This commit is contained in:
Git OBS Bridge
parent
cbcbd1e7e8
commit
aaf0c8ca27
69
fips.patch
69
fips.patch
@ -1,5 +1,5 @@
|
|||||||
--- openjdk/common/autoconf/configure.ac 2021-10-11 13:43:11.725902128 +0200
|
--- openjdk/common/autoconf/configure.ac 2021-12-04 07:42:42.465816095 +0100
|
||||||
+++ openjdk/common/autoconf/configure.ac 2021-10-11 13:48:52.612077500 +0200
|
+++ openjdk/common/autoconf/configure.ac 2021-12-04 07:43:01.237927592 +0100
|
||||||
@@ -212,6 +212,7 @@
|
@@ -212,6 +212,7 @@
|
||||||
LIB_SETUP_ALSA
|
LIB_SETUP_ALSA
|
||||||
LIB_SETUP_FONTCONFIG
|
LIB_SETUP_FONTCONFIG
|
||||||
@ -8,8 +8,8 @@
|
|||||||
LIB_SETUP_STATIC_LINK_LIBSTDCPP
|
LIB_SETUP_STATIC_LINK_LIBSTDCPP
|
||||||
LIB_SETUP_ON_WINDOWS
|
LIB_SETUP_ON_WINDOWS
|
||||||
|
|
||||||
--- openjdk/common/autoconf/libraries.m4 2021-10-11 13:43:11.729902154 +0200
|
--- openjdk/common/autoconf/libraries.m4 2021-12-04 07:42:42.465816095 +0100
|
||||||
+++ openjdk/common/autoconf/libraries.m4 2021-10-11 13:48:52.612077500 +0200
|
+++ openjdk/common/autoconf/libraries.m4 2021-12-04 07:43:01.237927592 +0100
|
||||||
@@ -1334,3 +1334,63 @@
|
@@ -1334,3 +1334,63 @@
|
||||||
BASIC_DEPRECATED_ARG_WITH([dxsdk-include])
|
BASIC_DEPRECATED_ARG_WITH([dxsdk-include])
|
||||||
fi
|
fi
|
||||||
@ -74,8 +74,8 @@
|
|||||||
+ fi
|
+ fi
|
||||||
+ AC_SUBST(USE_SYSCONF_NSS)
|
+ AC_SUBST(USE_SYSCONF_NSS)
|
||||||
+])
|
+])
|
||||||
--- openjdk/common/autoconf/spec.gmk.in 2021-10-11 13:43:11.729902154 +0200
|
--- openjdk/common/autoconf/spec.gmk.in 2021-12-04 07:42:42.465816095 +0100
|
||||||
+++ openjdk/common/autoconf/spec.gmk.in 2021-10-11 13:48:52.612077500 +0200
|
+++ openjdk/common/autoconf/spec.gmk.in 2021-12-04 07:43:01.249927665 +0100
|
||||||
@@ -313,6 +313,10 @@
|
@@ -313,6 +313,10 @@
|
||||||
ALSA_LIBS:=@ALSA_LIBS@
|
ALSA_LIBS:=@ALSA_LIBS@
|
||||||
ALSA_CFLAGS:=@ALSA_CFLAGS@
|
ALSA_CFLAGS:=@ALSA_CFLAGS@
|
||||||
@ -87,8 +87,8 @@
|
|||||||
PACKAGE_PATH=@PACKAGE_PATH@
|
PACKAGE_PATH=@PACKAGE_PATH@
|
||||||
|
|
||||||
# Source file for cacerts
|
# Source file for cacerts
|
||||||
--- openjdk/common/bin/compare_exceptions.sh.incl 2021-10-11 13:43:11.729902154 +0200
|
--- openjdk/common/bin/compare_exceptions.sh.incl 2021-12-04 07:42:42.465816095 +0100
|
||||||
+++ openjdk/common/bin/compare_exceptions.sh.incl 2021-10-11 13:51:59.469288461 +0200
|
+++ openjdk/common/bin/compare_exceptions.sh.incl 2021-12-04 07:43:01.261927736 +0100
|
||||||
@@ -280,6 +280,7 @@
|
@@ -280,6 +280,7 @@
|
||||||
./jre/lib/i386/libsplashscreen.so
|
./jre/lib/i386/libsplashscreen.so
|
||||||
./jre/lib/i386/libsunec.so
|
./jre/lib/i386/libsunec.so
|
||||||
@ -121,8 +121,8 @@
|
|||||||
./jre/lib/sparcv9/libunpack.so
|
./jre/lib/sparcv9/libunpack.so
|
||||||
./jre/lib/sparcv9/libverify.so
|
./jre/lib/sparcv9/libverify.so
|
||||||
./jre/lib/sparcv9/libzip.so
|
./jre/lib/sparcv9/libzip.so
|
||||||
--- openjdk/common/nb_native/nbproject/configurations.xml 2021-10-11 13:43:11.729902154 +0200
|
--- openjdk/common/nb_native/nbproject/configurations.xml 2021-12-04 07:42:42.469816118 +0100
|
||||||
+++ openjdk/common/nb_native/nbproject/configurations.xml 2021-10-11 13:48:52.620077552 +0200
|
+++ openjdk/common/nb_native/nbproject/configurations.xml 2021-12-04 07:43:01.265927761 +0100
|
||||||
@@ -53,6 +53,9 @@
|
@@ -53,6 +53,9 @@
|
||||||
<in>jvmtiEnterTrace.cpp</in>
|
<in>jvmtiEnterTrace.cpp</in>
|
||||||
</df>
|
</df>
|
||||||
@ -145,8 +145,8 @@
|
|||||||
</item>
|
</item>
|
||||||
<item path="../../jdk/src/share/native/java/util/TimeZone.c"
|
<item path="../../jdk/src/share/native/java/util/TimeZone.c"
|
||||||
ex="false"
|
ex="false"
|
||||||
--- openjdk/jdk/make/lib/SecurityLibraries.gmk 2021-10-11 13:43:12.353906101 +0200
|
--- openjdk/jdk/make/lib/SecurityLibraries.gmk 2021-12-04 07:42:43.161820203 +0100
|
||||||
+++ openjdk/jdk/make/lib/SecurityLibraries.gmk 2021-10-11 13:53:00.397683319 +0200
|
+++ openjdk/jdk/make/lib/SecurityLibraries.gmk 2021-12-04 07:43:01.277927833 +0100
|
||||||
@@ -300,3 +300,34 @@
|
@@ -300,3 +300,34 @@
|
||||||
|
|
||||||
endif
|
endif
|
||||||
@ -183,7 +183,7 @@
|
|||||||
+endif
|
+endif
|
||||||
+
|
+
|
||||||
--- openjdk/jdk/make/mapfiles/libsystemconf/mapfile-vers 1970-01-01 01:00:00.000000000 +0100
|
--- openjdk/jdk/make/mapfiles/libsystemconf/mapfile-vers 1970-01-01 01:00:00.000000000 +0100
|
||||||
+++ openjdk/jdk/make/mapfiles/libsystemconf/mapfile-vers 2021-10-11 13:53:00.397683319 +0200
|
+++ openjdk/jdk/make/mapfiles/libsystemconf/mapfile-vers 2021-12-04 07:43:01.281927857 +0100
|
||||||
@@ -0,0 +1,35 @@
|
@@ -0,0 +1,35 @@
|
||||||
+#
|
+#
|
||||||
+# Copyright (c) 2021, Red Hat, Inc.
|
+# Copyright (c) 2021, Red Hat, Inc.
|
||||||
@ -220,8 +220,8 @@
|
|||||||
+ local:
|
+ local:
|
||||||
+ *;
|
+ *;
|
||||||
+};
|
+};
|
||||||
--- openjdk/jdk/src/share/classes/java/security/Security.java 2021-10-11 13:43:12.057904228 +0200
|
--- openjdk/jdk/src/share/classes/java/security/Security.java 2021-12-04 07:42:43.693823344 +0100
|
||||||
+++ openjdk/jdk/src/share/classes/java/security/Security.java 2021-10-11 13:48:13.139821694 +0200
|
+++ openjdk/jdk/src/share/classes/java/security/Security.java 2021-12-04 07:43:01.281927857 +0100
|
||||||
@@ -30,6 +30,8 @@
|
@@ -30,6 +30,8 @@
|
||||||
import java.util.concurrent.ConcurrentHashMap;
|
import java.util.concurrent.ConcurrentHashMap;
|
||||||
import java.io.*;
|
import java.io.*;
|
||||||
@ -277,8 +277,8 @@
|
|||||||
|
|
||||||
if (!loadedProps) {
|
if (!loadedProps) {
|
||||||
--- openjdk/jdk/src/share/classes/java/security/SystemConfigurator.java 1970-01-01 01:00:00.000000000 +0100
|
--- openjdk/jdk/src/share/classes/java/security/SystemConfigurator.java 1970-01-01 01:00:00.000000000 +0100
|
||||||
+++ openjdk/jdk/src/share/classes/java/security/SystemConfigurator.java 2021-10-11 13:53:00.397683319 +0200
|
+++ openjdk/jdk/src/share/classes/java/security/SystemConfigurator.java 2021-12-04 07:51:03.584923406 +0100
|
||||||
@@ -0,0 +1,212 @@
|
@@ -0,0 +1,223 @@
|
||||||
+/*
|
+/*
|
||||||
+ * Copyright (c) 2019, 2021, Red Hat, Inc.
|
+ * Copyright (c) 2019, 2021, Red Hat, Inc.
|
||||||
+ *
|
+ *
|
||||||
@ -309,6 +309,7 @@
|
|||||||
+
|
+
|
||||||
+import java.io.BufferedInputStream;
|
+import java.io.BufferedInputStream;
|
||||||
+import java.io.FileInputStream;
|
+import java.io.FileInputStream;
|
||||||
|
+import java.io.FileNotFoundException;
|
||||||
+import java.io.IOException;
|
+import java.io.IOException;
|
||||||
+
|
+
|
||||||
+import java.util.Iterator;
|
+import java.util.Iterator;
|
||||||
@ -369,6 +370,16 @@
|
|||||||
+ CRYPTO_POLICIES_JAVA_CONFIG);
|
+ CRYPTO_POLICIES_JAVA_CONFIG);
|
||||||
+ sdebug.println(props.toString());
|
+ sdebug.println(props.toString());
|
||||||
+ }
|
+ }
|
||||||
|
+ } catch (FileNotFoundException exc) {
|
||||||
|
+ if (sdebug != null) {
|
||||||
|
+ sdebug.println("unable to find security properties file " +
|
||||||
|
+ CRYPTO_POLICIES_JAVA_CONFIG);
|
||||||
|
+ exc.printStackTrace();
|
||||||
|
+ }
|
||||||
|
+ /* We should already have the props from our java.security file
|
||||||
|
+ loaded. When not finding system file, we use them instead of
|
||||||
|
+ loading static defaults. */
|
||||||
|
+ loadedProps = true;
|
||||||
+ } catch (IOException e) {
|
+ } catch (IOException e) {
|
||||||
+ if (sdebug != null) {
|
+ if (sdebug != null) {
|
||||||
+ sdebug.println("unable to load security properties from " +
|
+ sdebug.println("unable to load security properties from " +
|
||||||
@ -492,7 +503,7 @@
|
|||||||
+ }
|
+ }
|
||||||
+}
|
+}
|
||||||
--- openjdk/jdk/src/share/classes/sun/misc/JavaSecuritySystemConfiguratorAccess.java 1970-01-01 01:00:00.000000000 +0100
|
--- openjdk/jdk/src/share/classes/sun/misc/JavaSecuritySystemConfiguratorAccess.java 1970-01-01 01:00:00.000000000 +0100
|
||||||
+++ openjdk/jdk/src/share/classes/sun/misc/JavaSecuritySystemConfiguratorAccess.java 2021-10-11 13:47:31.023548751 +0200
|
+++ openjdk/jdk/src/share/classes/sun/misc/JavaSecuritySystemConfiguratorAccess.java 2021-12-04 07:43:01.285927881 +0100
|
||||||
@@ -0,0 +1,30 @@
|
@@ -0,0 +1,30 @@
|
||||||
+/*
|
+/*
|
||||||
+ * Copyright (c) 2020, Red Hat, Inc.
|
+ * Copyright (c) 2020, Red Hat, Inc.
|
||||||
@ -524,8 +535,8 @@
|
|||||||
+public interface JavaSecuritySystemConfiguratorAccess {
|
+public interface JavaSecuritySystemConfiguratorAccess {
|
||||||
+ boolean isSystemFipsEnabled();
|
+ boolean isSystemFipsEnabled();
|
||||||
+}
|
+}
|
||||||
--- openjdk/jdk/src/share/classes/sun/misc/SharedSecrets.java 2021-10-11 13:43:12.181905013 +0200
|
--- openjdk/jdk/src/share/classes/sun/misc/SharedSecrets.java 2021-12-04 07:42:43.793823935 +0100
|
||||||
+++ openjdk/jdk/src/share/classes/sun/misc/SharedSecrets.java 2021-10-11 13:47:31.023548751 +0200
|
+++ openjdk/jdk/src/share/classes/sun/misc/SharedSecrets.java 2021-12-04 07:43:01.285927881 +0100
|
||||||
@@ -63,6 +63,7 @@
|
@@ -63,6 +63,7 @@
|
||||||
private static JavaObjectInputStreamReadString javaObjectInputStreamReadString;
|
private static JavaObjectInputStreamReadString javaObjectInputStreamReadString;
|
||||||
private static JavaObjectInputStreamAccess javaObjectInputStreamAccess;
|
private static JavaObjectInputStreamAccess javaObjectInputStreamAccess;
|
||||||
@ -547,8 +558,8 @@
|
|||||||
+ return javaSecuritySystemConfiguratorAccess;
|
+ return javaSecuritySystemConfiguratorAccess;
|
||||||
+ }
|
+ }
|
||||||
}
|
}
|
||||||
--- openjdk/jdk/src/share/classes/sun/security/pkcs11/SunPKCS11.java 2021-10-11 13:43:12.209905190 +0200
|
--- openjdk/jdk/src/share/classes/sun/security/pkcs11/SunPKCS11.java 2021-12-04 07:42:43.821824100 +0100
|
||||||
+++ openjdk/jdk/src/share/classes/sun/security/pkcs11/SunPKCS11.java 2021-10-11 13:53:42.521956313 +0200
|
+++ openjdk/jdk/src/share/classes/sun/security/pkcs11/SunPKCS11.java 2021-12-04 07:43:01.289927905 +0100
|
||||||
@@ -42,6 +42,8 @@
|
@@ -42,6 +42,8 @@
|
||||||
import javax.security.auth.callback.PasswordCallback;
|
import javax.security.auth.callback.PasswordCallback;
|
||||||
import javax.security.auth.callback.TextOutputCallback;
|
import javax.security.auth.callback.TextOutputCallback;
|
||||||
@ -593,8 +604,8 @@
|
|||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
if (config.getHandleStartupErrors() == Config.ERR_IGNORE_ALL) {
|
if (config.getHandleStartupErrors() == Config.ERR_IGNORE_ALL) {
|
||||||
throw new UnsupportedOperationException
|
throw new UnsupportedOperationException
|
||||||
--- openjdk/jdk/src/share/classes/sun/security/ssl/SSLContextImpl.java 2021-10-11 13:43:12.213905215 +0200
|
--- openjdk/jdk/src/share/classes/sun/security/ssl/SSLContextImpl.java 2021-12-04 07:42:43.825824124 +0100
|
||||||
+++ openjdk/jdk/src/share/classes/sun/security/ssl/SSLContextImpl.java 2021-10-11 13:47:31.023548751 +0200
|
+++ openjdk/jdk/src/share/classes/sun/security/ssl/SSLContextImpl.java 2021-12-04 07:43:01.293927930 +0100
|
||||||
@@ -31,6 +31,7 @@
|
@@ -31,6 +31,7 @@
|
||||||
import java.security.cert.*;
|
import java.security.cert.*;
|
||||||
import java.util.*;
|
import java.util.*;
|
||||||
@ -669,8 +680,8 @@
|
|||||||
return new ProtocolVersion[]{
|
return new ProtocolVersion[]{
|
||||||
ProtocolVersion.TLS12,
|
ProtocolVersion.TLS12,
|
||||||
ProtocolVersion.TLS11,
|
ProtocolVersion.TLS11,
|
||||||
--- openjdk/jdk/src/share/classes/sun/security/ssl/SunJSSE.java 2021-10-11 13:43:12.217905240 +0200
|
--- openjdk/jdk/src/share/classes/sun/security/ssl/SunJSSE.java 2021-12-04 07:42:43.825824124 +0100
|
||||||
+++ openjdk/jdk/src/share/classes/sun/security/ssl/SunJSSE.java 2021-10-11 13:47:31.023548751 +0200
|
+++ openjdk/jdk/src/share/classes/sun/security/ssl/SunJSSE.java 2021-12-04 07:43:01.293927930 +0100
|
||||||
@@ -30,6 +30,8 @@
|
@@ -30,6 +30,8 @@
|
||||||
|
|
||||||
import java.security.*;
|
import java.security.*;
|
||||||
@ -694,8 +705,8 @@
|
|||||||
put("SSLContext.TLS",
|
put("SSLContext.TLS",
|
||||||
"sun.security.ssl.SSLContextImpl$TLSContext");
|
"sun.security.ssl.SSLContextImpl$TLSContext");
|
||||||
if (isfips == false) {
|
if (isfips == false) {
|
||||||
--- openjdk/jdk/src/share/lib/security/java.security-linux 2021-10-11 13:43:12.289905696 +0200
|
--- openjdk/jdk/src/share/lib/security/java.security-linux 2021-12-04 07:42:43.901824572 +0100
|
||||||
+++ openjdk/jdk/src/share/lib/security/java.security-linux 2021-10-11 13:46:49.111277230 +0200
|
+++ openjdk/jdk/src/share/lib/security/java.security-linux 2021-12-04 07:43:01.297927954 +0100
|
||||||
@@ -77,6 +77,14 @@
|
@@ -77,6 +77,14 @@
|
||||||
#security.provider.10=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.cfg
|
#security.provider.10=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.cfg
|
||||||
|
|
||||||
@ -724,7 +735,7 @@
|
|||||||
#
|
#
|
||||||
# When set to 'true', the JKS keystore type supports loading
|
# When set to 'true', the JKS keystore type supports loading
|
||||||
--- openjdk/jdk/src/solaris/native/java/security/systemconf.c 1970-01-01 01:00:00.000000000 +0100
|
--- openjdk/jdk/src/solaris/native/java/security/systemconf.c 1970-01-01 01:00:00.000000000 +0100
|
||||||
+++ openjdk/jdk/src/solaris/native/java/security/systemconf.c 2021-10-11 13:53:00.397683319 +0200
|
+++ openjdk/jdk/src/solaris/native/java/security/systemconf.c 2021-12-04 07:43:01.297927954 +0100
|
||||||
@@ -0,0 +1,170 @@
|
@@ -0,0 +1,170 @@
|
||||||
+/*
|
+/*
|
||||||
+ * Copyright (c) 2021, Red Hat, Inc.
|
+ * Copyright (c) 2021, Red Hat, Inc.
|
||||||
|
|||||||
@ -1,3 +1,15 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Sat Dec 4 07:23:12 UTC 2021 - Fridrich Strba <fstrba@suse.com>
|
||||||
|
|
||||||
|
- Modified patch:
|
||||||
|
* fips.patch
|
||||||
|
+ Do not fall back to static initialization of crypto providers
|
||||||
|
when system crypto policy files are not available. Instead,
|
||||||
|
use the information from the java.security file that we
|
||||||
|
distribute with OpenJDK. The same way as if system property
|
||||||
|
java.security.disableSystemPropertiesFile was set in this
|
||||||
|
case (bsc#1193314)
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Fri Nov 5 18:01:42 UTC 2021 - Fridrich Strba <fstrba@suse.com>
|
Fri Nov 5 18:01:42 UTC 2021 - Fridrich Strba <fstrba@suse.com>
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user