Merge
This commit is contained in:
commit
dc82364e05
.hgtags
make/jdk/src/classes/build/tools/generatecacerts
src
hotspot/share
java.base/share/classes/sun/security
jdk.compiler/share/classes/com/sun/tools/javac/main
jdk.crypto.cryptoki/share/native/libj2pkcs11
jdk.jdeps/share/classes/com/sun/tools/javap
test
1
.hgtags
1
.hgtags
@ -563,4 +563,5 @@ f2f11d7f7f4e7128f8aba6ffa576cfa76fbf7d1a jdk-13+21
|
||||
b034d2dee5fc93d42a81b65e58ce3f91e42586ff jdk-13+23
|
||||
7e2238451585029680f126ccbb46d01f2ff5607f jdk-13+24
|
||||
22b3b7983adab54e318f75aeb94471f7a4429c1e jdk-14+0
|
||||
22b3b7983adab54e318f75aeb94471f7a4429c1e jdk-13+25
|
||||
2f4e214781a1d597ed36bf5a36f20928c6c82996 jdk-14+1
|
||||
|
@ -25,12 +25,23 @@
|
||||
|
||||
package build.tools.generatecacerts;
|
||||
|
||||
import java.io.DataOutputStream;
|
||||
import java.io.FileOutputStream;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.io.OutputStream;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.nio.file.Files;
|
||||
import java.nio.file.Path;
|
||||
import java.security.KeyStore;
|
||||
import java.security.DigestOutputStream;
|
||||
import java.security.MessageDigest;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.cert.CertificateException;
|
||||
import java.security.cert.CertificateFactory;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
/**
|
||||
* Generate cacerts
|
||||
@ -39,23 +50,99 @@ import java.security.cert.CertificateFactory;
|
||||
*/
|
||||
public class GenerateCacerts {
|
||||
public static void main(String[] args) throws Exception {
|
||||
KeyStore ks = KeyStore.getInstance("JKS");
|
||||
ks.load(null, null);
|
||||
CertificateFactory cf = CertificateFactory.getInstance("X509");
|
||||
Files.list(Path.of(args[0]))
|
||||
.filter(p -> !p.getFileName().toString().equals("README"))
|
||||
.forEach(p -> {
|
||||
try {
|
||||
String alias = p.getFileName().toString() + " [jdk]";
|
||||
try (InputStream fis = Files.newInputStream(p)) {
|
||||
ks.setCertificateEntry(alias, cf.generateCertificate(fis));
|
||||
}
|
||||
} catch (Exception e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
});
|
||||
try (FileOutputStream fos = new FileOutputStream(args[1])) {
|
||||
ks.store(fos, "changeit".toCharArray());
|
||||
store(args[0], fos, "changeit".toCharArray());
|
||||
}
|
||||
}
|
||||
|
||||
// The following code are copied from JavaKeyStore.java.
|
||||
|
||||
private static final int MAGIC = 0xfeedfeed;
|
||||
private static final int VERSION_2 = 0x02;
|
||||
|
||||
// This method is a simplified version of JavaKeyStore::engineStore.
|
||||
// A new "dir" argument is added. All cert names in "dir" is collected into
|
||||
// a sorted array. Each cert is stored with a creation date set to its
|
||||
// notBefore value. Thus the output is determined as long as the certs
|
||||
// are the same.
|
||||
public static void store(String dir, OutputStream stream, char[] password)
|
||||
throws IOException, NoSuchAlgorithmException, CertificateException
|
||||
{
|
||||
byte[] encoded; // the certificate encoding
|
||||
CertificateFactory cf = CertificateFactory.getInstance("X509");
|
||||
|
||||
MessageDigest md = getPreKeyedHash(password);
|
||||
DataOutputStream dos
|
||||
= new DataOutputStream(new DigestOutputStream(stream, md));
|
||||
|
||||
dos.writeInt(MAGIC);
|
||||
// always write the latest version
|
||||
dos.writeInt(VERSION_2);
|
||||
|
||||
// All file names in dir sorted.
|
||||
// README is excluded. Name starting with "." excluded.
|
||||
List<String> entries = Files.list(Path.of(dir))
|
||||
.map(p -> p.getFileName().toString())
|
||||
.filter(s -> !s.equals("README") && !s.startsWith("."))
|
||||
.collect(Collectors.toList());
|
||||
|
||||
entries.sort(String::compareTo);
|
||||
|
||||
dos.writeInt(entries.size());
|
||||
|
||||
for (String entry : entries) {
|
||||
|
||||
String alias = entry + " [jdk]";
|
||||
X509Certificate cert;
|
||||
try (InputStream fis = Files.newInputStream(Path.of(dir, entry))) {
|
||||
cert = (X509Certificate) cf.generateCertificate(fis);
|
||||
}
|
||||
|
||||
dos.writeInt(2);
|
||||
|
||||
// Write the alias
|
||||
dos.writeUTF(alias);
|
||||
|
||||
// Write the (entry creation) date, which is notBefore of the cert
|
||||
dos.writeLong(cert.getNotBefore().getTime());
|
||||
|
||||
// Write the trusted certificate
|
||||
encoded = cert.getEncoded();
|
||||
dos.writeUTF(cert.getType());
|
||||
dos.writeInt(encoded.length);
|
||||
dos.write(encoded);
|
||||
}
|
||||
|
||||
/*
|
||||
* Write the keyed hash which is used to detect tampering with
|
||||
* the keystore (such as deleting or modifying key or
|
||||
* certificate entries).
|
||||
*/
|
||||
byte[] digest = md.digest();
|
||||
|
||||
dos.write(digest);
|
||||
dos.flush();
|
||||
}
|
||||
|
||||
private static MessageDigest getPreKeyedHash(char[] password)
|
||||
throws NoSuchAlgorithmException, UnsupportedEncodingException
|
||||
{
|
||||
|
||||
MessageDigest md = MessageDigest.getInstance("SHA");
|
||||
byte[] passwdBytes = convertToBytes(password);
|
||||
md.update(passwdBytes);
|
||||
Arrays.fill(passwdBytes, (byte) 0x00);
|
||||
md.update("Mighty Aphrodite".getBytes("UTF8"));
|
||||
return md;
|
||||
}
|
||||
|
||||
private static byte[] convertToBytes(char[] password) {
|
||||
int i, j;
|
||||
byte[] passwdBytes = new byte[password.length * 2];
|
||||
for (i=0, j=0; i<password.length; i++) {
|
||||
passwdBytes[j++] = (byte)(password[i] >> 8);
|
||||
passwdBytes[j++] = (byte)password[i];
|
||||
}
|
||||
return passwdBytes;
|
||||
}
|
||||
}
|
||||
|
@ -2861,14 +2861,17 @@ void SystemDictionary::dump(outputStream *st, bool verbose) {
|
||||
}
|
||||
|
||||
TableStatistics SystemDictionary::placeholders_statistics() {
|
||||
MutexLocker ml(SystemDictionary_lock);
|
||||
return placeholders()->statistics_calculate();
|
||||
}
|
||||
|
||||
TableStatistics SystemDictionary::loader_constraints_statistics() {
|
||||
MutexLocker ml(SystemDictionary_lock);
|
||||
return constraints()->statistics_calculate();
|
||||
}
|
||||
|
||||
TableStatistics SystemDictionary::protection_domain_cache_statistics() {
|
||||
MutexLocker ml(SystemDictionary_lock);
|
||||
return pd_cache_table()->statistics_calculate();
|
||||
}
|
||||
|
||||
|
@ -4501,8 +4501,8 @@ JVMState* LibraryCallKit::arraycopy_restore_alloc_state(AllocateArrayNode* alloc
|
||||
ciMethod* trap_method = alloc->jvms()->method();
|
||||
int trap_bci = alloc->jvms()->bci();
|
||||
|
||||
if (!C->too_many_traps(trap_method, trap_bci, Deoptimization::Reason_intrinsic) &
|
||||
!C->too_many_traps(trap_method, trap_bci, Deoptimization::Reason_null_check)) {
|
||||
if (!C->too_many_traps(trap_method, trap_bci, Deoptimization::Reason_intrinsic) &&
|
||||
!C->too_many_traps(trap_method, trap_bci, Deoptimization::Reason_null_check)) {
|
||||
// Make sure there's no store between the allocation and the
|
||||
// arraycopy otherwise visible side effects could be rexecuted
|
||||
// in case of deoptimization and cause incorrect execution.
|
||||
|
@ -1083,7 +1083,7 @@ JvmtiEnvBase::get_object_monitor_usage(JavaThread* calling_thread, jobject objec
|
||||
// If the monitor has no owner, then a non-suspended contending
|
||||
// thread could potentially change the state of the monitor by
|
||||
// entering it. The JVM/TI spec doesn't allow this.
|
||||
if (owning_thread == NULL && !at_safepoint &
|
||||
if (owning_thread == NULL && !at_safepoint &&
|
||||
!pending_thread->is_thread_fully_suspended(true, &debug_bits)) {
|
||||
if (ret.owner != NULL) {
|
||||
destroy_jni_reference(calling_thread, ret.owner);
|
||||
|
@ -38,6 +38,7 @@ import java.net.SocketException;
|
||||
import java.net.UnknownHostException;
|
||||
import java.nio.ByteBuffer;
|
||||
import java.util.List;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
import java.util.concurrent.locks.ReentrantLock;
|
||||
import java.util.function.BiFunction;
|
||||
import javax.net.ssl.HandshakeCompletedListener;
|
||||
@ -618,27 +619,76 @@ public final class SSLSocketImpl
|
||||
|
||||
// Need a lock here so that the user_canceled alert and the
|
||||
// close_notify alert can be delivered together.
|
||||
conContext.outputRecord.recordLock.lock();
|
||||
try {
|
||||
int linger = getSoLinger();
|
||||
if (linger >= 0) {
|
||||
// don't wait more than SO_LINGER for obtaining the
|
||||
// the lock.
|
||||
//
|
||||
// keep and clear the current thread interruption status.
|
||||
boolean interrupted = Thread.interrupted();
|
||||
try {
|
||||
// send a user_canceled alert if needed.
|
||||
if (useUserCanceled) {
|
||||
conContext.warning(Alert.USER_CANCELED);
|
||||
}
|
||||
if (conContext.outputRecord.recordLock.tryLock() ||
|
||||
conContext.outputRecord.recordLock.tryLock(
|
||||
linger, TimeUnit.SECONDS)) {
|
||||
try {
|
||||
handleClosedNotifyAlert(useUserCanceled);
|
||||
} finally {
|
||||
conContext.outputRecord.recordLock.unlock();
|
||||
}
|
||||
} else {
|
||||
// For layered, non-autoclose sockets, we are not
|
||||
// able to bring them into a usable state, so we
|
||||
// treat it as fatal error.
|
||||
if (!super.isOutputShutdown()) {
|
||||
if (isLayered() && !autoClose) {
|
||||
throw new SSLException(
|
||||
"SO_LINGER timeout, " +
|
||||
"close_notify message cannot be sent.");
|
||||
} else {
|
||||
super.shutdownOutput();
|
||||
if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
|
||||
SSLLogger.warning(
|
||||
"SSLSocket output duplex close failed: " +
|
||||
"SO_LINGER timeout, " +
|
||||
"close_notify message cannot be sent.");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// send a close_notify alert
|
||||
conContext.warning(Alert.CLOSE_NOTIFY);
|
||||
} finally {
|
||||
if (!conContext.isOutboundClosed()) {
|
||||
conContext.outputRecord.close();
|
||||
}
|
||||
|
||||
if ((autoClose || !isLayered()) && !super.isOutputShutdown()) {
|
||||
super.shutdownOutput();
|
||||
// RFC2246 requires that the session becomes
|
||||
// unresumable if any connection is terminated
|
||||
// without proper close_notify messages with
|
||||
// level equal to warning.
|
||||
//
|
||||
// RFC4346 no longer requires that a session not be
|
||||
// resumed if failure to properly close a connection.
|
||||
//
|
||||
// We choose to make the session unresumable if
|
||||
// failed to send the close_notify message.
|
||||
//
|
||||
conContext.conSession.invalidate();
|
||||
if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
|
||||
SSLLogger.warning(
|
||||
"Invalidate the session: SO_LINGER timeout, " +
|
||||
"close_notify message cannot be sent.");
|
||||
}
|
||||
}
|
||||
} catch (InterruptedException ex) {
|
||||
// keep interrupted status
|
||||
interrupted = true;
|
||||
}
|
||||
|
||||
// restore the interrupted status
|
||||
if (interrupted) {
|
||||
Thread.currentThread().interrupt();
|
||||
}
|
||||
} else {
|
||||
conContext.outputRecord.recordLock.lock();
|
||||
try {
|
||||
handleClosedNotifyAlert(useUserCanceled);
|
||||
} finally {
|
||||
conContext.outputRecord.recordLock.unlock();
|
||||
}
|
||||
} finally {
|
||||
conContext.outputRecord.recordLock.unlock();
|
||||
}
|
||||
|
||||
if (!isInputShutdown()) {
|
||||
@ -646,6 +696,28 @@ public final class SSLSocketImpl
|
||||
}
|
||||
}
|
||||
|
||||
private void handleClosedNotifyAlert(
|
||||
boolean useUserCanceled) throws IOException {
|
||||
try {
|
||||
// send a user_canceled alert if needed.
|
||||
if (useUserCanceled) {
|
||||
conContext.warning(Alert.USER_CANCELED);
|
||||
}
|
||||
|
||||
// send a close_notify alert
|
||||
conContext.warning(Alert.CLOSE_NOTIFY);
|
||||
} finally {
|
||||
if (!conContext.isOutboundClosed()) {
|
||||
conContext.outputRecord.close();
|
||||
}
|
||||
|
||||
if (!super.isOutputShutdown() &&
|
||||
(autoClose || !isLayered())) {
|
||||
super.shutdownOutput();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Duplex close, start from closing inbound.
|
||||
*
|
||||
|
@ -2418,9 +2418,9 @@ public final class Main {
|
||||
out.println(form.format(source));
|
||||
out.println();
|
||||
|
||||
for (Enumeration<String> e = keyStore.aliases();
|
||||
e.hasMoreElements(); ) {
|
||||
String alias = e.nextElement();
|
||||
List<String> aliases = Collections.list(keyStore.aliases());
|
||||
aliases.sort(String::compareTo);
|
||||
for (String alias : aliases) {
|
||||
doPrintEntry("<" + alias + ">", alias, out);
|
||||
if (verbose || rfc) {
|
||||
out.println(rb.getString("NEWLINE"));
|
||||
|
@ -477,7 +477,7 @@ public class Main {
|
||||
}
|
||||
|
||||
try (InputStream in = getClass().getResourceAsStream('/' + className.replace('.', '/') + ".class")) {
|
||||
final String algorithm = "MD5";
|
||||
final String algorithm = "SHA-256";
|
||||
byte[] digest;
|
||||
MessageDigest md = MessageDigest.getInstance(algorithm);
|
||||
try (DigestInputStream din = new DigestInputStream(in, md)) {
|
||||
|
@ -51,6 +51,7 @@
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <assert.h>
|
||||
#include "jlong.h"
|
||||
|
||||
#include "sun_security_pkcs11_wrapper_PKCS11.h"
|
||||
|
||||
@ -96,8 +97,8 @@ JNIEXPORT jlong JNICALL
|
||||
Java_sun_security_pkcs11_wrapper_PKCS11_freeMechanism
|
||||
(JNIEnv *env, jclass thisClass, jlong ckpMechanism) {
|
||||
if (ckpMechanism != 0L) {
|
||||
freeCKMechanismPtr((CK_MECHANISM_PTR) ckpMechanism);
|
||||
TRACE1("DEBUG PKCS11_freeMechanism: free pMech = %x\n", (jlong)ckpMechanism);
|
||||
freeCKMechanismPtr(jlong_to_ptr(ckpMechanism));
|
||||
TRACE1("DEBUG PKCS11_freeMechanism: free pMech = %x\n", ckpMechanism);
|
||||
}
|
||||
return 0L;
|
||||
}
|
||||
|
@ -91,8 +91,8 @@ JNIEXPORT void JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1SignInit
|
||||
(ckpMechanism->pParameter == NULL)) {
|
||||
freeCKMechanismPtr(ckpMechanism);
|
||||
} else {
|
||||
(*env)->SetLongField(env, jMechanism, mech_pHandleID, (jlong)ckpMechanism);
|
||||
TRACE1("DEBUG C_SignInit: stored pMech = 0x%lX\n", (jlong)ckpMechanism);
|
||||
(*env)->SetLongField(env, jMechanism, mech_pHandleID, ptr_to_jlong(ckpMechanism));
|
||||
TRACE1("DEBUG C_SignInit: stored pMech = 0x%lX\n", ptr_to_jlong(ckpMechanism));
|
||||
}
|
||||
TRACE0("FINISHED\n");
|
||||
}
|
||||
@ -303,8 +303,8 @@ JNIEXPORT void JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1SignRecoverIni
|
||||
(ckpMechanism->pParameter == NULL)) {
|
||||
freeCKMechanismPtr(ckpMechanism);
|
||||
} else {
|
||||
(*env)->SetLongField(env, jMechanism, mech_pHandleID, (jlong)ckpMechanism);
|
||||
TRACE1("DEBUG C_SignRecoverInit, stored pMech = 0x%lX\n", (jlong)ckpMechanism);
|
||||
(*env)->SetLongField(env, jMechanism, mech_pHandleID, ptr_to_jlong(ckpMechanism));
|
||||
TRACE1("DEBUG C_SignRecoverInit, stored pMech = 0x%lX\n", ptr_to_jlong(ckpMechanism));
|
||||
}
|
||||
TRACE0("FINISHED\n");
|
||||
}
|
||||
@ -413,8 +413,8 @@ JNIEXPORT void JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1VerifyInit
|
||||
(ckpMechanism->pParameter == NULL)) {
|
||||
freeCKMechanismPtr(ckpMechanism);
|
||||
} else {
|
||||
(*env)->SetLongField(env, jMechanism, mech_pHandleID, (jlong)ckpMechanism);
|
||||
TRACE1("DEBUG C_VerifyInit: stored pMech = 0x%lX\n", (jlong)ckpMechanism);
|
||||
(*env)->SetLongField(env, jMechanism, mech_pHandleID, ptr_to_jlong(ckpMechanism));
|
||||
TRACE1("DEBUG C_VerifyInit: stored pMech = 0x%lX\n", ptr_to_jlong(ckpMechanism));
|
||||
}
|
||||
TRACE0("FINISHED\n");
|
||||
}
|
||||
@ -601,8 +601,8 @@ JNIEXPORT void JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1VerifyRecoverI
|
||||
(ckpMechanism->pParameter == NULL)) {
|
||||
freeCKMechanismPtr(ckpMechanism);
|
||||
} else {
|
||||
(*env)->SetLongField(env, jMechanism, mech_pHandleID, (jlong)ckpMechanism);
|
||||
TRACE1("DEBUG C_VerifyRecoverInit: stored pMech = 0x%lX\n", (jlong)ckpMechanism);
|
||||
(*env)->SetLongField(env, jMechanism, mech_pHandleID, ptr_to_jlong(ckpMechanism));
|
||||
TRACE1("DEBUG C_VerifyRecoverInit: stored pMech = 0x%lX\n", ptr_to_jlong(ckpMechanism));
|
||||
}
|
||||
TRACE0("FINISHED\n");
|
||||
}
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (c) 2007, 2018, Oracle and/or its affiliates. All rights reserved.
|
||||
* Copyright (c) 2007, 2019, Oracle and/or its affiliates. All rights reserved.
|
||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||
*
|
||||
* This code is free software; you can redistribute it and/or modify it
|
||||
@ -808,7 +808,7 @@ public class JavapTask implements DisassemblerTool.DisassemblerTask, Messages {
|
||||
MessageDigest md = null;
|
||||
if (options.sysInfo || options.verbose) {
|
||||
try {
|
||||
md = MessageDigest.getInstance("MD5");
|
||||
md = MessageDigest.getInstance("SHA-256");
|
||||
} catch (NoSuchAlgorithmException ignore) {
|
||||
}
|
||||
in = new DigestInputStream(in, md);
|
||||
@ -829,7 +829,7 @@ public class JavapTask implements DisassemblerTool.DisassemblerTask, Messages {
|
||||
if (options.sysInfo || options.verbose) {
|
||||
classWriter.setFile(info.fo.toUri());
|
||||
classWriter.setLastModified(info.fo.getLastModified());
|
||||
classWriter.setDigest("MD5", info.digest);
|
||||
classWriter.setDigest("SHA-256", info.digest);
|
||||
classWriter.setFileSize(info.size);
|
||||
}
|
||||
|
||||
|
@ -99,7 +99,7 @@ main.opt.constants=\
|
||||
\ -constants Show final constants
|
||||
|
||||
main.opt.sysinfo=\
|
||||
\ -sysinfo Show system info (path, size, date, MD5 hash)\n\
|
||||
\ -sysinfo Show system info (path, size, date, SHA-256 hash)\n\
|
||||
\ of class being processed
|
||||
|
||||
main.opt.module=\
|
||||
|
@ -43,8 +43,6 @@ compiler/jsr292/InvokerSignatureMismatch.java 8223807 generi
|
||||
|
||||
compiler/graalunit/JttThreadsTest.java 8207757 generic-all
|
||||
|
||||
compiler/jvmci/SecurityRestrictionsTest.java 8181837 generic-all
|
||||
|
||||
compiler/unsafe/UnsafeGetConstantField.java 8181833 generic-all
|
||||
compiler/unsafe/UnsafeGetStableArrayElement.java 8181833 generic-all
|
||||
compiler/unsafe/UnsafeOffHeapBooleanTest.java 8181833 generic-all
|
||||
@ -62,7 +60,7 @@ gc/g1/TestConcurrentSystemGC.java 8196611 generi
|
||||
gc/g1/TestPeriodicCollection.java 8196611 generic-all
|
||||
gc/g1/TestFromCardCacheIndex.java 8196611 generic-all
|
||||
gc/parallel/TestPrintGCDetailsVerbose.java 8196611 generic-all
|
||||
vm/gc/InfiniteList.java 8196611 generic-all
|
||||
gc/InfiniteList.java 8196611 generic-all
|
||||
|
||||
vmTestbase/gc/lock/jni/jnilock001/TestDescription.java 8196611 generic-all
|
||||
vmTestbase/gc/lock/jniref/jnireflock04/TestDescription.java 8196611 generic-all
|
||||
@ -176,7 +174,6 @@ vmTestbase/nsk/jdi/BScenarios/hotswap/tc06x001/TestDescription.java
|
||||
vmTestbase/nsk/jdi/BScenarios/hotswap/tc08x001/TestDescription.java 8195635 generic-all
|
||||
vmTestbase/nsk/jdi/BScenarios/hotswap/tc10x002/TestDescription.java 8195635 generic-all
|
||||
vmTestbase/nsk/jdi/MethodExitEvent/returnValue/returnValue003/returnValue003.java 8195635 generic-all
|
||||
vmTestbase/nsk/jdi/Scenarios/invokeMethod/popframes001/TestDescription.jav 8195635 generic-all
|
||||
vmTestbase/nsk/jdi/Scenarios/invokeMethod/popframes001/TestDescription.java 8195635 generic-all
|
||||
vmTestbase/nsk/jdi/ThreadReference/popFrames/popframes001/TestDescription.java 8195635 generic-all
|
||||
vmTestbase/nsk/jdi/VirtualMachine/redefineClasses/redefineclasses002/TestDescription.java 8195635 generic-all
|
||||
|
@ -80,7 +80,6 @@ gc/metaspace/CompressedClassSpaceSizeInJmapHeap.java 8193639 solaris-all
|
||||
|
||||
# :hotspot_runtime
|
||||
|
||||
runtime/SharedArchiveFile/SASymbolTableTest.java 8193639 solaris-all
|
||||
runtime/jni/terminatedThread/TestTerminatedThread.java 8219652 aix-ppc64
|
||||
|
||||
#############################################################################
|
||||
@ -107,8 +106,6 @@ serviceability/sa/ClhsdbPstack.java 8193639,8211767 solaris-all,linux-ppc64le,li
|
||||
serviceability/sa/ClhsdbRegionDetailsScanOopsForG1.java 8193639 solaris-all
|
||||
serviceability/sa/ClhsdbScanOops.java 8193639,8211767 solaris-all,linux-ppc64le,linux-ppc64
|
||||
serviceability/sa/ClhsdbSource.java 8193639,8211767 solaris-all,linux-ppc64le,linux-ppc64
|
||||
serviceability/sa/ClhsdbSymbol.java 8193639 solaris-all
|
||||
serviceability/sa/ClhsdbSymbolTable.java 8193639 solaris-all
|
||||
serviceability/sa/ClhsdbThread.java 8193639,8211767 solaris-all,linux-ppc64le,linux-ppc64
|
||||
serviceability/sa/ClhsdbVmStructsDump.java 8193639 solaris-all
|
||||
serviceability/sa/ClhsdbWhere.java 8193639,8211767 solaris-all,linux-ppc64le,linux-ppc64
|
||||
|
@ -33,8 +33,8 @@ import java.util.Arrays;
|
||||
public enum Command {
|
||||
COMPILEONLY("compileonly", ".*", "-Xbatch"),
|
||||
EXCLUDE("exclude", "", "-Xbatch"),
|
||||
INLINE("inline", ".*", "-Xbatch"),
|
||||
DONTINLINE("dontinline", "", "-Xbatch"),
|
||||
INLINE("inline", ".*", "-Xbatch", "-XX:InlineSmallCode=4000"),
|
||||
DONTINLINE("dontinline", "", "-Xbatch", "-XX:InlineSmallCode=4000"),
|
||||
LOG("log", "", "-XX:+UnlockDiagnosticVMOptions",
|
||||
"-XX:+LogCompilation", "-XX:LogFile=" + LogProcessor.LOG_FILE),
|
||||
PRINT("print", ""),
|
||||
|
@ -76,7 +76,6 @@ java/lang/ref/OOMEInReferenceHandler.java 8196611
|
||||
java/lang/ref/SoftReference/Pin.java 8196611 generic-all
|
||||
java/lang/Runtime/exec/LotsOfOutput.java 8196611 generic-all
|
||||
java/util/concurrent/ScheduledThreadPoolExecutor/BasicCancelTest.java 8196611 generic-all
|
||||
vm/gc/InfiniteList.java 8196611 generic-all
|
||||
|
||||
# tests require pop_frame and force_early_return capabilities
|
||||
com/sun/jdi/RedefineTTYLineNumber.java 8195635 generic-all
|
||||
|
@ -53,6 +53,9 @@ public class Tls13PacketSize extends SSLSocketTemplate {
|
||||
|
||||
@Override
|
||||
protected void runServerApplication(SSLSocket socket) throws Exception {
|
||||
// Set SO_LINGER in case of slow socket
|
||||
socket.setSoLinger(true, 10);
|
||||
|
||||
// here comes the test logic
|
||||
InputStream sslIS = socket.getInputStream();
|
||||
OutputStream sslOS = socket.getOutputStream();
|
||||
@ -81,6 +84,9 @@ public class Tls13PacketSize extends SSLSocketTemplate {
|
||||
* @see #isCustomizedClientConnection()
|
||||
*/
|
||||
protected void runClientApplication(SSLSocket socket) throws Exception {
|
||||
// Set SO_LINGER in case of slow socket
|
||||
socket.setSoLinger(true, 10);
|
||||
|
||||
socket.setEnabledProtocols(new String[] {"TLSv1.3"});
|
||||
InputStream sslIS = socket.getInputStream();
|
||||
OutputStream sslOS = socket.getOutputStream();
|
||||
|
@ -26,11 +26,13 @@
|
||||
* @test
|
||||
* @bug 8189131 8198240 8191844 8189949 8191031 8196141 8204923 8195774 8199779
|
||||
* 8209452 8209506 8210432 8195793 8216577 8222089 8222133 8222137 8222136
|
||||
* 8223499
|
||||
* 8223499 8225392
|
||||
* @summary Check root CA entries in cacerts file
|
||||
*/
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.io.File;
|
||||
import java.io.FileInputStream;
|
||||
import java.nio.file.Files;
|
||||
import java.nio.file.Path;
|
||||
import java.security.KeyStore;
|
||||
import java.security.MessageDigest;
|
||||
import java.security.cert.Certificate;
|
||||
@ -52,6 +54,11 @@ public class VerifyCACerts {
|
||||
// The numbers of certs now.
|
||||
private static final int COUNT = 88;
|
||||
|
||||
// SHA-256 of cacerts, can be generated with
|
||||
// shasum -a 256 cacerts | sed -e 's/../&:/g' | tr '[:lower:]' '[:upper:]' | cut -c1-95
|
||||
private static final String CHECKSUM
|
||||
= "4E:21:94:7C:1D:49:28:BB:34:B0:40:DF:AE:19:B4:41:C6:B5:8A:EE:EB:D5:DE:B4:EF:07:AF:63:18:73:A6:FE";
|
||||
|
||||
// map of cert alias to SHA-256 fingerprint
|
||||
@SuppressWarnings("serial")
|
||||
private static final Map<String, String> FINGERPRINT_MAP = new HashMap<>() {
|
||||
@ -255,8 +262,16 @@ public class VerifyCACerts {
|
||||
public static void main(String[] args) throws Exception {
|
||||
System.out.println("cacerts file: " + CACERTS);
|
||||
md = MessageDigest.getInstance("SHA-256");
|
||||
|
||||
byte[] data = Files.readAllBytes(Path.of(CACERTS));
|
||||
String checksum = toHexString(md.digest(data));
|
||||
if (!checksum.equals(CHECKSUM)) {
|
||||
atLeastOneFailed = true;
|
||||
System.err.println("ERROR: wrong checksum\n" + checksum);
|
||||
}
|
||||
|
||||
KeyStore ks = KeyStore.getInstance("JKS");
|
||||
ks.load(new FileInputStream(CACERTS), "changeit".toCharArray());
|
||||
ks.load(new ByteArrayInputStream(data), "changeit".toCharArray());
|
||||
|
||||
// check the count of certs inside
|
||||
if (ks.size() != COUNT) {
|
||||
|
147
test/jdk/sun/security/ssl/SSLSocketImpl/BlockedAsyncClose.java
Normal file
147
test/jdk/sun/security/ssl/SSLSocketImpl/BlockedAsyncClose.java
Normal file
@ -0,0 +1,147 @@
|
||||
/*
|
||||
* Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
|
||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||
*
|
||||
* This code is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License version 2 only, as
|
||||
* published by the Free Software Foundation.
|
||||
*
|
||||
* This code is distributed in the hope that it will be useful, but WITHOUT
|
||||
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
||||
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||
* version 2 for more details (a copy is included in the LICENSE file that
|
||||
* accompanied this code).
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License version
|
||||
* 2 along with this work; if not, write to the Free Software Foundation,
|
||||
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*
|
||||
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
|
||||
* or visit www.oracle.com if you need additional information or have any
|
||||
* questions.
|
||||
*/
|
||||
|
||||
//
|
||||
// SunJSSE does not support dynamic system properties, no way to re-use
|
||||
// system properties in samevm/agentvm mode.
|
||||
//
|
||||
|
||||
/*
|
||||
* @test
|
||||
* @bug 8224829
|
||||
* @summary AsyncSSLSocketClose.java has timing issue
|
||||
* @run main/othervm BlockedAsyncClose
|
||||
*/
|
||||
|
||||
import javax.net.ssl.*;
|
||||
import java.io.*;
|
||||
import java.net.SocketException;
|
||||
import java.net.InetAddress;
|
||||
import java.net.InetSocketAddress;
|
||||
import java.util.concurrent.CountDownLatch;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
|
||||
public class BlockedAsyncClose implements Runnable {
|
||||
SSLSocket socket;
|
||||
SSLServerSocket ss;
|
||||
|
||||
// Is the socket ready to close?
|
||||
private final CountDownLatch closeCondition = new CountDownLatch(1);
|
||||
|
||||
// Where do we find the keystores?
|
||||
static String pathToStores = "../../../../javax/net/ssl/etc";
|
||||
static String keyStoreFile = "keystore";
|
||||
static String trustStoreFile = "truststore";
|
||||
static String passwd = "passphrase";
|
||||
|
||||
public static void main(String[] args) throws Exception {
|
||||
String keyFilename =
|
||||
System.getProperty("test.src", "./") + "/" + pathToStores +
|
||||
"/" + keyStoreFile;
|
||||
String trustFilename =
|
||||
System.getProperty("test.src", "./") + "/" + pathToStores +
|
||||
"/" + trustStoreFile;
|
||||
|
||||
System.setProperty("javax.net.ssl.keyStore", keyFilename);
|
||||
System.setProperty("javax.net.ssl.keyStorePassword", passwd);
|
||||
System.setProperty("javax.net.ssl.trustStore", trustFilename);
|
||||
System.setProperty("javax.net.ssl.trustStorePassword", passwd);
|
||||
|
||||
new BlockedAsyncClose();
|
||||
}
|
||||
|
||||
public BlockedAsyncClose() throws Exception {
|
||||
SSLServerSocketFactory sslssf =
|
||||
(SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
|
||||
InetAddress loopback = InetAddress.getLoopbackAddress();
|
||||
ss = (SSLServerSocket)sslssf.createServerSocket();
|
||||
ss.bind(new InetSocketAddress(loopback, 0));
|
||||
|
||||
SSLSocketFactory sslsf =
|
||||
(SSLSocketFactory)SSLSocketFactory.getDefault();
|
||||
socket = (SSLSocket)sslsf.createSocket(loopback, ss.getLocalPort());
|
||||
SSLSocket serverSoc = (SSLSocket)ss.accept();
|
||||
ss.close();
|
||||
|
||||
(new Thread(this)).start();
|
||||
serverSoc.startHandshake();
|
||||
|
||||
boolean closeIsReady = closeCondition.await(90L, TimeUnit.SECONDS);
|
||||
if (!closeIsReady) {
|
||||
System.out.println(
|
||||
"Ignore, the closure is not ready yet in 90 seconds.");
|
||||
return;
|
||||
}
|
||||
|
||||
socket.setSoLinger(true, 10);
|
||||
System.out.println("Calling Socket.close");
|
||||
|
||||
// Sleep for a while so that the write thread blocks by hitting the
|
||||
// output stream buffer limit.
|
||||
Thread.sleep(1000);
|
||||
|
||||
socket.close();
|
||||
System.out.println("ssl socket get closed");
|
||||
System.out.flush();
|
||||
}
|
||||
|
||||
// block in write
|
||||
public void run() {
|
||||
byte[] ba = new byte[1024];
|
||||
for (int i = 0; i < ba.length; i++) {
|
||||
ba[i] = 0x7A;
|
||||
}
|
||||
|
||||
try {
|
||||
OutputStream os = socket.getOutputStream();
|
||||
int count = 0;
|
||||
|
||||
// 1st round write
|
||||
count += ba.length;
|
||||
System.out.println(count + " bytes to be written");
|
||||
os.write(ba);
|
||||
System.out.println(count + " bytes written");
|
||||
|
||||
// Signal, ready to close.
|
||||
closeCondition.countDown();
|
||||
|
||||
// write more
|
||||
while (true) {
|
||||
count += ba.length;
|
||||
System.out.println(count + " bytes to be written");
|
||||
os.write(ba);
|
||||
System.out.println(count + " bytes written");
|
||||
}
|
||||
} catch (SocketException se) {
|
||||
// the closing may be in progress
|
||||
System.out.println("interrupted? " + se);
|
||||
} catch (Exception e) {
|
||||
if (socket.isClosed() || socket.isOutputShutdown()) {
|
||||
System.out.println("interrupted, the socket is closed");
|
||||
} else {
|
||||
throw new RuntimeException("interrupted?", e);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
64
test/jdk/sun/security/tools/keytool/ListOrder.java
Normal file
64
test/jdk/sun/security/tools/keytool/ListOrder.java
Normal file
@ -0,0 +1,64 @@
|
||||
/*
|
||||
* Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
|
||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||
*
|
||||
* This code is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License version 2 only, as
|
||||
* published by the Free Software Foundation.
|
||||
*
|
||||
* This code is distributed in the hope that it will be useful, but WITHOUT
|
||||
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
||||
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||
* version 2 for more details (a copy is included in the LICENSE file that
|
||||
* accompanied this code).
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License version
|
||||
* 2 along with this work; if not, write to the Free Software Foundation,
|
||||
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*
|
||||
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
|
||||
* or visit www.oracle.com if you need additional information or have any
|
||||
* questions.
|
||||
*/
|
||||
|
||||
/**
|
||||
* @test
|
||||
* @bug 8225392
|
||||
* @summary Comparison builds are failing due to cacerts file
|
||||
* @library /test/lib
|
||||
*/
|
||||
|
||||
import jdk.test.lib.SecurityTools;
|
||||
|
||||
import java.util.Random;
|
||||
|
||||
public class ListOrder {
|
||||
|
||||
public static void main(String[] args) throws Throwable {
|
||||
|
||||
Random rand = new Random();
|
||||
for (int i = 0; i < 10; i++) {
|
||||
gen(String.format("a%02d", rand.nextInt(100)));
|
||||
}
|
||||
|
||||
String last = "";
|
||||
for (String line : SecurityTools.keytool(
|
||||
"-keystore ks -storepass changeit -list").asLines()) {
|
||||
if (line.contains("PrivateKeyEntry")) {
|
||||
// This is the line starting with the alias
|
||||
System.out.println(line);
|
||||
if (line.compareTo(last) <= 0) {
|
||||
throw new RuntimeException("Not ordered");
|
||||
} else {
|
||||
last = line;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
static void gen(String a) throws Exception {
|
||||
// Do not check result, there might be duplicated alias(es).
|
||||
SecurityTools.keytool("-keystore ks -storepass changeit "
|
||||
+ "-keyalg ec -genkeypair -alias " + a + " -dname CN=" + a);
|
||||
}
|
||||
}
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (c) 2010, 2015, Oracle and/or its affiliates. All rights reserved.
|
||||
* Copyright (c) 2010, 2019, Oracle and/or its affiliates. All rights reserved.
|
||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||
*
|
||||
* This code is free software; you can redistribute it and/or modify it
|
||||
@ -23,7 +23,7 @@
|
||||
|
||||
/*
|
||||
* @test
|
||||
* @bug 6942649
|
||||
* @bug 6942649 8225748
|
||||
* @summary add hidden option to identify location and version of javac classes
|
||||
* @modules jdk.compiler
|
||||
*/
|
||||
@ -60,7 +60,7 @@ public class T6942649 {
|
||||
throw new Exception("location of class not found in output");
|
||||
}
|
||||
|
||||
if (!out.contains("MD5 checksum: "))
|
||||
if (!out.contains("SHA-256 checksum: "))
|
||||
throw new Exception("checksum not found in output");
|
||||
}
|
||||
}
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (c) 2008, 2016, Oracle and/or its affiliates. All rights reserved.
|
||||
* Copyright (c) 2008, 2019, Oracle and/or its affiliates. All rights reserved.
|
||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||
*
|
||||
* This code is free software; you can redistribute it and/or modify it
|
||||
@ -23,7 +23,7 @@
|
||||
|
||||
/*
|
||||
* @test
|
||||
* @bug 4884240
|
||||
* @bug 4884240 8225748
|
||||
* @summary additional option required for javap
|
||||
* @modules jdk.jdeps/com.sun.tools.javap
|
||||
*/
|
||||
@ -47,7 +47,7 @@ public class T4884240 {
|
||||
if (lines.length < 3
|
||||
|| !lines[0].trim().startsWith("Classfile")
|
||||
|| !lines[1].trim().startsWith("Last modified")
|
||||
|| !lines[2].trim().startsWith("MD5")) {
|
||||
|| !lines[2].trim().startsWith("SHA-256")) {
|
||||
System.out.println(sw);
|
||||
throw new Exception("unexpected output");
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user