rpms/java-17-openjdk
7
0
Fork 0
Code Issues Pull Requests Releases Activity
5624b80cb1
java-17-openjdk/TestSecurityProperties.java

44 lines
1.8 KiB
Java
Raw Normal View History

Import java-17-openjdk - Update to jdk-17+35, also known as jdk-17-ga. - Remove boot JDKs in favour of OpenJDK 17 build now in the buildroot. - Update buildjdkver to 17 so as to build with itself - Add possibility to disable system crypto policy - Add PR3695 to allow the system crypto policy to be turned off - Re-enable TestSecurityProperties after inclusion of PR3695 - Added gating.yaml - Fix patch rh1648249-add_commented_out_nss_cfg_provider_to_java_security.patch - Use the "reverse" build loop (debug first) as the main and only build loop to get more diagnostics. - Remove restriction on disabling product build, as debug packages no longer have javadoc packages. - Update to jdk-17+33, including JDWP fix and July 2021 CPU - Support the FIPS mode crypto policy (RH1655466) - Update RH1655466 FIPS patch with changes in OpenJDK 8 version. - SunPKCS11 runtime provider name is a concatenation of "SunPKCS11-" and the name in the config file. - Change nss.fips.cfg config name to "NSS-FIPS" to avoid confusion with nss.cfg. - No need to substitute path to nss.fips.cfg as java.security file supports a java.home variable. - Disable FIPS mode support unless com.redhat.fips is set to "true". - Use appropriate keystore types when in FIPS mode (RH1818909) - Enable alignment with FIPS crypto policy by default (-Dcom.redhat.fips=false to disable). - Disable TLSv1.3 when the FIPS crypto policy and the NSS-FIPS provider are in use (RH1860986) - Add explicit runtime dependency on NSS for the PKCS11 provider in FIPS mode - Move setup of JavaSecuritySystemConfiguratorAccess to Security class so it always occurs (RH1915071) - Detect FIPS using SECMOD_GetSystemFIPSEnabled in the new libsystemconf JDK library. - Minor code cleanups on FIPS detection patch and check for SECMOD_GetSystemFIPSEnabled in configure. - Remove unneeded Requires on NSS as it will now be dynamically linked and detected by RPM. - Add patch to disable non-FIPS crypto in the SUN and SunEC security providers. - Add patch to login to the NSS software token when in FIPS mode. - Fix unused function compiler warning found in systemconf.c - Extend the default security policy to accomodate PKCS11 accessing jdk.internal.access. - Add JDK-8272332 fix so we actually link against HarfBuzz. - Update release notes to document the major changes between OpenJDK 11 & 17. - Add FIPS patch to allow plain key import. - Allow plain key import to be disabled with -Dcom.redhat.fips.plainKeySupport=false - Patch syslookup.c so it actually has some code to be compiled into libsyslookup - alternatives creation moved to posttrans - Set LTS designator on RHEL, but not Fedora or EPEL. Related: RHEL-45216
2020-12-10 15:04:50 +00:00
import java.io.File;
import java.io.FileInputStream;
import java.security.Security;
import java.util.Properties;
public class TestSecurityProperties {
// JDK 11
private static final String JDK_PROPS_FILE_JDK_11 = System.getProperty("java.home") + "/conf/security/java.security";
// JDK 8
private static final String JDK_PROPS_FILE_JDK_8 = System.getProperty("java.home") + "/lib/security/java.security";
public static void main(String[] args) {
Properties jdkProps = new Properties();
loadProperties(jdkProps);
for (Object key: jdkProps.keySet()) {
String sKey = (String)key;
String securityVal = Security.getProperty(sKey);
String jdkSecVal = jdkProps.getProperty(sKey);
if (!securityVal.equals(jdkSecVal)) {
String msg = "Expected value '" + jdkSecVal + "' for key '" +
sKey + "'" + " but got value '" + securityVal + "'";
throw new RuntimeException("Test failed! " + msg);
} else {
System.out.println("DEBUG: " + sKey + " = " + jdkSecVal + " as expected.");
}
}
System.out.println("TestSecurityProperties PASSED!");
}
private static void loadProperties(Properties props) {
String javaVersion = System.getProperty("java.version");
System.out.println("Debug: Java version is " + javaVersion);
String propsFile = JDK_PROPS_FILE_JDK_11;
if (javaVersion.startsWith("1.8.0")) {
propsFile = JDK_PROPS_FILE_JDK_8;
}
try (FileInputStream fin = new FileInputStream(new File(propsFile))) {
props.load(fin);
} catch (Exception e) {
throw new RuntimeException("Test failed!", e);
}
}
}
Reference in New Issue Copy Permalink