Compare commits

...

No commits in common. "c8" and "c8-beta" have entirely different histories.
c8 ... c8-beta

10 changed files with 4809 additions and 5970 deletions

2
.gitignore vendored
View File

@ -1,2 +1,2 @@
SOURCES/openjdk-jdk11u-jdk-11.0.25+9.tar.xz
SOURCES/openjdk-jdk11u-jdk-11.0.18+9-4curve.tar.xz
SOURCES/tapsets-icedtea-6.0.0pre00-c848b93a8598.tar.xz

View File

@ -1,2 +1,2 @@
5fd3e49485572a2ac8c350503d872a624c59ddb2 SOURCES/openjdk-jdk11u-jdk-11.0.25+9.tar.xz
99b83c6bd4a99a9763594c4e3f661b983af6e031 SOURCES/openjdk-jdk11u-jdk-11.0.18+9-4curve.tar.xz
c8281ee37b77d535c9c1af86609a531958ff7b34 SOURCES/tapsets-icedtea-6.0.0pre00-c848b93a8598.tar.xz

4254
SOURCES/NEWS Normal file

File diff suppressed because it is too large Load Diff

View File

@ -1,39 +0,0 @@
OpenJDK 11 is a Long-Term Support (LTS) release of the Java platform.
For a list of major changes from OpenJDK 8 (java-1.8.0-openjdk), see
the upstream release page for OpenJDK 11 and the preceding interim
releases:
* 9: https://openjdk.org/projects/jdk9/
* 10: https://openjdk.java.net/projects/jdk/10/
* 11: https://openjdk.java.net/projects/jdk/11/
# Rebuilding the OpenJDK package
The OpenJDK packages are now created from a single build which is then
packaged for different major versions of Red Hat Enterprise Linux
(RHEL). This allows the OpenJDK team to focus their efforts on the
development and testing of this single build, rather than having
multiple builds which only differ by the platform they were built on.
This does make rebuilding the package slightly more complicated than a
normal package. Modifications should be made to the
`java-11-openjdk-portable.specfile` file, which can be found with this
README file in the source RPM or installed in the documentation tree
by the `java-11-openjdk-headless` RPM.
Once the modified `java-11-openjdk-portable` RPMs are built, they
should be installed and will produce a number of tarballs in the
`/usr/lib/jvm` directory. The `java-11-openjdk` RPMs can then be
built, which will use these tarballs to create the usual RPMs found in
RHEL. The `java-11-openjdk-portable` RPMs can be uninstalled once the
desired final RPMs are produced.
Note that the `java-11-openjdk.spec` file has a hard requirement on
the exact version of java-11-openjdk-portable to use, so this will
need to be modified if the version or rpmrelease values are changed in
`java-11-openjdk-portable.specfile`.
To reduce the number of RPMs involved, the `fastdebug` and `slowdebug`
builds may be disabled using `--without fastdebug` and `--without
slowdebug`.

View File

@ -1,5 +1,5 @@
diff --git a/make/autoconf/libraries.m4 b/make/autoconf/libraries.m4
index 16e906bdc6..1a352e5a32 100644
index a73c0f38181..80710886ed8 100644
--- a/make/autoconf/libraries.m4
+++ b/make/autoconf/libraries.m4
@@ -101,6 +101,7 @@ AC_DEFUN_ONCE([LIB_SETUP_LIBRARIES],
@ -74,10 +74,10 @@ index 16e906bdc6..1a352e5a32 100644
+ AC_SUBST(USE_SYSCONF_NSS)
+])
diff --git a/make/autoconf/spec.gmk.in b/make/autoconf/spec.gmk.in
index 3787b12600..dab108a82b 100644
index 0ae23b93167..a242acc1234 100644
--- a/make/autoconf/spec.gmk.in
+++ b/make/autoconf/spec.gmk.in
@@ -848,6 +848,10 @@ INSTALL_SYSCONFDIR=@sysconfdir@
@@ -826,6 +826,10 @@ INSTALL_SYSCONFDIR=@sysconfdir@
# Libraries
#
@ -89,10 +89,10 @@ index 3787b12600..dab108a82b 100644
LCMS_CFLAGS:=@LCMS_CFLAGS@
LCMS_LIBS:=@LCMS_LIBS@
diff --git a/make/lib/Lib-java.base.gmk b/make/lib/Lib-java.base.gmk
index b40d3114b9..0d1d83cf3e 100644
index a529768f39e..daf9c947172 100644
--- a/make/lib/Lib-java.base.gmk
+++ b/make/lib/Lib-java.base.gmk
@@ -178,6 +178,31 @@ ifeq ($(call isTargetOsType, unix), true)
@@ -178,6 +178,31 @@ ifeq ($(OPENJDK_TARGET_OS_TYPE), unix)
endif
endif
@ -125,7 +125,7 @@ index b40d3114b9..0d1d83cf3e 100644
# Create the symbols file for static builds.
diff --git a/make/nb_native/nbproject/configurations.xml b/make/nb_native/nbproject/configurations.xml
index fb07d54c1f..c5813e2b7a 100644
index fb07d54c1f0..c5813e2b7aa 100644
--- a/make/nb_native/nbproject/configurations.xml
+++ b/make/nb_native/nbproject/configurations.xml
@@ -2950,6 +2950,9 @@
@ -151,7 +151,7 @@ index fb07d54c1f..c5813e2b7a 100644
ex="false"
tool="3"
diff --git a/make/scripts/compare_exceptions.sh.incl b/make/scripts/compare_exceptions.sh.incl
index 6327040964..6b3780123b 100644
index 6327040964d..6b3780123b6 100644
--- a/make/scripts/compare_exceptions.sh.incl
+++ b/make/scripts/compare_exceptions.sh.incl
@@ -179,6 +179,7 @@ if [ "$OPENJDK_TARGET_OS" = "solaris" ] && [ "$OPENJDK_TARGET_CPU" = "x86_64" ];
@ -172,7 +172,7 @@ index 6327040964..6b3780123b 100644
./lib/libzip.so
diff --git a/src/java.base/linux/native/libsystemconf/systemconf.c b/src/java.base/linux/native/libsystemconf/systemconf.c
new file mode 100644
index 0000000000..8dcb7d9073
index 00000000000..8dcb7d9073f
--- /dev/null
+++ b/src/java.base/linux/native/libsystemconf/systemconf.c
@@ -0,0 +1,224 @@
@ -401,7 +401,7 @@ index 0000000000..8dcb7d9073
+ }
+}
diff --git a/src/java.base/share/classes/java/security/Security.java b/src/java.base/share/classes/java/security/Security.java
index 5b9552058b..b46de49211 100644
index b36510a376b..ad5182e1e7c 100644
--- a/src/java.base/share/classes/java/security/Security.java
+++ b/src/java.base/share/classes/java/security/Security.java
@@ -32,6 +32,7 @@ import java.net.URL;
@ -412,17 +412,16 @@ index 5b9552058b..b46de49211 100644
import jdk.internal.misc.SharedSecrets;
import jdk.internal.util.StaticProperty;
import sun.security.util.Debug;
@@ -47,6 +48,9 @@ import sun.security.jca.*;
@@ -47,12 +48,20 @@ import sun.security.jca.*;
* implementation-specific location, which is typically the properties file
* {@code conf/security/java.security} in the Java installation directory.
*
+ * <p>Additional default values of security properties are read from a
+ * system-specific location, if available.</p>
+ *
* @implNote If the properties file fails to load, the JDK implementation will
* throw an unspecified error when initializing the {@code Security} class.
*
@@ -56,6 +60,11 @@ import sun.security.jca.*;
* @author Benjamin Renaud
* @since 1.1
*/
public final class Security {
@ -434,7 +433,7 @@ index 5b9552058b..b46de49211 100644
/* Are we debugging? -- for developers */
private static final Debug sdebug =
Debug.getInstance("properties");
@@ -70,6 +79,19 @@ public final class Security {
@@ -67,6 +76,19 @@ public final class Security {
}
static {
@ -454,19 +453,26 @@ index 5b9552058b..b46de49211 100644
// doPrivileged here because there are multiple
// things in initialize that might require privs.
// (the FileInputStream call and the File.exists call,
@@ -85,6 +107,7 @@ public final class Security {
private static void initialize() {
@@ -83,6 +105,7 @@ public final class Security {
props = new Properties();
boolean loadedProps = false;
boolean overrideAll = false;
+ boolean systemSecPropsEnabled = false;
// first load the system properties file
// to determine the value of security.overridePropertiesFile
@@ -105,9 +128,63 @@ public final class Security {
@@ -98,6 +121,7 @@ public final class Security {
if (sdebug != null) {
sdebug.println("reading security properties file: " +
propFile);
+ sdebug.println(props.toString());
}
} catch (IOException e) {
if (sdebug != null) {
@@ -192,6 +216,61 @@ public final class Security {
}
loadProps(null, extraPropFile, overrideAll);
}
+
+ boolean sysUseProps = Boolean.valueOf(System.getProperty(SYS_PROP_SWITCH, "false"));
+ boolean secUseProps = Boolean.valueOf(props.getProperty(SEC_PROP_SWITCH));
+ if (sdebug != null) {
@ -486,7 +492,9 @@ index 5b9552058b..b46de49211 100644
+ }
+ }
+
+ if (systemSecPropsEnabled) {
+ // FIPS support depends on the contents of java.security so
+ // ensure it has loaded first
+ if (loadedProps && systemSecPropsEnabled) {
+ boolean shouldEnable;
+ String sysProp = System.getProperty("com.redhat.fips");
+ if (sysProp == null) {
@ -522,19 +530,15 @@ index 5b9552058b..b46de49211 100644
+ }
}
- private static boolean loadProps(File masterFile, String extraPropFile, boolean overrideAll) {
+ static boolean loadProps(File masterFile, String extraPropFile, boolean overrideAll) {
InputStream is = null;
try {
if (masterFile != null && masterFile.exists()) {
/*
diff --git a/src/java.base/share/classes/java/security/SystemConfigurator.java b/src/java.base/share/classes/java/security/SystemConfigurator.java
new file mode 100644
index 0000000000..49bf17ea17
index 00000000000..90f6dd2ebc0
--- /dev/null
+++ b/src/java.base/share/classes/java/security/SystemConfigurator.java
@@ -0,0 +1,231 @@
@@ -0,0 +1,248 @@
+/*
+ * Copyright (c) 2019, 2023, Red Hat, Inc.
+ * Copyright (c) 2019, 2021, Red Hat, Inc.
+ *
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
@ -612,9 +616,26 @@ index 0000000000..49bf17ea17
+ * security.useSystemPropertiesFile is true.
+ */
+ static boolean configureSysProps(Properties props) {
+ // now load the system file, if it exists, so its values
+ // will win if they conflict with the earlier values
+ return Security.loadProps(null, CRYPTO_POLICIES_JAVA_CONFIG, false);
+ boolean systemSecPropsLoaded = false;
+
+ try (BufferedInputStream bis =
+ new BufferedInputStream(
+ new FileInputStream(CRYPTO_POLICIES_JAVA_CONFIG))) {
+ props.load(bis);
+ systemSecPropsLoaded = true;
+ if (sdebug != null) {
+ sdebug.println("reading system security properties file " +
+ CRYPTO_POLICIES_JAVA_CONFIG);
+ sdebug.println(props.toString());
+ }
+ } catch (IOException e) {
+ if (sdebug != null) {
+ sdebug.println("unable to load security properties from " +
+ CRYPTO_POLICIES_JAVA_CONFIG);
+ e.printStackTrace();
+ }
+ }
+ return systemSecPropsLoaded;
+ }
+
+ /*
@ -766,7 +787,7 @@ index 0000000000..49bf17ea17
+}
diff --git a/src/java.base/share/classes/jdk/internal/misc/JavaSecuritySystemConfiguratorAccess.java b/src/java.base/share/classes/jdk/internal/misc/JavaSecuritySystemConfiguratorAccess.java
new file mode 100644
index 0000000000..21bc6d0b59
index 00000000000..21bc6d0b591
--- /dev/null
+++ b/src/java.base/share/classes/jdk/internal/misc/JavaSecuritySystemConfiguratorAccess.java
@@ -0,0 +1,31 @@
@ -802,7 +823,7 @@ index 0000000000..21bc6d0b59
+ boolean isPlainKeySupportEnabled();
+}
diff --git a/src/java.base/share/classes/jdk/internal/misc/SharedSecrets.java b/src/java.base/share/classes/jdk/internal/misc/SharedSecrets.java
index 688ec9f091..8489b940c4 100644
index 688ec9f0915..8489b940c43 100644
--- a/src/java.base/share/classes/jdk/internal/misc/SharedSecrets.java
+++ b/src/java.base/share/classes/jdk/internal/misc/SharedSecrets.java
@@ -36,6 +36,7 @@ import java.io.FilePermission;
@ -838,7 +859,7 @@ index 688ec9f091..8489b940c4 100644
+ }
}
diff --git a/src/java.base/share/classes/module-info.java b/src/java.base/share/classes/module-info.java
index 7351627db3..859591890d 100644
index 5460efcf8c5..f08dc2fafc5 100644
--- a/src/java.base/share/classes/module-info.java
+++ b/src/java.base/share/classes/module-info.java
@@ -182,6 +182,7 @@ module java.base {
@ -850,7 +871,7 @@ index 7351627db3..859591890d 100644
jdk.attach,
jdk.charsets,
diff --git a/src/java.base/share/classes/sun/security/ssl/KeyManagerFactoryImpl.java b/src/java.base/share/classes/sun/security/ssl/KeyManagerFactoryImpl.java
index ffee2c1603..ff3d5e0e4a 100644
index ffee2c1603b..ff3d5e0e4ab 100644
--- a/src/java.base/share/classes/sun/security/ssl/KeyManagerFactoryImpl.java
+++ b/src/java.base/share/classes/sun/security/ssl/KeyManagerFactoryImpl.java
@@ -33,8 +33,13 @@ import java.security.KeyStore.*;
@ -889,7 +910,7 @@ index ffee2c1603..ff3d5e0e4a 100644
"FIPS mode: KeyStore must be " +
"from provider " + SunJSSE.cryptoProvider.getName());
diff --git a/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java b/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java
index e06b2a588c..315a2ce370 100644
index de7da5c3379..5c3813dda7b 100644
--- a/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java
+++ b/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java
@@ -31,6 +31,7 @@ import java.security.*;
@ -910,14 +931,6 @@ index e06b2a588c..315a2ce370 100644
- ProtocolVersion.TLS11,
- ProtocolVersion.TLS10
- );
-
- serverDefaultProtocols = getAvailableProtocols(
- new ProtocolVersion[] {
- ProtocolVersion.TLS13,
- ProtocolVersion.TLS12,
- ProtocolVersion.TLS11,
- ProtocolVersion.TLS10
- });
+ if (SharedSecrets.getJavaSecuritySystemConfiguratorAccess()
+ .isSystemFipsEnabled()) {
+ // RH1860986: TLSv1.3 key derivation not supported with
@ -927,7 +940,14 @@ index e06b2a588c..315a2ce370 100644
+ ProtocolVersion.TLS11,
+ ProtocolVersion.TLS10
+ );
+
- serverDefaultProtocols = getAvailableProtocols(
- new ProtocolVersion[] {
- ProtocolVersion.TLS13,
- ProtocolVersion.TLS12,
- ProtocolVersion.TLS11,
- ProtocolVersion.TLS10
- });
+ serverDefaultProtocols = getAvailableProtocols(
+ new ProtocolVersion[] {
+ ProtocolVersion.TLS12,
@ -953,68 +973,42 @@ index e06b2a588c..315a2ce370 100644
} else {
supportedProtocols = Arrays.asList(
ProtocolVersion.TLS13,
@@ -910,12 +929,23 @@ public abstract class SSLContextImpl extends SSLContextSpi {
if (client) {
// default client protocols
if (SunJSSE.isFIPS()) {
- candidates = new ProtocolVersion[] {
- ProtocolVersion.TLS13,
- ProtocolVersion.TLS12,
- ProtocolVersion.TLS11,
- ProtocolVersion.TLS10
- };
+ if (SharedSecrets.getJavaSecuritySystemConfiguratorAccess()
+ .isSystemFipsEnabled()) {
+ // RH1860986: TLSv1.3 key derivation not supported with
+ // the Security Providers available in system FIPS mode.
+ candidates = new ProtocolVersion[] {
+ ProtocolVersion.TLS12,
+ ProtocolVersion.TLS11,
+ ProtocolVersion.TLS10
+ };
+ } else {
+ candidates = new ProtocolVersion[] {
+ ProtocolVersion.TLS13,
+ ProtocolVersion.TLS12,
+ ProtocolVersion.TLS11,
+ ProtocolVersion.TLS10
+ };
+ }
} else {
candidates = new ProtocolVersion[] {
ProtocolVersion.TLS13,
@@ -927,12 +957,23 @@ public abstract class SSLContextImpl extends SSLContextSpi {
} else {
// default server protocols
if (SunJSSE.isFIPS()) {
- candidates = new ProtocolVersion[] {
- ProtocolVersion.TLS13,
- ProtocolVersion.TLS12,
- ProtocolVersion.TLS11,
- ProtocolVersion.TLS10
- };
+ if (SharedSecrets.getJavaSecuritySystemConfiguratorAccess()
+ .isSystemFipsEnabled()) {
+ // RH1860986: TLSv1.3 key derivation not supported with
+ // the Security Providers available in system FIPS mode.
+ candidates = new ProtocolVersion[] {
+ ProtocolVersion.TLS12,
+ ProtocolVersion.TLS11,
+ ProtocolVersion.TLS10
+ };
+ } else {
+ candidates = new ProtocolVersion[] {
+ ProtocolVersion.TLS13,
+ ProtocolVersion.TLS12,
+ ProtocolVersion.TLS11,
+ ProtocolVersion.TLS10
+ };
+ }
} else {
candidates = new ProtocolVersion[] {
ProtocolVersion.TLS13,
@@ -620,6 +639,16 @@ public abstract class SSLContextImpl extends SSLContextSpi {
static ProtocolVersion[] getSupportedProtocols() {
if (SunJSSE.isFIPS()) {
+ if (SharedSecrets.getJavaSecuritySystemConfiguratorAccess()
+ .isSystemFipsEnabled()) {
+ // RH1860986: TLSv1.3 key derivation not supported with
+ // the Security Providers available in system FIPS mode.
+ return new ProtocolVersion[] {
+ ProtocolVersion.TLS12,
+ ProtocolVersion.TLS11,
+ ProtocolVersion.TLS10
+ };
+ }
return new ProtocolVersion[] {
ProtocolVersion.TLS13,
ProtocolVersion.TLS12,
@@ -949,6 +978,16 @@ public abstract class SSLContextImpl extends SSLContextSpi {
static ProtocolVersion[] getProtocols() {
if (SunJSSE.isFIPS()) {
+ if (SharedSecrets.getJavaSecuritySystemConfiguratorAccess()
+ .isSystemFipsEnabled()) {
+ // RH1860986: TLSv1.3 key derivation not supported with
+ // the Security Providers available in system FIPS mode.
+ return new ProtocolVersion[] {
+ ProtocolVersion.TLS12,
+ ProtocolVersion.TLS11,
+ ProtocolVersion.TLS10
+ };
+ }
return new ProtocolVersion[]{
ProtocolVersion.TLS13,
ProtocolVersion.TLS12,
diff --git a/src/java.base/share/classes/sun/security/ssl/SunJSSE.java b/src/java.base/share/classes/sun/security/ssl/SunJSSE.java
index 2a2b5d7568..891796f19b 100644
index c50ba93ecfc..de2a91a478c 100644
--- a/src/java.base/share/classes/sun/security/ssl/SunJSSE.java
+++ b/src/java.base/share/classes/sun/security/ssl/SunJSSE.java
@@ -27,6 +27,8 @@ package sun.security.ssl;
@ -1025,7 +1019,7 @@ index 2a2b5d7568..891796f19b 100644
+import jdk.internal.misc.SharedSecrets;
import sun.security.rsa.SunRsaSignEntries;
import static sun.security.util.SecurityConstants.PROVIDER_VER;
import static sun.security.util.SecurityProviderConstants.*;
import static sun.security.provider.SunEntries.createAliases;
@@ -195,8 +197,13 @@ public abstract class SunJSSE extends java.security.Provider {
"sun.security.ssl.SSLContextImpl$TLS11Context", null, null);
ps("SSLContext", "TLSv1.2",
@ -1041,12 +1035,12 @@ index 2a2b5d7568..891796f19b 100644
+ }
ps("SSLContext", "TLS",
"sun.security.ssl.SSLContextImpl$TLSContext",
(isfips? null : List.of("SSL")), null);
(isfips? null : createAliases("SSL")), null);
diff --git a/src/java.base/share/conf/security/java.security b/src/java.base/share/conf/security/java.security
index c0eed3f884..b03bd9f896 100644
index 097517926d1..474fe6f401f 100644
--- a/src/java.base/share/conf/security/java.security
+++ b/src/java.base/share/conf/security/java.security
@@ -88,6 +88,14 @@ security.provider.tbd=Apple
@@ -85,6 +85,14 @@ security.provider.tbd=Apple
security.provider.tbd=SunPKCS11
#endif
@ -1061,7 +1055,7 @@ index c0eed3f884..b03bd9f896 100644
#
# A list of preferred providers for specific algorithms. These providers will
# be searched for matching algorithms before the list of registered providers.
@@ -301,6 +309,11 @@ policy.ignoreIdentityScope=false
@@ -298,6 +306,11 @@ policy.ignoreIdentityScope=false
#
keystore.type=pkcs12
@ -1073,7 +1067,7 @@ index c0eed3f884..b03bd9f896 100644
#
# Controls compatibility mode for JKS and PKCS12 keystore types.
#
@@ -338,6 +351,13 @@ package.definition=sun.misc.,\
@@ -335,6 +348,13 @@ package.definition=sun.misc.,\
#
security.overridePropertiesFile=true
@ -1089,7 +1083,7 @@ index c0eed3f884..b03bd9f896 100644
# the javax.net.ssl package.
diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/FIPSKeyImporter.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/FIPSKeyImporter.java
new file mode 100644
index 0000000000..b848a1fd78
index 00000000000..b848a1fd783
--- /dev/null
+++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/FIPSKeyImporter.java
@@ -0,0 +1,290 @@
@ -1384,7 +1378,7 @@ index 0000000000..b848a1fd78
+ }
+}
diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java
index ffbd671246..bdaad67e06 100644
index 099caac605f..977e5332bd1 100644
--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java
+++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java
@@ -26,6 +26,9 @@
@ -1406,7 +1400,7 @@ index ffbd671246..bdaad67e06 100644
import sun.security.util.Debug;
import sun.security.util.ResourcesMgr;
import static sun.security.util.SecurityConstants.PROVIDER_VER;
@@ -61,6 +66,29 @@ import static sun.security.pkcs11.wrapper.PKCS11Constants.*;
@@ -60,6 +65,29 @@ import static sun.security.pkcs11.wrapper.PKCS11Constants.*;
*/
public final class SunPKCS11 extends AuthProvider {
@ -1436,7 +1430,7 @@ index ffbd671246..bdaad67e06 100644
private static final long serialVersionUID = -1354835039035306505L;
static final Debug debug = Debug.getInstance("sunpkcs11");
@@ -318,10 +346,15 @@ public final class SunPKCS11 extends AuthProvider {
@@ -317,10 +345,15 @@ public final class SunPKCS11 extends AuthProvider {
// request multithreaded access first
initArgs.flags = CKF_OS_LOCKING_OK;
PKCS11 tmpPKCS11;
@ -1453,7 +1447,7 @@ index ffbd671246..bdaad67e06 100644
} catch (PKCS11Exception e) {
if (debug != null) {
debug.println("Multi-threaded initialization failed: " + e);
@@ -337,7 +370,7 @@ public final class SunPKCS11 extends AuthProvider {
@@ -336,7 +369,7 @@ public final class SunPKCS11 extends AuthProvider {
initArgs.flags = 0;
}
tmpPKCS11 = PKCS11.getInstance(library,
@ -1462,7 +1456,7 @@ index ffbd671246..bdaad67e06 100644
}
p11 = tmpPKCS11;
@@ -377,6 +410,24 @@ public final class SunPKCS11 extends AuthProvider {
@@ -376,6 +409,24 @@ public final class SunPKCS11 extends AuthProvider {
if (nssModule != null) {
nssModule.setProvider(this);
}
@ -1488,7 +1482,7 @@ index ffbd671246..bdaad67e06 100644
if (config.getHandleStartupErrors() == Config.ERR_IGNORE_ALL) {
throw new UnsupportedOperationException
diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java
index 04a369f453..f033fe4759 100644
index 04a369f453c..f033fe47593 100644
--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java
+++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java
@@ -49,6 +49,7 @@ package sun.security.pkcs11.wrapper;

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,20 @@
--- openjdk/src/java.base/share/conf/security/java.security
+++ openjdk/src/java.base/share/conf/security/java.security
@@ -304,6 +304,8 @@
#
package.access=sun.misc.,\
sun.reflect.,\
+ org.GNOME.Accessibility.,\
+ org.GNOME.Bonobo.,\
#
# List of comma-separated packages that start with or equal this string
@@ -316,6 +318,8 @@
#
package.definition=sun.misc.,\
sun.reflect.,\
+ org.GNOME.Accessibility.,\
+ org.GNOME.Bonobo.,\
#
# Determines whether this properties file can be appended to

View File

@ -1,8 +1,7 @@
diff --git openjdk.orig/make/launcher/Launcher-java.base.gmk openjdk/make/launcher/Launcher-java.base.gmk
index a8990dd0ef..320fec6e51 100644
--- openjdk.orig/make/launcher/Launcher-java.base.gmk
+++ openjdk/make/launcher/Launcher-java.base.gmk
@@ -41,6 +41,16 @@ $(eval $(call SetupBuildLauncher, java, \
diff -r 1356affa5e44 make/launcher/Launcher-java.base.gmk
--- openjdk/make/launcher/Launcher-java.base.gmk Wed Nov 25 08:27:15 2020 +0100
+++ openjdk/make/launcher/Launcher-java.base.gmk Tue Dec 01 12:29:30 2020 +0100
@@ -41,6 +41,16 @@
OPTIMIZATION := HIGH, \
))
@ -16,14 +15,13 @@ index a8990dd0ef..320fec6e51 100644
+ OPTIMIZATION := HIGH, \
+))
+
ifeq ($(call isTargetOs, windows), true)
ifeq ($(OPENJDK_TARGET_OS), windows)
$(eval $(call SetupBuildLauncher, javaw, \
CFLAGS := -DJAVAW -DEXPAND_CLASSPATH_WILDCARDS -DENABLE_ARG_FILES, \
diff --git openjdk.orig/src/java.base/share/native/launcher/alt_main.h openjdk/src/java.base/share/native/launcher/alt_main.h
new file mode 100644
index 0000000000..697df2898a
--- /dev/null
+++ openjdk/src/java.base/share/native/launcher/alt_main.h
diff -r 25e94aa812b2 src/share/bin/alt_main.h
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ openjdk/src/java.base/share/native/launcher/alt_main.h Tue Jun 02 17:15:28 2020 +0100
@@ -0,0 +1,73 @@
+/*
+ * Copyright (c) 2019, Red Hat, Inc. All rights reserved.
@ -98,10 +96,9 @@ index 0000000000..697df2898a
+}
+
+#endif // REDHAT_ALT_JAVA
diff --git openjdk.orig/src/java.base/share/native/launcher/main.c openjdk/src/java.base/share/native/launcher/main.c
index b734fe2ba7..79dc830765 100644
--- openjdk.orig/src/java.base/share/native/launcher/main.c
+++ openjdk/src/java.base/share/native/launcher/main.c
diff -r 25e94aa812b2 src/share/bin/main.c
--- openjdk/src/java.base/share/native/launcher/main.c Wed Feb 05 12:20:36 2020 -0300
+++ openjdk/src/java.base/share/native/launcher/main.c Tue Jun 02 17:15:28 2020 +0100
@@ -34,6 +34,14 @@
#include "jli_util.h"
#include "jni.h"

File diff suppressed because it is too large Load Diff