Initial import
This commit is contained in:
parent
e30d39b24e
commit
dad33e57a8
2
.gitignore
vendored
Normal file
2
.gitignore
vendored
Normal file
@ -0,0 +1,2 @@
|
||||
/jdk-jdk10-jdk-10+46.tar.xz
|
||||
/systemtap-tapset-3.6.0pre02.tar.xz
|
33
PStack-808293.patch
Normal file
33
PStack-808293.patch
Normal file
@ -0,0 +1,33 @@
|
||||
--- openjdk/src/jdk.hotspot.agent/share/classes/sun/jvm/hotspot/tools/PStack.java 2012-04-06 02:26:33.322164601 +0200
|
||||
+++ openjdk/src/jdk.hotspot.agent/share/classes/sun/jvm/hotspot/tools/PStack.java 2012-04-06 02:26:57.958514071 +0200
|
||||
@@ -84,7 +85,8 @@
|
||||
if (jthread != null) {
|
||||
jthread.printThreadInfoOn(out);
|
||||
}
|
||||
- while (f != null) {
|
||||
+ int maxStack = 256;
|
||||
+ while (f != null && maxStack-- > 0) {
|
||||
ClosestSymbol sym = f.closestSymbolToPC();
|
||||
Address pc = f.pc();
|
||||
out.print(pc + "\t");
|
||||
@@ -158,10 +160,19 @@
|
||||
}
|
||||
}
|
||||
}
|
||||
+ Address oldPC = f.pc();
|
||||
+ Address oldFP = f.localVariableBase();
|
||||
f = f.sender(th);
|
||||
+ if (f != null
|
||||
+ && oldPC.equals(f.pc())
|
||||
+ && oldFP.equals(f.localVariableBase())) {
|
||||
+ // We didn't make any progress
|
||||
+ f = null;
|
||||
+ }
|
||||
}
|
||||
} catch (Exception exp) {
|
||||
- exp.printStackTrace();
|
||||
+ // exp.printStackTrace();
|
||||
+ out.println("bad stack: " + exp);
|
||||
// continue, may be we can do a better job for other threads
|
||||
}
|
||||
if (concurrentLocks) {
|
72
TestCryptoLevel.java
Normal file
72
TestCryptoLevel.java
Normal file
@ -0,0 +1,72 @@
|
||||
/* TestCryptoLevel -- Ensure unlimited crypto policy is in use.
|
||||
Copyright (C) 2012 Red Hat, Inc.
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU Affero General Public License as
|
||||
published by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU Affero General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU Affero General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
import java.lang.reflect.Field;
|
||||
import java.lang.reflect.Method;
|
||||
import java.lang.reflect.InvocationTargetException;
|
||||
|
||||
import java.security.Permission;
|
||||
import java.security.PermissionCollection;
|
||||
|
||||
public class TestCryptoLevel
|
||||
{
|
||||
public static void main(String[] args)
|
||||
throws NoSuchFieldException, ClassNotFoundException,
|
||||
IllegalAccessException, InvocationTargetException
|
||||
{
|
||||
Class<?> cls = null;
|
||||
Method def = null, exempt = null;
|
||||
|
||||
try
|
||||
{
|
||||
cls = Class.forName("javax.crypto.JceSecurity");
|
||||
}
|
||||
catch (ClassNotFoundException ex)
|
||||
{
|
||||
System.err.println("Running a non-Sun JDK.");
|
||||
System.exit(0);
|
||||
}
|
||||
try
|
||||
{
|
||||
def = cls.getDeclaredMethod("getDefaultPolicy");
|
||||
exempt = cls.getDeclaredMethod("getExemptPolicy");
|
||||
}
|
||||
catch (NoSuchMethodException ex)
|
||||
{
|
||||
System.err.println("Running IcedTea with the original crypto patch.");
|
||||
System.exit(0);
|
||||
}
|
||||
def.setAccessible(true);
|
||||
exempt.setAccessible(true);
|
||||
PermissionCollection defPerms = (PermissionCollection) def.invoke(null);
|
||||
PermissionCollection exemptPerms = (PermissionCollection) exempt.invoke(null);
|
||||
Class<?> apCls = Class.forName("javax.crypto.CryptoAllPermission");
|
||||
Field apField = apCls.getDeclaredField("INSTANCE");
|
||||
apField.setAccessible(true);
|
||||
Permission allPerms = (Permission) apField.get(null);
|
||||
if (defPerms.implies(allPerms) && (exemptPerms == null || exemptPerms.implies(allPerms)))
|
||||
{
|
||||
System.err.println("Running with the unlimited policy.");
|
||||
System.exit(0);
|
||||
}
|
||||
else
|
||||
{
|
||||
System.err.println("WARNING: Running with a restricted crypto policy.");
|
||||
System.exit(-1);
|
||||
}
|
||||
}
|
||||
}
|
49
TestECDSA.java
Normal file
49
TestECDSA.java
Normal file
@ -0,0 +1,49 @@
|
||||
/* TestECDSA -- Ensure ECDSA signatures are working.
|
||||
Copyright (C) 2016 Red Hat, Inc.
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU Affero General Public License as
|
||||
published by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU Affero General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU Affero General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
import java.math.BigInteger;
|
||||
import java.security.KeyPair;
|
||||
import java.security.KeyPairGenerator;
|
||||
import java.security.Signature;
|
||||
|
||||
/**
|
||||
* @test
|
||||
*/
|
||||
public class TestECDSA {
|
||||
|
||||
public static void main(String[] args) throws Exception {
|
||||
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC");
|
||||
KeyPair key = keyGen.generateKeyPair();
|
||||
|
||||
byte[] data = "This is a string to sign".getBytes("UTF-8");
|
||||
|
||||
Signature dsa = Signature.getInstance("NONEwithECDSA");
|
||||
dsa.initSign(key.getPrivate());
|
||||
dsa.update(data);
|
||||
byte[] sig = dsa.sign();
|
||||
System.out.println("Signature: " + new BigInteger(1, sig).toString(16));
|
||||
|
||||
Signature dsaCheck = Signature.getInstance("NONEwithECDSA");
|
||||
dsaCheck.initVerify(key.getPublic());
|
||||
dsaCheck.update(data);
|
||||
boolean success = dsaCheck.verify(sig);
|
||||
if (!success) {
|
||||
throw new RuntimeException("Test failed. Signature verification error");
|
||||
}
|
||||
System.out.println("Test passed.");
|
||||
}
|
||||
}
|
14
aarch64BuildFailure.patch
Normal file
14
aarch64BuildFailure.patch
Normal file
@ -0,0 +1,14 @@
|
||||
diff -r 214a94e9366c src/cpu/aarch64/vm/nativeInst_aarch64.cpp
|
||||
--- openjdk/src/hotspot/cpu/aarch64/nativeInst_aarch64.cpp Mon Jul 17 12:11:32 2017 +0000
|
||||
+++ openjdk/src/hotspot/cpu/aarch64/nativeInst_aarch64.cpp Mon Jul 24 16:23:14 2017 +0100
|
||||
@@ -343,7 +343,7 @@
|
||||
CodeBuffer cb(code_pos, instruction_size);
|
||||
MacroAssembler a(&cb);
|
||||
|
||||
- a.mov(rscratch1, entry);
|
||||
+ a.movptr(rscratch1, (uintptr_t)entry);
|
||||
a.br(rscratch1);
|
||||
|
||||
ICache::invalidate_range(code_pos, instruction_size);
|
||||
|
||||
|
18
accessible-toolkit.patch
Normal file
18
accessible-toolkit.patch
Normal file
@ -0,0 +1,18 @@
|
||||
diff -uNr openjdk/src/java.desktop/share/classes/java/awt/Toolkit.java jdk8/jdk/src/java.desktop/share/classes/java/awt/Toolkit.java
|
||||
--- openjdk/src/java.desktop/share/classes/java/awt/Toolkit.java
|
||||
+++ openjdk/src/java.desktop/share/classes/java/awt/Toolkit.java
|
||||
@@ -883,9 +883,13 @@
|
||||
return null;
|
||||
}
|
||||
});
|
||||
if (!GraphicsEnvironment.isHeadless()) {
|
||||
- loadAssistiveTechnologies();
|
||||
+ try {
|
||||
+ loadAssistiveTechnologies();
|
||||
+ } catch (AWTError error) {
|
||||
+ // ignore silently
|
||||
+ }
|
||||
}
|
||||
}
|
||||
return toolkit;
|
||||
}
|
25
bootcycle_jobs.patch
Normal file
25
bootcycle_jobs.patch
Normal file
@ -0,0 +1,25 @@
|
||||
diff -r 21b063d75b3e make/Init.gmk
|
||||
--- openjdk/make/Init.gmk Thu Mar 16 16:34:33 2017 +0000
|
||||
+++ oepnjdk/make/Init.gmk Tue Apr 04 13:49:37 2017 +0100
|
||||
@@ -303,7 +303,8 @@
|
||||
$(call PrepareSmartJavac)
|
||||
( cd $(TOPDIR) && \
|
||||
$(NICE) $(MAKE) $(MAKE_ARGS) $(OUTPUT_SYNC_FLAG) \
|
||||
- -j $(JOBS) -f make/Main.gmk $(USER_MAKE_VARS) \
|
||||
+ $(if $(DISABLE_JOBS),, -j $(JOBS)) \
|
||||
+ -f make/Main.gmk $(USER_MAKE_VARS) \
|
||||
$(PARALLEL_TARGETS) $(COMPARE_BUILD_MAKE) $(BUILD_LOG_PIPE) || \
|
||||
( exitcode=$$? && \
|
||||
$(PRINTF) "\nERROR: Build failed for $(TARGET_DESCRIPTION) (exit code $$exitcode) \n" \
|
||||
diff -r 21b063d75b3e make/Main.gmk
|
||||
--- jdk9/make/Main.gmk Thu Mar 16 16:34:33 2017 +0000
|
||||
+++ jdk9/make/Main.gmk Tue Apr 04 13:49:37 2017 +0100
|
||||
@@ -320,7 +320,7 @@
|
||||
ifneq ($(COMPILE_TYPE), cross)
|
||||
$(call LogWarn, Boot cycle build step 2: Building a new JDK image using previously built image)
|
||||
+$(MAKE) $(MAKE_ARGS) -f $(TOPDIR)/make/Init.gmk PARALLEL_TARGETS=$(BOOTCYCLE_TARGET) \
|
||||
- JOBS= SPEC=$(dir $(SPEC))bootcycle-spec.gmk main
|
||||
+ DISABLE_JOBS=true SPEC=$(dir $(SPEC))bootcycle-spec.gmk main
|
||||
else
|
||||
$(call LogWarn, Boot cycle build disabled when cross compiling)
|
||||
endif
|
11
enableCommentedOutSystemNss.patch
Normal file
11
enableCommentedOutSystemNss.patch
Normal file
@ -0,0 +1,11 @@
|
||||
diff -r 5b86f66575b7 src/share/lib/security/java.security-linux
|
||||
--- openjdk/src/java.base/share/conf/security/java.security Tue May 16 13:29:05 2017 -0700
|
||||
+++ openjdk/src/java.base/share/conf/security/java.security Tue Jun 06 14:05:12 2017 +0200
|
||||
@@ -83,6 +83,7 @@
|
||||
#ifndef solaris
|
||||
security.provider.tbd=SunPKCS11
|
||||
#endif
|
||||
+#security.provider.tbd=SunPKCS11 ${java.home}/lib/security/nss.cfg
|
||||
|
||||
#
|
||||
# A list of preferred providers for specific algorithms. These providers will
|
20
java-atk-wrapper-security.patch
Normal file
20
java-atk-wrapper-security.patch
Normal file
@ -0,0 +1,20 @@
|
||||
--- openjdk/src/java.base/share/conf/security/java.security
|
||||
+++ openjdk/src/java.base/share/conf/security/java.security
|
||||
@@ -304,6 +304,8 @@
|
||||
#
|
||||
package.access=sun.misc.,\
|
||||
sun.reflect.,\
|
||||
+ org.GNOME.Accessibility.,\
|
||||
+ org.GNOME.Bonobo.,\
|
||||
|
||||
#
|
||||
# List of comma-separated packages that start with or equal this string
|
||||
@@ -316,6 +318,8 @@
|
||||
#
|
||||
package.definition=sun.misc.,\
|
||||
sun.reflect.,\
|
||||
+ org.GNOME.Accessibility.,\
|
||||
+ org.GNOME.Bonobo.,\
|
||||
|
||||
#
|
||||
# Determines whether this properties file can be appended to
|
1751
java-openjdk.spec
Normal file
1751
java-openjdk.spec
Normal file
File diff suppressed because it is too large
Load Diff
10
jconsole.desktop.in
Normal file
10
jconsole.desktop.in
Normal file
@ -0,0 +1,10 @@
|
||||
[Desktop Entry]
|
||||
Name=OpenJDK #JAVA_MAJOR_VERSION# Monitoring & Management Console #ARCH#
|
||||
Comment=Monitor and manage OpenJDK applications for #ARCH#
|
||||
Exec=#JAVA_HOME#/jconsole
|
||||
Icon=java-#JAVA_MAJOR_VERSION#
|
||||
Terminal=false
|
||||
Type=Application
|
||||
StartupWMClass=sun-tools-jconsole-JConsole
|
||||
Categories=Development;Monitor;Java;
|
||||
Version=1.0
|
19
libjpeg-turbo-1.4-compat.patch
Normal file
19
libjpeg-turbo-1.4-compat.patch
Normal file
@ -0,0 +1,19 @@
|
||||
Remove uses of FAR in jpeg code
|
||||
|
||||
Upstream libjpeg-trubo removed the (empty) FAR macro:
|
||||
http://sourceforge.net/p/libjpeg-turbo/code/1312/
|
||||
|
||||
Adjust our code to not use the undefined FAR macro anymore.
|
||||
|
||||
diff --git a/jdk/src/java.desktop/share/native/libjavajpeg/imageioJPEG.c b/jdk/src/java.desktop/share/native/libjavajpeg/imageioJPEG.c
|
||||
--- openjdk/src/java.desktop/share/native/libjavajpeg/imageioJPEG.c
|
||||
+++ openjdk/src/java.desktop/share/native/libjavajpeg/imageioJPEG.c
|
||||
@@ -1385,7 +1385,7 @@
|
||||
/* and fill it in */
|
||||
dst_ptr = icc_data;
|
||||
for (seq_no = first; seq_no < last; seq_no++) {
|
||||
- JOCTET FAR *src_ptr = icc_markers[seq_no]->data + ICC_OVERHEAD_LEN;
|
||||
+ JOCTET *src_ptr = icc_markers[seq_no]->data + ICC_OVERHEAD_LEN;
|
||||
unsigned int length =
|
||||
icc_markers[seq_no]->data_length - ICC_OVERHEAD_LEN;
|
||||
|
74
multiple-pkcs11-library-init.patch
Normal file
74
multiple-pkcs11-library-init.patch
Normal file
@ -0,0 +1,74 @@
|
||||
# HG changeset patch
|
||||
# User andrew
|
||||
# Date 1352129932 0
|
||||
# Node ID e9c857dcb964dbfa5eef3a3590244cb4d999cf7a
|
||||
# Parent 1406789608b76d0906881979335d685855f44190
|
||||
Allow multiple PKCS11 library initialisation to be a non-critical error.
|
||||
|
||||
diff -r 1406789608b7 -r e9c857dcb964 src/share/classes/sun/security/pkcs11/Config.java
|
||||
--- openjdk/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Config.java Tue Oct 30 13:05:14 2012 +0000
|
||||
+++ openjdk/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Config.java Mon Nov 05 15:38:52 2012 +0000
|
||||
@@ -52,6 +52,7 @@
|
||||
static final int ERR_HALT = 1;
|
||||
static final int ERR_IGNORE_ALL = 2;
|
||||
static final int ERR_IGNORE_LIB = 3;
|
||||
+ static final int ERR_IGNORE_MULTI_INIT = 4;
|
||||
|
||||
// same as allowSingleThreadedModules but controlled via a system property
|
||||
// and applied to all providers. if set to false, no SunPKCS11 instances
|
||||
@@ -980,6 +981,8 @@
|
||||
handleStartupErrors = ERR_IGNORE_LIB;
|
||||
} else if (val.equals("halt")) {
|
||||
handleStartupErrors = ERR_HALT;
|
||||
+ } else if (val.equals("ignoreMultipleInitialisation")) {
|
||||
+ handleStartupErrors = ERR_IGNORE_MULTI_INIT;
|
||||
} else {
|
||||
throw excToken("Invalid value for handleStartupErrors:");
|
||||
}
|
||||
diff -r 1406789608b7 -r e9c857dcb964 src/share/classes/sun/security/pkcs11/SunPKCS11.java
|
||||
--- openjdk/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java Tue Oct 30 13:05:14 2012 +0000
|
||||
+++ openjdk/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java Mon Nov 05 15:38:52 2012 +0000
|
||||
@@ -168,26 +168,37 @@
|
||||
String nssLibraryDirectory = config.getNssLibraryDirectory();
|
||||
String nssSecmodDirectory = config.getNssSecmodDirectory();
|
||||
boolean nssOptimizeSpace = config.getNssOptimizeSpace();
|
||||
+ int errorHandling = config.getHandleStartupErrors();
|
||||
|
||||
if (secmod.isInitialized()) {
|
||||
if (nssSecmodDirectory != null) {
|
||||
String s = secmod.getConfigDir();
|
||||
if ((s != null) &&
|
||||
(s.equals(nssSecmodDirectory) == false)) {
|
||||
- throw new ProviderException("Secmod directory "
|
||||
- + nssSecmodDirectory
|
||||
- + " invalid, NSS already initialized with "
|
||||
- + s);
|
||||
+ String msg = "Secmod directory " + nssSecmodDirectory
|
||||
+ + " invalid, NSS already initialized with " + s;
|
||||
+ if (errorHandling == Config.ERR_IGNORE_MULTI_INIT ||
|
||||
+ errorHandling == Config.ERR_IGNORE_ALL) {
|
||||
+ throw new UnsupportedOperationException(msg);
|
||||
+ } else {
|
||||
+ throw new ProviderException(msg);
|
||||
+ }
|
||||
}
|
||||
}
|
||||
if (nssLibraryDirectory != null) {
|
||||
String s = secmod.getLibDir();
|
||||
if ((s != null) &&
|
||||
(s.equals(nssLibraryDirectory) == false)) {
|
||||
- throw new ProviderException("NSS library directory "
|
||||
+ String msg = "NSS library directory "
|
||||
+ nssLibraryDirectory
|
||||
+ " invalid, NSS already initialized with "
|
||||
- + s);
|
||||
+ + s;
|
||||
+ if (errorHandling == Config.ERR_IGNORE_MULTI_INIT ||
|
||||
+ errorHandling == Config.ERR_IGNORE_ALL) {
|
||||
+ throw new UnsupportedOperationException(msg);
|
||||
+ } else {
|
||||
+ throw new ProviderException(msg);
|
||||
+ }
|
||||
}
|
||||
}
|
||||
} else {
|
5
nss.cfg.in
Normal file
5
nss.cfg.in
Normal file
@ -0,0 +1,5 @@
|
||||
name = NSS
|
||||
nssLibraryDirectory = @NSS_LIBDIR@
|
||||
nssDbMode = noDb
|
||||
attributes = compatibility
|
||||
handleStartupErrors = ignoreMultipleInitialisation
|
48
ppc_stack_overflow_fix.patch
Normal file
48
ppc_stack_overflow_fix.patch
Normal file
@ -0,0 +1,48 @@
|
||||
diff --git a/src/cpu/zero/vm/stack_zero.hpp b/src/cpu/zero/vm/stack_zero.hpp
|
||||
--- openjdk/src/hotspot/cpu/zero/stack_zero.hpp
|
||||
+++ openjdk/src/hotspot/cpu/zero/stack_zero.hpp
|
||||
@@ -99,7 +99,7 @@
|
||||
int shadow_pages_size() const {
|
||||
return _shadow_pages_size;
|
||||
}
|
||||
- int abi_stack_available(Thread *thread) const;
|
||||
+ ssize_t abi_stack_available(Thread *thread) const;
|
||||
|
||||
public:
|
||||
void overflow_check(int required_words, TRAPS);
|
||||
diff --git a/src/cpu/zero/vm/stack_zero.inline.hpp b/src/cpu/zero/vm/stack_zero.inline.hpp
|
||||
--- openjdk/src/hotspot/cpu/zero/stack_zero.inline.hpp
|
||||
+++ openjdk/src/hotspot/cpu/zero/stack_zero.inline.hpp
|
||||
@@ -47,12 +47,12 @@
|
||||
// This method returns the amount of ABI stack available for us
|
||||
// to use under normal circumstances. Note that the returned
|
||||
// value can be negative.
|
||||
-inline int ZeroStack::abi_stack_available(Thread *thread) const {
|
||||
+inline ssize_t ZeroStack::abi_stack_available(Thread *thread) const {
|
||||
guarantee(Thread::current() == thread, "should run in the same thread");
|
||||
- int stack_used = thread->stack_base() - (address) &stack_used
|
||||
+ ssize_t stack_used = thread->stack_base() - (address) &stack_used
|
||||
+ (JavaThread::stack_guard_zone_size() + JavaThread::stack_shadow_zone_size());
|
||||
- int stack_free = thread->stack_size() - stack_used;
|
||||
+ ssize_t stack_free = thread->stack_size() - stack_used;
|
||||
return stack_free;
|
||||
}
|
||||
|
||||
#endif // CPU_ZERO_VM_STACK_ZERO_INLINE_HPP
|
||||
diff --git a/src/os/linux/vm/os_linux.cpp b/src/os/linux/vm/os_linux.cpp
|
||||
--- openjdk/src/hotspot/os/posix/os_posix.cpp
|
||||
+++ openjdk/src/hotspot/os/posix/os_posix.cpp
|
||||
@@ -4791,6 +4791,13 @@
|
||||
|
||||
_java_thread_min_stack_allowed = align_up(_java_thread_min_stack_allowed, vm_page_size());
|
||||
_java_thread_min_stack_allowed = MAX2(_java_thread_min_stack_allowed, os_min_stack_allowed);
|
||||
+#ifdef ZERO
|
||||
+ // If this is Zero, allow at the very minimum one page each for the
|
||||
+ // Zero stack and the native stack. This won't make any difference
|
||||
+ // for 4k pages, but is significant for large pages.
|
||||
+ _java_thread_min_stack_allowed = MAX2(_java_thread_min_stack_allowed,
|
||||
+ align_size_up((size_t)(JavaThread::stack_guard_zone_size()+JavaThread::stack_shadow_zone_size()+2) * vm_page_size(), vm_page_size());
|
||||
+#endif
|
||||
|
||||
size_t stack_size_in_bytes = ThreadStackSize * K;
|
||||
if (stack_size_in_bytes != 0 &&
|
129
remove-intree-libraries.sh
Normal file
129
remove-intree-libraries.sh
Normal file
@ -0,0 +1,129 @@
|
||||
#!/bin/sh
|
||||
|
||||
ZIP_SRC=src/java.base/share/native/libzip/zlib/
|
||||
JPEG_SRC=src/java.desktop/share/native/libjavajpeg/
|
||||
GIF_SRC=src/java.desktop/share/native/libsplashscreen/giflib/
|
||||
PNG_SRC=src/java.desktop/share/native/libsplashscreen/libpng/
|
||||
LCMS_SRC=src/java.desktop/share/native/liblcms/
|
||||
|
||||
cd openjdk
|
||||
|
||||
echo "Removing built-in libs (they will be linked)"
|
||||
|
||||
echo "Removing zlib"
|
||||
if [ ! -d ${ZIP_SRC} ]; then
|
||||
echo "${ZIP_SRC} does not exist. Refusing to proceed."
|
||||
exit 1
|
||||
fi
|
||||
rm -rvf ${ZIP_SRC}
|
||||
|
||||
echo "Removing libjpeg"
|
||||
if [ ! -f ${JPEG_SRC}/jdhuff.c ]; then # some file that sound definitely exist
|
||||
echo "${JPEG_SRC} does not contain jpeg sources. Refusing to proceed."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
rm -vf ${JPEG_SRC}/jcomapi.c
|
||||
rm -vf ${JPEG_SRC}/jdapimin.c
|
||||
rm -vf ${JPEG_SRC}/jdapistd.c
|
||||
rm -vf ${JPEG_SRC}/jdcoefct.c
|
||||
rm -vf ${JPEG_SRC}/jdcolor.c
|
||||
rm -vf ${JPEG_SRC}/jdct.h
|
||||
rm -vf ${JPEG_SRC}/jddctmgr.c
|
||||
rm -vf ${JPEG_SRC}/jdhuff.c
|
||||
rm -vf ${JPEG_SRC}/jdhuff.h
|
||||
rm -vf ${JPEG_SRC}/jdinput.c
|
||||
rm -vf ${JPEG_SRC}/jdmainct.c
|
||||
rm -vf ${JPEG_SRC}/jdmarker.c
|
||||
rm -vf ${JPEG_SRC}/jdmaster.c
|
||||
rm -vf ${JPEG_SRC}/jdmerge.c
|
||||
rm -vf ${JPEG_SRC}/jdphuff.c
|
||||
rm -vf ${JPEG_SRC}/jdpostct.c
|
||||
rm -vf ${JPEG_SRC}/jdsample.c
|
||||
rm -vf ${JPEG_SRC}/jerror.c
|
||||
rm -vf ${JPEG_SRC}/jerror.h
|
||||
rm -vf ${JPEG_SRC}/jidctflt.c
|
||||
rm -vf ${JPEG_SRC}/jidctfst.c
|
||||
rm -vf ${JPEG_SRC}/jidctint.c
|
||||
rm -vf ${JPEG_SRC}/jidctred.c
|
||||
rm -vf ${JPEG_SRC}/jinclude.h
|
||||
rm -vf ${JPEG_SRC}/jmemmgr.c
|
||||
rm -vf ${JPEG_SRC}/jmemsys.h
|
||||
rm -vf ${JPEG_SRC}/jmemnobs.c
|
||||
rm -vf ${JPEG_SRC}/jmorecfg.h
|
||||
rm -vf ${JPEG_SRC}/jpegint.h
|
||||
rm -vf ${JPEG_SRC}/jpeglib.h
|
||||
rm -vf ${JPEG_SRC}/jquant1.c
|
||||
rm -vf ${JPEG_SRC}/jquant2.c
|
||||
rm -vf ${JPEG_SRC}/jutils.c
|
||||
rm -vf ${JPEG_SRC}/jcapimin.c
|
||||
rm -vf ${JPEG_SRC}/jcapistd.c
|
||||
rm -vf ${JPEG_SRC}/jccoefct.c
|
||||
rm -vf ${JPEG_SRC}/jccolor.c
|
||||
rm -vf ${JPEG_SRC}/jcdctmgr.c
|
||||
rm -vf ${JPEG_SRC}/jchuff.c
|
||||
rm -vf ${JPEG_SRC}/jchuff.h
|
||||
rm -vf ${JPEG_SRC}/jcinit.c
|
||||
rm -vf ${JPEG_SRC}/jconfig.h
|
||||
rm -vf ${JPEG_SRC}/jcmainct.c
|
||||
rm -vf ${JPEG_SRC}/jcmarker.c
|
||||
rm -vf ${JPEG_SRC}/jcmaster.c
|
||||
rm -vf ${JPEG_SRC}/jcparam.c
|
||||
rm -vf ${JPEG_SRC}/jcphuff.c
|
||||
rm -vf ${JPEG_SRC}/jcprepct.c
|
||||
rm -vf ${JPEG_SRC}/jcsample.c
|
||||
rm -vf ${JPEG_SRC}/jctrans.c
|
||||
rm -vf ${JPEG_SRC}/jdtrans.c
|
||||
rm -vf ${JPEG_SRC}/jfdctflt.c
|
||||
rm -vf ${JPEG_SRC}/jfdctfst.c
|
||||
rm -vf ${JPEG_SRC}/jfdctint.c
|
||||
rm -vf ${JPEG_SRC}/jversion.h
|
||||
rm -vf ${JPEG_SRC}/README
|
||||
|
||||
echo "Removing giflib"
|
||||
if [ ! -d ${GIF_SRC} ]; then
|
||||
echo "${GIF_SRC} does not exist. Refusing to proceed."
|
||||
exit 1
|
||||
fi
|
||||
rm -rvf ${GIF_SRC}
|
||||
|
||||
echo "Removing libpng"
|
||||
if [ ! -d ${PNG_SRC} ]; then
|
||||
echo "${PNG_SRC} does not exist. Refusing to proceed."
|
||||
exit 1
|
||||
fi
|
||||
rm -rvf ${PNG_SRC}
|
||||
|
||||
echo "Removing lcms"
|
||||
if [ ! -d ${LCMS_SRC} ]; then
|
||||
echo "${LCMS_SRC} does not exist. Refusing to proceed."
|
||||
exit 1
|
||||
fi
|
||||
rm -vf ${LCMS_SRC}/cmscam02.c
|
||||
rm -vf ${LCMS_SRC}/cmscgats.c
|
||||
rm -vf ${LCMS_SRC}/cmscnvrt.c
|
||||
rm -vf ${LCMS_SRC}/cmserr.c
|
||||
rm -vf ${LCMS_SRC}/cmsgamma.c
|
||||
rm -vf ${LCMS_SRC}/cmsgmt.c
|
||||
rm -vf ${LCMS_SRC}/cmshalf.c
|
||||
rm -vf ${LCMS_SRC}/cmsintrp.c
|
||||
rm -vf ${LCMS_SRC}/cmsio0.c
|
||||
rm -vf ${LCMS_SRC}/cmsio1.c
|
||||
rm -vf ${LCMS_SRC}/cmslut.c
|
||||
rm -vf ${LCMS_SRC}/cmsmd5.c
|
||||
rm -vf ${LCMS_SRC}/cmsmtrx.c
|
||||
rm -vf ${LCMS_SRC}/cmsnamed.c
|
||||
rm -vf ${LCMS_SRC}/cmsopt.c
|
||||
rm -vf ${LCMS_SRC}/cmspack.c
|
||||
rm -vf ${LCMS_SRC}/cmspcs.c
|
||||
rm -vf ${LCMS_SRC}/cmsplugin.c
|
||||
rm -vf ${LCMS_SRC}/cmsps2.c
|
||||
rm -vf ${LCMS_SRC}/cmssamp.c
|
||||
rm -vf ${LCMS_SRC}/cmssm.c
|
||||
rm -vf ${LCMS_SRC}/cmstypes.c
|
||||
rm -vf ${LCMS_SRC}/cmsvirt.c
|
||||
rm -vf ${LCMS_SRC}/cmswtpnt.c
|
||||
rm -vf ${LCMS_SRC}/cmsxform.c
|
||||
rm -vf ${LCMS_SRC}/lcms2.h
|
||||
rm -vf ${LCMS_SRC}/lcms2_internal.h
|
||||
rm -vf ${LCMS_SRC}/lcms2_plugin.h
|
19
removeSunEcProvider-RH1154143.patch
Normal file
19
removeSunEcProvider-RH1154143.patch
Normal file
@ -0,0 +1,19 @@
|
||||
--- openjdk/src/java.base/share/conf/security/java.security.orig 2018-01-18 12:22:46.148339081 +0100
|
||||
+++ openjdk/src/java.base/share/conf/security/java.security 2018-01-18 12:25:12.225469321 +0100
|
||||
@@ -66,7 +66,6 @@
|
||||
#endif
|
||||
security.provider.tbd=SUN
|
||||
security.provider.tbd=SunRsaSign
|
||||
-security.provider.tbd=SunEC
|
||||
security.provider.tbd=SunJSSE
|
||||
security.provider.tbd=SunJCE
|
||||
security.provider.tbd=SunJGSS
|
||||
@@ -681,7 +680,7 @@
|
||||
# Example:
|
||||
# jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
|
||||
jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \
|
||||
- EC keySize < 224, DES40_CBC, RC4_40
|
||||
+ EC, ECDHE, ECDH, DES40_CBC, RC4_40
|
||||
|
||||
#
|
||||
# Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
|
12
sorted-diff.patch
Normal file
12
sorted-diff.patch
Normal file
@ -0,0 +1,12 @@
|
||||
--- openjdk/make/gensrc/GensrcX11Wrappers.gmk
|
||||
+++ openjdk/make/gensrc/GensrcX11Wrappers.gmk
|
||||
@@ -117,7 +117,8 @@
|
||||
$(call LogInfo, Verifying X11 wrapper sizes)
|
||||
$(call MakeDir, $(@D))
|
||||
$(GENSRC_X11WRAPPERS_TMP)/sizer.$*.exe | $(SORT) > $@.tmp
|
||||
- $(DIFF) $(GENSRC_X11WRAPPERS_TMP)/sizes.$*.verification.tmp $(GENSRC_X11WRAPPERS_TMP)/sizes.$*
|
||||
+ $(SORT) $(GENSRC_X11WRAPPERS_TMP)/sizes.$* > $@-orig.tmp
|
||||
+ $(DIFF) $(GENSRC_X11WRAPPERS_TMP)/sizes.$*.verification.tmp $(GENSRC_X11WRAPPERS_TMP)/sizes.$*.verification-orig.tmp
|
||||
mv $@.tmp $@
|
||||
|
||||
GENSRC_X11WRAPPERS += $(GENSRC_X11WRAPPERS_TMP)/sizes.$(OPENJDK_TARGET_CPU_BITS).verification
|
2
sources
Normal file
2
sources
Normal file
@ -0,0 +1,2 @@
|
||||
SHA512 (jdk-jdk10-jdk-10+46.tar.xz) = 6412a0cf2cfcce0a6df35f9250964d2b1f9edc110534e905a9add4a036ba6884506f5f5990d1e1d1e2db406180dae8e20097c5cf44a15c7b7b60558b95049359
|
||||
SHA512 (systemtap-tapset-3.6.0pre02.tar.xz) = 848f42ef7ca751e723fd50e3a6da14c0965ad4da37ea3331568658e27497b7a7e4b9aad3dedd264ad0bb5566c37a92302b905f10258a4e2c89dc4ba609e55481
|
88
systemCryptoPolicyPR3183.patch
Normal file
88
systemCryptoPolicyPR3183.patch
Normal file
@ -0,0 +1,88 @@
|
||||
|
||||
# HG changeset patch
|
||||
# User andrew
|
||||
# Date 1478057514 0
|
||||
# Node ID 1c4d5cb2096ae55106111da200b0bcad304f650c
|
||||
# Parent 3d53f19b48384e5252f4ec8891f7a3a82d77af2a
|
||||
PR3183: Support Fedora/RHEL system crypto policy
|
||||
diff -r 3d53f19b4838 -r 1c4d5cb2096a src/java.base/share/classes/java/security/Security.java
|
||||
--- a/src/java.base/share/classes/java/security/Security.java Wed Oct 26 03:51:39 2016 +0100
|
||||
+++ b/src/java.base/share/classes/java/security/Security.java Wed Nov 02 03:31:54 2016 +0000
|
||||
@@ -43,6 +43,9 @@
|
||||
* implementation-specific location, which is typically the properties file
|
||||
* {@code conf/security/java.security} in the Java installation directory.
|
||||
*
|
||||
+ * <p>Additional default values of security properties are read from a
|
||||
+ * system-specific location, if available.</p>
|
||||
+ *
|
||||
* @author Benjamin Renaud
|
||||
* @since 1.1
|
||||
*/
|
||||
@@ -52,6 +55,10 @@
|
||||
private static final Debug sdebug =
|
||||
Debug.getInstance("properties");
|
||||
|
||||
+ /* System property file*/
|
||||
+ private static final String SYSTEM_PROPERTIES =
|
||||
+ "/etc/crypto-policies/back-ends/java.config";
|
||||
+
|
||||
/* The java.security properties */
|
||||
private static Properties props;
|
||||
|
||||
@@ -93,6 +100,7 @@
|
||||
if (sdebug != null) {
|
||||
sdebug.println("reading security properties file: " +
|
||||
propFile);
|
||||
+ sdebug.println(props.toString());
|
||||
}
|
||||
} catch (IOException e) {
|
||||
if (sdebug != null) {
|
||||
@@ -114,6 +122,31 @@
|
||||
}
|
||||
|
||||
if ("true".equalsIgnoreCase(props.getProperty
|
||||
+ ("security.useSystemPropertiesFile"))) {
|
||||
+
|
||||
+ // now load the system file, if it exists, so its values
|
||||
+ // will win if they conflict with the earlier values
|
||||
+ try (BufferedInputStream bis =
|
||||
+ new BufferedInputStream(new FileInputStream(SYSTEM_PROPERTIES))) {
|
||||
+ props.load(bis);
|
||||
+ loadedProps = true;
|
||||
+
|
||||
+ if (sdebug != null) {
|
||||
+ sdebug.println("reading system security properties file " +
|
||||
+ SYSTEM_PROPERTIES);
|
||||
+ sdebug.println(props.toString());
|
||||
+ }
|
||||
+ } catch (IOException e) {
|
||||
+ if (sdebug != null) {
|
||||
+ sdebug.println
|
||||
+ ("unable to load security properties from " +
|
||||
+ SYSTEM_PROPERTIES);
|
||||
+ e.printStackTrace();
|
||||
+ }
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ if ("true".equalsIgnoreCase(props.getProperty
|
||||
("security.overridePropertiesFile"))) {
|
||||
|
||||
String extraPropFile = System.getProperty
|
||||
diff -r 3d53f19b4838 -r 1c4d5cb2096a src/java.base/share/conf/security/java.security
|
||||
--- a/src/java.base/share/conf/security/java.security Wed Oct 26 03:51:39 2016 +0100
|
||||
+++ b/src/java.base/share/conf/security/java.security Wed Nov 02 03:31:54 2016 +0000
|
||||
@@ -276,6 +276,13 @@
|
||||
security.overridePropertiesFile=true
|
||||
|
||||
#
|
||||
+# Determines whether this properties file will be appended to
|
||||
+# using the system properties file stored at
|
||||
+# /etc/crypto-policies/back-ends/java.config
|
||||
+#
|
||||
+security.useSystemPropertiesFile=true
|
||||
+
|
||||
+#
|
||||
# Determines the default key and trust manager factory algorithms for
|
||||
# the javax.net.ssl package.
|
||||
#
|
Loading…
Reference in New Issue
Block a user