From b4e6a520f984f199aa6bfeb7b15f384f45c09da5 Mon Sep 17 00:00:00 2001 From: Andrew Hughes Date: Mon, 29 Aug 2022 01:31:15 +0100 Subject: [PATCH] Update to RC version of OpenJDK 19 Update release notes to 19.0.0 Rebase FIPS patches from fips-19u branch Need to include the '.S' suffix in debuginfo checks after JDK-8284661 Add patch to provide translations for Europe/Kyiv added in tzdata2022b Add test to ensure timezones can be translated Remove references to sample directory removed by JDK-8284999 --- .gitignore | 1 + NEWS | 369 ++++-------------- TestSecurityProperties.java | 17 + TestTranslations.java | 35 ++ ...cc7271.patch => fips-19u-d95bb40c7c8.patch | 122 +++--- java-latest-openjdk.spec | 48 ++- jdk8292223-tzdata2022b-kyiv.patch | 132 +++++++ sources | 2 +- 8 files changed, 350 insertions(+), 376 deletions(-) create mode 100644 TestTranslations.java rename fips-18u-60131cc7271.patch => fips-19u-d95bb40c7c8.patch (98%) create mode 100644 jdk8292223-tzdata2022b-kyiv.patch diff --git a/.gitignore b/.gitignore index c095247..9c9a167 100644 --- a/.gitignore +++ b/.gitignore @@ -28,3 +28,4 @@ /openjdk-jdk18u-jdk-18.0.1+10.tar.xz /openjdk-jdk18u-jdk-18.0.1.1+2.tar.xz /openjdk-jdk18u-jdk-18.0.2+9.tar.xz +/openjdk-jdk19u-jdk-19+36.tar.xz diff --git a/NEWS b/NEWS index 6537ddf..5bc84cb 100644 --- a/NEWS +++ b/NEWS @@ -3,242 +3,13 @@ Key: JDK-X - https://bugs.openjdk.java.net/browse/JDK-X CVE-XXXX-YYYY: https://cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY -New in release OpenJDK 18.0.2 (2022-07-19): -=========================================== -Live versions of these release notes can be found at: - * https://builds.shipilev.net/backports-monitor/release-notes-18.0.2.txt - -* Security fixes - - JDK-8272243: Improve DER parsing - - JDK-8272249: Better properties of loaded Properties - - JDK-8277608: Address IP Addressing - - JDK-8281859, CVE-2022-21540: Improve class compilation - - JDK-8281866, CVE-2022-21541: Enhance MethodHandle invocations - - JDK-8282676: Improve subject handling - - JDK-8283190: Improve MIDI processing - - JDK-8284370: Improve zlib usage - - JDK-8285407, CVE-2022-34169: Improve Xalan supports -* Other changes - - JDK-8240903: Add test to check that jmod hashes are reproducible - - JDK-8256368: Avoid repeated upcalls into Java to re-resolve MH/VH linkers/invokers - - JDK-8270480: Better path to expressing Xpaths - - JDK-8271008: appcds/*/MethodHandlesAsCollectorTest.java tests time out because of excessive GC (CodeCache GC Threshold) in loom - - JDK-8271055: Crash during deoptimization with "assert(bb->is_reachable()) failed: getting result from unreachable basicblock" with -XX:+VerifyStack - - JDK-8272493: Suboptimal code generation around Preconditions.checkIndex intrinsic with AVX2 - - JDK-8274524: SSLSocket.close() hangs if it is called during the ssl handshake - - JDK-8275337: C1: assert(false) failed: live_in set of first block must be empty - - JDK-8277055: Assert "missing inlining msg" with -XX:+PrintIntrinsics - - JDK-8277072: ObjectStreamClass caches keep ClassLoaders alive - - JDK-8277893: Arraycopy stress tests - - JDK-8278065: Refactor subclassAudits to use ClassValue - - JDK-8278381: [GCC 11] Address::make_raw() does not initialize rspec - - JDK-8278549: UNIX sun/font coding misses SUSE distro detection on recent distro SUSE 15 - - JDK-8278794: Infinite loop in DeflaterOutputStream.finish() - - JDK-8279219: [REDO] C2 crash when allocating array of size too large - - JDK-8279668: x86: AVX2 versions of vpxor should be asserted - - JDK-8279822: CI: Constant pool entries in error state are not supported - - JDK-8279958: Provide configure hints for Alpine/apk package managers - - JDK-8280041: Retry loop issues in java.io.ClassCache - - JDK-8280476: [macOS] : hotspot arm64 bug exposed by latest clang - - JDK-8280600: C2: assert(!had_error) failed: bad dominance - - JDK-8280674: Bump version numbers for July CPU - - JDK-8280799: С2: assert(false) failed: cyclic dependency prevents range check elimination - - JDK-8280867: Cpuid1Ecx feature parsing is incorrect for AMD CPUs - - JDK-8280901: MethodHandle::linkToNative stub is missing w/ -Xint - - JDK-8280956: Re-examine copyright headers on files in src/java.desktop/macosx/native/libawt_lwawt/awt/a11y - - JDK-8281168: Micro-optimize VarForm.getMemberName for interpreter - - JDK-8281181: Do not use CPU Shares to compute active processor count - - JDK-8281266: [JVMCI] MetaUtil.toInternalName() doesn't handle hidden classes correctly - - JDK-8281274: deal with ActiveProcessorCount in os::Linux::print_container_info - - JDK-8281318: Improve jfr/event/allocation tests reliability - - JDK-8281544: assert(VM_Version::supports_avx512bw()) failed for Tests jdk/incubator/vector/ - - JDK-8281615: Deadlock caused by jdwp agent - - JDK-8281638: jfr/event/allocation tests fail with release VMs after JDK-8281318 due to lack of -XX:+UnlockDiagnosticVMOptions - - JDK-8281771: Crash in java_lang_invoke_MethodType::print_signature - - JDK-8281811: assert(_base == Tuple) failed: Not a Tuple after JDK-8280799 - - JDK-8281822: Test failures on non-DTrace builds due to incomplete DTrace* flags handling - - JDK-8282042: [testbug] FileEncodingTest.java depends on default encoding - - JDK-8282045: When loop strip mining fails, safepoints are removed from loop anyway - - JDK-8282080: Lambda deserialization fails for Object method references on interfaces - - JDK-8282170: JVMTI SetBreakpoint metaspace allocation test - - JDK-8282172: CompileBroker::log_metaspace_failure is called from non-Java/compiler threads - - JDK-8282194: C1: Missing side effects of dynamic constant linkage - - JDK-8282219: jdk/java/lang/ProcessBuilder/Basic.java fails on AIX - - JDK-8282225: GHA: Allow one concurrent run per PR only - - JDK-8282231: x86-32: runtime call to SharedRuntime::ldiv corrupts registers - - JDK-8282295: SymbolPropertyEntry::set_method_type fails with assert - - JDK-8282300: Throws NamingException instead of InvalidNameException after JDK-8278972 - - JDK-8282312: Minor corrections to evbroadcasti32x4 intrinsic on x86 - - JDK-8282444: Module finder incorrectly assumes default file system path-separator character - - JDK-8282551: Properly initialize L32X64MixRandom state - - JDK-8282583: Update BCEL md to include the copyright notice - - JDK-8282590: C2: assert(addp->is_AddP() && addp->outcnt() > 0) failed: Don't process dead nodes - - JDK-8282592: C2: assert(false) failed: graph should be schedulable - - JDK-8282628: Potential memory leak in sun.font.FontConfigManager.getFontConfig() - - JDK-8282874: Bad performance on gather/scatter API caused by different IntSpecies of indexMap - - JDK-8282887: Potential memory leak in sun.util.locale.provider.HostLocaleProviderAdapterImpl.getNumberPattern() on Windows - - JDK-8282929: Localized monetary symbols are not reflected in `toLocalizedPattern` return value - - JDK-8283017: GHA: Workflows break with update release versions - - JDK-8283022: com/sun/crypto/provider/Cipher/AEAD/GCMBufferTest.java failing with -Xcomp after 8273297 - - JDK-8283037: Update jdk18u fix version to 18.0.2 - - JDK-8283187: C2: loop candidate for superword not always unrolled fully if superword fails - - JDK-8283217: Leak FcObjectSet in getFontConfigLocations() in fontpath.c - - JDK-8283379: Memory leak in FileHeaderHelper - - JDK-8283408: Fix a C2 crash when filling arrays with unsafe - - JDK-8283422: Create a new test for JDK-8254790 - - JDK-8283451: C2: assert(_base == Long) failed: Not a Long - - JDK-8283469: Don't use memset to initialize members in FileMapInfo and fix memory leak - - JDK-8283555: G1: Concurrent mark accesses uninitialized BOT of closed archive regions - - JDK-8283641: Large value for CompileThresholdScaling causes assert - - JDK-8283725: Launching java with "-Xlog:gc*=trace,safepoint*=trace,class*=trace" crashes the JVM - - JDK-8284012: Correction version-numbers.conf after merge - - JDK-8284023: java.sun.awt.X11GraphicsDevice.getDoubleBufferVisuals() leaks XdbeScreenVisualInfo - - JDK-8284033: Leak XVisualInfo in getAllConfigs in awt_GraphicsEnv.c - - JDK-8284094: Memory leak in invoker_completeInvokeRequest() - - JDK-8284369: TestFailedAllocationBadGraph fails with -XX:TieredStopAtLevel < 4 - - JDK-8284389: Improve stability of GHA Pre-submit testing by caching cygwin installer - - JDK-8284458: CodeHeapState::aggregate() leaks blob_name - - JDK-8284507: GHA: Only check test results if testing was not skipped - - JDK-8284532: Memory leak in BitSet::BitMapFragmentTable in JFR leak profiler - - JDK-8284549: JFR: FieldTable leaks FieldInfoTable member - - JDK-8284620: CodeBuffer may leak _overflow_arena - - JDK-8284622: Update versions of some Github Actions used in JDK workflow - - JDK-8284808: change milestone to fcs for releases: jdk-11.0.16, jdk-17.0.4, jdk-18.0.2 - - JDK-8284848: C2: Compiler blackhole arguments should be treated as globally escaping - - JDK-8284866: Add test to JDK-8273056 - - JDK-8284992: Fix misleading Vector API doc for LSHR operator - - JDK-8285394: Compiler blackholes can be eliminated due to stale ciMethod::intrinsic_id() - - JDK-8285515: (dc) DatagramChannel.disconnect fails with "Invalid argument" on macOS 12.4 - - JDK-8285517: System.getenv() returns unexpected value if environment variable has non ASCII character - - JDK-8285523: Improve test java/io/FileOutputStream/OpenNUL.java - - JDK-8285686: Upgrade to FreeType 2.12.0 - - JDK-8285828: runtime/execstack/TestCheckJDK.java fails with zipped debug symbols - - JDK-8285921: serviceability/dcmd/jvmti/AttachFailed/AttachReturnError.java fails on Alpine - - JDK-8285956: (fs) Excessive default poll interval in PollingWatchService - - JDK-8286013: Incorrect test configurations for compiler/stable/TestStableShort.java - - JDK-8286029: Add classpath exemption to globals_vectorApiSupport_***.S.inc - - JDK-8286198: [linux] Fix process-memory information - - JDK-8286283: assert(func2 == 0 && func3 == 0) failed: not unary - - JDK-8286444: javac errors after JDK-8251329 are not helpful enough to find root cause - - JDK-8286594: (zipfs) Mention paths with dot elements in ZipException and cleanups - - JDK-8286601: Mac Aarch: Excessive warnings to be ignored for build jdk - - JDK-8286855: javac error on invalid jar should only print filename - - JDK-8287119: Add Distrust.java to ProblemList - - JDK-8287162: (zipfs) Performance regression related to support for POSIX file permissions - - JDK-8287175: Backout 8270480: Better path to expressing Xpaths - - JDK-8287202: GHA: Add macOS aarch64 to the list of default platforms for workflow_dispatch event - - JDK-8287336: GHA: Workflows break on patch versions - - JDK-8287378: GHA: Update cygwin to fix issues in langtools tests on Windows - - JDK-8287644: [18u] Backport of JDK-8240903 causes test errors - -Notes on individual issues: -=========================== - -hotspot/runtime: - -JDK-8288367: CPU Shares Ignored When Computing Active Processor Count -===================================================================== -Previous JDK releases used an incorrect interpretation of the Linux -cgroups parameter cpu.shares". This might cause the JVM to use fewer -CPUs than available, leading to an under utilization of CPU resources -when the JVM is used inside a container. - -Starting from this JDK release, by default, the JVM no longer -considers "cpu.shares" when deciding the number of threads to be used -by the various thread pools. The `-XX:+UseContainerCpuShares` -command-line option can be used to revert to the previous -behavior. This option is deprecated and may be removed in a future JDK -release. - -New in release OpenJDK 18.0.1.1 (2022-04-22): -============================================= -* Other changes - - JDK-8283350: (tz) Update Timezone Data to 2022a - - JDK-8284548: Invalid XPath expression causes StringIndexOutOfBoundsException - - JDK-8284920: Incorrect Token type causes XPath expression to return incorrect results - - JDK-8285391: Update the release version for respin April CPU22_04 for release jdk18.0.1.1 - - JDK-8285445: cannot open file "NUL:" - - JDK-8285454: Update the JBS version for respin of April CPU22_04 - -Notes on individual issues: -=========================== - -core-libs/java.io: - -JDK-8285660: New System Property to Disable Windows Alternate Data Stream Support in java.io.File -================================================================================================= -The Windows implementation of `java.io.File` allows access to NTFS -Alternate Data Streams (ADS) by default. Such streams have a structure -like “filename:streamname”. A system property `jdk.io.File.enableADS` -has been added to control this behavior. To disable ADS support in -`java.io.File`, the system property `jdk.io.File.enableADS` should be -set to `false` (case ignored). Stricter path checking however prevents -the use of special devices such as `NUL:` - -New in release OpenJDK 18.0.1 (2022-04-19): -=========================================== -Live versions of these release notes can be found at: - * https://builds.shipilev.net/backports-monitor/release-notes-18.0.1.txt - -* Security fixes - - JDK-8269938: Enhance XML processing passes redux - - JDK-8270504, CVE-2022-21426: Better XPath expression handling - - JDK-8272255: Completely handle MIDI files - - JDK-8272261: Improve JFR recording file processing - - JDK-8272588: Enhanced recording parsing - - JDK-8272594: Better record of recordings - - JDK-8274221: More definite BER encodings - - JDK-8275151, CVE-2022-21443: Improved Object Identification - - JDK-8277227: Better identification of OIDs - - JDK-8277233, CVE-2022-21449: Improve ECDSA signature support - - JDK-8277672, CVE-2022-21434: Better invocation handler handling - - JDK-8278356: Improve file creation - - JDK-8278449: Improve keychain support - - JDK-8278798: Improve supported intrinsic - - JDK-8278805: Enhance BMP image loading - - JDK-8278972, CVE-2022-21496: Improve URL supports - - JDK-8281388: Change wrapping of EncryptedPrivateKeyInfo -* Other changes - - JDK-8258814: Compilation logging crashes for thread suspension / debugging tests - - JDK-8267341: macos attempt_reserve_memory_at(arg1, arg2, true) failure - - JDK-8272996: JNDI DNS provider fails to resolve SRV entries when IPV6 stack is enabled - - JDK-8273139: C2: assert(f <= 1 && f >= 0) failed: Incorrect frequency - - JDK-8274751: Drag And Drop hangs on Windows - - JDK-8276819: javax/print/PrintServiceLookup/FlushCustomClassLoader.java fails to free - - JDK-8276990: Memory leak in invoker.c fillInvokeRequest() during JDI operations - - JDK-8277488: Add expiry exception for Digicert (geotrustglobalca) expiring in May 2022 - - JDK-8277795: ldap connection timeout not honoured under contention - - JDK-8278186: org.jcp.xml.dsig.internal.dom.Utils.parseIdFromSameDocumentURI throws StringIndexOutOfBoundsException when calling substring method - - JDK-8278384: Bytecodes::result_type() for arraylength returns T_VOID instead of T_INT - - JDK-8278472: Invalid value set to CANDIDATEFORM structure - - JDK-8278851: Correct signer logic for jars signed with multiple digestalgs - - JDK-8278869: Bump version numbers for OPENJDK 18.0.1 - - JDK-8279223: Define version in .jcheck/conf - - JDK-8279225: [arm32] C1 longs comparison operation destroys argument registers - - JDK-8279412: [JVMCI] failed speculations list must outlive any nmethod that refers to it - - JDK-8279437: [JVMCI] exception in HotSpotJVMCIRuntime.translate can exit the VM - - JDK-8279445: Update JMH devkit to 1.34 - - JDK-8280123: C2: Infinite loop in CMoveINode::Ideal during IGVN - - JDK-8280414: Memory leak in DefaultProxySelector - - JDK-8280526: x86_32 Math.sqrt performance regression with -XX:UseSSE={0,1} - - JDK-8280550: SplittableRandom#nextDouble(double,double) can return result >= bound - - JDK-8280785: change milestone to fcs for releases: jdk-11.0.15, jdk-17.0.3, jdk-18.0.1 - - JDK-8280910: Update openjdk project in jcheck to "jdk-updates" for jdk18u - - JDK-8280950: RandomGenerator:NextDouble() default behavior non conformant after JDK-8280550 fix - - JDK-8281093: Violating Attribute-Value Normalization in the XML specification 1.0 - - JDK-8281183: RandomGenerator:NextDouble() default behavior partially fixed by JDK-8280950 - - JDK-8281262: Windows builds in different directories are not fully reproducible - - JDK-8281275: Upgrading from 8 to 11 no longer accepts '/' as filepath separator in gc paths - - JDK-8282300: Throws NamingException instead of InvalidNameException after JDK-8278972 - - JDK-8282397: createTempFile method of java.io.File is failing when called with suffix of spaces character - -New in release OpenJDK 18.0.0 (2022-03-22): +New in release OpenJDK 19.0.0 (2022-09-20): =========================================== Major changes are listed below. Some changes may have been backported -to earlier releases following their first appearance in OpenJDK 18. +to earlier releases following their first appearance in OpenJDK 19. -The full list of changes in 18u can be found at: -- * https://builds.shipilev.net/backports-monitor/release-notes-18.txt +The full list of changes in 19u can be found at: +- * https://builds.shipilev.net/backports-monitor/release-notes-19.txt NEW FEATURES ============ @@ -250,6 +21,7 @@ Pattern Matching for switch =========================== https://openjdk.org/jeps/406 https://openjdk.org/jeps/420 +https://openjdk.org/jeps/427 Enhance the Java programming language with pattern matching for `switch` expressions and statements, along with extensions to the @@ -259,58 +31,46 @@ specific action, so that complex data-oriented queries can be expressed concisely and safely. This was a preview feature (http://openjdk.java.net/jeps/12) in -OpenJDK 17 (JEP 406) and sees a second preview in OpenJDK 18 (JEP -420). +OpenJDK 17 (JEP 406) and saw a second preview in OpenJDK 18 (JEP 420). +It reaches its third preview (JEP 427) in OpenJDK 19. + +Record Patterns +=============== +https://openjdk.org/jeps/405 + +Enhance the Java programming language with record patterns to +deconstruct record values. Record patterns and type patterns can be +nested to enable a powerful, declarative, and composable form of data +navigation and processing. + +This is a preview feature (http://openjdk.java.net/jeps/12) introduced +in OpenJDK 19 (JEP 405) Library Features ================ -UTF-8 by Default -================ -https://openjdk.org/jeps/400 - -Specify UTF-8 as the default charset of the standard Java APIs. With -this change, APIs that depend upon the default charset will behave -consistently across all implementations, operating systems, locales, -and configurations. - -Reimplement Core Reflection with Method Handles -=============================================== -https://openjdk.org/jeps/416 - -Reimplement java.lang.reflect.Method, Constructor, and Field on top of -java.lang.invoke method handles. Making method handles the underlying -mechanism for reflection will reduce the maintenance and development -cost of both the java.lang.reflect and java.lang.invoke APIs. - Vector API ========== https://openjdk.org/jeps/338 https://openjdk.org/jeps/414 https://openjdk.org/jeps/417 +https://openjdk.org/jeps/426 -Provide an initial iteration of an incubator module, -`jdk.incubator.vector`, to express vector computations that reliably -compile at runtime to optimal vector hardware instructions on -supported CPU architectures and thus achieve superior performance to -equivalent scalar computations. +Introduce an API to express vector computations that reliably compile +at runtime to optimal vector hardware instructions on supported CPU +architectures and thus achieve superior performance to equivalent +scalar computations. This is an incubation feature (https://openjdk.java.net/jeps/11) introduced in OpenJDK 16 (JEP 338). A second round of incubation took -place in OpenJDK 17 (JEP 414) and OpenJDK 18 (JEP 417) sees a third. - -Internet-Address Resolution SPI -=============================== -https://openjdk.org/jeps/418 - -Define a service-provider interface (SPI) for host name and address -resolution, so that java.net.InetAddress can make use of resolvers -other than the platform's built-in resolver. +place in OpenJDK 17 (JEP 414), OpenJDK 18 (JEP 417) saw a third and +OpenJDK 19 sees its fourth (JEP 426). Foreign Function & Memory API ============================= https://openjdk.org/jeps/412 https://openjdk.org/jeps/419 +https://openjdk.org/jeps/424 Introduce an API by which Java programs can interoperate with code and data outside of the Java runtime. By efficiently invoking foreign @@ -319,43 +79,48 @@ foreign memory (i.e., memory not managed by the JVM), the API enables Java programs to call native libraries and process native data without the brittleness and danger of JNI. -This API is an incubation feature (https://openjdk.java.net/jeps/11) -introduced in OpenJDK 17 (JEP 412), and is an evolution of the Foreign -Memory Access API (OpenJDK 14 through 16) and Foreign Linker API -(OpenJDK 16) (see release notes for java-17-openjdk). OpenJDK 18 sees -a second round of incubation (JEP 419). +This API is now a preview feature (http://openjdk.java.net/jeps/12). +It was first introduced in incubation +(https://openjdk.java.net/jeps/11) in OpenJDK 17 (JEP 412), and is an +evolution of the Foreign Memory Access API (OpenJDK 14 through 16) and +Foreign Linker API (OpenJDK 16) (see release notes for +java-17-openjdk). OpenJDK 18 saw a second round of incubation (JEP +419) before its inclusion as a preview in OpenJDK 19 (JEP 424). -Tools +Virtual Threads +=============== +https://openjdk.org/jeps/425 + +Introduce virtual threads to the Java Platform. Virtual threads are +lightweight threads that dramatically reduce the effort of writing, +maintaining, and observing high-throughput concurrent applications. + +This is a preview feature (http://openjdk.java.net/jeps/12) introduced +in OpenJDK 19 (JEP 425) + +Structured Concurrency +====================== +https://openjdk.org/jeps/428 + +Simplify multithreaded programming by introducing an API for +structured concurrency. Structured concurrency treats multiple tasks +running in different threads as a single unit of work, thereby +streamlining error handling and cancellation, improving reliability, +and enhancing observability. + +This is an incubation feature (https://openjdk.java.net/jeps/11) +introduced in OpenJDK 19 (JEP 428). + +Ports ===== -Simple Web Server +Linux/RISC-V Port ================= -https://openjdk.org/jeps/408 +https://openjdk.org/jeps/422 -Provide a command-line tool, `jwebserver`, to start a minimal web -server that serves static files only. No CGI or servlet-like -functionality is available. This tool will be useful for prototyping, -ad-hoc coding, and testing purposes, particularly in educational -contexts. - -Code Snippets in Java API Documentation -======================================= -https://openjdk.org/jeps/413 - -Introduce an @snippet tag for JavaDoc's Standard Doclet, to simplify -the inclusion of example source code in API documentation. - -DEPRECATIONS -============ - -Deprecate Finalization for Removal -================================== -https://openjdk.org/jeps/421 - -Deprecate finalization for removal in a future release. Finalization -remains enabled by default for now, but can be disabled to facilitate -early testing. In a future release it will be disabled by default, and -in a later release it will be removed. Maintainers of libraries and -applications that rely upon finalization should consider migrating to -other resource management techniques such as the try-with-resources -statement and cleaners. +RISC-V is a free and open-source RISC instruction set architecture +(ISA) designed originally at the University of California, Berkeley, +and now developed collaboratively under the sponsorship of RISC-V +International. It is already supported by a wide range of language +toolchains. With the increasing availability of RISC-V hardware, a +port of the JDK would be valuable. diff --git a/TestSecurityProperties.java b/TestSecurityProperties.java index 552bd0f..2967a32 100644 --- a/TestSecurityProperties.java +++ b/TestSecurityProperties.java @@ -1,3 +1,20 @@ +/* TestSecurityProperties -- Ensure system security properties can be used to + enable the crypto policies. + Copyright (C) 2022 Red Hat, Inc. + +This program is free software: you can redistribute it and/or modify +it under the terms of the GNU Affero General Public License as +published by the Free Software Foundation, either version 3 of the +License, or (at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU Affero General Public License for more details. + +You should have received a copy of the GNU Affero General Public License +along with this program. If not, see . +*/ import java.io.File; import java.io.FileInputStream; import java.security.Security; diff --git a/TestTranslations.java b/TestTranslations.java new file mode 100644 index 0000000..cf83303 --- /dev/null +++ b/TestTranslations.java @@ -0,0 +1,35 @@ +/* TestTranslations -- Ensure translations are available for new timezones + Copyright (C) 2022 Red Hat, Inc. + +This program is free software: you can redistribute it and/or modify +it under the terms of the GNU Affero General Public License as +published by the Free Software Foundation, either version 3 of the +License, or (at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU Affero General Public License for more details. + +You should have received a copy of the GNU Affero General Public License +along with this program. If not, see . +*/ + +import java.util.Arrays; +import java.util.Locale; +import java.util.ResourceBundle; + +import sun.util.resources.LocaleData; +import sun.util.locale.provider.LocaleProviderAdapter; + +public class TestTranslations { + public static void main(String[] args) { + for (String zone : args) { + System.out.printf("Translations for %s\n", zone); + for (Locale l : Locale.getAvailableLocales()) { + ResourceBundle bundle = new LocaleData(LocaleProviderAdapter.Type.JRE).getTimeZoneNames(l); + System.out.printf("Locale: %s, language: %s, translations: %s\n", l, l.getDisplayLanguage(), Arrays.toString(bundle.getStringArray(zone))); + } + } + } +} diff --git a/fips-18u-60131cc7271.patch b/fips-19u-d95bb40c7c8.patch similarity index 98% rename from fips-18u-60131cc7271.patch rename to fips-19u-d95bb40c7c8.patch index f807876..838f115 100644 --- a/fips-18u-60131cc7271.patch +++ b/fips-19u-d95bb40c7c8.patch @@ -89,30 +89,30 @@ index 00000000000..b2b1c1787da + AC_SUBST(USE_SYSCONF_NSS) +]) diff --git a/make/autoconf/libraries.m4 b/make/autoconf/libraries.m4 -index 8e4012910d8..f2a178b5734 100644 +index 7a1d8d80bb2..1807cb71073 100644 --- a/make/autoconf/libraries.m4 +++ b/make/autoconf/libraries.m4 -@@ -33,6 +33,7 @@ m4_include([lib-std.m4]) +@@ -35,6 +35,7 @@ m4_include([lib-std.m4]) m4_include([lib-x11.m4]) - m4_include([lib-fontconfig.m4]) + m4_include([lib-tests.m4]) +m4_include([lib-sysconf.m4]) ################################################################################ # Determine which libraries are needed for this configuration -@@ -102,6 +103,7 @@ AC_DEFUN_ONCE([LIB_SETUP_LIBRARIES], - LIB_SETUP_BUNDLED_LIBS - LIB_SETUP_MISC_LIBS +@@ -107,6 +108,7 @@ AC_DEFUN_ONCE([LIB_SETUP_LIBRARIES], + LIB_SETUP_X11 + LIB_TESTS_SETUP_GTEST + LIB_SETUP_SYSCONF_LIBS BASIC_JDKLIB_LIBS="" if test "x$TOOLCHAIN_TYPE" != xmicrosoft; then diff --git a/make/autoconf/spec.gmk.in b/make/autoconf/spec.gmk.in -index bc13f30e5f1..04cb12f2763 100644 +index 8908a5deb3c..2fce35f5b2d 100644 --- a/make/autoconf/spec.gmk.in +++ b/make/autoconf/spec.gmk.in -@@ -843,6 +843,10 @@ INSTALL_SYSCONFDIR=@sysconfdir@ +@@ -854,6 +854,10 @@ INSTALL_SYSCONFDIR=@sysconfdir@ # Libraries # @@ -124,7 +124,7 @@ index bc13f30e5f1..04cb12f2763 100644 LCMS_CFLAGS:=@LCMS_CFLAGS@ LCMS_LIBS:=@LCMS_LIBS@ diff --git a/make/modules/java.base/Lib.gmk b/make/modules/java.base/Lib.gmk -index eee488607f2..3c095802426 100644 +index 0d5a6c9846c..5ca12054351 100644 --- a/make/modules/java.base/Lib.gmk +++ b/make/modules/java.base/Lib.gmk @@ -164,6 +164,31 @@ ifeq ($(call isTargetOsType, unix), true) @@ -390,7 +390,7 @@ index 00000000000..8dcb7d9073f + } +} diff --git a/src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java b/src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java -index a020e1c15d8..6d459fdec01 100644 +index 38836d2701e..324620a8e9b 100644 --- a/src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java +++ b/src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java @@ -31,6 +31,7 @@ import java.security.SecureRandom; @@ -1398,7 +1398,7 @@ index a020e1c15d8..6d459fdec01 100644 // Return the instance of this class or create one if needed. diff --git a/src/java.base/share/classes/java/security/Security.java b/src/java.base/share/classes/java/security/Security.java -index 2ee706c2448..8f4c44a1436 100644 +index 7218f536804..7be83f5eeaa 100644 --- a/src/java.base/share/classes/java/security/Security.java +++ b/src/java.base/share/classes/java/security/Security.java @@ -32,6 +32,7 @@ import java.net.URL; @@ -1458,7 +1458,7 @@ index 2ee706c2448..8f4c44a1436 100644 // first load the system properties file // to determine the value of security.overridePropertiesFile -@@ -99,6 +122,7 @@ public final class Security { +@@ -98,6 +121,7 @@ public final class Security { if (sdebug != null) { sdebug.println("reading security properties file: " + propFile); @@ -1466,7 +1466,7 @@ index 2ee706c2448..8f4c44a1436 100644 } } catch (IOException e) { if (sdebug != null) { -@@ -193,6 +217,61 @@ public final class Security { +@@ -192,6 +216,61 @@ public final class Security { } } @@ -1821,18 +1821,18 @@ index 00000000000..3f3caac64dc + boolean isPlainKeySupportEnabled(); +} diff --git a/src/java.base/share/classes/jdk/internal/access/SharedSecrets.java b/src/java.base/share/classes/jdk/internal/access/SharedSecrets.java -index 1e98e727b79..a79ae218d92 100644 +index 08e1133ffae..7d6e6b3cbc6 100644 --- a/src/java.base/share/classes/jdk/internal/access/SharedSecrets.java +++ b/src/java.base/share/classes/jdk/internal/access/SharedSecrets.java -@@ -39,6 +39,7 @@ import java.io.FilePermission; - import java.io.ObjectInputStream; +@@ -42,6 +42,7 @@ import java.io.PrintStream; + import java.io.PrintWriter; import java.io.RandomAccessFile; import java.security.ProtectionDomain; +import java.security.Security; import java.security.Signature; /** A repository of "shared secrets", which are a mechanism for -@@ -80,6 +81,7 @@ public class SharedSecrets { +@@ -87,6 +88,7 @@ public class SharedSecrets { private static JavaSecuritySpecAccess javaSecuritySpecAccess; private static JavaxCryptoSealedObjectAccess javaxCryptoSealedObjectAccess; private static JavaxCryptoSpecAccess javaxCryptoSpecAccess; @@ -1840,7 +1840,7 @@ index 1e98e727b79..a79ae218d92 100644 public static void setJavaUtilCollectionAccess(JavaUtilCollectionAccess juca) { javaUtilCollectionAccess = juca; -@@ -441,4 +443,15 @@ public class SharedSecrets { +@@ -498,4 +500,15 @@ public class SharedSecrets { MethodHandles.lookup().ensureInitialized(c); } catch (IllegalAccessException e) {} } @@ -1857,10 +1857,10 @@ index 1e98e727b79..a79ae218d92 100644 + } } diff --git a/src/java.base/share/classes/module-info.java b/src/java.base/share/classes/module-info.java -index 5fbaa8950e8..218dee0065d 100644 +index e280defabe0..724dcf76edd 100644 --- a/src/java.base/share/classes/module-info.java +++ b/src/java.base/share/classes/module-info.java -@@ -152,6 +152,8 @@ module java.base { +@@ -155,6 +155,8 @@ module java.base { java.naming, java.rmi, jdk.charsets, @@ -1868,9 +1868,9 @@ index 5fbaa8950e8..218dee0065d 100644 + jdk.crypto.ec, jdk.jartool, jdk.jlink, - jdk.net, + jdk.net; diff --git a/src/java.base/share/classes/sun/security/provider/SunEntries.java b/src/java.base/share/classes/sun/security/provider/SunEntries.java -index 912cad59714..709d32912ca 100644 +index 46d3ee8bb06..53bc4851d23 100644 --- a/src/java.base/share/classes/sun/security/provider/SunEntries.java +++ b/src/java.base/share/classes/sun/security/provider/SunEntries.java @@ -30,6 +30,7 @@ import java.net.*; @@ -1879,7 +1879,7 @@ index 912cad59714..709d32912ca 100644 +import jdk.internal.access.SharedSecrets; import jdk.internal.util.StaticProperty; - import sun.security.action.GetPropertyAction; + import sun.security.action.GetBooleanAction; import sun.security.util.SecurityProviderConstants; @@ -83,6 +84,10 @@ import static sun.security.util.SecurityProviderConstants.getAliases; @@ -2085,7 +2085,7 @@ index 912cad59714..709d32912ca 100644 /* * Algorithm Parameter Generator engines -@@ -201,40 +208,42 @@ public final class SunEntries { +@@ -201,42 +208,44 @@ public final class SunEntries { addWithAlias(p, "AlgorithmParameters", "DSA", "sun.security.provider.DSAParameters", attrs); @@ -2098,8 +2098,10 @@ index 912cad59714..709d32912ca 100644 - /* - * Digest engines - */ -- add(p, "MessageDigest", "MD2", "sun.security.provider.MD2", attrs); -- add(p, "MessageDigest", "MD5", "sun.security.provider.MD5", attrs); +- addWithAlias(p, "MessageDigest", "MD2", "sun.security.provider.MD2", +- attrs); +- addWithAlias(p, "MessageDigest", "MD5", "sun.security.provider.MD5", +- attrs); - addWithAlias(p, "MessageDigest", "SHA-1", "sun.security.provider.SHA", - attrs); + if (!systemFipsEnabled) { @@ -2132,10 +2134,12 @@ index 912cad59714..709d32912ca 100644 + /* + * Digest engines + */ -+ add(p, "MessageDigest", "MD2", "sun.security.provider.MD2", attrs); -+ add(p, "MessageDigest", "MD5", "sun.security.provider.MD5", attrs); ++ addWithAlias(p, "MessageDigest", "MD2", "sun.security.provider.MD2", ++ attrs); ++ addWithAlias(p, "MessageDigest", "MD5", "sun.security.provider.MD5", ++ attrs); + addWithAlias(p, "MessageDigest", "SHA-1", "sun.security.provider.SHA", -+ attrs); ++ attrs); + + addWithAlias(p, "MessageDigest", "SHA-224", + "sun.security.provider.SHA2$SHA224", attrs); @@ -2280,7 +2284,7 @@ index ca79f25cc44..225517ac69b 100644 "sun.security.rsa.PSSParameters", null); } diff --git a/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java b/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java -index 6ffdfeda18d..775b185fb06 100644 +index a7fc33d9ffb..cec40ba7b21 100644 --- a/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java +++ b/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java @@ -32,6 +32,7 @@ import java.security.cert.*; @@ -2408,7 +2412,7 @@ index 894e26dfad8..8b16378b96b 100644 "sun.security.ssl.SSLContextImpl$TLSContext", List.of("SSL"), null); diff --git a/src/java.base/share/conf/security/java.security b/src/java.base/share/conf/security/java.security -index 91b3a01ee57..33f9fdc6f84 100644 +index f913c981ddc..fd1d0a9e478 100644 --- a/src/java.base/share/conf/security/java.security +++ b/src/java.base/share/conf/security/java.security @@ -79,6 +79,16 @@ security.provider.tbd=Apple @@ -2455,10 +2459,10 @@ index 91b3a01ee57..33f9fdc6f84 100644 # Determines the default key and trust manager factory algorithms for # the javax.net.ssl package. diff --git a/src/java.base/share/lib/security/default.policy b/src/java.base/share/lib/security/default.policy -index b22f26947af..3ee2ce6ea88 100644 +index 20f53b1cd4c..6db2393efb8 100644 --- a/src/java.base/share/lib/security/default.policy +++ b/src/java.base/share/lib/security/default.policy -@@ -121,6 +121,7 @@ grant codeBase "jrt:/jdk.charsets" { +@@ -123,6 +123,7 @@ grant codeBase "jrt:/jdk.charsets" { grant codeBase "jrt:/jdk.crypto.ec" { permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*"; @@ -2466,7 +2470,7 @@ index b22f26947af..3ee2ce6ea88 100644 permission java.lang.RuntimePermission "loadLibrary.sunec"; permission java.security.SecurityPermission "putProviderProperty.SunEC"; permission java.security.SecurityPermission "clearProviderProperties.SunEC"; -@@ -130,6 +131,7 @@ grant codeBase "jrt:/jdk.crypto.ec" { +@@ -132,6 +133,7 @@ grant codeBase "jrt:/jdk.crypto.ec" { grant codeBase "jrt:/jdk.crypto.cryptoki" { permission java.lang.RuntimePermission "accessClassInPackage.com.sun.crypto.provider"; @@ -2971,7 +2975,7 @@ index 00000000000..187be7295f3 + } +} diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java -index bf0c5f2ba84..a4daed24b82 100644 +index cae28a06d7b..1c5bd3d15ac 100644 --- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java +++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java @@ -37,6 +37,8 @@ import javax.crypto.*; @@ -2993,30 +2997,35 @@ index bf0c5f2ba84..a4daed24b82 100644 private static final long serialVersionUID = -2575874101938349339L; private static final String PUBLIC = "public"; -@@ -392,8 +397,9 @@ abstract class P11Key implements Key, Length { +@@ -396,8 +401,9 @@ abstract class P11Key implements Key, Length { new CK_ATTRIBUTE(CKA_EXTRACTABLE), }); - boolean keySensitive = (attrs[0].getBoolean() || - attrs[1].getBoolean() || !attrs[2].getBoolean()); + boolean keySensitive = (!plainKeySupportEnabled && -+ (attrs[0].getBoolean() || -+ attrs[1].getBoolean() || !attrs[2].getBoolean())); ++ (attrs[0].getBoolean() || ++ attrs[1].getBoolean() || !attrs[2].getBoolean())); switch (algorithm) { case "RSA": -@@ -448,7 +454,8 @@ abstract class P11Key implements Key, Length { +@@ -452,7 +458,8 @@ abstract class P11Key implements Key, Length { public String getFormat() { token.ensureValid(); -- if (sensitive || (extractable == false)) { +- if (sensitive || !extractable || (isNSS && tokenObject)) { + if (!plainKeySupportEnabled && -+ (sensitive || (extractable == false))) { ++ (sensitive || !extractable || (isNSS && tokenObject))) { return null; } else { return "RAW"; +@@ -1574,4 +1581,3 @@ final class SessionKeyRef extends PhantomReference { + this.clear(); + } + } +- diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java -index 9cdbdfa9d6b..ea18bdb82a3 100644 +index 0f65a8b3221..0a406e1a2c8 100644 --- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java +++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java @@ -26,6 +26,9 @@ @@ -3135,7 +3144,7 @@ index 9cdbdfa9d6b..ea18bdb82a3 100644 if (config.getHandleStartupErrors() == Config.ERR_IGNORE_ALL) { throw new UnsupportedOperationException diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java -index f87690bc24f..79408353609 100644 +index 4b06daaf264..55e14945469 100644 --- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java +++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java @@ -49,6 +49,9 @@ package sun.security.pkcs11.wrapper; @@ -3148,7 +3157,7 @@ index f87690bc24f..79408353609 100644 import java.util.*; import java.security.AccessController; -@@ -167,18 +170,43 @@ public class PKCS11 { +@@ -174,18 +177,43 @@ public class PKCS11 { return version; } @@ -3195,7 +3204,7 @@ index f87690bc24f..79408353609 100644 } if (omitInitialize == false) { try { -@@ -1971,4 +1999,194 @@ static class SynchronizedPKCS11 extends PKCS11 { +@@ -1976,4 +2004,194 @@ static class SynchronizedPKCS11 extends PKCS11 { super.C_GenerateRandom(hSession, randomData); } } @@ -3391,7 +3400,7 @@ index f87690bc24f..79408353609 100644 +} } diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11Exception.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11Exception.java -index ad2ffc8623b..5441fdecea0 100644 +index 8a560a2c48d..7d68520375b 100644 --- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11Exception.java +++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11Exception.java @@ -190,6 +190,14 @@ public class PKCS11Exception extends Exception { @@ -3410,7 +3419,7 @@ index ad2ffc8623b..5441fdecea0 100644 * Constructor taking the error code (the CKR_* constants in PKCS#11) and * extra info for error message. diff --git a/src/jdk.crypto.ec/share/classes/sun/security/ec/SunEC.java b/src/jdk.crypto.ec/share/classes/sun/security/ec/SunEC.java -index 8c9e4f9dbe6..883dc04758e 100644 +index 200ed63634f..fa258d736d0 100644 --- a/src/jdk.crypto.ec/share/classes/sun/security/ec/SunEC.java +++ b/src/jdk.crypto.ec/share/classes/sun/security/ec/SunEC.java @@ -38,6 +38,7 @@ import java.util.HashMap; @@ -3432,11 +3441,10 @@ index 8c9e4f9dbe6..883dc04758e 100644 private static class ProviderServiceA extends ProviderService { ProviderServiceA(Provider p, String type, String algo, String cn, HashMap attrs) { -@@ -249,85 +254,86 @@ public final class SunEC extends Provider { - +@@ -249,83 +254,85 @@ public final class SunEC extends Provider { putXDHEntries(); putEdDSAEntries(); -- + - /* - * Signature engines - */ @@ -3506,9 +3514,8 @@ index 8c9e4f9dbe6..883dc04758e 100644 - /* - * Key Pair Generator engine - */ -- putService(new ProviderService(this, "KeyPairGenerator", -- "EC", "sun.security.ec.ECKeyPairGenerator", -- List.of("EllipticCurve"), ATTRS)); +- putService(new ProviderServiceA(this, "KeyPairGenerator", +- "EC", "sun.security.ec.ECKeyPairGenerator", ATTRS)); - - /* - * Key Agreement engine @@ -3585,9 +3592,8 @@ index 8c9e4f9dbe6..883dc04758e 100644 + /* + * Key Pair Generator engine + */ -+ putService(new ProviderService(this, "KeyPairGenerator", -+ "EC", "sun.security.ec.ECKeyPairGenerator", -+ List.of("EllipticCurve"), ATTRS)); ++ putService(new ProviderServiceA(this, "KeyPairGenerator", ++ "EC", "sun.security.ec.ECKeyPairGenerator", ATTRS)); + + /* + * Key Agreement engine @@ -3598,7 +3604,7 @@ index 8c9e4f9dbe6..883dc04758e 100644 } private void putXDHEntries() { -@@ -344,23 +350,25 @@ public final class SunEC extends Provider { +@@ -342,23 +349,25 @@ public final class SunEC extends Provider { "X448", "sun.security.ec.XDHKeyFactory.X448", ATTRS)); @@ -3641,7 +3647,7 @@ index 8c9e4f9dbe6..883dc04758e 100644 } private void putEdDSAEntries() { -@@ -375,21 +383,23 @@ public final class SunEC extends Provider { +@@ -373,21 +382,23 @@ public final class SunEC extends Provider { putService(new ProviderServiceA(this, "KeyFactory", "Ed448", "sun.security.ec.ed.EdDSAKeyFactory.Ed448", ATTRS)); diff --git a/java-latest-openjdk.spec b/java-latest-openjdk.spec index d092a5e..35ddefd 100644 --- a/java-latest-openjdk.spec +++ b/java-latest-openjdk.spec @@ -308,14 +308,14 @@ %endif # New Version-String scheme-style defines -%global featurever 18 +%global featurever 19 %global interimver 0 -%global updatever 2 +%global updatever 0 %global patchver 0 # buildjdkver is usually same as %%{featurever}, # but in time of bootstrap of next jdk, it is featurever-1, # and this it is better to change it here, on single place -%global buildjdkver %{featurever} +%global buildjdkver 18 # We don't add any LTS designator for STS packages (Fedora and EPEL). # We need to explicitly exclude EPEL as it would have the %%{rhel} macro defined. %if 0%{?rhel} && !0%{?epel} @@ -360,14 +360,14 @@ # Define IcedTea version used for SystemTap tapsets and desktop file %global icedteaver 6.0.0pre00-c848b93a8598 # Define current Git revision for the FIPS support patches -%global fipsver 60131cc7271 +%global fipsver d95bb40c7c8 # Standard JPackage naming and versioning defines %global origin openjdk %global origin_nice OpenJDK %global top_level_dir_name %{origin} %global top_level_dir_name_backup %{top_level_dir_name}-backup -%global buildver 9 +%global buildver 36 %global rpmrelease 1 # Priority must be 8 digits in total; up to openjdk 1.8, we were using 18..... so when we moved to 11, we had to add another digit %if %is_system_jdk @@ -1084,7 +1084,6 @@ exit 0 %define files_demo() %{expand: %license %{_jvmdir}/%{sdkdir -- %{?1}}/legal %{_jvmdir}/%{sdkdir -- %{?1}}/demo -%{_jvmdir}/%{sdkdir -- %{?1}}/sample } %define files_src() %{expand: @@ -1360,6 +1359,9 @@ Source16: CheckVendor.java # nss fips configuration file Source17: nss.fips.cfg.in +# Ensure translations are available for new timezones +Source18: TestTranslations.java + ############################################ # # RPM/distribution specific patches @@ -1379,10 +1381,12 @@ Patch2: rh1648644-java_access_bridge_privileged_security.patch Patch3: rh649512-remove_uses_of_far_in_jpeg_libjpeg_turbo_1_4_compat_for_jdk10_and_up.patch # Depend on pcsc-lite-libs instead of pcsc-lite-devel as this is only in optional repo Patch6: rh1684077-openjdk_should_depend_on_pcsc-lite-libs_instead_of_pcsc-lite-devel.patch +# Add translations for Europe/Kyiv locally until upstream is fully updated for tzdata2022b +Patch7: jdk8292223-tzdata2022b-kyiv.patch # Crypto policy and FIPS support patches -# Patch is generated from the fips-18u tree at https://github.com/rh-openjdk/jdk/tree/fips-18u -# as follows: git diff %%{vcstag} src make > fips-18u-$(git show -s --format=%h HEAD).patch +# Patch is generated from the fips-19u tree at https://github.com/rh-openjdk/jdk/tree/fips-19u +# as follows: git diff %%{vcstag} src make > fips-19u-$(git show -s --format=%h HEAD).patch # Diff is limited to src and make subdirectories to exclude .github changes # Fixes currently included: # PR3183, RH1340845: Follow system wide crypto policy @@ -1403,7 +1407,7 @@ Patch6: rh1684077-openjdk_should_depend_on_pcsc-lite-libs_instead_of_pcsc-lite-d # RH2094027: SunEC runtime permission for FIPS # RH2036462: sun.security.pkcs11.wrapper.PKCS11.getInstance breakage # RH2090378: Revert to disabling system security properties and FIPS mode support together -Patch1001: fips-18u-%{fipsver}.patch +Patch1001: fips-19u-%{fipsver}.patch ############################################# # @@ -1823,6 +1827,7 @@ pushd %{top_level_dir_name} %patch2 -p1 %patch3 -p1 %patch6 -p1 +%patch7 -p1 # Add crypto policy and FIPS support %patch1001 -p1 # alt-java @@ -2075,9 +2080,9 @@ function debugcheckjdk() { IFS=$'\n' for line in $(eu-readelf -s "$lib" | grep "00000000 0 FILE LOCAL DEFAULT") do - # We expect to see .cpp files, except for architectures like aarch64 and + # We expect to see .cpp and .S files, except for architectures like aarch64 and # s390 where we expect .o and .oS files - echo "$line" | grep -E "ABS ((.*/)?[-_a-zA-Z0-9]+\.(c|cc|cpp|cxx|o|oS))?$" + echo "$line" | grep -E "ABS ((.*/)?[-_a-zA-Z0-9]+\.(c|cc|cpp|cxx|o|S|oS))?$" done IFS="$old_IFS" @@ -2289,10 +2294,6 @@ done # See https://bugzilla.redhat.com/show_bug.cgi?id=741821 mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/.java/.systemPrefs -# copy samples next to demos; samples are mostly js files -cp -r %{top_level_dir_name}/src/sample $RPM_BUILD_ROOT/%{_jvmdir}/%{sdkdir -- $suffix}/ - - # moving config files to /etc mkdir -p $RPM_BUILD_ROOT/%{etcjavadir -- $suffix} mkdir -p $RPM_BUILD_ROOT/%{etcjavadir -- $suffix}/lib @@ -2359,6 +2360,14 @@ if ! nm $JAVA_HOME/bin/%{alt_java_name} | grep set_speculation ; then true ; els $JAVA_HOME/bin/javac -d . %{SOURCE16} $JAVA_HOME/bin/java $(echo $(basename %{SOURCE16})|sed "s|\.java||") "%{oj_vendor}" "%{oj_vendor_url}" "%{oj_vendor_bug_url}" "%{oj_vendor_version}" +# Check translations are available for new timezones +$JAVA_HOME/bin/javac --add-exports java.base/sun.util.resources=ALL-UNNAMED \ + --add-exports java.base/sun.util.locale.provider=ALL-UNNAMED \ + -d . %{SOURCE18} +$JAVA_HOME/bin/java --add-exports java.base/sun.util.resources=ALL-UNNAMED \ + --add-exports java.base/sun.util.locale.provider=ALL-UNNAMED \ + $(echo $(basename %{SOURCE18})|sed "s|\.java||") "Europe/Kiev" "Europe/Kyiv" + %if %{include_staticlibs} # Check debug symbols in static libraries (smoke test) export STATIC_LIBS_HOME=${JAVA_HOME}/%{static_libs_install_dir} @@ -2626,6 +2635,15 @@ cjc.mainProgram(args) %endif %changelog +* Mon Aug 29 2022 Andrew Hughes - 1:19.0.0.0.36-1.rolling +- Update to RC version of OpenJDK 19 +- Update release notes to 19.0.0 +- Rebase FIPS patches from fips-19u branch +- Need to include the '.S' suffix in debuginfo checks after JDK-8284661 +- Add patch to provide translations for Europe/Kyiv added in tzdata2022b +- Add test to ensure timezones can be translated +- Remove references to sample directory removed by JDK-8284999 + * Fri Jul 22 2022 Andrew Hughes - 1:18.0.2.0.9-1.rolling - Update to jdk-18.0.2 release - Update release notes to 18.0.2 diff --git a/jdk8292223-tzdata2022b-kyiv.patch b/jdk8292223-tzdata2022b-kyiv.patch new file mode 100644 index 0000000..1107b82 --- /dev/null +++ b/jdk8292223-tzdata2022b-kyiv.patch @@ -0,0 +1,132 @@ +diff --git a/src/java.base/share/classes/sun/util/resources/TimeZoneNames.java b/src/java.base/share/classes/sun/util/resources/TimeZoneNames.java +index 8759aab3995..11ccbf73839 100644 +--- a/src/java.base/share/classes/sun/util/resources/TimeZoneNames.java ++++ b/src/java.base/share/classes/sun/util/resources/TimeZoneNames.java +@@ -847,6 +847,7 @@ public final class TimeZoneNames extends TimeZoneNamesBundle { + {"Europe/Kirov", new String[] {"Kirov Standard Time", "GMT+03:00", + "Kirov Daylight Time", "GMT+03:00", + "Kirov Time", "GMT+03:00"}}, ++ {"Europe/Kyiv", EET}, + {"Europe/Lisbon", WET}, + {"Europe/Ljubljana", CET}, + {"Europe/London", GMTBST}, +diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_de.java b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_de.java +index f007c1a8d3b..617268e4cf3 100644 +--- a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_de.java ++++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_de.java +@@ -825,6 +825,7 @@ public final class TimeZoneNames_de extends TimeZoneNamesBundle { + {"Europe/Jersey", GMTBST}, + {"Europe/Kaliningrad", EET}, + {"Europe/Kiev", EET}, ++ {"Europe/Kyiv", EET}, + {"Europe/Lisbon", WET}, + {"Europe/Ljubljana", CET}, + {"Europe/London", GMTBST}, +diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_es.java b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_es.java +index 386414e16e6..14c5d89b9c5 100644 +--- a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_es.java ++++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_es.java +@@ -825,6 +825,7 @@ public final class TimeZoneNames_es extends TimeZoneNamesBundle { + {"Europe/Jersey", GMTBST}, + {"Europe/Kaliningrad", EET}, + {"Europe/Kiev", EET}, ++ {"Europe/Kyiv", EET}, + {"Europe/Lisbon", WET}, + {"Europe/Ljubljana", CET}, + {"Europe/London", GMTBST}, +diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_fr.java b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_fr.java +index d23f5fd49e6..44117125619 100644 +--- a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_fr.java ++++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_fr.java +@@ -825,6 +825,7 @@ public final class TimeZoneNames_fr extends TimeZoneNamesBundle { + {"Europe/Jersey", GMTBST}, + {"Europe/Kaliningrad", EET}, + {"Europe/Kiev", EET}, ++ {"Europe/Kyiv", EET}, + {"Europe/Lisbon", WET}, + {"Europe/Ljubljana", CET}, + {"Europe/London", GMTBST}, +diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_it.java b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_it.java +index b4f57d4568c..efa818f3865 100644 +--- a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_it.java ++++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_it.java +@@ -825,6 +825,7 @@ public final class TimeZoneNames_it extends TimeZoneNamesBundle { + {"Europe/Jersey", GMTBST}, + {"Europe/Kaliningrad", EET}, + {"Europe/Kiev", EET}, ++ {"Europe/Kyiv", EET}, + {"Europe/Lisbon", WET}, + {"Europe/Ljubljana", CET}, + {"Europe/London", GMTBST}, +diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_ja.java b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_ja.java +index 1a10a9f96dc..7c0565461ad 100644 +--- a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_ja.java ++++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_ja.java +@@ -825,6 +825,7 @@ public final class TimeZoneNames_ja extends TimeZoneNamesBundle { + {"Europe/Jersey", GMTBST}, + {"Europe/Kaliningrad", EET}, + {"Europe/Kiev", EET}, ++ {"Europe/Kyiv", EET}, + {"Europe/Lisbon", WET}, + {"Europe/Ljubljana", CET}, + {"Europe/London", GMTBST}, +diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_ko.java b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_ko.java +index 9a2d9e5c57c..8a2c805997f 100644 +--- a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_ko.java ++++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_ko.java +@@ -825,6 +825,7 @@ public final class TimeZoneNames_ko extends TimeZoneNamesBundle { + {"Europe/Jersey", GMTBST}, + {"Europe/Kaliningrad", EET}, + {"Europe/Kiev", EET}, ++ {"Europe/Kyiv", EET}, + {"Europe/Lisbon", WET}, + {"Europe/Ljubljana", CET}, + {"Europe/London", GMTBST}, +diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_pt_BR.java b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_pt_BR.java +index de5e5c82daa..e3c06417f09 100644 +--- a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_pt_BR.java ++++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_pt_BR.java +@@ -825,6 +825,7 @@ public final class TimeZoneNames_pt_BR extends TimeZoneNamesBundle { + {"Europe/Jersey", GMTBST}, + {"Europe/Kaliningrad", EET}, + {"Europe/Kiev", EET}, ++ {"Europe/Kyiv", EET}, + {"Europe/Lisbon", WET}, + {"Europe/Ljubljana", CET}, + {"Europe/London", GMTBST}, +diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_sv.java b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_sv.java +index b53de4d8c89..3e46b6a063e 100644 +--- a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_sv.java ++++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_sv.java +@@ -825,6 +825,7 @@ public final class TimeZoneNames_sv extends TimeZoneNamesBundle { + {"Europe/Jersey", GMTBST}, + {"Europe/Kaliningrad", EET}, + {"Europe/Kiev", EET}, ++ {"Europe/Kyiv", EET}, + {"Europe/Lisbon", WET}, + {"Europe/Ljubljana", CET}, + {"Europe/London", GMTBST}, +diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_zh_CN.java b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_zh_CN.java +index 7797cda19d5..590908409a8 100644 +--- a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_zh_CN.java ++++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_zh_CN.java +@@ -825,6 +825,7 @@ public final class TimeZoneNames_zh_CN extends TimeZoneNamesBundle { + {"Europe/Jersey", GMTBST}, + {"Europe/Kaliningrad", EET}, + {"Europe/Kiev", EET}, ++ {"Europe/Kyiv", EET}, + {"Europe/Lisbon", WET}, + {"Europe/Ljubljana", CET}, + {"Europe/London", GMTBST}, +diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_zh_TW.java b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_zh_TW.java +index 2cd10554853..23c5f180b6d 100644 +--- a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_zh_TW.java ++++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_zh_TW.java +@@ -827,6 +827,7 @@ public final class TimeZoneNames_zh_TW extends TimeZoneNamesBundle { + {"Europe/Jersey", GMTBST}, + {"Europe/Kaliningrad", EET}, + {"Europe/Kiev", EET}, ++ {"Europe/Kyiv", EET}, + {"Europe/Lisbon", WET}, + {"Europe/Ljubljana", CET}, + {"Europe/London", GMTBST}, diff --git a/sources b/sources index 8b03eaa..f1891af 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ SHA512 (tapsets-icedtea-6.0.0pre00-c848b93a8598.tar.xz) = 97d026212363b3c83f6a04100ad7f6fdde833d16579717f8756e2b8c2eb70e144a41a330cb9ccde9c3badd37a2d54fdf4650a950ec21d8b686d545ecb2a64d30 -SHA512 (openjdk-jdk18u-jdk-18.0.2+9.tar.xz) = 08b06407deb4a13f36b29738b8038c7b2ce953eb526abe732fb4a256d968511c9ef705c5d568b4b3c98867665b748e331c9f293e69fc13bea1eed6879b6095d0 +SHA512 (openjdk-jdk19u-jdk-19+36.tar.xz) = c441e1f7dbabe3e66e062a7f661f953e06c10dd165995e2996e614d32f2333cd4532f45064ba4d098dfc8fa3637448d4dc9869c235d086ef80499a7a262f4ede