From e34867dde798bf611dc693af4ab4efc0dc893ed9 Mon Sep 17 00:00:00 2001 From: Andrew Hughes Date: Tue, 15 Aug 2023 18:09:33 +0100 Subject: [PATCH] Update to jdk-19.0.2 release Update release notes to 19.0.2 Rebase FIPS patches from fips-19u branch Remove references to sample directory removed by JDK-8284999 Add local patch JDK-8295447 (javac NPE) which was accepted into 19u upstream but not in the GA tag Add local patches for JDK-8296239 & JDK-8299439 (Croatia Euro update) which are present in 8u, 11u & 17u releases Related: RHEL-12996 --- .gitignore | 3 + ...cc7271.patch => fips-19u-d95bb40c7c8.patch | 122 +++++++++--------- java-21-openjdk-portable.specfile | 41 ++++-- java-21-openjdk.spec | 44 ++++--- jdk8295447-npe_in_constructor.patch | 97 ++++++++++++++ jdk8296239-iso4217_up174.patch | 79 ++++++++++++ jdk8299439-test_for_hr.patch | 63 +++++++++ sources | 2 +- 8 files changed, 363 insertions(+), 88 deletions(-) rename fips-18u-60131cc7271.patch => fips-19u-d95bb40c7c8.patch (98%) create mode 100644 jdk8295447-npe_in_constructor.patch create mode 100644 jdk8296239-iso4217_up174.patch create mode 100644 jdk8299439-test_for_hr.patch diff --git a/.gitignore b/.gitignore index 9cb9e7f..f081aa0 100644 --- a/.gitignore +++ b/.gitignore @@ -4,3 +4,6 @@ /openjdk-jdk18u-jdk-18.0.1+10.tar.xz /openjdk-jdk18u-jdk-18.0.1.1+2.tar.xz /openjdk-jdk18u-jdk-18.0.2+9.tar.xz +/openjdk-jdk19u-jdk-19+36.tar.xz +/openjdk-jdk19u-jdk-19.0.1+10.tar.xz +/openjdk-jdk19u-jdk-19.0.2+7.tar.xz diff --git a/fips-18u-60131cc7271.patch b/fips-19u-d95bb40c7c8.patch similarity index 98% rename from fips-18u-60131cc7271.patch rename to fips-19u-d95bb40c7c8.patch index f807876..838f115 100644 --- a/fips-18u-60131cc7271.patch +++ b/fips-19u-d95bb40c7c8.patch @@ -89,30 +89,30 @@ index 00000000000..b2b1c1787da + AC_SUBST(USE_SYSCONF_NSS) +]) diff --git a/make/autoconf/libraries.m4 b/make/autoconf/libraries.m4 -index 8e4012910d8..f2a178b5734 100644 +index 7a1d8d80bb2..1807cb71073 100644 --- a/make/autoconf/libraries.m4 +++ b/make/autoconf/libraries.m4 -@@ -33,6 +33,7 @@ m4_include([lib-std.m4]) +@@ -35,6 +35,7 @@ m4_include([lib-std.m4]) m4_include([lib-x11.m4]) - m4_include([lib-fontconfig.m4]) + m4_include([lib-tests.m4]) +m4_include([lib-sysconf.m4]) ################################################################################ # Determine which libraries are needed for this configuration -@@ -102,6 +103,7 @@ AC_DEFUN_ONCE([LIB_SETUP_LIBRARIES], - LIB_SETUP_BUNDLED_LIBS - LIB_SETUP_MISC_LIBS +@@ -107,6 +108,7 @@ AC_DEFUN_ONCE([LIB_SETUP_LIBRARIES], + LIB_SETUP_X11 + LIB_TESTS_SETUP_GTEST + LIB_SETUP_SYSCONF_LIBS BASIC_JDKLIB_LIBS="" if test "x$TOOLCHAIN_TYPE" != xmicrosoft; then diff --git a/make/autoconf/spec.gmk.in b/make/autoconf/spec.gmk.in -index bc13f30e5f1..04cb12f2763 100644 +index 8908a5deb3c..2fce35f5b2d 100644 --- a/make/autoconf/spec.gmk.in +++ b/make/autoconf/spec.gmk.in -@@ -843,6 +843,10 @@ INSTALL_SYSCONFDIR=@sysconfdir@ +@@ -854,6 +854,10 @@ INSTALL_SYSCONFDIR=@sysconfdir@ # Libraries # @@ -124,7 +124,7 @@ index bc13f30e5f1..04cb12f2763 100644 LCMS_CFLAGS:=@LCMS_CFLAGS@ LCMS_LIBS:=@LCMS_LIBS@ diff --git a/make/modules/java.base/Lib.gmk b/make/modules/java.base/Lib.gmk -index eee488607f2..3c095802426 100644 +index 0d5a6c9846c..5ca12054351 100644 --- a/make/modules/java.base/Lib.gmk +++ b/make/modules/java.base/Lib.gmk @@ -164,6 +164,31 @@ ifeq ($(call isTargetOsType, unix), true) @@ -390,7 +390,7 @@ index 00000000000..8dcb7d9073f + } +} diff --git a/src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java b/src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java -index a020e1c15d8..6d459fdec01 100644 +index 38836d2701e..324620a8e9b 100644 --- a/src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java +++ b/src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java @@ -31,6 +31,7 @@ import java.security.SecureRandom; @@ -1398,7 +1398,7 @@ index a020e1c15d8..6d459fdec01 100644 // Return the instance of this class or create one if needed. diff --git a/src/java.base/share/classes/java/security/Security.java b/src/java.base/share/classes/java/security/Security.java -index 2ee706c2448..8f4c44a1436 100644 +index 7218f536804..7be83f5eeaa 100644 --- a/src/java.base/share/classes/java/security/Security.java +++ b/src/java.base/share/classes/java/security/Security.java @@ -32,6 +32,7 @@ import java.net.URL; @@ -1458,7 +1458,7 @@ index 2ee706c2448..8f4c44a1436 100644 // first load the system properties file // to determine the value of security.overridePropertiesFile -@@ -99,6 +122,7 @@ public final class Security { +@@ -98,6 +121,7 @@ public final class Security { if (sdebug != null) { sdebug.println("reading security properties file: " + propFile); @@ -1466,7 +1466,7 @@ index 2ee706c2448..8f4c44a1436 100644 } } catch (IOException e) { if (sdebug != null) { -@@ -193,6 +217,61 @@ public final class Security { +@@ -192,6 +216,61 @@ public final class Security { } } @@ -1821,18 +1821,18 @@ index 00000000000..3f3caac64dc + boolean isPlainKeySupportEnabled(); +} diff --git a/src/java.base/share/classes/jdk/internal/access/SharedSecrets.java b/src/java.base/share/classes/jdk/internal/access/SharedSecrets.java -index 1e98e727b79..a79ae218d92 100644 +index 08e1133ffae..7d6e6b3cbc6 100644 --- a/src/java.base/share/classes/jdk/internal/access/SharedSecrets.java +++ b/src/java.base/share/classes/jdk/internal/access/SharedSecrets.java -@@ -39,6 +39,7 @@ import java.io.FilePermission; - import java.io.ObjectInputStream; +@@ -42,6 +42,7 @@ import java.io.PrintStream; + import java.io.PrintWriter; import java.io.RandomAccessFile; import java.security.ProtectionDomain; +import java.security.Security; import java.security.Signature; /** A repository of "shared secrets", which are a mechanism for -@@ -80,6 +81,7 @@ public class SharedSecrets { +@@ -87,6 +88,7 @@ public class SharedSecrets { private static JavaSecuritySpecAccess javaSecuritySpecAccess; private static JavaxCryptoSealedObjectAccess javaxCryptoSealedObjectAccess; private static JavaxCryptoSpecAccess javaxCryptoSpecAccess; @@ -1840,7 +1840,7 @@ index 1e98e727b79..a79ae218d92 100644 public static void setJavaUtilCollectionAccess(JavaUtilCollectionAccess juca) { javaUtilCollectionAccess = juca; -@@ -441,4 +443,15 @@ public class SharedSecrets { +@@ -498,4 +500,15 @@ public class SharedSecrets { MethodHandles.lookup().ensureInitialized(c); } catch (IllegalAccessException e) {} } @@ -1857,10 +1857,10 @@ index 1e98e727b79..a79ae218d92 100644 + } } diff --git a/src/java.base/share/classes/module-info.java b/src/java.base/share/classes/module-info.java -index 5fbaa8950e8..218dee0065d 100644 +index e280defabe0..724dcf76edd 100644 --- a/src/java.base/share/classes/module-info.java +++ b/src/java.base/share/classes/module-info.java -@@ -152,6 +152,8 @@ module java.base { +@@ -155,6 +155,8 @@ module java.base { java.naming, java.rmi, jdk.charsets, @@ -1868,9 +1868,9 @@ index 5fbaa8950e8..218dee0065d 100644 + jdk.crypto.ec, jdk.jartool, jdk.jlink, - jdk.net, + jdk.net; diff --git a/src/java.base/share/classes/sun/security/provider/SunEntries.java b/src/java.base/share/classes/sun/security/provider/SunEntries.java -index 912cad59714..709d32912ca 100644 +index 46d3ee8bb06..53bc4851d23 100644 --- a/src/java.base/share/classes/sun/security/provider/SunEntries.java +++ b/src/java.base/share/classes/sun/security/provider/SunEntries.java @@ -30,6 +30,7 @@ import java.net.*; @@ -1879,7 +1879,7 @@ index 912cad59714..709d32912ca 100644 +import jdk.internal.access.SharedSecrets; import jdk.internal.util.StaticProperty; - import sun.security.action.GetPropertyAction; + import sun.security.action.GetBooleanAction; import sun.security.util.SecurityProviderConstants; @@ -83,6 +84,10 @@ import static sun.security.util.SecurityProviderConstants.getAliases; @@ -2085,7 +2085,7 @@ index 912cad59714..709d32912ca 100644 /* * Algorithm Parameter Generator engines -@@ -201,40 +208,42 @@ public final class SunEntries { +@@ -201,42 +208,44 @@ public final class SunEntries { addWithAlias(p, "AlgorithmParameters", "DSA", "sun.security.provider.DSAParameters", attrs); @@ -2098,8 +2098,10 @@ index 912cad59714..709d32912ca 100644 - /* - * Digest engines - */ -- add(p, "MessageDigest", "MD2", "sun.security.provider.MD2", attrs); -- add(p, "MessageDigest", "MD5", "sun.security.provider.MD5", attrs); +- addWithAlias(p, "MessageDigest", "MD2", "sun.security.provider.MD2", +- attrs); +- addWithAlias(p, "MessageDigest", "MD5", "sun.security.provider.MD5", +- attrs); - addWithAlias(p, "MessageDigest", "SHA-1", "sun.security.provider.SHA", - attrs); + if (!systemFipsEnabled) { @@ -2132,10 +2134,12 @@ index 912cad59714..709d32912ca 100644 + /* + * Digest engines + */ -+ add(p, "MessageDigest", "MD2", "sun.security.provider.MD2", attrs); -+ add(p, "MessageDigest", "MD5", "sun.security.provider.MD5", attrs); ++ addWithAlias(p, "MessageDigest", "MD2", "sun.security.provider.MD2", ++ attrs); ++ addWithAlias(p, "MessageDigest", "MD5", "sun.security.provider.MD5", ++ attrs); + addWithAlias(p, "MessageDigest", "SHA-1", "sun.security.provider.SHA", -+ attrs); ++ attrs); + + addWithAlias(p, "MessageDigest", "SHA-224", + "sun.security.provider.SHA2$SHA224", attrs); @@ -2280,7 +2284,7 @@ index ca79f25cc44..225517ac69b 100644 "sun.security.rsa.PSSParameters", null); } diff --git a/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java b/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java -index 6ffdfeda18d..775b185fb06 100644 +index a7fc33d9ffb..cec40ba7b21 100644 --- a/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java +++ b/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java @@ -32,6 +32,7 @@ import java.security.cert.*; @@ -2408,7 +2412,7 @@ index 894e26dfad8..8b16378b96b 100644 "sun.security.ssl.SSLContextImpl$TLSContext", List.of("SSL"), null); diff --git a/src/java.base/share/conf/security/java.security b/src/java.base/share/conf/security/java.security -index 91b3a01ee57..33f9fdc6f84 100644 +index f913c981ddc..fd1d0a9e478 100644 --- a/src/java.base/share/conf/security/java.security +++ b/src/java.base/share/conf/security/java.security @@ -79,6 +79,16 @@ security.provider.tbd=Apple @@ -2455,10 +2459,10 @@ index 91b3a01ee57..33f9fdc6f84 100644 # Determines the default key and trust manager factory algorithms for # the javax.net.ssl package. diff --git a/src/java.base/share/lib/security/default.policy b/src/java.base/share/lib/security/default.policy -index b22f26947af..3ee2ce6ea88 100644 +index 20f53b1cd4c..6db2393efb8 100644 --- a/src/java.base/share/lib/security/default.policy +++ b/src/java.base/share/lib/security/default.policy -@@ -121,6 +121,7 @@ grant codeBase "jrt:/jdk.charsets" { +@@ -123,6 +123,7 @@ grant codeBase "jrt:/jdk.charsets" { grant codeBase "jrt:/jdk.crypto.ec" { permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*"; @@ -2466,7 +2470,7 @@ index b22f26947af..3ee2ce6ea88 100644 permission java.lang.RuntimePermission "loadLibrary.sunec"; permission java.security.SecurityPermission "putProviderProperty.SunEC"; permission java.security.SecurityPermission "clearProviderProperties.SunEC"; -@@ -130,6 +131,7 @@ grant codeBase "jrt:/jdk.crypto.ec" { +@@ -132,6 +133,7 @@ grant codeBase "jrt:/jdk.crypto.ec" { grant codeBase "jrt:/jdk.crypto.cryptoki" { permission java.lang.RuntimePermission "accessClassInPackage.com.sun.crypto.provider"; @@ -2971,7 +2975,7 @@ index 00000000000..187be7295f3 + } +} diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java -index bf0c5f2ba84..a4daed24b82 100644 +index cae28a06d7b..1c5bd3d15ac 100644 --- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java +++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java @@ -37,6 +37,8 @@ import javax.crypto.*; @@ -2993,30 +2997,35 @@ index bf0c5f2ba84..a4daed24b82 100644 private static final long serialVersionUID = -2575874101938349339L; private static final String PUBLIC = "public"; -@@ -392,8 +397,9 @@ abstract class P11Key implements Key, Length { +@@ -396,8 +401,9 @@ abstract class P11Key implements Key, Length { new CK_ATTRIBUTE(CKA_EXTRACTABLE), }); - boolean keySensitive = (attrs[0].getBoolean() || - attrs[1].getBoolean() || !attrs[2].getBoolean()); + boolean keySensitive = (!plainKeySupportEnabled && -+ (attrs[0].getBoolean() || -+ attrs[1].getBoolean() || !attrs[2].getBoolean())); ++ (attrs[0].getBoolean() || ++ attrs[1].getBoolean() || !attrs[2].getBoolean())); switch (algorithm) { case "RSA": -@@ -448,7 +454,8 @@ abstract class P11Key implements Key, Length { +@@ -452,7 +458,8 @@ abstract class P11Key implements Key, Length { public String getFormat() { token.ensureValid(); -- if (sensitive || (extractable == false)) { +- if (sensitive || !extractable || (isNSS && tokenObject)) { + if (!plainKeySupportEnabled && -+ (sensitive || (extractable == false))) { ++ (sensitive || !extractable || (isNSS && tokenObject))) { return null; } else { return "RAW"; +@@ -1574,4 +1581,3 @@ final class SessionKeyRef extends PhantomReference { + this.clear(); + } + } +- diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java -index 9cdbdfa9d6b..ea18bdb82a3 100644 +index 0f65a8b3221..0a406e1a2c8 100644 --- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java +++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java @@ -26,6 +26,9 @@ @@ -3135,7 +3144,7 @@ index 9cdbdfa9d6b..ea18bdb82a3 100644 if (config.getHandleStartupErrors() == Config.ERR_IGNORE_ALL) { throw new UnsupportedOperationException diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java -index f87690bc24f..79408353609 100644 +index 4b06daaf264..55e14945469 100644 --- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java +++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java @@ -49,6 +49,9 @@ package sun.security.pkcs11.wrapper; @@ -3148,7 +3157,7 @@ index f87690bc24f..79408353609 100644 import java.util.*; import java.security.AccessController; -@@ -167,18 +170,43 @@ public class PKCS11 { +@@ -174,18 +177,43 @@ public class PKCS11 { return version; } @@ -3195,7 +3204,7 @@ index f87690bc24f..79408353609 100644 } if (omitInitialize == false) { try { -@@ -1971,4 +1999,194 @@ static class SynchronizedPKCS11 extends PKCS11 { +@@ -1976,4 +2004,194 @@ static class SynchronizedPKCS11 extends PKCS11 { super.C_GenerateRandom(hSession, randomData); } } @@ -3391,7 +3400,7 @@ index f87690bc24f..79408353609 100644 +} } diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11Exception.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11Exception.java -index ad2ffc8623b..5441fdecea0 100644 +index 8a560a2c48d..7d68520375b 100644 --- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11Exception.java +++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11Exception.java @@ -190,6 +190,14 @@ public class PKCS11Exception extends Exception { @@ -3410,7 +3419,7 @@ index ad2ffc8623b..5441fdecea0 100644 * Constructor taking the error code (the CKR_* constants in PKCS#11) and * extra info for error message. diff --git a/src/jdk.crypto.ec/share/classes/sun/security/ec/SunEC.java b/src/jdk.crypto.ec/share/classes/sun/security/ec/SunEC.java -index 8c9e4f9dbe6..883dc04758e 100644 +index 200ed63634f..fa258d736d0 100644 --- a/src/jdk.crypto.ec/share/classes/sun/security/ec/SunEC.java +++ b/src/jdk.crypto.ec/share/classes/sun/security/ec/SunEC.java @@ -38,6 +38,7 @@ import java.util.HashMap; @@ -3432,11 +3441,10 @@ index 8c9e4f9dbe6..883dc04758e 100644 private static class ProviderServiceA extends ProviderService { ProviderServiceA(Provider p, String type, String algo, String cn, HashMap attrs) { -@@ -249,85 +254,86 @@ public final class SunEC extends Provider { - +@@ -249,83 +254,85 @@ public final class SunEC extends Provider { putXDHEntries(); putEdDSAEntries(); -- + - /* - * Signature engines - */ @@ -3506,9 +3514,8 @@ index 8c9e4f9dbe6..883dc04758e 100644 - /* - * Key Pair Generator engine - */ -- putService(new ProviderService(this, "KeyPairGenerator", -- "EC", "sun.security.ec.ECKeyPairGenerator", -- List.of("EllipticCurve"), ATTRS)); +- putService(new ProviderServiceA(this, "KeyPairGenerator", +- "EC", "sun.security.ec.ECKeyPairGenerator", ATTRS)); - - /* - * Key Agreement engine @@ -3585,9 +3592,8 @@ index 8c9e4f9dbe6..883dc04758e 100644 + /* + * Key Pair Generator engine + */ -+ putService(new ProviderService(this, "KeyPairGenerator", -+ "EC", "sun.security.ec.ECKeyPairGenerator", -+ List.of("EllipticCurve"), ATTRS)); ++ putService(new ProviderServiceA(this, "KeyPairGenerator", ++ "EC", "sun.security.ec.ECKeyPairGenerator", ATTRS)); + + /* + * Key Agreement engine @@ -3598,7 +3604,7 @@ index 8c9e4f9dbe6..883dc04758e 100644 } private void putXDHEntries() { -@@ -344,23 +350,25 @@ public final class SunEC extends Provider { +@@ -342,23 +349,25 @@ public final class SunEC extends Provider { "X448", "sun.security.ec.XDHKeyFactory.X448", ATTRS)); @@ -3641,7 +3647,7 @@ index 8c9e4f9dbe6..883dc04758e 100644 } private void putEdDSAEntries() { -@@ -375,21 +383,23 @@ public final class SunEC extends Provider { +@@ -373,21 +382,23 @@ public final class SunEC extends Provider { putService(new ProviderServiceA(this, "KeyFactory", "Ed448", "sun.security.ec.ed.EdDSAKeyFactory.Ed448", ATTRS)); diff --git a/java-21-openjdk-portable.specfile b/java-21-openjdk-portable.specfile index 3420328..6e48dab 100644 --- a/java-21-openjdk-portable.specfile +++ b/java-21-openjdk-portable.specfile @@ -315,7 +315,7 @@ %endif # New Version-String scheme-style defines -%global featurever 18 +%global featurever 19 %global fakefeaturever 21 %global interimver 0 %global updatever 2 @@ -368,14 +368,14 @@ # Define IcedTea version used for SystemTap tapsets and desktop file %global icedteaver 6.0.0pre00-c848b93a8598 # Define current Git revision for the FIPS support patches -%global fipsver 60131cc7271 +%global fipsver d95bb40c7c8 # Standard JPackage naming and versioning defines %global origin openjdk %global origin_nice OpenJDK %global top_level_dir_name %{origin} %global top_level_dir_name_backup %{top_level_dir_name}-backup -%global buildver 9 +%global buildver 7 %global rpmrelease 1 #%%global tagsuffix %%{nil} # Priority must be 8 digits in total; up to openjdk 1.8, we were using 18..... so when we moved to 11, we had to add another digit @@ -636,8 +636,8 @@ Patch600: rh1750419-redhat_alt_java.patch Patch6: rh1684077-openjdk_should_depend_on_pcsc-lite-libs_instead_of_pcsc-lite-devel.patch # Crypto policy and FIPS support patches -# Patch is generated from the fips-18u tree at https://github.com/rh-openjdk/jdk/tree/fips-18u -# as follows: git diff %%{vcstag} src make test > fips-18u-$(git show -s --format=%h HEAD).patch +# Patch is generated from the fips-19u tree at https://github.com/rh-openjdk/jdk/tree/fips-19u +# as follows: git diff %%{vcstag} src make test > fips-19u-$(git show -s --format=%h HEAD).patch # Diff is limited to src and make subdirectories to exclude .github changes # Fixes currently included: # PR3183, RH1340845: Follow system wide crypto policy @@ -671,7 +671,7 @@ Patch6: rh1684077-openjdk_should_depend_on_pcsc-lite-libs_instead_of_pcsc-lite-d # test/jdk/sun/security/pkcs11/fips/VerifyMissingAttributes.java: fixed jtreg main class # RH1940064: Enable XML Signature provider in FIPS mode # RH2173781: Avoid calling C_GetInfo() too early, before cryptoki is initialized -Patch1001: fips-18u-%{fipsver}.patch +Patch1001: fips-19u-%{fipsver}.patch ############################################# # @@ -683,21 +683,24 @@ Patch1001: fips-18u-%{fipsver}.patch ############################################# # -# OpenJDK patches appearing in 17.0.8 +# OpenJDK patches which missed 19.0.2 # ############################################# +# JDK-8295447: NullPointerException with invalid pattern matching construct in constructor call +Patch2007: jdk8295447-npe_in_constructor.patch +# JDK-8296239: ISO 4217 Amendment 174 Update +Patch2008: jdk8296239-iso4217_up174.patch +# JDK-8299439: java/text/Format/NumberFormat/CurrencyFormat.java fails for hr_HR +Patch2009: jdk8299439-test_for_hr.patch + ############################################# # # Portable build specific patches # ############################################# -############################################# -# -# OpenJDK patches targetted for 17.0.6 -# -############################################# +# Currently empty BuildRequires: autoconf BuildRequires: automake @@ -974,6 +977,10 @@ pushd %{top_level_dir_name} %patch1001 -p1 # nss.cfg PKCS11 support; must come last as it also alters java.security %patch1000 -p1 +# updates which missed 19.0.2 +%patch2007 -p1 +%patch2008 -p1 +%patch2009 -p1 popd # openjdk %patch600 @@ -1292,7 +1299,6 @@ function packagejdk() { for s in 16 24 32 48 ; do cp -av ${srcdir}/src/java.desktop/unix/classes/sun/awt/X11/java-icon${s}.png ${miscname} done - cp -a ${srcdir}/src/sample ${miscname} tar -cJf ${miscarchive} ${miscname} genchecksum ${miscarchive} fi @@ -1681,6 +1687,15 @@ done %{_jvmdir}/%{miscportablearchive}.sha256sum %changelog +* Tue Aug 15 2023 Andrew Hughes - 1:19.0.1.0.10-1 +- Update to jdk-19.0.2 release +- Update release notes to 19.0.2 +- Rebase FIPS patches from fips-19u branch +- Remove references to sample directory removed by JDK-8284999 +- Add local patch JDK-8295447 (javac NPE) which was accepted into 19u upstream but not in the GA tag +- Add local patches for JDK-8296239 & JDK-8299439 (Croatia Euro update) which are present in 8u, 11u & 17u releases +- Related: rhbz#2192749 + * Thu Aug 10 2023 Andrew Hughes - 1:18.0.2.0.9-1 - Update to jdk-18.0.2 release - Update release notes to actually reflect OpenJDK 18 diff --git a/java-21-openjdk.spec b/java-21-openjdk.spec index 71d71da..7c89bfc 100644 --- a/java-21-openjdk.spec +++ b/java-21-openjdk.spec @@ -299,7 +299,7 @@ %endif # New Version-String scheme-style defines -%global featurever 18 +%global featurever 19 %global fakefeaturever 21 %global interimver 0 %global updatever 2 @@ -338,14 +338,14 @@ # Define IcedTea version used for SystemTap tapsets and desktop file %global icedteaver 6.0.0pre00-c848b93a8598 # Define current Git revision for the FIPS support patches -%global fipsver 60131cc7271 +%global fipsver d95bb40c7c8 # Standard JPackage naming and versioning defines %global origin openjdk %global origin_nice OpenJDK %global top_level_dir_name %{origin} %global top_level_dir_name_backup %{top_level_dir_name}-backup -%global buildver 9 +%global buildver 7 %global rpmrelease 1 # Settings used by the portable build %global portablerelease 1 @@ -1066,7 +1066,6 @@ exit 0 %define files_demo() %{expand: %license %{_jvmdir}/%{sdkdir -- %{?1}}/legal %{_jvmdir}/%{sdkdir -- %{?1}}/demo -%{_jvmdir}/%{sdkdir -- %{?1}}/sample } %define files_src() %{expand: @@ -1374,8 +1373,8 @@ Patch3: rh649512-remove_uses_of_far_in_jpeg_libjpeg_turbo_1_4_compat_for_jdk1 Patch6: rh1684077-openjdk_should_depend_on_pcsc-lite-libs_instead_of_pcsc-lite-devel.patch # Crypto policy and FIPS support patches -# Patch is generated from the fips-18u tree at https://github.com/rh-openjdk/jdk/tree/fips-18u -# as follows: git diff %%{vcstag} src make test > fips-18u-$(git show -s --format=%h HEAD).patch +# Patch is generated from the fips-19u tree at https://github.com/rh-openjdk/jdk/tree/fips-19u +# as follows: git diff %%{vcstag} src make test > fips-19u-$(git show -s --format=%h HEAD).patch # Diff is limited to src and make subdirectories to exclude .github changes # Fixes currently included: # PR3183, RH1340845: Follow system wide crypto policy @@ -1409,7 +1408,7 @@ Patch6: rh1684077-openjdk_should_depend_on_pcsc-lite-libs_instead_of_pcsc-lite-d # test/jdk/sun/security/pkcs11/fips/VerifyMissingAttributes.java: fixed jtreg main class # RH1940064: Enable XML Signature provider in FIPS mode # RH2173781: Avoid calling C_GetInfo() too early, before cryptoki is initialized -Patch1001: fips-18u-%{fipsver}.patch +Patch1001: fips-19u-%{fipsver}.patch ############################################# # @@ -1419,21 +1418,24 @@ Patch1001: fips-18u-%{fipsver}.patch ############################################# # -# OpenJDK patches appearing in 17.0.8 +# OpenJDK patches which missed 19.0.2 # ############################################# +# JDK-8295447: NullPointerException with invalid pattern matching construct in constructor call +Patch2007: jdk8295447-npe_in_constructor.patch +# JDK-8296239: ISO 4217 Amendment 174 Update +Patch2008: jdk8296239-iso4217_up174.patch +# JDK-8299439: java/text/Format/NumberFormat/CurrencyFormat.java fails for hr_HR +Patch2009: jdk8299439-test_for_hr.patch + ############################################# # # Portable build specific patches # ############################################# -############################################# -# -# OpenJDK patches targetted for 17.0.6 -# -############################################# +# Currently empty BuildRequires: autoconf BuildRequires: automake @@ -1878,6 +1880,10 @@ pushd %{top_level_dir_name} %patch1001 -p1 # nss.cfg PKCS11 support; must come last as it also alters java.security %patch1000 -p1 +# updates which missed 19.0.2 +%patch2007 -p1 +%patch2008 -p1 +%patch2009 -p1 popd # openjdk %patch600 @@ -2255,9 +2261,6 @@ done # See https://bugzilla.redhat.com/show_bug.cgi?id=741821 mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/.java/.systemPrefs -# copy samples next to demos; samples are mostly js files -cp -r ${miscdir}/sample $RPM_BUILD_ROOT/%{_jvmdir}/%{sdkdir -- $suffix}/ - # moving config files to /etc mkdir -p $RPM_BUILD_ROOT/%{etcjavadir -- $suffix} mkdir -p $RPM_BUILD_ROOT/%{etcjavadir -- $suffix}/lib @@ -2522,6 +2525,15 @@ require "copy_jdk_configs.lua" %endif %changelog +* Tue Aug 15 2023 Andrew Hughes - 1:19.0.2.0.7-1 +- Update to jdk-19.0.2 release +- Update release notes to 19.0.2 +- Rebase FIPS patches from fips-19u branch +- Remove references to sample directory removed by JDK-8284999 +- Add local patch JDK-8295447 (javac NPE) which was accepted into 19u upstream but not in the GA tag +- Add local patches for JDK-8296239 & JDK-8299439 (Croatia Euro update) which are present in 8u, 11u & 17u releases +- Related: RHEL-12996 + * Thu Aug 10 2023 Andrew Hughes - 1:18.0.2.0.9-1 - Update to jdk-18.0.2 release - Support JVM variant zero following JDK-8273494 no longer installing Zero's libjvm.so in the server directory diff --git a/jdk8295447-npe_in_constructor.patch b/jdk8295447-npe_in_constructor.patch new file mode 100644 index 0000000..180b343 --- /dev/null +++ b/jdk8295447-npe_in_constructor.patch @@ -0,0 +1,97 @@ +commit c9d485792b99233f381dcdfd69838e7b973909bd +Author: Victor Rudometov +Date: Thu Dec 1 10:57:43 2022 +0000 + + 8295447: NullPointerException with invalid pattern matching construct in constructor call + + Backport-of: 6c05771b9be3dd5cbcdb40d2e53cc53959926cdd + +diff --git a/src/jdk.compiler/share/classes/com/sun/tools/javac/comp/Attr.java b/src/jdk.compiler/share/classes/com/sun/tools/javac/comp/Attr.java +index 21cc8e57e1f..46b076d3d03 100644 +--- a/src/jdk.compiler/share/classes/com/sun/tools/javac/comp/Attr.java ++++ b/src/jdk.compiler/share/classes/com/sun/tools/javac/comp/Attr.java +@@ -4145,6 +4145,10 @@ public class Attr extends JCTree.Visitor { + Type exprType, + Type pattType) { + Warner warner = new Warner(); ++ // if any type is erroneous, the problem is reported elsewhere ++ if (exprType.isErroneous() || pattType.isErroneous()) { ++ return false; ++ } + if (!types.isCastable(exprType, pattType, warner)) { + chk.basicHandler.report(pos, + diags.fragment(Fragments.InconvertibleTypes(exprType, pattType))); +@@ -4206,7 +4210,7 @@ public class Attr extends JCTree.Visitor { + tree.record = record; + } else { + log.error(tree.pos(), Errors.DeconstructionPatternOnlyRecords(site.tsym)); +- expectedRecordTypes = Stream.generate(() -> Type.noType) ++ expectedRecordTypes = Stream.generate(() -> types.createErrorType(tree.type)) + .limit(tree.nested.size()) + .collect(List.collector()); + } +diff --git a/test/langtools/tools/javac/T8295447.java b/test/langtools/tools/javac/T8295447.java +new file mode 100644 +index 00000000000..76fcaf10f8d +--- /dev/null ++++ b/test/langtools/tools/javac/T8295447.java +@@ -0,0 +1,46 @@ ++/* ++ * Copyright (c) 2010, 2022, Oracle and/or its affiliates. All rights reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++/** ++ * @test ++ * @bug 8295447 ++ * @summary NullPointerException with invalid pattern matching construct in constructor call ++ * @modules jdk.compiler ++ * @compile/fail/ref=T8295447.out -XDrawDiagnostics --enable-preview -source ${jdk.version} T8295447.java ++ */ ++public class T8295447 { ++ class Foo { ++ void m(Object o) { ++ if(o instanceof Foo(int x)) {} ++ } ++ ++ Foo(Object o) { ++ m((o instanceof Foo(int x))? 0 : 1); ++ } ++ void m(int i) { } ++ } ++ ++ class Base { int i; Base(int j) { i = j; } } ++ class Sub extends Base { ++ Sub(Object o) { super(o instanceof java.awt.Point(int x, int y)? x + y: 0); } ++ } ++} +diff --git a/test/langtools/tools/javac/T8295447.out b/test/langtools/tools/javac/T8295447.out +new file mode 100644 +index 00000000000..7f6746f802f +--- /dev/null ++++ b/test/langtools/tools/javac/T8295447.out +@@ -0,0 +1,6 @@ ++T8295447.java:33:29: compiler.err.deconstruction.pattern.only.records: T8295447.Foo ++T8295447.java:37:29: compiler.err.deconstruction.pattern.only.records: T8295447.Foo ++T8295447.java:44:44: compiler.err.deconstruction.pattern.only.records: java.awt.Point ++- compiler.note.preview.filename: T8295447.java, DEFAULT ++- compiler.note.preview.recompile ++3 errors +\ No newline at end of file diff --git a/jdk8296239-iso4217_up174.patch b/jdk8296239-iso4217_up174.patch new file mode 100644 index 0000000..00f6d7c --- /dev/null +++ b/jdk8296239-iso4217_up174.patch @@ -0,0 +1,79 @@ +commit bf899de7aa8cc862ed123865b9aa26e06d96a7de +Author: duke +Date: Thu Jan 26 00:55:32 2023 +0000 + + Backport fd837649811c866c144c9133d211fb5ad8f994a7 + +diff --git a/src/java.base/share/data/currency/CurrencyData.properties b/src/java.base/share/data/currency/CurrencyData.properties +index 688de592c7b..d234c96c476 100644 +--- a/src/java.base/share/data/currency/CurrencyData.properties ++++ b/src/java.base/share/data/currency/CurrencyData.properties +@@ -32,7 +32,7 @@ formatVersion=3 + # Version of the currency code information in this class. + # It is a serial number that accompanies with each amendment. + +-dataVersion=173 ++dataVersion=174 + + # List of all valid ISO 4217 currency codes. + # To ensure compatibility, do not remove codes. +@@ -189,7 +189,7 @@ CR=CRC + # COTE D'IVOIRE + CI=XOF + # CROATIA +-HR=HRK ++HR=HRK;2022-12-31-23-00-00;EUR + # CUBA + CU=CUP + # Cura\u00e7ao +diff --git a/test/jdk/java/util/Currency/ValidateISO4217.java b/test/jdk/java/util/Currency/ValidateISO4217.java +index b7e64f318b1..b6a91835b19 100644 +--- a/test/jdk/java/util/Currency/ValidateISO4217.java ++++ b/test/jdk/java/util/Currency/ValidateISO4217.java +@@ -24,7 +24,7 @@ + * @test + * @bug 4691089 4819436 4942982 5104960 6544471 6627549 7066203 7195759 + * 8039317 8074350 8074351 8145952 8187946 8193552 8202026 8204269 +- * 8208746 8209775 8264792 8274658 8283277 ++ * 8208746 8209775 8264792 8274658 8283277 8296239 + * @summary Validate ISO 4217 data for Currency class. + * @modules java.base/java.util:open + * jdk.localedata +@@ -34,7 +34,7 @@ + * ############################################################################ + * + * ValidateISO4217 is a tool to detect differences between the latest ISO 4217 +- * data and and Java's currency data which is based on ISO 4217. ++ * data and Java's currency data which is based on ISO 4217. + * If there is a difference, the following file which includes currency data + * may need to be updated. + * src/share/classes/java/util/CurrencyData.properties +diff --git a/test/jdk/java/util/Currency/tablea1.txt b/test/jdk/java/util/Currency/tablea1.txt +index 3e107823042..3eef0eba00e 100644 +--- a/test/jdk/java/util/Currency/tablea1.txt ++++ b/test/jdk/java/util/Currency/tablea1.txt +@@ -1,12 +1,12 @@ + # + # +-# Amendments up until ISO 4217 AMENDMENT NUMBER 173 +-# (As of 23 September 2022) ++# Amendments up until ISO 4217 AMENDMENT NUMBER 174 ++# (As of 2 November 2022) + # + + # Version + FILEVERSION=3 +-DATAVERSION=173 ++DATAVERSION=174 + + # ISO 4217 currency data + AF AFN 971 2 +@@ -67,7 +67,7 @@ CD CDF 976 2 + CK NZD 554 2 + CR CRC 188 2 + CI XOF 952 0 +-HR HRK 191 2 ++HR HRK 191 2 2022-12-31-23-00-00 EUR 978 2 + CU CUP 192 2 + CW ANG 532 2 + CY EUR 978 2 diff --git a/jdk8299439-test_for_hr.patch b/jdk8299439-test_for_hr.patch new file mode 100644 index 0000000..8dd1ed5 --- /dev/null +++ b/jdk8299439-test_for_hr.patch @@ -0,0 +1,63 @@ +commit cf262d7441d797942d33ed2a79540230fc5c97fa +Author: Christoph Langer +Date: Thu Jan 12 08:02:58 2023 +0000 + + 8299439: java/text/Format/NumberFormat/CurrencyFormat.java fails for hr_HR + + Reviewed-by: naoto + Backport-of: 3b374c0153950ab193f3a188b57d3404b4ce2fe2 + +diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/CurrencyNames_hr_HR.properties b/src/jdk.localedata/share/classes/sun/util/resources/ext/CurrencyNames_hr_HR.properties +index 70f210e2da6..56e61953a8c 100644 +--- a/src/jdk.localedata/share/classes/sun/util/resources/ext/CurrencyNames_hr_HR.properties ++++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/CurrencyNames_hr_HR.properties +@@ -1,5 +1,5 @@ + # +-# Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. ++# Copyright (c) 2005, 2023, Oracle and/or its affiliates. All rights reserved. + # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + # + # This code is free software; you can redistribute it and/or modify it +@@ -35,4 +35,5 @@ + # This notice and attribution to Taligent may not be removed. + # Taligent is a registered trademark of Taligent, Inc. + ++EUR=\u20AC + HRK=Kn +diff --git a/test/jdk/ProblemList.txt b/test/jdk/ProblemList.txt +index dc167492272..a806ebe778a 100644 +--- a/test/jdk/ProblemList.txt ++++ b/test/jdk/ProblemList.txt +@@ -1,6 +1,6 @@ + ########################################################################### + # +-# Copyright (c) 2009, 2022, Oracle and/or its affiliates. All rights reserved. ++# Copyright (c) 2009, 2023, Oracle and/or its affiliates. All rights reserved. + # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + # + # This code is free software; you can redistribute it and/or modify it +diff --git a/test/jdk/java/text/Format/NumberFormat/CurrencySymbols.properties b/test/jdk/java/text/Format/NumberFormat/CurrencySymbols.properties +index cf73a9c7e31..665dd3b290a 100644 +--- a/test/jdk/java/text/Format/NumberFormat/CurrencySymbols.properties ++++ b/test/jdk/java/text/Format/NumberFormat/CurrencySymbols.properties +@@ -79,7 +79,7 @@ fr_FR=\u20AC + fr_LU=\u20AC + hi_IN=\u0930\u0942 + hr=\u00A4 +-hr_HR=Kn ++hr_HR=\u20AC + hu=\u00A4 + hu_HU=Ft + is=\u00A4 +@@ -94,9 +94,9 @@ ja_JP=\uFFE5 + ko=\u00A4 + ko_KR=\uFFE6 + lt=\u00A4 +-lt_LT=Lt;2014-12-31-22-00-00;\u20AC ++lt_LT=\u20AC + lv=\u00A4 +-lv_LV=Ls;2013-12-31-22-00-00;\u20AC ++lv_LV=\u20AC + mk=\u00A4 + mk_MK=Den + nl=\u00A4 diff --git a/sources b/sources index 8b03eaa..e8cdef6 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ SHA512 (tapsets-icedtea-6.0.0pre00-c848b93a8598.tar.xz) = 97d026212363b3c83f6a04100ad7f6fdde833d16579717f8756e2b8c2eb70e144a41a330cb9ccde9c3badd37a2d54fdf4650a950ec21d8b686d545ecb2a64d30 -SHA512 (openjdk-jdk18u-jdk-18.0.2+9.tar.xz) = 08b06407deb4a13f36b29738b8038c7b2ce953eb526abe732fb4a256d968511c9ef705c5d568b4b3c98867665b748e331c9f293e69fc13bea1eed6879b6095d0 +SHA512 (openjdk-jdk19u-jdk-19.0.2+7.tar.xz) = f9b54ae43074caa53773000ed8000ff5592cda44b2bef8fafa2c38cf623048722c34a111aacfd1831050525804230b29cc20fd95ad2162c43412b957190cc7b0