Set buildjdkver to 11

Signed-off-by: David Abdurachmanov <david.abdurachmanov@sifive.com>

.gitignore

@@ -15,17 +15,3 @@
 /jdk-updates-jdk15u-jdk-15.0.2+7.tar.xz
 /openjdk-jdk16-jdk-16+36.tar.xz
 /openjdk-jdk16u-jdk-16.0.1+9.tar.xz
-/openjdk-jdk17-jdk-17+26.tar.xz
-/openjdk-jdk17-jdk-17+33.tar.xz
-/openjdk-jdk17-jdk-17+35.tar.xz
-/openjdk-jdk17u-jdk-17.0.1+12.tar.xz
-/tapsets-icedtea-6.0.0pre00-c848b93a8598.tar.xz
-/openjdk-jdk17u-jdk-17.0.2+8.tar.xz
-/openjdk-jdk-jdk-18+27.tar.xz
-/openjdk-jdk18-jdk-18+27.tar.xz
-/openjdk-jdk18-jdk-18+37.tar.xz
-/openjdk-jdk18u-jdk-18.0.1+0.tar.xz
-/openjdk-jdk18u-jdk-18.0.1+10.tar.xz
-/openjdk-jdk18u-jdk-18.0.1.1+2.tar.xz
-/openjdk-jdk18u-jdk-18.0.2+9.tar.xz
-/openjdk-jdk19u-jdk-19+36.tar.xz

CheckVendor.java

@@ -1,65 +0,0 @@
-/* CheckVendor -- Check the vendor properties match specified values.
-   Copyright (C) 2020 Red Hat, Inc.
-
-This program is free software: you can redistribute it and/or modify
-it under the terms of the GNU Affero General Public License as
-published by the Free Software Foundation, either version 3 of the
-License, or (at your option) any later version.
-
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-GNU Affero General Public License for more details.
-
-You should have received a copy of the GNU Affero General Public License
-along with this program.  If not, see <http://www.gnu.org/licenses/>.
-*/
-
-/**
- * @test
- */
-public class CheckVendor {
-
-    public static void main(String[] args) {
-        if (args.length < 4) {
-            System.err.println("CheckVendor <VENDOR> <VENDOR-URL> <VENDOR-BUG-URL> <VENDOR-VERSION-STRING>");
-	    System.exit(1);
-	}
-
-	String vendor = System.getProperty("java.vendor");
-	String expectedVendor = args[0];
-	String vendorURL = System.getProperty("java.vendor.url");
-	String expectedVendorURL = args[1];
-	String vendorBugURL = System.getProperty("java.vendor.url.bug");
-	String expectedVendorBugURL = args[2];
-        String vendorVersionString = System.getProperty("java.vendor.version");
-        String expectedVendorVersionString = args[3];
-
-	if (!expectedVendor.equals(vendor)) {
-	    System.err.printf("Invalid vendor %s, expected %s\n",
-			      vendor, expectedVendor);
-	    System.exit(2);
-	}
-
-	if (!expectedVendorURL.equals(vendorURL)) {
-	    System.err.printf("Invalid vendor URL %s, expected %s\n",
-			      vendorURL, expectedVendorURL);
-	    System.exit(3);
-	}
-
-	if (!expectedVendorBugURL.equals(vendorBugURL)) {
-            System.err.printf("Invalid vendor bug URL %s, expected %s\n",
-			      vendorBugURL, expectedVendorBugURL);
-	    System.exit(4);
-	}
-
-        if (!expectedVendorVersionString.equals(vendorVersionString)) {
-            System.err.printf("Invalid vendor version string %s, expected %s\n",
-                              vendorVersionString, expectedVendorVersionString);
-	    System.exit(5);
-        }
-
-        System.err.printf("Vendor information verified as %s, %s, %s, %s\n",
-                          vendor, vendorURL, vendorBugURL, vendorVersionString);
-    }
-}

NEWS

@@ -3,124 +3,152 @@ Key:
 JDK-X  - https://bugs.openjdk.java.net/browse/JDK-X
 CVE-XXXX-YYYY: https://cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
 
-New in release OpenJDK 19.0.0 (2022-09-20):
+New in release OpenJDK 15.0.2 (2021-01-19):
 ===========================================
-Major changes are listed below.  Some changes may have been backported
-to earlier releases following their first appearance in OpenJDK 19.
+Live versions of these release notes can be found at:
+  * https://builds.shipilev.net/backports-monitor/release-notes-15.0.2.txt
 
-The full list of changes in 19u can be found at:
--  * https://builds.shipilev.net/backports-monitor/release-notes-19.txt
+* Security fixes
+  - JDK-8247619: Improve Direct Buffering of Characters
+* Other changes
+  - JDK-8197981: Missing return statement in __sync_val_compare_and_swap_8
+  - JDK-8239105: Add exception for expiring Digicert root certificates to VerifyCACerts test
+  - JDK-8247741: Test test/hotspot/jtreg/runtime/7162488/TestUnrecognizedVmOption.java fails when -XX:+IgnoreUnrecognizedVMOptions is set
+  - JDK-8248411: [aarch64] Insufficient error handling when CodeBuffer is exhausted
+  - JDK-8248596: [TESTBUG] compiler/loopopts/PartialPeelingUnswitch.java times out with Graal enabled
+  - JDK-8248667: Need support for building native libraries located in the test/lib directory
+  - JDK-8249176: Update GlobalSignR6CA test certificates
+  - JDK-8249192: MonitorInfo stores raw oops across safepoints
+  - JDK-8249217: Unexpected StackOverflowError in "process reaper" thread still happens
+  - JDK-8249781: AArch64: AOT compiled code crashes if C2 allocates r27
+  - JDK-8250257: Bump release strings for JDK 15.0.2
+  - JDK-8251397: NPE on ClassValue.ClassValueMap.cacheArray
+  - JDK-8251859: sun/security/validator/PKIXValAndRevCheckTests.java fails
+  - JDK-8253191: C2: Masked byte comparisons with large masks produce wrong result on x86
+  - JDK-8253375: OSX build fails with Xcode 12.0 (12A7209)
+  - JDK-8253566: clazz.isAssignableFrom will return false for interface implementors
+  - JDK-8253756: C2 CompilerThread0 crash in Node::add_req(Node*)
+  - JDK-8253791: Issue with useAppleColor check in CSystemColors.m
+  - JDK-8253960: Memory leak in Java_java_lang_ClassLoader_defineClass0()
+  - JDK-8254081: java/security/cert/PolicyNode/GetPolicyQualifiers.java fails due to an expired certificate
+  - JDK-8254166: Zero: return-type warning in zeroInterpreter_zero.cpp
+  - JDK-8254177: (tz) Upgrade time-zone data to tzdata2020b
+  - JDK-8254319: Shenandoah: Interpreter native-LRB needs to activate during HAS_FORWARDED
+  - JDK-8254320: Shenandoah: C2 native LRB should activate for non-cset objects
+  - JDK-8254790: SIGSEGV in string_indexof_char and stringL_indexof_char intrinsics
+  - JDK-8254854: [cgroups v1] Metric limits not properly detected on some join controller combinations
+  - JDK-8254982: (tz) Upgrade time-zone data to tzdata2020c
+  - JDK-8255065: Zero: accessor_entry misses the IRIW case
+  - JDK-8255067: Restore Copyright line in file modified by 8253191
+  - JDK-8255226: (tz) Upgrade time-zone data to tzdata2020d
+  - JDK-8255599: Change jdk 15.0.2 milestone to fcs for build b04
+  - JDK-8255603: Memory/Performance regression after JDK-8210985
+  - JDK-8256051: nmethod_entry_barrier stub miscalculates xmm spill size on x86_32
+  - JDK-8256427: Test com/sun/jndi/dns/ConfigTests/PortUnreachable.java does not work on AIX
+  - JDK-8256618: Zero: Linux x86_32 build still fails
+  - JDK-8257181: s390x builds are very noisy with gc-sections messages
+  - JDK-8257641: Shenandoah: Query is_at_shenandoah_safepoint() from control thread should return false
+  - JDK-8257701: Shenandoah: objArrayKlass metadata is not marked with chunked arrays
 
-NEW FEATURES
-============
-
-Language Features
-=================
-
-Pattern Matching for switch
+Notes on individual issues:
 ===========================
-https://openjdk.org/jeps/406
-https://openjdk.org/jeps/420
-https://openjdk.org/jeps/427
 
-Enhance the Java programming language with pattern matching for
-`switch` expressions and statements, along with extensions to the
-language of patterns. Extending pattern matching to `switch` allows an
-expression to be tested against a number of patterns, each with a
-specific action, so that complex data-oriented queries can be
-expressed concisely and safely.
+core-libs/java.time:
 
-This was a preview feature (http://openjdk.java.net/jeps/12) in
-OpenJDK 17 (JEP 406) and saw a second preview in OpenJDK 18 (JEP 420).
-It reaches its third preview (JEP 427) in OpenJDK 19.
+JDK-8254177: US/Pacific-New Zone name removed as part of tzdata2020b
+====================================================================
+Following JDK's update to tzdata2020b, the long-obsolete files
+pacificnew and systemv have been removed. As a result, the
+"US/Pacific-New" zone name declared in the pacificnew data file is no
+longer available for use.
 
-Record Patterns
-===============
-https://openjdk.org/jeps/405
+Information regarding the update can be viewed at
+https://mm.icann.org/pipermail/tz-announce/2020-October/000059.html
 
-Enhance the Java programming language with record patterns to
-deconstruct record values. Record patterns and type patterns can be
-nested to enable a powerful, declarative, and composable form of data
-navigation and processing.
+New in release OpenJDK 15.0.1 (2020-10-20):
+===========================================
+Live versions of these release notes can be found at:
+  * https://builds.shipilev.net/backports-monitor/release-notes-15.0.1.txt
 
-This is a preview feature (http://openjdk.java.net/jeps/12) introduced
-in OpenJDK 19 (JEP 405)
+* Security fixes
+  - JDK-8233624: Enhance JNI linkage
+  - JDK-8236196: Improve string pooling
+  - JDK-8236862, CVE-2020-14779: Enhance support of Proxy class
+  - JDK-8237990, CVE-2020-14781: Enhanced LDAP contexts
+  - JDK-8237995, CVE-2020-14782: Enhance certificate processing
+  - JDK-8240124: Better VM Interning
+  - JDK-8241114, CVE-2020-14792: Better range handling
+  - JDK-8242680, CVE-2020-14796: Improved URI Support
+  - JDK-8242685, CVE-2020-14797: Better Path Validation
+  - JDK-8242695, CVE-2020-14798: Enhanced buffer support
+  - JDK-8243302: Advanced class supports
+  - JDK-8244136, CVE-2020-14803: Improved Buffer supports
+  - JDK-8244479: Further constrain certificates
+  - JDK-8244955: Additional Fix for JDK-8240124
+  - JDK-8245407: Enhance zoning of times
+  - JDK-8245412: Better class definitions
+  - JDK-8245417: Improve certificate chain handling
+  - JDK-8248574: Improve jpeg processing
+  - JDK-8249927: Specify limits of jdk.serialProxyInterfaceLimit
+  - JDK-8253019: Enhanced JPEG decoding
+* Other changes
+  - JDK-8232114: JVM crashed at imjpapi.dll in native code
+  - JDK-8243470: [macos] bring back O2 opt level for unsafe.cpp
+  - JDK-8247251: Assert '(_pcs_length == 0 || last_pc()->pc_offset() < pc_offset) failed: must specify a new, larger pc offset' failure
+  - JDK-8248495: [macos] zerovm is broken due to libffi headers location
+  - JDK-8248745: Add jarsigner and keytool tests for restricted algorithms
+  - JDK-8249165: Remove unneeded nops introduced by 8234160 changes
+  - JDK-8249183: JVM crash in "AwtFrame::WmSize" method
+  - JDK-8249266: Bump release strings for JDK 15.0.1
+  - JDK-8249266: Change jdk 15.0.1 milestone to fcs for build b02
+  - JDK-8250612: jvmciCompilerToVM.cpp declares jio_printf with "void" return type, should be "int"
+  - JDK-8250665: Wrong translation for the month name of May in ar_JO,LB,SY
+  - JDK-8250861: Crash in MinINode::Ideal(PhaseGVN*, bool)
+  - JDK-8250876: Fix issues with cross-compile on macos
+  - JDK-8250928: JFR: Improve hash algorithm for stack traces
+  - JDK-8251359: Shenandoah: filter null oops before calling enqueue/SATB barrier
+  - JDK-8251458: Parse::do_lookupswitch fails with "assert(_cnt >= 0) failed"
+  - JDK-8251859: sun/security/validator/PKIXValAndRevCheckTests.java fails
+  - JDK-8251910: Shenandoah: Handshake threads between weak-roots and reset phases
+  - JDK-8252120: compiler/oracle/TestCompileCommand.java misspells "occured"
+  - JDK-8252292: 8240795 may cause anti-dependence to be missed
+  - JDK-8252359: HotSpot Not Identifying it is Running in a Container
+  - JDK-8252367: Undo JDK-8245000: Windows GDI functions don't support large pages
+  - JDK-8252368: Undo JDK-8245002: Windows GDI functions don't support NUMA interleaving
+  - JDK-8252470: java/awt/dnd/DisposeFrameOnDragCrash/DisposeFrameOnDragTest.java fails on Windows
+  - JDK-8252660: Shenandoah: support manageable SoftMaxHeapSize option
+  - JDK-8252754: Hash code calculation of JfrStackTrace is inconsistent
+  - JDK-8253222: Shenandoah: unused AlwaysTrueClosure after JDK-8246591
+  - JDK-8253224: Shenandoah: ShenandoahStrDedupQueue destructor calls virtual num_queues()
+  - JDK-8253226: Shenandoah: remove unimplemented ShenandoahStrDedupQueue::verify
+  - JDK-8253284: Zero OrderAccess barrier mappings are incorrect
+  - JDK-8253714: [cgroups v2] Soft memory limit incorrectly using memory.high
+  - JDK-8253727: [cgroups v2] Memory and swap limits reported incorrectly
+  - JDK-8253778: ShenandoahSafepoint::is_at_shenandoah_safepoint should not access VMThread state from other threads
+  - JDK-8254144: Non-x86 Zero builds fail with return-type warning in os_linux_zero.cpp
+  - JDK-8254560: Shenandoah: Concurrent Strong Roots logging is incorrect
 
-Library Features
-================
+Notes on individual issues:
+===========================
 
-Vector API
-==========
-https://openjdk.org/jeps/338
-https://openjdk.org/jeps/414
-https://openjdk.org/jeps/417
-https://openjdk.org/jeps/426
+security-libs/java.security:
 
-Introduce an API to express vector computations that reliably compile
-at runtime to optimal vector hardware instructions on supported CPU
-architectures and thus achieve superior performance to equivalent
-scalar computations.
+JDK-8250756: Added Entrust Root Certification Authority - G4 certificate
+========================================================================
+The Entrust root certificate has been added to the cacerts truststore:
 
-This is an incubation feature (https://openjdk.java.net/jeps/11)
-introduced in OpenJDK 16 (JEP 338). A second round of incubation took
-place in OpenJDK 17 (JEP 414), OpenJDK 18 (JEP 417) saw a third and
-OpenJDK 19 sees its fourth (JEP 426).
+Alias Name: entrustrootcag4
+Distinguished Name: CN=Entrust Root Certification Authority - G4, OU="(c) 2015 Entrust,  Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US
 
-Foreign Function & Memory API
-=============================
-https://openjdk.org/jeps/412
-https://openjdk.org/jeps/419
-https://openjdk.org/jeps/424
+JDK-8250860: Added 3 SSL Corporation Root CA Certificates
+=========================================================
+The following root certificates have been added to the cacerts truststore for the SSL Corporation:
 
-Introduce an API by which Java programs can interoperate with code and
-data outside of the Java runtime. By efficiently invoking foreign
-functions (i.e., code outside the JVM), and by safely accessing
-foreign memory (i.e., memory not managed by the JVM), the API enables
-Java programs to call native libraries and process native data without
-the brittleness and danger of JNI.
+Alias Name: sslrootrsaca
+Distinguished Name: CN=SSL.com Root Certification Authority RSA, O=SSL Corporation, L=Houston, ST=Texas, C=US
 
-This API is now a preview feature (http://openjdk.java.net/jeps/12).
-It was first introduced in incubation
-(https://openjdk.java.net/jeps/11) in OpenJDK 17 (JEP 412), and is an
-evolution of the Foreign Memory Access API (OpenJDK 14 through 16) and
-Foreign Linker API (OpenJDK 16) (see release notes for
-java-17-openjdk). OpenJDK 18 saw a second round of incubation (JEP
-419) before its inclusion as a preview in OpenJDK 19 (JEP 424).
+Alias Name: sslrootevrsaca
+Distinguished Name: CN=SSL.com EV Root Certification Authority RSA R2, O=SSL Corporation, L=Houston, ST=Texas, C=US
 
-Virtual Threads
-===============
-https://openjdk.org/jeps/425
-
-Introduce virtual threads to the Java Platform. Virtual threads are
-lightweight threads that dramatically reduce the effort of writing,
-maintaining, and observing high-throughput concurrent applications.
-
-This is a preview feature (http://openjdk.java.net/jeps/12) introduced
-in OpenJDK 19 (JEP 425)
-
-Structured Concurrency
-======================
-https://openjdk.org/jeps/428
-
-Simplify multithreaded programming by introducing an API for
-structured concurrency. Structured concurrency treats multiple tasks
-running in different threads as a single unit of work, thereby
-streamlining error handling and cancellation, improving reliability,
-and enhancing observability.
-
-This is an incubation feature (https://openjdk.java.net/jeps/11)
-introduced in OpenJDK 19 (JEP 428).
-
-Ports
-=====
-
-Linux/RISC-V Port
-=================
-https://openjdk.org/jeps/422
-
-RISC-V is a free and open-source RISC instruction set architecture
-(ISA) designed originally at the University of California, Berkeley,
-and now developed collaboratively under the sponsorship of RISC-V
-International. It is already supported by a wide range of language
-toolchains. With the increasing availability of RISC-V hardware, a
-port of the JDK would be valuable.
+Alias Name: sslrooteccca
+Distinguished Name: CN=SSL.com Root Certification Authority ECC, O=SSL Corporation, L=Houston, ST=Texas, C=US

TestSecurityProperties.java

@@ -1,20 +1,3 @@
-/* TestSecurityProperties -- Ensure system security properties can be used to
-                             enable the crypto policies.
-   Copyright (C) 2022 Red Hat, Inc.
-
-This program is free software: you can redistribute it and/or modify
-it under the terms of the GNU Affero General Public License as
-published by the Free Software Foundation, either version 3 of the
-License, or (at your option) any later version.
-
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-GNU Affero General Public License for more details.
-
-You should have received a copy of the GNU Affero General Public License
-along with this program.  If not, see <http://www.gnu.org/licenses/>.
-*/
 import java.io.File;
 import java.io.FileInputStream;
 import java.security.Security;
@@ -26,59 +9,35 @@ public class TestSecurityProperties {
     // JDK 8
     private static final String JDK_PROPS_FILE_JDK_8 = System.getProperty("java.home") + "/lib/security/java.security";
 
-    private static final String POLICY_FILE = "/etc/crypto-policies/back-ends/java.config";
-
-    private static final String MSG_PREFIX = "DEBUG: ";
-
     public static void main(String[] args) {
-        if (args.length == 0) {
-            System.err.println("TestSecurityProperties <true|false>");
-            System.err.println("Invoke with 'true' if system security properties should be enabled.");
-            System.err.println("Invoke with 'false' if system security properties should be disabled.");
-            System.exit(1);
-        }
-        boolean enabled = Boolean.valueOf(args[0]);
-        System.out.println(MSG_PREFIX + "System security properties enabled: " + enabled);
         Properties jdkProps = new Properties();
         loadProperties(jdkProps);
-        if (enabled) {
-            loadPolicy(jdkProps);
-        }
         for (Object key: jdkProps.keySet()) {
             String sKey = (String)key;
             String securityVal = Security.getProperty(sKey);
             String jdkSecVal = jdkProps.getProperty(sKey);
             if (!securityVal.equals(jdkSecVal)) {
-                String msg = "Expected value '" + jdkSecVal + "' for key '" +
+                String msg = "Expected value '" + jdkSecVal + "' for key '" + 
                              sKey + "'" + " but got value '" + securityVal + "'";
                 throw new RuntimeException("Test failed! " + msg);
             } else {
-                System.out.println(MSG_PREFIX + sKey + " = " + jdkSecVal + " as expected.");
+                System.out.println("DEBUG: " + sKey + " = " + jdkSecVal + " as expected.");
             }
         }
         System.out.println("TestSecurityProperties PASSED!");
     }
-
+    
     private static void loadProperties(Properties props) {
         String javaVersion = System.getProperty("java.version");
-        System.out.println(MSG_PREFIX + "Java version is " + javaVersion);
+        System.out.println("Debug: Java version is " + javaVersion);
         String propsFile = JDK_PROPS_FILE_JDK_11;
         if (javaVersion.startsWith("1.8.0")) {
             propsFile = JDK_PROPS_FILE_JDK_8;
         }
-        try (FileInputStream fin = new FileInputStream(propsFile)) {
+        try (FileInputStream fin = new FileInputStream(new File(propsFile))) {
             props.load(fin);
         } catch (Exception e) {
             throw new RuntimeException("Test failed!", e);
         }
     }
-
-    private static void loadPolicy(Properties props) {
-        try (FileInputStream fin = new FileInputStream(POLICY_FILE)) {
-            props.load(fin);
-        } catch (Exception e) {
-            throw new RuntimeException("Test failed!", e);
-        }
-    }
-
 }

TestTranslations.java

@@ -1,35 +0,0 @@
-/* TestTranslations -- Ensure translations are available for new timezones
-   Copyright (C) 2022 Red Hat, Inc.
-
-This program is free software: you can redistribute it and/or modify
-it under the terms of the GNU Affero General Public License as
-published by the Free Software Foundation, either version 3 of the
-License, or (at your option) any later version.
-
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-GNU Affero General Public License for more details.
-
-You should have received a copy of the GNU Affero General Public License
-along with this program.  If not, see <http://www.gnu.org/licenses/>.
-*/
-
-import java.util.Arrays;
-import java.util.Locale;
-import java.util.ResourceBundle;
-
-import sun.util.resources.LocaleData;
-import sun.util.locale.provider.LocaleProviderAdapter;
-
-public class TestTranslations {
-    public static void main(String[] args) {
-        for (String zone : args) {
-            System.out.printf("Translations for %s\n", zone);
-            for (Locale l : Locale.getAvailableLocales()) {
-                ResourceBundle bundle = new LocaleData(LocaleProviderAdapter.Type.JRE).getTimeZoneNames(l);
-                System.out.printf("Locale: %s, language: %s, translations: %s\n", l, l.getDisplayLanguage(), Arrays.toString(bundle.getStringArray(zone)));
-            }
-        }
-    }
-}

generate_source_tarball.sh

@@ -8,8 +8,8 @@
 #
 # In any case you have to set PROJECT_NAME REPO_NAME and VERSION. eg:
 # PROJECT_NAME=openjdk
-# REPO_NAME=jdk18u
-# VERSION=jdk-18.0.1+10
+# REPO_NAME=jdk16
+# VERSION=HEAD
 # or to eg prepare systemtap:
 # icedtea7's jstack and other tapsets
 # VERSION=6327cf1cea9e
@@ -37,8 +37,6 @@ set -e
 
 OPENJDK_URL_DEFAULT=https://github.com
 COMPRESSION_DEFAULT=xz
-# Corresponding IcedTea version
-ICEDTEA_VERSION=13.0
 
 if [ "x$1" = "xhelp" ] ; then
     echo -e "Behaviour may be specified by setting the following variables:\n"
@@ -128,10 +126,11 @@ pushd "${FILE_NAME_ROOT}"
 
             echo "Syncing EC list with NSS"
             if [ "x$PR3823" = "x" ] ; then
-                # get PR3823.patch (from https://github.com/icedtea-git/icedtea) in the ${ICEDTEA_VERSION} branch
-                # Do not push it or publish it
+                # originally for 8:
+                # get PR3823.patch (from http://icedtea.classpath.org/hg/icedtea16) from most correct tag
+                # Do not push it or publish it (see https://icedtea.classpath.org/bugzilla/show_bug.cgi?id=3823)
 		echo "PR3823 not found. Downloading..."
-		wget -v https://github.com/icedtea-git/icedtea/raw/${ICEDTEA_VERSION}/patches/pr3823.patch
+		wget https://icedtea.classpath.org/hg/icedtea16/raw-file/tip/patches/pr3823.patch
 	        echo "Applying ${PWD}/pr3823.patch"
 		patch -Np1 < pr3823.patch
 		rm pr3823.patch
@@ -143,14 +142,6 @@ pushd "${FILE_NAME_ROOT}"
         popd
     fi
 
-    # Generate .src-rev so build has knowledge of the revision the tarball was created from
-    mkdir build
-    pushd build
-    sh ${PWD}/../openjdk/configure
-    make store-source-revision
-    popd
-    rm -rf build
-
     echo "Compressing remaining forest"
     if [ "X$COMPRESSION" = "Xxz" ] ; then
         SWITCH=cJf
@@ -161,3 +152,5 @@ pushd "${FILE_NAME_ROOT}"
     mv ${FILE_NAME_ROOT}.tar.${COMPRESSION}  ..
 popd
 echo "Done. You may want to remove the uncompressed version - $FILE_NAME_ROOT."
+
+

icedtea_sync.sh

@@ -16,31 +16,12 @@
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
-ICEDTEA_USE_VCS=true
-
 ICEDTEA_VERSION=3.15.0
 ICEDTEA_URL=https://icedtea.classpath.org/download/source
 ICEDTEA_SIGNING_KEY=CFDA0F9B35964222
 
-ICEDTEA_HG_URL=https://icedtea.classpath.org/hg/icedtea11
-
 set -e
 
-RPM_DIR=${PWD}
-if [ ! -f ${RPM_DIR}/jconsole.desktop.in ] ; then
-    echo "Not in RPM source tree.";
-    exit 1;
-fi
-
-if test "x${TMPDIR}" = "x"; then
-    TMPDIR=/tmp;
-fi
-WORKDIR=${TMPDIR}/it.sync
-
-echo "Using working directory ${WORKDIR}"
-mkdir ${WORKDIR}
-pushd ${WORKDIR}
-
 if test "x${WGET}" = "x"; then
     WGET=$(which wget);
     if test "x${WGET}" = "x"; then
@@ -49,144 +30,68 @@ if test "x${WGET}" = "x"; then
     fi
 fi
 
+if test "x${CHECKSUM}" = "x"; then
+    CHECKSUM=$(which sha256sum)
+    if test "x${CHECKSUM}" = "x"; then
+	echo "sha256sum not found";
+	exit 2;
+    fi
+fi
+
+if test "x${PGP}" = "x"; then
+    PGP=$(which gpg)
+    if test "x${PGP}" = "x"; then
+	echo "gpg not found";
+	exit 3;
+    fi
+fi
+
 if test "x${TAR}" = "x"; then
     TAR=$(which tar)
     if test "x${TAR}" = "x"; then
 	echo "tar not found";
-	exit 2;
+	exit 4;
     fi
 fi
 
 echo "Dependencies:";
 echo -e "\tWGET: ${WGET}";
+echo -e "\tCHECKSUM: ${CHECKSUM}";
+echo -e "\tPGP: ${PGP}\n";
 echo -e "\tTAR: ${TAR}\n";
 
-if test "x${ICEDTEA_USE_VCS}" = "xtrue"; then
-    echo "Mode: Using VCS";
+echo "Checking for IcedTea signing key ${ICEDTEA_SIGNING_KEY}...";
+if ! gpg --list-keys ${ICEDTEA_SIGNING_KEY}; then
+    echo "IcedTea signing key ${ICEDTEA_SIGNING_KEY} not installed.";
+    exit 5;
+fi
 
-    if test "x${GREP}" = "x"; then
-	GREP=$(which grep);
-	if test "x${GREP}" = "x"; then
-	    echo "grep not found";
-	    exit 3;
-	fi
-    fi
+echo "Downloading IcedTea release tarball...";
+${WGET} -v ${ICEDTEA_URL}/icedtea-${ICEDTEA_VERSION}.tar.xz
+echo "Downloading IcedTea tarball signature...";
+${WGET} -v ${ICEDTEA_URL}/icedtea-${ICEDTEA_VERSION}.tar.xz.sig
+echo "Downloading IcedTea tarball checksums...";
+${WGET} -v ${ICEDTEA_URL}/icedtea-${ICEDTEA_VERSION}.sha256
 
-    if test "x${CUT}" = "x"; then
-	CUT=$(which cut);
-	if test "x${CUT}" = "x"; then
-	    echo "cut not found";
-	    exit 4;
-	fi
-    fi
+echo "Verifying checksums...";
+${CHECKSUM} --check --ignore-missing icedtea-${ICEDTEA_VERSION}.sha256
 
-    if test "x${TR}" = "x"; then
-	TR=$(which tr);
-	if test "x${TR}" = "x"; then
-	    echo "tr not found";
-	    exit 5;
-	fi
-    fi
+echo "Checking signature...";
+${PGP} --verify icedtea-${ICEDTEA_VERSION}.tar.xz.sig
 
-    if test "x${HG}" = "x"; then
-	HG=$(which hg);
-	if test "x${HG}" = "x"; then
-	    echo "hg not found";
-	    exit 6;
-	fi
-    fi
-
-    echo "Dependencies:";
-    echo -e "\tGREP: ${GREP}";
-    echo -e "\tCUT: ${CUT}";
-    echo -e "\tTR: ${TR}";
-    echo -e "\tHG: ${HG}";
-
-    echo "Checking out repository from VCS...";
-    ${HG} clone ${ICEDTEA_HG_URL} icedtea
-
-    echo "Obtaining version from configure.ac...";
-    ROOT_VER=$(${GREP} '^AC_INIT' icedtea/configure.ac|${CUT} -d ',' -f 2|${TR} -d '[][:space:]')
-    echo "Root version from configure: ${ROOT_VER}";
-
-    VCS_REV=$(${HG} log -R icedtea --template '{node|short}' -r tip)
-    echo "VCS revision: ${VCS_REV}";
-
-    ICEDTEA_VERSION="${ROOT_VER}-${VCS_REV}"
-    echo "Creating icedtea-${ICEDTEA_VERSION}";
-    mkdir icedtea-${ICEDTEA_VERSION}
-    echo "Copying required files from checkout to icedtea-${ICEDTEA_VERSION}";
-    # Commented out for now as IcedTea 6's jconsole.desktop.in is outdated
-    #cp -a icedtea/jconsole.desktop.in ../icedtea-${ICEDTEA_VERSION}
-    cp -a ${RPM_DIR}/jconsole.desktop.in icedtea-${ICEDTEA_VERSION}
-    cp -a icedtea/tapset icedtea-${ICEDTEA_VERSION}
-
-    rm -rf icedtea
-else
-    echo "Mode: Using tarball";
-
-    if test "x${ICEDTEA_VERSION}" = "x"; then
-	echo "No IcedTea version specified for tarball download.";
-	exit 3;
-    fi
-
-    if test "x${CHECKSUM}" = "x"; then
-	CHECKSUM=$(which sha256sum)
-	if test "x${CHECKSUM}" = "x"; then
-	    echo "sha256sum not found";
-	    exit 4;
-	fi
-    fi
-
-    if test "x${PGP}" = "x"; then
-	PGP=$(which gpg)
-	if test "x${PGP}" = "x"; then
-	    echo "gpg not found";
-	    exit 5;
-	fi
-    fi
-
-    echo "Dependencies:";
-    echo -e "\tCHECKSUM: ${CHECKSUM}";
-    echo -e "\tPGP: ${PGP}\n";
-
-    echo "Checking for IcedTea signing key ${ICEDTEA_SIGNING_KEY}...";
-    if ! gpg --list-keys ${ICEDTEA_SIGNING_KEY}; then
-	echo "IcedTea signing key ${ICEDTEA_SIGNING_KEY} not installed.";
-	exit 6;
-    fi
-
-    echo "Downloading IcedTea release tarball...";
-    ${WGET} -v ${ICEDTEA_URL}/icedtea-${ICEDTEA_VERSION}.tar.xz
-    echo "Downloading IcedTea tarball signature...";
-    ${WGET} -v ${ICEDTEA_URL}/icedtea-${ICEDTEA_VERSION}.tar.xz.sig
-    echo "Downloading IcedTea tarball checksums...";
-    ${WGET} -v ${ICEDTEA_URL}/icedtea-${ICEDTEA_VERSION}.sha256
-
-    echo "Verifying checksums...";
-    ${CHECKSUM} --check --ignore-missing icedtea-${ICEDTEA_VERSION}.sha256
-
-    echo "Checking signature...";
-    ${PGP} --verify icedtea-${ICEDTEA_VERSION}.tar.xz.sig
-
-    echo "Extracting files...";
-    ${TAR} xJf icedtea-${ICEDTEA_VERSION}.tar.xz \
+echo "Extracting files...";
+${TAR} xJf icedtea-${ICEDTEA_VERSION}.tar.xz \
        icedtea-${ICEDTEA_VERSION}/tapset \
        icedtea-${ICEDTEA_VERSION}/jconsole.desktop.in
 
-    rm -vf icedtea-${ICEDTEA_VERSION}.tar.xz
-    rm -vf icedtea-${ICEDTEA_VERSION}.tar.xz.sig
-    rm -vf icedtea-${ICEDTEA_VERSION}.sha256
-fi
-
 echo "Replacing desktop files...";
-mv -v icedtea-${ICEDTEA_VERSION}/jconsole.desktop.in ${RPM_DIR}
+mv -v icedtea-${ICEDTEA_VERSION}/jconsole.desktop.in .
 
 echo "Creating new tapset tarball...";
 mv -v icedtea-${ICEDTEA_VERSION} openjdk
-${TAR} cJf ${RPM_DIR}/tapsets-icedtea-${ICEDTEA_VERSION}.tar.xz openjdk
+${TAR} cJf tapsets-icedtea-${ICEDTEA_VERSION}.tar.xz openjdk
 
 rm -rvf openjdk
-
-popd
-rm -rf ${WORKDIR}
+rm -vf icedtea-${ICEDTEA_VERSION}.tar.xz
+rm -vf icedtea-${ICEDTEA_VERSION}.tar.xz.sig
+rm -vf icedtea-${ICEDTEA_VERSION}.sha256

jconsole.desktop.in

@@ -1,8 +1,8 @@
 [Desktop Entry]
-Name=OpenJDK @JAVA_VER@ for @target_cpu@ Monitoring & Management Console (@OPENJDK_VER@)
-Comment=Monitor and manage OpenJDK applications
-Exec=_SDKBINDIR_/jconsole
-Icon=java-@JAVA_VER@-@JAVA_VENDOR@
+Name=OpenJDK @JAVA_MAJOR_VERSION@ Monitoring & Management Console @ARCH@
+Comment=Monitor and manage OpenJDK @JAVA_MAJOR_VERSION@ applications for @ARCH@
+Exec=@JAVA_HOME@/jconsole
+Icon=java-@JAVA_MAJOR_VERSION@-@JAVA_VENDOR@
 Terminal=false
 Type=Application
 StartupWMClass=sun-tools-jconsole-JConsole

jdk8292223-tzdata2022b-kyiv.patch

@@ -1,132 +0,0 @@
-diff --git a/src/java.base/share/classes/sun/util/resources/TimeZoneNames.java b/src/java.base/share/classes/sun/util/resources/TimeZoneNames.java
-index 8759aab3995..11ccbf73839 100644
---- a/src/java.base/share/classes/sun/util/resources/TimeZoneNames.java
-+++ b/src/java.base/share/classes/sun/util/resources/TimeZoneNames.java
-@@ -847,6 +847,7 @@ public final class TimeZoneNames extends TimeZoneNamesBundle {
-             {"Europe/Kirov", new String[] {"Kirov Standard Time", "GMT+03:00",
-                                            "Kirov Daylight Time", "GMT+03:00",
-                                            "Kirov Time", "GMT+03:00"}},
-+            {"Europe/Kyiv", EET},
-             {"Europe/Lisbon", WET},
-             {"Europe/Ljubljana", CET},
-             {"Europe/London", GMTBST},
-diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_de.java b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_de.java
-index f007c1a8d3b..617268e4cf3 100644
---- a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_de.java
-+++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_de.java
-@@ -825,6 +825,7 @@ public final class TimeZoneNames_de extends TimeZoneNamesBundle {
-             {"Europe/Jersey", GMTBST},
-             {"Europe/Kaliningrad", EET},
-             {"Europe/Kiev", EET},
-+            {"Europe/Kyiv", EET},
-             {"Europe/Lisbon", WET},
-             {"Europe/Ljubljana", CET},
-             {"Europe/London", GMTBST},
-diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_es.java b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_es.java
-index 386414e16e6..14c5d89b9c5 100644
---- a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_es.java
-+++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_es.java
-@@ -825,6 +825,7 @@ public final class TimeZoneNames_es extends TimeZoneNamesBundle {
-             {"Europe/Jersey", GMTBST},
-             {"Europe/Kaliningrad", EET},
-             {"Europe/Kiev", EET},
-+            {"Europe/Kyiv", EET},
-             {"Europe/Lisbon", WET},
-             {"Europe/Ljubljana", CET},
-             {"Europe/London", GMTBST},
-diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_fr.java b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_fr.java
-index d23f5fd49e6..44117125619 100644
---- a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_fr.java
-+++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_fr.java
-@@ -825,6 +825,7 @@ public final class TimeZoneNames_fr extends TimeZoneNamesBundle {
-             {"Europe/Jersey", GMTBST},
-             {"Europe/Kaliningrad", EET},
-             {"Europe/Kiev", EET},
-+            {"Europe/Kyiv", EET},
-             {"Europe/Lisbon", WET},
-             {"Europe/Ljubljana", CET},
-             {"Europe/London", GMTBST},
-diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_it.java b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_it.java
-index b4f57d4568c..efa818f3865 100644
---- a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_it.java
-+++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_it.java
-@@ -825,6 +825,7 @@ public final class TimeZoneNames_it extends TimeZoneNamesBundle {
-             {"Europe/Jersey", GMTBST},
-             {"Europe/Kaliningrad", EET},
-             {"Europe/Kiev", EET},
-+            {"Europe/Kyiv", EET},
-             {"Europe/Lisbon", WET},
-             {"Europe/Ljubljana", CET},
-             {"Europe/London", GMTBST},
-diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_ja.java b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_ja.java
-index 1a10a9f96dc..7c0565461ad 100644
---- a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_ja.java
-+++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_ja.java
-@@ -825,6 +825,7 @@ public final class TimeZoneNames_ja extends TimeZoneNamesBundle {
-             {"Europe/Jersey", GMTBST},
-             {"Europe/Kaliningrad", EET},
-             {"Europe/Kiev", EET},
-+            {"Europe/Kyiv", EET},
-             {"Europe/Lisbon", WET},
-             {"Europe/Ljubljana", CET},
-             {"Europe/London", GMTBST},
-diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_ko.java b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_ko.java
-index 9a2d9e5c57c..8a2c805997f 100644
---- a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_ko.java
-+++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_ko.java
-@@ -825,6 +825,7 @@ public final class TimeZoneNames_ko extends TimeZoneNamesBundle {
-             {"Europe/Jersey", GMTBST},
-             {"Europe/Kaliningrad", EET},
-             {"Europe/Kiev", EET},
-+            {"Europe/Kyiv", EET},
-             {"Europe/Lisbon", WET},
-             {"Europe/Ljubljana", CET},
-             {"Europe/London", GMTBST},
-diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_pt_BR.java b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_pt_BR.java
-index de5e5c82daa..e3c06417f09 100644
---- a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_pt_BR.java
-+++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_pt_BR.java
-@@ -825,6 +825,7 @@ public final class TimeZoneNames_pt_BR extends TimeZoneNamesBundle {
-             {"Europe/Jersey", GMTBST},
-             {"Europe/Kaliningrad", EET},
-             {"Europe/Kiev", EET},
-+            {"Europe/Kyiv", EET},
-             {"Europe/Lisbon", WET},
-             {"Europe/Ljubljana", CET},
-             {"Europe/London", GMTBST},
-diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_sv.java b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_sv.java
-index b53de4d8c89..3e46b6a063e 100644
---- a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_sv.java
-+++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_sv.java
-@@ -825,6 +825,7 @@ public final class TimeZoneNames_sv extends TimeZoneNamesBundle {
-             {"Europe/Jersey", GMTBST},
-             {"Europe/Kaliningrad", EET},
-             {"Europe/Kiev", EET},
-+            {"Europe/Kyiv", EET},
-             {"Europe/Lisbon", WET},
-             {"Europe/Ljubljana", CET},
-             {"Europe/London", GMTBST},
-diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_zh_CN.java b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_zh_CN.java
-index 7797cda19d5..590908409a8 100644
---- a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_zh_CN.java
-+++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_zh_CN.java
-@@ -825,6 +825,7 @@ public final class TimeZoneNames_zh_CN extends TimeZoneNamesBundle {
-             {"Europe/Jersey", GMTBST},
-             {"Europe/Kaliningrad", EET},
-             {"Europe/Kiev", EET},
-+            {"Europe/Kyiv", EET},
-             {"Europe/Lisbon", WET},
-             {"Europe/Ljubljana", CET},
-             {"Europe/London", GMTBST},
-diff --git a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_zh_TW.java b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_zh_TW.java
-index 2cd10554853..23c5f180b6d 100644
---- a/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_zh_TW.java
-+++ b/src/jdk.localedata/share/classes/sun/util/resources/ext/TimeZoneNames_zh_TW.java
-@@ -827,6 +827,7 @@ public final class TimeZoneNames_zh_TW extends TimeZoneNamesBundle {
-             {"Europe/Jersey", GMTBST},
-             {"Europe/Kaliningrad", EET},
-             {"Europe/Kiev", EET},
-+            {"Europe/Kyiv", EET},
-             {"Europe/Lisbon", WET},
-             {"Europe/Ljubljana", CET},
-             {"Europe/London", GMTBST},

nss.fips.cfg.in

@@ -1,8 +0,0 @@
-name = NSS-FIPS
-nssLibraryDirectory = @NSS_LIBDIR@
-nssSecmodDirectory = sql:/etc/pki/nssdb
-nssDbMode = readOnly
-nssModule = fips
-
-attributes(*,CKO_SECRET_KEY,CKK_GENERIC_SECRET)={ CKA_SIGN=true }
-

openjdk_news.sh

@@ -1,76 +0,0 @@
-#!/bin/bash
-
-# Copyright (C) 2022 Red Hat, Inc.
-# Written by Andrew John Hughes <gnu.andrew@redhat.com>, 2012-2022
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as
-# published by the Free Software Foundation, either version 3 of the
-# License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU Affero General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-OLD_RELEASE=$1
-NEW_RELEASE=$2
-SUBDIR=$3
-REPO=$4
-SCRIPT_DIR=$(dirname ${0})
-
-if test "x${SUBDIR}" = "x"; then
-    echo "No subdirectory specified; using .";
-    SUBDIR=".";
-fi
-
-if test "x$REPO" = "x"; then
-    echo "No repository specified; using ${PWD}"
-    REPO=${PWD}
-fi
-
-if test x${TMPDIR} = x; then
-    TMPDIR=/tmp;
-fi
-
-echo "Repository: ${REPO}"
-
-if [ -e ${REPO}/.git ] ; then
-    TYPE=git;
-elif [ -e ${REPO}/.hg ] ; then
-    TYPE=hg;
-else
-    echo "No Mercurial or Git repository detected.";
-    exit 1;
-fi
-
-if test "x$OLD_RELEASE" = "x" || test "x$NEW_RELEASE" = "x"; then
-    echo "ERROR: Need to specify old and new release";
-    exit 2;
-fi
-
-echo "Listing fixes between $OLD_RELEASE and $NEW_RELEASE in $REPO"
-rm -f ${TMPDIR}/fixes2 ${TMPDIR}/fixes3 ${TMPDIR}/fixes
-for repos in . $(${SCRIPT_DIR}/discover_trees.sh ${REPO});
-do
-    if test "x$TYPE" = "xhg"; then
-	hg log -r "tag('$NEW_RELEASE'):tag('$OLD_RELEASE') - tag('$OLD_RELEASE')" -R $REPO/$repos -G -M ${REPO}/${SUBDIR} | \
-	    egrep '^[o:| ]*summary'|grep -v 'Added tag'|sed -r 's#^[o:| ]*summary:\W*([0-9])#  - JDK-\1#'| \
-	    sed 's#^[o:| ]*summary:\W*#  - #' >> ${TMPDIR}/fixes2;
-	hg log -v -r "tag('$NEW_RELEASE'):tag('$OLD_RELEASE') - tag('$OLD_RELEASE')" -R $REPO/$repos -G -M ${REPO}/${SUBDIR} | \
-	    egrep '^[o:| ]*[0-9]{7}'|sed -r 's#^[o:| ]*([0-9]{7})#  - JDK-\1#' >> ${TMPDIR}/fixes3;
-    else
-	git -C ${REPO} log --no-merges --pretty=format:%B ${NEW_RELEASE}...${OLD_RELEASE} -- ${SUBDIR} |egrep '^[0-9]{7}' | \
-	    sed -r 's#^([0-9])#  - JDK-\1#' >> ${TMPDIR}/fixes2;
-	touch ${TMPDIR}/fixes3 ; # unused
-    fi
-done
-
-sort ${TMPDIR}/fixes2 ${TMPDIR}/fixes3 | uniq > ${TMPDIR}/fixes
-rm -f ${TMPDIR}/fixes2 ${TMPDIR}/fixes3
-
-echo "In ${TMPDIR}/fixes:"
-cat ${TMPDIR}/fixes

pr3183-rh1340845-support_fedora_rhel_system_crypto_policy.patch

@@ -0,0 +1,88 @@
+
+# HG changeset patch
+# User andrew
+# Date 1478057514 0
+# Node ID 1c4d5cb2096ae55106111da200b0bcad304f650c
+# Parent  3d53f19b48384e5252f4ec8891f7a3a82d77af2a
+PR3183: Support Fedora/RHEL system crypto policy
+diff -r 3d53f19b4838 -r 1c4d5cb2096a src/java.base/share/classes/java/security/Security.java
+--- a/src/java.base/share/classes/java/security/Security.java	Wed Oct 26 03:51:39 2016 +0100
++++ b/src/java.base/share/classes/java/security/Security.java	Wed Nov 02 03:31:54 2016 +0000
+@@ -43,6 +43,9 @@
+  * implementation-specific location, which is typically the properties file
+  * {@code conf/security/java.security} in the Java installation directory.
+  *
++ * <p>Additional default values of security properties are read from a
++ * system-specific location, if available.</p>
++ *
+  * @author Benjamin Renaud
+  * @since 1.1
+  */
+@@ -52,6 +55,10 @@
+     private static final Debug sdebug =
+                         Debug.getInstance("properties");
+ 
++    /* System property file*/
++    private static final String SYSTEM_PROPERTIES =
++        "/etc/crypto-policies/back-ends/java.config";
++
+     /* The java.security properties */
+     private static Properties props;
+ 
+@@ -93,6 +100,7 @@
+                 if (sdebug != null) {
+                     sdebug.println("reading security properties file: " +
+                                 propFile);
++                    sdebug.println(props.toString());
+                 }
+             } catch (IOException e) {
+                 if (sdebug != null) {
+@@ -114,6 +122,31 @@
+         }
+ 
+         if ("true".equalsIgnoreCase(props.getProperty
++                ("security.useSystemPropertiesFile"))) {
++
++            // now load the system file, if it exists, so its values
++            // will win if they conflict with the earlier values
++            try (BufferedInputStream bis =
++                 new BufferedInputStream(new FileInputStream(SYSTEM_PROPERTIES))) {
++                props.load(bis);
++                loadedProps = true;
++
++                if (sdebug != null) {
++                    sdebug.println("reading system security properties file " +
++                                   SYSTEM_PROPERTIES);
++                    sdebug.println(props.toString());
++                }
++            } catch (IOException e) {
++                if (sdebug != null) {
++                    sdebug.println
++                        ("unable to load security properties from " +
++                         SYSTEM_PROPERTIES);
++                    e.printStackTrace();
++                }
++            }
++        }
++
++        if ("true".equalsIgnoreCase(props.getProperty
+                 ("security.overridePropertiesFile"))) {
+ 
+             String extraPropFile = System.getProperty
+diff -r 3d53f19b4838 -r 1c4d5cb2096a src/java.base/share/conf/security/java.security
+--- a/src/java.base/share/conf/security/java.security	Wed Oct 26 03:51:39 2016 +0100
++++ b/src/java.base/share/conf/security/java.security	Wed Nov 02 03:31:54 2016 +0000
+@@ -276,6 +276,13 @@
+ security.overridePropertiesFile=true
+ 
+ #
++# Determines whether this properties file will be appended to
++# using the system properties file stored at
++# /etc/crypto-policies/back-ends/java.config
++#
++security.useSystemPropertiesFile=true
++
++#
+ # Determines the default key and trust manager factory algorithms for
+ # the javax.net.ssl package.
+ #

rh1648249-add_commented_out_nss_cfg_provider_to_java_security.patch

@@ -1,12 +1,12 @@
-diff --git openjdk.orig/src/java.base/share/conf/security/java.security openjdk/src/java.base/share/conf/security/java.security
-index 68a9c1a2d08..7aa25eb2cb7 100644
---- openjdk.orig/src/java.base/share/conf/security/java.security
-+++ openjdk/src/java.base/share/conf/security/java.security
-@@ -78,6 +78,7 @@ security.provider.tbd=SunMSCAPI
+diff -r e3f940bd3c8f src/java.base/share/conf/security/java.security
+--- openjdk/src/java.base/share/conf/security/java.security	Thu Jun 11 21:54:51 2020 +0530
++++ openjdk/src/java.base/share/conf/security/java.security	Mon Aug 24 10:14:31 2020 +0200
+@@ -77,7 +77,7 @@
+ #ifdef macosx
  security.provider.tbd=Apple
  #endif
- security.provider.tbd=SunPKCS11
+-security.provider.tbd=SunPKCS11
 +#security.provider.tbd=SunPKCS11 ${java.home}/lib/security/nss.cfg
  
  #
- # Security providers used when FIPS mode support is active
+ # A list of preferred providers for specific algorithms. These providers will

rh1684077-openjdk_should_depend_on_pcsc-lite-libs_instead_of_pcsc-lite-devel.patch

@@ -1,15 +1,13 @@
-diff --git a/openjdk/src/java.smartcardio/unix/classes/sun/security/smartcardio/PlatformPCSC.java b/src/java.smartcardio/unix/classes/sun/security/smartcardio/PlatformPCSC.java
-index bacff32efbc..ff7b3dcc81c 100644
---- openjdk/src/java.smartcardio/unix/classes/sun/security/smartcardio/PlatformPCSC.java
-+++ openjdk/src/java.smartcardio/unix/classes/sun/security/smartcardio/PlatformPCSC.java
-@@ -46,8 +46,8 @@ class PlatformPCSC {
+--- openjdk/src/java.smartcardio/unix/classes/sun/security/smartcardio/PlatformPCSC.java	2013-03-01 10:48:12.038189968 +0100
++++ openjdk/src/java.smartcardio/unix/classes/sun/security/smartcardio/PlatformPCSC.java	2013-03-01 10:48:11.913188505 +0100
+@@ -48,8 +48,8 @@
  
-     private static final String PROP_NAME = "sun.security.smartcardio.library";
+     private final static String PROP_NAME = "sun.security.smartcardio.library";
  
--    private static final String LIB1 = "/usr/$LIBISA/libpcsclite.so";
--    private static final String LIB2 = "/usr/local/$LIBISA/libpcsclite.so";
-+    private static final String LIB1 = "/usr/$LIBISA/libpcsclite.so.1";
-+    private static final String LIB2 = "/usr/local/$LIBISA/libpcsclite.so.1";
-     private static final String PCSC_FRAMEWORK = "/System/Library/Frameworks/PCSC.framework/Versions/Current/PCSC";
+-    private final static String LIB1 = "/usr/$LIBISA/libpcsclite.so";
+-    private final static String LIB2 = "/usr/local/$LIBISA/libpcsclite.so";
++    private final static String LIB1 = "/usr/$LIBISA/libpcsclite.so.1";
++    private final static String LIB2 = "/usr/local/$LIBISA/libpcsclite.so.1";
+     private final static String PCSC_FRAMEWORK = "/System/Library/Frameworks/PCSC.framework/Versions/Current/PCSC";
  
      PlatformPCSC() {

sources

@@ -1,2 +1,2 @@
-SHA512 (tapsets-icedtea-6.0.0pre00-c848b93a8598.tar.xz) = 97d026212363b3c83f6a04100ad7f6fdde833d16579717f8756e2b8c2eb70e144a41a330cb9ccde9c3badd37a2d54fdf4650a950ec21d8b686d545ecb2a64d30
-SHA512 (openjdk-jdk19u-jdk-19+36.tar.xz) = c441e1f7dbabe3e66e062a7f661f953e06c10dd165995e2996e614d32f2333cd4532f45064ba4d098dfc8fa3637448d4dc9869c235d086ef80499a7a262f4ede
+SHA512 (tapsets-icedtea-3.15.0.tar.xz) = c752a197cb3d812d50c35e11e4722772be40096c81d2a57933e0d9b8a3c708b9c157b8108a4e33a06ca7bb81648170994408c75d6f69d5ff12785d0c31009671
+SHA512 (openjdk-jdk16u-jdk-16.0.1+9.tar.xz) = ff06d5c97377cac4d5e8921766c61d4d96dc0c968913263b5371f0d3d0e98bb6a5ccf5b1cbb3ddaff3380bf4499ff6501e73f96e0e922b2294d1f7c1ec3eee23

update_package.sh

@@ -0,0 +1,69 @@
+#!/bin/bash -x
+#  this file contains defaults for currently generated source tarballs
+
+set -e
+
+# TAPSET
+export PROJECT_NAME="hg"
+export REPO_NAME="icedtea8"
+export VERSION="9d464368e06d"
+export COMPRESSION=xz
+export OPENJDK_URL=http://icedtea.classpath.org
+export FILE_NAME_ROOT=${PROJECT_NAME}-${REPO_NAME}-${VERSION}
+export TO_COMPRESS="*/tapset"
+# warning, filename  and filenameroot creation is duplicated here from generate_source_tarball.sh
+CLONED_FILENAME=${FILE_NAME_ROOT}.tar.${COMPRESSION}
+TAPSET_VERSION=3.2
+TAPSET=systemtap_"$TAPSET_VERSION"_tapsets_$CLONED_FILENAME
+if [ ! -f ${TAPSET} ] ; then
+  if [ ! -f ${CLONED_FILENAME} ] ; then
+  echo "Generating ${CLONED_FILENAME}"
+    sh ./generate_source_tarball.sh
+  else 
+    echo "exists exists exists exists exists exists exists "
+    echo "reusing reusing reusing reusing reusing reusing "
+    echo ${CLONED_FILENAME}
+  fi
+  mv -v $CLONED_FILENAME  $TAPSET
+else 
+  echo "exists exists exists exists exists exists exists "
+  echo "reusing reusing reusing reusing reusing reusing "
+  echo ${TAPSET}
+fi
+
+# OpenJDK from Shenandoah project
+export PROJECT_NAME="jdk"
+export REPO_NAME="jdk15"
+export VERSION="jdk-15+36"
+export COMPRESSION=xz
+# unset tapsets overrides
+export OPENJDK_URL=""
+export TO_COMPRESS=""
+# warning, filename  and filenameroot creation is duplicated here from generate_source_tarball.sh
+export FILE_NAME_ROOT=${PROJECT_NAME}-${REPO_NAME}-${VERSION}
+FILENAME=${FILE_NAME_ROOT}.tar.${COMPRESSION}
+
+if [ ! -f ${FILENAME} ] ; then
+echo "Generating ${FILENAME}"
+  sh ./generate_source_tarball.sh
+else 
+  echo "exists exists exists exists exists exists exists "
+  echo "reusing reusing reusing reusing reusing reusing "
+  echo ${FILENAME}
+fi
+
+set +e
+
+major=`echo $REPO_NAME | sed 's/[a-zA-Z]*//g'`
+build=`echo $VERSION | sed 's/.*+//g'`
+name_helper=`echo $FILENAME | sed s/$major/'%{majorver}'/g `
+name_helper=`echo $name_helper | sed s/$build/'%{buildver}'/g `
+echo "align specfile acordingly:" 
+echo " sed 's/^Source0:.*/Source0: $name_helper/' -i *.spec"
+echo " sed 's/^Source8:.*/Source8: $TAPSET/'   -i *.spec"
+echo " sed 's/^%global buildver.*/%global buildver        $build/'   -i *.spec"
+echo " sed 's/Release:.*/Release: 1%{?dist}/'   -i *.spec"
+echo "and maybe others...."
+echo "you should fedpkg/rhpkg new-sources $TAPSET $FILENAME"
+echo "you should fedpkg/rhpkg prep --arch XXXX on all architectures: x86_64 i386 i586 i686 ppc ppc64 ppc64le s390 s390x aarch64 armv7hl"
+