Compare commits
No commits in common. "c8" and "c10s" have entirely different histories.
2
.gitignore
vendored
2
.gitignore
vendored
@ -1,2 +0,0 @@
|
||||
SOURCES/openjdk-jdk11u-jdk-11.0.25+9.tar.xz
|
||||
SOURCES/tapsets-icedtea-6.0.0pre00-c848b93a8598.tar.xz
|
||||
@ -1,2 +0,0 @@
|
||||
5fd3e49485572a2ac8c350503d872a624c59ddb2 SOURCES/openjdk-jdk11u-jdk-11.0.25+9.tar.xz
|
||||
c8281ee37b77d535c9c1af86609a531958ff7b34 SOURCES/tapsets-icedtea-6.0.0pre00-c848b93a8598.tar.xz
|
||||
@ -1,65 +0,0 @@
|
||||
/* CheckVendor -- Check the vendor properties match specified values.
|
||||
Copyright (C) 2020 Red Hat, Inc.
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU Affero General Public License as
|
||||
published by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU Affero General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU Affero General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
/**
|
||||
* @test
|
||||
*/
|
||||
public class CheckVendor {
|
||||
|
||||
public static void main(String[] args) {
|
||||
if (args.length < 4) {
|
||||
System.err.println("CheckVendor <VENDOR> <VENDOR-URL> <VENDOR-BUG-URL> <VENDOR-VERSION-STRING>");
|
||||
System.exit(1);
|
||||
}
|
||||
|
||||
String vendor = System.getProperty("java.vendor");
|
||||
String expectedVendor = args[0];
|
||||
String vendorURL = System.getProperty("java.vendor.url");
|
||||
String expectedVendorURL = args[1];
|
||||
String vendorBugURL = System.getProperty("java.vendor.url.bug");
|
||||
String expectedVendorBugURL = args[2];
|
||||
String vendorVersionString = System.getProperty("java.vendor.version");
|
||||
String expectedVendorVersionString = args[3];
|
||||
|
||||
if (!expectedVendor.equals(vendor)) {
|
||||
System.err.printf("Invalid vendor %s, expected %s\n",
|
||||
vendor, expectedVendor);
|
||||
System.exit(2);
|
||||
}
|
||||
|
||||
if (!expectedVendorURL.equals(vendorURL)) {
|
||||
System.err.printf("Invalid vendor URL %s, expected %s\n",
|
||||
vendorURL, expectedVendorURL);
|
||||
System.exit(3);
|
||||
}
|
||||
|
||||
if (!expectedVendorBugURL.equals(vendorBugURL)) {
|
||||
System.err.printf("Invalid vendor bug URL %s, expected %s\n",
|
||||
vendorBugURL, expectedVendorBugURL);
|
||||
System.exit(4);
|
||||
}
|
||||
|
||||
if (!expectedVendorVersionString.equals(vendorVersionString)) {
|
||||
System.err.printf("Invalid vendor version string %s, expected %s\n",
|
||||
vendorVersionString, expectedVendorVersionString);
|
||||
System.exit(5);
|
||||
}
|
||||
|
||||
System.err.printf("Vendor information verified as %s, %s, %s, %s\n",
|
||||
vendor, vendorURL, vendorBugURL, vendorVersionString);
|
||||
}
|
||||
}
|
||||
@ -1,39 +0,0 @@
|
||||
OpenJDK 11 is a Long-Term Support (LTS) release of the Java platform.
|
||||
|
||||
For a list of major changes from OpenJDK 8 (java-1.8.0-openjdk), see
|
||||
the upstream release page for OpenJDK 11 and the preceding interim
|
||||
releases:
|
||||
|
||||
* 9: https://openjdk.org/projects/jdk9/
|
||||
* 10: https://openjdk.java.net/projects/jdk/10/
|
||||
* 11: https://openjdk.java.net/projects/jdk/11/
|
||||
|
||||
# Rebuilding the OpenJDK package
|
||||
|
||||
The OpenJDK packages are now created from a single build which is then
|
||||
packaged for different major versions of Red Hat Enterprise Linux
|
||||
(RHEL). This allows the OpenJDK team to focus their efforts on the
|
||||
development and testing of this single build, rather than having
|
||||
multiple builds which only differ by the platform they were built on.
|
||||
|
||||
This does make rebuilding the package slightly more complicated than a
|
||||
normal package. Modifications should be made to the
|
||||
`java-11-openjdk-portable.specfile` file, which can be found with this
|
||||
README file in the source RPM or installed in the documentation tree
|
||||
by the `java-11-openjdk-headless` RPM.
|
||||
|
||||
Once the modified `java-11-openjdk-portable` RPMs are built, they
|
||||
should be installed and will produce a number of tarballs in the
|
||||
`/usr/lib/jvm` directory. The `java-11-openjdk` RPMs can then be
|
||||
built, which will use these tarballs to create the usual RPMs found in
|
||||
RHEL. The `java-11-openjdk-portable` RPMs can be uninstalled once the
|
||||
desired final RPMs are produced.
|
||||
|
||||
Note that the `java-11-openjdk.spec` file has a hard requirement on
|
||||
the exact version of java-11-openjdk-portable to use, so this will
|
||||
need to be modified if the version or rpmrelease values are changed in
|
||||
`java-11-openjdk-portable.specfile`.
|
||||
|
||||
To reduce the number of RPMs involved, the `fastdebug` and `slowdebug`
|
||||
builds may be disabled using `--without fastdebug` and `--without
|
||||
slowdebug`.
|
||||
@ -1,72 +0,0 @@
|
||||
/* TestCryptoLevel -- Ensure unlimited crypto policy is in use.
|
||||
Copyright (C) 2012 Red Hat, Inc.
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU Affero General Public License as
|
||||
published by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU Affero General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU Affero General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
import java.lang.reflect.Field;
|
||||
import java.lang.reflect.Method;
|
||||
import java.lang.reflect.InvocationTargetException;
|
||||
|
||||
import java.security.Permission;
|
||||
import java.security.PermissionCollection;
|
||||
|
||||
public class TestCryptoLevel
|
||||
{
|
||||
public static void main(String[] args)
|
||||
throws NoSuchFieldException, ClassNotFoundException,
|
||||
IllegalAccessException, InvocationTargetException
|
||||
{
|
||||
Class<?> cls = null;
|
||||
Method def = null, exempt = null;
|
||||
|
||||
try
|
||||
{
|
||||
cls = Class.forName("javax.crypto.JceSecurity");
|
||||
}
|
||||
catch (ClassNotFoundException ex)
|
||||
{
|
||||
System.err.println("Running a non-Sun JDK.");
|
||||
System.exit(0);
|
||||
}
|
||||
try
|
||||
{
|
||||
def = cls.getDeclaredMethod("getDefaultPolicy");
|
||||
exempt = cls.getDeclaredMethod("getExemptPolicy");
|
||||
}
|
||||
catch (NoSuchMethodException ex)
|
||||
{
|
||||
System.err.println("Running IcedTea with the original crypto patch.");
|
||||
System.exit(0);
|
||||
}
|
||||
def.setAccessible(true);
|
||||
exempt.setAccessible(true);
|
||||
PermissionCollection defPerms = (PermissionCollection) def.invoke(null);
|
||||
PermissionCollection exemptPerms = (PermissionCollection) exempt.invoke(null);
|
||||
Class<?> apCls = Class.forName("javax.crypto.CryptoAllPermission");
|
||||
Field apField = apCls.getDeclaredField("INSTANCE");
|
||||
apField.setAccessible(true);
|
||||
Permission allPerms = (Permission) apField.get(null);
|
||||
if (defPerms.implies(allPerms) && (exemptPerms == null || exemptPerms.implies(allPerms)))
|
||||
{
|
||||
System.err.println("Running with the unlimited policy.");
|
||||
System.exit(0);
|
||||
}
|
||||
else
|
||||
{
|
||||
System.err.println("WARNING: Running with a restricted crypto policy.");
|
||||
System.exit(-1);
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -1,49 +0,0 @@
|
||||
/* TestECDSA -- Ensure ECDSA signatures are working.
|
||||
Copyright (C) 2016 Red Hat, Inc.
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU Affero General Public License as
|
||||
published by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU Affero General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU Affero General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
import java.math.BigInteger;
|
||||
import java.security.KeyPair;
|
||||
import java.security.KeyPairGenerator;
|
||||
import java.security.Signature;
|
||||
|
||||
/**
|
||||
* @test
|
||||
*/
|
||||
public class TestECDSA {
|
||||
|
||||
public static void main(String[] args) throws Exception {
|
||||
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC");
|
||||
KeyPair key = keyGen.generateKeyPair();
|
||||
|
||||
byte[] data = "This is a string to sign".getBytes("UTF-8");
|
||||
|
||||
Signature dsa = Signature.getInstance("NONEwithECDSA");
|
||||
dsa.initSign(key.getPrivate());
|
||||
dsa.update(data);
|
||||
byte[] sig = dsa.sign();
|
||||
System.out.println("Signature: " + new BigInteger(1, sig).toString(16));
|
||||
|
||||
Signature dsaCheck = Signature.getInstance("NONEwithECDSA");
|
||||
dsaCheck.initVerify(key.getPublic());
|
||||
dsaCheck.update(data);
|
||||
boolean success = dsaCheck.verify(sig);
|
||||
if (!success) {
|
||||
throw new RuntimeException("Test failed. Signature verification error");
|
||||
}
|
||||
System.out.println("Test passed.");
|
||||
}
|
||||
}
|
||||
@ -1,84 +0,0 @@
|
||||
/* TestSecurityProperties -- Ensure system security properties can be used to
|
||||
enable the crypto policies.
|
||||
Copyright (C) 2022 Red Hat, Inc.
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU Affero General Public License as
|
||||
published by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU Affero General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU Affero General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
import java.io.File;
|
||||
import java.io.FileInputStream;
|
||||
import java.security.Security;
|
||||
import java.util.Properties;
|
||||
|
||||
public class TestSecurityProperties {
|
||||
// JDK 11
|
||||
private static final String JDK_PROPS_FILE_JDK_11 = System.getProperty("java.home") + "/conf/security/java.security";
|
||||
// JDK 8
|
||||
private static final String JDK_PROPS_FILE_JDK_8 = System.getProperty("java.home") + "/lib/security/java.security";
|
||||
|
||||
private static final String POLICY_FILE = "/etc/crypto-policies/back-ends/java.config";
|
||||
|
||||
private static final String MSG_PREFIX = "DEBUG: ";
|
||||
|
||||
public static void main(String[] args) {
|
||||
if (args.length == 0) {
|
||||
System.err.println("TestSecurityProperties <true|false>");
|
||||
System.err.println("Invoke with 'true' if system security properties should be enabled.");
|
||||
System.err.println("Invoke with 'false' if system security properties should be disabled.");
|
||||
System.exit(1);
|
||||
}
|
||||
boolean enabled = Boolean.valueOf(args[0]);
|
||||
System.out.println(MSG_PREFIX + "System security properties enabled: " + enabled);
|
||||
Properties jdkProps = new Properties();
|
||||
loadProperties(jdkProps);
|
||||
if (enabled) {
|
||||
loadPolicy(jdkProps);
|
||||
}
|
||||
for (Object key: jdkProps.keySet()) {
|
||||
String sKey = (String)key;
|
||||
String securityVal = Security.getProperty(sKey);
|
||||
String jdkSecVal = jdkProps.getProperty(sKey);
|
||||
if (!securityVal.equals(jdkSecVal)) {
|
||||
String msg = "Expected value '" + jdkSecVal + "' for key '" +
|
||||
sKey + "'" + " but got value '" + securityVal + "'";
|
||||
throw new RuntimeException("Test failed! " + msg);
|
||||
} else {
|
||||
System.out.println(MSG_PREFIX + sKey + " = " + jdkSecVal + " as expected.");
|
||||
}
|
||||
}
|
||||
System.out.println("TestSecurityProperties PASSED!");
|
||||
}
|
||||
|
||||
private static void loadProperties(Properties props) {
|
||||
String javaVersion = System.getProperty("java.version");
|
||||
System.out.println(MSG_PREFIX + "Java version is " + javaVersion);
|
||||
String propsFile = JDK_PROPS_FILE_JDK_11;
|
||||
if (javaVersion.startsWith("1.8.0")) {
|
||||
propsFile = JDK_PROPS_FILE_JDK_8;
|
||||
}
|
||||
try (FileInputStream fin = new FileInputStream(propsFile)) {
|
||||
props.load(fin);
|
||||
} catch (Exception e) {
|
||||
throw new RuntimeException("Test failed!", e);
|
||||
}
|
||||
}
|
||||
|
||||
private static void loadPolicy(Properties props) {
|
||||
try (FileInputStream fin = new FileInputStream(POLICY_FILE)) {
|
||||
props.load(fin);
|
||||
} catch (Exception e) {
|
||||
throw new RuntimeException("Test failed!", e);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
@ -1,160 +0,0 @@
|
||||
/* TestTranslations -- Ensure translations are available for new timezones
|
||||
Copyright (C) 2022 Red Hat, Inc.
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU Affero General Public License as
|
||||
published by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU Affero General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU Affero General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
import java.text.DateFormatSymbols;
|
||||
|
||||
import java.time.ZoneId;
|
||||
import java.time.format.TextStyle;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
import java.util.Locale;
|
||||
import java.util.Objects;
|
||||
import java.util.TimeZone;
|
||||
|
||||
public class TestTranslations {
|
||||
|
||||
private static Map<Locale,String[]> KYIV, CIUDAD_JUAREZ;
|
||||
|
||||
static {
|
||||
Map<Locale,String[]> map = new HashMap<Locale,String[]>();
|
||||
map.put(Locale.US, new String[] { "Eastern European Standard Time", "GMT+02:00", "EET",
|
||||
"Eastern European Summer Time", "GMT+03:00", "EEST",
|
||||
"Eastern European Time", "GMT+02:00", "EET"});
|
||||
map.put(Locale.FRANCE, new String[] { "heure normale d\u2019Europe de l\u2019Est", "UTC+02:00", "EET",
|
||||
"heure d\u2019\u00e9t\u00e9 d\u2019Europe de l\u2019Est", "UTC+03:00", "EEST",
|
||||
"heure d\u2019Europe de l\u2019Est", "UTC+02:00", "EET"});
|
||||
map.put(Locale.GERMANY, new String[] { "Osteurop\u00e4ische Normalzeit", "OEZ", "OEZ",
|
||||
"Osteurop\u00e4ische Sommerzeit", "OESZ", "OESZ",
|
||||
"Osteurop\u00e4ische Zeit", "OEZ", "OEZ"});
|
||||
KYIV = Collections.unmodifiableMap(map);
|
||||
|
||||
map = new HashMap<Locale,String[]>();
|
||||
map.put(Locale.US, new String[] { "Mountain Standard Time", "MST", "MST",
|
||||
"Mountain Daylight Time", "MDT", "MDT",
|
||||
"Mountain Time", "MT", "MT"});
|
||||
map.put(Locale.FRANCE, new String[] { "heure normale des Rocheuses", "UTC\u221207:00", "MST",
|
||||
"heure d\u2019\u00e9t\u00e9 des Rocheuses", "UTC\u221206:00", "MDT",
|
||||
"heure des Rocheuses", "UTC\u221207:00", "MT"});
|
||||
map.put(Locale.GERMANY, new String[] { "Rocky Mountain-Normalzeit", "GMT-07:00", "MST",
|
||||
"Rocky-Mountain-Sommerzeit", "GMT-06:00", "MDT",
|
||||
"Rocky-Mountain-Zeit", "GMT-07:00", "MT"});
|
||||
CIUDAD_JUAREZ = Collections.unmodifiableMap(map);
|
||||
}
|
||||
|
||||
|
||||
public static void main(String[] args) {
|
||||
if (args.length < 1) {
|
||||
System.err.println("Test must be started with the name of the locale provider.");
|
||||
System.exit(1);
|
||||
}
|
||||
|
||||
System.out.println("Checking sanity of full zone string set...");
|
||||
boolean invalid = Arrays.stream(Locale.getAvailableLocales())
|
||||
.peek(l -> System.out.println("Locale: " + l))
|
||||
.map(l -> DateFormatSymbols.getInstance(l).getZoneStrings())
|
||||
.flatMap(zs -> Arrays.stream(zs))
|
||||
.flatMap(names -> Arrays.stream(names))
|
||||
.filter(name -> Objects.isNull(name) || name.isEmpty())
|
||||
.findAny()
|
||||
.isPresent();
|
||||
if (invalid) {
|
||||
System.err.println("Zone string for a locale returned null or empty string");
|
||||
System.exit(2);
|
||||
}
|
||||
|
||||
String localeProvider = args[0];
|
||||
testZone(localeProvider, KYIV,
|
||||
new String[] { "Europe/Kiev", "Europe/Kyiv", "Europe/Uzhgorod", "Europe/Zaporozhye" });
|
||||
testZone(localeProvider, CIUDAD_JUAREZ,
|
||||
new String[] { "America/Cambridge_Bay", "America/Ciudad_Juarez" });
|
||||
}
|
||||
|
||||
private static void testZone(String localeProvider, Map<Locale,String[]> exp, String[] ids) {
|
||||
for (Locale l : exp.keySet()) {
|
||||
String[] expected = exp.get(l);
|
||||
System.out.printf("Expected values for %s are %s\n", l, Arrays.toString(expected));
|
||||
for (String id : ids) {
|
||||
String expectedShortStd = null;
|
||||
String expectedShortDST = null;
|
||||
String expectedShortGen = null;
|
||||
|
||||
System.out.printf("Checking locale %s for %s...\n", l, id);
|
||||
|
||||
if ("JRE".equals(localeProvider)) {
|
||||
expectedShortStd = expected[2];
|
||||
expectedShortDST = expected[5];
|
||||
expectedShortGen = expected[8];
|
||||
} else if ("CLDR".equals(localeProvider)) {
|
||||
expectedShortStd = expected[1];
|
||||
expectedShortDST = expected[4];
|
||||
expectedShortGen = expected[7];
|
||||
} else {
|
||||
System.err.printf("Invalid locale provider %s\n", localeProvider);
|
||||
System.exit(3);
|
||||
}
|
||||
System.out.printf("Locale Provider is %s, using short values %s, %s and %s\n",
|
||||
localeProvider, expectedShortStd, expectedShortDST, expectedShortGen);
|
||||
|
||||
String longStd = TimeZone.getTimeZone(id).getDisplayName(false, TimeZone.LONG, l);
|
||||
String shortStd = TimeZone.getTimeZone(id).getDisplayName(false, TimeZone.SHORT, l);
|
||||
String longDST = TimeZone.getTimeZone(id).getDisplayName(true, TimeZone.LONG, l);
|
||||
String shortDST = TimeZone.getTimeZone(id).getDisplayName(true, TimeZone.SHORT, l);
|
||||
String longGen = ZoneId.of(id).getDisplayName(TextStyle.FULL, l);
|
||||
String shortGen = ZoneId.of(id).getDisplayName(TextStyle.SHORT, l);
|
||||
|
||||
if (!expected[0].equals(longStd)) {
|
||||
System.err.printf("Long standard display name for %s in %s was %s, expected %s\n",
|
||||
id, l, longStd, expected[0]);
|
||||
System.exit(4);
|
||||
}
|
||||
|
||||
if (!expectedShortStd.equals(shortStd)) {
|
||||
System.err.printf("Short standard display name for %s in %s was %s, expected %s\n",
|
||||
id, l, shortStd, expectedShortStd);
|
||||
System.exit(5);
|
||||
}
|
||||
|
||||
if (!expected[3].equals(longDST)) {
|
||||
System.err.printf("Long DST display name for %s in %s was %s, expected %s\n",
|
||||
id, l, longDST, expected[3]);
|
||||
System.exit(6);
|
||||
}
|
||||
|
||||
if (!expectedShortDST.equals(shortDST)) {
|
||||
System.err.printf("Short DST display name for %s in %s was %s, expected %s\n",
|
||||
id, l, shortDST, expectedShortDST);
|
||||
System.exit(7);
|
||||
}
|
||||
|
||||
if (!expected[6].equals(longGen)) {
|
||||
System.err.printf("Long generic display name for %s in %s was %s, expected %s\n",
|
||||
id, l, longGen, expected[6]);
|
||||
System.exit(8);
|
||||
}
|
||||
|
||||
if (!expectedShortGen.equals(shortGen)) {
|
||||
System.err.printf("Short generic display name for %s in %s was %s, expected %s\n",
|
||||
id, l, shortGen, expectedShortGen);
|
||||
System.exit(9);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@ -1,10 +0,0 @@
|
||||
[Desktop Entry]
|
||||
Name=OpenJDK @JAVA_VER@ for @target_cpu@ Monitoring & Management Console (@OPENJDK_VER@)
|
||||
Comment=Monitor and manage OpenJDK applications
|
||||
Exec=_SDKBINDIR_/jconsole
|
||||
Icon=java-@JAVA_VER@-@JAVA_VENDOR@
|
||||
Terminal=false
|
||||
Type=Application
|
||||
StartupWMClass=sun-tools-jconsole-JConsole
|
||||
Categories=Development;Profiling;Java;
|
||||
Version=1.0
|
||||
File diff suppressed because it is too large
Load Diff
@ -1,5 +0,0 @@
|
||||
name = NSS
|
||||
nssLibraryDirectory = @NSS_LIBDIR@
|
||||
nssDbMode = noDb
|
||||
attributes = compatibility
|
||||
handleStartupErrors = ignoreMultipleInitialisation
|
||||
@ -1,8 +0,0 @@
|
||||
name = NSS-FIPS
|
||||
nssLibraryDirectory = @NSS_LIBDIR@
|
||||
nssSecmodDirectory = sql:/etc/pki/nssdb
|
||||
nssDbMode = readOnly
|
||||
nssModule = fips
|
||||
|
||||
attributes(*,CKO_SECRET_KEY,CKK_GENERIC_SECRET)={ CKA_SIGN=true }
|
||||
|
||||
@ -1,166 +0,0 @@
|
||||
#!/bin/sh
|
||||
|
||||
# Arguments: <JDK TREE> <MINIMAL|FULL>
|
||||
TREE=${1}
|
||||
TYPE=${2}
|
||||
|
||||
ZIP_SRC=src/java.base/share/native/libzip/zlib/
|
||||
FREETYPE_SRC=src/java.desktop/share/native/libfreetype/
|
||||
JPEG_SRC=src/java.desktop/share/native/libjavajpeg/
|
||||
GIF_SRC=src/java.desktop/share/native/libsplashscreen/giflib/
|
||||
PNG_SRC=src/java.desktop/share/native/libsplashscreen/libpng/
|
||||
LCMS_SRC=src/java.desktop/share/native/liblcms/
|
||||
|
||||
if test "x${TREE}" = "x"; then
|
||||
echo "$0 <JDK_TREE> (MINIMAL|FULL)";
|
||||
exit 1;
|
||||
fi
|
||||
|
||||
if test "x${TYPE}" = "x"; then
|
||||
TYPE=minimal;
|
||||
fi
|
||||
|
||||
if test "x${TYPE}" != "xminimal" -a "x${TYPE}" != "xfull"; then
|
||||
echo "Type must be minimal or full";
|
||||
exit 2;
|
||||
fi
|
||||
|
||||
echo "Removing in-tree libraries from ${TREE}"
|
||||
echo "Cleansing operation: ${TYPE}";
|
||||
|
||||
cd ${TREE}
|
||||
|
||||
echo "Removing built-in libs (they will be linked)"
|
||||
|
||||
# On full runs, allow for zlib & freetype having already been deleted by minimal
|
||||
echo "Removing zlib"
|
||||
if [ "x${TYPE}" = "xminimal" -a ! -d ${ZIP_SRC} ]; then
|
||||
echo "${ZIP_SRC} does not exist. Refusing to proceed."
|
||||
exit 1
|
||||
fi
|
||||
rm -rvf ${ZIP_SRC}
|
||||
echo "Removing freetype"
|
||||
if [ "x${TYPE}" = "xminimal" -a ! -d ${FREETYPE_SRC} ]; then
|
||||
echo "${FREETYPE_SRC} does not exist. Refusing to proceed."
|
||||
exit 1
|
||||
fi
|
||||
rm -rvf ${FREETYPE_SRC}
|
||||
|
||||
# Minimal is limited to just zlib and freetype so finish here
|
||||
if test "x${TYPE}" = "xminimal"; then
|
||||
echo "Finished.";
|
||||
exit 0;
|
||||
fi
|
||||
|
||||
echo "Removing libjpeg"
|
||||
if [ ! -f ${JPEG_SRC}/jdhuff.c ]; then # some file that should definitely exist
|
||||
echo "${JPEG_SRC} does not contain jpeg sources. Refusing to proceed."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
rm -vf ${JPEG_SRC}/jcomapi.c
|
||||
rm -vf ${JPEG_SRC}/jdapimin.c
|
||||
rm -vf ${JPEG_SRC}/jdapistd.c
|
||||
rm -vf ${JPEG_SRC}/jdcoefct.c
|
||||
rm -vf ${JPEG_SRC}/jdcolor.c
|
||||
rm -vf ${JPEG_SRC}/jdct.h
|
||||
rm -vf ${JPEG_SRC}/jddctmgr.c
|
||||
rm -vf ${JPEG_SRC}/jdhuff.c
|
||||
rm -vf ${JPEG_SRC}/jdhuff.h
|
||||
rm -vf ${JPEG_SRC}/jdinput.c
|
||||
rm -vf ${JPEG_SRC}/jdmainct.c
|
||||
rm -vf ${JPEG_SRC}/jdmarker.c
|
||||
rm -vf ${JPEG_SRC}/jdmaster.c
|
||||
rm -vf ${JPEG_SRC}/jdmerge.c
|
||||
rm -vf ${JPEG_SRC}/jdphuff.c
|
||||
rm -vf ${JPEG_SRC}/jdpostct.c
|
||||
rm -vf ${JPEG_SRC}/jdsample.c
|
||||
rm -vf ${JPEG_SRC}/jerror.c
|
||||
rm -vf ${JPEG_SRC}/jerror.h
|
||||
rm -vf ${JPEG_SRC}/jidctflt.c
|
||||
rm -vf ${JPEG_SRC}/jidctfst.c
|
||||
rm -vf ${JPEG_SRC}/jidctint.c
|
||||
rm -vf ${JPEG_SRC}/jidctred.c
|
||||
rm -vf ${JPEG_SRC}/jinclude.h
|
||||
rm -vf ${JPEG_SRC}/jmemmgr.c
|
||||
rm -vf ${JPEG_SRC}/jmemsys.h
|
||||
rm -vf ${JPEG_SRC}/jmemnobs.c
|
||||
rm -vf ${JPEG_SRC}/jmorecfg.h
|
||||
rm -vf ${JPEG_SRC}/jpegint.h
|
||||
rm -vf ${JPEG_SRC}/jpeglib.h
|
||||
rm -vf ${JPEG_SRC}/jquant1.c
|
||||
rm -vf ${JPEG_SRC}/jquant2.c
|
||||
rm -vf ${JPEG_SRC}/jutils.c
|
||||
rm -vf ${JPEG_SRC}/jcapimin.c
|
||||
rm -vf ${JPEG_SRC}/jcapistd.c
|
||||
rm -vf ${JPEG_SRC}/jccoefct.c
|
||||
rm -vf ${JPEG_SRC}/jccolor.c
|
||||
rm -vf ${JPEG_SRC}/jcdctmgr.c
|
||||
rm -vf ${JPEG_SRC}/jchuff.c
|
||||
rm -vf ${JPEG_SRC}/jchuff.h
|
||||
rm -vf ${JPEG_SRC}/jcinit.c
|
||||
rm -vf ${JPEG_SRC}/jconfig.h
|
||||
rm -vf ${JPEG_SRC}/jcmainct.c
|
||||
rm -vf ${JPEG_SRC}/jcmarker.c
|
||||
rm -vf ${JPEG_SRC}/jcmaster.c
|
||||
rm -vf ${JPEG_SRC}/jcparam.c
|
||||
rm -vf ${JPEG_SRC}/jcphuff.c
|
||||
rm -vf ${JPEG_SRC}/jcprepct.c
|
||||
rm -vf ${JPEG_SRC}/jcsample.c
|
||||
rm -vf ${JPEG_SRC}/jctrans.c
|
||||
rm -vf ${JPEG_SRC}/jdtrans.c
|
||||
rm -vf ${JPEG_SRC}/jfdctflt.c
|
||||
rm -vf ${JPEG_SRC}/jfdctfst.c
|
||||
rm -vf ${JPEG_SRC}/jfdctint.c
|
||||
rm -vf ${JPEG_SRC}/jversion.h
|
||||
rm -vf ${JPEG_SRC}/README
|
||||
|
||||
echo "Removing giflib"
|
||||
if [ ! -d ${GIF_SRC} ]; then
|
||||
echo "${GIF_SRC} does not exist. Refusing to proceed."
|
||||
exit 1
|
||||
fi
|
||||
rm -rvf ${GIF_SRC}
|
||||
|
||||
echo "Removing libpng"
|
||||
if [ ! -d ${PNG_SRC} ]; then
|
||||
echo "${PNG_SRC} does not exist. Refusing to proceed."
|
||||
exit 1
|
||||
fi
|
||||
rm -rvf ${PNG_SRC}
|
||||
|
||||
echo "Removing lcms"
|
||||
if [ ! -d ${LCMS_SRC} ]; then
|
||||
echo "${LCMS_SRC} does not exist. Refusing to proceed."
|
||||
exit 1
|
||||
fi
|
||||
rm -vf ${LCMS_SRC}/cmscam02.c
|
||||
rm -vf ${LCMS_SRC}/cmscgats.c
|
||||
rm -vf ${LCMS_SRC}/cmscnvrt.c
|
||||
rm -vf ${LCMS_SRC}/cmserr.c
|
||||
rm -vf ${LCMS_SRC}/cmsgamma.c
|
||||
rm -vf ${LCMS_SRC}/cmsgmt.c
|
||||
rm -vf ${LCMS_SRC}/cmshalf.c
|
||||
rm -vf ${LCMS_SRC}/cmsintrp.c
|
||||
rm -vf ${LCMS_SRC}/cmsio0.c
|
||||
rm -vf ${LCMS_SRC}/cmsio1.c
|
||||
rm -vf ${LCMS_SRC}/cmslut.c
|
||||
rm -vf ${LCMS_SRC}/cmsmd5.c
|
||||
rm -vf ${LCMS_SRC}/cmsmtrx.c
|
||||
rm -vf ${LCMS_SRC}/cmsnamed.c
|
||||
rm -vf ${LCMS_SRC}/cmsopt.c
|
||||
rm -vf ${LCMS_SRC}/cmspack.c
|
||||
rm -vf ${LCMS_SRC}/cmspcs.c
|
||||
rm -vf ${LCMS_SRC}/cmsplugin.c
|
||||
rm -vf ${LCMS_SRC}/cmsps2.c
|
||||
rm -vf ${LCMS_SRC}/cmssamp.c
|
||||
rm -vf ${LCMS_SRC}/cmssm.c
|
||||
rm -vf ${LCMS_SRC}/cmstypes.c
|
||||
rm -vf ${LCMS_SRC}/cmsvirt.c
|
||||
rm -vf ${LCMS_SRC}/cmswtpnt.c
|
||||
rm -vf ${LCMS_SRC}/cmsxform.c
|
||||
rm -vf ${LCMS_SRC}/lcms2.h
|
||||
rm -vf ${LCMS_SRC}/lcms2_internal.h
|
||||
rm -vf ${LCMS_SRC}/lcms2_plugin.h
|
||||
|
||||
|
||||
@ -1,18 +0,0 @@
|
||||
diff -uNr openjdk/src/java.desktop/share/classes/java/awt/Toolkit.java jdk8/jdk/src/java.desktop/share/classes/java/awt/Toolkit.java
|
||||
--- openjdk/src/java.desktop/share/classes/java/awt/Toolkit.java
|
||||
+++ openjdk/src/java.desktop/share/classes/java/awt/Toolkit.java
|
||||
@@ -883,9 +883,13 @@
|
||||
return null;
|
||||
}
|
||||
});
|
||||
if (!GraphicsEnvironment.isHeadless()) {
|
||||
- loadAssistiveTechnologies();
|
||||
+ try {
|
||||
+ loadAssistiveTechnologies();
|
||||
+ } catch (AWTError error) {
|
||||
+ // ignore silently
|
||||
+ }
|
||||
}
|
||||
}
|
||||
return toolkit;
|
||||
}
|
||||
@ -1,12 +0,0 @@
|
||||
diff --git a/src/java.base/share/conf/security/java.security b/src/java.base/share/conf/security/java.security
|
||||
index 474fe6f401f..7e94ae32023 100644
|
||||
--- a/src/java.base/share/conf/security/java.security
|
||||
+++ b/src/java.base/share/conf/security/java.security
|
||||
@@ -84,6 +84,7 @@ security.provider.tbd=Apple
|
||||
#ifndef solaris
|
||||
security.provider.tbd=SunPKCS11
|
||||
#endif
|
||||
+#security.provider.tbd=SunPKCS11 ${java.home}/lib/security/nss.cfg
|
||||
|
||||
#
|
||||
# Security providers used when FIPS mode support is active
|
||||
@ -1,119 +0,0 @@
|
||||
diff --git openjdk.orig/make/launcher/Launcher-java.base.gmk openjdk/make/launcher/Launcher-java.base.gmk
|
||||
index a8990dd0ef..320fec6e51 100644
|
||||
--- openjdk.orig/make/launcher/Launcher-java.base.gmk
|
||||
+++ openjdk/make/launcher/Launcher-java.base.gmk
|
||||
@@ -41,6 +41,16 @@ $(eval $(call SetupBuildLauncher, java, \
|
||||
OPTIMIZATION := HIGH, \
|
||||
))
|
||||
|
||||
+#Wno-error=cpp is present to allow commented warning in ifdef part of main.c
|
||||
+$(eval $(call SetupBuildLauncher, alt-java, \
|
||||
+ CFLAGS := -DEXPAND_CLASSPATH_WILDCARDS -DENABLE_ARG_FILES -DREDHAT_ALT_JAVA -Wno-error=cpp, \
|
||||
+ LDFLAGS_solaris := -R$(OPENWIN_HOME)/lib$(OPENJDK_TARGET_CPU_ISADIR), \
|
||||
+ LIBS_windows := user32.lib comctl32.lib, \
|
||||
+ EXTRA_RC_FLAGS := $(JAVA_RC_FLAGS), \
|
||||
+ VERSION_INFO_RESOURCE := $(JAVA_VERSION_INFO_RESOURCE), \
|
||||
+ OPTIMIZATION := HIGH, \
|
||||
+))
|
||||
+
|
||||
ifeq ($(call isTargetOs, windows), true)
|
||||
$(eval $(call SetupBuildLauncher, javaw, \
|
||||
CFLAGS := -DJAVAW -DEXPAND_CLASSPATH_WILDCARDS -DENABLE_ARG_FILES, \
|
||||
diff --git openjdk.orig/src/java.base/share/native/launcher/alt_main.h openjdk/src/java.base/share/native/launcher/alt_main.h
|
||||
new file mode 100644
|
||||
index 0000000000..697df2898a
|
||||
--- /dev/null
|
||||
+++ openjdk/src/java.base/share/native/launcher/alt_main.h
|
||||
@@ -0,0 +1,73 @@
|
||||
+/*
|
||||
+ * Copyright (c) 2019, Red Hat, Inc. All rights reserved.
|
||||
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||
+ *
|
||||
+ * This code is free software; you can redistribute it and/or modify it
|
||||
+ * under the terms of the GNU General Public License version 2 only, as
|
||||
+ * published by the Free Software Foundation. Oracle designates this
|
||||
+ * particular file as subject to the "Classpath" exception as provided
|
||||
+ * by Oracle in the LICENSE file that accompanied this code.
|
||||
+ *
|
||||
+ * This code is distributed in the hope that it will be useful, but WITHOUT
|
||||
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
||||
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||
+ * version 2 for more details (a copy is included in the LICENSE file that
|
||||
+ * accompanied this code).
|
||||
+ *
|
||||
+ * You should have received a copy of the GNU General Public License version
|
||||
+ * 2 along with this work; if not, write to the Free Software Foundation,
|
||||
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
+ *
|
||||
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
|
||||
+ * or visit www.oracle.com if you need additional information or have any
|
||||
+ * questions.
|
||||
+ */
|
||||
+
|
||||
+#ifdef REDHAT_ALT_JAVA
|
||||
+
|
||||
+#include <sys/prctl.h>
|
||||
+
|
||||
+
|
||||
+/* Per task speculation control */
|
||||
+#ifndef PR_GET_SPECULATION_CTRL
|
||||
+# define PR_GET_SPECULATION_CTRL 52
|
||||
+#endif
|
||||
+#ifndef PR_SET_SPECULATION_CTRL
|
||||
+# define PR_SET_SPECULATION_CTRL 53
|
||||
+#endif
|
||||
+/* Speculation control variants */
|
||||
+#ifndef PR_SPEC_STORE_BYPASS
|
||||
+# define PR_SPEC_STORE_BYPASS 0
|
||||
+#endif
|
||||
+/* Return and control values for PR_SET/GET_SPECULATION_CTRL */
|
||||
+
|
||||
+#ifndef PR_SPEC_NOT_AFFECTED
|
||||
+# define PR_SPEC_NOT_AFFECTED 0
|
||||
+#endif
|
||||
+#ifndef PR_SPEC_PRCTL
|
||||
+# define PR_SPEC_PRCTL (1UL << 0)
|
||||
+#endif
|
||||
+#ifndef PR_SPEC_ENABLE
|
||||
+# define PR_SPEC_ENABLE (1UL << 1)
|
||||
+#endif
|
||||
+#ifndef PR_SPEC_DISABLE
|
||||
+# define PR_SPEC_DISABLE (1UL << 2)
|
||||
+#endif
|
||||
+#ifndef PR_SPEC_FORCE_DISABLE
|
||||
+# define PR_SPEC_FORCE_DISABLE (1UL << 3)
|
||||
+#endif
|
||||
+#ifndef PR_SPEC_DISABLE_NOEXEC
|
||||
+# define PR_SPEC_DISABLE_NOEXEC (1UL << 4)
|
||||
+#endif
|
||||
+
|
||||
+static void set_speculation() __attribute__((constructor));
|
||||
+static void set_speculation() {
|
||||
+ if ( prctl(PR_SET_SPECULATION_CTRL,
|
||||
+ PR_SPEC_STORE_BYPASS,
|
||||
+ PR_SPEC_DISABLE_NOEXEC, 0, 0) == 0 ) {
|
||||
+ return;
|
||||
+ }
|
||||
+ prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_STORE_BYPASS, PR_SPEC_DISABLE, 0, 0);
|
||||
+}
|
||||
+
|
||||
+#endif // REDHAT_ALT_JAVA
|
||||
diff --git openjdk.orig/src/java.base/share/native/launcher/main.c openjdk/src/java.base/share/native/launcher/main.c
|
||||
index b734fe2ba7..79dc830765 100644
|
||||
--- openjdk.orig/src/java.base/share/native/launcher/main.c
|
||||
+++ openjdk/src/java.base/share/native/launcher/main.c
|
||||
@@ -34,6 +34,14 @@
|
||||
#include "jli_util.h"
|
||||
#include "jni.h"
|
||||
|
||||
+#ifdef REDHAT_ALT_JAVA
|
||||
+#if defined(__linux__) && defined(__x86_64__)
|
||||
+#include "alt_main.h"
|
||||
+#else
|
||||
+#warning alt-java requested but SSB mitigation not available on this platform.
|
||||
+#endif
|
||||
+#endif
|
||||
+
|
||||
#ifdef _MSC_VER
|
||||
#if _MSC_VER > 1400 && _MSC_VER < 1600
|
||||
|
||||
@ -1,12 +0,0 @@
|
||||
diff --git openjdk.orig/src/java.base/share/classes/sun/security/tools/keytool/Main.java openjdk/src/java.base/share/classes/sun/security/tools/keytool/Main.java
|
||||
--- openjdk.orig/src/java.base/share/classes/sun/security/tools/keytool/Main.java
|
||||
+++ openjdk/src/java.base/share/classes/sun/security/tools/keytool/Main.java
|
||||
@@ -1135,7 +1135,7 @@
|
||||
}
|
||||
} else if (command == GENKEYPAIR) {
|
||||
if (keyAlgName == null) {
|
||||
- keyAlgName = "DSA";
|
||||
+ keyAlgName = "RSA";
|
||||
}
|
||||
doGenKeyPair(alias, dname, keyAlgName, keysize, groupName, sigAlgName);
|
||||
kssave = true;
|
||||
@ -1,19 +0,0 @@
|
||||
Remove uses of FAR in jpeg code
|
||||
|
||||
Upstream libjpeg-trubo removed the (empty) FAR macro:
|
||||
http://sourceforge.net/p/libjpeg-turbo/code/1312/
|
||||
|
||||
Adjust our code to not use the undefined FAR macro anymore.
|
||||
|
||||
diff --git a/jdk/src/java.desktop/share/native/libjavajpeg/imageioJPEG.c b/jdk/src/java.desktop/share/native/libjavajpeg/imageioJPEG.c
|
||||
--- openjdk/src/java.desktop/share/native/libjavajpeg/imageioJPEG.c
|
||||
+++ openjdk/src/java.desktop/share/native/libjavajpeg/imageioJPEG.c
|
||||
@@ -1385,7 +1385,7 @@
|
||||
/* and fill it in */
|
||||
dst_ptr = icc_data;
|
||||
for (seq_no = first; seq_no < last; seq_no++) {
|
||||
- JOCTET FAR *src_ptr = icc_markers[seq_no]->data + ICC_OVERHEAD_LEN;
|
||||
+ JOCTET *src_ptr = icc_markers[seq_no]->data + ICC_OVERHEAD_LEN;
|
||||
unsigned int length =
|
||||
icc_markers[seq_no]->data_length - ICC_OVERHEAD_LEN;
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
1
dead.package
Normal file
1
dead.package
Normal file
@ -0,0 +1 @@
|
||||
java-11-openjdk package is retired on branch c10s for BAKERY-412
|
||||
Loading…
Reference in New Issue
Block a user