--- a/jdk/README Thu Mar 16 16:45:04 2017 +0300
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,27 +0,0 @@
-README:
- This file should be located at the top of the jdk Mercurial repository.
-
- See http://openjdk.java.net/ for more information about the OpenJDK.
-
-Simple Build Instructions:
-
- 1. Download and install a JDK 6 from
- http://java.sun.com/javase/downloads/index.jsp
- Set the environment variable ALT_BOOTDIR to the location of this JDK 6.
-
- 2. Either download and install the latest JDK7 from
- http://download.java.net/openjdk/jdk7/, or build your own complete
- OpenJDK7 by using the top level Makefile in the OpenJDK Mercurial forest.
- Set the environment variable ALT_JDK_IMPORT_PATH to the location of
- this latest JDK7 or OpenJDK7 build.
-
- 3. Check the sanity of doing a build with the current machine:
- cd make && gnumake sanity
- See README-builds.html if you run into problems.
-
- 4. Do a partial build of the jdk:
- cd make && gnumake all
-
- 5. Construct the images:
- cd make && gnumake images
- The resulting JDK image should be found in build/*/j2sdk-image
--- a/jdk/make/copy/Copy-java.base.gmk Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/make/copy/Copy-java.base.gmk Thu Mar 16 09:51:15 2017 -0700
@@ -235,8 +235,10 @@
# JDK license and assembly exception files to be packaged in JMOD
-JDK_LICENSE ?= $(TOPDIR)/LICENSE
-JDK_NOTICE ?= $(TOPDIR)/ASSEMBLY_EXCEPTION
+# The license files may not be present if the source has been obtained using a
+# different license.
+JDK_LICENSE ?= $(wildcard $(TOPDIR)/LICENSE)
+JDK_NOTICE ?= $(wildcard $(TOPDIR)/ASSEMBLY_EXCEPTION)
$(eval $(call SetupCopyFiles, COPY_JDK_NOTICES, \
FILES := $(JDK_LICENSE) $(JDK_NOTICE), \
@@ -245,4 +247,3 @@
))
TARGETS += $(COPY_JDK_NOTICES)
-
--- a/jdk/make/rmic/RmicCommon.gmk Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/make/rmic/RmicCommon.gmk Thu Mar 16 09:51:15 2017 -0700
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2011, 2016, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2011, 2017, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
@@ -29,7 +29,7 @@
include MakeBase.gmk
include RMICompilation.gmk
-##########################################################################################
+################################################################################
ifeq ($(BOOT_JDK_MODULAR), true)
RMIC_MAIN_CLASS := -m jdk.rmic/sun.rmi.rmic.Main
@@ -37,12 +37,13 @@
RMIC_MAIN_CLASS := sun.rmi.rmic.Main
endif
-RMIC := $(JAVA_SMALL) $(INTERIM_OVERRIDE_MODULES_ARGS) $(RMIC_MAIN_CLASS)
+RMIC := $(JAVA_SMALL) $(INTERIM_RMIC_OVERRIDE_MODULES_ARGS) $(RMIC_MAIN_CLASS)
CLASSES_DIR := $(JDK_OUTPUTDIR)/modules
-# NOTE: If the smart javac dependency management is reintroduced, these classes risk
-# interfering with the dependency checking. In that case they will need to be kept separate.
+# NOTE: If the smart javac dependency management is reintroduced, these classes
+# risk interfering with the dependency checking. In that case they will need to
+# be kept separate.
STUB_CLASSES_DIR := $(JDK_OUTPUTDIR)/modules
RMIC_GENSRC_DIR := $(SUPPORT_OUTPUTDIR)/rmic
-##########################################################################################
+################################################################################
--- a/jdk/src/java.base/share/classes/java/io/ObjectInputFilter.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/io/ObjectInputFilter.java Thu Mar 16 09:51:15 2017 -0700
@@ -104,7 +104,6 @@
* @return {@link Status#ALLOWED Status.ALLOWED} if accepted,
* {@link Status#REJECTED Status.REJECTED} if rejected,
* {@link Status#UNDECIDED Status.UNDECIDED} if undecided.
- * @since 9
*/
Status checkInput(FilterInfo filterInfo);
--- a/jdk/src/java.base/share/classes/java/io/ObjectInputStream.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/io/ObjectInputStream.java Thu Mar 16 09:51:15 2017 -0700
@@ -812,23 +812,24 @@
}
/**
- * Enable the stream to allow objects read from the stream to be replaced.
- * When enabled, the resolveObject method is called for every object being
+ * Enables the stream to do replacement of objects read from the stream. When
+ * enabled, the {@link #resolveObject} method is called for every object being
* deserialized.
*
- * <p>If <i>enable</i> is true, and there is a security manager installed,
+ * <p>If object replacement is currently not enabled, and
+ * {@code enable} is true, and there is a security manager installed,
* this method first calls the security manager's
- * <code>checkPermission</code> method with the
- * <code>SerializablePermission("enableSubstitution")</code> permission to
- * ensure it's ok to enable the stream to allow objects read from the
- * stream to be replaced.
+ * {@code checkPermission} method with the
+ * {@code SerializablePermission("enableSubstitution")} permission to
+ * ensure that the caller is permitted to enable the stream to do replacement
+ * of objects read from the stream.
*
- * @param enable true for enabling use of <code>resolveObject</code> for
+ * @param enable true for enabling use of {@code resolveObject} for
* every object being deserialized
* @return the previous setting before this method was invoked
* @throws SecurityException if a security manager exists and its
- * <code>checkPermission</code> method denies enabling the stream
- * to allow objects read from the stream to be replaced.
+ * {@code checkPermission} method denies enabling the stream
+ * to do replacement of objects read from the stream.
* @see SecurityManager#checkPermission
* @see java.io.SerializablePermission
*/
--- a/jdk/src/java.base/share/classes/java/io/ObjectOutputStream.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/io/ObjectOutputStream.java Thu Mar 16 09:51:15 2017 -0700
@@ -589,22 +589,24 @@
}
/**
- * Enable the stream to do replacement of objects in the stream. When
- * enabled, the replaceObject method is called for every object being
+ * Enables the stream to do replacement of objects written to the stream. When
+ * enabled, the {@link #replaceObject} method is called for every object being
* serialized.
*
- * <p>If <code>enable</code> is true, and there is a security manager
- * installed, this method first calls the security manager's
- * <code>checkPermission</code> method with a
- * <code>SerializablePermission("enableSubstitution")</code> permission to
- * ensure it's ok to enable the stream to do replacement of objects in the
- * stream.
+ * <p>If object replacement is currently not enabled, and
+ * {@code enable} is true, and there is a security manager installed,
+ * this method first calls the security manager's
+ * {@code checkPermission} method with the
+ * {@code SerializablePermission("enableSubstitution")} permission to
+ * ensure that the caller is permitted to enable the stream to do replacement
+ * of objects written to the stream.
*
- * @param enable boolean parameter to enable replacement of objects
+ * @param enable true for enabling use of {@code replaceObject} for
+ * every object being serialized
* @return the previous setting before this method was invoked
* @throws SecurityException if a security manager exists and its
- * <code>checkPermission</code> method denies enabling the stream
- * to do replacement of objects in the stream.
+ * {@code checkPermission} method denies enabling the stream
+ * to do replacement of objects written to the stream.
* @see SecurityManager#checkPermission
* @see java.io.SerializablePermission
*/
--- a/jdk/src/java.base/share/classes/java/lang/LiveStackFrame.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/lang/LiveStackFrame.java Thu Mar 16 09:51:15 2017 -0700
@@ -169,7 +169,7 @@
* it denies access to {@code RuntimePermission("liveStackFrames")}; or
* or if the given {@code options} contains
* {@link StackWalker.Option#RETAIN_CLASS_REFERENCE Option.RETAIN_CLASS_REFERENCE}
- * and it denies access to {@code StackFramePermission("retainClassReference")}.
+ * and it denies access to {@code RuntimePermission("getStackWalkerWithClassReference")}.
*/
public static StackWalker getStackWalker(Set<StackWalker.Option> options) {
SecurityManager sm = System.getSecurityManager();
--- a/jdk/src/java.base/share/classes/java/lang/Math.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/lang/Math.java Thu Mar 16 09:51:15 2017 -0700
@@ -1079,6 +1079,7 @@
* @param x the first value
* @param y the second value
* @return the result
+ * @since 9
*/
public static long multiplyFull(int x, int y) {
return (long)x * (long)y;
@@ -1091,6 +1092,7 @@
* @param x the first value
* @param y the second value
* @return the result
+ * @since 9
*/
public static long multiplyHigh(long x, long y) {
if (x < 0 || y < 0) {
--- a/jdk/src/java.base/share/classes/java/lang/ProcessBuilder.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/lang/ProcessBuilder.java Thu Mar 16 09:51:15 2017 -0700
@@ -1251,6 +1251,7 @@
* If the operating system does not support the creation of processes
*
* @throws IOException if an I/O error occurs
+ * @since 9
*/
public static List<Process> startPipeline(List<ProcessBuilder> builders) throws IOException {
// Accumulate and check the builders
--- a/jdk/src/java.base/share/classes/java/lang/Runtime.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/lang/Runtime.java Thu Mar 16 09:51:15 2017 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1995, 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1995, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -955,7 +955,7 @@
*
* <p> A <em>version number</em>, {@code $VNUM}, is a non-empty sequence
* of elements separated by period characters (U+002E). An element is
- * either zero, or a unsigned integer numeral without leading zeros. The
+ * either zero, or an unsigned integer numeral without leading zeros. The
* final element in a version number must not be zero. The format is:
* </p>
*
@@ -1053,8 +1053,8 @@
*
* </ul>
*
- * <p> A version number {@code 10-ea} matches {@code $VNUM = "10"} and
- * {@code $PRE = "ea"}. The version number {@code 10+-ea} matches
+ * <p> A version string {@code 10-ea} matches {@code $VNUM = "10"} and
+ * {@code $PRE = "ea"}. The version string {@code 10+-ea} matches
* {@code $VNUM = "10"} and {@code $OPT = "ea"}. </p>
*
* <p> When comparing two version strings, the value of {@code $OPT}, if
@@ -1247,7 +1247,7 @@
* Compares this version to another.
*
* <p> Each of the components in the <a href="#verStr">version</a> is
- * compared in the follow order of precedence: version numbers,
+ * compared in the following order of precedence: version numbers,
* pre-release identifiers, build numbers, optional build information.
* </p>
*
@@ -1375,9 +1375,9 @@
if (oBuild.isPresent()) {
return (build.isPresent()
? build.get().compareTo(oBuild.get())
- : 1);
+ : -1);
} else if (build.isPresent()) {
- return -1;
+ return 1;
}
return 0;
}
@@ -1461,7 +1461,7 @@
*
* @return {@code true} if, and only if, the given object is a {@code
* Version} that is identical to this {@code Version}
- * ignoring the optinal build information
+ * ignoring the optional build information
*
*/
public boolean equalsIgnoreOptional(Object ob) {
--- a/jdk/src/java.base/share/classes/java/lang/RuntimePermission.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/lang/RuntimePermission.java Thu Mar 16 09:51:15 2017 -0700
@@ -298,6 +298,14 @@
* </tr>
*
* <tr>
+ * <td>getStackWalkerWithClassReference</td>
+ * <td>Get a stack walker that can retrieve stack frames with class reference.</td>
+ * <td>This allows retrieval of Class objects from stack walking.
+ * This might allow malicious code to access Class objects on the stack
+ * outside its own context.</td>
+ * </tr>
+ *
+ * <tr>
* <td>setDefaultUncaughtExceptionHandler</td>
* <td>Setting the default handler to be used when a thread
* terminates abruptly due to an uncaught exception</td>
--- a/jdk/src/java.base/share/classes/java/lang/StackFramePermission.java Thu Mar 16 16:45:04 2017 +0300
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,50 +0,0 @@
-/*
- * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation. Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-package java.lang;
-
-/**
- * Permission to access {@link StackWalker.StackFrame}.
- *
- * @see java.lang.StackWalker.Option#RETAIN_CLASS_REFERENCE
- * @see StackWalker.StackFrame#getDeclaringClass()
- */
-public class StackFramePermission extends java.security.BasicPermission {
- private static final long serialVersionUID = 2841894854386706014L;
-
- /**
- * Creates a new {@code StackFramePermission} object.
- *
- * @param name Permission name. Must be "retainClassReference".
- *
- * @throws IllegalArgumentException if {@code name} is invalid.
- * @throws NullPointerException if {@code name} is {@code null}.
- */
- public StackFramePermission(String name) {
- super(name);
- if (!name.equals("retainClassReference")) {
- throw new IllegalArgumentException("name: " + name);
- }
- }
-}
--- a/jdk/src/java.base/share/classes/java/lang/StackWalker.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/lang/StackWalker.java Thu Mar 16 09:51:15 2017 -0700
@@ -279,7 +279,7 @@
* If a security manager is present and the given {@code option} is
* {@link Option#RETAIN_CLASS_REFERENCE Option.RETAIN_CLASS_REFERENCE},
* it calls its {@link SecurityManager#checkPermission checkPermission}
- * method for {@code StackFramePermission("retainClassReference")}.
+ * method for {@code RuntimePermission("getStackWalkerWithClassReference")}.
*
* @param option {@link Option stack walking option}
*
@@ -303,7 +303,7 @@
* If a security manager is present and the given {@code options} contains
* {@link Option#RETAIN_CLASS_REFERENCE Option.RETAIN_CLASS_REFERENCE},
* it calls its {@link SecurityManager#checkPermission checkPermission}
- * method for {@code StackFramePermission("retainClassReference")}.
+ * method for {@code RuntimePermission("getStackWalkerWithClassReference")}.
*
* @param options {@link Option stack walking option}
*
@@ -333,7 +333,7 @@
* If a security manager is present and the given {@code options} contains
* {@link Option#RETAIN_CLASS_REFERENCE Option.RETAIN_CLASS_REFERENCE},
* it calls its {@link SecurityManager#checkPermission checkPermission}
- * method for {@code StackFramePermission("retainClassReference")}.
+ * method for {@code RuntimePermission("getStackWalkerWithClassReference")}.
*
* <p>
* The {@code estimateDepth} specifies the estimate number of stack frames
@@ -376,7 +376,7 @@
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
if (options.contains(Option.RETAIN_CLASS_REFERENCE)) {
- sm.checkPermission(new StackFramePermission("retainClassReference"));
+ sm.checkPermission(new RuntimePermission("getStackWalkerWithClassReference"));
}
}
}
--- a/jdk/src/java.base/share/classes/java/lang/invoke/CallSite.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/lang/invoke/CallSite.java Thu Mar 16 09:51:15 2017 -0700
@@ -82,6 +82,7 @@
}
}</pre></blockquote>
* @author John Rose, JSR 292 EG
+ * @since 1.7
*/
abstract
public class CallSite {
--- a/jdk/src/java.base/share/classes/java/lang/invoke/ConstantCallSite.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/lang/invoke/ConstantCallSite.java Thu Mar 16 09:51:15 2017 -0700
@@ -30,6 +30,7 @@
* An {@code invokedynamic} instruction linked to a {@code ConstantCallSite} is permanently
* bound to the call site's target.
* @author John Rose, JSR 292 EG
+ * @since 1.7
*/
public class ConstantCallSite extends CallSite {
private final boolean isFrozen;
--- a/jdk/src/java.base/share/classes/java/lang/invoke/LambdaConversionException.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/lang/invoke/LambdaConversionException.java Thu Mar 16 09:51:15 2017 -0700
@@ -27,6 +27,8 @@
/**
* LambdaConversionException
+ *
+ * @since 1.8
*/
public class LambdaConversionException extends Exception {
private static final long serialVersionUID = 292L + 8L;
--- a/jdk/src/java.base/share/classes/java/lang/invoke/LambdaMetafactory.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/lang/invoke/LambdaMetafactory.java Thu Mar 16 09:51:15 2017 -0700
@@ -211,6 +211,7 @@
* theory, any method handle could be used. Currently supported are direct method
* handles representing invocation of virtual, interface, constructor and static
* methods.
+ * @since 1.8
*/
public class LambdaMetafactory {
--- a/jdk/src/java.base/share/classes/java/lang/invoke/MethodHandle.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/lang/invoke/MethodHandle.java Thu Mar 16 09:51:15 2017 -0700
@@ -423,6 +423,7 @@
* @see MethodType
* @see MethodHandles
* @author John Rose, JSR 292 EG
+ * @since 1.7
*/
public abstract class MethodHandle {
--- a/jdk/src/java.base/share/classes/java/lang/invoke/MethodHandleProxies.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/lang/invoke/MethodHandleProxies.java Thu Mar 16 09:51:15 2017 -0700
@@ -38,6 +38,8 @@
/**
* This class consists exclusively of static methods that help adapt
* method handles to other JVM types, such as interfaces.
+ *
+ * @since 1.7
*/
public class MethodHandleProxies {
--- a/jdk/src/java.base/share/classes/java/lang/invoke/MethodType.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/lang/invoke/MethodType.java Thu Mar 16 09:51:15 2017 -0700
@@ -88,6 +88,7 @@
* (But the classes need not be initialized, as is the case with a {@code CONSTANT_Class}.)
* This loading may occur at any time before the {@code MethodType} object is first derived.
* @author John Rose, JSR 292 EG
+ * @since 1.7
*/
public final
class MethodType implements java.io.Serializable {
--- a/jdk/src/java.base/share/classes/java/lang/invoke/MutableCallSite.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/lang/invoke/MutableCallSite.java Thu Mar 16 09:51:15 2017 -0700
@@ -81,6 +81,7 @@
* For target values which will be frequently updated, consider using
* a {@linkplain VolatileCallSite volatile call site} instead.
* @author John Rose, JSR 292 EG
+ * @since 1.7
*/
public class MutableCallSite extends CallSite {
/**
--- a/jdk/src/java.base/share/classes/java/lang/invoke/SerializedLambda.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/lang/invoke/SerializedLambda.java Thu Mar 16 09:51:15 2017 -0700
@@ -54,6 +54,7 @@
* lambda actually captured by that class.
*
* @see LambdaMetafactory
+ * @since 1.8
*/
public final class SerializedLambda implements Serializable {
private static final long serialVersionUID = 8025925345765570181L;
--- a/jdk/src/java.base/share/classes/java/lang/invoke/SwitchPoint.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/lang/invoke/SwitchPoint.java Thu Mar 16 09:51:15 2017 -0700
@@ -108,6 +108,7 @@
* }
* }</pre>
* @author Remi Forax, JSR 292 EG
+ * @since 1.7
*/
public class SwitchPoint {
private static final MethodHandle
--- a/jdk/src/java.base/share/classes/java/lang/invoke/VolatileCallSite.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/lang/invoke/VolatileCallSite.java Thu Mar 16 09:51:15 2017 -0700
@@ -40,6 +40,7 @@
* with {@code MutableCallSite}.
* @see MutableCallSite
* @author John Rose, JSR 292 EG
+ * @since 1.7
*/
public class VolatileCallSite extends CallSite {
/**
--- a/jdk/src/java.base/share/classes/java/nio/file/ClosedFileSystemException.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/nio/file/ClosedFileSystemException.java Thu Mar 16 09:51:15 2017 -0700
@@ -28,6 +28,8 @@
/**
* Unchecked exception thrown when an attempt is made to invoke an operation on
* a file and the file system is closed.
+ *
+ * @since 1.7
*/
public class ClosedFileSystemException
--- a/jdk/src/java.base/share/classes/java/nio/file/ClosedWatchServiceException.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/nio/file/ClosedWatchServiceException.java Thu Mar 16 09:51:15 2017 -0700
@@ -28,6 +28,8 @@
/**
* Unchecked exception thrown when an attempt is made to invoke an operation on
* a watch service that is closed.
+ *
+ * @since 1.7
*/
public class ClosedWatchServiceException
--- a/jdk/src/java.base/share/classes/java/nio/file/FileSystemAlreadyExistsException.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/nio/file/FileSystemAlreadyExistsException.java Thu Mar 16 09:51:15 2017 -0700
@@ -28,6 +28,8 @@
/**
* Runtime exception thrown when an attempt is made to create a file system that
* already exists.
+ *
+ * @since 1.7
*/
public class FileSystemAlreadyExistsException
--- a/jdk/src/java.base/share/classes/java/nio/file/FileSystemNotFoundException.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/nio/file/FileSystemNotFoundException.java Thu Mar 16 09:51:15 2017 -0700
@@ -27,6 +27,8 @@
/**
* Runtime exception thrown when a file system cannot be found.
+ *
+ * @since 1.7
*/
public class FileSystemNotFoundException
--- a/jdk/src/java.base/share/classes/java/nio/file/InvalidPathException.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/nio/file/InvalidPathException.java Thu Mar 16 09:51:15 2017 -0700
@@ -29,6 +29,8 @@
* Unchecked exception thrown when path string cannot be converted into a
* {@link Path} because the path string contains invalid characters, or
* the path string is invalid for other file system specific reasons.
+ *
+ * @since 1.7
*/
public class InvalidPathException
--- a/jdk/src/java.base/share/classes/java/nio/file/ProviderMismatchException.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/nio/file/ProviderMismatchException.java Thu Mar 16 09:51:15 2017 -0700
@@ -29,6 +29,8 @@
* Unchecked exception thrown when an attempt is made to invoke a method on an
* object created by one file system provider with a parameter created by a
* different file system provider.
+ *
+ * @since 1.7
*/
public class ProviderMismatchException
extends java.lang.IllegalArgumentException
--- a/jdk/src/java.base/share/classes/java/nio/file/ProviderNotFoundException.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/nio/file/ProviderNotFoundException.java Thu Mar 16 09:51:15 2017 -0700
@@ -27,6 +27,8 @@
/**
* Runtime exception thrown when a provider of the required type cannot be found.
+ *
+ * @since 1.7
*/
public class ProviderNotFoundException
--- a/jdk/src/java.base/share/classes/java/nio/file/ReadOnlyFileSystemException.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/nio/file/ReadOnlyFileSystemException.java Thu Mar 16 09:51:15 2017 -0700
@@ -28,6 +28,8 @@
/**
* Unchecked exception thrown when an attempt is made to update an object
* associated with a {@link FileSystem#isReadOnly() read-only} {@code FileSystem}.
+ *
+ * @since 1.7
*/
public class ReadOnlyFileSystemException
--- a/jdk/src/java.base/share/classes/java/security/SecureRandom.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/security/SecureRandom.java Thu Mar 16 09:51:15 2017 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1996, 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -40,7 +40,7 @@
*
* <p>A cryptographically strong random number minimally complies with the
* statistical random number generator tests specified in
- * <a href="http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf">
+ * <a href="http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.140-2.pdf">
* <i>FIPS 140-2, Security Requirements for Cryptographic Modules</i></a>,
* section 4.9.1.
* Additionally, {@code SecureRandom} must produce non-deterministic output.
--- a/jdk/src/java.base/share/classes/java/time/Duration.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/time/Duration.java Thu Mar 16 09:51:15 2017 -0700
@@ -1370,6 +1370,7 @@
* @return a {@code Duration} based on this duration with the time truncated, not null
* @throws DateTimeException if the unit is invalid for truncation
* @throws UnsupportedTemporalTypeException if the unit is not supported
+ * @since 9
*/
public Duration truncatedTo(TemporalUnit unit) {
Objects.requireNonNull(unit, "unit");
--- a/jdk/src/java.base/share/classes/java/time/format/DateTimeFormatterBuilder.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/time/format/DateTimeFormatterBuilder.java Thu Mar 16 09:51:15 2017 -0700
@@ -1278,6 +1278,7 @@
*
* @param textStyle the text style to use, not null
* @return this, for chaining, not null
+ * @since 9
*/
public DateTimeFormatterBuilder appendGenericZoneText(TextStyle textStyle) {
appendInternal(new ZoneTextPrinterParser(textStyle, null, true));
@@ -1303,6 +1304,7 @@
* @param textStyle the text style to use, not null
* @param preferredZones the set of preferred zone ids, not null
* @return this, for chaining, not null
+ * @since 9
*/
public DateTimeFormatterBuilder appendGenericZoneText(TextStyle textStyle,
Set<ZoneId> preferredZones) {
--- a/jdk/src/java.base/share/classes/java/util/zip/ZipException.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/java/util/zip/ZipException.java Thu Mar 16 09:51:15 2017 -0700
@@ -32,7 +32,7 @@
*
* @author unascribed
* @see java.io.IOException
- * @since 1.0
+ * @since 1.1
*/
public
--- a/jdk/src/java.base/share/classes/sun/security/provider/certpath/AlgorithmChecker.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/sun/security/provider/certpath/AlgorithmChecker.java Thu Mar 16 09:51:15 2017 -0700
@@ -106,9 +106,8 @@
private boolean trustedMatch = false;
/**
- * Create a new {@code AlgorithmChecker} with the algorithm
- * constraints specified in security property
- * "jdk.certpath.disabledAlgorithms".
+ * Create a new {@code AlgorithmChecker} with the given algorithm
+ * given {@code TrustAnchor} and {@code String} variant.
*
* @param anchor the trust anchor selected to validate the target
* certificate
@@ -116,13 +115,14 @@
* passed will set it to Validator.GENERIC.
*/
public AlgorithmChecker(TrustAnchor anchor, String variant) {
- this(anchor, certPathDefaultConstraints, null, variant);
+ this(anchor, certPathDefaultConstraints, null, null, variant);
}
/**
* Create a new {@code AlgorithmChecker} with the given
- * {@code AlgorithmConstraints}, {@code Timestamp}, and/or {@code Variant}.
- * <p>
+ * {@code AlgorithmConstraints}, {@code Timestamp}, and {@code String}
+ * variant.
+ *
* Note that this constructor can initialize a variation of situations where
* the AlgorithmConstraints, Timestamp, or Variant maybe known.
*
@@ -134,32 +134,28 @@
*/
public AlgorithmChecker(AlgorithmConstraints constraints,
Timestamp jarTimestamp, String variant) {
- this.prevPubKey = null;
- this.trustedPubKey = null;
- this.constraints = (constraints == null ? certPathDefaultConstraints :
- constraints);
- this.pkixdate = (jarTimestamp != null ? jarTimestamp.getTimestamp() :
- null);
- this.jarTimestamp = jarTimestamp;
- this.variant = (variant == null ? Validator.VAR_GENERIC : variant);
+ this(null, constraints, null, jarTimestamp, variant);
}
/**
* Create a new {@code AlgorithmChecker} with the
- * given {@code TrustAnchor} and {@code AlgorithmConstraints}.
+ * given {@code TrustAnchor}, {@code AlgorithmConstraints},
+ * {@code Timestamp}, and {@code String} variant.
*
* @param anchor the trust anchor selected to validate the target
* certificate
* @param constraints the algorithm constraints (or null)
- * @param pkixdate Date the constraints are checked against. The value is
- * either the PKIXParameter date or null for the current date.
+ * @param pkixdate The date specified by the PKIXParameters date. If the
+ * PKIXParameters is null, the current date is used. This
+ * should be null when jar files are being checked.
+ * @param jarTimestamp Timestamp passed for JAR timestamp constraint
+ * checking. Set to null if not applicable.
* @param variant is the Validator variants of the operation. A null value
* passed will set it to Validator.GENERIC.
- *
- * @throws IllegalArgumentException if the {@code anchor} is null
*/
public AlgorithmChecker(TrustAnchor anchor,
- AlgorithmConstraints constraints, Date pkixdate, String variant) {
+ AlgorithmConstraints constraints, Date pkixdate,
+ Timestamp jarTimestamp, String variant) {
if (anchor != null) {
if (anchor.getTrustedCert() != null) {
@@ -179,28 +175,30 @@
}
}
- this.prevPubKey = trustedPubKey;
- this.constraints = constraints;
- this.pkixdate = pkixdate;
- this.jarTimestamp = null;
+ this.prevPubKey = this.trustedPubKey;
+ this.constraints = (constraints == null ? certPathDefaultConstraints :
+ constraints);
+ // If we are checking jar files, set pkixdate the same as the timestamp
+ // for certificate checking
+ this.pkixdate = (jarTimestamp != null ? jarTimestamp.getTimestamp() :
+ pkixdate);
+ this.jarTimestamp = jarTimestamp;
this.variant = (variant == null ? Validator.VAR_GENERIC : variant);
}
/**
- * Create a new {@code AlgorithmChecker} with the
- * given {@code TrustAnchor} and {@code PKIXParameter} date.
+ * Create a new {@code AlgorithmChecker} with the given {@code TrustAnchor},
+ * {@code PKIXParameter} date, and {@code varient}
*
* @param anchor the trust anchor selected to validate the target
* certificate
* @param pkixdate Date the constraints are checked against. The value is
- * either the PKIXParameter date or null for the current date.
+ * either the PKIXParameters date or null for the current date.
* @param variant is the Validator variants of the operation. A null value
* passed will set it to Validator.GENERIC.
- *
- * @throws IllegalArgumentException if the {@code anchor} is null
*/
public AlgorithmChecker(TrustAnchor anchor, Date pkixdate, String variant) {
- this(anchor, certPathDefaultConstraints, pkixdate, variant);
+ this(anchor, certPathDefaultConstraints, pkixdate, null, variant);
}
// Check this 'cert' for restrictions in the AnchorCertificates
@@ -216,10 +214,6 @@
return AnchorCertificates.contains(cert);
}
- Timestamp getJarTimestamp() {
- return jarTimestamp;
- }
-
@Override
public void init(boolean forward) throws CertPathValidatorException {
// Note that this class does not support forward mode.
--- a/jdk/src/java.base/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java Thu Mar 16 09:51:15 2017 -0700
@@ -172,12 +172,8 @@
List<PKIXCertPathChecker> certPathCheckers = new ArrayList<>();
// add standard checkers that we will be using
certPathCheckers.add(untrustedChecker);
- if (params.timestamp() == null) {
- certPathCheckers.add(new AlgorithmChecker(anchor, params.date(), null));
- } else {
- certPathCheckers.add(new AlgorithmChecker(null,
- params.timestamp(), params.variant()));
- }
+ certPathCheckers.add(new AlgorithmChecker(anchor, null, params.date(),
+ params.timestamp(), params.variant()));
certPathCheckers.add(new KeyChecker(certPathLen,
params.targetCertConstraints()));
certPathCheckers.add(new ConstraintsChecker(certPathLen));
@@ -195,13 +191,10 @@
certPathCheckers.add(pc);
// default value for date is current time
BasicChecker bc;
- if (params.timestamp() == null) {
- bc = new BasicChecker(anchor, params.date(), params.sigProvider(),
- false);
- } else {
- bc = new BasicChecker(anchor, params.timestamp().getTimestamp(),
- params.sigProvider(), false);
- }
+ bc = new BasicChecker(anchor,
+ (params.timestamp() == null ? params.date() :
+ params.timestamp().getTimestamp()),
+ params.sigProvider(), false);
certPathCheckers.add(bc);
boolean revCheckerAdded = false;
--- a/jdk/src/java.base/share/classes/sun/security/rsa/RSAPrivateCrtKeyImpl.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/sun/security/rsa/RSAPrivateCrtKeyImpl.java Thu Mar 16 09:51:15 2017 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -191,14 +191,22 @@
if (version != 0) {
throw new IOException("Version must be 0");
}
- n = getBigInteger(data);
- e = getBigInteger(data);
- d = getBigInteger(data);
- p = getBigInteger(data);
- q = getBigInteger(data);
- pe = getBigInteger(data);
- qe = getBigInteger(data);
- coeff = getBigInteger(data);
+
+ /*
+ * Some implementations do not correctly encode ASN.1 INTEGER values
+ * in 2's complement format, resulting in a negative integer when
+ * decoded. Correct the error by converting it to a positive integer.
+ *
+ * See CR 6255949
+ */
+ n = data.getPositiveBigInteger();
+ e = data.getPositiveBigInteger();
+ d = data.getPositiveBigInteger();
+ p = data.getPositiveBigInteger();
+ q = data.getPositiveBigInteger();
+ pe = data.getPositiveBigInteger();
+ qe = data.getPositiveBigInteger();
+ coeff = data.getPositiveBigInteger();
if (derValue.data.available() != 0) {
throw new IOException("Extra data available");
}
@@ -206,23 +214,4 @@
throw new InvalidKeyException("Invalid RSA private key", e);
}
}
-
- /**
- * Read a BigInteger from the DerInputStream.
- */
- static BigInteger getBigInteger(DerInputStream data) throws IOException {
- BigInteger b = data.getBigInteger();
-
- /*
- * Some implementations do not correctly encode ASN.1 INTEGER values
- * in 2's complement format, resulting in a negative integer when
- * decoded. Correct the error by converting it to a positive integer.
- *
- * See CR 6255949
- */
- if (b.signum() < 0) {
- b = new BigInteger(1, b.toByteArray());
- }
- return b;
- }
}
--- a/jdk/src/java.base/share/classes/sun/security/rsa/RSAPublicKeyImpl.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/sun/security/rsa/RSAPublicKeyImpl.java Thu Mar 16 09:51:15 2017 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -111,8 +111,8 @@
throw new IOException("Not a SEQUENCE");
}
DerInputStream data = derValue.data;
- n = RSAPrivateCrtKeyImpl.getBigInteger(data);
- e = RSAPrivateCrtKeyImpl.getBigInteger(data);
+ n = data.getPositiveBigInteger();
+ e = data.getPositiveBigInteger();
if (derValue.data.available() != 0) {
throw new IOException("Extra data available");
}
--- a/jdk/src/java.base/share/classes/sun/security/util/DerInputBuffer.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/sun/security/util/DerInputBuffer.java Thu Mar 16 09:51:15 2017 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1996, 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -44,16 +44,26 @@
*/
class DerInputBuffer extends ByteArrayInputStream implements Cloneable {
- DerInputBuffer(byte[] buf) { super(buf); }
+ boolean allowBER = true;
+
+ // used by sun/security/util/DerInputBuffer/DerInputBufferEqualsHashCode.java
+ DerInputBuffer(byte[] buf) {
+ this(buf, true);
+ }
- DerInputBuffer(byte[] buf, int offset, int len) {
+ DerInputBuffer(byte[] buf, boolean allowBER) {
+ super(buf);
+ this.allowBER = allowBER;
+ }
+
+ DerInputBuffer(byte[] buf, int offset, int len, boolean allowBER) {
super(buf, offset, len);
+ this.allowBER = allowBER;
}
DerInputBuffer dup() {
try {
DerInputBuffer retval = (DerInputBuffer)clone();
-
retval.mark(Integer.MAX_VALUE);
return retval;
} catch (CloneNotSupportedException e) {
@@ -147,8 +157,8 @@
System.arraycopy(buf, pos, bytes, 0, len);
skip(len);
- // check to make sure no extra leading 0s for DER
- if (len >= 2 && (bytes[0] == 0) && (bytes[1] >= 0)) {
+ // BER allows leading 0s but DER does not
+ if (!allowBER && (len >= 2 && (bytes[0] == 0) && (bytes[1] >= 0))) {
throw new IOException("Invalid encoding: redundant leading 0s");
}
--- a/jdk/src/java.base/share/classes/sun/security/util/DerInputStream.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/sun/security/util/DerInputStream.java Thu Mar 16 09:51:15 2017 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1996, 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -81,6 +81,25 @@
}
/**
+ * Create a DER input stream from part of a data buffer with
+ * additional arg to control whether DER checks are enforced.
+ * The buffer is not copied, it is shared. Accordingly, the
+ * buffer should be treated as read-only.
+ *
+ * @param data the buffer from which to create the string (CONSUMED)
+ * @param offset the first index of <em>data</em> which will
+ * be read as DER input in the new stream
+ * @param len how long a chunk of the buffer to use,
+ * starting at "offset"
+ * @param allowBER whether to allow constructed indefinite-length
+ * encoding as well as tolerate leading 0s
+ */
+ public DerInputStream(byte[] data, int offset, int len,
+ boolean allowBER) throws IOException {
+ init(data, offset, len, allowBER);
+ }
+
+ /**
* Create a DER input stream from part of a data buffer.
* The buffer is not copied, it is shared. Accordingly, the
* buffer should be treated as read-only.
@@ -95,47 +114,27 @@
init(data, offset, len, true);
}
- /**
- * Create a DER input stream from part of a data buffer with
- * additional arg to indicate whether to allow constructed
- * indefinite-length encoding.
- * The buffer is not copied, it is shared. Accordingly, the
- * buffer should be treated as read-only.
- *
- * @param data the buffer from which to create the string (CONSUMED)
- * @param offset the first index of <em>data</em> which will
- * be read as DER input in the new stream
- * @param len how long a chunk of the buffer to use,
- * starting at "offset"
- * @param allowIndefiniteLength whether to allow constructed
- * indefinite-length encoding
- */
- public DerInputStream(byte[] data, int offset, int len,
- boolean allowIndefiniteLength) throws IOException {
- init(data, offset, len, allowIndefiniteLength);
- }
-
/*
* private helper routine
*/
- private void init(byte[] data, int offset, int len,
- boolean allowIndefiniteLength) throws IOException {
+ private void init(byte[] data, int offset, int len, boolean allowBER) throws IOException {
if ((offset+2 > data.length) || (offset+len > data.length)) {
throw new IOException("Encoding bytes too short");
}
// check for indefinite length encoding
if (DerIndefLenConverter.isIndefinite(data[offset+1])) {
- if (!allowIndefiniteLength) {
+ if (!allowBER) {
throw new IOException("Indefinite length BER encoding found");
} else {
byte[] inData = new byte[len];
System.arraycopy(data, offset, inData, 0, len);
DerIndefLenConverter derIn = new DerIndefLenConverter();
- buffer = new DerInputBuffer(derIn.convert(inData));
+ buffer = new DerInputBuffer(derIn.convert(inData), allowBER);
}
- } else
- buffer = new DerInputBuffer(data, offset, len);
+ } else {
+ buffer = new DerInputBuffer(data, offset, len, allowBER);
+ }
buffer.mark(Integer.MAX_VALUE);
}
@@ -156,7 +155,7 @@
*/
public DerInputStream subStream(int len, boolean do_skip)
throws IOException {
- DerInputBuffer newbuf = buffer.dup();
+ DerInputBuffer newbuf = buffer.dup();
newbuf.truncate(len);
if (do_skip) {
@@ -399,7 +398,8 @@
dis.readFully(indefData, offset, readLen);
dis.close();
DerIndefLenConverter derIn = new DerIndefLenConverter();
- buffer = new DerInputBuffer(derIn.convert(indefData));
+ buffer = new DerInputBuffer(derIn.convert(indefData), buffer.allowBER);
+
if (tag != buffer.read())
throw new IOException("Indefinite length encoding" +
" not supported");
@@ -427,7 +427,7 @@
DerValue value;
do {
- value = new DerValue(newstr.buffer);
+ value = new DerValue(newstr.buffer, buffer.allowBER);
vec.addElement(value);
} while (newstr.available() > 0);
--- a/jdk/src/java.base/share/classes/sun/security/util/DerValue.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/sun/security/util/DerValue.java Thu Mar 16 09:51:15 2017 -0700
@@ -1,5 +1,5 @@
-/*
- * Copyright (c) 1996, 2016, Oracle and/or its affiliates. All rights reserved.
+/**
+ * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -225,6 +225,16 @@
data = init(stringTag, value);
}
+ // Creates a DerValue from a tag and some DER-encoded data w/ additional
+ // arg to control whether DER checks are enforced.
+ DerValue(byte tag, byte[] data, boolean allowBER) {
+ this.tag = tag;
+ buffer = new DerInputBuffer(data.clone(), allowBER);
+ length = data.length;
+ this.data = new DerInputStream(buffer);
+ this.data.mark(Integer.MAX_VALUE);
+ }
+
/**
* Creates a DerValue from a tag and some DER-encoded data.
*
@@ -232,20 +242,16 @@
* @param data the DER-encoded data
*/
public DerValue(byte tag, byte[] data) {
- this.tag = tag;
- buffer = new DerInputBuffer(data.clone());
- length = data.length;
- this.data = new DerInputStream(buffer);
- this.data.mark(Integer.MAX_VALUE);
+ this(tag, data, true);
}
/*
* package private
*/
DerValue(DerInputBuffer in) throws IOException {
+
// XXX must also parse BER-encoded constructed
// values such as sequences, sets...
-
tag = (byte)in.read();
byte lenByte = (byte)in.read();
length = DerInputStream.getLength(lenByte, in);
@@ -260,7 +266,7 @@
dis.readFully(indefData, offset, readLen);
dis.close();
DerIndefLenConverter derIn = new DerIndefLenConverter();
- inbuf = new DerInputBuffer(derIn.convert(indefData));
+ inbuf = new DerInputBuffer(derIn.convert(indefData), in.allowBER);
if (tag != inbuf.read())
throw new IOException
("Indefinite length encoding not supported");
@@ -282,6 +288,12 @@
}
}
+ // Get an ASN.1/DER encoded datum from a buffer w/ additional
+ // arg to control whether DER checks are enforced.
+ DerValue(byte[] buf, boolean allowBER) throws IOException {
+ data = init(true, new ByteArrayInputStream(buf), allowBER);
+ }
+
/**
* Get an ASN.1/DER encoded datum from a buffer. The
* entire buffer must hold exactly one datum, including
@@ -290,7 +302,14 @@
* @param buf buffer holding a single DER-encoded datum.
*/
public DerValue(byte[] buf) throws IOException {
- data = init(true, new ByteArrayInputStream(buf));
+ this(buf, true);
+ }
+
+ // Get an ASN.1/DER encoded datum from part of a buffer w/ additional
+ // arg to control whether DER checks are enforced.
+ DerValue(byte[] buf, int offset, int len, boolean allowBER)
+ throws IOException {
+ data = init(true, new ByteArrayInputStream(buf, offset, len), allowBER);
}
/**
@@ -303,7 +322,13 @@
* @param len how many bytes are in the encoded datum
*/
public DerValue(byte[] buf, int offset, int len) throws IOException {
- data = init(true, new ByteArrayInputStream(buf, offset, len));
+ this(buf, offset, len, true);
+ }
+
+ // Get an ASN1/DER encoded datum from an input stream w/ additional
+ // arg to control whether DER checks are enforced.
+ DerValue(InputStream in, boolean allowBER) throws IOException {
+ data = init(false, in, allowBER);
}
/**
@@ -316,10 +341,11 @@
* which may be followed by additional data
*/
public DerValue(InputStream in) throws IOException {
- data = init(false, in);
+ this(in, true);
}
- private DerInputStream init(byte stringTag, String value) throws IOException {
+ private DerInputStream init(byte stringTag, String value)
+ throws IOException {
String enc = null;
tag = stringTag;
@@ -347,7 +373,7 @@
byte[] buf = value.getBytes(enc);
length = buf.length;
- buffer = new DerInputBuffer(buf);
+ buffer = new DerInputBuffer(buf, true);
DerInputStream result = new DerInputStream(buffer);
result.mark(Integer.MAX_VALUE);
return result;
@@ -356,8 +382,8 @@
/*
* helper routine
*/
- private DerInputStream init(boolean fullyBuffered, InputStream in)
- throws IOException {
+ private DerInputStream init(boolean fullyBuffered, InputStream in,
+ boolean allowBER) throws IOException {
tag = (byte)in.read();
byte lenByte = (byte)in.read();
@@ -384,7 +410,7 @@
byte[] bytes = IOUtils.readFully(in, length, true);
- buffer = new DerInputBuffer(bytes);
+ buffer = new DerInputBuffer(bytes, allowBER);
return new DerInputStream(buffer);
}
@@ -479,7 +505,8 @@
if (buffer.read(bytes) != length)
throw new IOException("short read on DerValue buffer");
if (isConstructed()) {
- DerInputStream in = new DerInputStream(bytes);
+ DerInputStream in = new DerInputStream(bytes, 0, bytes.length,
+ buffer.allowBER);
bytes = null;
while (in.available() != 0) {
bytes = append(bytes, in.getOctetString());
--- a/jdk/src/java.base/share/classes/sun/security/util/DisabledAlgorithmConstraints.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/sun/security/util/DisabledAlgorithmConstraints.java Thu Mar 16 09:51:15 2017 -0700
@@ -27,6 +27,8 @@
import sun.security.validator.Validator;
+import java.io.ByteArrayOutputStream;
+import java.io.PrintStream;
import java.security.CryptoPrimitive;
import java.security.AlgorithmParameters;
import java.security.Key;
@@ -670,8 +672,14 @@
}
if (debug != null) {
- debug.println("Checking if usage constraint " + v +
- " matches " + cp.getVariant());
+ debug.println("Checking if usage constraint \"" + v +
+ "\" matches \"" + cp.getVariant() + "\"");
+ // Because usage checking can come from many places
+ // a stack trace is very helpful.
+ ByteArrayOutputStream ba = new ByteArrayOutputStream();
+ PrintStream ps = new PrintStream(ba);
+ (new Exception()).printStackTrace(ps);
+ debug.println(ba.toString());
}
if (cp.getVariant().compareTo(v) == 0) {
if (next(cp)) {
--- a/jdk/src/java.base/share/classes/sun/security/validator/PKIXValidator.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/sun/security/validator/PKIXValidator.java Thu Mar 16 09:51:15 2017 -0700
@@ -195,18 +195,16 @@
("null or zero-length certificate chain");
}
- // Check if 'parameter' affects 'pkixParameters'
+ // Use PKIXExtendedParameters for timestamp and variant additions
PKIXBuilderParameters pkixParameters = null;
- if (parameter instanceof Timestamp && plugin) {
- try {
- pkixParameters = new PKIXExtendedParameters(
- (PKIXBuilderParameters) parameterTemplate.clone(),
- (Timestamp) parameter, variant);
- } catch (InvalidAlgorithmParameterException e) {
- // ignore exception
- }
- } else {
- pkixParameters = (PKIXBuilderParameters) parameterTemplate.clone();
+ try {
+ pkixParameters = new PKIXExtendedParameters(
+ (PKIXBuilderParameters) parameterTemplate.clone(),
+ (parameter instanceof Timestamp) ?
+ (Timestamp) parameter : null,
+ variant);
+ } catch (InvalidAlgorithmParameterException e) {
+ // ignore exception
}
// add new algorithm constraints checker
--- a/jdk/src/java.base/share/classes/sun/security/validator/SimpleValidator.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/classes/sun/security/validator/SimpleValidator.java Thu Mar 16 09:51:15 2017 -0700
@@ -162,7 +162,7 @@
AlgorithmChecker appAlgChecker = null;
if (constraints != null) {
appAlgChecker = new AlgorithmChecker(anchor, constraints, null,
- variant);
+ null, variant);
}
// verify top down, starting at the certificate issued by
--- a/jdk/src/java.base/share/conf/security/java.security Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.base/share/conf/security/java.security Thu Mar 16 09:51:15 2017 -0700
@@ -598,8 +598,8 @@
# jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
#
#
-jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \
- DSA keySize < 1024, EC keySize < 224
+jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \
+ RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224
#
# Algorithm restrictions for signed JAR files
--- a/jdk/src/java.desktop/share/legal/colorimaging.md Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.desktop/share/legal/colorimaging.md Thu Mar 16 09:51:15 2017 -0700
@@ -1,5 +1,7 @@
## Eastman Kodak Company: Kodak Color Management System (kcms) and portions of color management and imaging software
-### Notice
+### Eastman Kodak Notice
+<pre>
+Portions Copyright Eastman Kodak Company 1991-2003
+</pre>
-Portions Copyright Eastman Kodak Company 1991-2003
--- a/jdk/src/java.desktop/share/legal/jpeg.md Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.desktop/share/legal/jpeg.md Thu Mar 16 09:51:15 2017 -0700
@@ -1,4 +1,4 @@
-## JPEG rb6
+## JPEG release 6b
### JPEG License
<pre>
--- a/jdk/src/java.desktop/share/legal/libpng.md Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.desktop/share/legal/libpng.md Thu Mar 16 09:51:15 2017 -0700
@@ -1,6 +1,6 @@
-## Libpng v 1.6.23
+## libpng v1.6.23
-### Libpng License
+### libpng License
<pre>
This copy of the libpng notices is provided for your convenience. In case of
--- a/jdk/src/java.desktop/share/legal/mesa3d.md Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.desktop/share/legal/mesa3d.md Thu Mar 16 09:51:15 2017 -0700
@@ -1,6 +1,6 @@
## Mesa 3-D Graphics Library v4.1
-### Mesa 3-D Graphics Library License
+### Mesa License
<pre>
Mesa 3-D graphics library
--- a/jdk/src/java.desktop/unix/legal/fontconfig.md Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.desktop/unix/legal/fontconfig.md Thu Mar 16 09:51:15 2017 -0700
@@ -1,6 +1,6 @@
-## FontConfig v2.5
+## Fontconfig v2.5
-### FontConfig License
+### Fontconfig License
<pre>
Copyright 2001,2003 Keith Packard
--- a/jdk/src/java.logging/share/classes/java/util/logging/LogManager.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.logging/share/classes/java/util/logging/LogManager.java Thu Mar 16 09:51:15 2017 -0700
@@ -1839,6 +1839,7 @@
* logging configuration file.
*
* @see #updateConfiguration(java.io.InputStream, java.util.function.Function)
+ * @since 9
*/
public void updateConfiguration(Function<String, BiFunction<String,String,String>> mapper)
throws IOException {
@@ -2035,6 +2036,7 @@
* @throws IOException if there are problems reading from the stream,
* or the given stream is not in the
* {@linkplain java.util.Properties properties file} format.
+ * @since 9
*/
public void updateConfiguration(InputStream ins,
Function<String, BiFunction<String,String,String>> mapper)
--- a/jdk/src/java.prefs/share/classes/java/util/prefs/Preferences.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.prefs/share/classes/java/util/prefs/Preferences.java Thu Mar 16 09:51:15 2017 -0700
@@ -188,8 +188,8 @@
* administrator to replace the default preferences implementation with an
* alternative implementation.
*
- * <p>Implementation note: In Sun's JRE, the {@code PreferencesFactory}
- * implementation is located as follows:
+ * @implNote
+ * The {@code PreferencesFactory} implementation is located as follows:
*
* <ol>
*
--- a/jdk/src/java.smartcardio/unix/legal/pcsclite.md Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.smartcardio/unix/legal/pcsclite.md Thu Mar 16 09:51:15 2017 -0700
@@ -1,6 +1,6 @@
## PC/SC Lite for Suse Linux v1.1.1
-### PC/SC Lite for Suse Linux License
+### PC/SC Lite License
<pre>
Copyright (c) 1999-2004 David Corcoran <corcoran@linuxnet.com>
--- a/jdk/src/java.sql/share/classes/java/sql/CallableStatement.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.sql/share/classes/java/sql/CallableStatement.java Thu Mar 16 09:51:15 2017 -0700
@@ -60,6 +60,7 @@
*
* @see Connection#prepareCall
* @see ResultSet
+ * @since 1.1
*/
public interface CallableStatement extends PreparedStatement {
--- a/jdk/src/java.sql/share/classes/java/sql/Connection.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.sql/share/classes/java/sql/Connection.java Thu Mar 16 09:51:15 2017 -0700
@@ -80,6 +80,7 @@
* @see Statement
* @see ResultSet
* @see DatabaseMetaData
+ * @since 1.1
*/
public interface Connection extends Wrapper, AutoCloseable {
--- a/jdk/src/java.sql/share/classes/java/sql/DataTruncation.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.sql/share/classes/java/sql/DataTruncation.java Thu Mar 16 09:51:15 2017 -0700
@@ -34,6 +34,8 @@
*
* <P>The SQLstate for a <code>DataTruncation</code> during read is <code>01004</code>.
* <P>The SQLstate for a <code>DataTruncation</code> during write is <code>22001</code>.
+ *
+ * @since 1.1
*/
public class DataTruncation extends SQLWarning {
--- a/jdk/src/java.sql/share/classes/java/sql/DatabaseMetaData.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.sql/share/classes/java/sql/DatabaseMetaData.java Thu Mar 16 09:51:15 2017 -0700
@@ -68,6 +68,7 @@
* argument is set to <code>null</code>, that argument's criterion will
* be dropped from the search.
*
+ * @since 1.1
*/
public interface DatabaseMetaData extends Wrapper {
--- a/jdk/src/java.sql/share/classes/java/sql/Date.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.sql/share/classes/java/sql/Date.java Thu Mar 16 09:51:15 2017 -0700
@@ -41,6 +41,8 @@
* must be 'normalized' by setting the
* hours, minutes, seconds, and milliseconds to zero in the particular
* time zone with which the instance is associated.
+ *
+ * @since 1.1
*/
public class Date extends java.util.Date {
--- a/jdk/src/java.sql/share/classes/java/sql/Driver.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.sql/share/classes/java/sql/Driver.java Thu Mar 16 09:51:15 2017 -0700
@@ -54,6 +54,7 @@
* @see DriverManager
* @see Connection
* @see DriverAction
+ * @since 1.1
*/
public interface Driver {
--- a/jdk/src/java.sql/share/classes/java/sql/DriverManager.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.sql/share/classes/java/sql/DriverManager.java Thu Mar 16 09:51:15 2017 -0700
@@ -78,6 +78,7 @@
*
* @see Driver
* @see Connection
+ * @since 1.1
*/
public class DriverManager {
--- a/jdk/src/java.sql/share/classes/java/sql/DriverPropertyInfo.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.sql/share/classes/java/sql/DriverPropertyInfo.java Thu Mar 16 09:51:15 2017 -0700
@@ -31,6 +31,8 @@
* who need to interact with a Driver via the method
* <code>getDriverProperties</code> to discover
* and supply properties for connections.
+ *
+ * @since 1.1
*/
public class DriverPropertyInfo {
--- a/jdk/src/java.sql/share/classes/java/sql/PreparedStatement.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.sql/share/classes/java/sql/PreparedStatement.java Thu Mar 16 09:51:15 2017 -0700
@@ -56,6 +56,7 @@
*
* @see Connection#prepareStatement
* @see ResultSet
+ * @since 1.1
*/
public interface PreparedStatement extends Statement {
--- a/jdk/src/java.sql/share/classes/java/sql/ResultSet.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.sql/share/classes/java/sql/ResultSet.java Thu Mar 16 09:51:15 2017 -0700
@@ -143,6 +143,7 @@
* @see Statement#executeQuery
* @see Statement#getResultSet
* @see ResultSetMetaData
+ * @since 1.1
*/
public interface ResultSet extends Wrapper, AutoCloseable {
--- a/jdk/src/java.sql/share/classes/java/sql/ResultSetMetaData.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.sql/share/classes/java/sql/ResultSetMetaData.java Thu Mar 16 09:51:15 2017 -0700
@@ -40,6 +40,8 @@
* boolean b = rsmd.isSearchable(1);
*
* </PRE>
+ *
+ * @since 1.1
*/
public interface ResultSetMetaData extends Wrapper {
--- a/jdk/src/java.sql/share/classes/java/sql/SQLException.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.sql/share/classes/java/sql/SQLException.java Thu Mar 16 09:51:15 2017 -0700
@@ -49,6 +49,8 @@
* error information.
* <LI> the causal relationship, if any for this <code>SQLException</code>.
* </UL>
+ *
+ * @since 1.1
*/
public class SQLException extends java.lang.Exception
implements Iterable<Throwable> {
--- a/jdk/src/java.sql/share/classes/java/sql/SQLWarning.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.sql/share/classes/java/sql/SQLWarning.java Thu Mar 16 09:51:15 2017 -0700
@@ -41,6 +41,7 @@
* @see Connection#getWarnings
* @see Statement#getWarnings
* @see ResultSet#getWarnings
+ * @since 1.1
*/
public class SQLWarning extends SQLException {
--- a/jdk/src/java.sql/share/classes/java/sql/ShardingKeyBuilder.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.sql/share/classes/java/sql/ShardingKeyBuilder.java Thu Mar 16 09:51:15 2017 -0700
@@ -42,6 +42,8 @@
* .build();
* }
* </pre>
+ *
+ * @since 9
*/
public interface ShardingKeyBuilder {
--- a/jdk/src/java.sql/share/classes/java/sql/Statement.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.sql/share/classes/java/sql/Statement.java Thu Mar 16 09:51:15 2017 -0700
@@ -42,6 +42,7 @@
*
* @see Connection#createStatement
* @see ResultSet
+ * @since 1.1
*/
public interface Statement extends Wrapper, AutoCloseable {
@@ -1399,6 +1400,8 @@
* converted to two single quotes
* @throws NullPointerException if val is {@code null}
* @throws SQLException if a database access error occurs
+ *
+ * @since 9
*/
default String enquoteLiteral(String val) throws SQLException {
return "'" + val.replace("'", "''") + "'";
@@ -1503,6 +1506,8 @@
* @throws SQLFeatureNotSupportedException if the datasource does not support
* delimited identifiers
* @throws NullPointerException if identifier is {@code null}
+ *
+ * @since 9
*/
default String enquoteIdentifier(String identifier, boolean alwaysQuote) throws SQLException {
int len = identifier.length();
@@ -1576,6 +1581,8 @@
* @return true if a simple SQL identifier, false otherwise
* @throws NullPointerException if identifier is {@code null}
* @throws SQLException if a database access error occurs
+ *
+ * @since 9
*/
default boolean isSimpleIdentifier(String identifier) throws SQLException {
int len = identifier.length();
@@ -1617,6 +1624,8 @@
* then prefixed with 'N'.
* @throws NullPointerException if val is {@code null}
* @throws SQLException if a database access error occurs
+ *
+ * @since 9
*/
default String enquoteNCharLiteral(String val) throws SQLException {
return "N'" + val.replace("'", "''") + "'";
--- a/jdk/src/java.sql/share/classes/java/sql/Time.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.sql/share/classes/java/sql/Time.java Thu Mar 16 09:51:15 2017 -0700
@@ -38,6 +38,8 @@
* values.
* <p>The date components should be set to the "zero epoch"
* value of January 1, 1970 and should not be accessed.
+ *
+ * @since 1.1
*/
public class Time extends java.util.Date {
--- a/jdk/src/java.sql/share/classes/java/sql/Timestamp.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.sql/share/classes/java/sql/Timestamp.java Thu Mar 16 09:51:15 2017 -0700
@@ -69,6 +69,8 @@
* inheritance relationship between {@code Timestamp}
* and {@code java.util.Date} really
* denotes implementation inheritance, and not type inheritance.
+ *
+ * @since 1.1
*/
public class Timestamp extends java.util.Date {
--- a/jdk/src/java.sql/share/classes/java/sql/Types.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.sql/share/classes/java/sql/Types.java Thu Mar 16 09:51:15 2017 -0700
@@ -30,6 +30,8 @@
* SQL types, called JDBC types.
* <p>
* This class is never instantiated.
+ *
+ * @since 1.1
*/
public class Types {
--- a/jdk/src/java.sql/share/classes/javax/transaction/xa/XAException.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.sql/share/classes/javax/transaction/xa/XAException.java Thu Mar 16 09:51:15 2017 -0700
@@ -29,6 +29,7 @@
* The XAException is thrown by the Resource Manager (RM) to inform the
* Transaction Manager of an error encountered by the involved transaction.
*
+ * @since 1.4
*/
public class XAException extends Exception {
--- a/jdk/src/java.sql/share/classes/javax/transaction/xa/XAResource.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.sql/share/classes/javax/transaction/xa/XAResource.java Thu Mar 16 09:51:15 2017 -0700
@@ -56,6 +56,7 @@
* the transaction manager to prepare, commit, or rollback a transaction
* according to the two-phase commit protocol.</p>
*
+ * @since 1.4
*/
public interface XAResource {
--- a/jdk/src/java.sql/share/classes/javax/transaction/xa/Xid.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.sql/share/classes/javax/transaction/xa/Xid.java Thu Mar 16 09:51:15 2017 -0700
@@ -32,6 +32,8 @@
* and branch qualifier. The Xid interface is used by the transaction
* manager and the resource managers. This interface is not visible to
* the application programs.
+ *
+ * @since 1.4
*/
public interface Xid {
--- a/jdk/src/java.xml.crypto/share/legal/santuario.md Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/java.xml.crypto/share/legal/santuario.md Thu Mar 16 09:51:15 2017 -0700
@@ -1,6 +1,6 @@
## Apache Santuario v1.5.4
-### Notice
+### Apache Santuario Notice
<pre>
Apache Santuario - XML Security for Java
--- a/jdk/src/jdk.crypto.cryptoki/share/legal/pkcs11cryptotoken.md Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/jdk.crypto.cryptoki/share/legal/pkcs11cryptotoken.md Thu Mar 16 09:51:15 2017 -0700
@@ -1,4 +1,4 @@
-## PKCS #11 Cryptographic Token Interface, v2.20 amendment 3 Header Files
+## PKCS #11 Cryptographic Token Interface v2.20 Amendment 3 Header Files
### PKCS #11 Cryptographic Token Interface License
<pre>
--- a/jdk/src/jdk.crypto.ec/share/legal/ecc.md Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/jdk.crypto.ec/share/legal/ecc.md Thu Mar 16 09:51:15 2017 -0700
@@ -1,6 +1,6 @@
-## Mozilla Elliptic Curve Cryptography
+## Mozilla Elliptic Curve Cryptography (ECC)
-### Notice
+### Mozilla ECC Notice
<pre>
This notice is provided with respect to Elliptic Curve Cryptography,
@@ -21,7 +21,7 @@
</pre>
-### LGPL 2.1 License
+### LGPL 2.1
<pre>
GNU LESSER GENERAL PUBLIC LICENSE
--- a/jdk/src/jdk.policytool/share/classes/module-info.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/jdk.policytool/share/classes/module-info.java Thu Mar 16 09:51:15 2017 -0700
@@ -27,10 +27,9 @@
* GUI tool for managing policy files.
*
* @since 9
- * @deprecated The policytool tool has been deprecated and
- * is planned to be removed in a future release.
+ * @deprecated
*/
-@Deprecated
+@Deprecated(since="9", forRemoval=true)
module jdk.policytool {
requires java.desktop;
requires java.logging;
--- a/jdk/src/jdk.policytool/share/classes/sun/security/tools/policytool/PolicyTool.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/jdk.policytool/share/classes/sun/security/tools/policytool/PolicyTool.java Thu Mar 16 09:51:15 2017 -0700
@@ -65,11 +65,12 @@
*
* @see java.security.Policy
* @since 1.2
- * @deprecated The policytool tool has been deprecated and
- * is planned to be removed in a future release.
+ * @deprecated {@code policytool} has been deprecated for removal because it
+ * is rarely used, and it provides little value over editing policy
+ * files using a text editor.
*/
-@Deprecated
+@Deprecated(since="9", forRemoval=true)
public class PolicyTool {
// for i18n
--- a/jdk/src/jdk.zipfs/share/classes/jdk/nio/zipfs/JarFileSystem.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/src/jdk.zipfs/share/classes/jdk/nio/zipfs/JarFileSystem.java Thu Mar 16 09:51:15 2017 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2015, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -28,6 +28,7 @@
import java.io.IOException;
import java.io.InputStream;
import java.lang.Runtime.Version;
+import java.nio.file.NoSuchFileException;
import java.nio.file.Path;
import java.util.Arrays;
import java.util.HashMap;
@@ -86,12 +87,12 @@
}
}
- private boolean isMultiReleaseJar() {
+ private boolean isMultiReleaseJar() throws IOException {
try (InputStream is = newInputStream(getBytes("/META-INF/MANIFEST.MF"))) {
- return (new Manifest(is)).getMainAttributes()
- .containsKey(new Attributes.Name("Multi-Release"));
- // fixme change line above after JarFile integration to contain Attributes.Name.MULTI_RELEASE
- } catch (IOException x) {
+ String multiRelease = new Manifest(is).getMainAttributes()
+ .getValue(Attributes.Name.MULTI_RELEASE);
+ return "true".equalsIgnoreCase(multiRelease);
+ } catch (NoSuchFileException x) {
return false;
}
}
--- a/jdk/test/ProblemList.txt Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/test/ProblemList.txt Thu Mar 16 09:51:15 2017 -0700
@@ -215,9 +215,8 @@
javax/net/ssl/DTLS/PacketLossRetransmission.java 8169086 macosx-x64
javax/net/ssl/DTLS/RespondToRetransmit.java 8169086 macosx-x64
-sun/security/krb5/auto/Basic.java 8176296 generic-all
+sun/security/ssl/X509KeyManager/PreferredKey.java 8176354 generic-all
-sun/security/ssl/X509KeyManager/PreferredKey.java 8176354 generic-all
############################################################################
# jdk_sound
--- a/jdk/test/java/io/FileInputStream/LargeFileAvailable.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/test/java/io/FileInputStream/LargeFileAvailable.java Thu Mar 16 09:51:15 2017 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -27,6 +27,7 @@
* @key intermittent
* @summary Test if available returns correct value when reading
* a large file.
+ * @run main/timeout=300 LargeFileAvailable
*/
import java.io.*;
@@ -34,6 +35,7 @@
import java.nio.channels.*;
import java.nio.file.Files;
import static java.nio.file.StandardOpenOption.*;
+import java.util.concurrent.TimeUnit;
public class LargeFileAvailable {
public static void main(String args[]) throws Exception {
@@ -110,7 +112,12 @@
CREATE_NEW, WRITE, SPARSE)) {
ByteBuffer bb = ByteBuffer.allocate(1).put((byte)1);
bb.rewind();
+ System.out.println(" Writing large file...");
+ long t0 = System.nanoTime();
int rc = fc.write(bb, filesize - 1);
+ long t1 = System.nanoTime();
+ System.out.printf(" Wrote large file in %d ns (%d ms) %n",
+ t1 - t0, TimeUnit.NANOSECONDS.toMillis(t1 - t0));
if (rc != 1) {
throw new RuntimeException("Failed to write 1 byte"
--- a/jdk/test/java/lang/Runtime/Version/Basic.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/test/java/lang/Runtime/Version/Basic.java Thu Mar 16 09:51:15 2017 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2015, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -24,7 +24,7 @@
/*
* @test
* @summary Unit test for java.lang.Runtime.Version.
- * @bug 8072379 8144062 8161236
+ * @bug 8072379 8144062 8161236 8160956
*/
import java.lang.reflect.InvocationTargetException;
@@ -140,7 +140,7 @@
testEHC("9.1.1.2-2a", "9.1.1.2-12", false, false, 1, 1);
testEHC("9.1.1.2-12", "9.1.1.2-4", false, false, 1, 1);
- testEHC("27.16", "27.16+120", false, false, 1, 1);
+ testEHC("27.16", "27.16+120", false, false, -1, -1);
testEHC("10", "10-ea", false, false, 1, 1);
testEHC("10.1+1", "10.1-ea+1", false, false, 1, 1);
testEHC("10.0.1+22", "10.0.1+21", false, false, 1, 1);
@@ -152,7 +152,7 @@
testEHC("9-internal", "9", false, false, -1, -1);
testEHC("9-ea+120", "9+120", false, false, -1, -1);
testEHC("9-ea+120", "9+120", false, false, -1, -1);
- testEHC("9+101", "9", false, false, -1, -1);
+ testEHC("9+101", "9", false, false, 1, 1);
testEHC("9+101", "9+102", false, false, -1, -1);
testEHC("1.9-ea", "9-ea", false, false, -1, -1);
--- a/jdk/test/java/lang/StackWalker/CallerSensitiveMethod/csm/jdk/test/CallerSensitiveTest.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/test/java/lang/StackWalker/CallerSensitiveMethod/csm/jdk/test/CallerSensitiveTest.java Thu Mar 16 09:51:15 2017 -0700
@@ -50,7 +50,7 @@
if (args.length > 0 && args[0].equals("sm")) {
sm = true;
PermissionCollection perms = new Permissions();
- perms.add(new StackFramePermission("retainClassReference"));
+ perms.add(new RuntimePermission("getStackWalkerWithClassReference"));
Policy.setPolicy(new Policy() {
@Override
public boolean implies(ProtectionDomain domain, Permission p) {
--- a/jdk/test/java/lang/StackWalker/GetCallerClassTest.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/test/java/lang/StackWalker/GetCallerClassTest.java Thu Mar 16 09:51:15 2017 -0700
@@ -55,7 +55,7 @@
public static void main(String... args) throws Exception {
if (args.length > 0 && args[0].equals("sm")) {
PermissionCollection perms = new Permissions();
- perms.add(new StackFramePermission("retainClassReference"));
+ perms.add(new RuntimePermission("getStackWalkerWithClassReference"));
Policy.setPolicy(new Policy() {
@Override
public boolean implies(ProtectionDomain domain, Permission p) {
--- a/jdk/test/java/lang/StackWalker/stackwalk.policy Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/test/java/lang/StackWalker/stackwalk.policy Thu Mar 16 09:51:15 2017 -0700
@@ -1,4 +1,4 @@
grant {
- permission java.lang.StackFramePermission "retainClassReference";
+ permission java.lang.RuntimePermission "getStackWalkerWithClassReference";
};
--- a/jdk/test/java/lang/StackWalker/stackwalktest.policy Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/test/java/lang/StackWalker/stackwalktest.policy Thu Mar 16 09:51:15 2017 -0700
@@ -1,5 +1,5 @@
grant {
- permission java.lang.StackFramePermission "retainClassReference";
+ permission java.lang.RuntimePermission "getStackWalkerWithClassReference";
permission java.util.PropertyPermission "seed", "read";
};
--- a/jdk/test/java/nio/channels/FileChannel/LoopingTruncate.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/test/java/nio/channels/FileChannel/LoopingTruncate.java Thu Mar 16 09:51:15 2017 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2015, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -28,7 +28,7 @@
* @summary (fc) Infinite loop FileChannel.truncate
* @library /lib/testlibrary
* @build jdk.testlibrary.Utils
- * @run main/othervm LoopingTruncate
+ * @run main/othervm/timeout=300 LoopingTruncate
*/
import java.nio.ByteBuffer;
@@ -37,6 +37,7 @@
import java.nio.file.Files;
import java.nio.file.Path;
import static java.nio.file.StandardOpenOption.*;
+import java.util.concurrent.TimeUnit;
import static jdk.testlibrary.Utils.adjustTimeout;
public class LoopingTruncate {
@@ -51,11 +52,21 @@
Path path = Files.createTempFile("LoopingTruncate.tmp", null);
try (FileChannel fc = FileChannel.open(path, CREATE, WRITE)) {
fc.position(FATEFUL_SIZE + 1L);
+ System.out.println(" Writing large file...");
+ long t0 = System.nanoTime();
fc.write(ByteBuffer.wrap(new byte[] {0}));
+ long t1 = System.nanoTime();
+ System.out.printf(" Wrote large file in %d ns (%d ms) %n",
+ t1 - t0, TimeUnit.NANOSECONDS.toMillis(t1 - t0));
Thread th = new Thread(() -> {
try {
+ System.out.println(" Truncating large file...");
+ long t2 = System.nanoTime();
fc.truncate(FATEFUL_SIZE);
+ long t3 = System.nanoTime();
+ System.out.printf(" Truncated large file in %d ns (%d ms) %n",
+ t3 - t2, TimeUnit.NANOSECONDS.toMillis(t3 - t2));
} catch (ClosedByInterruptException ignore) {
} catch (Exception e) {
throw new RuntimeException(e);
--- a/jdk/test/java/nio/channels/FileChannel/Transfer.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/test/java/nio/channels/FileChannel/Transfer.java Thu Mar 16 09:51:15 2017 -0700
@@ -29,7 +29,7 @@
* @library ..
* @library /lib/testlibrary/
* @build jdk.testlibrary.*
- * @run testng Transfer
+ * @run testng/timeout=300 Transfer
* @key randomness
*/
@@ -256,7 +256,13 @@
initTestFile(source, 10);
RandomAccessFile raf = new RandomAccessFile(source, "rw");
FileChannel fc = raf.getChannel();
+ out.println(" Writing large file...");
+ long t0 = System.nanoTime();
fc.write(ByteBuffer.wrap("Use the source!".getBytes()), testSize - 40);
+ long t1 = System.nanoTime();
+ out.printf(" Wrote large file in %d ns (%d ms) %n",
+ t1 - t0, TimeUnit.NANOSECONDS.toMillis(t1 - t0));
+
fc.close();
raf.close();
@@ -310,8 +316,13 @@
long testSize = ((long)Integer.MAX_VALUE) * 2;
try {
+ out.println(" Writing large file...");
+ long t0 = System.nanoTime();
fc.write(ByteBuffer.wrap("Use the source!".getBytes()),
testSize - 40);
+ long t1 = System.nanoTime();
+ out.printf(" Wrote large file in %d ns (%d ms) %n",
+ t1 - t0, TimeUnit.NANOSECONDS.toMillis(t1 - t0));
} catch (IOException e) {
// Can't set up the test, abort it
err.println("xferTest05 was aborted.");
@@ -444,12 +455,12 @@
RandomAccessFile raf = new RandomAccessFile(file, "rw");
FileChannel fc = raf.getChannel();
- out.println(" Creating large file...");
+ out.println(" Writing large file...");
long t0 = System.nanoTime();
try {
fc.write(ByteBuffer.wrap("0123456789012345".getBytes("UTF-8")), 6*G);
long t1 = System.nanoTime();
- out.printf(" Created large file in %d ns (%d ms) %n",
+ out.printf(" Wrote large file in %d ns (%d ms) %n",
t1 - t0, TimeUnit.NANOSECONDS.toMillis(t1 - t0));
} catch (IOException x) {
err.println(" Unable to create test file:" + x);
--- a/jdk/test/java/nio/channels/FileChannel/Transfers.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/test/java/nio/channels/FileChannel/Transfers.java Thu Mar 16 09:51:15 2017 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2002, 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2002, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -26,6 +26,7 @@
* @summary Comprehensive test for FileChannel.transfer{From,To}
* @bug 4708120
* @author Mark Reinhold
+ * @run main/timeout=300 Transfers
*/
import java.io.*;
--- a/jdk/test/java/nio/channels/Selector/SelectAndClose.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/test/java/nio/channels/Selector/SelectAndClose.java Thu Mar 16 09:51:15 2017 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2004, 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2004, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -29,19 +29,22 @@
import java.nio.channels.*;
import java.io.IOException;
+import java.util.concurrent.CountDownLatch;
public class SelectAndClose {
static Selector selector;
- static boolean awakened = false;
- static boolean closed = false;
+ static volatile boolean awakened = false;
+ static volatile boolean closed = false;
public static void main(String[] args) throws Exception {
selector = Selector.open();
// Create and start a selector in a separate thread.
+ final CountDownLatch selectLatch = new CountDownLatch(1);
new Thread(new Runnable() {
public void run() {
try {
+ selectLatch.countDown();
selector.select();
awakened = true;
} catch (IOException e) {
@@ -51,10 +54,11 @@
}).start();
// Wait for above thread to get to select() before we call close.
- Thread.sleep(3000);
+ selectLatch.await();
+ Thread.sleep(2000);
// Try to close. This should wakeup select.
- new Thread(new Runnable() {
+ Thread closeThread = new Thread(new Runnable() {
public void run() {
try {
selector.close();
@@ -63,10 +67,11 @@
System.err.println(e);
}
}
- }).start();
+ });
+ closeThread.start();
// Wait for select() to be awakened, which should be done by close.
- Thread.sleep(3000);
+ closeThread.join();
if (!awakened)
selector.wakeup();
--- a/jdk/test/java/util/concurrent/tck/ForkJoinPool9Test.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/test/java/util/concurrent/tck/ForkJoinPool9Test.java Thu Mar 16 09:51:15 2017 -0700
@@ -32,9 +32,14 @@
* http://creativecommons.org/publicdomain/zero/1.0/
*/
+import static java.util.concurrent.TimeUnit.MILLISECONDS;
+
import java.lang.invoke.MethodHandles;
import java.lang.invoke.VarHandle;
-import java.util.concurrent.CompletableFuture;
+import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.ForkJoinPool;
+import java.util.concurrent.ForkJoinTask;
+import java.util.concurrent.Future;
import junit.framework.Test;
import junit.framework.TestSuite;
@@ -53,29 +58,43 @@
*/
public void testCommonPoolThreadContextClassLoader() throws Throwable {
if (!testImplementationDetails) return;
+
+ // Ensure common pool has at least one real thread
+ String prop = System.getProperty(
+ "java.util.concurrent.ForkJoinPool.common.parallelism");
+ if ("0".equals(prop)) return;
+
VarHandle CCL =
MethodHandles.privateLookupIn(Thread.class, MethodHandles.lookup())
.findVarHandle(Thread.class, "contextClassLoader", ClassLoader.class);
ClassLoader systemClassLoader = ClassLoader.getSystemClassLoader();
boolean haveSecurityManager = (System.getSecurityManager() != null);
- CompletableFuture.runAsync(
- () -> {
- assertSame(systemClassLoader,
- Thread.currentThread().getContextClassLoader());
- assertSame(systemClassLoader,
- CCL.get(Thread.currentThread()));
- if (haveSecurityManager)
- assertThrows(
- SecurityException.class,
- () -> System.getProperty("foo"),
- () -> Thread.currentThread().setContextClassLoader(null));
-
- // TODO ?
-// if (haveSecurityManager
-// && Thread.currentThread().getClass().getSimpleName()
-// .equals("InnocuousForkJoinWorkerThread"))
-// assertThrows(SecurityException.class, /* ?? */);
- }).join();
+ CountDownLatch taskStarted = new CountDownLatch(1);
+ Runnable runInCommonPool = () -> {
+ taskStarted.countDown();
+ assertTrue(ForkJoinTask.inForkJoinPool());
+ assertSame(ForkJoinPool.commonPool(),
+ ForkJoinTask.getPool());
+ assertSame(systemClassLoader,
+ Thread.currentThread().getContextClassLoader());
+ assertSame(systemClassLoader,
+ CCL.get(Thread.currentThread()));
+ if (haveSecurityManager)
+ assertThrows(
+ SecurityException.class,
+ () -> System.getProperty("foo"),
+ () -> Thread.currentThread().setContextClassLoader(null));
+ // TODO ?
+// if (haveSecurityManager
+// && Thread.currentThread().getClass().getSimpleName()
+// .equals("InnocuousForkJoinWorkerThread"))
+// assertThrows(SecurityException.class, /* ?? */);
+ };
+ Future<?> f = ForkJoinPool.commonPool().submit(runInCommonPool);
+ // Ensure runInCommonPool is truly running in the common pool,
+ // by giving this thread no opportunity to "help" on get().
+ assertTrue(taskStarted.await(LONG_DELAY_MS, MILLISECONDS));
+ assertNull(f.get());
}
}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/jdk/modules/etc/JdkQualifiedExportTest.java Thu Mar 16 09:51:15 2017 -0700
@@ -0,0 +1,167 @@
+/*
+ * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * @test
+ * @bug 8176537
+ * @summary Check JDK modules have no qualified export to any upgradeable module
+ * @modules java.base/jdk.internal.module
+ * @run main JdkQualifiedExportTest
+ */
+
+import jdk.internal.module.ModuleHashes;
+import jdk.internal.module.ModuleInfo;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.UncheckedIOException;
+import java.lang.module.ModuleDescriptor;
+import java.lang.module.ModuleDescriptor.Exports;
+import java.lang.module.ModuleDescriptor.Opens;
+import java.lang.module.ModuleFinder;
+import java.lang.module.ModuleReference;
+import java.lang.reflect.Module;
+import java.util.Collections;
+import java.util.Comparator;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+
+public class JdkQualifiedExportTest {
+ public static void main(String... args) {
+ // check all system modules
+ ModuleFinder.ofSystem().findAll()
+ .stream()
+ .map(ModuleReference::descriptor)
+ .sorted(Comparator.comparing(ModuleDescriptor::name))
+ .forEach(JdkQualifiedExportTest::check);
+ }
+
+ static void check(ModuleDescriptor md) {
+ // skip checking if this is an upgradeable module
+ if (!HashedModules.contains(md.name())) {
+ return;
+ }
+
+ checkExports(md);
+ checkOpens(md);
+ }
+
+ static Set<String> KNOWN_EXCEPTIONS =
+ Set.of("java.xml/com.sun.xml.internal.stream.writers",
+ "jdk.jsobject/jdk.internal.netscape.javascript.spi");
+ static Set<String> DEPLOY_MODULES =
+ Set.of("jdk.deploy", "jdk.plugin", "jdk.javaws");
+
+ static void checkExports(ModuleDescriptor md) {
+ // build a map of upgradeable module to Exports that are qualified to it
+ // skip the qualified exports
+ Map<String, Set<Exports>> targetToExports = new HashMap<>();
+ md.exports().stream()
+ .filter(Exports::isQualified)
+ .forEach(e -> e.targets().stream()
+ .filter(mn -> !HashedModules.contains(mn) &&
+ ModuleFinder.ofSystem().find(mn).isPresent())
+ .forEach(t -> targetToExports.computeIfAbsent(t, _k -> new HashSet<>())
+ .add(e)));
+
+ if (targetToExports.size() > 0) {
+ String mn = md.name();
+
+ System.err.println(mn);
+ targetToExports.entrySet().stream()
+ .sorted(Map.Entry.comparingByKey())
+ .forEach(e -> {
+ e.getValue().stream()
+ .forEach(exp -> System.err.format(" exports %s to %s%n",
+ exp.source(), e.getKey()));
+ });
+
+ // workaround until all qualified exports to upgradeable modules
+ // are eliminated
+ if (targetToExports.entrySet().stream()
+ .filter(e -> !DEPLOY_MODULES.contains(e.getKey()))
+ .flatMap(e -> e.getValue().stream())
+ .anyMatch(e -> !KNOWN_EXCEPTIONS.contains(mn + "/" + e.source()))) {
+ throw new RuntimeException(mn + " can't export package to upgradeable modules");
+ }
+ }
+ }
+
+ static void checkOpens(ModuleDescriptor md) {
+ // build a map of upgradeable module to Exports that are qualified to it
+ // skip the qualified exports
+ Map<String, Set<Opens>> targetToOpens = new HashMap<>();
+ md.opens().stream()
+ .filter(Opens::isQualified)
+ .forEach(e -> e.targets().stream()
+ .filter(mn -> !HashedModules.contains(mn) &&
+ ModuleFinder.ofSystem().find(mn).isPresent())
+ .forEach(t -> targetToOpens.computeIfAbsent(t, _k -> new HashSet<>())
+ .add(e)));
+
+ if (targetToOpens.size() > 0) {
+ String mn = md.name();
+
+ System.err.println(mn);
+ targetToOpens.entrySet().stream()
+ .sorted(Map.Entry.comparingByKey())
+ .forEach(e -> {
+ e.getValue().stream()
+ .forEach(exp -> System.err.format(" opens %s to %s%n",
+ exp.source(), e.getKey()));
+ });
+
+ throw new RuntimeException(mn + " can't open package to upgradeable modules");
+ }
+ }
+
+ private static class HashedModules {
+ static Set<String> HASHED_MODULES = hashedModules();
+
+ static Set<String> hashedModules() {
+ Module javaBase = Object.class.getModule();
+ try (InputStream in = javaBase.getResourceAsStream("module-info.class")) {
+ ModuleInfo.Attributes attrs = ModuleInfo.read(in, null);
+ ModuleHashes hashes = attrs.recordedHashes();
+ if (hashes == null)
+ return Collections.emptySet();
+
+ Set<String> names = new HashSet<>(hashes.names());
+ names.add(javaBase.getName());
+ return names;
+ } catch (IOException e) {
+ throw new UncheckedIOException(e);
+ }
+ }
+
+ /*
+ * Returns true if the named module is tied with java.base,
+ * i.e. non-upgradeable
+ */
+ static boolean contains(String mn) {
+ return HASHED_MODULES.contains(mn);
+ }
+ }
+}
--- a/jdk/test/jdk/nio/zipfs/MultiReleaseJarTest.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/test/jdk/nio/zipfs/MultiReleaseJarTest.java Thu Mar 16 09:51:15 2017 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2015, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -23,7 +23,7 @@
/*
* @test
- * @bug 8144355 8144062
+ * @bug 8144355 8144062 8176709
* @summary Test aliasing additions to ZipFileSystem for multi-release jar files
* @library /lib/testlibrary/java/util/jar
* @build Compiler JarBuilder CreateMultiReleaseTestJars
@@ -42,6 +42,7 @@
import java.nio.file.*;
import java.util.HashMap;
import java.util.Map;
+import java.util.concurrent.atomic.AtomicInteger;
import org.testng.Assert;
import org.testng.annotations.*;
@@ -50,6 +51,7 @@
final private int MAJOR_VERSION = Runtime.version().major();
final private String userdir = System.getProperty("user.dir",".");
+ final private CreateMultiReleaseTestJars creator = new CreateMultiReleaseTestJars();
final private Map<String,String> stringEnv = new HashMap<>();
final private Map<String,Integer> integerEnv = new HashMap<>();
final private Map<String,Version> versionEnv = new HashMap<>();
@@ -63,7 +65,6 @@
@BeforeClass
public void initialize() throws Exception {
- CreateMultiReleaseTestJars creator = new CreateMultiReleaseTestJars();
creator.compileEntries();
creator.buildUnversionedJar();
creator.buildMultiReleaseJar();
@@ -187,6 +188,45 @@
}
}
+ @Test
+ public void testIsMultiReleaseJar() throws Exception {
+ // Re-examine commented out tests as part of JDK-8176843
+ testCustomMultiReleaseValue("true", true);
+ testCustomMultiReleaseValue("true\r\nOther: value", true);
+ testCustomMultiReleaseValue("true\nOther: value", true);
+ //testCustomMultiReleaseValue("true\rOther: value", true);
+
+ testCustomMultiReleaseValue("false", false);
+ testCustomMultiReleaseValue(" true", false);
+ testCustomMultiReleaseValue("true ", false);
+ //testCustomMultiReleaseValue("true\n ", false);
+ //testCustomMultiReleaseValue("true\r ", false);
+ //testCustomMultiReleaseValue("true\n true", false);
+ //testCustomMultiReleaseValue("true\r\n true", false);
+ }
+
+ private static final AtomicInteger JAR_COUNT = new AtomicInteger(0);
+
+ private void testCustomMultiReleaseValue(String value, boolean expected)
+ throws Exception {
+ String fileName = "custom-mr" + JAR_COUNT.incrementAndGet() + ".jar";
+ creator.buildCustomMultiReleaseJar(fileName, value, Map.of(),
+ /*addEntries*/true);
+
+ Map<String,String> env = Map.of("multi-release", "runtime");
+ Path filePath = Paths.get(userdir, fileName);
+ String ssp = filePath.toUri().toString();
+ URI customJar = new URI("jar", ssp , null);
+ try (FileSystem fs = FileSystems.newFileSystem(customJar, env)) {
+ if (expected) {
+ Assert.assertTrue(readAndCompare(fs, MAJOR_VERSION));
+ } else {
+ Assert.assertTrue(readAndCompare(fs, 8));
+ }
+ }
+ Files.delete(filePath);
+ }
+
private static class ByteArrayClassLoader extends ClassLoader {
final private FileSystem fs;
--- a/jdk/test/lib/testlibrary/java/util/jar/CreateMultiReleaseTestJars.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/test/lib/testlibrary/java/util/jar/CreateMultiReleaseTestJars.java Thu Mar 16 09:51:15 2017 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2015, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -109,9 +109,17 @@
public void buildCustomMultiReleaseJar(String filename, String multiReleaseValue,
Map<String, String> extraAttributes) throws IOException {
+ buildCustomMultiReleaseJar(filename, multiReleaseValue, extraAttributes, false);
+ }
+
+ public void buildCustomMultiReleaseJar(String filename, String multiReleaseValue,
+ Map<String, String> extraAttributes, boolean addEntries) throws IOException {
JarBuilder jb = new JarBuilder(filename);
extraAttributes.entrySet()
.forEach(entry -> jb.addAttribute(entry.getKey(), entry.getValue()));
+ if (addEntries) {
+ addEntries(jb);
+ }
jb.addAttribute("Multi-Release", multiReleaseValue);
jb.build();
}
--- a/jdk/test/sun/security/krb5/auto/Basic.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/test/sun/security/krb5/auto/Basic.java Thu Mar 16 09:51:15 2017 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -25,19 +25,48 @@
* @test
* @bug 7152176 8164437
* @summary More krb5 tests
+ * @library /test/lib
* @compile -XDignore.symbol.file Basic.java
- * @run main/othervm
- * Basic jdk.security.jgss
- * @run main/othervm --limit-modules java.security.jgss,jdk.security.auth
- * Basic java.security.jgss
+ * @run main/othervm Basic
*/
+import jdk.test.lib.process.ProcessTools;
import sun.security.jgss.GSSUtil;
-// The basic krb5 test skeleton you can copy from
+import java.util.List;
+import java.util.stream.Stream;
+
public class Basic {
- public static void main(String[] args) throws Exception {
+ public static void main(String[] args) throws Throwable {
+
+ if (args.length == 0) { // jtreg launched here
+
+ // With all modules
+ test("jdk.security.jgss");
+
+ // With limited modules
+ List<String> cmd = ProcessTools.createJavaProcessBuilder().command();
+ Stream.of(jdk.internal.misc.VM.getRuntimeArguments())
+ .filter(arg -> arg.startsWith("--add-exports=") ||
+ arg.startsWith("--add-opens="))
+ .forEach(cmd::add);
+ cmd.addAll(List.of(
+ "-Dtest.src=" + System.getProperty("test.src"),
+ "--add-modules",
+ "java.base,java.security.jgss,jdk.security.auth",
+ "--limit-modules",
+ "java.security.jgss,jdk.security.auth",
+ "Basic",
+ "launched-limited"));
+ ProcessTools.executeCommand(cmd.toArray(new String[cmd.size()]))
+ .shouldHaveExitValue(0);
+ } else { // Launched by ProcessTools above, with limited modules.
+ test("java.security.jgss");
+ }
+ }
+
+ static void test(String expected) throws Exception {
new OneKDC(null).writeJAASConf();
@@ -66,8 +95,8 @@
// Bonus test for 8164437.
String moduleName = c.x().getClass().getModule().getName();
- if (!moduleName.equals(args[0])) {
- throw new Exception("Expected: " + args[0]
+ if (!moduleName.equals(expected)) {
+ throw new Exception("Expected: " + expected
+ ". Actual: " + moduleName);
}
}
--- a/jdk/test/sun/security/krb5/auto/HttpNegotiateServer.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/test/sun/security/krb5/auto/HttpNegotiateServer.java Thu Mar 16 09:51:15 2017 -0700
@@ -28,6 +28,7 @@
* java.security.jgss/sun.security.krb5.internal:+open
* java.security.jgss/sun.security.jgss
* java.security.jgss/sun.security.krb5:+open
+ * java.security.jgss/sun.security.krb5.internal.ccache
* java.security.jgss/sun.security.krb5.internal.crypto
* java.security.jgss/sun.security.krb5.internal.ktab
* jdk.security.auth
--- a/jdk/test/sun/security/pkcs/pkcs8/PKCS8Test.java Thu Mar 16 16:45:04 2017 +0300
+++ b/jdk/test/sun/security/pkcs/pkcs8/PKCS8Test.java Thu Mar 16 09:51:15 2017 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2015, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -195,12 +195,12 @@
public static void main(String[] args)
throws IOException, InvalidKeyException {
- BigInteger p = BigInteger.valueOf(1);
- BigInteger q = BigInteger.valueOf(2);
- BigInteger g = BigInteger.valueOf(3);
- BigInteger x = BigInteger.valueOf(4);
+ BigInteger x = BigInteger.valueOf(1);
+ BigInteger p = BigInteger.valueOf(2);
+ BigInteger q = BigInteger.valueOf(3);
+ BigInteger g = BigInteger.valueOf(4);
- DSAPrivateKey priv = new DSAPrivateKey(p, q, g, x);
+ DSAPrivateKey priv = new DSAPrivateKey(x, p, q, g);
byte[] encodedKey = priv.getEncoded();
byte[] expectedBytes = new byte[EXPECTED.length];
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/sun/security/pkcs/pkcs8/TestLeadingZeros.java Thu Mar 16 09:51:15 2017 -0700
@@ -0,0 +1,82 @@
+/*
+ * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8175251
+ * @summary ensure that PKCS8-encoded private key with leading 0s
+ * can be loaded.
+ * @run main TestLeadingZeros
+ */
+
+import java.io.*;
+import java.security.*;
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.security.interfaces.*;
+import java.util.*;
+
+public class TestLeadingZeros {
+
+ // The following test vectors are various BER encoded PKCS8 bytes
+ static final String[] PKCS8_ENCODINGS = {
+ // first is the original one from PKCS8Test
+ "301e020100301206052b0e03020c30090201020201030201040403020101A000",
+ // changed original to version w/ 1 leading 0
+ "301f02020000301206052b0e03020c30090201020201030201040403020101A000",
+ // changed original to P w/ 1 leading 0
+ "301f020100301306052b0e03020c300a020200020201030201040403020101A000",
+ // changed original to X w/ 2 leading 0s
+ "3020020100301206052b0e03020c300902010202010302010404050203000001A000"
+ };
+
+ public static void main(String[] argv) throws Exception {
+ KeyFactory factory = KeyFactory.getInstance("DSA", "SUN");
+
+ for (String encodings : PKCS8_ENCODINGS) {
+ byte[] encodingBytes = hexToBytes(encodings);
+ PKCS8EncodedKeySpec encodedKeySpec =
+ new PKCS8EncodedKeySpec(encodingBytes);
+ DSAPrivateKey privKey2 = (DSAPrivateKey)
+ factory.generatePrivate(encodedKeySpec);
+ System.out.println("key: " + privKey2);
+ }
+ System.out.println("Test Passed");
+ }
+
+ private static byte[] hexToBytes(String hex) {
+ if (hex.length() % 2 != 0) {
+ throw new RuntimeException("Input should be even length");
+ }
+ int size = hex.length() / 2;
+ byte[] result = new byte[size];
+ for (int i = 0; i < size; i++) {
+ int hi = Character.digit(hex.charAt(2 * i), 16);
+ int lo = Character.digit(hex.charAt(2 * i + 1), 16);
+ if ((hi == -1) || (lo == -1)) {
+ throw new RuntimeException("Input should be hexadecimal");
+ }
+ result[i] = (byte) (16 * hi + lo);
+ }
+ return result;
+ }
+}