# HG changeset patch # User duke # Date 1499266612 -7200 # Node ID 8d087823b8b7634778db8d58501b1daf56e937ab # Parent ec9f33978e193f258b3efdbb96a075ed82e0af33# Parent 662ed8cdd63a3ecf10f9124db5dd8f387d30414d Merge diff -r ec9f33978e19 -r 8d087823b8b7 .hgtags-top-repo --- a/.hgtags-top-repo Thu Jul 16 10:53:05 2009 -0700 +++ b/.hgtags-top-repo Wed Jul 05 16:56:52 2017 +0200 @@ -39,3 +39,4 @@ c7ed15ab92ce36a09d264a5e34025884b2d7607f jdk7-b62 57f7e028c7ad1806500ae89eb3f4cd9a51b10e18 jdk7-b63 269c1ec4435dfb7b452ae6e3bdde005d55c5c830 jdk7-b64 +e01380cd1de4ce048b87d059d238e5ab5e341947 jdk7-b65 diff -r ec9f33978e19 -r 8d087823b8b7 hotspot/.hgtags --- a/hotspot/.hgtags Thu Jul 16 10:53:05 2009 -0700 +++ b/hotspot/.hgtags Wed Jul 05 16:56:52 2017 +0200 @@ -39,3 +39,4 @@ a88386380bdaaa5ab4ffbedf22c57bac5dbec034 jdk7-b62 32c83fb84370a35344676991a48440378e6b6c8a jdk7-b63 ba36394eb84b949b31212bdb32a518a8f92bab5b jdk7-b64 +ba313800759b678979434d6da8ed3bf49eb8bea4 jdk7-b65 diff -r ec9f33978e19 -r 8d087823b8b7 jdk/.hgtags --- a/jdk/.hgtags Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/.hgtags Wed Jul 05 16:56:52 2017 +0200 @@ -39,3 +39,4 @@ 12e11fab9a839a9666a996a8f9a02fd8fa03aab6 jdk7-b62 2ed6ed6b5bfc7dd724925b90dbb31223df59c25d jdk7-b63 a50217eb3ee10b9f9547e0708e5c9625405083ef jdk7-b64 +382a27aa78d3236fa123c60577797a887fe93e09 jdk7-b65 diff -r ec9f33978e19 -r 8d087823b8b7 jdk/make/common/Defs-linux.gmk --- a/jdk/make/common/Defs-linux.gmk Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/make/common/Defs-linux.gmk Wed Jul 05 16:56:52 2017 +0200 @@ -193,7 +193,7 @@ CPPFLAGS_COMMON += -D_LP64=1 endif -CPPFLAGS_OPT = +CPPFLAGS_OPT = -DNDEBUG CPPFLAGS_DBG = -DDEBUG ifneq ($(PRODUCT), java) CPPFLAGS_DBG += -DLOGGING diff -r ec9f33978e19 -r 8d087823b8b7 jdk/make/common/Defs-windows.gmk --- a/jdk/make/common/Defs-windows.gmk Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/make/common/Defs-windows.gmk Wed Jul 05 16:56:52 2017 +0200 @@ -363,7 +363,7 @@ CFLAGS_COMMON += -WX endif -CPPFLAGS_OPT = +CPPFLAGS_OPT = -DNDEBUG CPPFLAGS_DBG = -DDEBUG -DLOGGING CXXFLAGS_COMMON = $(CFLAGS_COMMON) diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/com/sun/awt/AWTUtilities.java --- a/jdk/src/share/classes/com/sun/awt/AWTUtilities.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/com/sun/awt/AWTUtilities.java Wed Jul 05 16:56:52 2017 +0200 @@ -374,7 +374,7 @@ "The window argument should not be null."); } - return AWTAccessor.getWindowAccessor().isOpaque(window); + return window.isOpaque(); } /** diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/com/sun/beans/finder/BeanInfoFinder.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/src/share/classes/com/sun/beans/finder/BeanInfoFinder.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,102 @@ +/* + * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Sun designates this + * particular file as subject to the "Classpath" exception as provided + * by Sun in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, + * CA 95054 USA or visit www.sun.com if you need additional information or + * have any questions. + */ +package com.sun.beans.finder; + +import java.beans.BeanDescriptor; +import java.beans.BeanInfo; +import java.beans.MethodDescriptor; +import java.beans.PropertyDescriptor; +import java.lang.reflect.Method; + +/** + * This is utility class that provides functionality + * to find a {@link BeanInfo} for a JavaBean specified by its type. + * + * @since 1.7 + * + * @author Sergey A. Malenkov + */ +public final class BeanInfoFinder + extends InstanceFinder { + + private static final String DEFAULT = "sun.beans.infos"; + + public BeanInfoFinder() { + super(BeanInfo.class, true, "BeanInfo", DEFAULT); + } + + private static boolean isValid(Class type, Method method) { + return (method != null) && type.equals(method.getDeclaringClass()); + } + + @Override + protected BeanInfo instantiate(Class type, String name) { + BeanInfo info = super.instantiate(type, name); + if (info != null) { + // make sure that the returned BeanInfo matches the class + BeanDescriptor bd = info.getBeanDescriptor(); + if (bd != null) { + if (type.equals(bd.getBeanClass())) { + return info; + } + } + else { + PropertyDescriptor[] pds = info.getPropertyDescriptors(); + if (pds != null) { + for (PropertyDescriptor pd : pds) { + Method method = pd.getReadMethod(); + if (method == null) { + method = pd.getWriteMethod(); + } + if (isValid(type, method)) { + return info; + } + } + } + else { + MethodDescriptor[] mds = info.getMethodDescriptors(); + if (mds != null) { + for (MethodDescriptor md : mds) { + if (isValid(type, md.getMethod())) { + return info; + } + } + } + } + } + } + return null; + } + + @Override + protected BeanInfo instantiate(Class type, String prefix, String name) { + // this optimization will only use the BeanInfo search path + // if is has changed from the original + // or trying to get the ComponentBeanInfo + return !DEFAULT.equals(prefix) || "ComponentBeanInfo".equals(name) + ? super.instantiate(type, prefix, name) + : null; + } +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/com/sun/beans/finder/InstanceFinder.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/src/share/classes/com/sun/beans/finder/InstanceFinder.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,111 @@ +/* + * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Sun designates this + * particular file as subject to the "Classpath" exception as provided + * by Sun in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, + * CA 95054 USA or visit www.sun.com if you need additional information or + * have any questions. + */ +package com.sun.beans.finder; + +/** + * This is utility class that provides basic functionality + * to find an auxiliary class for a JavaBean specified by its type. + * + * @since 1.7 + * + * @author Sergey A. Malenkov + */ +class InstanceFinder { + + private static final String[] EMPTY = { }; + + private final Class type; + private final boolean allow; + private final String suffix; + private String[] packages; + + InstanceFinder(Class type, boolean allow, String suffix, String... packages) { + this.type = type; + this.allow = allow; + this.suffix = suffix; + this.packages = packages.clone(); + } + + public String[] getPackages() { + return (this.packages.length > 0) + ? this.packages.clone() + : this.packages; + } + + public void setPackages(String... packages) { + this.packages = (packages != null) && (packages.length > 0) + ? packages.clone() + : EMPTY; + } + + public T find(Class type) { + if (type == null) { + return null; + } + String name = type.getName() + this.suffix; + T object = instantiate(type, name); + if (object != null) { + return object; + } + if (this.allow) { + object = instantiate(type, null); + if (object != null) { + return object; + } + } + int index = name.lastIndexOf('.') + 1; + if (index > 0) { + name = name.substring(index); + } + for (String prefix : this.packages) { + object = instantiate(type, prefix, name); + if (object != null) { + return object; + } + } + return null; + } + + protected T instantiate(Class type, String name) { + if (type != null) { + try { + if (name != null) { + type = ClassFinder.findClass(name, type.getClassLoader()); + } + if (this.type.isAssignableFrom(type)) { + return (T) type.newInstance(); + } + } + catch (Exception exception) { + // ignore any exceptions + } + } + return null; + } + + protected T instantiate(Class type, String prefix, String name) { + return instantiate(type, prefix + '.' + name); + } +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/com/sun/beans/finder/PersistenceDelegateFinder.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/src/share/classes/com/sun/beans/finder/PersistenceDelegateFinder.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,63 @@ +/* + * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Sun designates this + * particular file as subject to the "Classpath" exception as provided + * by Sun in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, + * CA 95054 USA or visit www.sun.com if you need additional information or + * have any questions. + */ +package com.sun.beans.finder; + +import java.beans.PersistenceDelegate; +import java.util.HashMap; +import java.util.Map; + +/** + * This is utility class that provides functionality + * to find a {@link PersistenceDelegate} for a JavaBean specified by its type. + * + * @since 1.7 + * + * @author Sergey A. Malenkov + */ +public final class PersistenceDelegateFinder + extends InstanceFinder { + + private final Map, PersistenceDelegate> registry; + + public PersistenceDelegateFinder() { + super(PersistenceDelegate.class, true, "PersistenceDelegate"); + this.registry = new HashMap, PersistenceDelegate>(); + } + + public void register(Class type, PersistenceDelegate delegate) { + if (delegate != null) { + this.registry.put(type, delegate); + } + else { + this.registry.remove(type); + } + } + + @Override + public PersistenceDelegate find(Class type) { + PersistenceDelegate delegate = this.registry.get(type); + return (delegate != null) ? delegate : super.find(type); + } +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/com/sun/beans/finder/PropertyEditorFinder.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/src/share/classes/com/sun/beans/finder/PropertyEditorFinder.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,81 @@ +/* + * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Sun designates this + * particular file as subject to the "Classpath" exception as provided + * by Sun in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, + * CA 95054 USA or visit www.sun.com if you need additional information or + * have any questions. + */ +package com.sun.beans.finder; + +import com.sun.beans.WeakCache; + +import java.beans.PropertyEditor; + +import sun.beans.editors.BooleanEditor; +import sun.beans.editors.ByteEditor; +import sun.beans.editors.DoubleEditor; +import sun.beans.editors.EnumEditor; +import sun.beans.editors.FloatEditor; +import sun.beans.editors.IntegerEditor; +import sun.beans.editors.LongEditor; +import sun.beans.editors.ShortEditor; + +/** + * This is utility class that provides functionality + * to find a {@link PropertyEditor} for a JavaBean specified by its type. + * + * @since 1.7 + * + * @author Sergey A. Malenkov + */ +public final class PropertyEditorFinder + extends InstanceFinder { + + private final WeakCache, Class> registry; + + public PropertyEditorFinder() { + super(PropertyEditor.class, false, "Editor", "sun.beans.editors"); + + this.registry = new WeakCache, Class>(); + this.registry.put(Byte.TYPE, ByteEditor.class); + this.registry.put(Short.TYPE, ShortEditor.class); + this.registry.put(Integer.TYPE, IntegerEditor.class); + this.registry.put(Long.TYPE, LongEditor.class); + this.registry.put(Boolean.TYPE, BooleanEditor.class); + this.registry.put(Float.TYPE, FloatEditor.class); + this.registry.put(Double.TYPE, DoubleEditor.class); + } + + public void register(Class type, Class editor) { + this.registry.put(type, editor); + } + + @Override + public PropertyEditor find(Class type) { + PropertyEditor editor = instantiate(this.registry.get(type), null); + if (editor == null) { + editor = super.find(type); + if ((editor == null) && (null != type.getEnumConstants())) { + editor = new EnumEditor(type); + } + } + return editor; + } +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/com/sun/jndi/toolkit/ctx/PartialCompositeContext.java --- a/jdk/src/share/classes/com/sun/jndi/toolkit/ctx/PartialCompositeContext.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/com/sun/jndi/toolkit/ctx/PartialCompositeContext.java Wed Jul 05 16:56:52 2017 +0200 @@ -493,9 +493,9 @@ * Tests whether a name contains a nonempty component. */ protected static boolean allEmpty(Name name) { - Enumeration enum_ = name.getAll(); + Enumeration enum_ = name.getAll(); while (enum_.hasMoreElements()) { - if (!enum_.equals("")) { + if (!enum_.nextElement().isEmpty()) { return false; } } diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/java/awt/Component.java --- a/jdk/src/share/classes/java/awt/Component.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/java/awt/Component.java Wed Jul 05 16:56:52 2017 +0200 @@ -2370,12 +2370,10 @@ * rectangular region. A non-opaque component paints only some of * its pixels, allowing the pixels underneath it to "show through". * A component that does not fully paint its pixels therefore - * provides a degree of transparency. Only lightweight - * components can be transparent. + * provides a degree of transparency. *

* Subclasses that guarantee to always completely paint their - * contents should override this method and return true. All - * of the "heavyweight" AWT components are opaque. + * contents should override this method and return true. * * @return true if this component is completely opaque * @see #isLightweight diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/java/awt/GraphicsDevice.java --- a/jdk/src/share/classes/java/awt/GraphicsDevice.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/java/awt/GraphicsDevice.java Wed Jul 05 16:56:52 2017 +0200 @@ -281,8 +281,8 @@ if (w.getOpacity() < 1.0f) { w.setOpacity(1.0f); } - Color bgColor = w.getBackground(); - if ((bgColor != null) && (bgColor.getAlpha() < 255)) { + if (!w.isOpaque()) { + Color bgColor = w.getBackground(); bgColor = new Color(bgColor.getRed(), bgColor.getGreen(), bgColor.getBlue(), 255); w.setBackground(bgColor); diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/java/awt/Robot.java --- a/jdk/src/share/classes/java/awt/Robot.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/java/awt/Robot.java Wed Jul 05 16:56:52 2017 +0200 @@ -70,7 +70,7 @@ private RobotPeer peer; private boolean isAutoWaitForIdle = false; private int autoDelay = 0; - private static int LEGAL_BUTTON_MASK; + private static int LEGAL_BUTTON_MASK = 0; // location of robot's GC, used in mouseMove(), getPixelColor() and captureScreenImage() private Point gdLoc; @@ -95,23 +95,6 @@ } init(GraphicsEnvironment.getLocalGraphicsEnvironment() .getDefaultScreenDevice()); - int tmpMask = 0; - - if (Toolkit.getDefaultToolkit().areExtraMouseButtonsEnabled()){ - if (Toolkit.getDefaultToolkit() instanceof SunToolkit) { - final int buttonsNumber = ((SunToolkit)(Toolkit.getDefaultToolkit())).getNumberOfButtons(); - for (int i = 0; i < buttonsNumber; i++){ - tmpMask |= InputEvent.getMaskForButton(i+1); - } - } - } - tmpMask |= InputEvent.BUTTON1_MASK| - InputEvent.BUTTON2_MASK| - InputEvent.BUTTON3_MASK| - InputEvent.BUTTON1_DOWN_MASK| - InputEvent.BUTTON2_DOWN_MASK| - InputEvent.BUTTON3_DOWN_MASK; - LEGAL_BUTTON_MASK = tmpMask; } /** @@ -156,6 +139,28 @@ disposer = new RobotDisposer(peer); sun.java2d.Disposer.addRecord(anchor, disposer); } + initLegalButtonMask(); + } + + private static synchronized void initLegalButtonMask() { + if (LEGAL_BUTTON_MASK != 0) return; + + int tmpMask = 0; + if (Toolkit.getDefaultToolkit().areExtraMouseButtonsEnabled()){ + if (Toolkit.getDefaultToolkit() instanceof SunToolkit) { + final int buttonsNumber = ((SunToolkit)(Toolkit.getDefaultToolkit())).getNumberOfButtons(); + for (int i = 0; i < buttonsNumber; i++){ + tmpMask |= InputEvent.getMaskForButton(i+1); + } + } + } + tmpMask |= InputEvent.BUTTON1_MASK| + InputEvent.BUTTON2_MASK| + InputEvent.BUTTON3_MASK| + InputEvent.BUTTON1_DOWN_MASK| + InputEvent.BUTTON2_DOWN_MASK| + InputEvent.BUTTON3_DOWN_MASK; + LEGAL_BUTTON_MASK = tmpMask; } /* determine if the security policy allows Robot's to be created */ diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/java/awt/TrayIcon.java --- a/jdk/src/share/classes/java/awt/TrayIcon.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/java/awt/TrayIcon.java Wed Jul 05 16:56:52 2017 +0200 @@ -143,6 +143,9 @@ */ public TrayIcon(Image image) { this(); + if (image == null) { + throw new IllegalArgumentException("creating TrayIcon with null Image"); + } setImage(image); } diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/java/awt/Window.java --- a/jdk/src/share/classes/java/awt/Window.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/java/awt/Window.java Wed Jul 05 16:56:52 2017 +0200 @@ -3521,6 +3521,7 @@ * @return this component's background color * * @see Window#setBackground + * @see Window#isOpaque * @see GraphicsDevice.WindowTranslucency */ @Override @@ -3583,6 +3584,7 @@ * PERPIXEL_TRANSLUCENT} translucency is not supported * * @see Window#getBackground + * @see Window#isOpaque * @see Window#setOpacity() * @see Window#setShape() * @see GraphicsDevice.WindowTranslucency @@ -3597,7 +3599,7 @@ return; } int oldAlpha = oldBg != null ? oldBg.getAlpha() : 255; - int alpha = bgColor.getAlpha(); + int alpha = bgColor != null ? bgColor.getAlpha() : 255; if ((oldAlpha == 255) && (alpha < 255)) { // non-opaque window GraphicsConfiguration gc = getGraphicsConfiguration(); GraphicsDevice gd = gc.getDevice(); @@ -3623,6 +3625,25 @@ } } + /** + * Indicates if the window is currently opaque. + *

+ * The method returns {@code false} if the background color of the window + * is not {@code null} and the alpha component of the color is less than + * 1.0f. The method returns {@code true} otherwise. + * + * @return {@code true} if the window is opaque, {@code false} otherwise + * + * @see Window#getBackground + * @see Window#setBackground + * @since 1.7 + */ + @Override + public boolean isOpaque() { + Color bg = getBackground(); + return bg != null ? bg.getAlpha() == 255 : true; + } + private void updateWindow() { synchronized (getTreeLock()) { WindowPeer peer = (WindowPeer)getPeer(); @@ -3639,12 +3660,11 @@ */ @Override public void paint(Graphics g) { - Color bgColor = getBackground(); - if ((bgColor != null) && (bgColor.getAlpha() < 255)) { + if (!isOpaque()) { Graphics gg = g.create(); try { if (gg instanceof Graphics2D) { - gg.setColor(bgColor); + gg.setColor(getBackground()); ((Graphics2D)gg).setComposite(AlphaComposite.getInstance(AlphaComposite.SRC)); gg.fillRect(0, 0, getWidth(), getHeight()); } @@ -3749,10 +3769,6 @@ public void setShape(Window window, Shape shape) { window.setShape(shape); } - public boolean isOpaque(Window window) { - Color bg = window.getBackground(); - return (bg != null) ? bg.getAlpha() == 255 : true; - } public void setOpaque(Window window, boolean opaque) { Color bg = window.getBackground(); if (bg == null) { diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/java/beans/Encoder.java --- a/jdk/src/share/classes/java/beans/Encoder.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/java/beans/Encoder.java Wed Jul 05 16:56:52 2017 +0200 @@ -1,5 +1,5 @@ /* - * Copyright 2000-2007 Sun Microsystems, Inc. All Rights Reserved. + * Copyright 2000-2009 Sun Microsystems, Inc. All Rights Reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -24,7 +24,8 @@ */ package java.beans; -import java.util.Collections; +import com.sun.beans.finder.PersistenceDelegateFinder; + import java.util.HashMap; import java.util.IdentityHashMap; import java.util.Map; @@ -45,8 +46,7 @@ */ public class Encoder { - private final Map, PersistenceDelegate> delegates - = Collections.synchronizedMap(new HashMap, PersistenceDelegate>()); + private final PersistenceDelegateFinder finder = new PersistenceDelegateFinder(); private Map bindings = new IdentityHashMap(); private ExceptionListener exceptionListener; boolean executeStatements = true; @@ -166,8 +166,13 @@ * @see java.beans.BeanInfo#getBeanDescriptor */ public PersistenceDelegate getPersistenceDelegate(Class type) { - PersistenceDelegate pd = this.delegates.get(type); - return (pd != null) ? pd : MetaData.getPersistenceDelegate(type); + synchronized (this.finder) { + PersistenceDelegate pd = this.finder.find(type); + if (pd != null) { + return pd; + } + } + return MetaData.getPersistenceDelegate(type); } /** @@ -184,10 +189,8 @@ public void setPersistenceDelegate(Class type, PersistenceDelegate persistenceDelegate) { - if (persistenceDelegate != null) { - this.delegates.put(type, persistenceDelegate); - } else { - this.delegates.remove(type); + synchronized (this.finder) { + this.finder.register(type, persistenceDelegate); } } @@ -243,12 +246,11 @@ for (int i = 0; i < oldArgs.length; i++) { newArgs[i] = writeObject1(oldArgs[i]); } - if (oldExp.getClass() == Statement.class) { - return new Statement(newTarget, oldExp.getMethodName(), newArgs); - } - else { - return new Expression(newTarget, oldExp.getMethodName(), newArgs); - } + Statement newExp = Statement.class.equals(oldExp.getClass()) + ? new Statement(newTarget, oldExp.getMethodName(), newArgs) + : new Expression(newTarget, oldExp.getMethodName(), newArgs); + newExp.loader = oldExp.loader; + return newExp; } /** diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/java/beans/IndexedPropertyDescriptor.java --- a/jdk/src/share/classes/java/beans/IndexedPropertyDescriptor.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/java/beans/IndexedPropertyDescriptor.java Wed Jul 05 16:56:52 2017 +0200 @@ -1,5 +1,5 @@ /* - * Copyright 1996-2008 Sun Microsystems, Inc. All Rights Reserved. + * Copyright 1996-2009 Sun Microsystems, Inc. All Rights Reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -274,6 +274,11 @@ } indexedWriteMethod = Introspector.findMethod(cls, indexedWriteMethodName, 2, (type == null) ? null : new Class[] { int.class, type }); + if (indexedWriteMethod != null) { + if (!indexedWriteMethod.getReturnType().equals(void.class)) { + indexedWriteMethod = null; + } + } setIndexedWriteMethod0(indexedWriteMethod); } return indexedWriteMethod; diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/java/beans/Introspector.java --- a/jdk/src/share/classes/java/beans/Introspector.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/java/beans/Introspector.java Wed Jul 05 16:56:52 2017 +0200 @@ -1,5 +1,5 @@ /* - * Copyright 1996-2006 Sun Microsystems, Inc. All Rights Reserved. + * Copyright 1996-2009 Sun Microsystems, Inc. All Rights Reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,6 +25,7 @@ package java.beans; +import com.sun.beans.finder.BeanInfoFinder; import com.sun.beans.finder.ClassFinder; import java.lang.ref.Reference; @@ -45,6 +46,8 @@ import java.util.List; import java.util.WeakHashMap; import java.util.TreeMap; + +import sun.awt.AppContext; import sun.reflect.misc.ReflectUtil; /** @@ -137,10 +140,6 @@ // events maps from String names to EventSetDescriptors private Map events; - private final static String DEFAULT_INFO_PATH = "sun.beans.infos"; - - private static String[] searchPath = { DEFAULT_INFO_PATH }; - private final static EventSetDescriptor[] EMPTY_EVENTSETDESCRIPTORS = new EventSetDescriptor[0]; static final String ADD_PREFIX = "add"; @@ -149,7 +148,7 @@ static final String SET_PREFIX = "set"; static final String IS_PREFIX = "is"; - private static final String BEANINFO_SUFFIX = "BeanInfo"; + private static final Object FINDER_KEY = new Object(); //====================================================================== // Public methods @@ -309,13 +308,11 @@ * Sun implementation initially sets to {"sun.beans.infos"}. */ - public static synchronized String[] getBeanInfoSearchPath() { - // Return a copy of the searchPath. - String result[] = new String[searchPath.length]; - for (int i = 0; i < searchPath.length; i++) { - result[i] = searchPath[i]; + public static String[] getBeanInfoSearchPath() { + BeanInfoFinder finder = getFinder(); + synchronized (finder) { + return finder.getPackages(); } - return result; } /** @@ -334,12 +331,15 @@ * @see SecurityManager#checkPropertiesAccess */ - public static synchronized void setBeanInfoSearchPath(String path[]) { + public static void setBeanInfoSearchPath(String[] path) { SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPropertiesAccess(); } - searchPath = path; + BeanInfoFinder finder = getFinder(); + synchronized (finder) { + finder.setPackages(path); + } } @@ -447,67 +447,14 @@ * then it checks to see if the class is its own BeanInfo. Finally, * the BeanInfo search path is prepended to the class and searched. * + * @param beanClass the class type of the bean * @return Instance of an explicit BeanInfo class or null if one isn't found. */ - private static synchronized BeanInfo findExplicitBeanInfo(Class beanClass) { - String name = beanClass.getName() + BEANINFO_SUFFIX; - try { - return (java.beans.BeanInfo)instantiate(beanClass, name); - } catch (Exception ex) { - // Just drop through - - } - // Now try checking if the bean is its own BeanInfo. - try { - if (isSubclass(beanClass, java.beans.BeanInfo.class)) { - return (java.beans.BeanInfo)beanClass.newInstance(); - } - } catch (Exception ex) { - // Just drop through + private static BeanInfo findExplicitBeanInfo(Class beanClass) { + BeanInfoFinder finder = getFinder(); + synchronized (finder) { + return finder.find(beanClass); } - // Now try looking for .fooBeanInfo - name = name.substring(name.lastIndexOf('.')+1); - - for (int i = 0; i < searchPath.length; i++) { - // This optimization will only use the BeanInfo search path if is has changed - // from the original or trying to get the ComponentBeanInfo. - if (!DEFAULT_INFO_PATH.equals(searchPath[i]) || - DEFAULT_INFO_PATH.equals(searchPath[i]) && "ComponentBeanInfo".equals(name)) { - try { - String fullName = searchPath[i] + "." + name; - java.beans.BeanInfo bi = (java.beans.BeanInfo)instantiate(beanClass, fullName); - - // Make sure that the returned BeanInfo matches the class. - if (bi.getBeanDescriptor() != null) { - if (bi.getBeanDescriptor().getBeanClass() == beanClass) { - return bi; - } - } else if (bi.getPropertyDescriptors() != null) { - PropertyDescriptor[] pds = bi.getPropertyDescriptors(); - for (int j = 0; j < pds.length; j++) { - Method method = pds[j].getReadMethod(); - if (method == null) { - method = pds[j].getWriteMethod(); - } - if (method != null && method.getDeclaringClass() == beanClass) { - return bi; - } - } - } else if (bi.getMethodDescriptors() != null) { - MethodDescriptor[] mds = bi.getMethodDescriptors(); - for (int j = 0; j < mds.length; j++) { - Method method = mds[j].getMethod(); - if (method != null && method.getDeclaringClass() == beanClass) { - return bi; - } - } - } - } catch (Exception ex) { - // Silently ignore any errors. - } - } - } - return null; } /** @@ -577,9 +524,9 @@ pd = new PropertyDescriptor(this.beanClass, name.substring(2), method, null); } } else if (argCount == 1) { - if (argTypes[0] == int.class && name.startsWith(GET_PREFIX)) { + if (int.class.equals(argTypes[0]) && name.startsWith(GET_PREFIX)) { pd = new IndexedPropertyDescriptor(this.beanClass, name.substring(3), null, null, method, null); - } else if (resultType == void.class && name.startsWith(SET_PREFIX)) { + } else if (void.class.equals(resultType) && name.startsWith(SET_PREFIX)) { // Simple setter pd = new PropertyDescriptor(this.beanClass, name.substring(3), null, method); if (throwsException(method, PropertyVetoException.class)) { @@ -587,7 +534,7 @@ } } } else if (argCount == 2) { - if (argTypes[0] == int.class && name.startsWith(SET_PREFIX)) { + if (void.class.equals(resultType) && int.class.equals(argTypes[0]) && name.startsWith(SET_PREFIX)) { pd = new IndexedPropertyDescriptor(this.beanClass, name.substring(3), null, null, null, method); if (throwsException(method, PropertyVetoException.class)) { pd.setConstrained(true); @@ -1483,6 +1430,16 @@ return false; } + private static BeanInfoFinder getFinder() { + AppContext context = AppContext.getAppContext(); + Object object = context.get(FINDER_KEY); + if (object instanceof BeanInfoFinder) { + return (BeanInfoFinder) object; + } + BeanInfoFinder finder = new BeanInfoFinder(); + context.put(FINDER_KEY, finder); + return finder; + } /** * Try to create an instance of a named class. diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/java/beans/MetaData.java --- a/jdk/src/share/classes/java/beans/MetaData.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/java/beans/MetaData.java Wed Jul 05 16:56:52 2017 +0200 @@ -1,5 +1,5 @@ /* - * Copyright 2000-2008 Sun Microsystems, Inc. All Rights Reserved. + * Copyright 2000-2009 Sun Microsystems, Inc. All Rights Reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -219,7 +219,9 @@ return new Expression(oldInstance, String.class, "getClass", new Object[]{}); } else { - return new Expression(oldInstance, Class.class, "forName", new Object[]{c.getName()}); + Expression newInstance = new Expression(oldInstance, Class.class, "forName", new Object[] { c.getName() }); + newInstance.loader = c.getClassLoader(); + return newInstance; } } } diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/java/beans/PropertyDescriptor.java --- a/jdk/src/share/classes/java/beans/PropertyDescriptor.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/java/beans/PropertyDescriptor.java Wed Jul 05 16:56:52 2017 +0200 @@ -1,5 +1,5 @@ /* - * Copyright 1996-2008 Sun Microsystems, Inc. All Rights Reserved. + * Copyright 1996-2009 Sun Microsystems, Inc. All Rights Reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -294,6 +294,11 @@ writeMethod = Introspector.findMethod(cls, writeMethodName, 1, (type == null) ? null : new Class[] { type }); + if (writeMethod != null) { + if (!writeMethod.getReturnType().equals(void.class)) { + writeMethod = null; + } + } try { setWriteMethod(writeMethod); } catch (IntrospectionException ex) { diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/java/beans/PropertyEditorManager.java --- a/jdk/src/share/classes/java/beans/PropertyEditorManager.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/java/beans/PropertyEditorManager.java Wed Jul 05 16:56:52 2017 +0200 @@ -1,5 +1,5 @@ /* - * Copyright 1996-2008 Sun Microsystems, Inc. All Rights Reserved. + * Copyright 1996-2009 Sun Microsystems, Inc. All Rights Reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,8 +25,8 @@ package java.beans; -import com.sun.beans.WeakCache; -import sun.beans.editors.*; +import com.sun.beans.finder.PropertyEditorFinder; +import sun.awt.AppContext; /** * The PropertyEditorManager can be used to locate a property editor for @@ -55,6 +55,8 @@ public class PropertyEditorManager { + private static final Object FINDER_KEY = new Object(); + /** * Registers an editor class to edit values of the given target class. * If the editor class is {@code null}, @@ -74,12 +76,15 @@ * * @see SecurityManager#checkPropertiesAccess */ - public static synchronized void registerEditor(Class targetType, Class editorClass) { + public static void registerEditor(Class targetType, Class editorClass) { SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPropertiesAccess(); } - registry.put(targetType, editorClass); + PropertyEditorFinder finder = getFinder(); + synchronized (finder) { + finder.register(targetType, editorClass); + } } /** @@ -89,46 +94,11 @@ * @return An editor object for the given target class. * The result is null if no suitable editor can be found. */ - public static synchronized PropertyEditor findEditor(Class targetType) { - Class editorClass = registry.get(targetType); - if (editorClass != null) { - try { - Object o = editorClass.newInstance(); - return (PropertyEditor)o; - } catch (Exception ex) { - System.err.println("Couldn't instantiate type editor \"" + - editorClass.getName() + "\" : " + ex); - } - } - - // Now try adding "Editor" to the class name. - - String editorName = targetType.getName() + "Editor"; - try { - return (PropertyEditor) Introspector.instantiate(targetType, editorName); - } catch (Exception ex) { - // Silently ignore any errors. + public static PropertyEditor findEditor(Class targetType) { + PropertyEditorFinder finder = getFinder(); + synchronized (finder) { + return finder.find(targetType); } - - // Now try looking for .fooEditor - int index = editorName.lastIndexOf('.') + 1; - if (index > 0) { - editorName = editorName.substring(index); - } - for (String path : searchPath) { - String name = path + '.' + editorName; - try { - return (PropertyEditor) Introspector.instantiate(targetType, name); - } catch (Exception ex) { - // Silently ignore any errors. - } - } - - if (null != targetType.getEnumConstants()) { - return new EnumEditor(targetType); - } - // We couldn't find a suitable Editor. - return null; } /** @@ -139,8 +109,11 @@ *

The default value for this array is implementation-dependent, * e.g. Sun implementation initially sets to {"sun.beans.editors"}. */ - public static synchronized String[] getEditorSearchPath() { - return searchPath.clone(); + public static String[] getEditorSearchPath() { + PropertyEditorFinder finder = getFinder(); + synchronized (finder) { + return finder.getPackages(); + } } /** @@ -156,28 +129,25 @@ * of system properties. * @see SecurityManager#checkPropertiesAccess */ - public static synchronized void setEditorSearchPath(String[] path) { + public static void setEditorSearchPath(String[] path) { SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPropertiesAccess(); } - searchPath = (path != null) - ? path.clone() - : EMPTY; + PropertyEditorFinder finder = getFinder(); + synchronized (finder) { + finder.setPackages(path); + } } - private static String[] searchPath = { "sun.beans.editors" }; - private static final String[] EMPTY = {}; - private static final WeakCache, Class> registry; - - static { - registry = new WeakCache, Class>(); - registry.put(Byte.TYPE, ByteEditor.class); - registry.put(Short.TYPE, ShortEditor.class); - registry.put(Integer.TYPE, IntegerEditor.class); - registry.put(Long.TYPE, LongEditor.class); - registry.put(Boolean.TYPE, BooleanEditor.class); - registry.put(Float.TYPE, FloatEditor.class); - registry.put(Double.TYPE, DoubleEditor.class); + private static PropertyEditorFinder getFinder() { + AppContext context = AppContext.getAppContext(); + Object object = context.get(FINDER_KEY); + if (object instanceof PropertyEditorFinder) { + return (PropertyEditorFinder) object; + } + PropertyEditorFinder finder = new PropertyEditorFinder(); + context.put(FINDER_KEY, finder); + return finder; } } diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/java/beans/Statement.java --- a/jdk/src/share/classes/java/beans/Statement.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/java/beans/Statement.java Wed Jul 05 16:56:52 2017 +0200 @@ -66,6 +66,7 @@ Object target; String methodName; Object[] arguments; + ClassLoader loader; /** * Creates a new Statement object with a target, @@ -157,7 +158,7 @@ // of core from a class inside core. Special // case this method. if (target == Class.class && methodName.equals("forName")) { - return ClassFinder.resolveClass((String)arguments[0]); + return ClassFinder.resolveClass((String)arguments[0], this.loader); } Class[] argClasses = new Class[arguments.length]; for(int i = 0; i < arguments.length; i++) { diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/java/lang/Byte.java --- a/jdk/src/share/classes/java/lang/Byte.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/java/lang/Byte.java Wed Jul 05 16:56:52 2017 +0200 @@ -90,8 +90,8 @@ * If a new {@code Byte} instance is not required, this method * should generally be used in preference to the constructor * {@link #Byte(byte)}, as this method is likely to yield - * significantly better space and time performance by caching - * frequently requested values. + * significantly better space and time performance since + * all byte values are cached. * * @param b a byte value. * @return a {@code Byte} instance representing {@code b}. diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/java/lang/Character.java --- a/jdk/src/share/classes/java/lang/Character.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/java/lang/Character.java Wed Jul 05 16:56:52 2017 +0200 @@ -2571,6 +2571,10 @@ * significantly better space and time performance by caching * frequently requested values. * + * This method will always cache values in the range '\u0000' + * to '\u007f'", inclusive, and may cache other values outside + * of this range. + * * @param c a char value. * @return a Character instance representing c. * @since 1.5 diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/java/lang/Class.java --- a/jdk/src/share/classes/java/lang/Class.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/java/lang/Class.java Wed Jul 05 16:56:52 2017 +0200 @@ -627,7 +627,7 @@ * * @return an array of {@code TypeVariable} objects that represent * the type variables declared by this generic declaration - * @throws GenericSignatureFormatError if the generic + * @throws java.lang.reflect.GenericSignatureFormatError if the generic * signature of this generic declaration does not conform to * the format specified in the Java Virtual Machine Specification, * 3rd edition @@ -673,12 +673,12 @@ * {@code Class} object representing the {@code Object} class is * returned. * - * @throws GenericSignatureFormatError if the generic + * @throws java.lang.reflect.GenericSignatureFormatError if the generic * class signature does not conform to the format specified in the * Java Virtual Machine Specification, 3rd edition * @throws TypeNotPresentException if the generic superclass * refers to a non-existent type declaration - * @throws MalformedParameterizedTypeException if the + * @throws java.lang.reflect.MalformedParameterizedTypeException if the * generic superclass refers to a parameterized type that cannot be * instantiated for any reason * @return the superclass of the class represented by this object @@ -795,14 +795,14 @@ *

If this object represents a primitive type or void, the * method returns an array of length 0. * - * @throws GenericSignatureFormatError + * @throws java.lang.reflect.GenericSignatureFormatError * if the generic class signature does not conform to the format * specified in the Java Virtual Machine Specification, 3rd edition * @throws TypeNotPresentException if any of the generic * superinterfaces refers to a non-existent type declaration - * @throws MalformedParameterizedTypeException if any of the - * generic superinterfaces refer to a parameterized type that cannot - * be instantiated for any reason + * @throws java.lang.reflect.MalformedParameterizedTypeException + * if any of the generic superinterfaces refer to a parameterized + * type that cannot be instantiated for any reason * @return an array of interfaces implemented by this class * @since 1.5 */ diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/java/lang/Integer.java --- a/jdk/src/share/classes/java/lang/Integer.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/java/lang/Integer.java Wed Jul 05 16:56:52 2017 +0200 @@ -638,6 +638,9 @@ * to yield significantly better space and time performance by * caching frequently requested values. * + * This method will always cache values in the range -128 to 127, + * inclusive, and may cache other values outside of this range. + * * @param i an {@code int} value. * @return an {@code Integer} instance representing {@code i}. * @since 1.5 diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/java/lang/Long.java --- a/jdk/src/share/classes/java/lang/Long.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/java/lang/Long.java Wed Jul 05 16:56:52 2017 +0200 @@ -560,6 +560,11 @@ * significantly better space and time performance by caching * frequently requested values. * + * Note that unlike the {@linkplain Integer#valueOf(int) + * corresponding method} in the {@code Integer} class, this method + * is not required to cache values within a particular + * range. + * * @param l a long value. * @return a {@code Long} instance representing {@code l}. * @since 1.5 diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/java/lang/Short.java --- a/jdk/src/share/classes/java/lang/Short.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/java/lang/Short.java Wed Jul 05 16:56:52 2017 +0200 @@ -219,6 +219,9 @@ * significantly better space and time performance by caching * frequently requested values. * + * This method will always cache values in the range -128 to 127, + * inclusive, and may cache other values outside of this range. + * * @param s a short value. * @return a {@code Short} instance representing {@code s}. * @since 1.5 diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/java/net/URLClassLoader.java --- a/jdk/src/share/classes/java/net/URLClassLoader.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/java/net/URLClassLoader.java Wed Jul 05 16:56:52 2017 +0200 @@ -306,6 +306,35 @@ } /* + * Retrieve the package using the specified package name. + * If non-null, verify the package using the specified code + * source and manifest. + */ + private Package getAndVerifyPackage(String pkgname, + Manifest man, URL url) { + Package pkg = getPackage(pkgname); + if (pkg != null) { + // Package found, so check package sealing. + if (pkg.isSealed()) { + // Verify that code source URL is the same. + if (!pkg.isSealed(url)) { + throw new SecurityException( + "sealing violation: package " + pkgname + " is sealed"); + } + } else { + // Make sure we are not attempting to seal the package + // at this code source URL. + if ((man != null) && isSealed(pkgname, man)) { + throw new SecurityException( + "sealing violation: can't seal package " + pkgname + + ": already loaded"); + } + } + } + return pkg; + } + + /* * Defines a Class using the class bytes obtained from the specified * Resource. The resulting Class must be resolved before it can be * used. @@ -316,32 +345,23 @@ if (i != -1) { String pkgname = name.substring(0, i); // Check if package already loaded. - Package pkg = getPackage(pkgname); Manifest man = res.getManifest(); - if (pkg != null) { - // Package found, so check package sealing. - if (pkg.isSealed()) { - // Verify that code source URL is the same. - if (!pkg.isSealed(url)) { - throw new SecurityException( - "sealing violation: package " + pkgname + " is sealed"); + if (getAndVerifyPackage(pkgname, man, url) == null) { + try { + if (man != null) { + definePackage(pkgname, man, url); + } else { + definePackage(pkgname, null, null, null, null, null, null, null); } - - } else { - // Make sure we are not attempting to seal the package - // at this code source URL. - if ((man != null) && isSealed(pkgname, man)) { - throw new SecurityException( - "sealing violation: can't seal package " + pkgname + - ": already loaded"); + } catch (IllegalArgumentException iae) { + // parallel-capable class loaders: re-verify in case of a + // race condition + if (getAndVerifyPackage(pkgname, man, url) == null) { + // Should never happen + throw new AssertionError("Cannot find package " + + pkgname); } } - } else { - if (man != null) { - definePackage(pkgname, man, url); - } else { - definePackage(pkgname, null, null, null, null, null, null, null); - } } } // Now read the class bytes and define the class diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/java/nio/file/LinkPermission.java --- a/jdk/src/share/classes/java/nio/file/LinkPermission.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/java/nio/file/LinkPermission.java Wed Jul 05 16:56:52 2017 +0200 @@ -46,7 +46,7 @@ * known as creating a link, or hard link. * Extreme care should be taken when granting this permission. It allows * linking to any file or directory in the file system thus allowing the - * attacker to access to all files. + * attacker access to all files. * * * symbolic diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/java/nio/file/NotLinkException.java --- a/jdk/src/share/classes/java/nio/file/NotLinkException.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/java/nio/file/NotLinkException.java Wed Jul 05 16:56:52 2017 +0200 @@ -27,7 +27,7 @@ /** * Checked exception thrown when a file system operation fails because a file - * is not a link. + * is not a symbolic link. * * @since 1.7 */ diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/java/nio/file/Path.java --- a/jdk/src/share/classes/java/nio/file/Path.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/java/nio/file/Path.java Wed Jul 05 16:56:52 2017 +0200 @@ -91,8 +91,8 @@ * iterate over the entries in the directory.

*

  • Files can be {@link #copyTo(Path,CopyOption[]) copied} or * {@link #moveTo(Path,CopyOption[]) moved}.

    • - *

  • Symbolic-links may be {@link #createSymbolicLink created}, or the - * target of a link may be {@link #readSymbolicLink read}.

    • + *

  • Symbolic links may be {@link #createSymbolicLink created}, or the + * target of a symbolic link may be {@link #readSymbolicLink read}.

    • *

  • The {@link #toRealPath real} path of an existing file may be * obtained.

    • * @@ -403,12 +403,12 @@ * p.relativize(p.resolve(q)).equals(q) * * - *

    When symbolic-links are supported, then whether the resulting path, + *

    When symbolic links are supported, then whether the resulting path, * when resolved against this path, yields a path that can be used to locate * the {@link #isSameFile same} file as {@code other} is implementation * dependent. For example, if this path is {@code "/a/b"} and the given * path is {@code "/a/x"} then the resulting relative path may be {@code - * "../x"}. If {@code "b"} is a symbolic-link then is implementation + * "../x"}. If {@code "b"} is a symbolic link then is implementation * dependent if {@code "a/b/../x"} would locate the same file as {@code "/a/x"}. * * @param other @@ -430,8 +430,8 @@ * *

    An implementation may require to examine the file to determine if the * file is a directory. Consequently this method may not be atomic with respect - * to other file system operations. If the file is a symbolic-link then the - * link is deleted and not the final target of the link. + * to other file system operations. If the file is a symbolic link then the + * symbolic link itself, not the final target of the link, is deleted. * *

    If the file is a directory then the directory must be empty. In some * implementations a directory has entries for special files or links that @@ -459,11 +459,11 @@ /** * Deletes the file located by this path, if it exists. * - *

    As with the {@link #delete delete()} method, an implementation - * may require to examine the file to determine if the file is a directory. + *

    As with the {@link #delete delete()} method, an implementation may + * need to examine the file to determine if the file is a directory. * Consequently this method may not be atomic with respect to other file - * system operations. If the file is a symbolic-link then the link is - * deleted and not the final target of the link. + * system operations. If the file is a symbolic link, then the symbolic + * link itself, not the final target of the link, is deleted. * *

    If the file is a directory then the directory must be empty. In some * implementations a directory has entries for special files or links that @@ -507,7 +507,7 @@ * create symbolic links, in which case this method may throw {@code IOException}. * * @param target - * the target of the link + * the target of the symbolic link * @param attrs * the array of attributes to set atomically when creating the * symbolic link @@ -573,9 +573,9 @@ * Reads the target of a symbolic link (optional operation). * *

    If the file system supports symbolic - * links then this method is used read the target of the link, failing - * if the file is not a link. The target of the link need not exist. The - * returned {@code Path} object will be associated with the same file + * links then this method is used to read the target of the link, failing + * if the file is not a symbolic link. The target of the link need not exist. + * The returned {@code Path} object will be associated with the same file * system as this {@code Path}. * * @return a {@code Path} object representing the target of the link @@ -584,7 +584,7 @@ * if the implementation does not support symbolic links * @throws NotLinkException * if the target could otherwise not be read because the file - * is not a link (optional specific exception) + * is not a symbolic link (optional specific exception) * @throws IOException * if an I/O error occurs * @throws SecurityException @@ -724,8 +724,8 @@ * exists, except if the source and target are the {@link #isSameFile same} * file, in which case this method has no effect. File attributes are not * required to be copied to the target file. If symbolic links are supported, - * and the file is a link, then the final target of the link is copied. If - * the file is a directory then it creates an empty directory in the target + * and the file is a symbolic link, then the final target of the link is copied. + * If the file is a directory then it creates an empty directory in the target * location (entries in the directory are not copied). This method can be * used with the {@link Files#walkFileTree Files.walkFileTree} utility * method to copy a directory and all entries in the directory, or an entire @@ -740,8 +740,8 @@ * {@link StandardCopyOption#REPLACE_EXISTING REPLACE_EXISTING} * If the target file exists, then the target file is replaced if it * is not a non-empty directory. If the target file exists and is a - * symbolic-link then the symbolic-link is replaced (not the target of - * the link. + * symbolic link, then the symbolic link itself, not the target of + * the link, is replaced. * * * {@link StandardCopyOption#COPY_ATTRIBUTES COPY_ATTRIBUTES} @@ -755,11 +755,11 @@ * * * {@link LinkOption#NOFOLLOW_LINKS NOFOLLOW_LINKS} - * Symbolic-links are not followed. If the file, located by this path, - * is a symbolic-link then the link is copied rather than the target of - * the link. It is implementation specific if file attributes can be - * copied to the new link. In other words, the {@code COPY_ATTRIBUTES} - * option may be ignored when copying a link. + * Symbolic links are not followed. If the file, located by this path, + * is a symbolic link, then the symbolic link itself, not the target of + * the link, is copied. It is implementation specific if file attributes + * can be copied to the new link. In other words, the {@code + * COPY_ATTRIBUTES} option may be ignored when copying a symbolic link. * * * @@ -807,18 +807,19 @@ *

    By default, this method attempts to move the file to the target * location, failing if the target file exists except if the source and * target are the {@link #isSameFile same} file, in which case this method - * has no effect. If the file is a symbolic link then the link is moved and - * not the target of the link. This method may be invoked to move an empty - * directory. In some implementations a directory has entries for special - * files or links that are created when the directory is created. In such - * implementations a directory is considered empty when only the special - * entries exist. When invoked to move a directory that is not empty then the - * directory is moved if it does not require moving the entries in the directory. - * For example, renaming a directory on the same {@link FileStore} will usually - * not require moving the entries in the directory. When moving a directory - * requires that its entries be moved then this method fails (by throwing - * an {@code IOException}). To move a file tree may involve copying - * rather than moving directories and this can be done using the {@link + * has no effect. If the file is a symbolic link then the symbolic link + * itself, not the target of the link, is moved. This method may be + * invoked to move an empty directory. In some implementations a directory + * has entries for special files or links that are created when the + * directory is created. In such implementations a directory is considered + * empty when only the special entries exist. When invoked to move a + * directory that is not empty then the directory is moved if it does not + * require moving the entries in the directory. For example, renaming a + * directory on the same {@link FileStore} will usually not require moving + * the entries in the directory. When moving a directory requires that its + * entries be moved then this method fails (by throwing an {@code + * IOException}). To move a file tree may involve copying rather + * than moving directories and this can be done using the {@link * #copyTo copyTo} method in conjunction with the {@link * Files#walkFileTree Files.walkFileTree} utility method. * @@ -831,8 +832,8 @@ * {@link StandardCopyOption#REPLACE_EXISTING REPLACE_EXISTING} * If the target file exists, then the target file is replaced if it * is not a non-empty directory. If the target file exists and is a - * symbolic-link then the symbolic-link is replaced and not the target of - * the link. + * symbolic link, then the symbolic link itself, not the target of + * the link, is replaced. * * * {@link StandardCopyOption#ATOMIC_MOVE ATOMIC_MOVE} @@ -1495,7 +1496,7 @@ * *

    Where a file is registered with a watch service by means of a symbolic * link then it is implementation specific if the watch continues to depend - * on the existence of the link after it is registered. + * on the existence of the symbolic link after it is registered. * * @param watcher * the watch service to which this object is to be registered diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/java/nio/file/SecureDirectoryStream.java --- a/jdk/src/share/classes/java/nio/file/SecureDirectoryStream.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/java/nio/file/SecureDirectoryStream.java Wed Jul 05 16:56:52 2017 +0200 @@ -166,12 +166,13 @@ /** * Deletes a file. * - *

    Unlike the {@link Path#delete delete()} method, this method - * does not first examine the file to determine if the file is a directory. + *

    Unlike the {@link Path#delete delete()} method, this method does + * not first examine the file to determine if the file is a directory. * Whether a directory is deleted by this method is system dependent and - * therefore not specified. If the file is a symbolic-link then the link is - * deleted (not the final target of the link). When the parameter is a - * relative path then the file to delete is relative to this open directory. + * therefore not specified. If the file is a symbolic link, then the link + * itself, not the final target of the link, is deleted. When the + * parameter is a relative path then the file to delete is relative to + * this open directory. * * @param path * the path of the file to delete diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/java/nio/file/attribute/Attributes.java --- a/jdk/src/share/classes/java/nio/file/attribute/Attributes.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/java/nio/file/attribute/Attributes.java Wed Jul 05 16:56:52 2017 +0200 @@ -48,9 +48,9 @@ * symbolic links are followed and the file attributes of the final target * of the link are read. If the option {@link LinkOption#NOFOLLOW_LINKS * NOFOLLOW_LINKS} is present then symbolic links are not followed and so - * the method returns the file attributes of the symbolic link. This option - * should be used where there is a need to determine if a file is a - * symbolic link: + * the method returns the file attributes of the symbolic link itself. + * This option should be used where there is a need to determine if a + * file is a symbolic link: * 

          *    boolean isSymbolicLink = Attributes.readBasicFileAttributes(file, NOFOLLOW_LINKS).isSymbolicLink();
      *
    @@ -98,7 +98,7 @@ * symbolic links are followed and the file attributes of the final target * of the link are read. If the option {@link LinkOption#NOFOLLOW_LINKS * NOFOLLOW_LINKS} is present then symbolic links are not followed and so - * the method returns the file attributes of the symbolic link. + * the method returns the file attributes of the symbolic link itself. * * @param file * A file reference that locates the file @@ -145,7 +145,7 @@ * symbolic links are followed and the file attributes of the final target * of the link are read. If the option {@link LinkOption#NOFOLLOW_LINKS * NOFOLLOW_LINKS} is present then symbolic links are not followed and so - * the method returns the file attributes of the symbolic link. + * the method returns the file attributes of the symbolic link itself. * * @param file * A file reference that locates the file diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/java/nio/file/attribute/BasicFileAttributes.java --- a/jdk/src/share/classes/java/nio/file/attribute/BasicFileAttributes.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/java/nio/file/attribute/BasicFileAttributes.java Wed Jul 05 16:56:52 2017 +0200 @@ -81,13 +81,13 @@ boolean isDirectory(); /** - * Tells whether the file is a symbolic-link. + * Tells whether the file is a symbolic link. */ boolean isSymbolicLink(); /** * Tells whether the file is something other than a regular file, directory, - * or link. + * or symbolic link. */ boolean isOther(); diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/javax/swing/DefaultDesktopManager.java --- a/jdk/src/share/classes/javax/swing/DefaultDesktopManager.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/javax/swing/DefaultDesktopManager.java Wed Jul 05 16:56:52 2017 +0200 @@ -708,7 +708,7 @@ // update window if it's non-opaque Window topLevel = SwingUtilities.getWindowAncestor(f); Toolkit tk = Toolkit.getDefaultToolkit(); - if (!AWTAccessor.getWindowAccessor().isOpaque(topLevel) && + if (!topLevel.isOpaque() && (tk instanceof SunToolkit) && ((SunToolkit)tk).needUpdateWindow()) { diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/javax/swing/RepaintManager.java --- a/jdk/src/share/classes/javax/swing/RepaintManager.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/javax/swing/RepaintManager.java Wed Jul 05 16:56:52 2017 +0200 @@ -732,7 +732,7 @@ (Window)dirty : SwingUtilities.getWindowAncestor(dirty); if (window != null && - !AWTAccessor.getWindowAccessor().isOpaque(window)) + !window.isOpaque()) { windows.add(window); } @@ -996,7 +996,7 @@ // If the window is non-opaque, it's double-buffered at peer's level Window w = (c instanceof Window) ? (Window)c : SwingUtilities.getWindowAncestor(c); - if (!AWTAccessor.getWindowAccessor().isOpaque(w)) { + if (!w.isOpaque()) { Toolkit tk = Toolkit.getDefaultToolkit(); if ((tk instanceof SunToolkit) && (((SunToolkit)tk).needUpdateWindow())) { return null; @@ -1032,7 +1032,7 @@ // If the window is non-opaque, it's double-buffered at peer's level Window w = (c instanceof Window) ? (Window)c : SwingUtilities.getWindowAncestor(c); - if (!AWTAccessor.getWindowAccessor().isOpaque(w)) { + if (!w.isOpaque()) { Toolkit tk = Toolkit.getDefaultToolkit(); if ((tk instanceof SunToolkit) && (((SunToolkit)tk).needUpdateWindow())) { return null; diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/sun/awt/AWTAccessor.java --- a/jdk/src/share/classes/sun/awt/AWTAccessor.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/sun/awt/AWTAccessor.java Wed Jul 05 16:56:52 2017 +0200 @@ -137,11 +137,6 @@ */ void setShape(Window window, Shape shape); /* - * Identify whether the given window is opaque (true) - * or translucent (false). - */ - boolean isOpaque(Window window); - /* * Set the opaque preoperty to the given window. */ void setOpaque(Window window, boolean isOpaque); diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/sun/awt/SunToolkit.java --- a/jdk/src/share/classes/sun/awt/SunToolkit.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/sun/awt/SunToolkit.java Wed Jul 05 16:56:52 2017 +0200 @@ -1985,8 +1985,7 @@ */ public static boolean isContainingTopLevelOpaque(Component c) { Window w = getContainingWindow(c); - return w != null && ((Window)w).getBackground() != null && - ((Window)w).getBackground().getAlpha() == 255; + return w != null && w.isOpaque(); } /** diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/sun/net/www/http/HttpCapture.java --- a/jdk/src/share/classes/sun/net/www/http/HttpCapture.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/sun/net/www/http/HttpCapture.java Wed Jul 05 16:56:52 2017 +0200 @@ -25,6 +25,8 @@ package sun.net.www.http; import java.io.*; +import java.lang.reflect.InvocationTargetException; +import java.lang.reflect.Method; import java.util.ArrayList; import java.util.logging.Level; import java.util.logging.Logger; @@ -60,6 +62,76 @@ private static boolean initialized = false; private static volatile ArrayList patterns = null; private static volatile ArrayList capFiles = null; + /* Logging is done in an ugly way so that it does not require the presence + * the java.util.logging package. If the Logger class is not available, then + * logging is turned off. This is for helping the modularization effort. + */ + private static Object logger = null; + private static boolean logging = false; + + static { + Class cl; + try { + cl = Class.forName("java.util.logging.Logger"); + } catch (ClassNotFoundException ex) { + cl = null; + } + if (cl != null) { + try { + Method m = cl.getMethod("getLogger", String.class); + logger = m.invoke(null, "sun.net.www.protocol.http.HttpURLConnection"); + logging = true; + } catch (NoSuchMethodException noSuchMethodException) { + } catch (SecurityException securityException) { + } catch (IllegalAccessException illegalAccessException) { + } catch (IllegalArgumentException illegalArgumentException) { + } catch (InvocationTargetException invocationTargetException) { + } + } + } + + public static void fine(String s) { + if (logging) { + ((Logger)logger).fine(s); + } + } + + public static void finer(String s) { + if (logging) { + ((Logger)logger).finer(s); + } + } + + public static void finest(String s) { + if (logging) { + ((Logger)logger).finest(s); + } + } + + public static void severe(String s) { + if (logging) { + ((Logger)logger).finest(s); + } + } + + public static void info(String s) { + if (logging) { + ((Logger)logger).info(s); + } + } + + public static void warning(String s) { + if (logging) { + ((Logger)logger).warning(s); + } + } + + public static boolean isLoggable(String level) { + if (!logging) { + return false; + } + return ((Logger)logger).isLoggable(Level.parse(level)); + } private static synchronized void init() { initialized = true; diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/sun/net/www/http/HttpClient.java --- a/jdk/src/share/classes/sun/net/www/http/HttpClient.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/sun/net/www/http/HttpClient.java Wed Jul 05 16:56:52 2017 +0200 @@ -28,8 +28,6 @@ import java.io.*; import java.net.*; import java.util.Locale; -import java.util.logging.Level; -import java.util.logging.Logger; import sun.net.NetworkClient; import sun.net.ProgressSource; import sun.net.www.MessageHeader; @@ -66,10 +64,6 @@ /** Default port number for http daemons. REMIND: make these private */ static final int httpPortNumber = 80; - // Use same logger as HttpURLConnection since we want to combine both event - // streams into one single HTTP log - private static Logger logger = Logger.getLogger("sun.net.www.protocol.http.HttpURLConnection"); - /** return default port number (subclasses may override) */ protected int getDefaultPort () { return httpPortNumber; } @@ -810,8 +804,8 @@ if (isKeepingAlive()) { // Wrap KeepAliveStream if keep alive is enabled. - if (logger.isLoggable(Level.FINEST)) { - logger.finest("KeepAlive stream used: " + url); + if (HttpCapture.isLoggable("FINEST")) { + HttpCapture.finest("KeepAlive stream used: " + url); } serverInput = new KeepAliveStream(serverInput, pi, cl, this); failedOnce = false; diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/sun/net/www/protocol/http/HttpLogFormatter.java --- a/jdk/src/share/classes/sun/net/www/protocol/http/HttpLogFormatter.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/sun/net/www/protocol/http/HttpLogFormatter.java Wed Jul 05 16:56:52 2017 +0200 @@ -49,8 +49,7 @@ @Override public String format(LogRecord record) { - if (!"sun.net.www.protocol.http.HttpURLConnection".equalsIgnoreCase(record.getSourceClassName()) - && !"sun.net.www.http.HttpClient".equalsIgnoreCase(record.getSourceClassName())) { + if (!"sun.net.www.http.HttpCapture".equalsIgnoreCase(record.getSourceClassName())) { // Don't change format for stuff that doesn't concern us return super.format(record); } diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/sun/net/www/protocol/http/HttpURLConnection.java --- a/jdk/src/share/classes/sun/net/www/protocol/http/HttpURLConnection.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/sun/net/www/protocol/http/HttpURLConnection.java Wed Jul 05 16:56:52 2017 +0200 @@ -51,14 +51,13 @@ import java.util.Locale; import java.util.StringTokenizer; import java.util.Iterator; -import java.util.logging.Level; -import java.util.logging.Logger; import sun.net.*; import sun.net.www.*; import sun.net.www.http.HttpClient; import sun.net.www.http.PosterOutputStream; import sun.net.www.http.ChunkedInputStream; import sun.net.www.http.ChunkedOutputStream; +import sun.net.www.http.HttpCapture; import java.text.SimpleDateFormat; import java.util.TimeZone; import java.net.MalformedURLException; @@ -71,8 +70,6 @@ public class HttpURLConnection extends java.net.HttpURLConnection { - private static Logger logger = Logger.getLogger("sun.net.www.protocol.http.HttpURLConnection"); - static String HTTP_CONNECT = "CONNECT"; static final String version; @@ -304,14 +301,14 @@ return java.security.AccessController.doPrivileged( new java.security.PrivilegedAction() { public PasswordAuthentication run() { - if (logger.isLoggable(Level.FINEST)) { - logger.finest("Requesting Authentication: host =" + host + " url = " + url); + if (HttpCapture.isLoggable("FINEST")) { + HttpCapture.finest("Requesting Authentication: host =" + host + " url = " + url); } PasswordAuthentication pass = Authenticator.requestPasswordAuthentication( host, addr, port, protocol, prompt, scheme, url, authType); - if (pass != null && logger.isLoggable(Level.FINEST)) { - logger.finest("Authentication returned: " + pass.toString()); + if (HttpCapture.isLoggable("FINEST")) { + HttpCapture.finest("Authentication returned: " + (pass != null ? pass.toString() : "null")); } return pass; } @@ -466,8 +463,8 @@ setRequests=true; } - if (logger.isLoggable(Level.FINE)) { - logger.fine(requests.toString()); + if (HttpCapture.isLoggable("FINE")) { + HttpCapture.fine(requests.toString()); } http.writeRequests(requests, poster); if (ps.checkError()) { @@ -723,11 +720,9 @@ && !(cachedResponse instanceof SecureCacheResponse)) { cachedResponse = null; } - if (logger.isLoggable(Level.FINEST)) { - logger.finest("Cache Request for " + uri + " / " + getRequestMethod()); - if (cachedResponse != null) { - logger.finest("From cache: "+cachedResponse.toString()); - } + if (HttpCapture.isLoggable("FINEST")) { + HttpCapture.finest("Cache Request for " + uri + " / " + getRequestMethod()); + HttpCapture.finest("From cache: " + (cachedResponse != null ? cachedResponse.toString() : "null")); } if (cachedResponse != null) { cachedHeaders = mapToMessageHeader(cachedResponse.getHeaders()); @@ -766,8 +761,8 @@ }); if (sel != null) { URI uri = sun.net.www.ParseUtil.toURI(url); - if (logger.isLoggable(Level.FINEST)) { - logger.finest("ProxySelector Request for " + uri); + if (HttpCapture.isLoggable("FINEST")) { + HttpCapture.finest("ProxySelector Request for " + uri); } Iterator it = sel.select(uri).iterator(); Proxy p; @@ -783,9 +778,9 @@ http = getNewHttpClient(url, p, connectTimeout, false); http.setReadTimeout(readTimeout); } - if (logger.isLoggable(Level.FINEST)) { + if (HttpCapture.isLoggable("FINEST")) { if (p != null) { - logger.finest("Proxy used: " + p.toString()); + HttpCapture.finest("Proxy used: " + p.toString()); } } break; @@ -1015,15 +1010,15 @@ URI uri = ParseUtil.toURI(url); if (uri != null) { - if (logger.isLoggable(Level.FINEST)) { - logger.finest("CookieHandler request for " + uri); + if (HttpCapture.isLoggable("FINEST")) { + HttpCapture.finest("CookieHandler request for " + uri); } Map> cookies = cookieHandler.get( uri, requests.getHeaders(EXCLUDE_HEADERS)); if (!cookies.isEmpty()) { - if (logger.isLoggable(Level.FINEST)) { - logger.finest("Cookies retrieved: " + cookies.toString()); + if (HttpCapture.isLoggable("FINEST")) { + HttpCapture.finest("Cookies retrieved: " + cookies.toString()); } for (Map.Entry> entry : cookies.entrySet()) { @@ -1154,8 +1149,8 @@ writeRequests(); } http.parseHTTP(responses, pi, this); - if (logger.isLoggable(Level.FINE)) { - logger.fine(responses.toString()); + if (HttpCapture.isLoggable("FINE")) { + HttpCapture.fine(responses.toString()); } inputStream = http.getInputStream(); @@ -1599,8 +1594,8 @@ http.parseHTTP(responses, null, this); /* Log the response to the CONNECT */ - if (logger.isLoggable(Level.FINE)) { - logger.fine(responses.toString()); + if (HttpCapture.isLoggable("FINE")) { + HttpCapture.fine(responses.toString()); } statusLine = responses.getValue(0); @@ -1727,8 +1722,8 @@ setPreemptiveProxyAuthentication(requests); /* Log the CONNECT request */ - if (logger.isLoggable(Level.FINE)) { - logger.fine(requests.toString()); + if (HttpCapture.isLoggable("FINE")) { + HttpCapture.fine(requests.toString()); } http.writeRequests(requests, null); @@ -1872,8 +1867,8 @@ } } } - if (logger.isLoggable(Level.FINER)) { - logger.finer("Proxy Authentication for " + authhdr.toString() +" returned " + ret.toString()); + if (HttpCapture.isLoggable("FINER")) { + HttpCapture.finer("Proxy Authentication for " + authhdr.toString() +" returned " + (ret != null ? ret.toString() : "null")); } return ret; } @@ -2002,8 +1997,8 @@ } } } - if (logger.isLoggable(Level.FINER)) { - logger.finer("Server Authentication for " + authhdr.toString() +" returned " + ret.toString()); + if (HttpCapture.isLoggable("FINER")) { + HttpCapture.finer("Server Authentication for " + authhdr.toString() +" returned " + (ret != null ? ret.toString() : "null")); } return ret; } @@ -2078,8 +2073,8 @@ if (streaming()) { throw new HttpRetryException (RETRY_MSG3, stat, loc); } - if (logger.isLoggable(Level.FINE)) { - logger.fine("Redirected from " + url + " to " + locUrl); + if (HttpCapture.isLoggable("FINE")) { + HttpCapture.fine("Redirected from " + url + " to " + locUrl); } // clear out old response headers!!!! diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/sun/security/jgss/krb5/Krb5InitCredential.java --- a/jdk/src/share/classes/sun/security/jgss/krb5/Krb5InitCredential.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/sun/security/jgss/krb5/Krb5InitCredential.java Wed Jul 05 16:56:52 2017 +0200 @@ -238,7 +238,7 @@ retVal = (int)(getEndTime().getTime() - (new Date().getTime())); - return retVal; + return retVal/1000; } /** diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/sun/security/krb5/Config.java --- a/jdk/src/share/classes/sun/security/krb5/Config.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/sun/security/krb5/Config.java Wed Jul 05 16:56:52 2017 +0200 @@ -123,7 +123,7 @@ java.security.AccessController.doPrivileged( new sun.security.action.GetPropertyAction ("java.security.krb5.kdc")); - defaultRealm = + defaultRealm = java.security.AccessController.doPrivileged( new sun.security.action.GetPropertyAction ("java.security.krb5.realm")); @@ -134,6 +134,16 @@ "java.security.krb5.realm both must be set or " + "neither must be set."); } + + // Read the Kerberos configuration file + try { + Vector configFile; + configFile = loadConfigFile(); + stanzaTable = parseStanzaTable(configFile); + } catch (IOException ioe) { + // No krb5.conf, no problem. We'll use DNS etc. + } + if (kdchost != null) { /* * If configuration information is only specified by @@ -141,22 +151,19 @@ * java.security.krb5.realm, we put both in the hashtable * under [libdefaults]. */ - Hashtable kdcs = new Hashtable (); + if (stanzaTable == null) { + stanzaTable = new Hashtable (); + } + Hashtable kdcs = + (Hashtable)stanzaTable.get("libdefaults"); + if (kdcs == null) { + kdcs = new Hashtable (); + stanzaTable.put("libdefaults", kdcs); + } kdcs.put("default_realm", defaultRealm); // The user can specify a list of kdc hosts separated by ":" kdchost = kdchost.replace(':', ' '); kdcs.put("kdc", kdchost); - stanzaTable = new Hashtable (); - stanzaTable.put("libdefaults", kdcs); - } else { - // Read the Kerberos configuration file - try { - Vector configFile; - configFile = loadConfigFile(); - stanzaTable = parseStanzaTable(configFile); - } catch (IOException ioe) { - // No krb5.conf, no problem. We'll use DNS etc. - } } } @@ -294,7 +301,7 @@ * hashtable. */ if (name.equalsIgnoreCase("kdc") && - (!section.equalsIgnoreCase("libdefaults")) && + (section.equalsIgnoreCase(getDefault("default_realm", "libdefaults"))) && (java.security.AccessController.doPrivileged( new sun.security.action. GetPropertyAction("java.security.krb5.kdc")) != null)) { diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java --- a/jdk/src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java Wed Jul 05 16:56:52 2017 +0200 @@ -1,5 +1,5 @@ /* - * Copyright 2002-2007 Sun Microsystems, Inc. All Rights Reserved. + * Copyright 2002-2009 Sun Microsystems, Inc. All Rights Reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -34,6 +34,7 @@ import sun.security.action.GetPropertyAction; import sun.security.util.Debug; +import sun.security.util.DerOutputStream; import sun.security.x509.*; /** @@ -333,7 +334,15 @@ if (match == false) { return false; } - indirectCRL = true; + + // we accept the case that a CRL issuer provide status + // information for itself. + if (ForwardBuilder.issues(certImpl, crlImpl, provider)) { + // reset the public key used to verify the CRL's signature + prevKey = certImpl.getPublicKey(); + } else { + indirectCRL = true; + } } else if (crlIssuer.equals(certIssuer) == false) { if (debug != null) { debug.println("crl issuer does not equal cert issuer"); @@ -347,7 +356,14 @@ PKIXExtensions.AuthorityKey_Id.toString()); if (!Arrays.equals(certAKID, crlAKID)) { - indirectCRL = true; + // we accept the case that a CRL issuer provide status + // information for itself. + if (ForwardBuilder.issues(certImpl, crlImpl, provider)) { + // reset the public key used to verify the CRL's signature + prevKey = certImpl.getPublicKey(); + } else { + indirectCRL = true; + } } } @@ -542,10 +558,80 @@ certSel.setSubject(crlIssuer.asX500Principal()); boolean[] crlSign = {false,false,false,false,false,false,true}; certSel.setKeyUsage(crlSign); + + // Currently by default, forward builder does not enable + // subject/authority key identifier identifying for target + // certificate, instead, it only compares the CRL issuer and + // the target certificate subject. If the certificate of the + // delegated CRL issuer is a self-issued certificate, the + // builder is unable to find the proper CRL issuer by issuer + // name only, there is a potential dead loop on finding the + // proper issuer. It is of great help to narrow the target + // scope down to aware of authority key identifiers in the + // selector, for the purposes of breaking the dead loop. + AuthorityKeyIdentifierExtension akidext = + crlImpl.getAuthKeyIdExtension(); + if (akidext != null) { + KeyIdentifier akid = (KeyIdentifier)akidext.get(akidext.KEY_ID); + if (akid != null) { + DerOutputStream derout = new DerOutputStream(); + derout.putOctetString(akid.getIdentifier()); + certSel.setSubjectKeyIdentifier(derout.toByteArray()); + } + + SerialNumber asn = + (SerialNumber)akidext.get(akidext.SERIAL_NUMBER); + if (asn != null) { + certSel.setSerialNumber(asn.getNumber()); + } + // the subject criterion will be set by builder automatically. + } + + // by far, we have validated the previous certificate, we can + // trust it during validating the CRL issuer. + // Except the performance improvement, another benefit is to break + // the dead loop while looking for the issuer back and forth + // between the delegated self-issued certificate and its issuer. + Set trustAnchors = new HashSet(); + if (anchor != null) { + trustAnchors.add(anchor); + } + + if (prevKey != null) { + // if the previous key is of the anchor, don't bother to + // duplicate the trust. + boolean duplicated = false; + PublicKey publicKey = prevKey; + X500Principal principal = certImpl.getIssuerX500Principal(); + + if (anchor != null) { + X509Certificate trustedCert = anchor.getTrustedCert(); + X500Principal trustedPrincipal; + PublicKey trustedPublicKey; + if (trustedCert != null) { + trustedPrincipal = trustedCert.getSubjectX500Principal(); + trustedPublicKey = trustedCert.getPublicKey(); + } else { + trustedPrincipal = anchor.getCA(); + trustedPublicKey = anchor.getCAPublicKey(); + } + + if (principal.equals(trustedPrincipal) && + publicKey.equals(trustedPublicKey)) { + duplicated = true; + } + } + + if (!duplicated) { + TrustAnchor temporary = + new TrustAnchor(principal, publicKey, null); + trustAnchors.add(temporary); + } + } + PKIXBuilderParameters params = null; try { - params = new PKIXBuilderParameters - (Collections.singleton(anchor), certSel); + params = new PKIXBuilderParameters(trustAnchors, certSel); } catch (InvalidAlgorithmParameterException iape) { throw new CRLException(iape); } diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/sun/security/provider/certpath/ForwardBuilder.java --- a/jdk/src/share/classes/sun/security/provider/certpath/ForwardBuilder.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/sun/security/provider/certpath/ForwardBuilder.java Wed Jul 05 16:56:52 2017 +0200 @@ -1,5 +1,5 @@ /* - * Copyright 2000-2008 Sun Microsystems, Inc. All Rights Reserved. + * Copyright 2000-2009 Sun Microsystems, Inc. All Rights Reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -30,6 +30,7 @@ import java.security.GeneralSecurityException; import java.security.InvalidKeyException; +import java.security.cert.Certificate; import java.security.cert.CertificateException; import java.security.cert.CertPathValidatorException; import java.security.cert.PKIXReason; @@ -43,12 +44,22 @@ import javax.security.auth.x500.X500Principal; import sun.security.util.Debug; +import sun.security.util.DerOutputStream; import sun.security.x509.AccessDescription; import sun.security.x509.AuthorityInfoAccessExtension; import sun.security.x509.PKIXExtensions; import sun.security.x509.PolicyMappingsExtension; import sun.security.x509.X500Name; import sun.security.x509.X509CertImpl; +import sun.security.x509.X509CRLImpl; +import sun.security.x509.AuthorityKeyIdentifierExtension; +import sun.security.x509.KeyIdentifier; +import sun.security.x509.SubjectKeyIdentifierExtension; +import sun.security.x509.SerialNumber; +import sun.security.x509.GeneralNames; +import sun.security.x509.GeneralName; +import sun.security.x509.GeneralNameInterface; +import java.math.BigInteger; /** * This class represents a forward builder, which is able to retrieve @@ -237,7 +248,7 @@ } else { if (caSelector == null) { - caSelector = new X509CertSelector(); + caSelector = new AdaptableX509CertSelector(); /* * Match on certificate validity date. @@ -269,6 +280,29 @@ * at least as many CA certs that have already been traversed */ caSelector.setBasicConstraints(currentState.traversedCACerts); + + /* + * Facilitate certification path construction with authority + * key identifier and subject key identifier. + */ + AuthorityKeyIdentifierExtension akidext = + currentState.cert.getAuthorityKeyIdentifierExtension(); + if (akidext != null) { + KeyIdentifier akid = (KeyIdentifier)akidext.get(akidext.KEY_ID); + if (akid != null) { + DerOutputStream derout = new DerOutputStream(); + derout.putOctetString(akid.getIdentifier()); + caSelector.setSubjectKeyIdentifier(derout.toByteArray()); + } + + SerialNumber asn = + (SerialNumber)akidext.get(akidext.SERIAL_NUMBER); + if (asn != null) { + caSelector.setSerialNumber(asn.getNumber()); + } + // the subject criterion was set previously. + } + sel = caSelector; } @@ -817,13 +851,25 @@ } else { continue; } - } - - X500Principal trustedCAName = anchor.getCA(); + } else { + X500Principal principal = anchor.getCA(); + java.security.PublicKey publicKey = anchor.getCAPublicKey(); - /* Check subject/issuer name chaining */ - if (!trustedCAName.equals(cert.getIssuerX500Principal())) { - continue; + if (principal != null && publicKey != null && + principal.equals(cert.getSubjectX500Principal())) { + if (publicKey.equals(cert.getPublicKey())) { + // the cert itself is a trust anchor + this.trustAnchor = anchor; + return true; + } + // else, it is a self-issued certificate of the anchor + } + + // Check subject/issuer name chaining + if (principal == null || + !principal.equals(cert.getIssuerX500Principal())) { + continue; + } } /* Check revocation if it is enabled */ @@ -890,4 +936,120 @@ void removeFinalCertFromPath(LinkedList certPathList) { certPathList.removeFirst(); } + + /** Verifies whether a CRL is issued by a certain certificate + * + * @param cert the certificate + * @param crl the CRL to be verified + * @param provider the name of the signature provider + */ + static boolean issues(X509CertImpl cert, X509CRLImpl crl, String provider) + throws IOException { + + boolean kidmatched = false; + + // check certificate's key usage + boolean[] usages = cert.getKeyUsage(); + if (usages != null && !usages[6]) { + return false; + } + + // check certificate's SKID and CRL's AKID + AuthorityKeyIdentifierExtension akidext = crl.getAuthKeyIdExtension(); + if (akidext != null) { + // the highest priority, matching KID + KeyIdentifier akid = (KeyIdentifier)akidext.get(akidext.KEY_ID); + if (akid != null) { + SubjectKeyIdentifierExtension skidext = + cert.getSubjectKeyIdentifierExtension(); + if (skidext != null) { + KeyIdentifier skid = + (KeyIdentifier)skidext.get(skidext.KEY_ID); + if (!akid.equals(skid)) { + return false; + } + + kidmatched = true; + } + // conservatively, in case of X509 V1 certificate, + // does return false here if no SKID extension. + } + + // the medium priority, matching issuer name/serial number + SerialNumber asn = (SerialNumber)akidext.get(akidext.SERIAL_NUMBER); + GeneralNames anames = (GeneralNames)akidext.get(akidext.AUTH_NAME); + if (asn != null && anames != null) { + X500Name subject = (X500Name)cert.getSubjectDN(); + BigInteger serial = cert.getSerialNumber(); + + if (serial != null && subject != null) { + if (serial.equals(asn.getNumber())) { + return false; + } + + for (GeneralName name : anames.names()) { + GeneralNameInterface gni = name.getName(); + if (subject.equals(gni)) { + return true; + } + } + } + + return false; + } + + if (kidmatched) { + return true; + } + } + + // the last priority, verify the CRL signature with the cert. + X500Principal crlIssuer = crl.getIssuerX500Principal(); + X500Principal certSubject = cert.getSubjectX500Principal(); + if (certSubject != null && certSubject.equals(crlIssuer)) { + try { + crl.verify(cert.getPublicKey(), provider); + return true; + } catch (Exception e) { + // ignore all exceptions. + } + } + + return false; + } + + /** + * An adaptable X509 certificate selector for forward certification path + * building. + */ + private static class AdaptableX509CertSelector extends X509CertSelector { + public AdaptableX509CertSelector() { + super(); + } + + /** + * Decides whether a Certificate should be selected. + * + * For the purpose of compatibility, when a certificate is of + * version 1 and version 2, or the certificate does not include + * a subject key identifier extension, the selection criterion + * of subjectKeyIdentifier will be disabled. + * + * @Override + */ + public boolean match(Certificate cert) { + if (!(cert instanceof X509Certificate)) { + return false; + } + X509Certificate xcert = (X509Certificate)cert; + + if (xcert.getVersion() < 3 || + xcert.getExtensionValue("2.5.29.14") == null) { + // disable the subjectKeyIdentifier criterion + setSubjectKeyIdentifier(null); + } + + return super.match(cert); + } + } } diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/sun/security/provider/certpath/OCSPChecker.java --- a/jdk/src/share/classes/sun/security/provider/certpath/OCSPChecker.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/sun/security/provider/certpath/OCSPChecker.java Wed Jul 05 16:56:52 2017 +0200 @@ -1,5 +1,5 @@ /* - * Copyright 2003-2008 Sun Microsystems, Inc. All Rights Reserved. + * Copyright 2003-2009 Sun Microsystems, Inc. All Rights Reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -351,18 +351,27 @@ } in = con.getInputStream(); + byte[] response = null; + int total = 0; int contentLength = con.getContentLength(); - if (contentLength == -1) { + if (contentLength != -1) { + response = new byte[contentLength]; + } else { + response = new byte[2048]; contentLength = Integer.MAX_VALUE; } - byte[] response = new byte[contentLength]; - int total = 0; - int count = 0; - while (count != -1 && total < contentLength) { - count = in.read(response, total, response.length - total); + while (total < contentLength) { + int count = in.read(response, total, response.length - total); + if (count < 0) + break; + total += count; + if (total >= response.length && total < contentLength) { + response = Arrays.copyOf(response, total * 2); + } } + response = Arrays.copyOf(response, total); OCSPResponse ocspResponse = new OCSPResponse(response, pkixParams, responderCert); diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/sun/security/timestamp/HttpTimestamper.java --- a/jdk/src/share/classes/sun/security/timestamp/HttpTimestamper.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/sun/security/timestamp/HttpTimestamper.java Wed Jul 05 16:56:52 2017 +0200 @@ -1,5 +1,5 @@ /* - * Copyright 2003-2006 Sun Microsystems, Inc. All Rights Reserved. + * Copyright 2003-2009 Sun Microsystems, Inc. All Rights Reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -32,6 +32,7 @@ import java.net.HttpURLConnection; import java.util.Iterator; import java.util.Set; +import java.util.Arrays; import sun.security.pkcs.*; @@ -137,23 +138,33 @@ } System.out.println(); } - int contentLength = connection.getContentLength(); - if (contentLength == -1) { - contentLength = Integer.MAX_VALUE; - } verifyMimeType(connection.getContentType()); - replyBuffer = new byte[contentLength]; int total = 0; - int count = 0; - while (count != -1 && total < contentLength) { - count = input.read(replyBuffer, total, + int contentLength = connection.getContentLength(); + if (contentLength != -1) { + replyBuffer = new byte[contentLength]; + } else { + replyBuffer = new byte[2048]; + contentLength = Integer.MAX_VALUE; + } + + while (total < contentLength) { + int count = input.read(replyBuffer, total, replyBuffer.length - total); + if (count < 0) + break; + total += count; + if (total >= replyBuffer.length && total < contentLength) { + replyBuffer = Arrays.copyOf(replyBuffer, total * 2); + } } + replyBuffer = Arrays.copyOf(replyBuffer, total); + if (DEBUG) { System.out.println("received timestamp response (length=" + - replyBuffer.length + ")"); + total + ")"); } } finally { if (input != null) { diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/classes/sun/tools/jar/Main.java --- a/jdk/src/share/classes/sun/tools/jar/Main.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/classes/sun/tools/jar/Main.java Wed Jul 05 16:56:52 2017 +0200 @@ -26,12 +26,16 @@ package sun.tools.jar; import java.io.*; +import java.nio.file.Path; import java.util.*; import java.util.zip.*; import java.util.jar.*; import java.util.jar.Manifest; import java.text.MessageFormat; import sun.misc.JarIndex; +import static sun.misc.JarIndex.INDEX_NAME; +import static java.util.jar.JarFile.MANIFEST_NAME; +import static java.nio.file.StandardCopyOption.REPLACE_EXISTING; /** * This class implements a simple utility for creating files in the JAR @@ -58,7 +62,6 @@ // Directories specified by "-C" operation. Set paths = new HashSet(); - CRC32 crc32 = new CRC32(); /* * cflag: create * uflag: update @@ -71,10 +74,8 @@ */ boolean cflag, uflag, xflag, tflag, vflag, flag0, Mflag, iflag; - static final String MANIFEST = JarFile.MANIFEST_NAME; static final String MANIFEST_DIR = "META-INF/"; static final String VERSION = "1.0"; - static final String INDEX = JarIndex.INDEX_NAME; private static ResourceBundle rsrc; @@ -126,9 +127,21 @@ this.program = program; } + /** + * Creates a new empty temporary file in the same directory as the + * specified file. A variant of File.createTempFile. + */ + private static File createTempFileInSameDirectoryAs(File file) + throws IOException { + File dir = file.getParentFile(); + if (dir == null) + dir = new File("."); + return File.createTempFile("jartmp", null, dir); + } + private boolean ok; - /* + /** * Starts main program with the specified arguments. */ public synchronized boolean run(String args[]) { @@ -161,7 +174,7 @@ } addVersion(manifest); addCreatedBy(manifest); - if (isAmbigousMainClass(manifest)) { + if (isAmbiguousMainClass(manifest)) { if (in != null) { in.close(); } @@ -195,9 +208,7 @@ FileOutputStream out; if (fname != null) { inputFile = new File(fname); - String path = inputFile.getParent(); - tmpFile = File.createTempFile("tmp", null, - new File((path == null) ? "." : path)); + tmpFile = createTempFileInSameDirectoryAs(inputFile); in = new FileInputStream(inputFile); out = new FileOutputStream(tmpFile); } else { @@ -208,7 +219,8 @@ InputStream manifest = (!Mflag && (mname != null)) ? (new FileInputStream(mname)) : null; expand(null, files, true); - boolean updateOk = update(in, new BufferedOutputStream(out), manifest, null); + boolean updateOk = update(in, new BufferedOutputStream(out), + manifest, null); if (ok) { ok = updateOk; } @@ -270,8 +282,8 @@ return ok; } - /* - * Parse command line arguments. + /** + * Parses command line arguments. */ boolean parseArgs(String args[]) { /* Preprocess and expand @file arguments */ @@ -405,7 +417,7 @@ return true; } - /* + /** * Expands list of files to process into full list of all files that * can be found by recursively descending directories. */ @@ -442,7 +454,7 @@ } } - /* + /** * Creates a new JAR file. */ void create(OutputStream out, Manifest manifest) @@ -461,7 +473,7 @@ e.setSize(0); e.setCrc(0); zos.putNextEntry(e); - e = new ZipEntry(MANIFEST); + e = new ZipEntry(MANIFEST_NAME); e.setTime(System.currentTimeMillis()); if (flag0) { crc32Manifest(e, manifest); @@ -476,8 +488,32 @@ zos.close(); } - /* - * update an existing jar file. + private char toUpperCaseASCII(char c) { + return (c < 'a' || c > 'z') ? c : (char) (c + 'A' - 'a'); + } + + /** + * Compares two strings for equality, ignoring case. The second + * argument must contain only upper-case ASCII characters. + * We don't want case comparison to be locale-dependent (else we + * have the notorious "turkish i bug"). + */ + private boolean equalsIgnoreCase(String s, String upper) { + assert upper.toUpperCase(java.util.Locale.ENGLISH).equals(upper); + int len; + if ((len = s.length()) != upper.length()) + return false; + for (int i = 0; i < len; i++) { + char c1 = s.charAt(i); + char c2 = upper.charAt(i); + if (c1 != c2 && toUpperCaseASCII(c1) != c2) + return false; + } + return true; + } + + /** + * Updates an existing jar file. */ boolean update(InputStream in, OutputStream out, InputStream newManifest, @@ -487,8 +523,6 @@ ZipOutputStream zos = new JarOutputStream(out); ZipEntry e = null; boolean foundManifest = false; - byte[] buf = new byte[1024]; - int n = 0; boolean updateOk = true; if (jarIndex != null) { @@ -499,10 +533,9 @@ while ((e = zis.getNextEntry()) != null) { String name = e.getName(); - boolean isManifestEntry = name.toUpperCase( - java.util.Locale.ENGLISH). - equals(MANIFEST); - if ((name.toUpperCase().equals(INDEX) && jarIndex != null) + boolean isManifestEntry = equalsIgnoreCase(name, MANIFEST_NAME); + + if ((jarIndex != null && equalsIgnoreCase(name, INDEX_NAME)) || (Mflag && isManifestEntry)) { continue; } else if (isManifestEntry && ((newManifest != null) || @@ -513,9 +546,9 @@ // might need it below, and we can't re-read the same data // twice. FileInputStream fis = new FileInputStream(mname); - boolean ambigous = isAmbigousMainClass(new Manifest(fis)); + boolean ambiguous = isAmbiguousMainClass(new Manifest(fis)); fis.close(); - if (ambigous) { + if (ambiguous) { return false; } } @@ -539,9 +572,7 @@ e2.setCrc(e.getCrc()); } zos.putNextEntry(e2); - while ((n = zis.read(buf, 0, buf.length)) != -1) { - zos.write(buf, 0, n); - } + copy(zis, zos); } else { // replace with the new files File f = entryMap.get(name); addFile(zos, f); @@ -558,7 +589,7 @@ if (!foundManifest) { if (newManifest != null) { Manifest m = new Manifest(newManifest); - updateOk = !isAmbigousMainClass(m); + updateOk = !isAmbiguousMainClass(m); if (updateOk) { updateManifest(m, zos); } @@ -575,23 +606,16 @@ private void addIndex(JarIndex index, ZipOutputStream zos) throws IOException { - ZipEntry e = new ZipEntry(INDEX); + ZipEntry e = new ZipEntry(INDEX_NAME); e.setTime(System.currentTimeMillis()); if (flag0) { - e.setMethod(ZipEntry.STORED); - File ifile = File.createTempFile("index", null, new File(".")); - BufferedOutputStream bos = new BufferedOutputStream - (new FileOutputStream(ifile)); - index.write(bos); - crc32File(e, ifile); - bos.close(); - ifile.delete(); + CRC32OutputStream os = new CRC32OutputStream(); + index.write(os); + os.updateEntry(e); } zos.putNextEntry(e); index.write(zos); - if (vflag) { - // output(getMsg("out.update.manifest")); - } + zos.closeEntry(); } private void updateManifest(Manifest m, ZipOutputStream zos) @@ -602,10 +626,9 @@ if (ename != null) { addMainClass(m, ename); } - ZipEntry e = new ZipEntry(MANIFEST); + ZipEntry e = new ZipEntry(MANIFEST_NAME); e.setTime(System.currentTimeMillis()); if (flag0) { - e.setMethod(ZipEntry.STORED); crc32Manifest(e, m); } zos.putNextEntry(e); @@ -620,7 +643,8 @@ name = name.replace(File.separatorChar, '/'); String matchPath = ""; for (String path : paths) { - if (name.startsWith(path) && (path.length() > matchPath.length())) { + if (name.startsWith(path) + && (path.length() > matchPath.length())) { matchPath = path; } } @@ -658,7 +682,7 @@ global.put(Attributes.Name.MAIN_CLASS, mainApp); } - private boolean isAmbigousMainClass(Manifest m) { + private boolean isAmbiguousMainClass(Manifest m) { if (ename != null) { Attributes global = m.getMainAttributes(); if ((global.get(Attributes.Name.MAIN_CLASS) != null)) { @@ -670,7 +694,7 @@ return false; } - /* + /** * Adds a new file entry to the ZIP output stream. */ void addFile(ZipOutputStream zos, File file) throws IOException { @@ -684,7 +708,7 @@ if (name.equals("") || name.equals(".") || name.equals(zname)) { return; - } else if ((name.equals(MANIFEST_DIR) || name.equals(MANIFEST)) + } else if ((name.equals(MANIFEST_DIR) || name.equals(MANIFEST_NAME)) && !Mflag) { if (vflag) { output(formatMsg("out.ignore.entry", name)); @@ -704,19 +728,11 @@ e.setSize(0); e.setCrc(0); } else if (flag0) { - e.setSize(size); - e.setMethod(ZipEntry.STORED); crc32File(e, file); } zos.putNextEntry(e); if (!isDir) { - byte[] buf = new byte[8192]; - int len; - InputStream is = new BufferedInputStream(new FileInputStream(file)); - while ((len = is.read(buf, 0, buf.length)) != -1) { - zos.write(buf, 0, len); - } - is.close(); + copy(file, zos); } zos.closeEntry(); /* report how much compression occurred. */ @@ -737,39 +753,83 @@ } } - /* - * compute the crc32 of a file. This is necessary when the ZipOutputStream - * is in STORED mode. + /** + * A buffer for use only by copy(InputStream, OutputStream). + * Not as clean as allocating a new buffer as needed by copy, + * but significantly more efficient. */ - private void crc32Manifest(ZipEntry e, Manifest m) throws IOException { - crc32.reset(); - CRC32OutputStream os = new CRC32OutputStream(crc32); - m.write(os); - e.setSize((long) os.n); - e.setCrc(crc32.getValue()); + private byte[] copyBuf = new byte[8192]; + + /** + * Copies all bytes from the input stream to the output stream. + * Does not close or flush either stream. + * + * @param from the input stream to read from + * @param to the output stream to write to + * @throws IOException if an I/O error occurs + */ + private void copy(InputStream from, OutputStream to) throws IOException { + int n; + while ((n = from.read(copyBuf)) != -1) + to.write(copyBuf, 0, n); } - /* - * compute the crc32 of a file. This is necessary when the ZipOutputStream - * is in STORED mode. + /** + * Copies all bytes from the input file to the output stream. + * Does not close or flush the output stream. + * + * @param from the input file to read from + * @param to the output stream to write to + * @throws IOException if an I/O error occurs + */ + private void copy(File from, OutputStream to) throws IOException { + InputStream in = new FileInputStream(from); + try { + copy(in, to); + } finally { + in.close(); + } + } + + /** + * Copies all bytes from the input stream to the output file. + * Does not close the input stream. + * + * @param from the input stream to read from + * @param to the output file to write to + * @throws IOException if an I/O error occurs + */ + private void copy(InputStream from, File to) throws IOException { + OutputStream out = new FileOutputStream(to); + try { + copy(from, out); + } finally { + out.close(); + } + } + + /** + * Computes the crc32 of a Manifest. This is necessary when the + * ZipOutputStream is in STORED mode. + */ + private void crc32Manifest(ZipEntry e, Manifest m) throws IOException { + CRC32OutputStream os = new CRC32OutputStream(); + m.write(os); + os.updateEntry(e); + } + + /** + * Computes the crc32 of a File. This is necessary when the + * ZipOutputStream is in STORED mode. */ private void crc32File(ZipEntry e, File f) throws IOException { - InputStream is = new BufferedInputStream(new FileInputStream(f)); - byte[] buf = new byte[8192]; - crc32.reset(); - int r = 0; - int nread = 0; - long len = f.length(); - while ((r = is.read(buf)) != -1) { - nread += r; - crc32.update(buf, 0, r); - } - is.close(); - if (nread != (int) len) { + CRC32OutputStream os = new CRC32OutputStream(); + copy(f, os); + if (os.n != f.length()) { throw new JarException(formatMsg( "error.incorrect.length", f.getPath())); } - e.setCrc(crc32.getValue()); + os.updateEntry(e); } void replaceFSC(String files[]) { @@ -780,6 +840,7 @@ } } + @SuppressWarnings("serial") Set newDirSet() { return new HashSet() { public boolean add(ZipEntry e) { @@ -797,7 +858,7 @@ } } - /* + /** * Extracts specified entries from JAR file. */ void extract(InputStream in, String files[]) throws IOException { @@ -827,7 +888,7 @@ updateLastModifiedTime(dirs); } - /* + /** * Extracts specified entries from JAR file, via ZipFile. */ void extract(String fname, String files[]) throws IOException { @@ -853,7 +914,7 @@ updateLastModifiedTime(dirs); } - /* + /** * Extracts next entry from JAR file, creating directories as needed. If * the entry is for a directory which doesn't exist prior to this * invocation, returns that entry, otherwise returns null. @@ -888,19 +949,13 @@ "error.create.dir", d.getPath())); } } - OutputStream os = new FileOutputStream(f); - byte[] b = new byte[8192]; - int len; try { - while ((len = is.read(b, 0, b.length)) != -1) { - os.write(b, 0, len); - } + copy(is, f); } finally { if (is instanceof ZipInputStream) ((ZipInputStream)is).closeEntry(); else is.close(); - os.close(); } if (vflag) { if (e.getMethod() == ZipEntry.DEFLATED) { @@ -919,7 +974,7 @@ return rc; } - /* + /** * Lists contents of JAR file. */ void list(InputStream in, String files[]) throws IOException { @@ -937,7 +992,7 @@ } } - /* + /** * Lists contents of JAR file, via ZipFile. */ void list(String fname, String files[]) throws IOException { @@ -950,32 +1005,38 @@ } /** - * Output the class index table to the INDEX.LIST file of the + * Outputs the class index table to the INDEX.LIST file of the * root jar file. */ void dumpIndex(String rootjar, JarIndex index) throws IOException { - File scratchFile = File.createTempFile("scratch", null, new File(".")); File jarFile = new File(rootjar); - boolean updateOk = update(new FileInputStream(jarFile), - new FileOutputStream(scratchFile), - null, index); - jarFile.delete(); - if (!scratchFile.renameTo(jarFile)) { - scratchFile.delete(); - throw new IOException(getMsg("error.write.file")); + Path jarPath = jarFile.toPath(); + Path tmpPath = createTempFileInSameDirectoryAs(jarFile).toPath(); + try { + if (update(jarPath.newInputStream(), + tmpPath.newOutputStream(), + null, index)) { + try { + tmpPath.moveTo(jarPath, REPLACE_EXISTING); + } catch (IOException e) { + throw new IOException(getMsg("error.write.file"), e); + } + } + } finally { + tmpPath.deleteIfExists(); } - scratchFile.delete(); } - private Hashtable jarTable = new Hashtable(); - /* - * Generate the transitive closure of the Class-Path attribute for + private HashSet jarPaths = new HashSet(); + + /** + * Generates the transitive closure of the Class-Path attribute for * the specified jar file. */ - Vector getJarPath(String jar) throws IOException { - Vector files = new Vector(); + List getJarPath(String jar) throws IOException { + List files = new ArrayList(); files.add(jar); - jarTable.put(jar, jar); + jarPaths.add(jar); // take out the current path String path = jar.substring(0, Math.max(0, jar.lastIndexOf('/') + 1)); @@ -998,7 +1059,7 @@ if (!ajar.endsWith("/")) { // it is a jar file ajar = path.concat(ajar); /* check on cyclic dependency */ - if (jarTable.get(ajar) == null) { + if (! jarPaths.contains(ajar)) { files.addAll(getJarPath(ajar)); } } @@ -1012,10 +1073,10 @@ } /** - * Generate class index file for the specified root jar file. + * Generates class index file for the specified root jar file. */ void genIndex(String rootjar, String[] files) throws IOException { - Vector jars = getJarPath(rootjar); + List jars = getJarPath(rootjar); int njars = jars.size(); String[] jarfiles; @@ -1027,12 +1088,12 @@ } njars = jars.size(); } - jarfiles = (String[])jars.toArray(new String[njars]); + jarfiles = jars.toArray(new String[njars]); JarIndex index = new JarIndex(jarfiles); dumpIndex(rootjar, index); } - /* + /** * Prints entry information, if requested. */ void printEntry(ZipEntry e, String[] files) throws IOException { @@ -1049,7 +1110,7 @@ } } - /* + /** * Prints entry information. */ void printEntry(ZipEntry e) throws IOException { @@ -1067,21 +1128,21 @@ } } - /* - * Print usage message and die. + /** + * Prints usage message. */ void usageError() { error(getMsg("usage")); } - /* + /** * A fatal exception has been caught. No recovery possible */ void fatalError(Exception e) { e.printStackTrace(); } - /* + /** * A fatal condition has been detected; message is "s". * No recovery possible */ @@ -1103,39 +1164,43 @@ err.println(s); } - /* + /** * Main routine to start program. */ public static void main(String args[]) { Main jartool = new Main(System.out, System.err, "jar"); System.exit(jartool.run(args) ? 0 : 1); } -} -/* - * an OutputStream that doesn't send its output anywhere, (but could). - * It's here to find the CRC32 of a manifest, necessary for STORED only - * mode in ZIP. - */ -final class CRC32OutputStream extends java.io.OutputStream { - CRC32 crc; - int n = 0; - CRC32OutputStream(CRC32 crc) { - this.crc = crc; - } + /** + * An OutputStream that doesn't send its output anywhere, (but could). + * It's here to find the CRC32 of an input file, necessary for STORED + * mode in ZIP. + */ + private static class CRC32OutputStream extends java.io.OutputStream { + final CRC32 crc = new CRC32(); + long n = 0; + + CRC32OutputStream() {} - public void write(int r) throws IOException { - crc.update(r); - n++; - } + public void write(int r) throws IOException { + crc.update(r); + n++; + } + + public void write(byte[] b, int off, int len) throws IOException { + crc.update(b, off, len); + n += len; + } - public void write(byte[] b) throws IOException { - crc.update(b, 0, b.length); - n += b.length; - } - - public void write(byte[] b, int off, int len) throws IOException { - crc.update(b, off, len); - n += len - off; + /** + * Updates a ZipEntry which describes the data read by this + * output stream, in STORED mode. + */ + public void updateEntry(ZipEntry e) { + e.setMethod(ZipEntry.STORED); + e.setSize(n); + e.setCrc(crc.getValue()); + } } } diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/share/demo/jvmti/java_crw_demo/java_crw_demo.c --- a/jdk/src/share/demo/jvmti/java_crw_demo/java_crw_demo.c Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/share/demo/jvmti/java_crw_demo/java_crw_demo.c Wed Jul 05 16:56:52 2017 +0200 @@ -263,8 +263,8 @@ (void)sprintf(buf, "CRW ASSERTION FAILURE: %s (%s:%s:%d)", condition, - ci->name==0?"?":ci->name, - mi->name==0?"?":mi->name, + ci->name==NULL?"?":ci->name, + (mi==NULL||mi->name==NULL)?"?":mi->name, byte_code_offset); fatal_error(ci, buf, file, line); } diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/solaris/classes/sun/awt/X11/XBaseWindow.java --- a/jdk/src/solaris/classes/sun/awt/X11/XBaseWindow.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/solaris/classes/sun/awt/X11/XBaseWindow.java Wed Jul 05 16:56:52 2017 +0200 @@ -1000,10 +1000,7 @@ int buttonState = 0; final int buttonsNumber = ((SunToolkit)(Toolkit.getDefaultToolkit())).getNumberOfButtons(); for (int i = 0; i +#include #include #include #include diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/solaris/native/java/net/Inet6AddressImpl.c --- a/jdk/src/solaris/native/java/net/Inet6AddressImpl.c Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/solaris/native/java/net/Inet6AddressImpl.c Wed Jul 05 16:56:52 2017 +0200 @@ -24,6 +24,7 @@ */ #include +#include #include #include #include diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/windows/classes/sun/awt/windows/WToolkit.java --- a/jdk/src/windows/classes/sun/awt/windows/WToolkit.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/windows/classes/sun/awt/windows/WToolkit.java Wed Jul 05 16:56:52 2017 +0200 @@ -886,14 +886,12 @@ * this should be done in lazilyLoadDesktopProperty() only. */ protected synchronized void initializeDesktopProperties() { - desktopProperties.put("DnD.Autoscroll.initialDelay", Integer.valueOf(50)); - desktopProperties.put("DnD.Autoscroll.interval", Integer.valueOf(50)); - - try { - desktopProperties.put("Shell.shellFolderManager", - Class.forName("sun.awt.shell.Win32ShellFolderManager2")); - } catch (ClassNotFoundException ex) { - } + desktopProperties.put("DnD.Autoscroll.initialDelay", + Integer.valueOf(50)); + desktopProperties.put("DnD.Autoscroll.interval", + Integer.valueOf(50)); + desktopProperties.put("Shell.shellFolderManager", + "sun.awt.shell.Win32ShellFolderManager2"); } /* diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/windows/classes/sun/awt/windows/WWindowPeer.java --- a/jdk/src/windows/classes/sun/awt/windows/WWindowPeer.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/windows/classes/sun/awt/windows/WWindowPeer.java Wed Jul 05 16:56:52 2017 +0200 @@ -194,8 +194,7 @@ // default value of a boolean field is 'false', so set isOpaque to // true here explicitly this.isOpaque = true; - Color bgColor = ((Window)target).getBackground(); - setOpaque((bgColor == null) || (bgColor.getAlpha() == 255)); + setOpaque(((Window)target).isOpaque()); } } diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/windows/native/java/lang/java_props_md.c --- a/jdk/src/windows/native/java/lang/java_props_md.c Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/windows/native/java/lang/java_props_md.c Wed Jul 05 16:56:52 2017 +0200 @@ -714,10 +714,10 @@ * Windows XP 64 bit 5 2 * where ((&ver.wServicePackMinor) + 2) = 1 * and si.wProcessorArchitecture = 9 - * Windows Vista family 6 0 - * Windows 2008 6 0 - * where ((&ver.wServicePackMinor) + 2) = 1 - * Windows 7 6 1 + * Windows Vista family 6 0 (VER_NT_WORKSTATION) + * Windows Server 2008 6 0 (!VER_NT_WORKSTATION) + * Windows 7 6 1 (VER_NT_WORKSTATION) + * Windows Server 2008 R2 6 1 (!VER_NT_WORKSTATION) * * This mapping will presumably be augmented as new Windows * versions are released. @@ -768,14 +768,7 @@ } } else if (ver.dwMajorVersion == 6) { /* - * From MSDN OSVERSIONINFOEX documentation: - * - * "Because the version numbers for Windows Server 2008 - * and Windows Vista are identical, you must also test - * whether the wProductType member is VER_NT_WORKSTATION. - * If wProductType is VER_NT_WORKSTATION, the operating - * system is Windows Vista or 7; otherwise, it is Windows - * Server 2008." + * See table in MSDN OSVERSIONINFOEX documentation. */ if (ver.wProductType == VER_NT_WORKSTATION) { switch (ver.dwMinorVersion) { @@ -784,7 +777,11 @@ default: sprops.os_name = "Windows NT (unknown)"; } } else { - sprops.os_name = "Windows Server 2008"; + switch (ver.dwMinorVersion) { + case 0: sprops.os_name = "Windows Server 2008"; break; + case 1: sprops.os_name = "Windows Server 2008 R2"; break; + default: sprops.os_name = "Windows NT (unknown)"; + } } } else { sprops.os_name = "Windows NT (unknown)"; diff -r ec9f33978e19 -r 8d087823b8b7 jdk/src/windows/native/sun/windows/ShellFolder2.cpp --- a/jdk/src/windows/native/sun/windows/ShellFolder2.cpp Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/src/windows/native/sun/windows/ShellFolder2.cpp Wed Jul 05 16:56:52 2017 +0200 @@ -1,5 +1,5 @@ /* - * Copyright 2003-2008 Sun Microsystems, Inc. All Rights Reserved. + * Copyright 2003-2009 Sun Microsystems, Inc. All Rights Reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -981,6 +981,15 @@ hBitmap = (HBITMAP)LoadImage(libShell32, IS_WINVISTA ? TEXT("IDB_TB_SH_DEF_16") : MAKEINTRESOURCE(216), IMAGE_BITMAP, 0, 0, LR_CREATEDIBSECTION); + + if (hBitmap == NULL) { + // version of shell32.dll doesn't match OS version. + // So we either are in a Vista Compatibility Mode + // or shell32.dll was copied from OS of another version + hBitmap = (HBITMAP)LoadImage(libShell32, + IS_WINVISTA ? MAKEINTRESOURCE(216) : TEXT("IDB_TB_SH_DEF_16"), + IMAGE_BITMAP, 0, 0, LR_CREATEDIBSECTION); + } } if (hBitmap == NULL) { libComCtl32 = LoadLibrary(TEXT("comctl32.dll")); diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/demo/jvmti/hprof/HelloWorld.java --- a/jdk/test/demo/jvmti/hprof/HelloWorld.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/test/demo/jvmti/hprof/HelloWorld.java Wed Jul 05 16:56:52 2017 +0200 @@ -24,7 +24,7 @@ /* HelloWorld: * - * Sample target appluication for HPROF tests + * Sample target application for HPROF tests * */ diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/demo/jvmti/hprof/StackMapTableTest.java --- a/jdk/test/demo/jvmti/hprof/StackMapTableTest.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/test/demo/jvmti/hprof/StackMapTableTest.java Wed Jul 05 16:56:52 2017 +0200 @@ -23,11 +23,11 @@ /* @test - * @bug 6266289 6299047 + * @bug 6266289 6299047 6855180 6855551 * @summary Test jvmti hprof and java_crw_demo with StackMapTable attributes * * @compile ../DemoRun.java - * @compile -source 1.6 -g:lines HelloWorld.java + * @compile -source 7 -g:lines HelloWorld.java * @build StackMapTableTest * @run main StackMapTableTest HelloWorld */ diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/java/awt/Robot/CtorTest/CtorTest.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/awt/Robot/CtorTest/CtorTest.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,71 @@ +/* + * Copyright (c) 2009 Sun Microsystems, Inc. All Rights Reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, + * CA 95054 USA or visit www.sun.com if you need additional information or + * have any questions. + */ + +/* + @test + @bug 6855323 + @summary Robot(GraphicsDevice) constructor initializes LEGAL_BUTTON_MASK variable improperly + @author Dmitry Cherepanov area=awt.robot + @run main CtorTest +*/ + +/** + * CtorRobot.java + * + * summary: creates Robot using one parameter constructor + */ + +import java.awt.*; +import java.awt.event.*; + +import sun.awt.SunToolkit; + +public class CtorTest +{ + public static void main(String []s) throws Exception + { + // one parameter constructor + GraphicsDevice graphicsDevice = GraphicsEnvironment. + getLocalGraphicsEnvironment().getDefaultScreenDevice(); + Robot robot = new Robot(graphicsDevice); + clickOnFrame(robot); + } + + // generate mouse events + private static void clickOnFrame(Robot robot) { + Frame frame = new Frame(); + frame.setBounds(100, 100, 100, 100); + frame.setVisible(true); + + ((SunToolkit)Toolkit.getDefaultToolkit()).realSync(); + + // click in the middle of the frame + robot.mouseMove(150, 150); + robot.delay(50); + robot.mousePress(InputEvent.BUTTON1_MASK); + robot.delay(50); + robot.mouseRelease(InputEvent.BUTTON1_MASK); + + ((SunToolkit)Toolkit.getDefaultToolkit()).realSync(); + } +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/java/awt/TrayIcon/CtorTest/CtorTest.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/awt/TrayIcon/CtorTest/CtorTest.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,53 @@ +/* + * Copyright (c) 2009 Sun Microsystems, Inc. All Rights Reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, + * CA 95054 USA or visit www.sun.com if you need additional information or + * have any questions. + */ + +/* + @test + @bug 6759726 + @summary TrayIcon constructor throws NPE instead of documented IAE + @author Dmitry Cherepanov area=awt.tray + @run main CtorTest +*/ + +/** + * CtorTest.java + * + * summary: TrayIcon ctor throws IAE if image is null + */ + +import java.awt.*; + +public class CtorTest +{ + public static void main(String []s) + { + boolean isSupported = SystemTray.isSupported(); + if (isSupported) { + try { + TrayIcon tray = new TrayIcon(null); + } catch(IllegalArgumentException e) { + // ctor should throw IAE + } + } + } +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/java/awt/Window/OwnedWindowsLeak/OwnedWindowsLeak.java --- a/jdk/test/java/awt/Window/OwnedWindowsLeak/OwnedWindowsLeak.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/test/java/awt/Window/OwnedWindowsLeak/OwnedWindowsLeak.java Wed Jul 05 16:56:52 2017 +0200 @@ -65,6 +65,7 @@ break; } } + garbage = null; // Third, make sure all the weak references are null for (WeakReference ref : children) diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/java/awt/Window/SetBackgroundNPE/SetBackgroundNPE.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/awt/Window/SetBackgroundNPE/SetBackgroundNPE.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,38 @@ +/* + * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, + * CA 95054 USA or visit www.sun.com if you need additional information or + * have any questions. + */ + +/* + @test + @bug 6853916 + @summary Window.setBackground() should not throw NPE + @author anthony.petrov@sun.com: area=awt.toplevel + @run main SetBackgroundNPE +*/ + +import java.awt.Window; + +public class SetBackgroundNPE { + public static void main(String args[]) { + new Window(null).setBackground(null); + } +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/java/awt/event/MouseWheelEvent/DisabledComponent/DisabledComponent.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/awt/event/MouseWheelEvent/DisabledComponent/DisabledComponent.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,107 @@ +/* + * Copyright (c) 2009 Sun Microsystems, Inc. All Rights Reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, + * CA 95054 USA or visit www.sun.com if you need additional information or + * have any questions. + */ + +/* + @test + @bug 6847958 + @library ../../../regtesthelpers + @summary MouseWheel event is getting triggered for the disabled Textarea in jdk7 b60 pit build. + @author Dmitry Cherepanov: area=awt.event + @build Util + @run main DisabledComponent +*/ + +/** + * DisabledComponent.java + * + * summary: Tests that wheel events aren't coming on disabled component + */ + +import java.awt.*; +import java.awt.event.*; + +import sun.awt.SunToolkit; + +import test.java.awt.regtesthelpers.Util; + +public class DisabledComponent +{ + + private static volatile boolean passed = true; + + public static void main(String []s) throws Exception + { + Frame frame = new Frame(); + frame.setBounds(100,100,400,400); + frame.setLayout(new FlowLayout()); + + TextArea textArea = new TextArea("TextArea", 6, 15); + frame.add(textArea); + + List list = new List(3); + list.add("1"); + list.add("2"); + list.add("3"); + frame.add(list); + + MouseWheelListener listener = new MouseWheelListener(){ + @Override + public void mouseWheelMoved(MouseWheelEvent mwe){ + System.err.println(mwe); + passed = false; + } + }; + + + list.addMouseWheelListener(listener); + textArea.addMouseWheelListener(listener); + + frame.setVisible(true); + ((SunToolkit)Toolkit.getDefaultToolkit()).realSync(); + + Robot robot = new Robot(); + + // point and wheel on the list + Util.pointOnComp(list, robot); + ((SunToolkit)Toolkit.getDefaultToolkit()).realSync(); + + robot.mouseWheel(2); + ((SunToolkit)Toolkit.getDefaultToolkit()).realSync(); + + // disable the text area + System.err.println(" disable text area "); + textArea.setEnabled(false); + passed = true; + + // point and wheel on the text area + Util.pointOnComp(textArea, robot); + ((SunToolkit)Toolkit.getDefaultToolkit()).realSync(); + + robot.mouseWheel(2); + ((SunToolkit)Toolkit.getDefaultToolkit()).realSync(); + + if (!passed) { + throw new RuntimeException(" wrong wheel events "); + } + } +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/java/beans/Introspector/6380849/TestBeanInfo.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/beans/Introspector/6380849/TestBeanInfo.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,102 @@ +/** + * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, + * CA 95054 USA or visit www.sun.com if you need additional information or + * have any questions. + */ + +/* + * @test + * @bug 6380849 + * @summary Tests BeanInfo finder + * @author Sergey Malenkov + */ + +import beans.FirstBean; +import beans.FirstBeanBeanInfo; +import beans.SecondBean; +import beans.ThirdBean; + +import infos.SecondBeanBeanInfo; +import infos.ThirdBeanBeanInfo; + +import java.beans.BeanInfo; +import java.beans.Introspector; +import java.lang.reflect.Field; + +import sun.awt.SunToolkit; + +public class TestBeanInfo implements Runnable { + + private static final String[] SEARCH_PATH = { "infos" }; // NON-NLS: package name + + public static void main(String[] args) throws InterruptedException { + TestBeanInfo test = new TestBeanInfo(); + test.run(); + // the following tests fails on previous build + ThreadGroup group = new ThreadGroup("$$$"); // NON-NLS: unique thread name + Thread thread = new Thread(group, test); + thread.start(); + thread.join(); + } + + private static void test(Class type, Class expected) { + BeanInfo actual; + try { + actual = Introspector.getBeanInfo(type); + type = actual.getClass(); + Field field = type.getDeclaredField("targetBeanInfo"); // NON-NLS: field name + field.setAccessible(true); + actual = (BeanInfo) field.get(actual); + } + catch (Exception exception) { + throw new Error("unexpected error", exception); + } + if ((actual == null) && (expected != null)) { + throw new Error("expected info is not found"); + } + if ((actual != null) && !actual.getClass().equals(expected)) { + throw new Error("found unexpected info"); + } + } + + private boolean passed; + + public void run() { + if (this.passed) { + SunToolkit.createNewAppContext(); + } + Introspector.flushCaches(); + + test(FirstBean.class, FirstBeanBeanInfo.class); + test(SecondBean.class, null); + test(ThirdBean.class, null); + test(ThirdBeanBeanInfo.class, ThirdBeanBeanInfo.class); + + Introspector.setBeanInfoSearchPath(SEARCH_PATH); + Introspector.flushCaches(); + + test(FirstBean.class, FirstBeanBeanInfo.class); + test(SecondBean.class, SecondBeanBeanInfo.class); + test(ThirdBean.class, null); + test(ThirdBeanBeanInfo.class, ThirdBeanBeanInfo.class); + + this.passed = true; + } +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/java/beans/Introspector/6380849/beans/FirstBean.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/beans/Introspector/6380849/beans/FirstBean.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,4 @@ +package beans; + +public class FirstBean { +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/java/beans/Introspector/6380849/beans/FirstBeanBeanInfo.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/beans/Introspector/6380849/beans/FirstBeanBeanInfo.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,11 @@ +package beans; + +import java.beans.BeanDescriptor; +import java.beans.SimpleBeanInfo; + +public class FirstBeanBeanInfo extends SimpleBeanInfo { + @Override + public BeanDescriptor getBeanDescriptor() { + return new BeanDescriptor(FirstBean.class); + } +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/java/beans/Introspector/6380849/beans/SecondBean.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/beans/Introspector/6380849/beans/SecondBean.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,4 @@ +package beans; + +public class SecondBean { +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/java/beans/Introspector/6380849/beans/ThirdBean.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/beans/Introspector/6380849/beans/ThirdBean.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,4 @@ +package beans; + +public class ThirdBean { +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/java/beans/Introspector/6380849/infos/SecondBeanBeanInfo.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/beans/Introspector/6380849/infos/SecondBeanBeanInfo.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,13 @@ +package infos; + +import beans.SecondBean; + +import java.beans.BeanDescriptor; +import java.beans.SimpleBeanInfo; + +public class SecondBeanBeanInfo extends SimpleBeanInfo { + @Override + public BeanDescriptor getBeanDescriptor() { + return new BeanDescriptor(SecondBean.class); + } +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/java/beans/Introspector/6380849/infos/ThirdBeanBeanInfo.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/beans/Introspector/6380849/infos/ThirdBeanBeanInfo.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,11 @@ +package infos; + +import java.beans.BeanDescriptor; +import java.beans.SimpleBeanInfo; + +public class ThirdBeanBeanInfo extends SimpleBeanInfo { + @Override + public BeanDescriptor getBeanDescriptor() { + return new BeanDescriptor(ThirdBeanBeanInfo.class); + } +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/java/beans/Introspector/Test6723447.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/beans/Introspector/Test6723447.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,88 @@ +/* + * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, + * CA 95054 USA or visit www.sun.com if you need additional information or + * have any questions. + */ + +/* + * @test + * @bug 6723447 + * @summary Tests return type for property setters + * @author Sergey Malenkov + */ + +import java.beans.IndexedPropertyDescriptor; +import java.beans.IntrospectionException; +import java.beans.Introspector; +import java.beans.PropertyDescriptor; +import java.lang.reflect.Method; +import java.math.BigDecimal; + +public class Test6723447 { + + public static void main(String[] args) { + test(Test6723447.class); + test(BigDecimal.class); + } + + private static void test(Class type) { + for (PropertyDescriptor pd : getPropertyDescriptors(type)) { + test(pd.getWriteMethod()); + if (pd instanceof IndexedPropertyDescriptor) { + IndexedPropertyDescriptor ipd = (IndexedPropertyDescriptor) pd; + test(ipd.getIndexedWriteMethod()); + } + } + } + + private static void test(Method method) { + if (method != null) { + Class type = method.getReturnType(); + if (!type.equals(void.class)) { + throw new Error("unexpected return type: " + type); + } + } + } + + private static PropertyDescriptor[] getPropertyDescriptors(Class type) { + try { + return Introspector.getBeanInfo(type).getPropertyDescriptors(); + } + catch (IntrospectionException exception) { + throw new Error("unexpected exception", exception); + } + } + + public Object getValue() { + return null; + } + + public Object setValue(Object value) { + return value; + } + + public Object getValues(int index) { + return null; + } + + public Object setValues(int index, Object value) { + return value; + } +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/java/beans/PropertyEditor/6380849/FirstBean.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/beans/PropertyEditor/6380849/FirstBean.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,2 @@ +public class FirstBean { +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/java/beans/PropertyEditor/6380849/FirstBeanEditor.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/beans/PropertyEditor/6380849/FirstBeanEditor.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,4 @@ +import java.beans.PropertyEditorSupport; + +public class FirstBeanEditor extends PropertyEditorSupport { +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/java/beans/PropertyEditor/6380849/SecondBean.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/beans/PropertyEditor/6380849/SecondBean.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,2 @@ +public class SecondBean { +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/java/beans/PropertyEditor/6380849/TestPropertyEditor.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/beans/PropertyEditor/6380849/TestPropertyEditor.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,141 @@ +/** + * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, + * CA 95054 USA or visit www.sun.com if you need additional information or + * have any questions. + */ + +/* + * @test + * @bug 6380849 + * @summary Tests PropertyEditor finder + * @author Sergey Malenkov + */ + +import editors.SecondBeanEditor; +import editors.ThirdBeanEditor; + +import java.awt.Color; +import java.awt.Font; +import java.beans.PropertyEditor; +import java.beans.PropertyEditorManager; + +import sun.awt.SunToolkit; +import sun.beans.editors.BooleanEditor; +import sun.beans.editors.ByteEditor; +import sun.beans.editors.ColorEditor; +import sun.beans.editors.DoubleEditor; +import sun.beans.editors.EnumEditor; +import sun.beans.editors.FloatEditor; +import sun.beans.editors.FontEditor; +import sun.beans.editors.IntegerEditor; +import sun.beans.editors.LongEditor; +import sun.beans.editors.ShortEditor; +import sun.beans.editors.StringEditor; + +public class TestPropertyEditor implements Runnable { + + private enum Enumeration { + FIRST, SECOND, THIRD + } + + private static final String[] SEARCH_PATH = { "editors" }; // NON-NLS: package name + + public static void main(String[] args) throws InterruptedException { + TestPropertyEditor test = new TestPropertyEditor(); + test.run(); + // the following tests fails on previous build + ThreadGroup group = new ThreadGroup("$$$"); // NON-NLS: unique thread name + Thread thread = new Thread(group, test); + thread.start(); + thread.join(); + } + + private static void test(Class type, Class expected) { + PropertyEditor actual = PropertyEditorManager.findEditor(type); + if ((actual == null) && (expected != null)) { + throw new Error("expected editor is not found"); + } + if ((actual != null) && !actual.getClass().equals(expected)) { + throw new Error("found unexpected editor"); + } + } + + private boolean passed; + + public void run() { + if (this.passed) { + SunToolkit.createNewAppContext(); + } + PropertyEditorManager.registerEditor(ThirdBean.class, ThirdBeanEditor.class); + + test(FirstBean.class, FirstBeanEditor.class); + test(SecondBean.class, null); + test(ThirdBean.class, ThirdBeanEditor.class); + // test editors for default primitive types + test(Byte.TYPE, ByteEditor.class); + test(Short.TYPE, ShortEditor.class); + test(Integer.TYPE, IntegerEditor.class); + test(Long.TYPE, LongEditor.class); + test(Boolean.TYPE, BooleanEditor.class); + test(Float.TYPE, FloatEditor.class); + test(Double.TYPE, DoubleEditor.class); + // test editors for default object types + test(Byte.class, ByteEditor.class); + test(Short.class, ShortEditor.class); + test(Integer.class, IntegerEditor.class); + test(Long.class, LongEditor.class); + test(Boolean.class, BooleanEditor.class); + test(Float.class, FloatEditor.class); + test(Double.class, DoubleEditor.class); + test(String.class, StringEditor.class); + test(Color.class, ColorEditor.class); + test(Font.class, FontEditor.class); + test(Enumeration.class, EnumEditor.class); + + PropertyEditorManager.registerEditor(ThirdBean.class, null); + PropertyEditorManager.setEditorSearchPath(SEARCH_PATH); + + test(FirstBean.class, FirstBeanEditor.class); + test(SecondBean.class, SecondBeanEditor.class); + test(ThirdBean.class, ThirdBeanEditor.class); + // test editors for default primitive types + test(Byte.TYPE, ByteEditor.class); + test(Short.TYPE, ShortEditor.class); + test(Integer.TYPE, IntegerEditor.class); + test(Long.TYPE, LongEditor.class); + test(Boolean.TYPE, BooleanEditor.class); + test(Float.TYPE, FloatEditor.class); + test(Double.TYPE, DoubleEditor.class); + // test editors for default object types + test(Byte.class, null); + test(Short.class, null); + test(Integer.class, null); + test(Long.class, null); + test(Boolean.class, null); + test(Float.class, null); + test(Double.class, null); + test(String.class, null); + test(Color.class, null); + test(Font.class, null); + test(Enumeration.class, EnumEditor.class); + + this.passed = true; + } +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/java/beans/PropertyEditor/6380849/ThirdBean.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/beans/PropertyEditor/6380849/ThirdBean.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,2 @@ +public class ThirdBean { +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/java/beans/PropertyEditor/6380849/editors/SecondBeanEditor.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/beans/PropertyEditor/6380849/editors/SecondBeanEditor.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,6 @@ +package editors; + +import java.beans.PropertyEditorSupport; + +public class SecondBeanEditor extends PropertyEditorSupport { +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/java/beans/PropertyEditor/6380849/editors/ThirdBeanEditor.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/beans/PropertyEditor/6380849/editors/ThirdBeanEditor.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,6 @@ +package editors; + +import java.beans.PropertyEditorSupport; + +public class ThirdBeanEditor extends PropertyEditorSupport { +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/java/beans/XMLEncoder/6329581/Test6329581.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/beans/XMLEncoder/6329581/Test6329581.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,75 @@ +/* + * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, + * CA 95054 USA or visit www.sun.com if you need additional information or + * have any questions. + */ + +/* + * @test + * @bug 6329581 + * @summary Tests encoding of a class with custom ClassLoader + * @author Sergey Malenkov + */ + +import java.beans.ExceptionListener; +import java.beans.XMLDecoder; +import java.beans.XMLEncoder; +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.File; +import java.net.URL; +import java.net.URLClassLoader; + +public class Test6329581 implements ExceptionListener { + + public static void main(String[] args) throws Exception { + ExceptionListener listener = new Test6329581(); + // write bean to byte array + ByteArrayOutputStream out = new ByteArrayOutputStream(); + XMLEncoder encoder = new XMLEncoder(out); + encoder.setExceptionListener(listener); + encoder.writeObject(getClassLoader("beans.jar").loadClass("test.Bean").newInstance()); + encoder.close(); + // read bean from byte array + ByteArrayInputStream in = new ByteArrayInputStream(out.toByteArray()); + XMLDecoder decoder = new XMLDecoder(in, null, listener, getClassLoader("beans.jar")); + Object object = decoder.readObject(); + decoder.close(); + + if (!object.getClass().getClassLoader().getClass().equals(URLClassLoader.class)) { + throw new Error("bean is loaded with unexpected class loader"); + } + } + + private static ClassLoader getClassLoader(String name) throws Exception { + StringBuilder sb = new StringBuilder(256); + sb.append("file:"); + sb.append(System.getProperty("test.src", ".")); + sb.append(File.separatorChar); + sb.append(name); + + URL[] url = { new URL(sb.toString()) }; + return new URLClassLoader(url); + } + + public void exceptionThrown(Exception exception) { + throw new Error("unexpected exception", exception); + } +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/java/beans/XMLEncoder/6380849/Bean.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/beans/XMLEncoder/6380849/Bean.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,2 @@ +public class Bean { +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/java/beans/XMLEncoder/6380849/BeanPersistenceDelegate.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/beans/XMLEncoder/6380849/BeanPersistenceDelegate.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,5 @@ +import java.beans.DefaultPersistenceDelegate; + +public class BeanPersistenceDelegate + extends DefaultPersistenceDelegate { +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/java/beans/XMLEncoder/6380849/TestPersistenceDelegate.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/beans/XMLEncoder/6380849/TestPersistenceDelegate.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,60 @@ +/** + * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, + * CA 95054 USA or visit www.sun.com if you need additional information or + * have any questions. + */ + +/* + * @test + * @bug 6380849 + * @summary Tests PersistenceDelegate finder + * @author Sergey Malenkov + */ + +import java.beans.PersistenceDelegate; +import java.beans.XMLEncoder; +import java.beans.DefaultPersistenceDelegate; + +public class TestPersistenceDelegate { + + private static final XMLEncoder ENCODER = new XMLEncoder(System.out); + + public static void main(String[] args) throws InterruptedException { + Class type = TestPersistenceDelegate.class; + test(type, DefaultPersistenceDelegate.class); + ENCODER.setPersistenceDelegate(type, new BeanPersistenceDelegate()); + test(type, BeanPersistenceDelegate.class); + ENCODER.setPersistenceDelegate(type, null); + test(type, DefaultPersistenceDelegate.class); + // the following tests fails on previous build + test(Bean.class, BeanPersistenceDelegate.class); + test(BeanPersistenceDelegate.class, BeanPersistenceDelegate.class); + } + + private static void test(Class type, Class expected) { + PersistenceDelegate actual = ENCODER.getPersistenceDelegate(type); + if ((actual == null) && (expected != null)) { + throw new Error("expected delegate is not found"); + } + if ((actual != null) && !actual.getClass().equals(expected)) { + throw new Error("found unexpected delegate"); + } + } +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/java/security/cert/CertPathBuilder/selfIssued/DisableRevocation.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/security/cert/CertPathBuilder/selfIssued/DisableRevocation.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,260 @@ +/* + * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, + * CA 95054 USA or visit www.sun.com if you need additional information or + * have any questions. + */ + +/** + * @test + * @bug 6852744 + * @summary PIT b61: PKI test suite fails because self signed certificates + * are being rejected + * @run main/othervm DisableRevocation subca + * @run main/othervm DisableRevocation subci + * @run main/othervm DisableRevocation alice + * @author Xuelei Fan + */ + +import java.io.*; +import java.net.SocketException; +import java.util.*; +import java.security.Security; +import java.security.cert.*; +import java.security.cert.CertPathValidatorException.BasicReason; +import sun.security.util.DerInputStream; + +/** + * A test case helps to ensure that a certification path building process is + * able to identify a self-issued certificate from its issuer when disable + * revocation checking. + */ +public final class DisableRevocation { + + // the trust anchor + static String selfSignedCertStr = + "-----BEGIN CERTIFICATE-----\n" + + "MIICPjCCAaegAwIBAgIBADANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ\n" + + "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA2MjgxMzMyMThaFw0zMDA2MDgxMzMyMTha\n" + + "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB\n" + + "AQUAA4GNADCBiQKBgQDInJhXi0655bPXAVkz1n5I6fAcZejzPnOPuwq3hU3OxFw8\n" + + "81Uf6o9oKI1h4w4XAD8u1cUNOgiX+wPwojronlp68bIfO6FVhNf287pLtLhNJo+7\n" + + "m6Qxw3ymFvEKy+PVj20CHSggdKHxUa4MBZBmHMFNBuxfYmjwzn+yTMmCCXOvSwID\n" + + "AQABo4GJMIGGMB0GA1UdDgQWBBSQ52Dpau+gtL+Kc31dusYnKj16ZTBHBgNVHSME\n" + + "QDA+gBSQ52Dpau+gtL+Kc31dusYnKj16ZaEjpCEwHzELMAkGA1UEBhMCVVMxEDAO\n" + + "BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAQYw\n" + + "DQYJKoZIhvcNAQEEBQADgYEAjBt6ea65HCqbGsS2rs/HhlGusYXtThRVC5vwXSey\n" + + "ZFYwSgukuq1KDzckqZFu1meNImEwdZjwxdN0e2p/nVREPC42rZliSj6V1ThayKXj\n" + + "DWEZW1U5aR8T+3NYfDrdKcJGx4Hzfz0qKz1j4ssV1M9ptJxYYv4y2Da+592IN1S9\n" + + "v/E=\n" + + "-----END CERTIFICATE-----"; + + // the sub-ca + static String subCaCertStr = + "-----BEGIN CERTIFICATE-----\n" + + "MIICUDCCAbmgAwIBAgIBAzANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ\n" + + "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA2MjgxMzMyMjRaFw0yOTAzMTUxMzMyMjRa\n" + + "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" + + "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPFv24SK78VI0gWlyIrq/X\n" + + "srl1431K5hJJxMYZtaQunyPmrYg3oI9KvKFykxnR0N4XDPaIi75p9dXGppVu80BA\n" + + "+csvIPBwlBQoNmKDQWTziDOqfK4tE+IMuL/Y7pxnH6CDMY7VGpvatty2zcmH+m/v\n" + + "E/n+HPyeELJQT2rT/3T+7wIDAQABo4GJMIGGMB0GA1UdDgQWBBRidC8Dt3dBzYES\n" + + "KpR2tR560sZ0+zBHBgNVHSMEQDA+gBSQ52Dpau+gtL+Kc31dusYnKj16ZaEjpCEw\n" + + "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" + + "AwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEEBQADgYEAMeMKqrMr5d3eTQsv\n" + + "MYOD15Dl3THQGLAa4ad5Eyq5/1eUeEOpztzCgDfi0iPD8YCubIEVasBTSqTiGXqb\n" + + "RpGuPHOwwfWvHrTeHSludiFBAUiKj7aEV+oQa0FBn4U4TT8HA62HQ93FhzTDI3jP\n" + + "iil34GktVl6gfMKGzUEW/Dh8OM4=\n" + + "-----END CERTIFICATE-----"; + + // a delegated CRL issuer, it's a self-issued certificate of trust anchor + static String topCrlIssuerCertStr = + "-----BEGIN CERTIFICATE-----\n" + + "MIICPjCCAaegAwIBAgIBAjANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ\n" + + "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA2MjgxMzMyMjNaFw0yOTAzMTUxMzMyMjNa\n" + + "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB\n" + + "AQUAA4GNADCBiQKBgQC99u93trf+WmpfiqunJy/P31ej1l4rESxft2JSGNjKuLFN\n" + + "/BO3SAugGJSkCARAwXjB0c8eeXhXWhVVWdNpbKepRJTxrjDfnFIavLgtUvmFwn/3\n" + + "hPXe+RQeA8+AJ99Y+o+10kY8JAZLa2j93C2FdmwOjUbo8aIz85yhbiV1tEDjLwID\n" + + "AQABo4GJMIGGMB0GA1UdDgQWBBSyFyA3XWLbdL6W6hksmBn7RKsQmDBHBgNVHSME\n" + + "QDA+gBSQ52Dpau+gtL+Kc31dusYnKj16ZaEjpCEwHzELMAkGA1UEBhMCVVMxEDAO\n" + + "BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAQYw\n" + + "DQYJKoZIhvcNAQEEBQADgYEAHTm8aRTeakgCfEBCgSWK9wvMW1c18ANGMm8OFDBk\n" + + "xabVy9BT0MVFHlaneh89oIxTZN0FMTpg21GZMAvIzhEt7DGdO7HLsW7JniN7/OZ0\n" + + "rACmpK5frmZrLS03zUm8c+rTbazNfYLoZVG3/mDZbKIi+4y8IGnFcgLVsHsYoBNP\n" + + "G0c=\n" + + "-----END CERTIFICATE-----"; + + // a delegated CRL issuer, it's a self-issued certificate of sub-ca + static String subCrlIssuerCertStr = + "-----BEGIN CERTIFICATE-----\n" + + "MIICUDCCAbmgAwIBAgIBBDANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ\n" + + "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA2MjgxMzMyMjdaFw0yOTAzMTUxMzMyMjda\n" + + "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" + + "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+8AcLJtGAVUWvv3ifcyQw\n" + + "OGqwzcPrBw/XCs6vTMlcdtFzcH1M+Z3/QHN9+5VT1gqeTIZ+b8g9005Og3XKy/HX\n" + + "obXZeLv20VZsr+jm52ySghEYOVCTJ9OyFOAp5adp6nf0cA66Feh3LsmVhpTEcDOG\n" + + "GnyntQm0DBYxRoOT/GBlvQIDAQABo4GJMIGGMB0GA1UdDgQWBBSRWhMuZLQoHSDN\n" + + "xhxr+vdDmfAY8jBHBgNVHSMEQDA+gBSQ52Dpau+gtL+Kc31dusYnKj16ZaEjpCEw\n" + + "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" + + "AwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEEBQADgYEAMIDZLdOLFiPyS1bh\n" + + "Ch4eUYHT+K1WG93skbga3kVYg3GSe+gctwkKwKK13bwfi8zc7wwz6MtmQwEYhppc\n" + + "pKKKEwi5QirBCP54rihLCvRQaj6ZqUJ6VP+zPAqHYMDbzlBbHtVF/1lQUP30I6SV\n" + + "Fu987DvLmZ2GuQA9FKJsnlD9pbU=\n" + + "-----END CERTIFICATE-----"; + + // the target EE certificate + static String targetCertStr = + "-----BEGIN CERTIFICATE-----\n" + + "MIICNzCCAaCgAwIBAgIBAjANBgkqhkiG9w0BAQQFADAxMQswCQYDVQQGEwJVUzEQ\n" + + "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA2MjgxMzMy\n" + + "MzBaFw0yOTAzMTUxMzMyMzBaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" + + "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" + + "9w0BAQEFAAOBjQAwgYkCgYEA7wnsvR4XEOfVznf40l8ClLod+7L0y2/+smVV+GM/\n" + + "T1/QF/stajAJxXNy08gK00WKZ6ruTHhR9vh/Z6+EQM2RZDCpU0A7LPa3kLE/XTmS\n" + + "1MLDu8ntkdlpURpvhdDWem+rl2HU5oZgzV8Jkcov9vXuSjqEDfr45FlPuV40T8+7\n" + + "cxsCAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSBwsAhi6Z1kriOs3ty\n" + + "uSIujv9a3DAfBgNVHSMEGDAWgBRidC8Dt3dBzYESKpR2tR560sZ0+zANBgkqhkiG\n" + + "9w0BAQQFAAOBgQDEiBqd5AMy2SQopFaS3dYkzj8MHlwtbCSoNVYkOfDnewcatrbk\n" + + "yFcp6FX++PMdOQFHWvvnDdkCUAzZQp8kCkF9tGLVLBtOK7XxQ1us1LZym7kOPzsd\n" + + "G93Dcf0U1JRO77juc61Br5paAy8Bok18Y/MeG7uKgB2MAEJYKhGKbCrfMw==\n" + + "-----END CERTIFICATE-----"; + + private static Set generateTrustAnchors() + throws CertificateException { + // generate certificate from cert string + CertificateFactory cf = CertificateFactory.getInstance("X.509"); + + ByteArrayInputStream is = + new ByteArrayInputStream(selfSignedCertStr.getBytes()); + Certificate selfSignedCert = cf.generateCertificate(is); + + // generate a trust anchor + TrustAnchor anchor = + new TrustAnchor((X509Certificate)selfSignedCert, null); + + return Collections.singleton(anchor); + } + + private static CertStore generateCertificateStore() throws Exception { + Collection entries = new HashSet(); + + // generate certificate from certificate string + CertificateFactory cf = CertificateFactory.getInstance("X.509"); + + ByteArrayInputStream is; + + is = new ByteArrayInputStream(targetCertStr.getBytes()); + Certificate cert = cf.generateCertificate(is); + entries.add(cert); + + is = new ByteArrayInputStream(subCaCertStr.getBytes()); + cert = cf.generateCertificate(is); + entries.add(cert); + + is = new ByteArrayInputStream(selfSignedCertStr.getBytes()); + cert = cf.generateCertificate(is); + entries.add(cert); + + is = new ByteArrayInputStream(topCrlIssuerCertStr.getBytes()); + cert = cf.generateCertificate(is); + entries.add(cert); + + is = new ByteArrayInputStream(subCrlIssuerCertStr.getBytes()); + cert = cf.generateCertificate(is); + entries.add(cert); + + return CertStore.getInstance("Collection", + new CollectionCertStoreParameters(entries)); + } + + private static X509CertSelector generateSelector(String name) + throws Exception { + X509CertSelector selector = new X509CertSelector(); + + // generate certificate from certificate string + CertificateFactory cf = CertificateFactory.getInstance("X.509"); + ByteArrayInputStream is = null; + if (name.equals("subca")) { + is = new ByteArrayInputStream(subCaCertStr.getBytes()); + } else if (name.equals("subci")) { + is = new ByteArrayInputStream(subCrlIssuerCertStr.getBytes()); + } else { + is = new ByteArrayInputStream(targetCertStr.getBytes()); + } + + X509Certificate target = (X509Certificate)cf.generateCertificate(is); + byte[] extVal = target.getExtensionValue("2.5.29.14"); + if (extVal != null) { + DerInputStream in = new DerInputStream(extVal); + byte[] subjectKID = in.getOctetString(); + selector.setSubjectKeyIdentifier(subjectKID); + } else { + // unlikely to happen. + throw new Exception("unexpected certificate: no SKID extension"); + } + + return selector; + } + + private static boolean match(String name, Certificate cert) + throws Exception { + X509CertSelector selector = new X509CertSelector(); + + // generate certificate from certificate string + CertificateFactory cf = CertificateFactory.getInstance("X.509"); + ByteArrayInputStream is = null; + if (name.equals("subca")) { + is = new ByteArrayInputStream(subCaCertStr.getBytes()); + } else if (name.equals("subci")) { + is = new ByteArrayInputStream(subCrlIssuerCertStr.getBytes()); + } else { + is = new ByteArrayInputStream(targetCertStr.getBytes()); + } + X509Certificate target = (X509Certificate)cf.generateCertificate(is); + + return target.equals(cert); + } + + + public static void main(String[] args) throws Exception { + CertPathBuilder builder = CertPathBuilder.getInstance("PKIX"); + + X509CertSelector selector = generateSelector(args[0]); + + Set anchors = generateTrustAnchors(); + CertStore certs = generateCertificateStore(); + + + PKIXBuilderParameters params = + new PKIXBuilderParameters(anchors, selector); + params.addCertStore(certs); + params.setRevocationEnabled(false); + params.setDate(new Date(109, 7, 1)); // 2009-07-01 + Security.setProperty("ocsp.enable", "false"); + System.setProperty("com.sun.security.enableCRLDP", "false"); + + PKIXCertPathBuilderResult result = + (PKIXCertPathBuilderResult)builder.build(params); + + if (!match(args[0], result.getCertPath().getCertificates().get(0))) { + throw new Exception("unexpected certificate"); + } + } +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/java/security/cert/CertPathBuilder/selfIssued/KeyUsageMatters.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/security/cert/CertPathBuilder/selfIssued/KeyUsageMatters.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,303 @@ +/* + * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, + * CA 95054 USA or visit www.sun.com if you need additional information or + * have any questions. + */ + +/** + * @test + * @bug 6852744 + * @summary PIT b61: PKI test suite fails because self signed certificates + * are being rejected + * @run main/othervm KeyUsageMatters subca + * @run main/othervm KeyUsageMatters subci + * @run main/othervm KeyUsageMatters alice + * @author Xuelei Fan + */ + +import java.io.*; +import java.net.SocketException; +import java.util.*; +import java.security.Security; +import java.security.cert.*; +import java.security.cert.CertPathValidatorException.BasicReason; +import sun.security.util.DerInputStream; + +/** + * KeyUsage extension plays a important rule during looking for the issuer + * of a certificate or CRL. A certificate issuer should have the keyCertSign + * bit set, and a CRL issuer should have the cRLSign bit set. + * + * Sometime, a delegated CRL issuer would also have the keyCertSign bit set, + * as would be troublesome to find the proper CRL issuer during certificate + * path build if the delegated CRL issuer is a self-issued certificate, for + * it is hard to identify it from its issuer by the "issuer" field only. + * + * The fix of 6852744 should addresses above issue, and allow a delegated CRL + * issuer to have keyCertSign bit set. + * + * In the test case, the delegated CRL issuers have cRLSign bit set only, and + * the CAs have the keyCertSign bit set only, it is expected to work before + * and after the bug fix of 6852744. + */ +public final class KeyUsageMatters { + + // the trust anchor + static String selfSignedCertStr = + "-----BEGIN CERTIFICATE-----\n" + + "MIICPjCCAaegAwIBAgIBADANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ\n" + + "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA0MjcwMjI0MzJaFw0zMDA0MDcwMjI0MzJa\n" + + "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB\n" + + "AQUAA4GNADCBiQKBgQC4OTag24sTxL2tXTNuvpmUEtdxrYAZoFsslFQ60T+WD9wQ\n" + + "Jeiw87FSPsR2vxRuv0j8DNm2a4h7LNNIFcLurfNldbz5pvgZ7VqdbbUMPE9qP85n\n" + + "jgDl4woyRTSUeRI4A7O0CO6NpES21dtbdhroWQrEkHxpnrDPxsxrz5gf2m3gqwID\n" + + "AQABo4GJMIGGMB0GA1UdDgQWBBSCJd0hpl5PdAD9IZS+Hzng4lXLGzBHBgNVHSME\n" + + "QDA+gBSCJd0hpl5PdAD9IZS+Hzng4lXLG6EjpCEwHzELMAkGA1UEBhMCVVMxEDAO\n" + + "BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAgQw\n" + + "DQYJKoZIhvcNAQEEBQADgYEAluy6HIjWcq009lTLmhp+Np6dxU78pInBK8RZkza0\n" + + "484qGaxFGD3UGyZkI5uWmsH2XuMbuox5khfIq6781gmkPBHXBIEtJN8eLusOHEye\n" + + "iE8h7WI+N3qa6Pj56WionMrioqC/3X+b06o147bbhx8U0vkYv/HyPaITOFfMXTdz\n" + + "Vjw=\n" + + "-----END CERTIFICATE-----"; + + // the sub-ca + static String subCaCertStr = + "-----BEGIN CERTIFICATE-----\n" + + "MIICUDCCAbmgAwIBAgIBAzANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ\n" + + "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA0MjcwMjI0MzRaFw0yOTAxMTIwMjI0MzRa\n" + + "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" + + "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCiAJnAQW2ad3ZMKUhSJVZj\n" + + "8pBqxTcHSTwAVguQkDglsN/OIwUpvR5Jgp3lpRWUEt6idEp0FZzORpvtjt3pr5MG\n" + + "Eg2CDptekC5BSPS+fIAIKlncB3HwOiFFhH6b3wTydDCdEd2fvsi4QMOSVrIYMeA8\n" + + "P/mCz6kRhfUQPE0CMmOUewIDAQABo4GJMIGGMB0GA1UdDgQWBBT0/nNP8WpyxmYr\n" + + "IBp4tN8y08jw2jBHBgNVHSMEQDA+gBSCJd0hpl5PdAD9IZS+Hzng4lXLG6EjpCEw\n" + + "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" + + "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEEBQADgYEAS9PzI6B39R/U9fRj\n" + + "UExzN1FXNP5awnAPtiv34kSCL6n6MryqkfG+8aaAOdZsSjmTylNFaF7cW/Xp1VBF\n" + + "hq0bg/SbEAbK7+UwL8GSC3crhULHLbh+1iFdVTEwxCw5YmB8ji3BaZ/WKW/PkjCZ\n" + + "7cXP6VDeZMG6oRQ4hbOcixoFPXo=\n" + + "-----END CERTIFICATE-----"; + + // a delegated CRL issuer, it's a self-issued certificate of trust anchor + static String topCrlIssuerCertStr = + "-----BEGIN CERTIFICATE-----\n" + + "MIICKzCCAZSgAwIBAgIBAjANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ\n" + + "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA0MjcwMjI0MzNaFw0yOTAxMTIwMjI0MzNa\n" + + "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB\n" + + "AQUAA4GNADCBiQKBgQDMJeBMBybHykI/YpwUJ4O9euqDSLb1kpWpceBS8TVqvgBC\n" + + "SgUJWtFZL0i6bdvF6mMdlbuBkGzhXqHiVAi96/zRLbUC9F8SMEJ6MuD+YhQ0ZFTQ\n" + + "atKy8zf8O9XzztelLJ26Gqb7QPV133WY3haAqHtCXOhEKkCN16NOYNC37DTaJwID\n" + + "AQABo3cwdTAdBgNVHQ4EFgQULXSWzXzUOIpOJpzbSCpW42IJUugwRwYDVR0jBEAw\n" + + "PoAUgiXdIaZeT3QA/SGUvh854OJVyxuhI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD\n" + + "VQQKEwdFeGFtcGxlggEAMAsGA1UdDwQEAwIBAjANBgkqhkiG9w0BAQQFAAOBgQAY\n" + + "eMnf5AHSNlyUlzXk8o2S0h4gCuvKX6C3kFfKuZcWvFAbx4yQOWLS2s15/nzR4+AP\n" + + "FGX3lgJjROyAh7fGedTQK+NFWwkM2ag1g3hXktnlnT1qHohi0w31nVBJxXEDO/Ck\n" + + "uJTpJGt8XxxbFaw5v7cHy7XuTAeU/sekvjEiNHW00Q==\n" + + "-----END CERTIFICATE-----"; + + // a delegated CRL issuer, it's a self-issued certificate of sub-ca + static String subCrlIssuerCertStr = + "-----BEGIN CERTIFICATE-----\n" + + "MIICPTCCAaagAwIBAgIBBDANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ\n" + + "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA0MjcwMjI0MzRaFw0yOTAxMTIwMjI0MzRa\n" + + "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" + + "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDWUtDQx2MB/7arDiquMJyd\n" + + "LWwSg6p8sg5z6wKrC1v47MT4DBhFX+0RUgTMUdQgYpgxGpczn+6y4zfV76064S0N\n" + + "4L/IQ+SunTW1w4yRGjB+xkyyJmWAqijG1nr+Dgkv5nxPI+9Er5lHcoVWVMEcvvRm\n" + + "6jIBQdldVlSgv+VgUnFm5wIDAQABo3cwdTAdBgNVHQ4EFgQUkV3Qqtk7gIot9n60\n" + + "jX6dloxrfMEwRwYDVR0jBEAwPoAUgiXdIaZeT3QA/SGUvh854OJVyxuhI6QhMB8x\n" + + "CzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlggEAMAsGA1UdDwQEAwIBAjAN\n" + + "BgkqhkiG9w0BAQQFAAOBgQADu4GM8EdmIKhC7FRvk5jF90zfvZ38wbXBzCjKI4jX\n" + + "QJrhne1bfyeNNm5c1w+VKidT+XzBzBGH7ZqYzoZmzRIfcbLKX2brEBKiukeeAyL3\n" + + "bctQtbp19tX+uu2dQberD188AAysKTkHcJUV+rRsTwVJ9vcYKxoRxKk8DhH7ZS3M\n" + + "rg==\n" + + "-----END CERTIFICATE-----"; + + // the target EE certificate + static String targetCertStr = + "-----BEGIN CERTIFICATE-----\n" + + "MIICNzCCAaCgAwIBAgIBAjANBgkqhkiG9w0BAQQFADAxMQswCQYDVQQGEwJVUzEQ\n" + + "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA0MjcwMjI0\n" + + "MzZaFw0yOTAxMTIwMjI0MzZaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" + + "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" + + "9w0BAQEFAAOBjQAwgYkCgYEAvYSaU3oiE4Pxp/aUIXwMqOwSiWkZ+O3aTu13hRtK\n" + + "ZyR+Wtj63IuvaigAC4uC+zBypF93ThjwCzVR2qKDQaQzV8CLleO96gStt7Y+i3G2\n" + + "V3IUGgrVCqeK7N6nNYu0wW84sibcPqG/TIy0UoaQMqgB21xtRF+1DUVlFh4Z89X/\n" + + "pskCAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSynMEdcal/e9TmvlNE\n" + + "4suXGA4+hjAfBgNVHSMEGDAWgBT0/nNP8WpyxmYrIBp4tN8y08jw2jANBgkqhkiG\n" + + "9w0BAQQFAAOBgQB/jru7E/+piSmUwByw5qbZsoQZVcgR97pd2TErNJpJMAX2oIHR\n" + + "wJH6w4NuYs27+fEAX7wK4whc6EUH/w1SI6o28F2rG6HqYQPPZ2E2WqwbBQL9nYE3\n" + + "Vfzu/G9axTUQXFbf90h80UErA+mZVxqc2xtymLuH0YEaMZImtRZ2MXHfXg==\n" + + "-----END CERTIFICATE-----"; + + // CRL issued by the delegated CRL issuer, topCrlIssuerCertStr + static String topCrlStr = + "-----BEGIN X509 CRL-----\n" + + "MIIBGzCBhQIBATANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQMA4GA1UE\n" + + "ChMHRXhhbXBsZRcNMDkwNDI3MDIzODA0WhcNMjgwNjI2MDIzODA0WjAiMCACAQUX\n" + + "DTA5MDQyNzAyMzgwMFowDDAKBgNVHRUEAwoBBKAOMAwwCgYDVR0UBAMCAQIwDQYJ\n" + + "KoZIhvcNAQEEBQADgYEAoarfzXEtw3ZDi4f9U8eSvRIipHSyxOrJC7HR/hM5VhmY\n" + + "CErChny6x9lBVg9s57tfD/P9PSzBLusCcHwHMAbMOEcTltVVKUWZnnbumpywlYyg\n" + + "oKLrE9+yCOkYUOpiRlz43/3vkEL5hjIKMcDSZnPKBZi1h16Yj2hPe9GMibNip54=\n" + + "-----END X509 CRL-----"; + + // CRL issued by the delegated CRL issuer, subCrlIssuerCertStr + static String subCrlStr = + "-----BEGIN X509 CRL-----\n" + + "MIIBLTCBlwIBATANBgkqhkiG9w0BAQQFADAxMQswCQYDVQQGEwJVUzEQMA4GA1UE\n" + + "ChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMRcNMDkwNDI3MDIzODA0WhcNMjgw\n" + + "NjI2MDIzODA0WjAiMCACAQQXDTA5MDQyNzAyMzgwMVowDDAKBgNVHRUEAwoBBKAO\n" + + "MAwwCgYDVR0UBAMCAQIwDQYJKoZIhvcNAQEEBQADgYEAeS+POqYEIHIIJcsLxuUr\n" + + "aJFzQ/ujH0QmnyMNEL3Uavyq4VQuAahF+w6aTPb5UBzms0uX8NAvD2vNoUJvmJOX\n" + + "nGKuq4Q1DFj82E7/9d25nXdWGOmFvFCRVO+St2Xe5n8CJuZNBiz388FDSIOiFSCa\n" + + "ARGr6Qu68MYGtLMC6ZqP3u0=\n" + + "-----END X509 CRL-----"; + + private static Set generateTrustAnchors() + throws CertificateException { + // generate certificate from cert string + CertificateFactory cf = CertificateFactory.getInstance("X.509"); + + ByteArrayInputStream is = + new ByteArrayInputStream(selfSignedCertStr.getBytes()); + Certificate selfSignedCert = cf.generateCertificate(is); + + // generate a trust anchor + TrustAnchor anchor = + new TrustAnchor((X509Certificate)selfSignedCert, null); + + return Collections.singleton(anchor); + } + + private static CertStore generateCertificateStore() throws Exception { + Collection entries = new HashSet(); + + // generate certificate from certificate string + CertificateFactory cf = CertificateFactory.getInstance("X.509"); + + ByteArrayInputStream is; + + is = new ByteArrayInputStream(targetCertStr.getBytes()); + Certificate cert = cf.generateCertificate(is); + entries.add(cert); + + is = new ByteArrayInputStream(subCaCertStr.getBytes()); + cert = cf.generateCertificate(is); + entries.add(cert); + + is = new ByteArrayInputStream(selfSignedCertStr.getBytes()); + cert = cf.generateCertificate(is); + entries.add(cert); + + is = new ByteArrayInputStream(topCrlIssuerCertStr.getBytes()); + cert = cf.generateCertificate(is); + entries.add(cert); + + is = new ByteArrayInputStream(subCrlIssuerCertStr.getBytes()); + cert = cf.generateCertificate(is); + entries.add(cert); + + // generate CRL from CRL string + is = new ByteArrayInputStream(topCrlStr.getBytes()); + Collection mixes = cf.generateCRLs(is); + entries.addAll(mixes); + + is = new ByteArrayInputStream(subCrlStr.getBytes()); + mixes = cf.generateCRLs(is); + entries.addAll(mixes); + + return CertStore.getInstance("Collection", + new CollectionCertStoreParameters(entries)); + } + + private static X509CertSelector generateSelector(String name) + throws Exception { + X509CertSelector selector = new X509CertSelector(); + + // generate certificate from certificate string + CertificateFactory cf = CertificateFactory.getInstance("X.509"); + ByteArrayInputStream is = null; + if (name.equals("subca")) { + is = new ByteArrayInputStream(subCaCertStr.getBytes()); + } else if (name.equals("subci")) { + is = new ByteArrayInputStream(subCrlIssuerCertStr.getBytes()); + } else { + is = new ByteArrayInputStream(targetCertStr.getBytes()); + } + + X509Certificate target = (X509Certificate)cf.generateCertificate(is); + byte[] extVal = target.getExtensionValue("2.5.29.14"); + if (extVal != null) { + DerInputStream in = new DerInputStream(extVal); + byte[] subjectKID = in.getOctetString(); + selector.setSubjectKeyIdentifier(subjectKID); + } else { + // unlikely to happen. + throw new Exception("unexpected certificate: no SKID extension"); + } + + return selector; + } + + private static boolean match(String name, Certificate cert) + throws Exception { + X509CertSelector selector = new X509CertSelector(); + + // generate certificate from certificate string + CertificateFactory cf = CertificateFactory.getInstance("X.509"); + ByteArrayInputStream is = null; + if (name.equals("subca")) { + is = new ByteArrayInputStream(subCaCertStr.getBytes()); + } else if (name.equals("subci")) { + is = new ByteArrayInputStream(subCrlIssuerCertStr.getBytes()); + } else { + is = new ByteArrayInputStream(targetCertStr.getBytes()); + } + X509Certificate target = (X509Certificate)cf.generateCertificate(is); + + return target.equals(cert); + } + + + public static void main(String[] args) throws Exception { + CertPathBuilder builder = CertPathBuilder.getInstance("PKIX"); + + X509CertSelector selector = generateSelector(args[0]); + + Set anchors = generateTrustAnchors(); + CertStore certs = generateCertificateStore(); + + + PKIXBuilderParameters params = + new PKIXBuilderParameters(anchors, selector); + params.addCertStore(certs); + params.setRevocationEnabled(true); + params.setDate(new Date(109, 5, 1)); // 2009-05-01 + Security.setProperty("ocsp.enable", "false"); + System.setProperty("com.sun.security.enableCRLDP", "true"); + + PKIXCertPathBuilderResult result = + (PKIXCertPathBuilderResult)builder.build(params); + + if (!match(args[0], result.getCertPath().getCertificates().get(0))) { + throw new Exception("unexpected certificate"); + } + } +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/java/security/cert/CertPathBuilder/selfIssued/README --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/security/cert/CertPathBuilder/selfIssued/README Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,382 @@ +/* + * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, + * CA 95054 USA or visit www.sun.com if you need additional information or + * have any questions. + */ + + Certificates and CRLs + +The certificates and CRLs used by KeyUsageMatters.java are copied from +test/java/security/cert/CertPathValidator/indirectCRL. + +Here lists the local generated certificates and CRLs used in the test cases. + +The generate.sh depends on openssl, and it should be run under ksh. The +script will create many directories and files, please run it in a +directory outside of JDK workspace. + +1. root certifiate and key +-----BEGIN CERTIFICATE----- +MIICPjCCAaegAwIBAgIBADANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ +MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA2MjgxMzMyMThaFw0zMDA2MDgxMzMyMTha +MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB +AQUAA4GNADCBiQKBgQDInJhXi0655bPXAVkz1n5I6fAcZejzPnOPuwq3hU3OxFw8 +81Uf6o9oKI1h4w4XAD8u1cUNOgiX+wPwojronlp68bIfO6FVhNf287pLtLhNJo+7 +m6Qxw3ymFvEKy+PVj20CHSggdKHxUa4MBZBmHMFNBuxfYmjwzn+yTMmCCXOvSwID +AQABo4GJMIGGMB0GA1UdDgQWBBSQ52Dpau+gtL+Kc31dusYnKj16ZTBHBgNVHSME +QDA+gBSQ52Dpau+gtL+Kc31dusYnKj16ZaEjpCEwHzELMAkGA1UEBhMCVVMxEDAO +BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAQYw +DQYJKoZIhvcNAQEEBQADgYEAjBt6ea65HCqbGsS2rs/HhlGusYXtThRVC5vwXSey +ZFYwSgukuq1KDzckqZFu1meNImEwdZjwxdN0e2p/nVREPC42rZliSj6V1ThayKXj +DWEZW1U5aR8T+3NYfDrdKcJGx4Hzfz0qKz1j4ssV1M9ptJxYYv4y2Da+592IN1S9 +v/E= +-----END CERTIFICATE----- + +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE3-CBC,46F13CECA9B38323 + +AVNWPH7jiPyJVq9KfL3IlGVCwD41KVapg12yJR2t/WWlLaKr19/0oWNvimcrd040 +txFKvcFO9TFLxmaco33+actCoL0K/XbrCBICThZLybzcFTuYFMum8eqL61avQgBe +Kt4CCjcupWLzKWkKTMV/bP6nPnPUSB9U8QeGwutjJYnLDi0TuYx8YSqZo/36vM98 +r3OvtcSA5XEN4guxxHusZJnhbclVb/Z1WtLVb4v2d5yBtPM2p3R0hK17L4Dnusjl +n56z6Z0AIYmfAggM/Fpge2uT3D/5n//l1lZRNoSvsX5UZipKswZKLpvx7IJ+AqgA +UO9lcmNLGnIXME3IS3smd83wPi7nxH3NCYWHbGAKLm6mkFMs5LOhofUMOBS3Rxmm +2RjCGtuzDxBPKveo9/Y80B//6sEce2gdi7fCKgWwtR4VFuJd0hWODD6CarK3edHH +rUG62Kt2aqiI/y/NLEbfHCHbyM37c9/OzS5Zy695dDl22r5EirVFsVgejQR1JGtP +ANdc6kkkJW+s6GiqimShssMTp1x0L8twT/+wEa38LafiaPKk4OweleBuyz7k2FxA +Rr2u9IOvGU3eKAeH8HSFWvaNE9S2lYFPiWWZ6O/LzVvnb847+gungQ7SPRzOkt4k +L4PtHIoKmLWFr5tzML1Q8wiaKcTWMb5LZbRbo+2XYGoIpilxkBBuhX7cMJFwOHEf +YJJRixBI97doPsnIQ3GkA8xY+INzQ4LWNQbnEtS7L7t26NA9tDlg4ILU/UfMoQIp +Ol4EZY1U7gD8BeMwo2vX3x/WA+a7R2N95klBFNqn9jSkm6a5yoeCZw== +-----END RSA PRIVATE KEY----- + + +2. root crl issuer and key +-----BEGIN CERTIFICATE----- +MIICPjCCAaegAwIBAgIBAjANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ +MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA2MjgxMzMyMjNaFw0yOTAzMTUxMzMyMjNa +MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB +AQUAA4GNADCBiQKBgQC99u93trf+WmpfiqunJy/P31ej1l4rESxft2JSGNjKuLFN +/BO3SAugGJSkCARAwXjB0c8eeXhXWhVVWdNpbKepRJTxrjDfnFIavLgtUvmFwn/3 +hPXe+RQeA8+AJ99Y+o+10kY8JAZLa2j93C2FdmwOjUbo8aIz85yhbiV1tEDjLwID +AQABo4GJMIGGMB0GA1UdDgQWBBSyFyA3XWLbdL6W6hksmBn7RKsQmDBHBgNVHSME +QDA+gBSQ52Dpau+gtL+Kc31dusYnKj16ZaEjpCEwHzELMAkGA1UEBhMCVVMxEDAO +BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAQYw +DQYJKoZIhvcNAQEEBQADgYEAHTm8aRTeakgCfEBCgSWK9wvMW1c18ANGMm8OFDBk +xabVy9BT0MVFHlaneh89oIxTZN0FMTpg21GZMAvIzhEt7DGdO7HLsW7JniN7/OZ0 +rACmpK5frmZrLS03zUm8c+rTbazNfYLoZVG3/mDZbKIi+4y8IGnFcgLVsHsYoBNP +G0c= +-----END CERTIFICATE----- + +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE3-CBC,3881A5676C1AD5E5 + +KgaAtGlIQXVnsoifcd1oTi4hS1J+InHISFcZepI1h1hrU9KVAJAlwD1GIeM2qAkG +P1ABsA0TE0yRJpd3qHih2IPtD42osfc3HmNTw17nh4Trd3ESilrs4w/rrH8e6bR5 +WlqG0OKsw8x57t44m9yX94+pP3tdPaJwnFk5M7pDCO44IZskmy10S0NHBn7wMwM/ +mqlZ15mK6YZTwOuLzpdSDJqYPLiv77KpfeiqSN++ISXoNhIcNYHRVyErAS/DcBlx +mbrmBaGexhuagQYqVikEDIvg8kBDWD92EjOFbz94Z6eTvliauJ/+E1/Ffefe2cN5 +LaVwuUsiyW9GjarWwBJDFrXesTikklshC9V35j/ACHVdh5CuO8FGfVijIwlbZ14N +xKWJdSlZlJgEjkwUlWfi1KmrFrob+yK20fGMWr3oY1rTKWZdYkrqnnKEYcMQV/TH +XNY77D5idJ3FLtvJyziqIFuohdatQsu6xFP5UEOeUi6OhptJDjjS+zDhiBlL4cqA +klThzvuycxjZT+5xno0f8GEnZkQNcC6xxPoP6vstNMKLz1rI1CVUSXZBHc5nfMaF +m75rrLbvf6F2NLUspaNXnW8TUMHxcu8nNCnM4/u6hkqebQo/N8X1/v1HImsewwWO +P5uJwqmqfuRz0vZyMKAk3FzQIfrjJouxDfkNV2YHM9VP/grPlDgzmgiN0+6bCbn+ +RW2K8kvkSFZehQ1Ygdst9KYH3NEcEYVYY9pH1N1xRNAylcIDJNwrFwf9vfwjt9/q +AVsyDxUBT/KVCcqr15LNNq9HmmcP6IZZMRjdyf2BR+/cobxxDRZq1Q== +-----END RSA PRIVATE KEY----- + + +3. root CRL issued by root crl issuer. +-----BEGIN X509 CRL----- +MIIBGzCBhQIBATANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQMA4GA1UE +ChMHRXhhbXBsZRcNMDkwNjI4MTMzMjM4WhcNMjgwODI3MTMzMjM4WjAiMCACAQUX +DTA5MDYyODEzMzIzN1owDDAKBgNVHRUEAwoBBKAOMAwwCgYDVR0UBAMCAQEwDQYJ +KoZIhvcNAQEEBQADgYEAVUIeu2x7ZwsliafoCBOg+u8Q4S/VFfTe/SQnRyTM3/V1 +v+Vn5Acc7eo8Rh4AHcnFFbLNk38n6lllov/CaVR0IPZ6hnrNHVa7VYkNlRAwV2aN +GUUhkMMOLVLnN25UOrN9J637SHmRE6pB+TRMaEQ73V7UNlWxuSMK4KofWen0A34= +-----END X509 CRL----- + + +4. subca certificate and key +-----BEGIN CERTIFICATE----- +MIICUDCCAbmgAwIBAgIBAzANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ +MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA2MjgxMzMyMjRaFw0yOTAzMTUxMzMyMjRa +MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz +cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPFv24SK78VI0gWlyIrq/X +srl1431K5hJJxMYZtaQunyPmrYg3oI9KvKFykxnR0N4XDPaIi75p9dXGppVu80BA ++csvIPBwlBQoNmKDQWTziDOqfK4tE+IMuL/Y7pxnH6CDMY7VGpvatty2zcmH+m/v +E/n+HPyeELJQT2rT/3T+7wIDAQABo4GJMIGGMB0GA1UdDgQWBBRidC8Dt3dBzYES +KpR2tR560sZ0+zBHBgNVHSMEQDA+gBSQ52Dpau+gtL+Kc31dusYnKj16ZaEjpCEw +HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw +AwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEEBQADgYEAMeMKqrMr5d3eTQsv +MYOD15Dl3THQGLAa4ad5Eyq5/1eUeEOpztzCgDfi0iPD8YCubIEVasBTSqTiGXqb +RpGuPHOwwfWvHrTeHSludiFBAUiKj7aEV+oQa0FBn4U4TT8HA62HQ93FhzTDI3jP +iil34GktVl6gfMKGzUEW/Dh8OM4= +-----END CERTIFICATE----- + +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE3-CBC,35408AD3018F0049 + +4t6WfpFNqpOr47Wc/OAt8+KZK0+WX7d3nlJn47W+QN7AkPfBlLBpcQJkImhP4/eh +aJyk8fPOdUhT/4rgc5ORuKk4d9boD36KK5Iz/+/oNBxzuld6TybVb+Hvw41cIZTW +CtkvADQpR8XWbPre+3ZH2eAKoTeWX0xR7pYg1JsFk9vxee6U82iqsAYRdUOdot8D +9zdDbbeaLWs78UbZkxFtuXREuyNVX880Q17t8qszJL2KmmtMQpUvxTlW04Ope1Ug +uIuOxeannzpKRD+37fj+oacM3GRqVFOP47/NVaziOexDBn4b5nlW6OMro6t0qiHt +1GLJcw1oLXoFe8ycexfzYWUiHymSz5Vh3wIflsQY+Ik6dopL+fpk2cVD0bncKJlf +Ie9PvL04RwannRjgtPl9X05tzcgeyznp2Ix1/rsriZQQpdPTLGA6w6kUhQeK6TwT +eX7pXn3iLTGK+VoHRfbxBQR2Fvq1nRJbvsmJFhPOcJU5CYSaDPGGdA6NorbdVgbc +14DlkhzojhEpZ7DaUeFNUXUMlQOR5UUTZB+wL3zQoY/FzHci3JD1Gj4NlbC9mMEg +ncWZcpZWOnP2kHSz2o/UOxQM80gerukI7NOr020iJ+ZZRb/gyAAzLPnD+mCZ7/e2 +JJ3x6yHOtVA6WzZiQH1d9/bm79rtcWaRH83X/idG1lHuKXQJFAaw5f7Z2n2/yuF1 +9pZf7el1M7UoBf74oc68klAl46f4inroy8anAtc/qjSTXUYQrNvKZsWU9AZVS7oH +iEuYMVW4KiZh3SHsIg5TZdMbdVYtZpcTsl/Kh6XuY0o0Xsi+rTK5AA== +-----END RSA PRIVATE KEY----- + + +5. crl issuer of subca, the certificate and key +-----BEGIN CERTIFICATE----- +MIICUDCCAbmgAwIBAgIBBDANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ +MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA2MjgxMzMyMjdaFw0yOTAzMTUxMzMyMjda +MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz +cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+8AcLJtGAVUWvv3ifcyQw +OGqwzcPrBw/XCs6vTMlcdtFzcH1M+Z3/QHN9+5VT1gqeTIZ+b8g9005Og3XKy/HX +obXZeLv20VZsr+jm52ySghEYOVCTJ9OyFOAp5adp6nf0cA66Feh3LsmVhpTEcDOG +GnyntQm0DBYxRoOT/GBlvQIDAQABo4GJMIGGMB0GA1UdDgQWBBSRWhMuZLQoHSDN +xhxr+vdDmfAY8jBHBgNVHSMEQDA+gBSQ52Dpau+gtL+Kc31dusYnKj16ZaEjpCEw +HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw +AwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEEBQADgYEAMIDZLdOLFiPyS1bh +Ch4eUYHT+K1WG93skbga3kVYg3GSe+gctwkKwKK13bwfi8zc7wwz6MtmQwEYhppc +pKKKEwi5QirBCP54rihLCvRQaj6ZqUJ6VP+zPAqHYMDbzlBbHtVF/1lQUP30I6SV +Fu987DvLmZ2GuQA9FKJsnlD9pbU= +-----END CERTIFICATE----- + +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE3-CBC,4CD10EAA24AF8C25 + +6pTRc9jsn6CJ2EMYhuGX3aWrDThhacnqdtsKIqUzX8Ga7Jz9kq6HseTRlqPkzBfb +rCl+eVIkgugrPbf93375mP/ozY8LkEgD9TRAL1uXqha2N6TRLC2ozQJQSoIc441e +UZ9XkB6tPGRfPNvi1xE0WTP7bjOUkvkPU9wM9QFuBW6B7mRf3tG2nqkFiTpY6nz8 +5X5+h9jafcCvMwYhfJm0JFTGWmX4WJWubs8QeYndvIriDDw2zpVNcno45sClSQCb +YVekMLgGlKPmNGub5iRfXsozykE3jbMnXRokxrvzk20jjo0XYPVGfCRe9IhJh8Ud +iCG/kPaJspbUkUlKXfvIOdp2pnoDFZI5hbfc75YrFYJ8x8dwRYBUl6yRtBkw5Yo/ +VQDuNq3d7YpxiGxVTwFox6HQ5+rs6jwSGzOilgOCxPSs41fYcdAlogNqLzjvhn+e +0GU1XTVyMJbO0Ae6Sgm4PmxU7QM2bdzESuZWbYRFbH2ywwmoR8SahB3ICBhuIA/l +lsCrBbq+jL/K2IL1VXBKuaKBN1ShKUPZD/ABWNv4uENNg2AFq1XQ6kvTU8Glfhd9 +tyK8YnJ0ViY4VLGhdf0s2eEPmbfxOv0HCW0sz/57eASoQSTJTdVApYopWHBOwaNq +8qQUEPDMTKaPNqCjA2m/NwGrLPHhU0d5dHmp+9gTbCTmWy4sVenhBPbOy6wvFpNA +F+35tJVaZQOOurm/KC2dLOYkKyAvqnB7D2q4zducpWkiyCweg7uYL14Mo5JQmGuq +2DwfRiMxdqqoqHFKEOxsoAMrKSwJlYojUknfz/LEaqxtMePQtNwhjw== +-----END RSA PRIVATE KEY----- + + +6. CLR issued by subca CRL issuer +-----BEGIN X509 CRL----- +MIIBLTCBlwIBATANBgkqhkiG9w0BAQQFADAxMQswCQYDVQQGEwJVUzEQMA4GA1UE +ChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMRcNMDkwNjI4MTMzMjQzWhcNMjgw +ODI3MTMzMjQzWjAiMCACAQQXDTA5MDYyODEzMzIzOFowDDAKBgNVHRUEAwoBBKAO +MAwwCgYDVR0UBAMCAQEwDQYJKoZIhvcNAQEEBQADgYEACQZEf6ydb3fKTMPJ8DBO +oo630MsrT3P0x0AC4+aQOueCBaGpNqW/H379uZxXAad7yr+aXUBwaeBMYVKUbwOe +5TrN5QWPe2eCkU+MSQvh1SHASDDMH4jhWFMRdO3aPMDKKPlO/Q3s0G72eD7Zo5dr +N9AvUXxGxU4DruoJuFPcrCI= +-----END X509 CRL----- + + +7. dumca certificate and key +-----BEGIN CERTIFICATE----- +MIICUDCCAbmgAwIBAgIBBTANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ +MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA2MjgxMzMyMjhaFw0yOTAzMTUxMzMyMjha +MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz +cy1EMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeWn+ulgls9+dK3KzzfC1b +a9RMSf+gjv/Olw5386Vw6pJOVngR11RytWJoLiKbjYPyGhP1cms2FoUKuAEO31gD +3AoUCa+nXgaMLiDtmdC5ATqVv3Oap5aNgAqq0mxMxOylKgcUhfuH2icEnfBtHzEe +ST11S69zQr5GGfa/XslbDQIDAQABo4GJMIGGMB0GA1UdDgQWBBRCmXIsp4G3iP7Z +Qv4gS19W8W/cLzBHBgNVHSMEQDA+gBSQ52Dpau+gtL+Kc31dusYnKj16ZaEjpCEw +HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw +AwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEEBQADgYEAkRiLpJesXyNQ34ZP +Oc4d0gvCl4pyNHx5gsV0yHtxP7oYoIa7Bw4setplQ9Y2YcH5xuXK84xvAby9csWp +cod1QOkFzZfb9qj10PXfD8bMoLOyrZfr5nsNAl2scvOtnM1TFL/ll5/S2PVcPthx +Z5t128UNQYMu93OmVjZANL5L6Jw= +-----END CERTIFICATE----- + +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE3-CBC,11485599004D2482 + +R+TgUoQo1Ksqpnwh1B1x3u7jxd1qJsfG5st7WJaeJzSY3v+ZnmTS4O008eKgw6Z1 +eGJevsNW8Z8ButjChzlesCm+90jpKpOqA6MlvzeknAxtGdEfe8rUEytfNOorjJTy +1Mu9T8Tlk6tmmmXNTDX1lQytYaHA4e4VVEbYGNceMNcPonT1Y0SyebJwtfd4XKkG +Ty40kMnb+qrFr1ZxVRG+LWKDR/bS0S2K2zY6Ha45d8yoYZlgLZ7yVAlrp0T0PF4B +UWvSyNK9VOBLrvqXSofK5gNGkR/C63x8FU2V25ISicBQBXLNo9OgIsbrryHF330T +2TxhnOpFU1AwgTSfp4Fy/Htkvgo7/jmFRa3r4xelTdEUKvRrwaZeMjg0fT+24529 +8o8MMOF0YWNtIDNUVRFg9/DgAsD/LoXbOGc/E2ryJdq1D4N914s4m/D5Sox27iu4 +3op/dt+WMoA0g/YbjhWn2cAfWcH9P8p8/n/FUO8APmGI3aHbtOhJQ8qwxcalp6kO +fICWsW4ygWtdpnyJWzAY0Udtsl8mglTppGTl59OYZmlDQTLhJ1hWiXLeNKj0pGPz +bAJ5jGQN8zXAk83j019rI5WveAdWp+w1XRGvmPxLL3heojHrkutuYLQ0LOcFwNvg +OqmPvZneRBoy6Yshp0XyYy+qioxDm+Vd/NV1/aCWgQXJA3vFqUg3AURLFHHTh+7h +fa3DDCLtdg/wJkRtOWjFhq0hgx5sb9zVv8HCuMERbZJbWwDOfSrHJwXj4KaTHVqY +OWfBE9vzeAxRpdpe69SZWYg3tyu7uSf6a5Rp55iMI3kjuQMCanvsNA== +-----END RSA PRIVATE KEY----- + + +8. crl issuer for dumca, the certificate and key +-----BEGIN CERTIFICATE----- +MIICUDCCAbmgAwIBAgIBBjANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ +MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA2MjgxMzMyMjlaFw0yOTAzMTUxMzMyMjla +MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz +cy1EMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDF7NjUUWji4pPmFg3qx4HB +kjtInwe7i2lPjRUN0ZwTcWob2RaD1+fhc7seeNmnypjERTa9TXF5cs2PgSHWNISC +QbQpbobOUcSsV/6Lr0kvrHJuVowcX13VsApGSJavVs2oJqUiFGNpnch8yR/pMHJf +hsd/Go+nUXMOl2xN31DMFQIDAQABo4GJMIGGMB0GA1UdDgQWBBS1XVE2CYKHgO7t +1koYVTu2w7xgNTBHBgNVHSMEQDA+gBSQ52Dpau+gtL+Kc31dusYnKj16ZaEjpCEw +HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw +AwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEEBQADgYEAHYraYtdetZFOiTUR +dhvUi556el1WT25O8pF21YAzRI7KI4yzl6deD29DtcIPiBc8H1A4U6OhwXSQsqTd +taOHHdZxnU+m078mb231OPVvo48uZwpnX35g/qItW+Nb/dIEb08537oQKoGgL0hV +sKZPWod70JBkJabDuUirorhlk4A= +-----END CERTIFICATE----- + +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE3-CBC,1E0E5983F90A10E0 + +KdPTRmJjeKXFTgdVIgP0eu+m0evwVD2QFMkT3pPI9HELRxtkgIQzjK8F0KIHK9vi +Ur0CMgJkX0zs2v7HIG7jvfQ2fREidRTk1g3xCjHXVbpwjWN2dbo+mR0J2zzxNILy +mSs13PlDPdV81Vkn1WkMY0lhdrEpR6senQ4KIiMJTMsWZabG3lyFM6d7ag7CDVC+ +jnsUFg2XW5dYP/kb09p14+CdiQwruNVeVEWhWPG1pAjl7hXCEM5ssz9fNk6Gyh2X +OXB2mMysqTkt+qB+OIqLKj3NTUs2ovVQZnaCaynsnMYTcIEFmv3lC0gJHYAZtBXf +IkySb+VaB7wmk1CI1+texDU8+B2sq7wmqX0SLY7dMwkbxP1kydn9U5i4Gqmdxpw5 +4+jn7dB6oKfVFlXIZTZzhmN44cIdai48qVmse1BRDxUdfmlgd9C2W1mw4N60BXbt +DeNr8ua5UtcUOXBGJk6VEJapDU/dnnANhVR4R48Y9t+g1qlhwHB4zbSrAIJ5Rsbg +6pvdt7BQmFXtm4flZbf21Lr8awWkNFdc/k/3uXA6xemgsFNxPZXlpXO26KpIP+nz +lt9Q82WxIkzE+BvO+qd5wMqQ/GC/ztO8GJeGdRIo6un7KkNKs2AZDoCELo2lO53B +EBWHeABtJpB1Fw3lW3iJn0A6YbYzK1omztoNMkesBIi0QI5L/e0tq4Mp+LUjLm+Y +ywdrofTiYTu8R7mgS1b5q3eFtwUR9MZuKJGvhsBcSfS41vH2hDezYHg8vW55UIE3 +h7EhOUnTkHY43OKZnmXHwh3pTEmHv1TfMpeaktiU/w0= +-----END RSA PRIVATE KEY----- + +9. end entity certificate issued by subca, Alice +-----BEGIN CERTIFICATE----- +MIICNzCCAaCgAwIBAgIBAjANBgkqhkiG9w0BAQQFADAxMQswCQYDVQQGEwJVUzEQ +MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA2MjgxMzMy +MzBaFw0yOTAzMTUxMzMyMzBaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt +cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG +9w0BAQEFAAOBjQAwgYkCgYEA7wnsvR4XEOfVznf40l8ClLod+7L0y2/+smVV+GM/ +T1/QF/stajAJxXNy08gK00WKZ6ruTHhR9vh/Z6+EQM2RZDCpU0A7LPa3kLE/XTmS +1MLDu8ntkdlpURpvhdDWem+rl2HU5oZgzV8Jkcov9vXuSjqEDfr45FlPuV40T8+7 +cxsCAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSBwsAhi6Z1kriOs3ty +uSIujv9a3DAfBgNVHSMEGDAWgBRidC8Dt3dBzYESKpR2tR560sZ0+zANBgkqhkiG +9w0BAQQFAAOBgQDEiBqd5AMy2SQopFaS3dYkzj8MHlwtbCSoNVYkOfDnewcatrbk +yFcp6FX++PMdOQFHWvvnDdkCUAzZQp8kCkF9tGLVLBtOK7XxQ1us1LZym7kOPzsd +G93Dcf0U1JRO77juc61Br5paAy8Bok18Y/MeG7uKgB2MAEJYKhGKbCrfMw== +-----END CERTIFICATE----- + +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE3-CBC,9E29E1901B338431 + +796Bj4/MwwHdy6+yZQcq3pS12EZPlEm7qsCCTl787y+DYEnnj+9W4WX4+1zWsUGV +1+39oe/KOUfi5O9ytMuKiroIrklmkskWHDoW6sr4VcDprnLYL+75AhTfgpOtY+gK +q+++N7P2o9V6YF7PiGxaBqGy/3bt0nTu0sjctfzbo4g0PniiId9sus2Y+iRHKebJ +r9V0b0jB8USuIsZ+4IQJFZ+/zeKuqqqPM/4v5VKNUahER8oykhRd4L9UactnVH5t +dsfowtHmOmKE6ObJX3m+HgJMvauMMf7zJVdqJquU2vy0bUk9ufCrA7t5ws7JDRzd +SG5gt7EVQzd5x/yXsQdKbDew5mXsYPB8vz4moTgj4YJU+m6k0t1PH00pz7LUrDHl +E8ZAmXIKLEBIih1AWkdASR/YZsfB3URIC8mLyDSZJN5iEVJxl/JWm6pbJlP3Xn3J +fraVEXP6uerf29CNhizq520AfGdsSqga6atdx6PXBVm67V0TZ+zmBMUQJrWmJUUC +NFGAac+M58lYX9uwsrO9x/x6GSZvhQQu1kfD1m8DHN3IV5m3uHxsEvhmuHaqFEMJ +uH336HbqWYENXwZfDHZvOU1o2FejsLZ7QmFjB72iAxhVNQt53pCXed2gF/bERGSn +qi0PsYtjyzfEUefqlVRSWVulbQfGwkvl8dX9s6BxmOG1q0BzlDu+cQLYXPS+XOww +H8GgkGp6XTd04qT/qCm8gcuxAvdkYkj2zgAIKaqeJ53S3Ua9lrIKnA3L3btiEG5F +JTYutSdRqB4liukkB1TciiDVSmOisszjrMHhRRYPfgeLfnRFdX9U9g== +-----END RSA PRIVATE KEY----- + +10. end entity certificate issued by subca, Bob +-----BEGIN CERTIFICATE----- +MIICNTCCAZ6gAwIBAgIBAzANBgkqhkiG9w0BAQQFADAxMQswCQYDVQQGEwJVUzEQ +MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA2MjgxMzMy +MzVaFw0yOTAzMTUxMzMyMzVaMD8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt +cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQwwCgYDVQQDEwNCb2IwgZ8wDQYJKoZIhvcN +AQEBBQADgY0AMIGJAoGBALLrxd3DpXuH7yiAoyi/Rc1F7WsyyeNE1Ra2ymHpcee/ +3sbldekcgPl6lGQF/JJ5ARBbfeDtaf6ZtAK3j6aXqxVFxDKKu86r96v74gWJB7Vv +CHcUPvmE/EGESq3VNFI998DbmvqICLC97nFLUIrKWDH1rRFZjjkmouln40UxQXvV +AgMBAAGjTzBNMAsGA1UdDwQEAwID6DAdBgNVHQ4EFgQUTXz1J2viNSKvRHIRVhD6 +cJE4lgYwHwYDVR0jBBgwFoAUYnQvA7d3Qc2BEiqUdrUeetLGdPswDQYJKoZIhvcN +AQEEBQADgYEApsKyLf4FbXb26KsQrxgFn/w0d/7ck4cE8a6oXQqi5OLheNSWfD3S +fgD1dR28mGmhBiyOkdLmrhA1+6BuEr4FsuyLgrFnEqKL0ZhVhiqvwKLGqvasWxfU +Edaw4WXvRcfRWXfgjtwB6PSj/3nqGKSGRPif/OFIjO6UqHwEM7JEWO4= +-----END CERTIFICATE----- + +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE3-CBC,4A820975D251613F + +GseD8MIztC0oYMxwpxeBO4/YPs9ZFFjgncXXcy+1oYZdlEsrS1xw87unjeHigL8m +QPIn8Guv3DiOsBdvweuMAgPPaA1zlophPClbGZMk7BB3T2acEfjBQH1DZz7kd7Bf +OmI2DrqcEg1yDi7l7YutBuTQPiy3nj3d7pbScuFd5YVMu6yH0YpS7JsPvviabFk2 +eYVlkaiejtQwV+4rUb7sH/0iyqX2uqvnpnGAwVzGp+tfSOl71SByz240nOODBRgY +3Uvxkrw6XhCBAayJE0t7rkPMEe1KgZaGO2IU2jsJJbyHVjvNPSugdbsT28prZHN1 +5M1J1NSOssq/kAq6S3f9sC5j7OzP7oUlx8uMUUSaz09/Ttq22tUoqmTue2IqqxAt +lDaeR8duHP5VV1wWnDsW/XaVYlBFQ4eFPJcXqmWsNAkDQVJp327GrcT6ngevP8fD +BcIxyX6J0rETPruAE+1+PAGjqy+C+oB0ssyZvKcjzdajHcNxSlRpCuOO2ekDvNPO +h+mVukNpHCEBsh3jYmk3z9i7VPLCM0BI+vheJ1TbM+homWP6bXyTQxtLfaKzXZJH +jRJ+zGTMBNJoPVKkou03uXFpT6hdWr9nYwbMT6G9hmC0If3wEl8nRjDKbmyMS29B +p3im1kPxVJA0DjhghC+7tACy42ffw6KZPALwaVDKHGeitrQBc3xTGfrjOGQOTTcm +hZ8icYCY0cjl5KQ2kq2GpXa2zQMujNV/Oj7D4sE0xcASMRXl3tst77R/j0eowx1M +niCTRphxx4iTPkieIbjWWeFTpVmSzUBrm4hSw3tiRapVWf6Zo3aAIg== +-----END RSA PRIVATE KEY----- + +11. end entity certificate issued by subca, Susan +-----BEGIN CERTIFICATE----- +MIICNzCCAaCgAwIBAgIBBDANBgkqhkiG9w0BAQQFADAxMQswCQYDVQQGEwJVUzEQ +MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA2MjgxMzMy +MzZaFw0yOTAzMTUxMzMyMzZaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt +cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVTdXNhbjCBnzANBgkqhkiG +9w0BAQEFAAOBjQAwgYkCgYEAr2u6mdjqAVtfcgPze+9OUFZu3pi+HqoNBoygm2gq +qRAe+FVNSUeNAMQesQBo/eB0F1Iv/BjnYJ/7pYMLaf90MLoYr0Q5vNKYlBdcyUee +Jn1WmfN2Qk+UoUaiM4HAKHNJnZk13vWpZW54mcW1q09oj0oMjAZtaZsqpY6CtW6/ ++J8CAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBQVK9naug5W9pQlBqD2 +fVaCXooa1TAfBgNVHSMEGDAWgBRidC8Dt3dBzYESKpR2tR560sZ0+zANBgkqhkiG +9w0BAQQFAAOBgQDKYoM8EbP78ucjtsdvw4ywyo21hhSeP9PmRnNz/U3F9sQATmn+ +QBl6sBsrmbML2yrhkM1ctZTVUVp0S72fAbLgVjNk86p/CF+a2tmi0+lJh1aR7zQi +opt+68Nec2/52kgWi64ruF7YITmGHBxS/RDooFbscZbdrPgcow/Jw+5HnQ== +-----END CERTIFICATE----- + +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE3-CBC,9025CDB2AB43B0DE + +q4hvYnqkhDSDCsbXfxtMjPvzT38ql5wscOsGwDM/xMANSyPk9h/aqAxvB8G+8v6E +63x9Q5jRi2YY6z2sOpvu0utu7Xn6KA/H1YrpYFURTEjBbK2Qd41vPQ/NYcIO3nQd +PR2Qm3kpNumBSZomyNfJk9oegGxfw+P0af2GIb6YqmTDot+LLCLwpqxrGyQQ1LYp +zc4A9D/b19Y0eD+TU9S2KEYszvfUo7RBxRFSZ6QN1rT2SEa7IJN9wb6TvgeB2lRB +Ds90tmLtkbuwLTZre+aqbM8mU40+RI9GHh+mPw0Qz55Kw2CUe+PnGsLQnOTm7p/I +mLiPTNMJKvwaR18Z88IE9UwL0zE/ND7vZfrhqTn9bHRnzHU4NtBCBsS8zloI+rXZ +EIWKMDyzMH3wpbNYq/AemSvvUz1wGOxit5TjG2QwwCNt8hPLl0Es6Q5aWdAPPrLM +EfX/6gL7bLTHNyLPz/U32o0H4hz5J7FQ7SuYUPLI3ybiPC2qL11jbtrZMesAYEAX +mvRnqO+6dPEpwGmKz8kUj2mC8X8FPKCCiy4kbc8NjLTMao+/vOgD+wBuIePaC3yE +vpuZrsUSFZWRJ824sDMmmZFoi2DKsp1zqCV1kXozaPGigaOxtkdp890nBcGkPijQ +8F+jCGwSFda6UfuJHCQ/eJB+8LQUWa8u1TeJ9zo98oD2OBfQ5maZU0Vfv1EXvwbp +pz2R6HXFaPrQDeGO0xVzD453AbY/fZCGnhIwrEYvPAbwpIKde397MP66gYFMNFhA +IaMimFnBv7IHL08Ka0KtqbVhLpEKWFpZ6LsOnyispeB4KF0md+lpGg== +-----END RSA PRIVATE KEY----- diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/java/security/cert/CertPathBuilder/selfIssued/StatusLoopDependency.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/security/cert/CertPathBuilder/selfIssued/StatusLoopDependency.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,309 @@ +/* + * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, + * CA 95054 USA or visit www.sun.com if you need additional information or + * have any questions. + */ + +/** + * @test + * @bug 6852744 + * @summary PIT b61: PKI test suite fails because self signed certificates + * are being rejected + * @run main/othervm StatusLoopDependency subca + * @run main/othervm StatusLoopDependency subci + * @run main/othervm StatusLoopDependency alice + * @author Xuelei Fan + */ + +import java.io.*; +import java.net.SocketException; +import java.util.*; +import java.security.Security; +import java.security.cert.*; +import java.security.cert.CertPathValidatorException.BasicReason; +import sun.security.util.DerInputStream; + +/** + * KeyUsage extension plays a important rule during looking for the issuer + * of a certificate or CRL. A certificate issuer should have the keyCertSign + * bit set, and a CRL issuer should have the cRLSign bit set. + * + * Sometime, a delegated CRL issuer would also have the keyCertSign bit set, + * as would be troublesome to find the proper CRL issuer during certificate + * path build if the delegated CRL issuer is a self-issued certificate, for + * it is hard to identify it from its issuer by the "issuer" field only. + * + * In the test case, the delegated CRL issuers have keyCertSign bit set, and + * the CAs have the cRLSign bit set also. If we cannot identify the delegated + * CRL issuer from its issuer, there is a potential loop to find the correct + * CRL. + * + * And when revocation enabled, needs to check the status of the delegated + * CRL issuers. If the delegated CRL issuer issues itself status, there is + * a potential loop to verify the CRL and check the status of delegated CRL + * issuer. + * + * The fix of 6852744 should addresses above issues. + */ +public final class StatusLoopDependency { + + // the trust anchor + static String selfSignedCertStr = + "-----BEGIN CERTIFICATE-----\n" + + "MIICPjCCAaegAwIBAgIBADANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ\n" + + "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA2MjgxMzMyMThaFw0zMDA2MDgxMzMyMTha\n" + + "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB\n" + + "AQUAA4GNADCBiQKBgQDInJhXi0655bPXAVkz1n5I6fAcZejzPnOPuwq3hU3OxFw8\n" + + "81Uf6o9oKI1h4w4XAD8u1cUNOgiX+wPwojronlp68bIfO6FVhNf287pLtLhNJo+7\n" + + "m6Qxw3ymFvEKy+PVj20CHSggdKHxUa4MBZBmHMFNBuxfYmjwzn+yTMmCCXOvSwID\n" + + "AQABo4GJMIGGMB0GA1UdDgQWBBSQ52Dpau+gtL+Kc31dusYnKj16ZTBHBgNVHSME\n" + + "QDA+gBSQ52Dpau+gtL+Kc31dusYnKj16ZaEjpCEwHzELMAkGA1UEBhMCVVMxEDAO\n" + + "BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAQYw\n" + + "DQYJKoZIhvcNAQEEBQADgYEAjBt6ea65HCqbGsS2rs/HhlGusYXtThRVC5vwXSey\n" + + "ZFYwSgukuq1KDzckqZFu1meNImEwdZjwxdN0e2p/nVREPC42rZliSj6V1ThayKXj\n" + + "DWEZW1U5aR8T+3NYfDrdKcJGx4Hzfz0qKz1j4ssV1M9ptJxYYv4y2Da+592IN1S9\n" + + "v/E=\n" + + "-----END CERTIFICATE-----"; + + // the sub-ca + static String subCaCertStr = + "-----BEGIN CERTIFICATE-----\n" + + "MIICUDCCAbmgAwIBAgIBAzANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ\n" + + "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA2MjgxMzMyMjRaFw0yOTAzMTUxMzMyMjRa\n" + + "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" + + "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPFv24SK78VI0gWlyIrq/X\n" + + "srl1431K5hJJxMYZtaQunyPmrYg3oI9KvKFykxnR0N4XDPaIi75p9dXGppVu80BA\n" + + "+csvIPBwlBQoNmKDQWTziDOqfK4tE+IMuL/Y7pxnH6CDMY7VGpvatty2zcmH+m/v\n" + + "E/n+HPyeELJQT2rT/3T+7wIDAQABo4GJMIGGMB0GA1UdDgQWBBRidC8Dt3dBzYES\n" + + "KpR2tR560sZ0+zBHBgNVHSMEQDA+gBSQ52Dpau+gtL+Kc31dusYnKj16ZaEjpCEw\n" + + "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" + + "AwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEEBQADgYEAMeMKqrMr5d3eTQsv\n" + + "MYOD15Dl3THQGLAa4ad5Eyq5/1eUeEOpztzCgDfi0iPD8YCubIEVasBTSqTiGXqb\n" + + "RpGuPHOwwfWvHrTeHSludiFBAUiKj7aEV+oQa0FBn4U4TT8HA62HQ93FhzTDI3jP\n" + + "iil34GktVl6gfMKGzUEW/Dh8OM4=\n" + + "-----END CERTIFICATE-----"; + + // a delegated CRL issuer, it's a self-issued certificate of trust anchor + static String topCrlIssuerCertStr = + "-----BEGIN CERTIFICATE-----\n" + + "MIICPjCCAaegAwIBAgIBAjANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ\n" + + "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA2MjgxMzMyMjNaFw0yOTAzMTUxMzMyMjNa\n" + + "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB\n" + + "AQUAA4GNADCBiQKBgQC99u93trf+WmpfiqunJy/P31ej1l4rESxft2JSGNjKuLFN\n" + + "/BO3SAugGJSkCARAwXjB0c8eeXhXWhVVWdNpbKepRJTxrjDfnFIavLgtUvmFwn/3\n" + + "hPXe+RQeA8+AJ99Y+o+10kY8JAZLa2j93C2FdmwOjUbo8aIz85yhbiV1tEDjLwID\n" + + "AQABo4GJMIGGMB0GA1UdDgQWBBSyFyA3XWLbdL6W6hksmBn7RKsQmDBHBgNVHSME\n" + + "QDA+gBSQ52Dpau+gtL+Kc31dusYnKj16ZaEjpCEwHzELMAkGA1UEBhMCVVMxEDAO\n" + + "BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAQYw\n" + + "DQYJKoZIhvcNAQEEBQADgYEAHTm8aRTeakgCfEBCgSWK9wvMW1c18ANGMm8OFDBk\n" + + "xabVy9BT0MVFHlaneh89oIxTZN0FMTpg21GZMAvIzhEt7DGdO7HLsW7JniN7/OZ0\n" + + "rACmpK5frmZrLS03zUm8c+rTbazNfYLoZVG3/mDZbKIi+4y8IGnFcgLVsHsYoBNP\n" + + "G0c=\n" + + "-----END CERTIFICATE-----"; + + // a delegated CRL issuer, it's a self-issued certificate of sub-ca + static String subCrlIssuerCertStr = + "-----BEGIN CERTIFICATE-----\n" + + "MIICUDCCAbmgAwIBAgIBBDANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ\n" + + "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA2MjgxMzMyMjdaFw0yOTAzMTUxMzMyMjda\n" + + "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" + + "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+8AcLJtGAVUWvv3ifcyQw\n" + + "OGqwzcPrBw/XCs6vTMlcdtFzcH1M+Z3/QHN9+5VT1gqeTIZ+b8g9005Og3XKy/HX\n" + + "obXZeLv20VZsr+jm52ySghEYOVCTJ9OyFOAp5adp6nf0cA66Feh3LsmVhpTEcDOG\n" + + "GnyntQm0DBYxRoOT/GBlvQIDAQABo4GJMIGGMB0GA1UdDgQWBBSRWhMuZLQoHSDN\n" + + "xhxr+vdDmfAY8jBHBgNVHSMEQDA+gBSQ52Dpau+gtL+Kc31dusYnKj16ZaEjpCEw\n" + + "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" + + "AwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEEBQADgYEAMIDZLdOLFiPyS1bh\n" + + "Ch4eUYHT+K1WG93skbga3kVYg3GSe+gctwkKwKK13bwfi8zc7wwz6MtmQwEYhppc\n" + + "pKKKEwi5QirBCP54rihLCvRQaj6ZqUJ6VP+zPAqHYMDbzlBbHtVF/1lQUP30I6SV\n" + + "Fu987DvLmZ2GuQA9FKJsnlD9pbU=\n" + + "-----END CERTIFICATE-----"; + + // the target EE certificate + static String targetCertStr = + "-----BEGIN CERTIFICATE-----\n" + + "MIICNzCCAaCgAwIBAgIBAjANBgkqhkiG9w0BAQQFADAxMQswCQYDVQQGEwJVUzEQ\n" + + "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA2MjgxMzMy\n" + + "MzBaFw0yOTAzMTUxMzMyMzBaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" + + "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" + + "9w0BAQEFAAOBjQAwgYkCgYEA7wnsvR4XEOfVznf40l8ClLod+7L0y2/+smVV+GM/\n" + + "T1/QF/stajAJxXNy08gK00WKZ6ruTHhR9vh/Z6+EQM2RZDCpU0A7LPa3kLE/XTmS\n" + + "1MLDu8ntkdlpURpvhdDWem+rl2HU5oZgzV8Jkcov9vXuSjqEDfr45FlPuV40T8+7\n" + + "cxsCAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSBwsAhi6Z1kriOs3ty\n" + + "uSIujv9a3DAfBgNVHSMEGDAWgBRidC8Dt3dBzYESKpR2tR560sZ0+zANBgkqhkiG\n" + + "9w0BAQQFAAOBgQDEiBqd5AMy2SQopFaS3dYkzj8MHlwtbCSoNVYkOfDnewcatrbk\n" + + "yFcp6FX++PMdOQFHWvvnDdkCUAzZQp8kCkF9tGLVLBtOK7XxQ1us1LZym7kOPzsd\n" + + "G93Dcf0U1JRO77juc61Br5paAy8Bok18Y/MeG7uKgB2MAEJYKhGKbCrfMw==\n" + + "-----END CERTIFICATE-----"; + + // CRL issued by the delegated CRL issuer, topCrlIssuerCertStr + static String topCrlStr = + "-----BEGIN X509 CRL-----\n" + + "MIIBGzCBhQIBATANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQMA4GA1UE\n" + + "ChMHRXhhbXBsZRcNMDkwNjI4MTMzMjM4WhcNMjgwODI3MTMzMjM4WjAiMCACAQUX\n" + + "DTA5MDYyODEzMzIzN1owDDAKBgNVHRUEAwoBBKAOMAwwCgYDVR0UBAMCAQEwDQYJ\n" + + "KoZIhvcNAQEEBQADgYEAVUIeu2x7ZwsliafoCBOg+u8Q4S/VFfTe/SQnRyTM3/V1\n" + + "v+Vn5Acc7eo8Rh4AHcnFFbLNk38n6lllov/CaVR0IPZ6hnrNHVa7VYkNlRAwV2aN\n" + + "GUUhkMMOLVLnN25UOrN9J637SHmRE6pB+TRMaEQ73V7UNlWxuSMK4KofWen0A34=\n" + + "-----END X509 CRL-----"; + + // CRL issued by the delegated CRL issuer, subCrlIssuerCertStr + static String subCrlStr = + "-----BEGIN X509 CRL-----\n" + + "MIIBLTCBlwIBATANBgkqhkiG9w0BAQQFADAxMQswCQYDVQQGEwJVUzEQMA4GA1UE\n" + + "ChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMRcNMDkwNjI4MTMzMjQzWhcNMjgw\n" + + "ODI3MTMzMjQzWjAiMCACAQQXDTA5MDYyODEzMzIzOFowDDAKBgNVHRUEAwoBBKAO\n" + + "MAwwCgYDVR0UBAMCAQEwDQYJKoZIhvcNAQEEBQADgYEACQZEf6ydb3fKTMPJ8DBO\n" + + "oo630MsrT3P0x0AC4+aQOueCBaGpNqW/H379uZxXAad7yr+aXUBwaeBMYVKUbwOe\n" + + "5TrN5QWPe2eCkU+MSQvh1SHASDDMH4jhWFMRdO3aPMDKKPlO/Q3s0G72eD7Zo5dr\n" + + "N9AvUXxGxU4DruoJuFPcrCI=\n" + + "-----END X509 CRL-----"; + + private static Set generateTrustAnchors() + throws CertificateException { + // generate certificate from cert string + CertificateFactory cf = CertificateFactory.getInstance("X.509"); + + ByteArrayInputStream is = + new ByteArrayInputStream(selfSignedCertStr.getBytes()); + Certificate selfSignedCert = cf.generateCertificate(is); + + // generate a trust anchor + TrustAnchor anchor = + new TrustAnchor((X509Certificate)selfSignedCert, null); + + return Collections.singleton(anchor); + } + + private static CertStore generateCertificateStore() throws Exception { + Collection entries = new HashSet(); + + // generate certificate from certificate string + CertificateFactory cf = CertificateFactory.getInstance("X.509"); + + ByteArrayInputStream is; + + is = new ByteArrayInputStream(targetCertStr.getBytes()); + Certificate cert = cf.generateCertificate(is); + entries.add(cert); + + is = new ByteArrayInputStream(subCaCertStr.getBytes()); + cert = cf.generateCertificate(is); + entries.add(cert); + + is = new ByteArrayInputStream(selfSignedCertStr.getBytes()); + cert = cf.generateCertificate(is); + entries.add(cert); + + is = new ByteArrayInputStream(topCrlIssuerCertStr.getBytes()); + cert = cf.generateCertificate(is); + entries.add(cert); + + is = new ByteArrayInputStream(subCrlIssuerCertStr.getBytes()); + cert = cf.generateCertificate(is); + entries.add(cert); + + // generate CRL from CRL string + is = new ByteArrayInputStream(topCrlStr.getBytes()); + Collection mixes = cf.generateCRLs(is); + entries.addAll(mixes); + + is = new ByteArrayInputStream(subCrlStr.getBytes()); + mixes = cf.generateCRLs(is); + entries.addAll(mixes); + + return CertStore.getInstance("Collection", + new CollectionCertStoreParameters(entries)); + } + + private static X509CertSelector generateSelector(String name) + throws Exception { + X509CertSelector selector = new X509CertSelector(); + + // generate certificate from certificate string + CertificateFactory cf = CertificateFactory.getInstance("X.509"); + ByteArrayInputStream is = null; + if (name.equals("subca")) { + is = new ByteArrayInputStream(subCaCertStr.getBytes()); + } else if (name.equals("subci")) { + is = new ByteArrayInputStream(subCrlIssuerCertStr.getBytes()); + } else { + is = new ByteArrayInputStream(targetCertStr.getBytes()); + } + + X509Certificate target = (X509Certificate)cf.generateCertificate(is); + byte[] extVal = target.getExtensionValue("2.5.29.14"); + if (extVal != null) { + DerInputStream in = new DerInputStream(extVal); + byte[] subjectKID = in.getOctetString(); + selector.setSubjectKeyIdentifier(subjectKID); + } else { + // unlikely to happen. + throw new Exception("unexpected certificate: no SKID extension"); + } + + return selector; + } + + private static boolean match(String name, Certificate cert) + throws Exception { + X509CertSelector selector = new X509CertSelector(); + + // generate certificate from certificate string + CertificateFactory cf = CertificateFactory.getInstance("X.509"); + ByteArrayInputStream is = null; + if (name.equals("subca")) { + is = new ByteArrayInputStream(subCaCertStr.getBytes()); + } else if (name.equals("subci")) { + is = new ByteArrayInputStream(subCrlIssuerCertStr.getBytes()); + } else { + is = new ByteArrayInputStream(targetCertStr.getBytes()); + } + X509Certificate target = (X509Certificate)cf.generateCertificate(is); + + return target.equals(cert); + } + + + public static void main(String[] args) throws Exception { + CertPathBuilder builder = CertPathBuilder.getInstance("PKIX"); + + X509CertSelector selector = generateSelector(args[0]); + + Set anchors = generateTrustAnchors(); + CertStore certs = generateCertificateStore(); + + + PKIXBuilderParameters params = + new PKIXBuilderParameters(anchors, selector); + params.addCertStore(certs); + params.setRevocationEnabled(true); + params.setDate(new Date(109, 7, 1)); // 2009-07-01 + Security.setProperty("ocsp.enable", "false"); + System.setProperty("com.sun.security.enableCRLDP", "true"); + + PKIXCertPathBuilderResult result = + (PKIXCertPathBuilderResult)builder.build(params); + + if (!match(args[0], result.getCertPath().getCertificates().get(0))) { + throw new Exception("unexpected certificate"); + } + } +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/java/security/cert/CertPathBuilder/selfIssued/generate.sh --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/security/cert/CertPathBuilder/selfIssued/generate.sh Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,221 @@ +# +# Copyright 2009 Sun Microsystems, Inc. All Rights Reserved. +# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +# +# This code is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License version 2 only, as +# published by the Free Software Foundation. Sun designates this +# particular file as subject to the "Classpath" exception as provided +# by Sun in the LICENSE file that accompanied this code. +# +# This code is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +# version 2 for more details (a copy is included in the LICENSE file that +# accompanied this code). +# +# You should have received a copy of the GNU General Public License version +# 2 along with this work; if not, write to the Free Software Foundation, +# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, +# CA 95054 USA or visit www.sun.com if you need additional information or +# have any questions. +# + +#!/bin/ksh +# +# needs ksh to run the script. + +# generate a self-signed root certificate +if [ ! -f root/root_cert.pem ]; then + if [ ! -d root ]; then + mkdir root + fi + + openssl req -x509 -newkey rsa:1024 -keyout root/root_key.pem \ + -out root/root_cert.pem -subj "/C=US/O=Example" \ + -config openssl.cnf -reqexts cert_issuer -days 7650 \ + -passin pass:passphrase -passout pass:passphrase +fi + +# generate a sele-issued root crl issuer certificate +if [ ! -f root/top_crlissuer_cert.pem ]; then + if [ ! -d root ]; then + mkdir root + fi + + openssl req -newkey rsa:1024 -keyout root/top_crlissuer_key.pem \ + -out root/top_crlissuer_req.pem -subj "/C=US/O=Example" -days 7650 \ + -passin pass:passphrase -passout pass:passphrase + + openssl x509 -req -in root/top_crlissuer_req.pem -extfile openssl.cnf \ + -extensions crl_issuer -CA root/root_cert.pem \ + -CAkey root/root_key.pem -out root/top_crlissuer_cert.pem \ + -CAcreateserial -CAserial root/root_cert.srl -days 7200 \ + -passin pass:passphrase +fi + +# generate subca cert issuer and crl iuuser certificates +if [ ! -f subca/subca_cert.pem ]; then + if [ ! -d subca ]; then + mkdir subca + fi + + openssl req -newkey rsa:1024 -keyout subca/subca_key.pem \ + -out subca/subca_req.pem -subj "/C=US/O=Example/OU=Class-1" \ + -days 7650 -passin pass:passphrase -passout pass:passphrase + + openssl x509 -req -in subca/subca_req.pem -extfile openssl.cnf \ + -extensions cert_issuer -CA root/root_cert.pem \ + -CAkey root/root_key.pem -out subca/subca_cert.pem -CAcreateserial \ + -CAserial root/root_cert.srl -days 7200 -passin pass:passphrase + + openssl req -newkey rsa:1024 -keyout subca/subca_crlissuer_key.pem \ + -out subca/subca_crlissuer_req.pem -subj "/C=US/O=Example/OU=Class-1" \ + -days 7650 -passin pass:passphrase -passout pass:passphrase + + openssl x509 -req -in subca/subca_crlissuer_req.pem -extfile openssl.cnf \ + -extensions crl_issuer -CA root/root_cert.pem \ + -CAkey root/root_key.pem -out subca/subca_crlissuer_cert.pem \ + -CAcreateserial -CAserial root/root_cert.srl -days 7200 \ + -passin pass:passphrase +fi + +# generate dumca cert issuer and crl iuuser certificates +if [ ! -f dumca/dumca_cert.pem ]; then + if [ ! -d sumca ]; then + mkdir dumca + fi + + openssl req -newkey rsa:1024 -keyout dumca/dumca_key.pem \ + -out dumca/dumca_req.pem -subj "/C=US/O=Example/OU=Class-D" \ + -days 7650 -passin pass:passphrase -passout pass:passphrase + + openssl x509 -req -in dumca/dumca_req.pem -extfile openssl.cnf \ + -extensions cert_issuer -CA root/root_cert.pem \ + -CAkey root/root_key.pem -out dumca/dumca_cert.pem \ + -CAcreateserial -CAserial root/root_cert.srl -days 7200 \ + -passin pass:passphrase + + openssl req -newkey rsa:1024 -keyout dumca/dumca_crlissuer_key.pem \ + -out dumca/dumca_crlissuer_req.pem -subj "/C=US/O=Example/OU=Class-D" \ + -days 7650 -passin pass:passphrase -passout pass:passphrase + + openssl x509 -req -in dumca/dumca_crlissuer_req.pem \ + -extfile openssl.cnf -extensions crl_issuer -CA root/root_cert.pem \ + -CAkey root/root_key.pem -out dumca/dumca_crlissuer_cert.pem \ + -CAcreateserial -CAserial root/root_cert.srl -days 7200 \ + -passin pass:passphrase +fi + +# generate certifiacte for Alice +if [ ! -f subca/alice/alice_cert.pem ]; then + if [ ! -d subca/alice ]; then + mkdir -p subca/alice + fi + + openssl req -newkey rsa:1024 -keyout subca/alice/alice_key.pem \ + -out subca/alice/alice_req.pem \ + -subj "/C=US/O=Example/OU=Class-1/CN=Alice" -days 7650 \ + -passin pass:passphrase -passout pass:passphrase + + openssl x509 -req -in subca/alice/alice_req.pem \ + -extfile openssl.cnf -extensions ee_of_subca \ + -CA subca/subca_cert.pem -CAkey subca/subca_key.pem \ + -out subca/alice/alice_cert.pem -CAcreateserial \ + -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase +fi + +# generate certifiacte for Bob +if [ ! -f subca/bob/bob_cert.pem ]; then + if [ ! -d subca/bob ]; then + mkdir -p subca/bob + fi + + openssl req -newkey rsa:1024 -keyout subca/bob/bob_key.pem \ + -out subca/bob/bob_req.pem \ + -subj "/C=US/O=Example/OU=Class-1/CN=Bob" -days 7650 \ + -passin pass:passphrase -passout pass:passphrase + + openssl x509 -req -in subca/bob/bob_req.pem \ + -extfile openssl.cnf -extensions ee_of_subca \ + -CA subca/subca_cert.pem -CAkey subca/subca_key.pem \ + -out subca/bob/bob_cert.pem -CAcreateserial \ + -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase +fi + +# generate certifiacte for Susan +if [ ! -f subca/susan/susan_cert.pem ]; then + if [ ! -d subca/susan ]; then + mkdir -p subca/susan + fi + + openssl req -newkey rsa:1024 -keyout subca/susan/susan_key.pem \ + -out subca/susan/susan_req.pem \ + -subj "/C=US/O=Example/OU=Class-1/CN=Susan" -days 7650 \ + -passin pass:passphrase -passout pass:passphrase + + openssl x509 -req -in subca/susan/susan_req.pem -extfile openssl.cnf \ + -extensions ee_of_subca -CA subca/subca_cert.pem \ + -CAkey subca/subca_key.pem -out subca/susan/susan_cert.pem \ + -CAcreateserial -CAserial subca/subca_cert.srl -days 7200 \ + -passin pass:passphrase +fi + + +# generate the top CRL +if [ ! -f root/top_crl.pem ]; then + if [ ! -d root ]; then + mkdir root + fi + + if [ ! -f root/index.txt ]; then + touch root/index.txt + echo 00 > root/crlnumber + fi + + openssl ca -gencrl -config openssl.cnf -name ca_top -crldays 7000 \ + -crl_reason superseded -keyfile root/top_crlissuer_key.pem \ + -cert root/top_crlissuer_cert.pem -out root/top_crl.pem \ + -passin pass:passphrase +fi + +# revoke dumca +openssl ca -revoke dumca/dumca_cert.pem -config openssl.cnf \ + -name ca_top -crl_reason superseded \ + -keyfile root/top_crlissuer_key.pem -cert root/top_crlissuer_cert.pem \ + -passin pass:passphrase + +openssl ca -gencrl -config openssl.cnf -name ca_top -crldays 7000 \ + -crl_reason superseded -keyfile root/top_crlissuer_key.pem \ + -cert root/top_crlissuer_cert.pem -out root/top_crl.pem \ + -passin pass:passphrase + +# revoke for subca +if [ ! -f subca/subca_crl.pem ]; then + if [ ! -d subca ]; then + mkdir subca + fi + + if [ ! -f subca/index.txt ]; then + touch subca/index.txt + echo 00 > subca/crlnumber + fi + + openssl ca -gencrl -config openssl.cnf -name ca_subca -crldays 7000 \ + -crl_reason superseded -keyfile subca/subca_crlissuer_key.pem \ + -cert subca/subca_crlissuer_cert.pem -out subca/subca_crl.pem \ + -passin pass:passphrase +fi + +# revoke susan +openssl ca -revoke subca/susan/susan_cert.pem -config openssl.cnf \ + -name ca_subca -crl_reason superseded \ + -keyfile subca/subca_crlissuer_key.pem \ + -cert subca/subca_crlissuer_cert.pem -passin pass:passphrase + +openssl ca -gencrl -config openssl.cnf -name ca_subca -crldays 7000 \ + -crl_reason superseded -keyfile subca/subca_crlissuer_key.pem \ + -cert subca/subca_crlissuer_cert.pem -out subca/subca_crl.pem \ + -passin pass:passphrase diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/java/security/cert/CertPathBuilder/selfIssued/openssl.cnf --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/security/cert/CertPathBuilder/selfIssued/openssl.cnf Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,205 @@ +# +# Copyright 2009 Sun Microsystems, Inc. All Rights Reserved. +# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +# +# This code is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License version 2 only, as +# published by the Free Software Foundation. Sun designates this +# particular file as subject to the "Classpath" exception as provided +# by Sun in the LICENSE file that accompanied this code. +# +# This code is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +# version 2 for more details (a copy is included in the LICENSE file that +# accompanied this code). +# +# You should have received a copy of the GNU General Public License version +# 2 along with this work; if not, write to the Free Software Foundation, +# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, +# CA 95054 USA or visit www.sun.com if you need additional information or +# have any questions. +# + +# +# OpenSSL configuration file. +# + +HOME = . +RANDFILE = $ENV::HOME/.rnd + +[ ca ] +default_ca = CA_default + +[ CA_default ] +dir = ./top +certs = $dir/certs +crl_dir = $dir/crl +database = $dir/index.txt +unique_subject = no +new_certs_dir = $dir/newcerts +certificate = $dir/cacert.pem +serial = $dir/serial +crlnumber = $dir/crlnumber +crl = $dir/crl.pem +private_key = $dir/private/cakey.pem +RANDFILE = $dir/private/.rand +x509_extensions = v3_ca + +name_opt = ca_default +cert_opt = ca_default + +default_days = 7650 +default_crl_days = 30 +default_md = sha1 +preserve = no + +policy = policy_anything + +[ ca_top ] +dir = ./root +certs = $dir/certs +crl_dir = $dir/crl +database = $dir/index.txt +unique_subject = no +new_certs_dir = $dir/newcerts +certificate = $dir/cacert.pem +serial = $dir/serial +crlnumber = $dir/crlnumber +crl = $dir/crl.pem +private_key = $dir/private/cakey.pem +RANDFILE = $dir/private/.rand + +x509_extensions = v3_ca + +name_opt = ca_default +cert_opt = ca_default + +default_days = 7650 +default_crl_days = 30 +default_md = sha1 +preserve = no + +policy = policy_anything + +[ ca_subca ] +dir = ./subca +certs = $dir/certs +crl_dir = $dir/crl +database = $dir/index.txt +unique_subject = no +new_certs_dir = $dir/newcerts + +certificate = $dir/cacert.pem +serial = $dir/serial +crlnumber = $dir/crlnumber +crl = $dir/crl.pem +private_key = $dir/private/cakey.pem +RANDFILE = $dir/private/.rand + +x509_extensions = usr_cert + +name_opt = ca_default +cert_opt = ca_default + +default_days = 7650 +default_crl_days = 30 +default_md = sha1 +preserve = no + +policy = policy_anything + +[ policy_match ] +countryName = match +stateOrProvinceName = match +organizationName = match +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +[ policy_anything ] +countryName = optional +stateOrProvinceName = optional +localityName = optional +organizationName = optional +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +[ req ] +default_bits = 1024 +default_keyfile = privkey.pem +distinguished_name = req_distinguished_name +attributes = req_attributes +x509_extensions = v3_ca + +string_mask = nombstr + +[ req_distinguished_name ] +countryName = Country Name (2 letter code) +countryName_default = NO +countryName_min = 2 +countryName_max = 2 + +stateOrProvinceName = State or Province Name (full name) +stateOrProvinceName_default = A-State + +localityName = Locality Name (eg, city) + +0.organizationName = Organization Name (eg, company) +0.organizationName_default = Internet Widgits Pty Ltd + +organizationalUnitName = Organizational Unit Name (eg, section) + +commonName = Common Name (eg, YOUR name) +commonName_max = 64 + +emailAddress = Email Address +emailAddress_max = 64 + +[ req_attributes ] +challengePassword = A challenge password +challengePassword_min = 4 +challengePassword_max = 20 +unstructuredName = An optional company name + +[ usr_cert ] +keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid,issuer + +[ v3_req ] +basicConstraints = CA:FALSE +keyUsage = nonRepudiation, digitalSignature, keyEncipherment +subjectAltName = email:example@openjdk.net, RID:1.2.3.4:true + +[ v3_ca ] +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid:always,issuer:always +basicConstraints = critical,CA:true +keyUsage = keyCertSign, cRLSign + +[ cert_issuer ] +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid:always,issuer:always +basicConstraints = critical,CA:true +keyUsage = keyCertSign, cRLSign + +[ crl_issuer ] +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid:always,issuer:always +basicConstraints = critical,CA:true +keyUsage = keyCertSign, cRLSign + + +[ crl_ext ] +authorityKeyIdentifier = keyid:always,issuer:always + +[ ee_of_subca ] +keyUsage = nonRepudiation, digitalSignature, keyEncipherment, keyAgreement + +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid,issuer diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/sun/security/krb5/ConfPlusProp.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/sun/security/krb5/ConfPlusProp.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,94 @@ +/* + * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, + * CA 95054 USA or visit www.sun.com if you need additional information or + * have any questions. + */ +/* + * @test + * @bug 6857795 + * @summary krb5.conf ignored if system properties on realm and kdc are provided + */ + +import sun.security.krb5.Config; +import sun.security.krb5.KrbException; + +public class ConfPlusProp { + public static void main(String[] args) throws Exception { + System.setProperty("java.security.krb5.realm", "R2"); + System.setProperty("java.security.krb5.kdc", "k2"); + + // Point to a file with existing default_realm + System.setProperty("java.security.krb5.conf", + System.getProperty("test.src", ".") +"/confplusprop.conf"); + Config config = Config.getInstance(); + + if (!config.getDefaultRealm().equals("R2")) { + throw new Exception("Default realm error"); + } + if (!config.getKDCList("R1").equals("k1")) { + throw new Exception("R1 kdc error"); + } + if (!config.getKDCList("R2").equals("k2")) { + throw new Exception("R2 kdc error"); + } + if (!config.getDefault("forwardable", "libdefaults").equals("well")) { + throw new Exception("Extra config error"); + } + + // Point to a file with no libdefaults + System.setProperty("java.security.krb5.conf", + System.getProperty("test.src", ".") +"/confplusprop2.conf"); + Config.refresh(); + + config = Config.getInstance(); + + if (!config.getDefaultRealm().equals("R2")) { + throw new Exception("Default realm error again"); + } + if (!config.getKDCList("R1").equals("k12")) { + throw new Exception("R1 kdc error"); + } + if (!config.getKDCList("R2").equals("k2")) { + throw new Exception("R2 kdc error"); + } + + // Point to a non-existing file + System.setProperty("java.security.krb5.conf", "i-am-not-a file"); + Config.refresh(); + + config = Config.getInstance(); + + if (!config.getDefaultRealm().equals("R2")) { + throw new Exception("Default realm error"); + } + try { + config.getKDCList("R1"); + throw new Exception("R1 is nowhere"); + } catch (KrbException ke) { + // OK + } + if (!config.getKDCList("R2").equals("k2")) { + throw new Exception("R2 kdc error"); + } + if (config.getDefault("forwardable", "libdefaults") != null) { + throw new Exception("Extra config error"); + } + } +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/sun/security/krb5/auto/LifeTimeInSeconds.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/sun/security/krb5/auto/LifeTimeInSeconds.java Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,50 @@ +/* + * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, + * CA 95054 USA or visit www.sun.com if you need additional information or + * have any questions. + */ + +/* + * @test + * @bug 6857802 + * @summary GSS getRemainingInitLifetime method returns milliseconds not seconds + */ +import org.ietf.jgss.GSSCredential; +import org.ietf.jgss.GSSManager; + +public class LifeTimeInSeconds { + public static void main(String[] args) throws Exception { + new OneKDC(null).writeJAASConf(); + System.setProperty("javax.security.auth.useSubjectCredsOnly", "false"); + + GSSManager gm = GSSManager.getInstance(); + GSSCredential cred = gm.createCredential(GSSCredential.INITIATE_AND_ACCEPT); + int time = cred.getRemainingLifetime(); + int time2 = cred.getRemainingInitLifetime(null); + // The test KDC issues a TGT with a default lifetime of 11 hours + int elevenhrs = 11*3600; + if (time > elevenhrs+60 || time < elevenhrs-60) { + throw new Exception("getRemainingLifetime returns wrong value."); + } + if (time2 > elevenhrs+60 || time2 < elevenhrs-60) { + throw new Exception("getRemainingInitLifetime returns wrong value."); + } + } +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/sun/security/krb5/confplusprop.conf --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/sun/security/krb5/confplusprop.conf Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,11 @@ +[libdefaults] +default_realm = R1 +forwardable = well + +[realms] +R1 = { + kdc = k1 +} +R2 = { + kdc = old +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/sun/security/krb5/confplusprop2.conf --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/sun/security/krb5/confplusprop2.conf Wed Jul 05 16:56:52 2017 +0200 @@ -0,0 +1,7 @@ +[realms] +R1 = { + kdc = k12 +} +R2 = { + kdc = old +} diff -r ec9f33978e19 -r 8d087823b8b7 jdk/test/tools/jar/index/MetaInf.java --- a/jdk/test/tools/jar/index/MetaInf.java Thu Jul 16 10:53:05 2009 -0700 +++ b/jdk/test/tools/jar/index/MetaInf.java Wed Jul 05 16:56:52 2017 +0200 @@ -23,13 +23,15 @@ /* * @test - * @bug 4408526 + * @bug 4408526 6854795 * @summary Index the non-meta files in META-INF, such as META-INF/services. */ import java.io.*; +import java.util.Arrays; import java.util.jar.*; import sun.tools.jar.Main; +import java.util.zip.ZipFile; public class MetaInf { @@ -39,29 +41,51 @@ static String contents = System.getProperty("test.src") + File.separatorChar + "jarcontents"; - // Options passed to "jar" command. - static String[] jarArgs1 = new String[] { - "cf", jarName, "-C", contents, SERVICES - }; - static String[] jarArgs2 = new String[] { - "i", jarName - }; + static void run(String ... args) { + if (! new Main(System.out, System.err, "jar").run(args)) + throw new Error("jar failed: args=" + Arrays.toString(args)); + } - public static void main(String[] args) throws IOException { + static void copy(File from, File to) throws IOException { + FileInputStream in = new FileInputStream(from); + FileOutputStream out = new FileOutputStream(to); + try { + byte[] buf = new byte[8192]; + int n; + while ((n = in.read(buf)) != -1) + out.write(buf, 0, n); + } finally { + in.close(); + out.close(); + } + } + + static boolean contains(File jarFile, String entryName) + throws IOException { + return new ZipFile(jarFile).getEntry(entryName) != null; + } + + static void checkContains(File jarFile, String entryName) + throws IOException { + if (! contains(jarFile, entryName)) + throw new Error(String.format("expected jar %s to contain %s", + jarFile, entryName)); + } + + static void testIndex(String jarName) throws IOException { + System.err.printf("jarName=%s%n", jarName); + + File jar = new File(jarName); // Create a jar to be indexed. - Main jarTool = new Main(System.out, System.err, "jar"); - if (!jarTool.run(jarArgs1)) { - throw new Error("Could not create jar file."); + run("cf", jarName, "-C", contents, SERVICES); + + for (int i = 0; i < 2; i++) { + run("i", jarName); + checkContains(jar, INDEX); + checkContains(jar, SERVICES); } - // Index the jar. - jarTool = new Main(System.out, System.err, "jar"); - if (!jarTool.run(jarArgs2)) { - throw new Error("Could not index jar file."); - } - - // Read the index. Verify that META-INF/services is indexed. JarFile f = new JarFile(jarName); BufferedReader index = new BufferedReader( @@ -75,4 +99,17 @@ } throw new Error(SERVICES + " not indexed."); } + + public static void main(String[] args) throws IOException { + testIndex("a.jar"); // a path with parent == null + testIndex("./a.zip"); // a path with parent != null + + // Try indexing a jar in the default temp directory. + File tmpFile = File.createTempFile("MetaInf", null, null); + try { + testIndex(tmpFile.getPath()); + } finally { + tmpFile.delete(); + } + } }