java-21-openjdk/rh1648249-add_commented_out_nss_cfg_provider_to_java_security.patch
Andrew John Hughes 7bc45a5253 Update FIPS support to bring in latest changes
* RH2023467: Enable FIPS keys export
* RH2094027: SunEC runtime permission for FIPS
* RH2036462: sun.security.pkcs11.wrapper.PKCS11.getInstance breakage
* RH2090378: Revert to disabling system security properties and FIPS mode support together

Rebase RH1648249 nss.cfg patch so it applies after the FIPS patch
Enable system security properties in the RPM (now disabled by default in the FIPS repo)
Improve security properties test to check both enabled and disabled behaviour
Run security properties test with property debugging on
Minor sync-ups with java-17-openjdk spec file
2022-06-24 17:41:21 +01:00

13 lines
544 B
Diff

diff --git openjdk.orig/src/java.base/share/conf/security/java.security openjdk/src/java.base/share/conf/security/java.security
index 68a9c1a2d08..7aa25eb2cb7 100644
--- openjdk.orig/src/java.base/share/conf/security/java.security
+++ openjdk/src/java.base/share/conf/security/java.security
@@ -78,6 +78,7 @@ security.provider.tbd=SunMSCAPI
security.provider.tbd=Apple
#endif
security.provider.tbd=SunPKCS11
+#security.provider.tbd=SunPKCS11 ${java.home}/lib/security/nss.cfg
#
# Security providers used when FIPS mode support is active