pool/java-1_8_0-openjdk
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 939563 from Java:Factory

Browse Source 
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/939563
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/java-1_8_0-openjdk?expand=0&rev=84
This commit is contained in:
Dominique Leuenberger 2021-12-13 19:41:36 +00:00 committed by Git OBS Bridge
commit c742bc1b13
2 changed files with 49 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
fips.patch
View File

@ -1,5 +1,5 @@
--- openjdk/common/autoconf/configure.ac 2021-10-11 13:43:11.725902128 +0200 --- openjdk/common/autoconf/configure.ac 2021-12-04 07:42:42.465816095 +0100
+++ openjdk/common/autoconf/configure.ac 2021-10-11 13:48:52.612077500 +0200 +++ openjdk/common/autoconf/configure.ac 2021-12-04 07:43:01.237927592 +0100
@@ -212,6 +212,7 @@ @@ -212,6 +212,7 @@
LIB_SETUP_ALSA LIB_SETUP_ALSA
LIB_SETUP_FONTCONFIG LIB_SETUP_FONTCONFIG
@ -8,8 +8,8 @@
LIB_SETUP_STATIC_LINK_LIBSTDCPP LIB_SETUP_STATIC_LINK_LIBSTDCPP
LIB_SETUP_ON_WINDOWS LIB_SETUP_ON_WINDOWS
--- openjdk/common/autoconf/libraries.m4 2021-10-11 13:43:11.729902154 +0200 --- openjdk/common/autoconf/libraries.m4 2021-12-04 07:42:42.465816095 +0100
+++ openjdk/common/autoconf/libraries.m4 2021-10-11 13:48:52.612077500 +0200 +++ openjdk/common/autoconf/libraries.m4 2021-12-04 07:43:01.237927592 +0100
@@ -1334,3 +1334,63 @@ @@ -1334,3 +1334,63 @@
BASIC_DEPRECATED_ARG_WITH([dxsdk-include]) BASIC_DEPRECATED_ARG_WITH([dxsdk-include])
fi fi
@ -74,8 +74,8 @@
+ fi + fi
+ AC_SUBST(USE_SYSCONF_NSS) + AC_SUBST(USE_SYSCONF_NSS)
+]) +])
--- openjdk/common/autoconf/spec.gmk.in 2021-10-11 13:43:11.729902154 +0200 --- openjdk/common/autoconf/spec.gmk.in 2021-12-04 07:42:42.465816095 +0100
+++ openjdk/common/autoconf/spec.gmk.in 2021-10-11 13:48:52.612077500 +0200 +++ openjdk/common/autoconf/spec.gmk.in 2021-12-04 07:43:01.249927665 +0100
@@ -313,6 +313,10 @@ @@ -313,6 +313,10 @@
ALSA_LIBS:=@ALSA_LIBS@ ALSA_LIBS:=@ALSA_LIBS@
ALSA_CFLAGS:=@ALSA_CFLAGS@ ALSA_CFLAGS:=@ALSA_CFLAGS@
@ -87,8 +87,8 @@
PACKAGE_PATH=@PACKAGE_PATH@ PACKAGE_PATH=@PACKAGE_PATH@
# Source file for cacerts # Source file for cacerts
--- openjdk/common/bin/compare_exceptions.sh.incl 2021-10-11 13:43:11.729902154 +0200 --- openjdk/common/bin/compare_exceptions.sh.incl 2021-12-04 07:42:42.465816095 +0100
+++ openjdk/common/bin/compare_exceptions.sh.incl 2021-10-11 13:51:59.469288461 +0200 +++ openjdk/common/bin/compare_exceptions.sh.incl 2021-12-04 07:43:01.261927736 +0100
@@ -280,6 +280,7 @@ @@ -280,6 +280,7 @@
./jre/lib/i386/libsplashscreen.so ./jre/lib/i386/libsplashscreen.so
./jre/lib/i386/libsunec.so ./jre/lib/i386/libsunec.so
@ -121,8 +121,8 @@
./jre/lib/sparcv9/libunpack.so ./jre/lib/sparcv9/libunpack.so
./jre/lib/sparcv9/libverify.so ./jre/lib/sparcv9/libverify.so
./jre/lib/sparcv9/libzip.so ./jre/lib/sparcv9/libzip.so
--- openjdk/common/nb_native/nbproject/configurations.xml 2021-10-11 13:43:11.729902154 +0200 --- openjdk/common/nb_native/nbproject/configurations.xml 2021-12-04 07:42:42.469816118 +0100
+++ openjdk/common/nb_native/nbproject/configurations.xml 2021-10-11 13:48:52.620077552 +0200 +++ openjdk/common/nb_native/nbproject/configurations.xml 2021-12-04 07:43:01.265927761 +0100
@@ -53,6 +53,9 @@ @@ -53,6 +53,9 @@
<in>jvmtiEnterTrace.cpp</in> <in>jvmtiEnterTrace.cpp</in>
</df> </df>
@ -145,8 +145,8 @@
</item> </item>
<item path="../../jdk/src/share/native/java/util/TimeZone.c" <item path="../../jdk/src/share/native/java/util/TimeZone.c"
ex="false" ex="false"
--- openjdk/jdk/make/lib/SecurityLibraries.gmk 2021-10-11 13:43:12.353906101 +0200 --- openjdk/jdk/make/lib/SecurityLibraries.gmk 2021-12-04 07:42:43.161820203 +0100
+++ openjdk/jdk/make/lib/SecurityLibraries.gmk 2021-10-11 13:53:00.397683319 +0200 +++ openjdk/jdk/make/lib/SecurityLibraries.gmk 2021-12-04 07:43:01.277927833 +0100
@@ -300,3 +300,34 @@ @@ -300,3 +300,34 @@
endif endif
@ -183,7 +183,7 @@
+endif +endif
+ +
--- openjdk/jdk/make/mapfiles/libsystemconf/mapfile-vers 1970-01-01 01:00:00.000000000 +0100 --- openjdk/jdk/make/mapfiles/libsystemconf/mapfile-vers 1970-01-01 01:00:00.000000000 +0100
+++ openjdk/jdk/make/mapfiles/libsystemconf/mapfile-vers 2021-10-11 13:53:00.397683319 +0200 +++ openjdk/jdk/make/mapfiles/libsystemconf/mapfile-vers 2021-12-04 07:43:01.281927857 +0100
@@ -0,0 +1,35 @@ @@ -0,0 +1,35 @@
+# +#
+# Copyright (c) 2021, Red Hat, Inc. +# Copyright (c) 2021, Red Hat, Inc.
@ -220,8 +220,8 @@
+ local: + local:
+ *; + *;
+}; +};
--- openjdk/jdk/src/share/classes/java/security/Security.java 2021-10-11 13:43:12.057904228 +0200 --- openjdk/jdk/src/share/classes/java/security/Security.java 2021-12-04 07:42:43.693823344 +0100
+++ openjdk/jdk/src/share/classes/java/security/Security.java 2021-10-11 13:48:13.139821694 +0200 +++ openjdk/jdk/src/share/classes/java/security/Security.java 2021-12-04 10:17:29.503072332 +0100
@@ -30,6 +30,8 @@ @@ -30,6 +30,8 @@
import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.ConcurrentHashMap;
import java.io.*; import java.io.*;
@ -247,17 +247,23 @@
// doPrivileged here because there are multiple // doPrivileged here because there are multiple
// things in initialize that might require privs. // things in initialize that might require privs.
// (the FileInputStream call and the File.exists call, // (the FileInputStream call and the File.exists call,
@@ -191,27 +202,7 @@ @@ -188,29 +199,10 @@
if (disableSystemProps == null && }
"true".equalsIgnoreCase(props.getProperty
("security.useSystemPropertiesFile"))) { String disableSystemProps = System.getProperty("java.security.disableSystemPropertiesFile");
- if (disableSystemProps == null &&
- "true".equalsIgnoreCase(props.getProperty
- ("security.useSystemPropertiesFile"))) {
- -
- // now load the system file, if it exists, so its values - // now load the system file, if it exists, so its values
- // will win if they conflict with the earlier values - // will win if they conflict with the earlier values
- try (BufferedInputStream bis = - try (BufferedInputStream bis =
- new BufferedInputStream(new FileInputStream(SYSTEM_PROPERTIES))) { - new BufferedInputStream(new FileInputStream(SYSTEM_PROPERTIES))) {
- props.load(bis); - props.load(bis);
- loadedProps = true; + if ((disableSystemProps == null || "false".equalsIgnoreCase(disableSystemProps)) &&
+ "true".equalsIgnoreCase(props.getProperty("security.useSystemPropertiesFile"))) {
+ if (SystemConfigurator.configure(props)) {
loadedProps = true;
- -
- if (sdebug != null) { - if (sdebug != null) {
- sdebug.println("reading system security properties file " + - sdebug.println("reading system security properties file " +
@ -271,13 +277,11 @@
- SYSTEM_PROPERTIES); - SYSTEM_PROPERTIES);
- e.printStackTrace(); - e.printStackTrace();
- } - }
- } }
+ loadedProps = loadedProps && SystemConfigurator.configure(props);
} }
if (!loadedProps) {
--- openjdk/jdk/src/share/classes/java/security/SystemConfigurator.java 1970-01-01 01:00:00.000000000 +0100 --- openjdk/jdk/src/share/classes/java/security/SystemConfigurator.java 1970-01-01 01:00:00.000000000 +0100
+++ openjdk/jdk/src/share/classes/java/security/SystemConfigurator.java 2021-10-11 13:53:00.397683319 +0200 +++ openjdk/jdk/src/share/classes/java/security/SystemConfigurator.java 2021-12-04 10:17:58.159258084 +0100
@@ -0,0 +1,212 @@ @@ -0,0 +1,212 @@
+/* +/*
+ * Copyright (c) 2019, 2021, Red Hat, Inc. + * Copyright (c) 2019, 2021, Red Hat, Inc.
@ -492,7 +496,7 @@
+ } + }
+} +}
--- openjdk/jdk/src/share/classes/sun/misc/JavaSecuritySystemConfiguratorAccess.java 1970-01-01 01:00:00.000000000 +0100 --- openjdk/jdk/src/share/classes/sun/misc/JavaSecuritySystemConfiguratorAccess.java 1970-01-01 01:00:00.000000000 +0100
+++ openjdk/jdk/src/share/classes/sun/misc/JavaSecuritySystemConfiguratorAccess.java 2021-10-11 13:47:31.023548751 +0200 +++ openjdk/jdk/src/share/classes/sun/misc/JavaSecuritySystemConfiguratorAccess.java 2021-12-04 07:43:01.285927881 +0100
@@ -0,0 +1,30 @@ @@ -0,0 +1,30 @@
+/* +/*
+ * Copyright (c) 2020, Red Hat, Inc. + * Copyright (c) 2020, Red Hat, Inc.
@ -524,8 +528,8 @@
+public interface JavaSecuritySystemConfiguratorAccess { +public interface JavaSecuritySystemConfiguratorAccess {
+ boolean isSystemFipsEnabled(); + boolean isSystemFipsEnabled();
+} +}
--- openjdk/jdk/src/share/classes/sun/misc/SharedSecrets.java 2021-10-11 13:43:12.181905013 +0200 --- openjdk/jdk/src/share/classes/sun/misc/SharedSecrets.java 2021-12-04 07:42:43.793823935 +0100
+++ openjdk/jdk/src/share/classes/sun/misc/SharedSecrets.java 2021-10-11 13:47:31.023548751 +0200 +++ openjdk/jdk/src/share/classes/sun/misc/SharedSecrets.java 2021-12-04 07:43:01.285927881 +0100
@@ -63,6 +63,7 @@ @@ -63,6 +63,7 @@
private static JavaObjectInputStreamReadString javaObjectInputStreamReadString; private static JavaObjectInputStreamReadString javaObjectInputStreamReadString;
private static JavaObjectInputStreamAccess javaObjectInputStreamAccess; private static JavaObjectInputStreamAccess javaObjectInputStreamAccess;
@ -547,8 +551,8 @@
+ return javaSecuritySystemConfiguratorAccess; + return javaSecuritySystemConfiguratorAccess;
+ } + }
} }
--- openjdk/jdk/src/share/classes/sun/security/pkcs11/SunPKCS11.java 2021-10-11 13:43:12.209905190 +0200 --- openjdk/jdk/src/share/classes/sun/security/pkcs11/SunPKCS11.java 2021-12-04 07:42:43.821824100 +0100
+++ openjdk/jdk/src/share/classes/sun/security/pkcs11/SunPKCS11.java 2021-10-11 13:53:42.521956313 +0200 +++ openjdk/jdk/src/share/classes/sun/security/pkcs11/SunPKCS11.java 2021-12-04 07:43:01.289927905 +0100
@@ -42,6 +42,8 @@ @@ -42,6 +42,8 @@
import javax.security.auth.callback.PasswordCallback; import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.TextOutputCallback; import javax.security.auth.callback.TextOutputCallback;
@ -593,8 +597,8 @@
} catch (Exception e) { } catch (Exception e) {
if (config.getHandleStartupErrors() == Config.ERR_IGNORE_ALL) { if (config.getHandleStartupErrors() == Config.ERR_IGNORE_ALL) {
throw new UnsupportedOperationException throw new UnsupportedOperationException
--- openjdk/jdk/src/share/classes/sun/security/ssl/SSLContextImpl.java 2021-10-11 13:43:12.213905215 +0200 --- openjdk/jdk/src/share/classes/sun/security/ssl/SSLContextImpl.java 2021-12-04 07:42:43.825824124 +0100
+++ openjdk/jdk/src/share/classes/sun/security/ssl/SSLContextImpl.java 2021-10-11 13:47:31.023548751 +0200 +++ openjdk/jdk/src/share/classes/sun/security/ssl/SSLContextImpl.java 2021-12-04 07:43:01.293927930 +0100
@@ -31,6 +31,7 @@ @@ -31,6 +31,7 @@
import java.security.cert.*; import java.security.cert.*;
import java.util.*; import java.util.*;
@ -669,8 +673,8 @@
return new ProtocolVersion[]{ return new ProtocolVersion[]{
ProtocolVersion.TLS12, ProtocolVersion.TLS12,
ProtocolVersion.TLS11, ProtocolVersion.TLS11,
--- openjdk/jdk/src/share/classes/sun/security/ssl/SunJSSE.java 2021-10-11 13:43:12.217905240 +0200 --- openjdk/jdk/src/share/classes/sun/security/ssl/SunJSSE.java 2021-12-04 07:42:43.825824124 +0100
+++ openjdk/jdk/src/share/classes/sun/security/ssl/SunJSSE.java 2021-10-11 13:47:31.023548751 +0200 +++ openjdk/jdk/src/share/classes/sun/security/ssl/SunJSSE.java 2021-12-04 07:43:01.293927930 +0100
@@ -30,6 +30,8 @@ @@ -30,6 +30,8 @@
import java.security.*; import java.security.*;
@ -694,8 +698,8 @@
put("SSLContext.TLS", put("SSLContext.TLS",
"sun.security.ssl.SSLContextImpl$TLSContext"); "sun.security.ssl.SSLContextImpl$TLSContext");
if (isfips == false) { if (isfips == false) {
--- openjdk/jdk/src/share/lib/security/java.security-linux 2021-10-11 13:43:12.289905696 +0200 --- openjdk/jdk/src/share/lib/security/java.security-linux 2021-12-04 07:42:43.901824572 +0100
+++ openjdk/jdk/src/share/lib/security/java.security-linux 2021-10-11 13:46:49.111277230 +0200 +++ openjdk/jdk/src/share/lib/security/java.security-linux 2021-12-04 07:43:01.297927954 +0100
@@ -77,6 +77,14 @@ @@ -77,6 +77,14 @@
#security.provider.10=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.cfg #security.provider.10=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.cfg
@ -724,7 +728,7 @@
# #
# When set to 'true', the JKS keystore type supports loading # When set to 'true', the JKS keystore type supports loading
--- openjdk/jdk/src/solaris/native/java/security/systemconf.c 1970-01-01 01:00:00.000000000 +0100 --- openjdk/jdk/src/solaris/native/java/security/systemconf.c 1970-01-01 01:00:00.000000000 +0100
+++ openjdk/jdk/src/solaris/native/java/security/systemconf.c 2021-10-11 13:53:00.397683319 +0200 +++ openjdk/jdk/src/solaris/native/java/security/systemconf.c 2021-12-04 07:43:01.297927954 +0100
@@ -0,0 +1,170 @@ @@ -0,0 +1,170 @@
+/* +/*
+ * Copyright (c) 2021, Red Hat, Inc. + * Copyright (c) 2021, Red Hat, Inc.

9
java-1_8_0-openjdk.changes
View File

@ -1,3 +1,12 @@
-------------------------------------------------------------------
Sat Dec 4 07:23:12 UTC 2021 - Fridrich Strba <fstrba@suse.com>
- Modified patch:
* fips.patch
+ When system crypto policy files are not available, use the
information from the java.security file that we distribute
with OpenJDK as a fallback. (bsc#1193314)
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Nov 5 18:01:42 UTC 2021 - Fridrich Strba <fstrba@suse.com> Fri Nov 5 18:01:42 UTC 2021 - Fridrich Strba <fstrba@suse.com>