/sun/crypto/provider/DHParameterGenerator.java
|
||||
--- openjdk/jdk/src/share/classes/com/sun/crypto/provider/DHParameterGenerator.java
|
||||
+++ openjdk/jdk/src/share/classes/com/sun/crypto/provider/DHParameterGenerator.java
|
||||
@@ -1,5 +1,6 @@
|
||||
/*
|
||||
* Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
|
||||
+ * Copyright (c) 2014 Red Hat Inc.
|
||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||
*
|
||||
* This code is free software; you can redistribute it and/or modify it
|
||||
@@ -61,13 +62,13 @@
|
||||
|
||||
private static void checkKeySize(int keysize)
|
||||
throws InvalidParameterException {
|
||||
- boolean supported = ((keysize == 2048) || (keysize == 3072) ||
|
||||
+ boolean supported = ((keysize == 2048) || (keysize == 3072) || (keysize == 4096) ||
|
||||
((keysize >= 512) && (keysize <= 1024) && ((keysize & 0x3F) == 0)));
|
||||
|
||||
if (!supported) {
|
||||
throw new InvalidParameterException(
|
||||
"DH key size must be multiple of 64 and range " +
|
||||
- "from 512 to 1024 (inclusive), or 2048, 3072. " +
|
||||
+ "from 512 to 1024 (inclusive), or 2048, 3072, 4096. " +
|
||||
"The specific key size " + keysize + " is not supported");
|
||||
}
|
||||
}
|
||||
diff --git a/test/com/sun/crypto/provider/KeyAgreement/TestExponentSize.java b/test/com/sun/crypto/provider/KeyAgreement/TestExponentSize.java
|
||||
--- openjdk/jdk/test/com/sun/crypto/provider/KeyAgreement/TestExponentSize.java
|
||||
+++ openjdk/jdk/test/com/sun/crypto/provider/KeyAgreement/TestExponentSize.java
|
||||
@@ -1,5 +1,6 @@
|
||||
/*
|
||||
* Copyright (c) 2005, 2017, Oracle and/or its affiliates. All rights reserved.
|
||||
+ * Copyright (c) 2014 Red Hat Inc.
|
||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||
*
|
||||
* This code is free software; you can redistribute it and/or modify it
|
||||
@@ -58,7 +59,7 @@
|
||||
*/
|
||||
private enum Sizes {
|
||||
two56(256), three84(384), five12(512), seven68(768), ten24(1024),
|
||||
- twenty48(2048);
|
||||
+ twenty48(2048), forty96(4096);
|
||||
|
||||
private final int intSize;
|
||||
private final BigInteger bigIntValue;
|
||||
@@ -130,6 +131,19 @@
|
||||
kp = kpg.generateKeyPair();
|
||||
checkKeyPair(kp, Sizes.twenty48, Sizes.five12);
|
||||
|
||||
+ kpg.initialize(Sizes.forty96.getIntSize());
|
||||
+ kp = kpg.generateKeyPair();
|
||||
+ checkKeyPair(kp, Sizes.forty96, Sizes.twenty48);
|
||||
+
|
||||
+ publicKey = (DHPublicKey)kp.getPublic();
|
||||
+ p = publicKey.getParams().getP();
|
||||
+ g = publicKey.getParams().getG();
|
||||
+
|
||||
+ // test w/ all values specified
|
||||
+ kpg.initialize(new DHParameterSpec(p, g, Sizes.ten24.getIntSize()));
|
||||
+ kp = kpg.generateKeyPair();
|
||||
+ checkKeyPair(kp, Sizes.forty96, Sizes.ten24);
|
||||
+
|
||||
System.out.println("OK");
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -0,0 +1,16 @@
|
|||
diff -uNr openjdk-orig/jdk/src/share/classes/java/awt/Toolkit.java jdk8/jdk/src/share/classes/java/awt/Toolkit.java
|
||||
--- openjdk-orig/jdk/src/share/classes/java/awt/Toolkit.java 2009-01-23 11:59:47.000000000 -0500
|
||||
+++ jdk8/jdk/src/share/classes/java/awt/Toolkit.java 2009-01-23 12:05:20.000000000 -0500
|
||||
@@ -883,7 +883,11 @@
|
||||
return null;
|
||||
}
|
||||
});
|
||||
- loadAssistiveTechnologies();
|
||||
+ try {
|
||||
+ loadAssistiveTechnologies();
|
||||
+ } catch ( AWTError error) {
|
||||
+ // ignore silently
|
||||
+ }
|
||||
}
|
||||
return toolkit;
|
||||
}
|
||||
|
|
@ -0,0 +1,13 @@
|
|||
--- openjdk/jdk/src/solaris/classes/sun/security/smartcardio/PlatformPCSC.java 2013-03-01 10:48:12.038189968 +0100
|
||||
+++ openjdk/jdk/src/solaris/classes/sun/security/smartcardio/PlatformPCSC.java 2013-03-01 10:48:11.913188505 +0100
|
||||
@@ -48,8 +48,8 @@
|
||||
|
||||
private final static String PROP_NAME = "sun.security.smartcardio.library";
|
||||
|
||||
- private final static String LIB1 = "/usr/$LIBISA/libpcsclite.so";
|
||||
- private final static String LIB2 = "/usr/local/$LIBISA/libpcsclite.so";
|
||||
+ private final static String LIB1 = "/usr/$LIBISA/libpcsclite.so.1";
|
||||
+ private final static String LIB2 = "/usr/local/$LIBISA/libpcsclite.so.1";
|
||||
private final static String PCSC_FRAMEWORK = "/System/Library/Frameworks/PCSC.framework/Versions/Current/PCSC";
|
||||
|
||||
PlatformPCSC() {
|
||||
|
|
@ -16,7 +16,7 @@ diff --git openjdk.orig/hotspot/src/share/vm/gc_implementation/shenandoah/shenan
|
|||
Atomic::add(val, &_sum);
|
||||
|
||||
- int mag = log2_intptr(val) + 1;
|
||||
+ int mag = log2_intptr((uintptr_t)val) + 1;
|
||||
+ int mag = log2_long(val) + 1;
|
||||
|
||||
// Defensively saturate for product bits:
|
||||
if (mag < 0) {
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue