diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..104039c
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,4 @@
+SOURCES/class-rewriter.tar.gz
+SOURCES/openjdk-icedtea-2.6.12.tar.xz
+SOURCES/pulseaudio.tar.gz
+SOURCES/systemtap-tapset-2.6.12.tar.xz
diff --git a/.java-1.7.0-openjdk.metadata b/.java-1.7.0-openjdk.metadata
new file mode 100644
index 0000000..675dcd3
--- /dev/null
+++ b/.java-1.7.0-openjdk.metadata
@@ -0,0 +1,4 @@
+fcc167de17354efb6e52cb387eb3e7dbb0316b53 SOURCES/class-rewriter.tar.gz
+07ebb5c43a7a1214312b2cbeab38fc3d09e63fd9 SOURCES/openjdk-icedtea-2.6.12.tar.xz
+fb72b6b1f4735ad9b5799d0b5058b0b1dec67b17 SOURCES/pulseaudio.tar.gz
+5ea75731a73ec4766b00024c1803d1f86c0af090 SOURCES/systemtap-tapset-2.6.12.tar.xz
diff --git a/README.md b/README.md
deleted file mode 100644
index 0e7897f..0000000
--- a/README.md
+++ /dev/null
@@ -1,5 +0,0 @@
-The master branch has no content
-
-Look at the c7 branch if you are working with CentOS-7, or the c4/c5/c6 branch for CentOS-4, 5 or 6
-
-If you find this file in a distro specific branch, it means that no content has been checked in yet
diff --git a/SOURCES/README.src b/SOURCES/README.src
new file mode 100644
index 0000000..7a54b1b
--- /dev/null
+++ b/SOURCES/README.src
@@ -0,0 +1,2 @@
+The java-1.7.0-openjdk-src subpackage contains the complete class library
+source code for use by IDE indexers and debuggers.
diff --git a/SOURCES/TestCryptoLevel.java b/SOURCES/TestCryptoLevel.java
new file mode 100644
index 0000000..b32b7ae
--- /dev/null
+++ b/SOURCES/TestCryptoLevel.java
@@ -0,0 +1,72 @@
+/* TestCryptoLevel -- Ensure unlimited crypto policy is in use.
+ Copyright (C) 2012 Red Hat, Inc.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU Affero General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU Affero General Public License for more details.
+
+You should have received a copy of the GNU Affero General Public License
+along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+import java.lang.reflect.Field;
+import java.lang.reflect.Method;
+import java.lang.reflect.InvocationTargetException;
+
+import java.security.Permission;
+import java.security.PermissionCollection;
+
+public class TestCryptoLevel
+{
+ public static void main(String[] args)
+ throws NoSuchFieldException, ClassNotFoundException,
+ IllegalAccessException, InvocationTargetException
+ {
+ Class<?> cls = null;
+ Method def = null, exempt = null;
+
+ try
+ {
+ cls = Class.forName("javax.crypto.JceSecurity");
+ }
+ catch (ClassNotFoundException ex)
+ {
+ System.err.println("Running a non-Sun JDK.");
+ System.exit(0);
+ }
+ try
+ {
+ def = cls.getDeclaredMethod("getDefaultPolicy");
+ exempt = cls.getDeclaredMethod("getExemptPolicy");
+ }
+ catch (NoSuchMethodException ex)
+ {
+ System.err.println("Running IcedTea with the original crypto patch.");
+ System.exit(0);
+ }
+ def.setAccessible(true);
+ exempt.setAccessible(true);
+ PermissionCollection defPerms = (PermissionCollection) def.invoke(null);
+ PermissionCollection exemptPerms = (PermissionCollection) exempt.invoke(null);
+ Class<?> apCls = Class.forName("javax.crypto.CryptoAllPermission");
+ Field apField = apCls.getDeclaredField("INSTANCE");
+ apField.setAccessible(true);
+ Permission allPerms = (Permission) apField.get(null);
+ if (defPerms.implies(allPerms) && (exemptPerms == null || exemptPerms.implies(allPerms)))
+ {
+ System.err.println("Running with the unlimited policy.");
+ System.exit(0);
+ }
+ else
+ {
+ System.err.println("WARNING: Running with a restricted crypto policy.");
+ System.exit(-1);
+ }
+ }
+}
diff --git a/SOURCES/abrt_friendly_hs_log_jdk7.patch b/SOURCES/abrt_friendly_hs_log_jdk7.patch
new file mode 100644
index 0000000..dba02bd
--- /dev/null
+++ b/SOURCES/abrt_friendly_hs_log_jdk7.patch
@@ -0,0 +1,35 @@
+--- openjdk/hotspot/src/share/vm/utilities/vmError.cpp 2012-02-02 16:17:24.476664897 +0100
++++ openjdk/hotspot/src/share/vm/utilities/vmError.cpp 2012-02-02 16:17:24.476664897 +0100
+@@ -929,6 +929,7 @@
+ }
+ }
+
++ /*
+ if (fd == -1) {
+ const char *cwd = os::get_current_directory(buffer, sizeof(buffer));
+ size_t len = strlen(cwd);
+@@ -938,6 +939,24 @@
+ os::file_separator(), os::current_process_id());
+ fd = open(buffer, O_RDWR | O_CREAT | O_EXCL, 0666);
+ }
++ */
++
++ if (fd == -1) {
++ const char * tmpdir = os::get_temp_directory();
++ // try temp directory if it exists.
++ if (tmpdir != NULL && tmpdir[0] != '\0') {
++ jio_snprintf(buffer, sizeof(buffer), "%s%sjvm-%u",
++ tmpdir, os::file_separator(), os::current_process_id());
++ // if mkdir() failed, hs_err will be created in temporary directory
++ if (!mkdir(buffer, 0700)) { // only read+execute flags are needed
++ // but we need to write into the directory too
++ jio_snprintf(buffer, sizeof(buffer), "%s%sjvm-%u%shs_error.log",
++ tmpdir, os::file_separator(), os::current_process_id(),
++ os::file_separator());
++ fd = open(buffer, O_WRONLY | O_CREAT | O_EXCL, 0444); // read-only file
++ }
++ }
++ }
+
+ if (fd == -1) {
+ const char * tmpdir = os::get_temp_directory();
diff --git a/SOURCES/fsg.sh b/SOURCES/fsg.sh
new file mode 100644
index 0000000..61065cb
--- /dev/null
+++ b/SOURCES/fsg.sh
@@ -0,0 +1,134 @@
+#!/bin/sh
+
+if [ "x$1" = "xhelp" ] ; then
+ echo "PR2124 - the path to the PR2124 patch to apply (optional; downloaded if unavailable)"
+ exit 1;
+fi
+
+if [ "x${TMPDIR}" = "x" ]; then
+ echo "Using default temporary directory of /tmp";
+ TMPDIR=/tmp
+fi
+
+echo "Further liberating OpenJDK..."
+
+# PRx denotes bug x in the IcedTea bug database (http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=x)
+# Sx denotes bug x in the Sun bug database (http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=x)
+
+# PR146/S6713083
+# Remove binaries
+rm -vf \
+ openjdk/jdk/test/sun/management/windows/revokeall.exe \
+ openjdk/jdk/test/sun/management/jmxremote/bootstrap/linux-i586/launcher \
+ openjdk/jdk/test/sun/management/jmxremote/bootstrap/solaris-sparc/launcher \
+ openjdk/jdk/test/sun/management/jmxremote/bootstrap/solaris-i586/launcher
+
+rm -vf \
+ openjdk/jdk/test/java/nio/channels/spi/SelectorProvider/inheritedChannel/lib/linux-i586/libLauncher.so \
+ openjdk/jdk/test/java/nio/channels/spi/SelectorProvider/inheritedChannel/lib/solaris-i586/libLauncher.so \
+ openjdk/jdk/test/java/nio/channels/spi/SelectorProvider/inheritedChannel/lib/solaris-sparc/libLauncher.so \
+ openjdk/jdk/test/java/nio/channels/spi/SelectorProvider/inheritedChannel/lib/solaris-sparcv9/libLauncher.so \
+ openjdk/jdk/test/tools/launcher/lib/i386/lib32/lib32/liblibrary.so \
+ openjdk/jdk/test/tools/launcher/lib/i386/lib32/liblibrary.so \
+ openjdk/jdk/test/tools/launcher/lib/sparc/lib32/lib32/liblibrary.so \
+ openjdk/jdk/test/tools/launcher/lib/sparc/lib32/liblibrary.so \
+ openjdk/jdk/test/tools/launcher/lib/sparc/lib64/lib64/liblibrary.so \
+ openjdk/jdk/test/tools/launcher/lib/sparc/lib64/liblibrary.so
+
+rm -vf \
+ openjdk/jdk/test/java/util/Locale/data/deflocale.exe \
+ openjdk/jdk/test/java/util/Locale/data/deflocale.jds3 \
+ openjdk/jdk/test/java/util/Locale/data/deflocale.rhel4 \
+ openjdk/jdk/test/java/util/Locale/data/deflocale.sh \
+ openjdk/jdk/test/java/util/Locale/data/deflocale.sol10 \
+ openjdk/jdk/test/java/util/Locale/data/deflocale.winvista \
+ openjdk/jdk/test/java/util/Locale/data/deflocale.winxp \
+
+# Remove test sources with questionable license headers.
+rm -vf \
+ openjdk/jdk/test/java/util/ResourceBundle/Bug4168625Resource3.java \
+ openjdk/jdk/test/java/util/ResourceBundle/Bug4168625Resource3_en_IE.java \
+ openjdk/jdk/test/java/util/ResourceBundle/Bug4165815Test.java \
+ openjdk/jdk/test/java/util/ResourceBundle/Bug4177489_Resource_jf.java \
+ openjdk/jdk/test/java/util/ResourceBundle/Bug4168625Resource3_en_CA.java \
+ openjdk/jdk/test/java/util/ResourceBundle/Bug4168625Getter.java \
+ openjdk/jdk/test/java/util/ResourceBundle/Bug4177489Test.java \
+ openjdk/jdk/test/java/util/ResourceBundle/Bug4168625Resource.java \
+ openjdk/jdk/test/java/util/ResourceBundle/Bug4168625Resource2.java \
+ openjdk/jdk/test/java/util/ResourceBundle/Bug4168625Resource3_en_US.java \
+ openjdk/jdk/test/java/util/ResourceBundle/Bug4083270Test.java \
+ openjdk/jdk/test/java/util/ResourceBundle/Bug4168625Resource3_en.java \
+ openjdk/jdk/test/java/util/ResourceBundle/Bug4177489_Resource.java \
+ openjdk/jdk/test/java/util/ResourceBundle/Bug4168625Test.java \
+ openjdk/jdk/test/java/util/ResourceBundle/Bug4168625Resource2_en_US.java \
+ openjdk/jdk/test/java/util/ResourceBundle/Bug4168625Class.java \
+ openjdk/jdk/test/java/util/Locale/Bug4175998Test.java \
+ openjdk/jdk/test/java/util/ResourceBundle/RBTestFmwk.java \
+ openjdk/jdk/test/java/util/ResourceBundle/TestResource_fr.java \
+ openjdk/jdk/test/java/util/ResourceBundle/Bug4179766Resource.java \
+ openjdk/jdk/test/java/util/ResourceBundle/Bug4179766Getter.java \
+ openjdk/jdk/test/java/util/ResourceBundle/Bug4179766Class.java \
+ openjdk/jdk/test/java/util/ResourceBundle/TestResource.java \
+ openjdk/jdk/test/java/util/ResourceBundle/FakeTestResource.java \
+ openjdk/jdk/test/java/util/ResourceBundle/TestResource_de.java \
+ openjdk/jdk/test/java/util/ResourceBundle/TestBug4179766.java \
+ openjdk/jdk/test/java/util/ResourceBundle/TestResource_fr_CH.java \
+ openjdk/jdk/test/java/util/ResourceBundle/ResourceBundleTest.java \
+ openjdk/jdk/test/java/util/ResourceBundle/TestResource_it.java \
+ openjdk/jdk/test/java/util/Locale/PrintDefaultLocale.java \
+ openjdk/jdk/test/java/util/Locale/LocaleTest.java \
+ openjdk/jdk/test/java/util/Locale/LocaleTestFmwk.java \
+ openjdk/jdk/test/java/util/Locale/Bug4184873Test.java \
+ openjdk/jdk/test/sun/text/resources/LocaleDataTest.java
+
+# Remove J2DBench sources, some of which have questionable license
+# headers.
+rm -rvf \
+ openjdk/jdk/src/share/demo/java2d/J2DBench
+
+# BEGIN Debian/Ubuntu additions
+
+# binary files
+rm -vf \
+ openjdk/jdk/test/sun/net/idn/nfscis.spp
+
+# TODO
+#$ find openjdk -name '*.jar' -o -name '*.class'|grep -v test
+
+# PR140, S6695776
+# Also see patches/icedtea-jscheme.patch
+rm -rvf openjdk/corba/src/share/classes/com/sun/tools/corba/se/logutil/lib
+rm -rvf openjdk/corba/src/share/classes/com/sun/tools/corba/se/logutil/scripts
+
+# PR139, S6710791
+rm -vf \
+ openjdk/hotspot/agent/kk/src/share/lib/maf-1_0.jar \
+ openjdk/hotspot/agent/kk/src/share/lib/jlfgr-1_0.jar \
+
+# END Debian/Ubuntu additions
+
+echo "Removing support for proprietary SNMP plug"
+rm -rvf openjdk/jdk/src/share/classes/sun/management/snmp
+rm -rvf openjdk/jdk/src/share/classes/com/sun/jmx/snmp
+rm -rvf openjdk/jdk/test/com/sun/jmx/snmp
+
+echo "Removing registration tests"
+rm -rvf openjdk/jdk/test/com/sun/servicetag
+
+echo "Removing EC source code we don't build"
+rm -rvf openjdk/jdk/src/share/native/sun/security/ec/impl
+
+# Requires IcedTea patch PR2124 (not included)
+echo "Syncing EC list with NSS"
+if [ "x$PR2124" = "x" ] ; then
+# get pr2124.patch (from http://icedtea.classpath.org//hg/icedtea7)
+# Do not push it or publish it (see http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=2124)
+ wget -O ${TMPDIR}/pr2124.patch http://icedtea.classpath.org/hg/icedtea7/raw-file/tip/patches/pr2124.patch
+ patch -Np0 < ${TMPDIR}/pr2124.patch
+ rm -vf ${TMPDIR}/pr2124.patch
+else
+ echo "Applying ${PR2124}"
+ patch -Np0 < $PR2124
+fi;
+echo "Cleaning up after patch application..."
+find . -name '*.orig' | xargs rm -vf
diff --git a/SOURCES/java-1.7.0-openjdk-accessible-toolkit.patch b/SOURCES/java-1.7.0-openjdk-accessible-toolkit.patch
new file mode 100644
index 0000000..222dcfb
--- /dev/null
+++ b/SOURCES/java-1.7.0-openjdk-accessible-toolkit.patch
@@ -0,0 +1,16 @@
+diff -uNr openjdk-orig/jdk/src/share/classes/java/awt/Toolkit.java openjdk/jdk/src/share/classes/java/awt/Toolkit.java
+--- openjdk-orig/jdk/src/share/classes/java/awt/Toolkit.java 2009-01-23 11:59:47.000000000 -0500
++++ openjdk/jdk/src/share/classes/java/awt/Toolkit.java 2009-01-23 12:05:20.000000000 -0500
+@@ -871,7 +871,11 @@
+ return null;
+ }
+ });
+- loadAssistiveTechnologies();
++ try {
++ loadAssistiveTechnologies();
++ } catch ( AWTError error) {
++ // ignore silently
++ }
+ } finally {
+ // Make sure to always re-enable the JIT.
+ java.lang.Compiler.enable();
diff --git a/SOURCES/java-1.7.0-openjdk-debugdocs.patch b/SOURCES/java-1.7.0-openjdk-debugdocs.patch
new file mode 100644
index 0000000..8a130e4
--- /dev/null
+++ b/SOURCES/java-1.7.0-openjdk-debugdocs.patch
@@ -0,0 +1,35 @@
+--- oldMakefile 2008-07-02 17:48:01.000000000 -0400
++++ openjdk/Makefile 2008-07-02 17:48:09.000000000 -0400
+@@ -199,19 +199,19 @@
+
+ create_fresh_product_bootdir: FRC
+ $(MAKE) ALT_OUTPUTDIR=$(ABS_BOOTDIR_OUTPUTDIR) \
+- GENERATE_DOCS=false \
++ GENERATE_DOCS=true \
+ BOOT_CYCLE_SETTINGS= \
+ build_product_image
+
+ create_fresh_debug_bootdir: FRC
+ $(MAKE) ALT_OUTPUTDIR=$(ABS_BOOTDIR_OUTPUTDIR) \
+- GENERATE_DOCS=false \
++ GENERATE_DOCS=true \
+ BOOT_CYCLE_DEBUG_SETTINGS= \
+ build_debug_image
+
+ create_fresh_fastdebug_bootdir: FRC
+ $(MAKE) ALT_OUTPUTDIR=$(ABS_BOOTDIR_OUTPUTDIR) \
+- GENERATE_DOCS=false \
++ GENERATE_DOCS=true \
+ BOOT_CYCLE_DEBUG_SETTINGS= \
+ build_fastdebug_image
+
+@@ -262,7 +262,7 @@
+ $(MAKE) \
+ ALT_OUTPUTDIR=$(ABS_OUTPUTDIR)/$(REL_JDK_OUTPUTDIR) \
+ DEBUG_NAME=$(DEBUG_NAME) \
+- GENERATE_DOCS=false \
++ GENERATE_DOCS=true \
+ $(if $(findstring true,$(BUILD_INSTALL)),BUILD_INSTALL_BUNDLES=true,) \
+ CREATE_DEBUGINFO_BUNDLES=true \
+ $(BOOT_CYCLE_DEBUG_SETTINGS) \
+
diff --git a/SOURCES/java-1.7.0-openjdk-debuginfo.patch b/SOURCES/java-1.7.0-openjdk-debuginfo.patch
new file mode 100644
index 0000000..11776ef
--- /dev/null
+++ b/SOURCES/java-1.7.0-openjdk-debuginfo.patch
@@ -0,0 +1,20 @@
+--- openjdk/hotspot/build/linux/makefiles/saproc.make_back 2009-12-14 13:35:46.000000000 +0100
++++ openjdk/hotspot/make/linux/makefiles/saproc.make 2009-12-14 13:36:47.000000000 +0100
+@@ -95,6 +95,7 @@
+ $(ALT_SAINCDIR) \
+ $(SASRCFILES) \
+ $(SA_LFLAGS) \
++ -g \
+ $(SA_DEBUG_CFLAGS) \
+ $(EXTRA_CFLAGS) \
+ -o $@ \
+--- openjdk/hotspot/build/linux/makefiles/jsig.make_back 2009-12-14 13:34:56.000000000 +0100
++++ openjdk/hotspot/make/linux/makefiles/jsig.make 2009-12-14 13:35:31.000000000 +0100
+@@ -59,6 +59,7 @@
+ $(LIBJSIG): $(JSIGSRCDIR)/jsig.c $(LIBJSIG_MAPFILE)
+ @echo Making signal interposition lib...
+ $(QUIETLY) $(CC) $(SYMFLAG) $(ARCHFLAG) $(SHARED_FLAG) $(PICFLAG) \
++ -g \
+ $(LFLAGS_JSIG) $(JSIG_DEBUG_CFLAGS) $(EXTRA_CFLAGS) -o $@ $< -ldl
+ $(QUIETLY) [ -f $(LIBJSIG_G) ] || { ln -s $@ $(LIBJSIG_G); }
+ ifeq ($(ENABLE_FULL_DEBUG_SYMBOLS),1)
diff --git a/SOURCES/java-1.7.0-openjdk-freetype-check-fix.patch b/SOURCES/java-1.7.0-openjdk-freetype-check-fix.patch
new file mode 100644
index 0000000..15c2d67
--- /dev/null
+++ b/SOURCES/java-1.7.0-openjdk-freetype-check-fix.patch
@@ -0,0 +1,22 @@
+diff -up openjdk/jdk/make/common/shared/Sanity.gmk.sav openjdk/jdk/make/common/shared/Sanity.gmk
+--- openjdk/jdk/make/common/shared/Sanity.gmk.sav 2012-02-14 16:12:48.000000000 -0500
++++ openjdk/jdk/make/common/shared/Sanity.gmk 2012-03-07 17:31:26.153840755 -0500
+@@ -814,12 +814,12 @@ ifdef OPENJDK
+ @(($(CD) $(BUILDDIR)/tools/freetypecheck && $(MAKE)) || \
+ $(ECHO) "Failed to build freetypecheck." ) > $@
+
+- sane-freetype: $(TEMPDIR)/freetypeinfo
+- @if [ "`$(CAT) $< | $(GREP) Fail`" != "" ]; then \
+- $(ECHO) "ERROR: FreeType version " $(REQUIRED_FREETYPE_VERSION) \
+- " or higher is required. \n" \
+- "`$(CAT) $<` \n" >> $(ERROR_FILE) ; \
+- fi
++# sane-freetype: $(TEMPDIR)/freetypeinfo
++# @if [ "`$(CAT) $< | $(GREP) Fail`" != "" ]; then \
++# $(ECHO) "ERROR: FreeType version " $(REQUIRED_FREETYPE_VERSION) \
++# " or higher is required. \n" \
++# "`$(CAT) $<` \n" >> $(ERROR_FILE) ; \
++# fi
+ else
+ #do nothing (cross-compiling)
+ sane-freetype:
diff --git a/SOURCES/java-1.7.0-openjdk-java-access-bridge-security.patch b/SOURCES/java-1.7.0-openjdk-java-access-bridge-security.patch
new file mode 100644
index 0000000..7c13bfb
--- /dev/null
+++ b/SOURCES/java-1.7.0-openjdk-java-access-bridge-security.patch
@@ -0,0 +1,21 @@
+diff --git a/src/share/lib/security/java.security-linux b/src/share/lib/security/java.security-linux
+--- openjdk/jdk/src/share/lib/security/java.security-linux
++++ openjdk/jdk/src/share/lib/security/java.security-linux
+@@ -158,6 +158,8 @@
+ com.sun.org.apache.xml.internal.utils.,\
+ com.sun.org.glassfish.,\
+ oracle.jrockit.jfr.,\
++ org.GNOME.Accessibility.,\
++ org.GNOME.Bonobo.,\
+ org.jcp.xml.dsig.internal.
+ #
+ # List of comma-separated packages that start with or equal this string
+@@ -200,6 +202,8 @@
+ com.sun.org.apache.xml.internal.utils.,\
+ com.sun.org.glassfish.,\
+ oracle.jrockit.jfr.,\
++ org.GNOME.Accessibility.,\
++ org.GNOME.Bonobo.,\
+ org.jcp.xml.dsig.internal.
+ #
+ # Determines whether this properties file can be appended to
diff --git a/SOURCES/java-1.7.0-openjdk-java-access-bridge-tck.patch b/SOURCES/java-1.7.0-openjdk-java-access-bridge-tck.patch
new file mode 100644
index 0000000..36a23c0
--- /dev/null
+++ b/SOURCES/java-1.7.0-openjdk-java-access-bridge-tck.patch
@@ -0,0 +1,25 @@
+--- java-access-bridge-1.22.0/bridge/org/GNOME/Accessibility/JavaBridge.java.orig 2008-05-22 11:27:00.000000000 -0400
++++ java-access-bridge-1.22.0/bridge/org/GNOME/Accessibility/JavaBridge.java 2008-05-22 11:28:02.000000000 -0400
+@@ -34,6 +34,9 @@
+ import javax.accessibility.AccessibleRole;
+ import javax.accessibility.AccessibleText;
+ import javax.accessibility.AccessibleEditableText;
++import java.security.PrivilegedAction;
++import java.security.AccessController;
++
+
+ public class JavaBridge {
+
+@@ -332,7 +335,11 @@
+ System.err.println ("Java Accessibility Bridge for GNOME loaded.\n");
+
+ // Not sure what kind of arguments should be sent to ORB
+- String vm_rev = System.getProperty("java.version");
++ String vm_rev = (String) AccessController.doPrivileged(new PrivilegedAction() {
++ public java.lang.Object run() {
++ return System.getProperty("java.version");
++ }
++ });
+
+ if (vm_rev.compareTo("1.4.0") < 0) {
+ System.err.println("WARNING: Java Accessibility Bridge " +
diff --git a/SOURCES/java-abrt-launcher b/SOURCES/java-abrt-launcher
new file mode 100644
index 0000000..681ef43
--- /dev/null
+++ b/SOURCES/java-abrt-launcher
@@ -0,0 +1,7 @@
+#!/bin/bash
+if [ -e @LIB_DIR@ ] ; then
+ exec -a java @JAVA_PATH@ -agentpath:@LIB_DIR@=abrt=on "$@"
+else
+ exec -a java @JAVA_PATH@ "$@"
+fi
+
diff --git a/SOURCES/jconsole.desktop b/SOURCES/jconsole.desktop
new file mode 100644
index 0000000..f7904c6
--- /dev/null
+++ b/SOURCES/jconsole.desktop
@@ -0,0 +1,10 @@
+[Desktop Entry]
+Name=OpenJDK Monitoring & Management Console #ARCH#
+Comment=Monitor and manage OpenJDK applications for #ARCH#
+Exec=/usr/bin/jconsole
+Icon=java-1.7.0
+Terminal=false
+Type=Application
+StartupWMClass=sun-tools-jconsole-JConsole
+Categories=Development;Monitor;Java;
+Version=1.0
diff --git a/SOURCES/nss.cfg b/SOURCES/nss.cfg
new file mode 100644
index 0000000..377a39c
--- /dev/null
+++ b/SOURCES/nss.cfg
@@ -0,0 +1,5 @@
+name = NSS
+nssLibraryDirectory = @NSS_LIBDIR@
+nssDbMode = noDb
+attributes = compatibility
+handleStartupErrors = ignoreMultipleInitialisation
diff --git a/SOURCES/policytool.desktop b/SOURCES/policytool.desktop
new file mode 100644
index 0000000..b0841b3
--- /dev/null
+++ b/SOURCES/policytool.desktop
@@ -0,0 +1,10 @@
+[Desktop Entry]
+Name=OpenJDK Policy Tool #ARCH#
+Comment=Manage OpenJDK policy files for #ARCH#
+Exec=/usr/bin/policytool
+Icon=java-1.7.0
+Terminal=false
+Type=Application
+StartupWMClass=sun-security-tools-PolicyTool
+Categories=Development;Java;
+Version=1.0
diff --git a/SOURCES/pr2809.patch b/SOURCES/pr2809.patch
new file mode 100644
index 0000000..d0f0b02
--- /dev/null
+++ b/SOURCES/pr2809.patch
@@ -0,0 +1,576 @@
+# HG changeset patch
+# User xuelei
+# Date 1453868482 0
+# Wed Jan 27 04:21:22 2016 +0000
+# Node ID 8d589911411743fa38badf69c10aa067eaa996b7
+# Parent ceb95f0d38d7ab09762dd7ff33bb855f3088a6b5
+8076221, PR2809: Disable RC4 cipher suites
+Reviewed-by: wetmore
+
+diff --git a/src/share/lib/security/java.security-linux b/src/share/lib/security/java.security-linux
+--- openjdk/jdk/src/share/lib/security/java.security-linux
++++ openjdk/jdk/src/share/lib/security/java.security-linux
+@@ -501,7 +501,7 @@
+ #
+ # Example:
+ # jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
+-jdk.tls.disabledAlgorithms=SSLv3, MD5withRSA, DH keySize < 768, \
++jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768, \
+ EC keySize < 224
+
+ # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
+diff --git a/src/share/lib/security/java.security-macosx b/src/share/lib/security/java.security-macosx
+--- openjdk/jdk/src/share/lib/security/java.security-macosx
++++ openjdk/jdk/src/share/lib/security/java.security-macosx
+@@ -506,7 +506,7 @@
+ #
+ # Example:
+ # jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
+-jdk.tls.disabledAlgorithms=SSLv3, MD5withRSA, DH keySize < 768, \
++jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768, \
+ EC keySize < 224
+
+ # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
+diff --git a/src/share/lib/security/java.security-solaris b/src/share/lib/security/java.security-solaris
+--- openjdk/jdk/src/share/lib/security/java.security-solaris
++++ openjdk/jdk/src/share/lib/security/java.security-solaris
+@@ -505,7 +505,7 @@
+ #
+ # Example:
+ # jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
+-jdk.tls.disabledAlgorithms=SSLv3, MD5withRSA, DH keySize < 768, \
++jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768, \
+ EC keySize < 224
+
+ # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
+diff --git a/src/share/lib/security/java.security-windows b/src/share/lib/security/java.security-windows
+--- openjdk/jdk/src/share/lib/security/java.security-windows
++++ openjdk/jdk/src/share/lib/security/java.security-windows
+@@ -506,7 +506,7 @@
+ #
+ # Example:
+ # jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
+-jdk.tls.disabledAlgorithms=SSLv3, MD5withRSA, DH keySize < 768, \
++jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768, \
+ EC keySize < 224
+
+ # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
+diff --git a/test/javax/net/ssl/ciphersuites/DisabledAlgorithms.java b/test/javax/net/ssl/ciphersuites/DisabledAlgorithms.java
+new file mode 100644
+--- /dev/null
++++ openjdk/jdk/test/javax/net/ssl/ciphersuites/DisabledAlgorithms.java
+@@ -0,0 +1,362 @@
++/*
++ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
++ *
++ * This code is free software; you can redistribute it and/or modify it
++ * under the terms of the GNU General Public License version 2 only, as
++ * published by the Free Software Foundation.
++ *
++ * This code is distributed in the hope that it will be useful, but WITHOUT
++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
++ * version 2 for more details (a copy is included in the LICENSE file that
++ * accompanied this code).
++ *
++ * You should have received a copy of the GNU General Public License version
++ * 2 along with this work; if not, write to the Free Software Foundation,
++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
++ *
++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
++ * or visit www.oracle.com if you need additional information or have any
++ * questions.
++ */
++
++import java.io.BufferedInputStream;
++import java.io.BufferedOutputStream;
++import java.io.IOException;
++import java.io.InputStream;
++import java.io.OutputStream;
++import java.security.NoSuchAlgorithmException;
++import java.security.Security;
++import java.util.concurrent.TimeUnit;
++import javax.net.ssl.SSLContext;
++import javax.net.ssl.SSLHandshakeException;
++import javax.net.ssl.SSLServerSocket;
++import javax.net.ssl.SSLServerSocketFactory;
++import javax.net.ssl.SSLSocket;
++import javax.net.ssl.SSLSocketFactory;
++
++/**
++ * @test
++ * @bug 8076221
++ * @summary Check if weak cipher suites are disabled
++ * @run main/othervm DisabledAlgorithms default
++ * @run main/othervm DisabledAlgorithms empty
++ */
++public class DisabledAlgorithms {
++
++ private static final String pathToStores =
++ "../../../../sun/security/ssl/etc";
++ private static final String keyStoreFile = "keystore";
++ private static final String trustStoreFile = "truststore";
++ private static final String passwd = "passphrase";
++
++ private static final String keyFilename =
++ System.getProperty("test.src", "./") + "/" + pathToStores +
++ "/" + keyStoreFile;
++
++ private static final String trustFilename =
++ System.getProperty("test.src", "./") + "/" + pathToStores +
++ "/" + trustStoreFile;
++
++ // supported RC4 cipher suites
++ // it does not contain KRB5 cipher suites because they need a KDC
++ private static final String[] rc4_ciphersuites = new String[] {
++ "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",
++ "TLS_ECDHE_RSA_WITH_RC4_128_SHA",
++ "SSL_RSA_WITH_RC4_128_SHA",
++ "TLS_ECDH_ECDSA_WITH_RC4_128_SHA",
++ "TLS_ECDH_RSA_WITH_RC4_128_SHA",
++ "SSL_RSA_WITH_RC4_128_MD5",
++ "TLS_ECDH_anon_WITH_RC4_128_SHA",
++ "SSL_DH_anon_WITH_RC4_128_MD5"
++ };
++
++ public static void main(String[] args) throws Exception {
++ if (args.length < 1) {
++ throw new RuntimeException("No parameters specified");
++ }
++
++ System.setProperty("javax.net.ssl.keyStore", keyFilename);
++ System.setProperty("javax.net.ssl.keyStorePassword", passwd);
++ System.setProperty("javax.net.ssl.trustStore", trustFilename);
++ System.setProperty("javax.net.ssl.trustStorePassword", passwd);
++
++ switch (args[0]) {
++ case "default":
++ // use default jdk.tls.disabledAlgorithms
++ System.out.println("jdk.tls.disabledAlgorithms = "
++ + Security.getProperty("jdk.tls.disabledAlgorithms"));
++
++ // check if RC4 cipher suites can't be used by default
++ checkFailure(rc4_ciphersuites);
++ break;
++ case "empty":
++ // reset jdk.tls.disabledAlgorithms
++ Security.setProperty("jdk.tls.disabledAlgorithms", "");
++ System.out.println("jdk.tls.disabledAlgorithms = "
++ + Security.getProperty("jdk.tls.disabledAlgorithms"));
++
++ // check if RC4 cipher suites can be used
++ // if jdk.tls.disabledAlgorithms is empty
++ checkSuccess(rc4_ciphersuites);
++ break;
++ default:
++ throw new RuntimeException("Wrong parameter: " + args[0]);
++ }
++ }
++
++ /*
++ * Checks if that specified cipher suites cannot be used.
++ */
++ private static void checkFailure(String[] ciphersuites) throws Exception {
++ try (SSLServer server = SSLServer.init(ciphersuites)) {
++ startNewThread(server);
++ while (!server.isRunning()) {
++ sleep();
++ }
++
++ int port = server.getPort();
++ for (String ciphersuite : ciphersuites) {
++ try (SSLClient client = SSLClient.init(port, ciphersuite)) {
++ client.connect();
++ throw new RuntimeException("Expected SSLHandshakeException "
++ + "not thrown");
++ } catch (SSLHandshakeException e) {
++ System.out.println("Expected exception on client side: "
++ + e);
++ }
++ }
++
++ server.stop();
++ while (server.isRunning()) {
++ sleep();
++ }
++
++ if (!server.sslError()) {
++ throw new RuntimeException("Expected SSL exception "
++ + "not thrown on server side");
++ }
++ }
++
++ }
++
++ /*
++ * Checks if specified cipher suites can be used.
++ */
++ private static void checkSuccess(String[] ciphersuites) throws Exception {
++ try (SSLServer server = SSLServer.init(ciphersuites)) {
++ startNewThread(server);
++ while (!server.isRunning()) {
++ sleep();
++ }
++
++ int port = server.getPort();
++ for (String ciphersuite : ciphersuites) {
++ try (SSLClient client = SSLClient.init(port, ciphersuite)) {
++ client.connect();
++ String negotiated = client.getNegotiatedCipherSuite();
++ System.out.println("Negotiated cipher suite: "
++ + negotiated);
++ if (!negotiated.equals(ciphersuite)) {
++ throw new RuntimeException("Unexpected cipher suite: "
++ + negotiated);
++ }
++ }
++ }
++
++ server.stop();
++ while (server.isRunning()) {
++ sleep();
++ }
++
++ if (server.error()) {
++ throw new RuntimeException("Unexpected error on server side");
++ }
++ }
++
++ }
++
++ private static Thread startNewThread(SSLServer server) {
++ Thread serverThread = new Thread(server, "SSL server thread");
++ serverThread.setDaemon(true);
++ serverThread.start();
++ return serverThread;
++ }
++
++ private static void sleep() {
++ try {
++ TimeUnit.MILLISECONDS.sleep(50);
++ } catch (InterruptedException e) {
++ // do nothing
++ }
++ }
++
++ static class SSLServer implements Runnable, AutoCloseable {
++
++ private final SSLServerSocket ssocket;
++ private volatile boolean stopped = false;
++ private volatile boolean running = false;
++ private volatile boolean sslError = false;
++ private volatile boolean otherError = false;
++
++ private SSLServer(SSLServerSocket ssocket) {
++ this.ssocket = ssocket;
++ }
++
++ @Override
++ public void run() {
++ System.out.println("Server: started");
++ running = true;
++ while (!stopped) {
++ try (SSLSocket socket = (SSLSocket) ssocket.accept()) {
++ System.out.println("Server: accepted client connection");
++ InputStream in = socket.getInputStream();
++ OutputStream out = socket.getOutputStream();
++ int b = in.read();
++ if (b < 0) {
++ throw new IOException("Unexpected EOF");
++ }
++ System.out.println("Server: send data: " + b);
++ out.write(b);
++ out.flush();
++ socket.getSession().invalidate();
++ } catch (SSLHandshakeException e) {
++ System.out.println("Server: run: " + e);
++ sslError = true;
++ } catch (IOException e) {
++ if (!stopped) {
++ System.out.println("Server: run: " + e);
++ e.printStackTrace();
++ otherError = true;
++ }
++ }
++ }
++
++ System.out.println("Server: finished");
++ running = false;
++ }
++
++ int getPort() {
++ return ssocket.getLocalPort();
++ }
++
++ String[] getEnabledCiperSuites() {
++ return ssocket.getEnabledCipherSuites();
++ }
++
++ boolean isRunning() {
++ return running;
++ }
++
++ boolean sslError() {
++ return sslError;
++ }
++
++ boolean error() {
++ return sslError || otherError;
++ }
++
++ void stop() {
++ stopped = true;
++ if (!ssocket.isClosed()) {
++ try {
++ ssocket.close();
++ } catch (IOException e) {
++ System.out.println("Server: close: " + e);
++ }
++ }
++ }
++
++ @Override
++ public void close() {
++ stop();
++ }
++
++ static SSLServer init(String[] ciphersuites)
++ throws IOException {
++ SSLServerSocketFactory ssf = (SSLServerSocketFactory)
++ SSLServerSocketFactory.getDefault();
++ SSLServerSocket ssocket = (SSLServerSocket)
++ ssf.createServerSocket(0);
++
++ if (ciphersuites != null) {
++ System.out.println("Server: enable cipher suites: "
++ + java.util.Arrays.toString(ciphersuites));
++ ssocket.setEnabledCipherSuites(ciphersuites);
++ }
++
++ return new SSLServer(ssocket);
++ }
++ }
++
++ static class SSLClient implements AutoCloseable {
++
++ private final SSLSocket socket;
++
++ private SSLClient(SSLSocket socket) {
++ this.socket = socket;
++ }
++
++ void connect() throws IOException {
++ System.out.println("Client: connect to server");
++ try (
++ BufferedInputStream bis = new BufferedInputStream(
++ socket.getInputStream());
++ BufferedOutputStream bos = new BufferedOutputStream(
++ socket.getOutputStream())) {
++ bos.write('x');
++ bos.flush();
++
++ int read = bis.read();
++ if (read < 0) {
++ throw new IOException("Client: couldn't read a response");
++ }
++ socket.getSession().invalidate();
++ }
++ }
++
++ String[] getEnabledCiperSuites() {
++ return socket.getEnabledCipherSuites();
++ }
++
++ String getNegotiatedCipherSuite() {
++ return socket.getSession().getCipherSuite();
++ }
++
++ @Override
++ public void close() throws Exception {
++ if (!socket.isClosed()) {
++ try {
++ socket.close();
++ } catch (IOException e) {
++ System.out.println("Client: close: " + e);
++ }
++ }
++ }
++
++ static SSLClient init(int port)
++ throws NoSuchAlgorithmException, IOException {
++ return init(port, null);
++ }
++
++ static SSLClient init(int port, String ciphersuite)
++ throws NoSuchAlgorithmException, IOException {
++ SSLContext context = SSLContext.getDefault();
++ SSLSocketFactory ssf = (SSLSocketFactory)
++ context.getSocketFactory();
++ SSLSocket socket = (SSLSocket) ssf.createSocket("localhost", port);
++
++ if (ciphersuite != null) {
++ System.out.println("Client: enable cipher suite: "
++ + ciphersuite);
++ socket.setEnabledCipherSuites(new String[] { ciphersuite });
++ }
++
++ return new SSLClient(socket);
++ }
++
++ }
++
++
++}
+diff --git a/test/sun/security/krb5/auto/SSL.java b/test/sun/security/krb5/auto/SSL.java
+--- openjdk/jdk/test/sun/security/krb5/auto/SSL.java
++++ openjdk/jdk/test/sun/security/krb5/auto/SSL.java
+@@ -1,5 +1,5 @@
+ /*
+- * Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
++ * Copyright (c) 2009, 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+@@ -40,6 +40,7 @@
+ import java.net.InetAddress;
+ import javax.net.ssl.*;
+ import java.security.Principal;
++import java.security.Security;
+ import java.util.Date;
+ import sun.security.jgss.GSSUtil;
+ import sun.security.krb5.PrincipalName;
+@@ -54,6 +55,9 @@
+ private static volatile int port;
+
+ public static void main(String[] args) throws Exception {
++ // reset the security property to make sure that the algorithms
++ // and keys used in this test are not disabled.
++ Security.setProperty("jdk.tls.disabledAlgorithms", "");
+
+ krb5Cipher = args[0];
+
+diff --git a/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/ClientHandshaker/CipherSuiteOrder.java b/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/ClientHandshaker/CipherSuiteOrder.java
+--- openjdk/jdk/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/ClientHandshaker/CipherSuiteOrder.java
++++ openjdk/jdk/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/ClientHandshaker/CipherSuiteOrder.java
+@@ -1,5 +1,5 @@
+ /*
+- * Copyright (c) 2001, 2002, Oracle and/or its affiliates. All rights reserved.
++ * Copyright (c) 2001, 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+@@ -36,7 +36,7 @@
+ */
+
+ import java.io.*;
+-import java.net.*;
++import java.security.Security;
+ import javax.net.ssl.*;
+
+ public class CipherSuiteOrder {
+@@ -198,6 +198,10 @@
+ volatile Exception clientException = null;
+
+ public static void main(String[] args) throws Exception {
++ // reset the security property to make sure that the algorithms
++ // and keys used in this test are not disabled.
++ Security.setProperty("jdk.tls.disabledAlgorithms", "");
++
+ String keyFilename =
+ System.getProperty("test.src", "./") + "/" + pathToStores +
+ "/" + keyStoreFile;
+diff --git a/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/DHKeyExchange/DHEKeySizing.java b/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/DHKeyExchange/DHEKeySizing.java
+--- openjdk/jdk/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/DHKeyExchange/DHEKeySizing.java
++++ openjdk/jdk/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/DHKeyExchange/DHEKeySizing.java
+@@ -103,10 +103,10 @@
+ import java.security.Security;
+ import java.security.KeyStore;
+ import java.security.KeyFactory;
++import java.security.Security;
+ import java.security.cert.Certificate;
+ import java.security.cert.CertificateFactory;
+ import java.security.spec.PKCS8EncodedKeySpec;
+-import java.security.spec.*;
+ import java.security.interfaces.*;
+ import sun.misc.BASE64Decoder;
+
+diff --git a/test/sun/security/ssl/javax/net/ssl/NewAPIs/SSLEngine/CheckStatus.java b/test/sun/security/ssl/javax/net/ssl/NewAPIs/SSLEngine/CheckStatus.java
+--- openjdk/jdk/test/sun/security/ssl/javax/net/ssl/NewAPIs/SSLEngine/CheckStatus.java
++++ openjdk/jdk/test/sun/security/ssl/javax/net/ssl/NewAPIs/SSLEngine/CheckStatus.java
+@@ -1,5 +1,5 @@
+ /*
+- * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
++ * Copyright (c) 2003, 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+@@ -622,6 +622,9 @@
+ }
+
+ public static void main(String args[]) throws Exception {
++ // reset the security property to make sure that the algorithms
++ // and keys used in this test are not disabled.
++ Security.setProperty("jdk.tls.disabledAlgorithms", "");
+
+ CheckStatus cs;
+
+diff --git a/test/sun/security/ssl/javax/net/ssl/NewAPIs/SSLEngine/ConnectionTest.java b/test/sun/security/ssl/javax/net/ssl/NewAPIs/SSLEngine/ConnectionTest.java
+--- openjdk/jdk/test/sun/security/ssl/javax/net/ssl/NewAPIs/SSLEngine/ConnectionTest.java
++++ openjdk/jdk/test/sun/security/ssl/javax/net/ssl/NewAPIs/SSLEngine/ConnectionTest.java
+@@ -33,6 +33,8 @@
+ * The code could certainly be tightened up a lot.
+ *
+ * @author Brad Wetmore
++ *
++ * @run main/othervm ConnectionTest
+ */
+
+ import javax.net.ssl.*;
+@@ -672,6 +674,10 @@
+ }
+
+ public static void main(String args[]) throws Exception {
++ // reset the security property to make sure that the algorithms
++ // and keys used in this test are not disabled.
++ Security.setProperty("jdk.tls.disabledAlgorithms", "");
++
+ ConnectionTest ct = new ConnectionTest();
+ ct.test();
+ }
+diff --git a/test/sun/security/ssl/javax/net/ssl/NewAPIs/SSLEngine/LargeBufs.java b/test/sun/security/ssl/javax/net/ssl/NewAPIs/SSLEngine/LargeBufs.java
+--- openjdk/jdk/test/sun/security/ssl/javax/net/ssl/NewAPIs/SSLEngine/LargeBufs.java
++++ openjdk/jdk/test/sun/security/ssl/javax/net/ssl/NewAPIs/SSLEngine/LargeBufs.java
+@@ -180,6 +180,9 @@
+ }
+
+ public static void main(String args[]) throws Exception {
++ // reset the security property to make sure that the algorithms
++ // and keys used in this test are not disabled.
++ Security.setProperty("jdk.tls.disabledAlgorithms", "");
+
+ LargeBufs test;
+
+diff --git a/test/sun/security/ssl/javax/net/ssl/TLSv11/GenericStreamCipher.java b/test/sun/security/ssl/javax/net/ssl/TLSv11/GenericStreamCipher.java
+--- openjdk/jdk/test/sun/security/ssl/javax/net/ssl/TLSv11/GenericStreamCipher.java
++++ openjdk/jdk/test/sun/security/ssl/javax/net/ssl/TLSv11/GenericStreamCipher.java
+@@ -37,7 +37,7 @@
+ */
+
+ import java.io.*;
+-import java.net.*;
++import java.security.Security;
+ import javax.net.ssl.*;
+
+ public class GenericStreamCipher {
+@@ -165,6 +165,10 @@
+ volatile Exception clientException = null;
+
+ public static void main(String[] args) throws Exception {
++ // reset the security property to make sure that the algorithms
++ // and keys used in this test are not disabled.
++ Security.setProperty("jdk.tls.disabledAlgorithms", "");
++
+ String keyFilename =
+ System.getProperty("test.src", ".") + "/" + pathToStores +
+ "/" + keyStoreFile;
diff --git a/SOURCES/pr3393-rh1273760.patch b/SOURCES/pr3393-rh1273760.patch
new file mode 100644
index 0000000..15442f1
--- /dev/null
+++ b/SOURCES/pr3393-rh1273760.patch
@@ -0,0 +1,206 @@
+diff --git a/src/share/classes/sun/security/pkcs11/P11Signature.java b/src/share/classes/sun/security/pkcs11/P11Signature.java
+--- openjdk/jdk/src/share/classes/sun/security/pkcs11/P11Signature.java
++++ openjdk/jdk/src/share/classes/sun/security/pkcs11/P11Signature.java
+@@ -87,8 +87,8 @@
+ // name of the key algorithm, currently either RSA or DSA
+ private final String keyAlgorithm;
+
+- // mechanism id
+- private final long mechanism;
++ // mechanism
++ private final CK_MECHANISM mechanism;
+
+ // digest algorithm OID, if we encode RSA signature ourselves
+ private final ObjectIdentifier digestOID;
+@@ -138,11 +138,62 @@
+ super();
+ this.token = token;
+ this.algorithm = algorithm;
+- this.mechanism = mechanism;
++ CK_MECHANISM ckMechanism = new CK_MECHANISM(mechanism);
++ final CK_RSA_PKCS_PSS_PARAMS mechParams;
+ byte[] buffer = null;
+ ObjectIdentifier digestOID = null;
+ MessageDigest md = null;
+ switch ((int)mechanism) {
++ case (int)CKM_SHA1_RSA_PKCS_PSS:
++ mechParams = new CK_RSA_PKCS_PSS_PARAMS();
++ mechParams.hashAlg = CKM_SHA_1;
++ mechParams.mgf = CKG_MGF1_SHA1;
++ mechParams.sLen = 20;
++ ckMechanism = new CK_MECHANISM(mechanism, mechParams);
++ this.keyAlgorithm = "RSA";
++ this.type = T_UPDATE;
++ buffer = new byte[1];
++ break;
++ case (int)CKM_SHA224_RSA_PKCS_PSS:
++ mechParams = new CK_RSA_PKCS_PSS_PARAMS();
++ mechParams.hashAlg = CKM_SHA224;
++ mechParams.mgf = CKG_MGF1_SHA224;
++ mechParams.sLen = 28;
++ ckMechanism = new CK_MECHANISM(mechanism, mechParams);
++ this.keyAlgorithm = "RSA";
++ this.type = T_UPDATE;
++ buffer = new byte[1];
++ break;
++ case (int)CKM_SHA256_RSA_PKCS_PSS:
++ mechParams = new CK_RSA_PKCS_PSS_PARAMS();
++ mechParams.hashAlg = CKM_SHA256;
++ mechParams.mgf = CKG_MGF1_SHA256;
++ mechParams.sLen = 32;
++ ckMechanism = new CK_MECHANISM(mechanism, mechParams);
++ this.keyAlgorithm = "RSA";
++ this.type = T_UPDATE;
++ buffer = new byte[1];
++ break;
++ case (int)CKM_SHA384_RSA_PKCS_PSS:
++ mechParams = new CK_RSA_PKCS_PSS_PARAMS();
++ mechParams.hashAlg = CKM_SHA384;
++ mechParams.mgf = CKG_MGF1_SHA384;
++ mechParams.sLen = 48;
++ ckMechanism = new CK_MECHANISM(mechanism, mechParams);
++ this.keyAlgorithm = "RSA";
++ this.type = T_UPDATE;
++ buffer = new byte[1];
++ break;
++ case (int)CKM_SHA512_RSA_PKCS_PSS:
++ mechParams = new CK_RSA_PKCS_PSS_PARAMS();
++ mechParams.hashAlg = CKM_SHA512;
++ mechParams.mgf = CKG_MGF1_SHA512;
++ mechParams.sLen = 64;
++ ckMechanism = new CK_MECHANISM(mechanism, mechParams);
++ this.keyAlgorithm = "RSA";
++ this.type = T_UPDATE;
++ buffer = new byte[1];
++ break;
+ case (int)CKM_MD2_RSA_PKCS:
+ case (int)CKM_MD5_RSA_PKCS:
+ case (int)CKM_SHA1_RSA_PKCS:
+@@ -232,6 +283,7 @@
+ default:
+ throw new ProviderException("Unknown mechanism: " + mechanism);
+ }
++ this.mechanism = ckMechanism;
+ this.buffer = buffer;
+ this.digestOID = digestOID;
+ this.md = md;
+@@ -309,10 +361,10 @@
+ }
+ if (mode == M_SIGN) {
+ token.p11.C_SignInit(session.id(),
+- new CK_MECHANISM(mechanism), p11Key.keyID);
++ mechanism, p11Key.keyID);
+ } else {
+ token.p11.C_VerifyInit(session.id(),
+- new CK_MECHANISM(mechanism), p11Key.keyID);
++ mechanism, p11Key.keyID);
+ }
+ initialized = true;
+ } catch (PKCS11Exception e) {
+@@ -350,7 +402,8 @@
+ } else if (algorithm.equals("SHA512withRSA")) {
+ encodedLength = 83;
+ } else {
+- throw new ProviderException("Unknown signature algo: " + algorithm);
++ encodedLength = 0;
++ //throw new ProviderException("Unknown signature algo: " + algorithm);
+ }
+ if (encodedLength > maxDataSize) {
+ throw new InvalidKeyException
+@@ -523,7 +576,7 @@
+ if (type == T_DIGEST) {
+ digest = md.digest();
+ } else { // T_RAW
+- if (mechanism == CKM_DSA) {
++ if (mechanism.mechanism == CKM_DSA) {
+ if (bytesProcessed != buffer.length) {
+ throw new SignatureException
+ ("Data for RawDSA must be exactly 20 bytes long");
+@@ -543,7 +596,7 @@
+ signature = token.p11.C_Sign(session.id(), digest);
+ } else { // RSA
+ byte[] data = encodeSignature(digest);
+- if (mechanism == CKM_RSA_X_509) {
++ if (mechanism.mechanism == CKM_RSA_X_509) {
+ data = pkcs1Pad(data);
+ }
+ signature = token.p11.C_Sign(session.id(), data);
+@@ -578,7 +631,7 @@
+ if (type == T_DIGEST) {
+ digest = md.digest();
+ } else { // T_RAW
+- if (mechanism == CKM_DSA) {
++ if (mechanism.mechanism == CKM_DSA) {
+ if (bytesProcessed != buffer.length) {
+ throw new SignatureException
+ ("Data for RawDSA must be exactly 20 bytes long");
+@@ -598,7 +651,7 @@
+ token.p11.C_Verify(session.id(), digest, signature);
+ } else { // RSA
+ byte[] data = encodeSignature(digest);
+- if (mechanism == CKM_RSA_X_509) {
++ if (mechanism.mechanism == CKM_RSA_X_509) {
+ data = pkcs1Pad(data);
+ }
+ token.p11.C_Verify(session.id(), data, signature);
+diff --git a/src/share/classes/sun/security/pkcs11/SunPKCS11.java b/src/share/classes/sun/security/pkcs11/SunPKCS11.java
+--- openjdk/jdk/src/share/classes/sun/security/pkcs11/SunPKCS11.java
++++ openjdk/jdk/src/share/classes/sun/security/pkcs11/SunPKCS11.java
+@@ -729,6 +729,16 @@
+ d(SIG, "SHA512withRSA", P11Signature,
+ s("1.2.840.113549.1.1.13", "OID.1.2.840.113549.1.1.13"),
+ m(CKM_SHA512_RSA_PKCS, CKM_RSA_PKCS, CKM_RSA_X_509));
++ d(SIG, "SHA1withRSAandMGF1", P11Signature,
++ m(CKM_SHA1_RSA_PKCS_PSS));
++ d(SIG, "SHA224withRSAandMGF1", P11Signature,
++ m(CKM_SHA224_RSA_PKCS_PSS));
++ d(SIG, "SHA256withRSAandMGF1", P11Signature,
++ m(CKM_SHA256_RSA_PKCS_PSS));
++ d(SIG, "SHA384withRSAandMGF1", P11Signature,
++ m(CKM_SHA384_RSA_PKCS_PSS));
++ d(SIG, "SHA512withRSAandMGF1", P11Signature,
++ m(CKM_SHA512_RSA_PKCS_PSS));
+
+ /*
+ * TLS 1.2 uses a different hash algorithm than 1.0/1.1 for the
+diff --git a/src/share/classes/sun/security/pkcs11/wrapper/CK_MECHANISM.java b/src/share/classes/sun/security/pkcs11/wrapper/CK_MECHANISM.java
+--- openjdk/jdk/src/share/classes/sun/security/pkcs11/wrapper/CK_MECHANISM.java
++++ openjdk/jdk/src/share/classes/sun/security/pkcs11/wrapper/CK_MECHANISM.java
+@@ -112,6 +112,10 @@
+ init(mechanism, params);
+ }
+
++ public CK_MECHANISM(long mechanism, CK_RSA_PKCS_PSS_PARAMS params) {
++ init(mechanism, params);
++ }
++
+ public CK_MECHANISM(long mechanism, CK_SSL3_KEY_MAT_PARAMS params) {
+ init(mechanism, params);
+ }
+diff --git a/src/share/classes/sun/security/pkcs11/wrapper/PKCS11Constants.java b/src/share/classes/sun/security/pkcs11/wrapper/PKCS11Constants.java
+--- openjdk/jdk/src/share/classes/sun/security/pkcs11/wrapper/PKCS11Constants.java
++++ openjdk/jdk/src/share/classes/sun/security/pkcs11/wrapper/PKCS11Constants.java
+@@ -458,6 +458,12 @@
+ public static final long CKM_SHA384_RSA_PKCS = 0x00000041L;
+ public static final long CKM_SHA512_RSA_PKCS = 0x00000042L;
+
++ // v2.30
++ public static final long CKM_SHA256_RSA_PKCS_PSS = 0x00000043L;
++ public static final long CKM_SHA384_RSA_PKCS_PSS = 0x00000044L;
++ public static final long CKM_SHA512_RSA_PKCS_PSS = 0x00000045L;
++
++
+ public static final long CKM_RC2_KEY_GEN = 0x00000100L;
+ public static final long CKM_RC2_ECB = 0x00000101L;
+ public static final long CKM_RC2_CBC = 0x00000102L;
+@@ -911,6 +917,10 @@
+
+ /* The following MGFs are defined */
+ public static final long CKG_MGF1_SHA1 = 0x00000001L;
++ public static final long CKG_MGF1_SHA256 = 0x00000002L;
++ public static final long CKG_MGF1_SHA384 = 0x00000003L;
++ public static final long CKG_MGF1_SHA512 = 0x00000004L;
++
+ // new for v2.20 amendment 3
+ public static final long CKG_MGF1_SHA224 = 0x00000005L;
+
diff --git a/SOURCES/pr3497.patch b/SOURCES/pr3497.patch
new file mode 100644
index 0000000..540ae00
--- /dev/null
+++ b/SOURCES/pr3497.patch
@@ -0,0 +1,24 @@
+# HG changeset patch
+# User andrew
+# Date 1511841133 0
+# Tue Nov 28 03:52:13 2017 +0000
+# Node ID bccc53c13c22acbc87a3829830ffb736d8c18bab
+# Parent 24d492352bf29b67576fab7d46d86e6c698498f9
+PR3497: AArch64: Adapt to 8002074: Support for AES on SPARC
+
+diff --git a/src/cpu/aarch64/vm/aarch64.ad b/src/cpu/aarch64/vm/aarch64.ad
+--- openjdk/hotspot/src/cpu/aarch64/vm/aarch64.ad
++++ openjdk/hotspot/src/cpu/aarch64/vm/aarch64.ad
+@@ -1590,6 +1590,12 @@
+ return Op_RegL;
+ }
+
++// AArch64 AES instructions are compatible with SunJCE expanded
++// keys, hence we do not need to pass the original key to stubs
++const bool Matcher::pass_original_key_for_aes() {
++ return false;
++}
++
+ // x86 supports misaligned vectors store/load.
+ const bool Matcher::misaligned_vectors_ok() {
+ // TODO fixme
diff --git a/SOURCES/pulse-soundproperties.patch b/SOURCES/pulse-soundproperties.patch
new file mode 100644
index 0000000..271a323
--- /dev/null
+++ b/SOURCES/pulse-soundproperties.patch
@@ -0,0 +1,16 @@
+--- openjdk/jdk/src/share/lib/sound.properties 2008-08-28 04:15:18.000000000 -0400
++++ openjdk/jdk/src/share/lib/sound.properties 2008-10-03 16:59:21.000000000 -0400
+@@ -37,3 +37,13 @@
+ # Specify the default Receiver by provider and name:
+ # javax.sound.midi.Receiver=com.sun.media.sound.MidiProvider#SunMIDI1
+ #
++
++# javax.sound.sampled.Clip=org.classpath.icedtea.pulseaudio.PulseAudioMixerProvider
++# javax.sound.sampled.Port=org.classpath.icedtea.pulseaudio.PulseAudioMixerProvider
++# javax.sound.sampled.SourceDataLine=org.classpath.icedtea.pulseaudio.PulseAudioMixerProvider
++# javax.sound.sampled.TargetDataLine=org.classpath.icedtea.pulseaudio.PulseAudioMixerProvider
++
++javax.sound.sampled.Clip=com.sun.media.sound.DirectAudioDeviceProvider
++javax.sound.sampled.Port=com.sun.media.sound.PortMixerProvider
++javax.sound.sampled.SourceDataLine=com.sun.media.sound.DirectAudioDeviceProvider
++javax.sound.sampled.TargetDataLine=com.sun.media.sound.DirectAudioDeviceProvider
diff --git a/SOURCES/remove-buildids.sh b/SOURCES/remove-buildids.sh
new file mode 100644
index 0000000..b31ecf6
--- /dev/null
+++ b/SOURCES/remove-buildids.sh
@@ -0,0 +1,28 @@
+#!/bin/bash
+
+JAVA_HOME=$1
+
+# remove build id in ELF file $1
+remove_buildid() {
+ echo "Removing build id from $1"
+ objcopy --rename-section=.note.gnu.build-id=.ignore.note.gnu.build-id "$1"
+}
+
+remove_buildids_in() {
+ for f in $(find $1 -type f) ; do
+ echo "$f"
+ if [ -f $f ]; then
+ file $f | grep ELF > /dev/null 2>&1
+ is_elf=$?
+ if [ $is_elf -eq 0 ] ; then
+ remove_buildid $f
+ fi
+ fi
+ done
+}
+
+remove_buildids_in ${JAVA_HOME}/bin
+remove_buildids_in ${JAVA_HOME}/lib
+remove_buildids_in ${JAVA_HOME}/demo
+remove_buildids_in ${JAVA_HOME}/jre/bin
+remove_buildids_in ${JAVA_HOME}/jre/lib
diff --git a/SOURCES/remove-intree-libraries.sh b/SOURCES/remove-intree-libraries.sh
new file mode 100644
index 0000000..1aa81b8
--- /dev/null
+++ b/SOURCES/remove-intree-libraries.sh
@@ -0,0 +1,82 @@
+#!/bin/sh
+
+ZIP_SRC=openjdk/jdk/src/share/native/java/util/zip/zlib
+JPEG_SRC=openjdk/jdk/src/share/native/sun/awt/image/jpeg/jpeg-6b
+GIF_SRC=openjdk/jdk/src/share/native/sun/awt/giflib
+PNG_SRC=openjdk/jdk/src/share/native/sun/awt/libpng
+LCMS_SRC=openjdk/jdk/src/share/native/sun/java2d/cmm/lcms
+PCSC_SRC=openjdk/jdk/src/solaris/native/sun/security/smartcardio/MUSCLE
+
+echo "Removing built-in libs (they will be linked)"
+
+echo "Removing zlib"
+if [ ! -d ${ZIP_SRC} ]; then
+ echo "${ZIP_SRC} does not exist. Refusing to proceed."
+ exit 1
+fi
+rm -rvf ${ZIP_SRC}
+
+echo "Removing libjpeg"
+if [ ! -f ${JPEG_SRC}/jdhuff.c ]; then # some file that sound definitely exist
+ echo "${JPEG_SRC} does not contain jpeg sources. Refusing to proceed."
+ exit 1
+fi
+
+rm -rvf ${JPEG_SRC}
+
+echo "Removing giflib"
+if [ ! -d ${GIF_SRC} ]; then
+ echo "${GIF_SRC} does not exist. Refusing to proceed."
+ exit 1
+fi
+rm -rvf ${GIF_SRC}
+
+echo "Removing libpng"
+if [ ! -d ${PNG_SRC} ]; then
+ echo "${PNG_SRC} does not exist. Refusing to proceed."
+ exit 1
+fi
+rm -rvf ${PNG_SRC}
+
+# LCMS 2 is disabled until security issues are resolved
+if [ ! true ]; then
+echo "Removing lcms"
+if [ ! -d ${LCMS_SRC} ]; then
+ echo "${LCMS_SRC} does not exist. Refusing to proceed."
+ exit 1
+fi
+rm -vf ${LCMS_SRC}/cmscam02.c
+rm -vf ${LCMS_SRC}/cmscgats.c
+rm -vf ${LCMS_SRC}/cmscnvrt.c
+rm -vf ${LCMS_SRC}/cmserr.c
+rm -vf ${LCMS_SRC}/cmsgamma.c
+rm -vf ${LCMS_SRC}/cmsgmt.c
+rm -vf ${LCMS_SRC}/cmsintrp.c
+rm -vf ${LCMS_SRC}/cmsio0.c
+rm -vf ${LCMS_SRC}/cmsio1.c
+rm -vf ${LCMS_SRC}/cmslut.c
+rm -vf ${LCMS_SRC}/cmsmd5.c
+rm -vf ${LCMS_SRC}/cmsmtrx.c
+rm -vf ${LCMS_SRC}/cmsnamed.c
+rm -vf ${LCMS_SRC}/cmsopt.c
+rm -vf ${LCMS_SRC}/cmspack.c
+rm -vf ${LCMS_SRC}/cmspcs.c
+rm -vf ${LCMS_SRC}/cmsplugin.c
+rm -vf ${LCMS_SRC}/cmsps2.c
+rm -vf ${LCMS_SRC}/cmssamp.c
+rm -vf ${LCMS_SRC}/cmssm.c
+rm -vf ${LCMS_SRC}/cmstypes.c
+rm -vf ${LCMS_SRC}/cmsvirt.c
+rm -vf ${LCMS_SRC}/cmswtpnt.c
+rm -vf ${LCMS_SRC}/cmsxform.c
+rm -vf ${LCMS_SRC}/lcms2.h
+rm -vf ${LCMS_SRC}/lcms2_internal.h
+rm -vf ${LCMS_SRC}/lcms2_plugin.h
+fi
+
+echo "Removing libpcsc headers"
+if [ ! -d ${PCSC_SRC} ]; then
+ echo "${PCSC_SRC} does not exist. Refusing to proceed."
+ exit 1
+fi
+rm -rvf ${PCSC_SRC}
diff --git a/SOURCES/repackReproduciblePolycies.sh b/SOURCES/repackReproduciblePolycies.sh
new file mode 100644
index 0000000..271cb74
--- /dev/null
+++ b/SOURCES/repackReproduciblePolycies.sh
@@ -0,0 +1,37 @@
+#!/bin/sh
+# https://bugzilla.redhat.com/show_bug.cgi?id=1142153
+M=META-INF/MANIFEST.MF
+#P=/usr/lib/jvm/java/jre/lib/security
+P=$1/lib/security
+for f in local_policy.jar US_export_policy.jar ; do
+ORIG=$P/$f
+echo "processing $f ($ORIG)"
+if [ ! -f $ORIG ]; then
+ echo "File not found! $ORIG"
+ continue
+fi
+d=`mktemp -d`
+NW=$d/$f
+ pushd $d
+ jar xf $ORIG
+ cat $M
+# sed -i "s/Created-By.*/Created-By: 1.7.0/g" $M
+ sed -i "s/Created-By.*/Created-By: $2/g" $M
+ cat $M
+ find . -exec touch -t 201401010000 {} +
+ zip -rX $f *
+ popd
+ echo "replacing $ORIG"
+ touch -t 201401010000 $ORIG
+ md5sum $ORIG
+ sha256sum $ORIG
+ echo "by $NW"
+ md5sum $NW
+ sha256sum $NW
+ touch -t 201401010000 $NW
+ cp $NW $ORIG
+ md5sum $ORIG
+ sha256sum $ORIG
+ touch -t 201401010000 $ORIG
+ rm -rfv $d
+done
diff --git a/SOURCES/rh1022017.patch b/SOURCES/rh1022017.patch
new file mode 100644
index 0000000..4983884
--- /dev/null
+++ b/SOURCES/rh1022017.patch
@@ -0,0 +1,28 @@
+diff --git a/src/share/classes/sun/security/ssl/SupportedEllipticCurvesExtension.java b/src/share/classes/sun/security/ssl/SupportedEllipticCurvesExtension.java
+--- openjdk/jdk/src/share/classes/sun/security/ssl/SupportedEllipticCurvesExtension.java
++++ openjdk/jdk/src/share/classes/sun/security/ssl/SupportedEllipticCurvesExtension.java
+@@ -168,20 +168,10 @@
+ "contains no supported elliptic curves");
+ }
+ } else { // default curves
+- int[] ids;
+- if (requireFips) {
+- ids = new int[] {
+- // only NIST curves in FIPS mode
+- 23, 24, 25, 9, 10, 11, 12, 13, 14,
+- };
+- } else {
+- ids = new int[] {
+- // NIST curves first
+- 23, 24, 25, 9, 10, 11, 12, 13, 14,
+- // non-NIST curves
+- 22,
+- };
+- }
++ int[] ids = new int[] {
++ // NSS currently only supports these three NIST curves
++ 23, 24, 25
++ };
+
+ idList = new ArrayList<>(ids.length);
+ for (int curveId : ids) {
diff --git a/SOURCES/rhino.patch b/SOURCES/rhino.patch
new file mode 100644
index 0000000..bd8ab68
--- /dev/null
+++ b/SOURCES/rhino.patch
@@ -0,0 +1,157 @@
+diff -ur openjdk.orig/jdk/make/com/sun/Makefile openjdk/jdk/make/com/sun/Makefile
+--- openjdk.orig/jdk/make/com/sun/Makefile 2012-02-14 16:12:48.000000000 -0500
++++ openjdk/jdk/make/com/sun/Makefile 2012-02-22 14:25:10.327518016 -0500
+@@ -31,13 +31,6 @@
+ PRODUCT = sun
+ include $(BUILDDIR)/common/Defs.gmk
+
+-ifndef OPENJDK
+- ORG_EXISTS := $(call DirExists,$(CLOSED_SRC)/share/classes/sun/org,,)
+- ifneq ("$(ORG_EXISTS)", "")
+- SCRIPT_SUBDIR = script
+- endif
+-endif
+-
+ # jarsigner is part of JRE
+ SUBDIRS = java security net/ssl jarsigner
+
+@@ -45,7 +38,7 @@
+ SUBDIRS_desktop = image
+ SUBDIRS_enterprise = crypto/provider jndi \
+ org rowset net/httpserver
+-SUBDIRS_misc = $(SCRIPT_SUBDIR) tracing nio demo
++SUBDIRS_misc = script tracing nio demo
+
+ # Omit mirror since it's built with the apt tool.
+ SUBDIRS_tools = tools
+diff -ur openjdk.orig/jdk/make/com/sun/script/Makefile openjdk/jdk/make/com/sun/script/Makefile
+--- openjdk.orig/jdk/make/com/sun/script/Makefile 2012-02-14 16:12:48.000000000 -0500
++++ openjdk/jdk/make/com/sun/script/Makefile 2012-02-22 14:10:53.325225237 -0500
+@@ -31,6 +31,8 @@
+
+ AUTO_FILES_JAVA_DIRS = com/sun/script
+
++OTHER_JAVACFLAGS = -classpath $(RHINO_JAR)
++
+ #
+ # Files that need to be copied
+ #
+diff -ur openjdk.orig/jdk/make/common/Release.gmk openjdk/jdk/make/common/Release.gmk
+--- openjdk.orig/jdk/make/common/Release.gmk 2012-02-14 16:12:48.000000000 -0500
++++ openjdk/jdk/make/common/Release.gmk 2012-02-22 14:10:53.325225237 -0500
+@@ -766,6 +766,7 @@
+ $(CP) $(RT_JAR) $(JRE_IMAGE_DIR)/lib/rt.jar
+ $(CP) $(RESOURCES_JAR) $(JRE_IMAGE_DIR)/lib/resources.jar
+ $(CP) $(JSSE_JAR) $(JRE_IMAGE_DIR)/lib/jsse.jar
++ $(CP) $(RHINO_JAR) $(JRE_IMAGE_DIR)/lib/rhino.jar
+ ifneq ($(JFR_JAR),)
+ $(CP) $(JFR_JAR) $(JRE_IMAGE_DIR)/lib/jfr.jar
+ endif
+diff -ur openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/ExternalScriptable.java openjdk/jdk/src/share/classes/com/sun/script/javascript/ExternalScriptable.java
+--- openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/ExternalScriptable.java 2012-02-14 16:12:49.000000000 -0500
++++ openjdk/jdk/src/share/classes/com/sun/script/javascript/ExternalScriptable.java 2012-02-22 14:10:53.325225237 -0500
+@@ -24,7 +24,7 @@
+ */
+
+ package com.sun.script.javascript;
+-import sun.org.mozilla.javascript.internal.*;
++import sun.org.mozilla.javascript.*;
+ import javax.script.*;
+ import java.util.*;
+
+diff -ur openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/JavaAdapter.java openjdk/jdk/src/share/classes/com/sun/script/javascript/JavaAdapter.java
+--- openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/JavaAdapter.java 2012-02-14 16:12:49.000000000 -0500
++++ openjdk/jdk/src/share/classes/com/sun/script/javascript/JavaAdapter.java 2012-02-22 14:10:53.325225237 -0500
+@@ -26,7 +26,7 @@
+ package com.sun.script.javascript;
+
+ import javax.script.Invocable;
+-import sun.org.mozilla.javascript.internal.*;
++import sun.org.mozilla.javascript.*;
+
+ /**
+ * This class implements Rhino-like JavaAdapter to help implement a Java
+diff -ur openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/JSAdapter.java openjdk/jdk/src/share/classes/com/sun/script/javascript/JSAdapter.java
+--- openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/JSAdapter.java 2012-02-14 16:12:49.000000000 -0500
++++ openjdk/jdk/src/share/classes/com/sun/script/javascript/JSAdapter.java 2012-02-22 14:10:53.326225216 -0500
+@@ -25,7 +25,7 @@
+
+ package com.sun.script.javascript;
+
+-import sun.org.mozilla.javascript.internal.*;
++import sun.org.mozilla.javascript.*;
+ import java.util.*;
+
+ /**
+diff -ur openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoClassShutter.java openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoClassShutter.java
+--- openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoClassShutter.java 2012-02-14 16:12:49.000000000 -0500
++++ openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoClassShutter.java 2012-02-22 14:10:53.326225216 -0500
+@@ -26,7 +26,7 @@
+ package com.sun.script.javascript;
+
+ import java.util.*;
+-import sun.org.mozilla.javascript.internal.*;
++import sun.org.mozilla.javascript.*;
+
+ /**
+ * This class prevents script access to certain sensitive classes.
+diff -ur openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoCompiledScript.java openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoCompiledScript.java
+--- openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoCompiledScript.java 2012-02-14 16:12:49.000000000 -0500
++++ openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoCompiledScript.java 2012-02-22 14:10:53.326225216 -0500
+@@ -25,7 +25,7 @@
+
+ package com.sun.script.javascript;
+ import javax.script.*;
+-import sun.org.mozilla.javascript.internal.*;
++import sun.org.mozilla.javascript.*;
+
+ /**
+ * Represents compiled JavaScript code.
+diff -ur openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoScriptEngineFactory.java openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoScriptEngineFactory.java
+--- openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoScriptEngineFactory.java 2012-02-14 16:12:49.000000000 -0500
++++ openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoScriptEngineFactory.java 2012-02-22 14:10:53.326225216 -0500
+@@ -26,7 +26,7 @@
+ package com.sun.script.javascript;
+ import javax.script.*;
+ import java.util.*;
+-import sun.org.mozilla.javascript.internal.*;
++import sun.org.mozilla.javascript.*;
+ import com.sun.script.util.*;
+
+ /**
+diff -ur openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoScriptEngine.java openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoScriptEngine.java
+--- openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoScriptEngine.java 2012-02-14 16:12:49.000000000 -0500
++++ openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoScriptEngine.java 2012-02-22 14:10:53.327225198 -0500
+@@ -26,7 +26,7 @@
+ package com.sun.script.javascript;
+ import com.sun.script.util.*;
+ import javax.script.*;
+-import sun.org.mozilla.javascript.internal.*;
++import sun.org.mozilla.javascript.*;
+ import java.lang.reflect.Method;
+ import java.io.*;
+ import java.security.*;
+diff -ur openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoTopLevel.java openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoTopLevel.java
+--- openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoTopLevel.java 2012-02-14 16:12:49.000000000 -0500
++++ openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoTopLevel.java 2012-02-22 14:10:53.327225198 -0500
+@@ -25,7 +25,7 @@
+
+ package com.sun.script.javascript;
+
+-import sun.org.mozilla.javascript.internal.*;
++import sun.org.mozilla.javascript.*;
+ import javax.script.*;
+ import java.security.AccessControlContext;
+
+diff -ur openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoWrapFactory.java openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoWrapFactory.java
+--- openjdk.orig/jdk/src/share/classes/com/sun/script/javascript/RhinoWrapFactory.java 2012-02-14 16:12:49.000000000 -0500
++++ openjdk/jdk/src/share/classes/com/sun/script/javascript/RhinoWrapFactory.java 2012-02-22 14:10:53.327225198 -0500
+@@ -27,7 +27,7 @@
+
+ import java.lang.reflect.*;
+ import static sun.security.util.SecurityConstants.*;
+-import sun.org.mozilla.javascript.internal.*;
++import sun.org.mozilla.javascript.*;
+
+ /**
+ * This wrap factory is used for security reasons. JSR 223 script
diff --git a/SPECS/java-1.7.0-openjdk.spec b/SPECS/java-1.7.0-openjdk.spec
new file mode 100644
index 0000000..9cf4d13
--- /dev/null
+++ b/SPECS/java-1.7.0-openjdk.spec
@@ -0,0 +1,2212 @@
+# If debug is 1, OpenJDK is built with all debug info present.
+%global debug 0
+
+# we remove the build id notes explicitly to avoid generating (potentially
+# conflicting) files in the -debuginfo package
+%undefine _missing_build_ids_terminate_build
+
+%global icedtea_version 2.6.12
+%global hg_tag icedtea-{icedtea_version}
+
+%global aarch64 aarch64 arm64 armv8
+#sometimes we need to distinguish big and little endian PPC64
+%global ppc64le ppc64le
+%global ppc64be ppc64 ppc64p7
+%global multilib_arches %{power64} sparc64 x86_64
+%global jit_arches %{ix86} x86_64 sparcv9 sparc64 %{ppc64be} %{ppc64le} %{aarch64}
+
+# With disabled nss is NSS deactivated, so in NSS_LIBDIR can be wrong path
+# the initialisation must be here. LAter the pkg-connfig have bugy behaviour
+#looks liekopenjdk RPM specific bug
+# Always set this so the nss.cfg file is not broken
+%global NSS_LIBDIR %(pkg-config --variable=libdir nss)
+%global NSS_LIBS %(pkg-config --libs nss)
+%global NSS_CFLAGS %(pkg-config --cflags nss-softokn)
+# see https://bugzilla.redhat.com/show_bug.cgi?id=1332456
+%global NSSSOFTOKN_BUILDTIME_NUMBER %(pkg-config --modversion nss-softokn || : )
+%global NSS_BUILDTIME_NUMBER %(pkg-config --modversion nss || : )
+#this is worakround for processing of requires during srpm creation
+%global NSSSOFTOKN_BUILDTIME_VERSION %(if [ "x%{NSSSOFTOKN_BUILDTIME_NUMBER}" == "x" ] ; then echo "" ;else echo ">= %{NSSSOFTOKN_BUILDTIME_NUMBER}" ;fi)
+%global NSS_BUILDTIME_VERSION %(if [ "x%{NSS_BUILDTIME_NUMBER}" == "x" ] ; then echo "" ;else echo ">= %{NSS_BUILDTIME_NUMBER}" ;fi)
+
+# In some cases, the arch used by the JDK does
+# not match _arch.
+# Also, in some cases, the machine name used by SystemTap
+# does not match that given by _build_cpu
+%ifarch x86_64
+%global archbuild amd64
+%global archinstall amd64
+%global stapinstall x86_64
+%endif
+%ifarch ppc
+%global archbuild ppc
+%global archinstall ppc
+%global archdef PPC
+%global stapinstall powerpc
+%endif
+%ifarch %{ppc64be}
+%global archbuild ppc64
+%global archinstall ppc64
+%global archdef PPC
+%global stapinstall powerpc
+%endif
+%ifarch %{ppc64le}
+%global archbuild ppc64le
+%global archinstall ppc64le
+%global archdef PPC64
+%global stapinstall powerpc
+%endif
+%ifarch %{ix86}
+%global archbuild i586
+%global archinstall i386
+%global stapinstall i386
+%endif
+%ifarch ia64
+%global archbuild ia64
+%global archinstall ia64
+%global stapinstall ia64
+%endif
+%ifarch s390
+%global archbuild s390
+%global archinstall s390
+%global archdef S390
+%global stapinstall s390
+%endif
+%ifarch s390x
+%global archbuild s390x
+%global archinstall s390x
+%global archdef S390
+%global stapinstall s390
+%endif
+%ifarch %{arm}
+%global archbuild arm
+%global archinstall arm
+%global archdef ARM
+%global stapinstall arm
+%endif
+%ifarch %{aarch64}
+%global archbuild aarch64
+%global archinstall aarch64
+%global archdef AARCH64
+%global stapinstall arm64
+%endif
+# 32 bit sparc, optimized for v9
+%ifarch sparcv9
+%global archbuild sparc
+%global archinstall sparc
+%global stapinstall %{_build_cpu}
+%endif
+# 64 bit sparc
+%ifarch sparc64
+%global archbuild sparcv9
+%global archinstall sparcv9
+%global stapinstall %{_build_cpu}
+%endif
+%ifnarch %{jit_arches}
+%global archbuild %{_arch}
+%global archinstall %{_arch}
+%endif
+
+%if %{debug}
+%global debugbuild debug_build
+%else
+%global debugbuild %{nil}
+%endif
+
+# If hsbootstrap is 1, build HotSpot alone first and use that in the bootstrap JDK
+# You can turn this on to avoid issues where HotSpot is broken in the bootstrap JDK
+%ifarch %{jit_arches}
+%global hsbootstrap 0
+%else
+%global hsbootstrap 0
+%endif
+
+%if %{debug}
+%global buildoutputdir openjdk/build/linux-%{archbuild}-debug
+%else
+%global buildoutputdir openjdk/build/linux-%{archbuild}
+%endif
+
+%global with_pulseaudio 1
+
+%ifarch %{jit_arches}
+%global with_systemtap 1
+%else
+%global with_systemtap 0
+%endif
+
+# Convert an absolute path to a relative path. Each symbolic link is
+# specified relative to the directory in which it is installed so that
+# it will resolve properly within chrooted installations.
+%global script 'use File::Spec; print File::Spec->abs2rel($ARGV[0], $ARGV[1])'
+%global abs2rel %{__perl} -e %{script}
+
+# Hard-code libdir on 64-bit architectures to make the 64-bit JDK
+# simply be another alternative.
+%global LIBDIR %{_libdir}
+#backuped original one
+%ifarch %{multilib_arches}
+%global syslibdir %{_prefix}/lib64
+%global _libdir %{_prefix}/lib
+%else
+%global syslibdir %{_libdir}
+%endif
+
+# Standard JPackage naming and versioning defines.
+%global origin openjdk
+%global updatever 161
+%global buildver 00
+# Keep priority on 7digits in case updatever>9
+%global priority 1700%{updatever}
+%global javaver 1.7.0
+
+%global sdkdir %{uniquesuffix}
+%global jrelnk jre-%{javaver}-%{origin}-%{version}-%{release}.%{_arch}
+
+%global jredir %{sdkdir}/jre
+%global sdkbindir %{_jvmdir}/%{sdkdir}/bin
+%global jrebindir %{_jvmdir}/%{jredir}/bin
+%global jvmjardir %{_jvmjardir}/%{uniquesuffix}
+
+%global rpm_state_dir %{_localstatedir}/lib/rpm-state/
+
+%global fullversion %{name}-%{version}-%{release}
+
+%global uniquesuffix %{fullversion}.%{_arch}
+#we can copy the javadoc to not arched dir, or made it not noarch
+%global uniquejavadocdir %{fullversion}
+
+%ifarch %{jit_arches}
+# Where to install systemtap tapset (links)
+# We would like these to be in a package specific subdir,
+# but currently systemtap doesn't support that, so we have to
+# use the root tapset dir for now. To distinquish between 64
+# and 32 bit architectures we place the tapsets under the arch
+# specific dir (note that systemtap will only pickup the tapset
+# for the primary arch for now). Systemtap uses the machine name
+# aka build_cpu as architecture specific directory name.
+%global tapsetroot /usr/share/systemtap
+%global tapsetdir %{tapsetroot}/tapset/%{stapinstall}
+%endif
+
+# Prevent brp-java-repack-jars from being run.
+%global __jar_repack 0
+
+Name: java-%{javaver}-%{origin}
+Version: %{javaver}.%{updatever}
+Release: %{icedtea_version}.0%{?dist}
+# java-1.5.0-ibm from jpackage.org set Epoch to 1 for unknown reasons,
+# and this change was brought into RHEL-4. java-1.5.0-ibm packages
+# also included the epoch in their virtual provides. This created a
+# situation where in-the-wild java-1.5.0-ibm packages provided "java =
+# 1:1.5.0". In RPM terms, "1.6.0 < 1:1.5.0" since 1.6.0 is
+# interpreted as 0:1.6.0. So the "java >= 1.6.0" requirement would be
+# satisfied by the 1:1.5.0 packages. Thus we need to set the epoch in
+# JDK package >= 1.6.0 to 1, and packages referring to JDK virtual
+# provides >= 1.6.0 must specify the epoch, "java >= 1:1.6.0".
+Epoch: 1
+Summary: OpenJDK Runtime Environment
+Group: Development/Languages
+
+License: ASL 1.1 and ASL 2.0 and GPL+ and GPLv2 and GPLv2 with exceptions and LGPL+ and LGPLv2 and MPLv1.0 and MPLv1.1 and Public Domain and W3C
+URL: http://openjdk.java.net/
+
+# Source from upstream IcedTea 2.x project. To regenerate, use
+# VERSION=icedtea-${icedtea_version} FILE_NAME_ROOT=openjdk-${VERSION}
+# REPO_ROOT=<path to checked-out repository> generate_source_tarball.sh
+Source0: openjdk-icedtea-%{icedtea_version}.tar.xz
+
+# README file
+# This source is under maintainer's/java-team's control
+Source2: README.src
+
+# Sources 6-12 are taken from hg clone http://icedtea.classpath.org/hg/icedtea7
+# Unless said differently, there is directory with required sources which should be enough to pack/rename
+
+# Class rewrite to rewrite rhino hierarchy
+Source5: class-rewriter.tar.gz
+
+# Systemtap tapsets. Zipped up to keep it small.
+# last update from IcedTea 2.6.10
+Source6: systemtap-tapset-2.6.12.tar.xz
+
+# .desktop files.
+Source7: policytool.desktop
+Source77: jconsole.desktop
+
+# nss configuration file
+Source8: nss.cfg
+
+# FIXME: Taken from IcedTea snapshot 877ad5f00f69, but needs to be moved out
+# hg clone -r 877ad5f00f69 http://icedtea.classpath.org/hg/icedtea7
+Source9: pulseaudio.tar.gz
+
+# Removed libraries that we link instead
+Source10: remove-intree-libraries.sh
+
+#http://icedtea.classpath.org/hg/icedtea7/file/933d082ec889/fsg.sh
+# file to clean tarball, should be ketp updated as possible
+Source1111: fsg.sh
+
+# Remove build ids from binaries
+Source11: remove-buildids.sh
+
+# Ensure we aren't using the limited crypto policy
+Source12: TestCryptoLevel.java
+
+Source13: java-abrt-launcher
+
+Source20: repackReproduciblePolycies.sh
+
+# RPM/distribution specific patches
+
+# Allow TCK to pass with access bridge wired in
+Patch1: java-1.7.0-openjdk-java-access-bridge-tck.patch
+
+# Disable access to access-bridge packages by untrusted apps
+Patch3: java-1.7.0-openjdk-java-access-bridge-security.patch
+
+# Ignore AWTError when assistive technologies are loaded
+Patch4: java-1.7.0-openjdk-accessible-toolkit.patch
+
+# Build docs even in debug
+Patch5: java-1.7.0-openjdk-debugdocs.patch
+
+# Add debuginfo where missing
+Patch6: %{name}-debuginfo.patch
+
+#
+# OpenJDK specific patches
+#
+
+# Add rhino support
+Patch100: rhino.patch
+
+Patch106: %{name}-freetype-check-fix.patch
+
+# allow to create hs_pid.log in tmp (in 700 permissions) if working directory is unwritable
+Patch200: abrt_friendly_hs_log_jdk7.patch
+
+#
+# Optional component packages
+#
+
+# Make the ALSA based mixer the default when building with the pulseaudio based
+# mixer
+Patch300: pulse-soundproperties.patch
+
+# Make the curves reported by Java's SSL implementation match those of NSS
+Patch400: rh1022017.patch
+
+# Temporary patches
+
+# PR2809: Backport "8076221: Disable RC4 cipher suites" (will appear in 2.7.0)
+Patch500: pr2809.patch
+# PR3393, RH1273760: Support using RSAandMGF1 with the SHA hash algorithms in the PKCS11 provider (will appear in 2.7.0)
+Patch501: pr3393-rh1273760.patch
+# PR3497: AArch64: Adapt to 8002074: Support for AES on SPARC
+Patch502: pr3497.patch
+
+# End of tmp patches
+
+BuildRequires: autoconf
+BuildRequires: automake
+BuildRequires: gcc-c++
+BuildRequires: alsa-lib-devel
+BuildRequires: cups-devel
+BuildRequires: desktop-file-utils
+BuildRequires: giflib-devel
+# LCMS 2 is disabled until security issues are resolved
+#BuildRequires: lcms2-devel >= 2.5
+BuildRequires: libX11-devel
+BuildRequires: libXi-devel
+BuildRequires: libXp-devel
+BuildRequires: libXt-devel
+BuildRequires: libXtst-devel
+BuildRequires: libjpeg-devel
+BuildRequires: libpng-devel
+BuildRequires: wget
+BuildRequires: xorg-x11-proto-devel
+BuildRequires: ant
+BuildRequires: libXinerama-devel
+# Provides lsb_release for generating distro id in jdk_generic_profile.sh
+BuildRequires: redhat-lsb-core
+BuildRequires: rhino
+BuildRequires: zip
+BuildRequires: fontconfig
+BuildRequires: xorg-x11-fonts-Type1
+BuildRequires: zlib > 1.2.3-6
+# Require a build JDK which has a working jar uf (PR1437 / RH1207129)
+BuildRequires: java-1.7.0-openjdk-devel >= 1.7.0.111-2.6.7.2
+BuildRequires: fontconfig
+BuildRequires: at-spi-devel
+BuildRequires: gawk
+BuildRequires: pkgconfig >= 0.9.0
+BuildRequires: xorg-x11-utils
+# Requirements for setting up the nss.cfg
+BuildRequires: nss-devel
+# Required for NIO2
+BuildRequires: libattr-devel
+# Build requirements for SunEC system NSS support
+BuildRequires: nss-softokn-freebl-devel >= 3.16.1
+# Required for smartcard support
+BuildRequires: pcsc-lite-devel
+# Required for SCTP support
+BuildRequires: lksctp-tools-devel
+# Required for fallback native proxy support
+BuildRequires: GConf2-devel
+# PulseAudio build requirements.
+%if %{with_pulseaudio}
+BuildRequires: pulseaudio-libs-devel >= 0.9.11
+%endif
+# Zero-assembler build requirement.
+%ifnarch %{jit_arches}
+BuildRequires: libffi-devel >= 3.0.10
+%endif
+
+# cacerts build requirement.
+BuildRequires: openssl
+# execstack build requirement.
+# no prelink on ARM yet
+%ifnarch %{arm} %{aarch64} %{ppc64le}
+BuildRequires: prelink
+%endif
+%ifarch %{jit_arches}
+#systemtap build requirement.
+BuildRequires: systemtap-sdt-devel
+%endif
+
+Requires: fontconfig
+Requires: xorg-x11-fonts-Type1
+#requires rest of java
+Requires: %{name}-headless = %{epoch}:%{version}-%{release}
+OrderWithRequires: %{name}-headless = %{epoch}:%{version}-%{release}
+
+
+# Standard JPackage base provides.
+Provides: jre-%{javaver}-%{origin} = %{epoch}:%{version}-%{release}
+Provides: jre-%{origin} = %{epoch}:%{version}-%{release}
+Provides: jre-%{javaver} = %{epoch}:%{version}-%{release}
+Provides: java-%{javaver} = %{epoch}:%{version}-%{release}
+Provides: jre = %{javaver}
+Provides: java-%{origin} = %{epoch}:%{version}-%{release}
+Provides: java = %{epoch}:%{javaver}
+# Standard JPackage extensions provides.
+Provides: java-fonts = %{epoch}:%{version}
+
+# Obsolete older 1.6 packages as it cannot use the new bytecode
+# Obsoletes: java-1.6.0-openjdk
+# Obsoletes: java-1.6.0-openjdk-demo
+# Obsoletes: java-1.6.0-openjdk-devel
+# Obsoletes: java-1.6.0-openjdk-javadoc
+# Obsoletes: java-1.6.0-openjdk-src
+
+%description
+The OpenJDK runtime environment.
+
+%package headless
+Summary: The OpenJDK runtime environment without audio and video support
+Group: Development/Languages
+
+# LCMS 2 is disabled until security issues are resolved
+#Requires: lcms2 >= 2.5
+Requires: libjpeg = 6b
+# Require /etc/pki/java/cacerts.
+Requires: ca-certificates
+# Require jpackage-utils for ant.
+Requires: jpackage-utils >= 1.7.3-1jpp.2
+# Require zoneinfo data provided by tzdata-java subpackage.
+Requires: tzdata-java
+# there is need to depnd on exact version of nss
+Requires: nss %{NSS_BUILDTIME_VERSION}
+Requires: nss-softokn %{NSSSOFTOKN_BUILDTIME_VERSION}
+# tool to copy jdk's configs - should be Recommends only, but then only dnf/yum eforce it, not rpm transaction and so no configs are persisted when pure rpm -u is run. I t may be consiedered as regression
+Requires: copy-jdk-configs >= 2.2
+OrderWithRequires: copy-jdk-configs
+# Post requires alternatives to install tool alternatives.
+Requires(post): %{_sbindir}/alternatives
+# in version 1.7 and higher for --family switch
+Requires(post): chkconfig >= 1.7
+# Postun requires alternatives to uninstall tool alternatives.
+Requires(postun): %{_sbindir}/alternatives
+# in version 1.7 and higher for --family switch
+Requires(postun): chkconfig >= 1.7
+
+Provides: jre-%{javaver}-%{origin}-headless = %{epoch}:%{version}-%{release}
+Provides: jre-%{origin}-headless = %{epoch}:%{version}-%{release}
+Provides: jre-%{javaver}-headless = %{epoch}:%{version}-%{release}
+Provides: java-%{javaver}-headless = %{epoch}:%{version}-%{release}
+Provides: jre-headless = %{epoch}:%{javaver}
+Provides: java-%{origin}-headless = %{epoch}:%{version}-%{release}
+Provides: java-headless = %{epoch}:%{javaver}
+# Standard JPackage extensions provides.
+Provides: jndi = %{epoch}:%{version}
+Provides: jndi-ldap = %{epoch}:%{version}
+Provides: jndi-cos = %{epoch}:%{version}
+Provides: jndi-rmi = %{epoch}:%{version}
+Provides: jndi-dns = %{epoch}:%{version}
+Provides: jaas = %{epoch}:%{version}
+Provides: jsse = %{epoch}:%{version}
+Provides: jce = %{epoch}:%{version}
+Provides: jdbc-stdext = 4.1
+Provides: java-sasl = %{epoch}:%{version}
+
+%description headless
+The OpenJDK runtime environment without audio and video
+
+%package devel
+Summary: OpenJDK Development Environment
+Group: Development/Tools
+
+# Require base package.
+Requires: %{name} = %{epoch}:%{version}-%{release}
+OrderWithRequires: %{name}-headless = %{epoch}:%{version}-%{release}
+# Post requires alternatives to install tool alternatives.
+Requires(post): %{_sbindir}/alternatives
+# in version 1.7 and higher for --family switch
+Requires(post): chkconfig >= 1.7
+# Postun requires alternatives to uninstall tool alternatives.
+Requires(postun): %{_sbindir}/alternatives
+# in version 1.7 and higher for --family switch
+Requires(postun): chkconfig >= 1.7
+
+# Standard JPackage devel provides.
+Provides: java-sdk-%{javaver}-%{origin} = %{epoch}:%{version}
+Provides: java-sdk-%{javaver} = %{epoch}:%{version}
+Provides: java-sdk-%{origin} = %{epoch}:%{version}
+Provides: java-sdk = %{epoch}:%{javaver}
+Provides: java-%{javaver}-devel = %{epoch}:%{version}
+Provides: java-devel-%{origin} = %{epoch}:%{version}
+Provides: java-devel = %{epoch}:%{javaver}
+
+
+%description devel
+The OpenJDK development tools.
+
+%package demo
+Summary: OpenJDK Demos
+Group: Development/Languages
+
+Requires: %{name} = %{epoch}:%{version}-%{release}
+OrderWithRequires: %{name}-headless = %{epoch}:%{version}-%{release}
+
+%description demo
+The OpenJDK demos.
+
+%package src
+Summary: OpenJDK Source Bundle
+Group: Development/Languages
+
+Requires: %{name} = %{epoch}:%{version}-%{release}
+
+%description src
+The OpenJDK source bundle.
+
+%package javadoc
+Summary: OpenJDK API Documentation
+Group: Documentation
+Requires: jpackage-utils
+BuildArch: noarch
+
+OrderWithRequires: %{name}-headless = %{epoch}:%{version}-%{release}
+# Post requires alternatives to install javadoc alternative.
+Requires(post): %{_sbindir}/alternatives
+# in version 1.7 and higher for --family switch
+Requires(post): chkconfig >= 1.7
+# Postun requires alternatives to uninstall javadoc alternative.
+Requires(postun): %{_sbindir}/alternatives
+# in version 1.7 and higher for --family switch
+Requires(postun): chkconfig >= 1.7
+
+# Standard JPackage javadoc provides.
+Provides: java-javadoc = %{epoch}:%{version}-%{release}
+Provides: java-%{javaver}-javadoc = %{epoch}:%{version}-%{release}
+
+%description javadoc
+The OpenJDK API documentation.
+
+%package accessibility
+Summary: OpenJDK accessibility connector
+Requires: java-atk-wrapper
+Requires: %{name} = %{epoch}:%{version}-%{release}
+OrderWithRequires: %{name}-headless = %{epoch}:%{version}-%{release}
+
+%description accessibility
+Enables accessibility support in OpenJDK by using java-at-wrapper. This allows compatible at-spi2 based accessibility programs to work for AWT and Swing-based programs.
+Please note, the java-atk-wrapper is still in beta, and also OpenJDK itself is still in phase of tuning to be working with accessibility features.
+Although working pretty fine, there are known issues with accessibility on, so do not rather install this package unless you really need.
+
+%prep
+%setup -q -c -n %{uniquesuffix} -T -a 0
+# https://bugzilla.redhat.com/show_bug.cgi?id=1189084
+prioritylength=`expr length %{priority}`
+if [ $prioritylength -ne 7 ] ; then
+ echo "priority must be 7 digits in total, violated"
+ exit 14
+fi
+cp %{SOURCE2} .
+
+# OpenJDK patches
+%patch100
+
+# pulseaudio support
+%if %{with_pulseaudio}
+%patch300
+%endif
+
+# Temporary fixes
+%patch500
+%patch501
+%patch502
+# End of temporary fixes
+
+# ECC fix
+%patch400
+
+# Add systemtap patches if enabled
+%if %{with_systemtap}
+%endif
+
+# Remove libraries that are linked
+sh %{SOURCE10}
+
+# Extract the rewriter (to rewrite rhino classes)
+tar xzf %{SOURCE5}
+
+# Extract systemtap tapsets
+%if %{with_systemtap}
+
+tar xf %{SOURCE6}
+
+for file in tapset/*.in; do
+
+ OUTPUT_FILE=`echo $file | sed -e s:%{javaver}\.stp\.in$:%{version}-%{release}.stp:g`
+ sed -e s:@ABS_SERVER_LIBJVM_SO@:%{_jvmdir}/%{sdkdir}/jre/lib/%{archinstall}/server/libjvm.so:g $file > $file.1
+# FIXME this should really be %if %{has_client_jvm}
+%ifarch %{ix86}
+ sed -e s:@ABS_CLIENT_LIBJVM_SO@:%{_jvmdir}/%{sdkdir}/jre/lib/%{archinstall}/client/libjvm.so:g $file.1 > $OUTPUT_FILE
+%else
+ sed -e '/@ABS_CLIENT_LIBJVM_SO@/d' $file.1 > $OUTPUT_FILE
+%endif
+ sed -i -e s:@INSTALL_ARCH_DIR@:%{archinstall}:g $OUTPUT_FILE
+ sed -i -e s:@prefix@:%{_jvmdir}/%{sdkdir $suffix}/:g $OUTPUT_FILE
+
+done
+
+%endif
+
+# Pulseaudio
+%if %{with_pulseaudio}
+tar xzf %{SOURCE9}
+%endif
+
+
+%patch3
+%patch4
+
+%if %{debug}
+%patch5
+%patch6
+%endif
+
+%patch106
+%patch200
+
+%build
+# How many cpu's do we have?
+export NUM_PROC=`/usr/bin/getconf _NPROCESSORS_ONLN 2> /dev/null || :`
+export NUM_PROC=${NUM_PROC:-1}
+
+# Build IcedTea and OpenJDK.
+%ifarch s390x sparc64 alpha %{power64} %{aarch64}
+export ARCH_DATA_MODEL=64
+%endif
+%ifarch alpha
+export CFLAGS="$CFLAGS -mieee"
+%endif
+
+CFLAGS="$CFLAGS -fstack-protector-strong"
+export CFLAGS
+
+# Build the re-written rhino jar
+mkdir -p rhino/{old,new}
+
+# Compile the rewriter
+(cd rewriter
+ javac com/redhat/rewriter/ClassRewriter.java
+)
+
+# Extract rhino.jar contents and rewrite
+(cd rhino/old
+ jar xf /usr/share/java/rhino.jar
+)
+
+java -cp rewriter com.redhat.rewriter.ClassRewriter \
+ $PWD/rhino/old \
+ $PWD/rhino/new \
+ org.mozilla \
+ sun.org.mozilla
+
+(cd rhino/old
+ for file in `find -type f -not -name '*.class'` ; do
+ new_file=../new/`echo $file | sed -e 's#org#sun/org#'`
+ mkdir -pv `dirname $new_file`
+ cp -v $file $new_file
+ sed -ie 's#org\.mozilla#sun.org.mozilla#g' $new_file
+ done
+)
+
+(cd rhino/new
+ jar cfm ../rhino.jar META-INF/MANIFEST.MF sun
+)
+
+export SYSTEM_JDK_DIR=/usr/lib/jvm/java-1.7.0-openjdk
+
+# Temporary workaround for ppc64le ; RH1191652
+# Need to work around the jre arch directory being
+# ppc64 instead of the expected ppc64le
+# Taken from IcedTea7 bootstrap-directory-stage1 & PR1765
+%ifarch %{ppc64le}
+STAGE1_BOOT_RUNTIME=jdk/jre/lib/rt.jar
+mkdir -p jdk/bin
+ln -sfv ${SYSTEM_JDK_DIR}/bin/java jdk/bin/java
+ln -sfv ${SYSTEM_JDK_DIR}/bin/javah jdk/bin/javah
+ln -sfv ${SYSTEM_JDK_DIR}/bin/rmic jdk/bin/rmic
+ln -sfv ${SYSTEM_JDK_DIR}/bin/jar jdk/bin/jar
+ln -sfv ${SYSTEM_JDK_DIR}/bin/native2ascii jdk/bin/native2ascii
+ln -sfv ${SYSTEM_JDK_DIR}/bin/javac jdk/bin/javac
+ln -sfv ${SYSTEM_JDK_DIR}/bin/javap jdk/bin/javap
+ln -sfv ${SYSTEM_JDK_DIR}/bin/idlj jdk/bin/idlj
+mkdir -p jdk/lib/modules
+mkdir -p jdk/jre/lib && \
+cp ${SYSTEM_JDK_DIR}/jre/lib/rt.jar ${STAGE1_BOOT_RUNTIME} && \
+chmod u+w ${STAGE1_BOOT_RUNTIME}
+mkdir -p jdk/lib && \
+ln -sfv ${SYSTEM_JDK_DIR}/lib/tools.jar jdk/lib/tools.jar ; \
+# Workaround some older ppc64le builds installing to 'ppc64' rather than 'ppc64le'
+if test -d ${SYSTEM_JDK_DIR}/jre/lib/ppc64 ; then \
+ ln -sfv ${SYSTEM_JDK_DIR}/jre/lib/ppc64 \
+ jdk/jre/lib/%{archinstall} ; \
+else \
+ ln -sfv ${SYSTEM_JDK_DIR}/jre/lib/%{archinstall} \
+ jdk/jre/lib/ ; \
+fi
+if ! test -d jdk/jre/lib/%{archinstall}; \
+ then \
+ ln -sfv ./%{archbuild} \
+ jdk/jre/lib/%{archinstall}; \
+fi
+mkdir -p jdk/include && \
+for i in ${SYSTEM_JDK_DIR}/include/*; do \
+ test -r ${i} | continue; \
+ i=`basename ${i}`; \
+ rm -f jdk/include/${i}; \
+ ln -sv ${SYSTEM_JDK_DIR}/include/${i} jdk/include/${i}; \
+done;
+export JDK_TO_BUILD_WITH=${PWD}/jdk
+%else
+export JDK_TO_BUILD_WITH=${SYSTEM_JDK_DIR}
+%endif
+
+
+pushd openjdk >& /dev/null
+
+export ALT_BOOTDIR="$JDK_TO_BUILD_WITH"
+
+# Save old umask as jdk_generic_profile overwrites it
+oldumask=`umask`
+
+# Set generic profile
+%ifnarch %{jit_arches}
+export ZERO_BUILD=true
+%endif
+# LCMS 2 is disabled until security issues are resolved
+export LCMS_CFLAGS="disabled"
+export LCMS_LIBS="disabled"
+export PKGVERSION="rhel-%{release}-%{_arch} u%{updatever}-b%{buildver}"
+
+source jdk/make/jdk_generic_profile.sh
+
+# Restore old umask
+umask $oldumask
+
+# LCMS 2 is disabled until security issues are resolved
+export SYSTEM_LCMS=false
+
+%if %{hsbootstrap}
+
+mkdir bootstrap
+
+make \
+ UNLIMITED_CRYPTO=true \
+ ANT="/usr/bin/ant" \
+ DISTRO_NAME="Red Hat Enterprise Linux 7" \
+ DISTRO_PACKAGE_VERSION="${PKGVERSION}" \
+ JDK_UPDATE_VERSION=`printf "%02d" %{updatever}` \
+ JDK_BUILD_NUMBER=b`printf "%02d" %{buildver}` \
+ JRE_RELEASE_VERSION=%{javaver}_`printf "%02d" %{updatever}`-b`printf "%02d" %{buildver}` \
+ MILESTONE="fcs" \
+ ALT_PARALLEL_COMPILE_JOBS="$NUM_PROC" \
+ HOTSPOT_BUILD_JOBS="$NUM_PROC" \
+ STATIC_CXX="false" \
+ RHINO_JAR="$PWD/../rhino/rhino.jar" \
+ GENSRCDIR="$PWD/generated.build" \
+ FT2_CFLAGS="`pkg-config --cflags freetype2` " \
+ FT2_LIBS="`pkg-config --libs freetype2` " \
+ DEBUG_CLASSFILES="true" \
+ DEBUG_BINARIES="true" \
+ STRIP_POLICY="no_strip" \
+ JAVAC_WARNINGS_FATAL="false" \
+ INSTALL_LOCATION=%{_jvmdir}/%{sdkdir} \
+ SYSTEM_NSS="true" \
+ NSS_LIBS="%{NSS_LIBS} -lfreebl" \
+ NSS_CFLAGS="%{NSS_CFLAGS}" \
+ ECC_JUST_SUITE_B="true" \
+ SYSTEM_GSETTINGS="true" \
+ BUILD_JAXP=false BUILD_JAXWS=false BUILD_LANGTOOLS=false BUILD_JDK=false BUILD_CORBA=false \
+ ALT_JDK_IMPORT_PATH=${JDK_TO_BUILD_WITH} ALT_OUTPUTDIR=${PWD}/bootstrap \
+ %{debugbuild}
+
+export VM_DIR=bootstrap-vm/jre/lib/%{archinstall}/server
+cp -dR $(readlink -e ${SYSTEM_JDK_DIR}) bootstrap-vm
+rm -vf ${VM_DIR}/libjvm.so
+if [ ! -e ${VM_DIR} ] ; then mkdir -p ${VM_DIR}; fi
+cp -av bootstrap/hotspot/import/jre/lib/%{archinstall}/server/libjvm.so ${VM_DIR}
+
+export ALT_BOOTDIR=${PWD}/bootstrap-vm
+
+%endif
+
+# ENABLE_FULL_DEBUG_SYMBOLS=0 is the internal HotSpot option
+# to turn off the stripping of debuginfo. FULL_DEBUG_SYMBOLS
+# does the same for product builds, but is ignored on non-product builds.
+make \
+ UNLIMITED_CRYPTO=true \
+ ANT="/usr/bin/ant" \
+ DISTRO_NAME="Red Hat Enterprise Linux 7" \
+ DISTRO_PACKAGE_VERSION="${PKGVERSION}" \
+ JDK_UPDATE_VERSION=`printf "%02d" %{updatever}` \
+ JDK_BUILD_NUMBER=b`printf "%02d" %{buildver}` \
+ JRE_RELEASE_VERSION=%{javaver}_`printf "%02d" %{updatever}`-b`printf "%02d" %{buildver}` \
+ MILESTONE="fcs" \
+ ALT_PARALLEL_COMPILE_JOBS="$NUM_PROC" \
+ HOTSPOT_BUILD_JOBS="$NUM_PROC" \
+ STATIC_CXX="false" \
+ RHINO_JAR="$PWD/../rhino/rhino.jar" \
+ GENSRCDIR="$PWD/generated.build" \
+ FT2_CFLAGS="`pkg-config --cflags freetype2` " \
+ FT2_LIBS="`pkg-config --libs freetype2` " \
+ DEBUG_CLASSFILES="true" \
+ DEBUG_BINARIES="true" \
+ STRIP_POLICY="no_strip" \
+ JAVAC_WARNINGS_FATAL="false" \
+ INSTALL_LOCATION=%{_jvmdir}/%{sdkdir} \
+ SYSTEM_NSS="true" \
+ NSS_LIBS="%{NSS_LIBS} -lfreebl" \
+ NSS_CFLAGS="%{NSS_CFLAGS}" \
+ ECC_JUST_SUITE_B="true" \
+ SYSTEM_GSETTINGS="true" \
+ %{debugbuild}
+
+popd >& /dev/null
+
+export JAVA_HOME=$(pwd)/%{buildoutputdir}/j2sdk-image
+
+# Install java-abrt-launcher
+mkdir $JAVA_HOME/jre-abrt
+mkdir $JAVA_HOME/jre-abrt/bin
+mv $JAVA_HOME/jre/bin/java $JAVA_HOME/jre-abrt/bin/java
+ln -s %{_jvmdir}/%{sdkdir}/jre/lib $JAVA_HOME/jre-abrt/lib
+cat %{SOURCE13} | sed -e s:@JAVA_PATH@:%{_jvmdir}/%{sdkdir}/jre-abrt/bin/java:g -e s:@LIB_DIR@:%{LIBDIR}/libabrt-java-connector.so:g > $JAVA_HOME/jre/bin/java
+chmod 755 $JAVA_HOME/jre/bin/java
+
+# Install nss.cfg right away as we will be using the JRE above
+cp -a %{SOURCE8} $JAVA_HOME/jre/lib/security/
+sed -i -e s:@NSS_LIBDIR@:%{NSS_LIBDIR}:g $JAVA_HOME/jre/lib/security/nss.cfg
+
+# Build pulseaudio and install it to JDK build location
+%if %{with_pulseaudio}
+pushd pulseaudio
+make JAVA_HOME=$JAVA_HOME -f Makefile.pulseaudio
+cp -pPRf build/native/libpulse-java.so $JAVA_HOME/jre/lib/%{archinstall}/
+cp -pPRf build/pulse-java.jar $JAVA_HOME/jre/lib/ext/
+popd
+%endif
+
+# Copy tz.properties
+echo "sun.zoneinfo.dir=/usr/share/javazi" >> $JAVA_HOME/jre/lib/tz.properties
+
+#remove all fontconfig files. This change should be usptreamed soon
+rm -f %{buildoutputdir}/j2re-image/lib/fontconfig*.properties.src
+rm -f %{buildoutputdir}/j2re-image/lib/fontconfig*.bfc
+rm -f %{buildoutputdir}/j2sdk-image/jre/lib/fontconfig*.properties.src
+rm -f %{buildoutputdir}/j2sdk-image/jre/lib/fontconfig*.bfc
+rm -f %{buildoutputdir}/lib/fontconfig*.properties.src
+rm -f %{buildoutputdir}/lib/fontconfig*.bfc
+
+# Check unlimited policy has been used
+$JAVA_HOME/bin/javac -d . %{SOURCE12}
+$JAVA_HOME/bin/java TestCryptoLevel
+
+sh %{SOURCE11} ${JAVA_HOME}
+
+%check
+export JAVA_HOME=$(pwd)/%{buildoutputdir $suffix}/j2sdk-image
+
+
+%install
+rm -rf $RPM_BUILD_ROOT
+STRIP_KEEP_SYMTAB=libjvm*
+
+# There used to be a link to the soundfont.
+# This is now obsolete following the inclusion of 8140620/PR2710
+
+pushd %{buildoutputdir}/j2sdk-image
+
+#install jsa directories so we can owe them
+mkdir -p $RPM_BUILD_ROOT%{_jvmdir}/%{jredir}/lib/%{archinstall}/server/
+mkdir -p $RPM_BUILD_ROOT%{_jvmdir}/%{jredir}/lib/%{archinstall}/client/
+
+ # Install main files.
+ install -d -m 755 $RPM_BUILD_ROOT%{_jvmdir}/%{sdkdir}
+ cp -a jre-abrt bin include lib src.zip $RPM_BUILD_ROOT%{_jvmdir}/%{sdkdir}
+ install -d -m 755 $RPM_BUILD_ROOT%{_jvmdir}/%{jredir}
+ cp -a jre/bin jre/lib $RPM_BUILD_ROOT%{_jvmdir}/%{jredir}
+ cp -a ASSEMBLY_EXCEPTION LICENSE THIRD_PARTY_README $RPM_BUILD_ROOT%{_jvmdir}/%{sdkdir}
+
+%ifarch %{jit_arches}
+ # Install systemtap support files.
+ install -dm 755 $RPM_BUILD_ROOT%{_jvmdir}/%{sdkdir}/tapset
+ cp -a $RPM_BUILD_DIR/%{uniquesuffix}/tapset/*.stp $RPM_BUILD_ROOT%{_jvmdir}/%{sdkdir}/tapset/
+ install -d -m 755 $RPM_BUILD_ROOT%{tapsetdir}
+ pushd $RPM_BUILD_ROOT%{tapsetdir}
+ RELATIVE=$(%{abs2rel} %{_jvmdir}/%{sdkdir}/tapset %{tapsetdir})
+ ln -sf $RELATIVE/*.stp .
+ popd
+%endif
+
+ # Install cacerts symlink.
+ rm -f $RPM_BUILD_ROOT%{_jvmdir}/%{jredir}/lib/security/cacerts
+ pushd $RPM_BUILD_ROOT%{_jvmdir}/%{jredir}/lib/security
+ RELATIVE=$(%{abs2rel} %{_sysconfdir}/pki/java \
+ %{_jvmdir}/%{jredir}/lib/security)
+ ln -sf $RELATIVE/cacerts .
+ popd
+
+ # Install extension symlinks.
+ install -d -m 755 $RPM_BUILD_ROOT%{jvmjardir}
+ pushd $RPM_BUILD_ROOT%{jvmjardir}
+ RELATIVE=$(%{abs2rel} %{_jvmdir}/%{jredir}/lib %{jvmjardir})
+ ln -sf $RELATIVE/jsse.jar jsse-%{version}.jar
+ ln -sf $RELATIVE/jce.jar jce-%{version}.jar
+ ln -sf $RELATIVE/rt.jar jndi-%{version}.jar
+ ln -sf $RELATIVE/rt.jar jndi-ldap-%{version}.jar
+ ln -sf $RELATIVE/rt.jar jndi-cos-%{version}.jar
+ ln -sf $RELATIVE/rt.jar jndi-rmi-%{version}.jar
+ ln -sf $RELATIVE/rt.jar jaas-%{version}.jar
+ ln -sf $RELATIVE/rt.jar jdbc-stdext-%{version}.jar
+ ln -sf jdbc-stdext-%{version}.jar jdbc-stdext-3.0.jar
+ ln -sf $RELATIVE/rt.jar sasl-%{version}.jar
+ for jar in *-%{version}.jar
+ do
+ if [ x%{version} != x%{javaver} ]
+ then
+ ln -sf $jar $(echo $jar | sed "s|-%{version}.jar|-%{javaver}.jar|g")
+ fi
+ ln -sf $jar $(echo $jar | sed "s|-%{version}.jar|.jar|g")
+ done
+ popd
+
+ # Install JCE policy symlinks.
+ install -d -m 755 $RPM_BUILD_ROOT%{_jvmprivdir}/%{uniquesuffix}/jce/vanilla
+
+ # Install versioned symlinks.
+ pushd $RPM_BUILD_ROOT%{_jvmdir}
+ ln -sf %{jredir} %{jrelnk}
+ popd
+
+ pushd $RPM_BUILD_ROOT%{_jvmjardir}
+ ln -sf %{sdkdir} %{jrelnk}
+ popd
+
+ # Remove javaws man page
+ rm -f man/man1/javaws*
+
+ # Install man pages.
+ install -d -m 755 $RPM_BUILD_ROOT%{_mandir}/man1
+ for manpage in man/man1/*
+ do
+ # Convert man pages to UTF8 encoding.
+ iconv -f ISO_8859-1 -t UTF8 $manpage -o $manpage.tmp
+ mv -f $manpage.tmp $manpage
+ install -m 644 -p $manpage $RPM_BUILD_ROOT%{_mandir}/man1/$(basename \
+ $manpage .1)-%{uniquesuffix}.1
+ done
+
+ # Install demos and samples.
+ cp -a demo $RPM_BUILD_ROOT%{_jvmdir}/%{sdkdir}
+ mkdir -p sample/rmi
+ mv bin/java-rmi.cgi sample/rmi
+ cp -a sample $RPM_BUILD_ROOT%{_jvmdir}/%{sdkdir}
+
+popd
+
+
+# Install Javadoc documentation.
+install -d -m 755 $RPM_BUILD_ROOT%{_javadocdir}
+cp -a %{buildoutputdir}/docs $RPM_BUILD_ROOT%{_javadocdir}/%{uniquejavadocdir}
+
+# Install icons and menu entries.
+for s in 16 24 32 48 ; do
+ install -D -p -m 644 \
+ openjdk/jdk/src/solaris/classes/sun/awt/X11/java-icon${s}.png \
+ $RPM_BUILD_ROOT%{_datadir}/icons/hicolor/${s}x${s}/apps/java-%{javaver}.png
+done
+
+# Install desktop files.
+install -d -m 755 $RPM_BUILD_ROOT%{_datadir}/{applications,pixmaps}
+for e in %{SOURCE7} %{SOURCE77} ; do
+ sed -i "s/#ARCH#/%{_arch}-%{release}/g" $e
+ sed -i "s|/usr/bin|%{sdkbindir}/|g" $e
+ desktop-file-install --vendor=%{uniquesuffix} --mode=644 \
+ --dir=$RPM_BUILD_ROOT%{_datadir}/applications $e
+done
+
+# Install /etc/.java/.systemPrefs/ directory
+# See https://bugzilla.redhat.com/show_bug.cgi?id=741821
+mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/.java/.systemPrefs
+
+# Find JRE directories.
+find $RPM_BUILD_ROOT%{_jvmdir}/%{jredir} -type d \
+ | grep -v jre/lib/security \
+ | sed 's|'$RPM_BUILD_ROOT'|%dir |' \
+ > %{name}.files-headless
+# Find JRE files.
+find $RPM_BUILD_ROOT%{_jvmdir}/%{jredir} -type f -o -type l \
+ | grep -v jre/lib/security \
+ | sed 's|'$RPM_BUILD_ROOT'||' \
+ > %{name}.files.all
+#split %{name}.files to %{name}.files-headless and %{name}.files
+#see https://bugzilla.redhat.com/show_bug.cgi?id=875408
+NOT_HEADLESS=\
+"%{_jvmdir}/%{uniquesuffix}/jre/lib/%{archinstall}/libjsoundalsa.so
+%{_jvmdir}/%{uniquesuffix}/jre/lib/%{archinstall}/libpulse-java.so
+%{_jvmdir}/%{uniquesuffix}/jre/lib/%{archinstall}/libsplashscreen.so
+%{_jvmdir}/%{uniquesuffix}/jre/lib/%{archinstall}/libjavagtk.so
+%{_jvmdir}/%{uniquesuffix}/jre/lib/%{archinstall}/xawt/libmawt.so
+%{_jvmdir}/%{uniquesuffix}/jre/bin/policytool
+%{_jvmdir}/%{uniquesuffix}/jre-abrt/lib/%{archinstall}/libjsoundalsa.so
+%{_jvmdir}/%{uniquesuffix}/jre-abrt/lib/%{archinstall}/libpulse-java.so
+%{_jvmdir}/%{uniquesuffix}/jre-abrt/lib/%{archinstall}/libsplashscreen.so
+%{_jvmdir}/%{uniquesuffix}/jre-abrt/lib/%{archinstall}/libjavagtk.so
+%{_jvmdir}/%{uniquesuffix}/jre-abrt/lib/%{archinstall}/xawt/libmawt.so"
+#filter %{name}.files from %{name}.files.all to %{name}.files-headless
+ALL=`cat %{name}.files.all`
+for file in $ALL ; do
+ INLCUDE="NO" ;
+ for blacklist in $NOT_HEADLESS ; do
+#we can not match normally, because rpmbuild will evaluate !0 result as script failure
+ q=`expr match "$file" "$blacklist"` || :
+ l=`expr length "$blacklist"` || :
+ if [ $q -eq $l ]; then
+ INLCUDE="YES" ;
+ fi;
+ done
+ if [ "x$INLCUDE" = "xNO" ]; then
+ echo "$file" >> %{name}.files-headless
+ else
+ echo "$file" >> %{name}.files
+ fi
+done
+# Find demo directories.
+find $RPM_BUILD_ROOT%{_jvmdir}/%{sdkdir}/demo \
+ $RPM_BUILD_ROOT%{_jvmdir}/%{sdkdir}/sample -type d \
+ | sed 's|'$RPM_BUILD_ROOT'|%dir |' \
+ > %{name}-demo.files
+
+# FIXME: remove SONAME entries from demo DSOs. See
+# https://bugzilla.redhat.com/show_bug.cgi?id=436497
+
+# Find non-documentation demo files.
+find $RPM_BUILD_ROOT%{_jvmdir}/%{sdkdir}/demo \
+ $RPM_BUILD_ROOT%{_jvmdir}/%{sdkdir}/sample \
+ -type f -o -type l | sort \
+ | grep -v README \
+ | sed 's|'$RPM_BUILD_ROOT'||' \
+ >> %{name}-demo.files
+# Find documentation demo files.
+find $RPM_BUILD_ROOT%{_jvmdir}/%{sdkdir}/demo \
+ $RPM_BUILD_ROOT%{_jvmdir}/%{sdkdir}/sample \
+ -type f -o -type l | sort \
+ | grep README \
+ | sed 's|'$RPM_BUILD_ROOT'||' \
+ | sed 's|^|%doc |' \
+ >> %{name}-demo.files
+
+# intentionally after the files generation, as it goes to separate package
+# Create links which leads to separately installed java-atk-bridge and allow configuration
+# links points to java-atk-wrapper - an dependence
+ pushd $RPM_BUILD_ROOT/%{_jvmdir}/%{jredir}/lib/%{archinstall}
+ ln -s %{syslibdir}/java-atk-wrapper/libatk-wrapper.so.0 libatk-wrapper.so
+ popd
+ pushd $RPM_BUILD_ROOT/%{_jvmdir}/%{jredir}/lib/ext
+ ln -s %{syslibdir}/java-atk-wrapper/java-atk-wrapper.jar java-atk-wrapper.jar
+ popd
+ pushd $RPM_BUILD_ROOT/%{_jvmdir}/%{jredir}/lib/
+ echo "#Config file to enable java-atk-wrapper" > accessibility.properties
+ echo "" >> accessibility.properties
+ echo "assistive_technologies=org.GNOME.Accessibility.AtkWrapper" >> accessibility.properties
+ echo "" >> accessibility.properties
+ popd
+
+bash %{SOURCE20} $RPM_BUILD_ROOT/%{_jvmdir}/%{jredir} %{javaver}
+# https://bugzilla.redhat.com/show_bug.cgi?id=1183793
+touch -t 201401010000 $RPM_BUILD_ROOT/%{_jvmdir}/%{jredir $suffix}/lib/security/java.security
+
+# intentioanlly only for non-debug
+%pretrans headless -p <lua>
+-- see https://bugzilla.redhat.com/show_bug.cgi?id=1038092 for whole issue
+-- see https://bugzilla.redhat.com/show_bug.cgi?id=1290388 for pretrans over pre
+-- if copy-jdk-configs is in transaction, it installs in pretrans to temp
+-- if copy_jdk_configs is in temp, then it means that copy-jdk-configs is in tranasction and so is
+-- preferred over one in %%{_libexecdir}. If it is not in transaction, then depends
+-- whether copy-jdk-configs is installed or not. If so, then configs are copied
+-- (copy_jdk_configs from %%{_libexecdir} used) or not copied at all
+local posix = require "posix"
+local debug = false
+
+SOURCE1 = "%{rpm_state_dir}/copy_jdk_configs.lua"
+SOURCE2 = "%{_libexecdir}/copy_jdk_configs.lua"
+
+local stat1 = posix.stat(SOURCE1, "type");
+local stat2 = posix.stat(SOURCE2, "type");
+
+ if (stat1 ~= nil) then
+ if (debug) then
+ print(SOURCE1 .." exists - copy-jdk-configs in transaction, using this one.")
+ end;
+ package.path = package.path .. ";" .. SOURCE1
+else
+ if (stat2 ~= nil) then
+ if (debug) then
+ print(SOURCE2 .." exists - copy-jdk-configs alrady installed and NOT in transation. Using.")
+ end;
+ package.path = package.path .. ";" .. SOURCE2
+ else
+ if (debug) then
+ print(SOURCE1 .." does NOT exists")
+ print(SOURCE2 .." does NOT exists")
+ print("No config files will be copied")
+ end
+ return
+ end
+end
+-- run contetn of included file with fake args
+arg = {"--currentjvm", "%{uniquesuffix %{nil}}", "--jvmdir", "%{_jvmdir %{nil}}", "--origname", "%{name}", "--origjavaver", "%{javaver}", "--arch", "%{_arch}", "--temp", "%{rpm_state_dir}/%{name}.%{_arch}"}
+require "copy_jdk_configs.lua"
+
+%post
+update-desktop-database %{_datadir}/applications &> /dev/null || :
+/bin/touch --no-create %{_datadir}/icons/hicolor &>/dev/null || :
+exit 0
+
+
+%post headless
+%ifarch %{jit_arches}
+# MetaspaceShared::generate_vtable_methods not implemented for PPC JIT
+%ifnarch %{power64}
+#see https://bugzilla.redhat.com/show_bug.cgi?id=513605
+%{jrebindir}/java -Xshare:dump >/dev/null 2>/dev/null
+%endif
+%endif
+
+ext=.gz
+alternatives \
+ --install %{_bindir}/java java %{jrebindir}/java %{priority} --family %{name}.%{_arch} \
+ --slave %{_jvmdir}/jre jre %{_jvmdir}/%{jredir} \
+ --slave %{_jvmjardir}/jre jre_exports %{jvmjardir} \
+ --slave %{_bindir}/keytool keytool %{jrebindir}/keytool \
+ --slave %{_bindir}/orbd orbd %{jrebindir}/orbd \
+ --slave %{_bindir}/pack200 pack200 %{jrebindir}/pack200 \
+ --slave %{_bindir}/rmid rmid %{jrebindir}/rmid \
+ --slave %{_bindir}/rmiregistry rmiregistry %{jrebindir}/rmiregistry \
+ --slave %{_bindir}/servertool servertool %{jrebindir}/servertool \
+ --slave %{_bindir}/tnameserv tnameserv %{jrebindir}/tnameserv \
+ --slave %{_bindir}/unpack200 unpack200 %{jrebindir}/unpack200 \
+ --slave %{_mandir}/man1/java.1$ext java.1$ext \
+ %{_mandir}/man1/java-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/keytool.1$ext keytool.1$ext \
+ %{_mandir}/man1/keytool-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/orbd.1$ext orbd.1$ext \
+ %{_mandir}/man1/orbd-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/pack200.1$ext pack200.1$ext \
+ %{_mandir}/man1/pack200-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/rmid.1$ext rmid.1$ext \
+ %{_mandir}/man1/rmid-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/rmiregistry.1$ext rmiregistry.1$ext \
+ %{_mandir}/man1/rmiregistry-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/servertool.1$ext servertool.1$ext \
+ %{_mandir}/man1/servertool-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/tnameserv.1$ext tnameserv.1$ext \
+ %{_mandir}/man1/tnameserv-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/unpack200.1$ext unpack200.1$ext \
+ %{_mandir}/man1/unpack200-%{uniquesuffix}.1$ext
+
+for X in %{origin} %{javaver} ; do
+ alternatives \
+ --install %{_jvmdir}/jre-"$X" \
+ jre_"$X" %{_jvmdir}/%{jredir} %{priority} --family %{name}.%{_arch} \
+ --slave %{_jvmjardir}/jre-"$X" \
+ jre_"$X"_exports %{jvmjardir}
+done
+
+update-alternatives --install %{_jvmdir}/jre-%{javaver}-%{origin} jre_%{javaver}_%{origin} %{_jvmdir}/%{jrelnk} %{priority} --family %{name}.%{_arch} \
+--slave %{_jvmjardir}/jre-%{javaver} jre_%{javaver}_%{origin}_exports %{jvmjardir}
+
+update-desktop-database %{_datadir}/applications &> /dev/null || :
+
+/bin/touch --no-create %{_datadir}/icons/hicolor &>/dev/null || :
+
+# see pretrans where this file is declared
+# also see that pretrans is only for nondebug
+if [ ! "%1" == %{debug_suffix} ]; then
+ if [ -f %{_libexecdir}/copy_jdk_configs_fixFiles.sh ] ; then
+ sh %{_libexecdir}/copy_jdk_configs_fixFiles.sh %{rpm_state_dir}/%{name}.%{_arch} %{_jvmdir}/%{sdkdir %%1}
+ fi
+fi
+
+
+exit 0
+
+%postun
+update-desktop-database %{_datadir}/applications &> /dev/null || :
+
+if [ $1 -eq 0 ] ; then
+ /bin/touch --no-create %{_datadir}/icons/hicolor &>/dev/null
+ /usr/bin/gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
+fi
+
+exit 0
+
+
+%postun headless
+ alternatives --remove java %{jrebindir}/java
+ alternatives --remove jre_%{origin} %{_jvmdir}/%{jredir}
+ alternatives --remove jre_%{javaver} %{_jvmdir}/%{jredir}
+ alternatives --remove jre_%{javaver}_%{origin} %{_jvmdir}/%{jrelnk}
+
+exit 0
+
+%posttrans
+/usr/bin/gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
+
+
+
+%post devel
+ext=.gz
+alternatives \
+ --install %{_bindir}/javac javac %{sdkbindir}/javac %{priority} --family %{name}.%{_arch} \
+ --slave %{_jvmdir}/java java_sdk %{_jvmdir}/%{sdkdir} \
+ --slave %{_jvmjardir}/java java_sdk_exports %{_jvmjardir}/%{sdkdir} \
+ --slave %{_bindir}/appletviewer appletviewer %{sdkbindir}/appletviewer \
+ --slave %{_bindir}/apt apt %{sdkbindir}/apt \
+ --slave %{_bindir}/extcheck extcheck %{sdkbindir}/extcheck \
+ --slave %{_bindir}/idlj idlj %{sdkbindir}/idlj \
+ --slave %{_bindir}/jar jar %{sdkbindir}/jar \
+ --slave %{_bindir}/jarsigner jarsigner %{sdkbindir}/jarsigner \
+ --slave %{_bindir}/javadoc javadoc %{sdkbindir}/javadoc \
+ --slave %{_bindir}/javah javah %{sdkbindir}/javah \
+ --slave %{_bindir}/javap javap %{sdkbindir}/javap \
+ --slave %{_bindir}/jcmd jcmd %{sdkbindir}/jcmd \
+ --slave %{_bindir}/jconsole jconsole %{sdkbindir}/jconsole \
+ --slave %{_bindir}/jdb jdb %{sdkbindir}/jdb \
+ --slave %{_bindir}/jhat jhat %{sdkbindir}/jhat \
+ --slave %{_bindir}/jinfo jinfo %{sdkbindir}/jinfo \
+ --slave %{_bindir}/jmap jmap %{sdkbindir}/jmap \
+ --slave %{_bindir}/jps jps %{sdkbindir}/jps \
+ --slave %{_bindir}/jrunscript jrunscript %{sdkbindir}/jrunscript \
+ --slave %{_bindir}/jsadebugd jsadebugd %{sdkbindir}/jsadebugd \
+ --slave %{_bindir}/jstack jstack %{sdkbindir}/jstack \
+ --slave %{_bindir}/jstat jstat %{sdkbindir}/jstat \
+ --slave %{_bindir}/jstatd jstatd %{sdkbindir}/jstatd \
+ --slave %{_bindir}/native2ascii native2ascii %{sdkbindir}/native2ascii \
+ --slave %{_bindir}/policytool policytool %{sdkbindir}/policytool \
+ --slave %{_bindir}/rmic rmic %{sdkbindir}/rmic \
+ --slave %{_bindir}/schemagen schemagen %{sdkbindir}/schemagen \
+ --slave %{_bindir}/serialver serialver %{sdkbindir}/serialver \
+ --slave %{_bindir}/wsgen wsgen %{sdkbindir}/wsgen \
+ --slave %{_bindir}/wsimport wsimport %{sdkbindir}/wsimport \
+ --slave %{_bindir}/xjc xjc %{sdkbindir}/xjc \
+ --slave %{_mandir}/man1/appletviewer.1$ext appletviewer.1$ext \
+ %{_mandir}/man1/appletviewer-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/apt.1$ext apt.1$ext \
+ %{_mandir}/man1/apt-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/extcheck.1$ext extcheck.1$ext \
+ %{_mandir}/man1/extcheck-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/jar.1$ext jar.1$ext \
+ %{_mandir}/man1/jar-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/jarsigner.1$ext jarsigner.1$ext \
+ %{_mandir}/man1/jarsigner-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/javac.1$ext javac.1$ext \
+ %{_mandir}/man1/javac-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/javadoc.1$ext javadoc.1$ext \
+ %{_mandir}/man1/javadoc-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/javah.1$ext javah.1$ext \
+ %{_mandir}/man1/javah-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/javap.1$ext javap.1$ext \
+ %{_mandir}/man1/javap-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/jconsole.1$ext jconsole.1$ext \
+ %{_mandir}/man1/jconsole-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/jdb.1$ext jdb.1$ext \
+ %{_mandir}/man1/jdb-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/jhat.1$ext jhat.1$ext \
+ %{_mandir}/man1/jhat-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/jinfo.1$ext jinfo.1$ext \
+ %{_mandir}/man1/jinfo-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/jmap.1$ext jmap.1$ext \
+ %{_mandir}/man1/jmap-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/jps.1$ext jps.1$ext \
+ %{_mandir}/man1/jps-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/jrunscript.1$ext jrunscript.1$ext \
+ %{_mandir}/man1/jrunscript-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/jsadebugd.1$ext jsadebugd.1$ext \
+ %{_mandir}/man1/jsadebugd-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/jstack.1$ext jstack.1$ext \
+ %{_mandir}/man1/jstack-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/jstat.1$ext jstat.1$ext \
+ %{_mandir}/man1/jstat-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/jstatd.1$ext jstatd.1$ext \
+ %{_mandir}/man1/jstatd-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/native2ascii.1$ext native2ascii.1$ext \
+ %{_mandir}/man1/native2ascii-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/policytool.1$ext policytool.1$ext \
+ %{_mandir}/man1/policytool-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/rmic.1$ext rmic.1$ext \
+ %{_mandir}/man1/rmic-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/schemagen.1$ext schemagen.1$ext \
+ %{_mandir}/man1/schemagen-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/serialver.1$ext serialver.1$ext \
+ %{_mandir}/man1/serialver-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/wsgen.1$ext wsgen.1$ext \
+ %{_mandir}/man1/wsgen-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/wsimport.1$ext wsimport.1$ext \
+ %{_mandir}/man1/wsimport-%{uniquesuffix}.1$ext \
+ --slave %{_mandir}/man1/xjc.1$ext xjc.1$ext \
+ %{_mandir}/man1/xjc-%{uniquesuffix}.1$ext
+
+for X in %{origin} %{javaver} ; do
+ alternatives \
+ --install %{_jvmdir}/java-"$X" \
+ java_sdk_"$X" %{_jvmdir}/%{sdkdir} %{priority} --family %{name}.%{_arch} \
+ --slave %{_jvmjardir}/java-"$X" \
+ java_sdk_"$X"_exports %{_jvmjardir}/%{sdkdir}
+done
+
+update-alternatives --install %{_jvmdir}/java-%{javaver}-%{origin} java_sdk_%{javaver}_%{origin} %{_jvmdir}/%{sdkdir} %{priority} --family %{name}.%{_arch} \
+--slave %{_jvmjardir}/java-%{javaver}-%{origin} java_sdk_%{javaver}_%{origin}_exports %{_jvmjardir}/%{sdkdir}
+
+update-desktop-database %{_datadir}/applications &> /dev/null || :
+/bin/touch --no-create %{_datadir}/icons/hicolor &>/dev/null || :
+
+exit 0
+
+%postun devel
+ alternatives --remove javac %{sdkbindir}/javac
+ alternatives --remove java_sdk_%{origin} %{_jvmdir}/%{sdkdir}
+ alternatives --remove java_sdk_%{javaver} %{_jvmdir}/%{sdkdir}
+ alternatives --remove java_sdk_%{javaver}_%{origin} %{_jvmdir}/%{sdkdir}
+
+update-desktop-database %{_datadir}/applications &> /dev/null || :
+
+if [ $1 -eq 0 ] ; then
+ /bin/touch --no-create %{_datadir}/icons/hicolor &>/dev/null
+ /usr/bin/gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
+fi
+
+exit 0
+
+%posttrans devel
+/usr/bin/gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
+
+
+%post javadoc
+alternatives \
+ --install %{_javadocdir}/java javadocdir %{_javadocdir}/%{uniquejavadocdir}/api \
+ %{priority} --family %{name}
+
+exit 0
+
+%postun javadoc
+ alternatives --remove javadocdir %{_javadocdir}/%{uniquejavadocdir}/api
+
+exit 0
+
+
+%files -f %{name}.files
+%{_datadir}/icons/hicolor/*x*/apps/java-%{javaver}.png
+
+# important note, see https://bugzilla.redhat.com/show_bug.cgi?id=1038092 for whole issue
+# all config/norepalce files (and more) have to be declared in pretrans. See pretrans
+%files headless -f %{name}.files-headless
+%defattr(-,root,root,-)
+%doc %{_jvmdir}/%{sdkdir}/ASSEMBLY_EXCEPTION
+%doc %{_jvmdir}/%{sdkdir}/LICENSE
+%doc %{_jvmdir}/%{sdkdir}/THIRD_PARTY_README
+%dir %{_jvmdir}/%{sdkdir}
+%dir %{_jvmdir}/%{sdkdir}/jre/lib/
+%dir %{_jvmdir}/%{sdkdir}/jre/lib/%{archinstall}
+%ifarch x86_64
+%dir %{_jvmdir}/%{sdkdir}/jre/lib/%{archinstall}/xawt
+%endif
+%{_jvmdir}/%{jrelnk}
+%{_jvmjardir}/%{jrelnk}
+%{_jvmprivdir}/*
+%{jvmjardir}
+%dir %{_jvmdir}/%{jredir}/lib/security
+%{_jvmdir}/%{jredir}/lib/security/cacerts
+%config(noreplace) %{_jvmdir}/%{jredir}/lib/security/policy/unlimited/US_export_policy.jar
+%config(noreplace) %{_jvmdir}/%{jredir}/lib/security/policy/unlimited/local_policy.jar
+%config(noreplace) %{_jvmdir}/%{jredir}/lib/security/policy/limited/US_export_policy.jar
+%config(noreplace) %{_jvmdir}/%{jredir}/lib/security/policy/limited/local_policy.jar
+%config(noreplace) %{_jvmdir}/%{jredir}/lib/security/java.policy
+%config(noreplace) %{_jvmdir}/%{jredir}/lib/security/java.security
+%config(noreplace) %{_jvmdir}/%{jredir}/lib/security/blacklisted.certs
+%config(noreplace) %{_jvmdir}/%{jredir}/lib/logging.properties
+%{_mandir}/man1/java-%{uniquesuffix}.1*
+%{_mandir}/man1/keytool-%{uniquesuffix}.1*
+%{_mandir}/man1/orbd-%{uniquesuffix}.1*
+%{_mandir}/man1/pack200-%{uniquesuffix}.1*
+%{_mandir}/man1/rmid-%{uniquesuffix}.1*
+%{_mandir}/man1/rmiregistry-%{uniquesuffix}.1*
+%{_mandir}/man1/servertool-%{uniquesuffix}.1*
+%{_mandir}/man1/tnameserv-%{uniquesuffix}.1*
+%{_mandir}/man1/unpack200-%{uniquesuffix}.1*
+%config(noreplace) %{_jvmdir}/%{jredir}/lib/security/nss.cfg
+# removed %%{_jvmdir}/%%{jredir}/lib/audio/
+# see soundfont in %%install
+%ifarch %{jit_arches}
+%attr(664, root, root) %ghost %{_jvmdir}/%{jredir}/lib/%{archinstall}/server/classes.jsa
+%attr(664, root, root) %ghost %{_jvmdir}/%{jredir}/lib/%{archinstall}/client/classes.jsa
+%endif
+%{_jvmdir}/%{jredir}/lib/%{archinstall}/server/
+%{_jvmdir}/%{jredir}/lib/%{archinstall}/client/
+%{_sysconfdir}/.java/
+%{_sysconfdir}/.java/.systemPrefs
+%{_jvmdir}/%{sdkdir}/jre-abrt
+
+
+%files devel
+%defattr(-,root,root,-)
+%doc %{_jvmdir}/%{sdkdir}/ASSEMBLY_EXCEPTION
+%doc %{_jvmdir}/%{sdkdir}/LICENSE
+%doc %{_jvmdir}/%{sdkdir}/THIRD_PARTY_README
+%dir %{_jvmdir}/%{sdkdir}/bin
+%dir %{_jvmdir}/%{sdkdir}/include
+%dir %{_jvmdir}/%{sdkdir}/lib
+%ifarch %{jit_arches}
+%dir %{_jvmdir}/%{sdkdir}/tapset
+%endif
+%{_jvmdir}/%{sdkdir}/bin/*
+%{_jvmdir}/%{sdkdir}/include/*
+%{_jvmdir}/%{sdkdir}/lib/*
+%ifarch %{jit_arches}
+%{_jvmdir}/%{sdkdir}/tapset/*.stp
+%endif
+%{_jvmjardir}/%{sdkdir}
+%{_datadir}/applications/*jconsole.desktop
+%{_datadir}/applications/*policytool.desktop
+%{_mandir}/man1/appletviewer-%{uniquesuffix}.1*
+%{_mandir}/man1/apt-%{uniquesuffix}.1*
+%{_mandir}/man1/extcheck-%{uniquesuffix}.1*
+%{_mandir}/man1/idlj-%{uniquesuffix}.1*
+%{_mandir}/man1/jar-%{uniquesuffix}.1*
+%{_mandir}/man1/jarsigner-%{uniquesuffix}.1*
+%{_mandir}/man1/javac-%{uniquesuffix}.1*
+%{_mandir}/man1/javadoc-%{uniquesuffix}.1*
+%{_mandir}/man1/javah-%{uniquesuffix}.1*
+%{_mandir}/man1/javap-%{uniquesuffix}.1*
+%{_mandir}/man1/jconsole-%{uniquesuffix}.1*
+%{_mandir}/man1/jcmd-%{uniquesuffix}.1*
+%{_mandir}/man1/jdb-%{uniquesuffix}.1*
+%{_mandir}/man1/jhat-%{uniquesuffix}.1*
+%{_mandir}/man1/jinfo-%{uniquesuffix}.1*
+%{_mandir}/man1/jmap-%{uniquesuffix}.1*
+%{_mandir}/man1/jps-%{uniquesuffix}.1*
+%{_mandir}/man1/jrunscript-%{uniquesuffix}.1*
+%{_mandir}/man1/jsadebugd-%{uniquesuffix}.1*
+%{_mandir}/man1/jstack-%{uniquesuffix}.1*
+%{_mandir}/man1/jstat-%{uniquesuffix}.1*
+%{_mandir}/man1/jstatd-%{uniquesuffix}.1*
+%{_mandir}/man1/native2ascii-%{uniquesuffix}.1*
+%{_mandir}/man1/policytool-%{uniquesuffix}.1*
+%{_mandir}/man1/rmic-%{uniquesuffix}.1*
+%{_mandir}/man1/schemagen-%{uniquesuffix}.1*
+%{_mandir}/man1/serialver-%{uniquesuffix}.1*
+%{_mandir}/man1/wsgen-%{uniquesuffix}.1*
+%{_mandir}/man1/wsimport-%{uniquesuffix}.1*
+%{_mandir}/man1/xjc-%{uniquesuffix}.1*
+%ifarch %{jit_arches}
+%{tapsetroot}
+%endif
+
+%files demo -f %{name}-demo.files
+%defattr(-,root,root,-)
+%doc %{_jvmdir}/%{sdkdir}/LICENSE
+
+%files src
+%defattr(-,root,root,-)
+%doc README.src
+%{_jvmdir}/%{sdkdir}/src.zip
+
+%files javadoc
+%defattr(-,root,root,-)
+%doc %{_javadocdir}/%{uniquejavadocdir}
+%doc %{buildoutputdir}/j2sdk-image/jre/LICENSE
+
+%files accessibility
+%{_jvmdir}/%{jredir}/lib/%{archinstall}/libatk-wrapper.so
+%{_jvmdir}/%{jredir}/lib/ext/java-atk-wrapper.jar
+%{_jvmdir}/%{jredir}/lib/accessibility.properties
+
+%changelog
+* Tue Nov 28 2017 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.161-2.6.12.0
+- Remove superfluous %%1 from policy JAR file path.
+- Resolves: rhbz#1499207
+
+* Tue Nov 28 2017 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.161-2.6.12.0
+- Add missing implementation of Matcher::pass_original_key_for_aes() on AArch64 (PR3497)
+- Resolves: rhbz#1499207
+
+* Tue Nov 28 2017 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.161-2.6.12.0
+- Update location of policy JAR files following 8157561.
+- Resolves: rhbz#1499207
+
+* Tue Nov 28 2017 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.161-2.6.12.0
+- Fix name of SystemTap tarball, following update.
+- Resolves: rhbz#1499207
+
+* Tue Nov 28 2017 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.161-2.6.12.0
+- Bump to 2.6.12 and u161b00.
+- Update SystemTap tapsets to version in IcedTea 2.6.12pre01 to fix RH1492139.
+- Drop 8185716 patch, now applied upstream.
+- Update location of OpenJDK zlib system library source code in remove-intree-libraries.sh
+- Resolves: rhbz#1499207
+
+* Wed Aug 02 2017 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.151-2.6.11.1
+- Apply fix for 8185716 so ppc uses correct ins_encode format
+- Resolves: rhbz#1466509
+
+* Wed Aug 02 2017 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.151-2.6.11.1
+- Bump to 2.6.11 and u151b00.
+- Update java-access-bridge-security.patch to apply against 2.6.11.
+- Drop 7177216 merge fix which is applied upstream.
+- Resolves: rhbz#1466509
+
+* Tue Jun 13 2017 Jiri Vanek <jvanek@redhat.com> - 1:1.7.0.141-2.6.10.5
+- make to use latest c-j-c and so fix persisting issues with java.security and other configfiles
+- aligned with this change, applied repackReproduciblePolycies.sh
+- 1183793 is missing blocker
+- Resolves: rhbz#1448880
+
+* Wed Jun 07 2017 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.141-2.6.10.4
+- Fix merge error with "native2ascii changes file permissions of input file"
+- Resolves: rhbz#1446700
+
+* Wed May 17 2017 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.141-2.6.10.3
+- Add support for using RSAandMGF1 with the SHA hash algorithms in the PKCS11 provider
+- Resolves: rhbz#1273760
+
+* Wed May 03 2017 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.141-2.6.10.2
+- Bump to u141b02 to include S8011123 fix for TCK failure.
+- Resolves: rhbz#1438751
+
+* Thu Apr 27 2017 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.141-2.6.10.1
+- Bump to u141b01 to include S8043723 fix for s390.
+- Resolves: rhbz#1438751
+
+* Thu Apr 27 2017 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.141-2.6.10.1
+- Bump to 2.6.10 and u141b00.
+- Add more detailed output to fsg.sh and generate_source_tarball.sh.
+- Update md5sum list with checksum for the new java.security file.
+- Drop 8173783 backport which is now applied upstream.
+- Resolves: rhbz#1438751
+
+* Wed Apr 05 2017 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.131-2.6.9.3
+- Backport "8173783: IllegalArgumentException: jdk.tls.namedGroups"
+- Apply backports before local RPM fixes so they will be the same as when applied upstream
+- Adjust RH1022017 following application of 8173783
+- Resolves: rhbz#1422738
+
+* Tue Apr 04 2017 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.131-2.6.9.2
+- Introduce stapinstall variable to set SystemTap arch directory correctly (e.g. arm64 on aarch64)
+- Update jstack tapset to handle AArch64
+- Handle unsupported architectures by calling the error function rather than a parse failure
+- ABS_JAVA_HOME_DIR is no longer used in the updated tapsets
+- Resolves: rhbz#1373986
+
+* Tue Feb 07 2017 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.131-2.6.9.1
+- Bump to 2.6.9 and u131b00.
+- Remove patch application debris in fsg.sh.
+- Re-generate PR2809 and RH1022017 against 2.6.9.
+- Update md5sum list with checksum for the new java.security file.
+- Add blacklisted.certs to installation file list.
+- Resolves: rhbz#1410612
+
+* Mon Jan 09 2017 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.121-2.6.8.1
+- Bump release for rhel-7.4 branch. Fix "luncher" typo.
+- Resolves: rhbz#1383251
+
+* Mon Oct 31 2016 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.121-2.6.8.0
+- Turn off HotSpot bootstrap to see if it resolves build issues.
+- Resolves: rhbz#1381990
+
+* Fri Oct 28 2016 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.121-2.6.8.0
+- Bump to 2.6.8 and u121b00.
+- Drop patches (S7081817, S8140344, S8145017 and S8162344) applied upstream.
+- Update md5sum list with checksum for the new java.security file.
+- Resolves: rhbz#1381990
+
+* Mon Sep 05 2016 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.111-2.6.7.7
+- Rebuild java-1.7.0-openjdk for GCC aarch64 stack epilogue code generation fix (RH1372747)
+- Resolves: rhbz#1350042
+
+* Wed Aug 31 2016 Jiri Vanek <jvanek@redhat.com> - 1:1.7.0.111-2.6.7.6
+- declared check_sum_presented_in_spec and used in prep and check
+- it is checking that latest packed java.security is mentioned in listing
+- Resolves: rhbz#1350042
+
+* Wed Aug 31 2016 Jiri Vanek <jvanek@redhat.com> - 1:1.7.0.111-2.6.7.6
+- New variable, @prefix@, needs to be substituted in tapsets (rhbz1371005)
+- Resolves: rhbz#1350042
+
+* Wed Aug 31 2016 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.111-2.6.7.5
+- Change to disable RC4 did not add MD5 checksum of previous java.security file from 2016/01
+- Resolves: rhbz#1350042
+
+* Tue Jul 26 2016 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.111-2.6.7.4
+- Require a version of java-1.7.0-openjdk-devel with a working jar uf
+- Use readlink rather than a wildcard to resolve the system JDK directory
+- Resolves: rhbz#1350042
+
+* Fri Jul 22 2016 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.111-2.6.7.3
+- Add additional changes to 8162344 to fix issues which only show up on a full build.
+- Resolves: rhbz#1350042
+
+* Fri Jul 22 2016 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.111-2.6.7.3
+- Bump to jdk7u111 b01 to fix TCK regressions (7081817 & 8162344)
+- Resolves: rhbz#1350042
+
+* Thu Jul 21 2016 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.111-2.6.7.2
+- Reset permissions of resources.jar to avoid it only being readable by root (PR1437).
+- Resolves: rhbz#1350042
+
+* Wed Jul 20 2016 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.111-2.6.7.1
+- Bump to 2.6.7 and u111b00.
+- Update SystemTap bundle with fix for PR3091/RH1204159
+- Drop patches (PR2938, PR2939, PR3012, PR3013 and PR1437) applied upstream.
+- Resolves: rhbz#1350042
+
+* Thu Jun 30 2016 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.101-2.6.6.6
+- Add fix for PR1437 which reapplies 7175845 fix lost in merge.
+- Resolves: rhbz#1207129
+
+* Thu Jun 30 2016 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.101-2.6.6.6
+- Add fix for 8069181/PR3012 and pre-requisites from PR3013.
+- Add bug information for backports from last CPU.
+- Resolves: rhbz#1015612
+
+* Tue Jun 21 2016 Jiri Vanek <jvanek@redhat.com> - 1:1.7.0.101-2.6.6.4
+- luascripts extracted and used from separate package
+- added requirement on at least build time nss
+- added --family and dependence on chkconfig >=1.7
+- in adition, family is restricted by arch
+- Resolves: rhbz#1296441
+- Resolves: rhbz#1296413
+
+* Tue Jun 07 2016 Jiri Vanek <jvanek@redhat.com> - 1:1.7.0.101-2.6.6.3
+- added requires for copy-jdk-configs, to help with https://projects.engineering.redhat.com/browse/RCM-3654
+- Resolves: rhbz#1296441
+
+* Tue Apr 19 2016 Jiri Vanek <jvanek@redhat.com> - 1:1.7.0.101-2.6.6.2
+- added Patch666 fontpath.patch to fix tck regressions
+- Resolves: rhbz#1325428
+
+* Mon Apr 18 2016 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.101-2.6.6.1
+- Fix ztos handling in templateTable_ppc_64.cpp to be same as others in 7.
+- Resolves: rhbz#1325428
+
+* Mon Apr 18 2016 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.101-2.6.6.1
+- Bump to 2.6.6 and u101b00.
+- Drop AArch64 patch (PR2914) included in 2.6.6
+- Drop a leading zero from the priority as the update version is now three digits
+- Update PR2809 patch to apply against 2.6.6.
+- Resolves: rhbz#1325428
+
+* Mon Apr 18 2016 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.99-2.6.5.5
+- Backout S4858370.
+- Resolves: rhbz#1284948
+
+* Wed Apr 06 2016 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.99-2.6.5.4
+- Replace 8146709 backout with fix from Andrew Haley
+- Resolves: rhbz#1310061
+
+* Tue Apr 05 2016 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.99-2.6.5.3
+- Backout 8146709 to try and fix build on AArch64
+- Resolves: rhbz#1310061
+
+* Mon Apr 04 2016 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.99-2.6.5.2
+- Add fix for S4858370.
+- Resolves: rhbz#1284948
+
+* Thu Mar 24 2016 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.99-2.6.5.1
+- Bump to 2.6.5 and u99b00.
+- Correct check for fsg.sh in tarball creation script
+- Drop AArch64 ADRP backports (8143067, 8146709) included in 2.6.5
+- Resolves: rhbz#1320659
+
+* Thu Mar 03 2016 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.95-2.6.4.3
+- Add AArch64 ADRP backports
+- Resolves: rhbz#1310061
+
+* Wed Jan 27 2016 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.95-2.6.4.2
+- Disable RC4 by default.
+- Resolves: rhbz#1302385
+
+* Tue Jan 19 2016 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.95-2.6.4.1
+- Bump to 2.6.4 and u95b00.
+- Backport tarball creation script from OpenJDK 8 RPMs and update fsg.sh to work with it.
+- Drop 8072932or8074489 patch as applied upstream in u91b01.
+- Add MD5 checksums for last two version of the java.security file.
+- Correct date of ChangeLog entry below.
+- Resolves: rhbz#1295769
+
+* Thu Nov 12 2015 Jiri Vanek <jvanek@redhat.com> - 1:1.7.0.91-2.6.2.4
+- fixed headless to become headless again
+ - jre/lib/archinstall/libjavagtk.so
+ - jre/bin/policytool
+ - jre-abrt/lib/archinstall/libjavagtk.so
+ - all three added to not headless exclude list
+- see rhbz1141123
+- Resolves: rhbz#1278987
+
+* Tue Oct 20 2015 Jiri Vanek <jvanek@redhat.com> - 1:1.7.0.91-2.6.2.3
+- added and applied patch500 8072932or8074489.patch to fix tck failure
+- Resolves: rhbz#1271923
+
+* Mon Oct 19 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.91-2.6.2.2
+- Turn off deletion of in-tree LCMS sources as we now need them.
+- Resolves: rhbz#1271923
+
+* Mon Oct 19 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.91-2.6.2.1
+- Bump to 2.6.2 and u91b00.
+- Disable system LCMS 2 for now until security of it can be verified.
+- Drop patches for PR2560/RH1245855 as now applied upstream.
+- Sync minor changes from RHEL 6 spec file.
+- Resolves: rhbz#1271923
+
+* Wed Oct 14 2015 Jiri Vanek <jvanek@redhat.com> - 1:1.7.0.85-2.6.1.7
+- removed link to soundfont. Unused in rhel7 and will be fixed upstream
+- Resolves: rhbz#1257653
+
+* Mon Aug 31 2015 Jiri Vanek <jvanek@redhat.com> - 1:1.7.0.85-2.6.1.6
+- bumped release to allow update testing of previous chnageset
+- Resolves: rhbz#1235159
+
+* Mon Aug 31 2015 Jiri Vanek <jvanek@redhat.com> - 1:1.7.0.85-2.6.1.5
+- removed rm -rf in headless post
+- Resolves: rhbz#1235159
+
+* Mon Jul 27 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.85-2.6.1.4
+- Backport JDWP null fixes.
+- Resolves: rhbz#1245855
+
+* Thu Jul 23 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.85-2.6.1.3
+- Backport fixes for debugger crash
+- Resolves: rhbz#1245855
+
+* Sat Jul 11 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.85-2.6.1.2
+- Bump upstream tarball to u25b01 to fix issue with 8075374 backport.
+- Resolves: rhbz#1235159
+
+* Thu Jul 09 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.85-2.6.1.1
+- Update OpenJDK tarball so correct version is used.
+- Resolves: rhbz#1235159
+
+* Thu Jul 09 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.85-2.6.1.0
+- Add additional java.security md5sum from January CPU
+- Resolves: rhbz#1235159
+
+* Thu Jul 09 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.85-2.6.1.0
+- Bump to 2.6.1 and u85b00.
+- Resolves: rhbz#1235159
+
+* Wed Jul 08 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.80-2.6.0.1
+- Pass SYSTEM_GSETTINGS="true" to the OpenJDK build to explicitly enable the GSettings API.
+- Resolves: rhbz#1194226
+
+* Wed Jul 08 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.80-2.6.0.0
+- Add GConf2-devel dependency for native proxy fallback support.
+- Remove libxslt dependency pulled in from IcedTea builds.
+- Reduce redhat-lsb dependency to redhat-lsb-core (lsb_release)
+- Resolves: rhbz#1194226
+
+* Wed Jul 08 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.80-2.6.0.0
+- Bump to 2.6.0 and u80b32.
+- Drop upstreamed patches and separate AArch64 HotSpot.
+- Add dependencies on pcsc-lite-devel (PR2496) and lksctp-tools-devel (PR2446)
+- Only run -Xshare:dump on JIT archs other than power64 as port lacks support
+- Update remove-intree-libraries script to cover LCMS and PCSC headers.
+- Resolves: rhbz#1194226
+
+* Wed Jun 24 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.79-2.5.5.4
+- Fix name resolution when /etc/resolv.conf lists an IPv6 nameserver
+- Resolves: rhbz#1203666
+
+* Wed Apr 29 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.79-2.5.5.3
+- Re-based SunEC changes onto latest RPM from private branch
+- Resolves: rhbz#1121210
+
+* Fri Apr 24 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.79-2.5.5.2
+- Fix crash on ppc64le when running Apache Oozie
+- Resolves: rhbz#1201393
+
+* Fri Apr 10 2015 Jiri Vanek <jvanek@redhat.com> - 1:1.7.0.79-2.5.5.1
+- repacked sources
+- Resolves: rhbz#1209073
+
+* Tue Apr 07 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.79-2.5.5.0
+- Bump to 2.5.5 using OpenJDK 7u79 b14.
+- Update OpenJDK tarball creation comments
+- Remove test case for RH1191652 now fix has been verified.
+- Drop AArch64 version of RH1191652 HotSpot patch as included upstream.
+- Resolves: rhbz#1209073
+
+* Wed Mar 04 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.75-2.5.4.7
+- ppc64le now has pulseaudio
+- Resolves: rhbz#1191652
+
+* Tue Mar 03 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.75-2.5.4.6
+- Fix use of unapproved bug ID (resolved as duplicate) in changelog entry.
+- Resolves: rhbz#1191652
+
+* Tue Mar 03 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.75-2.5.4.6
+- Provide AArch64 version of RH1191652 HotSpot patch.
+- Resolves: rhbz#1191652
+
+* Fri Feb 27 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.75-2.5.4.5
+- Turn off hsbootstrap on all archs
+- Resolves: rhbz#1191652
+
+* Fri Feb 27 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.75-2.5.4.5
+- Add missing bracket.
+- Resolves: rhbz#1191652
+
+* Fri Feb 27 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.75-2.5.4.5
+- Turn off hsbootstrap on all archs
+- Resolves: rhbz#1191652
+
+* Fri Feb 27 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.75-2.5.4.5
+- Add missing bracket.
+- Resolves: rhbz#1191652
+
+* Fri Feb 27 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.75-2.5.4.5
+- Ensure VM directory exists before copying libjvm.so
+- Resolves: rhbz#1191652
+
+* Fri Feb 27 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.75-2.5.4.5
+- Fix path to libjvm.so used in hsbootstrap to a more general one.
+- Resolves: rhbz#1191652
+
+* Thu Feb 26 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.75-2.5.4.5
+- Fix hsbootstrap option on ppc64le where JDK_TO_BUILD_WITH is changed.
+- Print uname to feedback to upstream OpenJDK.
+- Resolves: rhbz#1191652
+
+* Thu Feb 26 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.75-2.5.4.5
+- Test a hsbootstrap build on ppc64le
+- Resolves: rhbz#1191652
+
+* Fri Feb 13 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.75-2.5.4.5
+- Adjust archbuild instead as JDK build is now using ppc64le
+- Resolves: rhbz#1191652
+
+* Fri Feb 13 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.75-2.5.4.5
+- Add ppc64le defines for javax.sound
+- Resolves: rhbz#1191652
+
+* Fri Feb 13 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.75-2.5.4.5
+- Add jvm.cfg for ppc64le
+- Resolves: rhbz#1191652
+
+* Fri Feb 13 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.75-2.5.4.5
+- Adjust archbuild instead as JDK build is now using ppc64le
+- Resolves: rhbz#1191652
+
+* Fri Feb 13 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.75-2.5.4.5
+- Add ppc64le defines for javax.sound
+- Resolves: rhbz#1191652
+
+* Fri Feb 13 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.75-2.5.4.5
+- Add jvm.cfg for ppc64le
+- Resolves: rhbz#1191652
+
+* Fri Feb 13 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.75-2.5.4.5
+- Add patch for RH1191652 on the JDK side
+- Resolves: rhbz#1191652
+
+* Fri Feb 13 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.75-2.5.4.5
+- Adjust archinstall and ppc64le workaround to establish jre/lib/ppc64le
+- Resolves: rhbz#1191652
+
+* Fri Feb 13 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.75-2.5.4.5
+- Fix patch for RH1191652 to override LIBARCH on ppc64le as there is no BUILDARCH
+- Resolves: rhbz#1191652
+
+* Fri Feb 13 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.75-2.5.4.5
+- Fix patch for RH1191652 to apply against 2.5 (original against HEAD)
+- Resolves: rhbz#1191652
+
+* Fri Feb 13 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.75-2.5.4.5
+- Fix patch for RH1191652 to override LIBARCH on ppc64le as there is no BUILDARCH
+- Resolves: rhbz#1191652
+
+* Fri Feb 13 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.75-2.5.4.5
+- Fix patch for RH1191652 to apply against 2.5 (original against HEAD)
+- Resolves: rhbz#1191652
+
+* Fri Feb 13 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.75-2.5.4.5
+- Use arch name of ppc64le on ppc64le rather than ppc64.
+- Resolves: rhbz#1191652
+
+* Mon Feb 02 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.75-2.5.4.4
+- Symlink ppc64 directory to ppc64le
+- Run test application to print architecture-specific paths stored in the JDK
+- Resolves: rhbz#1191652
+
+* Tue Jan 27 2015 Jiri Vanek <jvanek@redhat.com> - 1:1.7.0.75-2.5.4.3
+- removed source14 remove-origin-from-rpaths (1169097)
+- removed build requirement for chrpath
+- Resolves: rhbz#1180298
+
+* Fri Jan 16 2015 Severin Gehwolf <sgehwolf@redhat.com> - 1:1.7.0.75-2.5.4.2
+- Replace unmodified java.security file via headless post scriptlet.
+- Resolves: rhbz#1180298
+
+* Sun Jan 11 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.75-2.5.4.1
+- Fix macro expansion in changelog
+- Resolves: rhbz#1180298
+
+* Fri Jan 09 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.75-2.5.4.1
+- Fix elliptic curve list as part of fsg.sh
+- Resolves: rhbz#1180298
+
+* Fri Jan 09 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.75-2.5.4.1
+- Bump release so that the RHEL 7.1 version is built on AArch64.
+- Resolves: rhbz#1180298
+
+* Fri Jan 09 2015 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.75-2.5.4.0
+- Bump to 2.5.4 using OpenJDK 7u75 b13.
+- Bump AArch64 port to 2.6.0pre17.
+- Fix abrt_friendly_hs_log_jdk7.patch to apply again and enable on all archs.
+- Remove OpenJDK 8 / AArch64 version of PStack patch as this is no longer needed.
+- Resolves: rhbz#1180298
+
+* Tue Dec 16 2014 Jiri Vanek <jvanek@redhat.com> - 1:1.7.0.71-2.5.3.4
+- aarch64 sources updated to most recent stable tag
+- adapted patch4030 PStack-808293-aarch64.patch
+- removed upstreamed CPU patches (patch500-509, 20141014*)
+- Resolves: rhbz#1125260
+
+* Mon Oct 06 2014 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.71-2.5.3.3
+- Set ENABLE_FULL_DEBUG_SYMBOLS=0 for aarch64 to retain debuginfo in files.
+- Resolves: rhbz#1148894
+
+* Sat Oct 04 2014 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.71-2.5.3.2
+- Add HS security patches for aarch64.
+- Resolves: rhbz#1148894
+
+* Fri Oct 03 2014 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.71-2.5.3.1
+- Bump to 2.5.3 for latest security fixes.
+- Remove obsolete patches and CFLAGS which are now upstream.
+- Add hsbootstrap option to pre-build HotSpot when required.
+- Resolves: rhbz#1148894
+
+* Thu Oct 02 2014 Severin Gehwolf <sgehwolf@redhat.com> - 1.7.0.65-2.5.1.12
+- Bump release for self-build.
+- Resolves: RHBZ#1125557.
+
+* Tue Sep 23 2014 Severin Gehwolf <sgehwolf@redhat.com> - 1.7.0.65-2.5.1.11
+- Add hotspot compiler flag -fno-tree-vectorize which fixes the segfault in
+ the bytecode verifier on ppc/ppc64.
+
+* Tue Sep 23 2014 Severin Gehwolf <sgehwolf@redhat.com> - 1.7.0.65-2.5.1.10
+- Add patches for PPC zero build.
+- Fixes stack overflow problem. See RHBZ#1015432.
+- Fixes missing memory barrier in Atomic::xchg*
+- Fixes missing PPC32/PPC64 defines for Zero builds on power.
+
+* Mon Sep 22 2014 Severin Gehwolf <sgehwolf@redhat.com> - 1.7.0.65-2.5.1.9
+- Remove obsolete PPC/PPC64 patches.
+
+* Thu Sep 11 2014 Omair Majid <omajid@redhat.com> - 1.7.0.65-2.5.1.8
+- Update aarch64 port to jdk7u60_b04_aarch64_834
+- Resolves: rhbz#1082779
+
+* Tue Aug 19 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.65-2.5.1.7
+- added and applied patch666 stackoverflow-ppc32_64-20140828.patch
+- returned ppc (rebuild in brew must be done by 2.4.x)
+- Resolves: rhbz#1125557
+
+* Tue Aug 19 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.65-2.5.1.6
+- added ExcludeArch: ppc
+- Resolves: rhbz#1125557
+
+* Mon Aug 04 2014 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.65-2.5.1.5
+- Add workaround to build on ppc64le where arch directory is still ppc64le, not ppc64
+- Resolves: rhbz#1125557
+
+* Wed Jul 30 2014 Omair Majid <omajid@redhat.com> - 1.7.0.65-2.5.1.4
+- Bump release to build package on aarch64
+- Resolves: rhbz#1082779
+
+* Wed Jul 30 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.65-2.5.1.3
+- Update aarch64 to latest version
+- Resolves: rhbz#1082779
+
+* Thu Jul 17 2014 Andrew Hughes <ahughes@redhat.com> - 1:1.7.0.65-2.5.1.3
+- NSS_LIBS should be set from nss pkgconfig, not nss-softokn
+- Resolves: rhbz#1121210
+
+* Mon Jul 14 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.65-2.5.1.2
+- added and applied fix for samrtcard io patch405, pr1864_smartcardIO.patch
+- Resolves: rhbz#1115877
+
+* Mon Jul 07 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.65-2.5.1.1
+- updated to security patched icedtea7-forest-2.5.1
+- Resolves: rhbz#1115877
+
+* Wed Jul 02 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.60-2.5.0.3
+- updated to icedtea7-forest-2.5.0 (rh1114934)
+- Resolves: rhbz#1099566
+
+* Tue Jul 01 2014 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.60-2.5.0.2
+- Add nss-softokn dependency for SunEC provider
+- Resolves: rhbz#1121210
+
+* Mon Jun 30 2014 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.60-2.5.0.1
+- Enable SunEC provider with system NSS support.
+- Resolves: rhbz#1121210
+
+* Fri May 30 2014 Andrew John Hughes <gnu.andrew@redhat.com> - 1.7.0.55-2.4.7.2
+- Remove NSS patches. Issues with PKCS11 provider mean it shouldn't be enabled.
+- Always setup nss.cfg and depend on nss-devel at build-time to do so.
+- This allows users who wish to use PKCS11+NSS to just add it to java.security.
+- Patches to PKCS11 provider will be included upstream in 2.4.8 (ETA July 2014)
+- Resolves: rhbz#1099565
+
+* Tue May 20 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.55-2.4.7.0.el7
+- bumped to future icedtea-forest 2.4.7
+- updatever set to 55, buildver se to 13, release reset to 0
+- removed upstreamed patch402 gstackbounds.patch
+- removed Requires: rhino, BuildRequires is enough
+- ppc64 repalced by power64 macro
+- patch111 applied as dry-run (6.6 forward port)
+- nss enabled, but notused as default (6.6 forward port)
+- Resolves: rhbz#1099565
+
+* Fri Apr 04 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.51-2.4.5.5.el7
+- added OrderWithRequires on headless where possible
+- Resolves: rhbz#1038092
+
+* Thu Mar 27 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.51-2.4.5.3.el7
+- synced lua script from fedora.
+- Resolves: rhbz#1038092
+
+* Fri Mar 14 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.51-2.4.5.2.el7
+- added fstack-protector-strong to CFLAGS
+- Resolves: rhbz#1070816
+
+* Thu Mar 06 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.51-2.4.5.1.el7
+- diabled NSS. Missuisng 1038092 for it as it is in hurry.
+- Related: rhbz#1038092
+
+* Thu Jan 30 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.51-2.4.5.0.el7
+- updated to icedtea 2.4.5 + sync with f21
+ - http://blog.fuseyism.com/index.php/2014/01/29/icedtea-2-4-5-released/
+- removed buildRequires: pulseaudio >= 0.9.11, as not neccessary
+ - but kept libs-devel)
+- removed upstreamed or unwonted patches (thanx to gnu_andrew to pointing them out)
+ - patch410 1015432.patch (upstreamed)
+ - patch411 1029588.patch
+ - patch412 zero-x32.diff
+ - patch104 java-1.7.0-ppc-zero-jdk.patch
+ - patch105 java-1.7.0-ppc-zero-hotspot.patch
+- patch402 gstackbounds.patch and patch403 PStack-808293.patch applied always
+ (again thanx to gnu_andrew)
+- merged other gnu_andrew's changes
+ - FT2_CFLAGS and FT2_LIBS hardoced values replaced by correct pkg-config calls
+ - buildver bumbed to 31
+- added build requires nss-devel
+- removed build requires mercurial
+- added JRE_RELEASE_VERSION and ALT_PARALLEL_COMPILE_JOBS into make call
+- Related: rhbz1038092
+
+* Tue Jan 28 2014 Daniel Mach <dmach@redhat.com> - 1.7.0.51-2.4.4.1
+- Mass rebuild 2014-01-24
+
+* Fri Jan 10 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.51-2.4.4.0.el7
+- updated to security icedtea 2.4.4
+ - icedtea_version set to 2.4.4
+ - updatever bumped to 51
+ - release reset to 0
+- sync with fedora
+ - added and applied patch411 1029588.patch (rh 1029588)
+ - added aand applied patch410, 1015432 (rh 1015432)
+ - and so removed patch121 FixPPC64StackOverflow.patch
+- added patch412 zero-x32.diff to try to fix zero builds build
+- Resolves: rhbz#1053280
+
+* Fri Dec 27 2013 Daniel Mach <dmach@redhat.com> - 1.7.0.45-2.4.3.5.el7
+- Mass rebuild 2013-12-27
+
+* Thu Oct 31 2013 Jiri Vanek <jvanek@redhat.com> - 1.7.0.40-2.4.3.4.fel7
+- Removed obsoletes for java-1.6.0-openjdk* , until decided its presence in el7
+- Resolves:rhbz#1018680
+
+* Thu Oct 31 2013 Jiri Vanek <jvanek@redhat.com> - 1.7.0.40-2.4.3.3.fel7
+- just bumped release, need to confirm, that patch121, FixPPC64StackOverflow.patch
+ really works
+- Resolves:rhbz#1018680
+
+* Wed Oct 16 2013 Jiri Vanek <jvanek@redhat.com> - 1.7.0.40-2.4.3.2.fel7
+- added and applied patch121, FixPPC64StackOverflow.patch
+- all redundant ppc64 strings replaced by power64 macro
+- Resolves:rhbz#1018680
+
+* Wed Oct 16 2013 Jiri Vanek <jvanek@redhat.com> - 1.7.0.40-2.4.3.1.fel7
+- updated to new CPU sources 2.4.3
+- Resolves:rhbz#1018680
+
+* Mon Oct 14 2013 Jiri Vanek <jvanek@redhat.com> - 1.7.0.40-2.4.3.0.fel7
+- updated to latest CPU sources 2.4.3
+- Resolves:rhbz#1018680
+
+* Mon Oct 14 2013 Jiri Vanek <jvanek@redhat.com> - 1.7.0.40-2.4.2.12.fel7
+- jdk splitted to headless and rest
+- Resolves:rhbz#875408
+
+* Fri Oct 04 2013 Jiri Vanek <jvanek@redhat.com> - 1.7.0.40-2.4.2.11.fel7
+- another tapset fix
+- Resolves:rhbz#875408
+
+* Fri Oct 04 2013 Jiri Vanek <jvanek@redhat.com> - 1.7.0.40-2.4.2.10.fel7
+- abrt changed to soft dependece
+- Resolves:rhbz#875408
+
+* Thu Oct 03 2013 Jiri Vanek <jvanek@redhat.com> - 1.7.0.40-2.4.2.9.el7
+- renamed tapset source to be "versioned"
+- improved agent placement
+- Resolves:rhbz#875408
+
+* Wed Oct 02 2013 Jiri Vanek <jvanek@redhat.com> - 1.7.0.40-2.4.2.8.el7
+- updated tapset to current head (825824)
+- Resolves:rhbz#875408
+
+* Tue Oct 01 2013 Jiri Vanek <jvanek@redhat.com> - 1.7.0.40-2.4.2.7.el7
+- fixed incorrect _jvmdir/jre-javaver_origin to _jvmdir/jre-javaver-origin link
+- Resolves:rhbz#875408
+
+* Tue Oct 01 2013 Jiri Vanek <jvanek@redhat.com> - 1.7.0.40-2.4.2.6.el7
+- syncing with f20 - abrt connector
+- Resolves:rhbz#875408
+
+* Tue Oct 01 2013 Jiri Vanek <jvanek@redhat.com> - 1.7.0.40-2.4.2.3.el7
+- syncing with f19/rhel-6.5
+- Resolves:rhbz#875408
+
+
+* Wed Aug 07 2013 Deepak Bhole <dbhole@redhat.com> - 1.7.0.25-2.3.12.3.el7
+- Removed obsoletes for java-1.6.0-openjdk*
+
+* Fri Jul 26 2013 Jiri Vanek <jvanek@redhat.com> - 1.7.0.25-2.3.12.2.el7
+- refreshed icedtea7-forest 2.3.12
+- fix broken jre_exports alternatives links (thanx to orion bug #979128)
+
+* Thu Jul 25 2013 Jiri Vanek <jvanek@redhat.com> - 1.7.0.25-2.3.11.0.el7
+- added new alternatives jre-1.7.0-openjdk and java-1.7.0-openjdk
+- finally merged arm and main source tarballs
+- updated to icedtea 2.3.11
+ - http://blog.fuseyism.com/index.php/2013/07/25/icedtea-2-3-11-released/
+- added removal of new jre-1.7.0-openjdk and java-1.7.0-openjdk alternatives
+- removed patch 400, rhino for 2.1 and other 2.1 conditional stuff
+- removed patch 103 arm-fixes.patch
+- removed "dir" from files which was duplicating jre in sdk
+
+* Fri Jul 19 2013 Jiri Vanek <jvanek@redhat.com> - 1.7.0.25-2.3.10.6.el7
+- jrelnk is now just lnk, everything is pointing through jredir
+
+* Thu Jul 18 2013 Jiri Vanek <jvanek@redhat.com> - 1.7.0.25-2.3.10.6.el7
+- minor cleaning
+- sdklnk removed, and substitued by sdkdir
+
+* Wed Jul 03 2013 Jiri Vanek <jvanek@redhat.com> - 1.7.0.25-2.3.10.5.fel7
+- moved to xz compression of sources
+- updated 2.1 tarball
+
+* Thu Jun 27 2013 Jiri Vanek <jvanek@redhat.com> - 1.7.0.25-2.3.10.4.el7
+- Sync with upstream IcedTea7-forest 2.3.10 tag
+- Fixes regressions as introduced with 1.7.0.25-2.3.10.3.el6:
+ rhbz#978005, rhbz#977979, rhbz#976693, IcedTeaBZ#1487.
+- all patch commands repalced by patch macro
+ - updated java-1.7.0-openjdk-ppc-zero-hotspot.patch to pass without loose patching
+
+* Wed Jun 19 2013 Jiri Vanek <jvanek@redhat.com> - 1.7.0.25-2.3.10.3.el7
+- update of IcedTea7-forest 2.3.10 tarball
+- removed patch1000 MBeanFix.patch to fix regressions caused by security patches
+
+
+* Thu Jun 13 2013 Jiri Vanek <jvanek@redhat.com> - 1.7.0.25-2.3.10.2.el7
+- added patch1000 MBeanFix.patch to fix regressions caused by security patches
+
+* Thu Jun 13 2013 Jiri Vanek <jvanek@redhat.com> - 1.7.0.25-2.3.10.1.el7
+- arm tarball updated to 2.1.9
+- build bumped to 25
+
+* Wed Jun 12 2013 Jiri Vanek <jvanek@redhat.com> - 1.7.0.19-2.3.10.0.el7
+- fixed RH972717 by enabling patch110 java-1.7.0-openjdk-nss-icedtea-e9c857dcb964.patch
+- temporarly swithced to intree lcms as it have security fixes (patch 500)
+ - added GENSRCDIR="$PWD/generated.build" to be able to
+ - removed (build)requires lcms2(-devel)
+- Updated to latest IcedTea7-forest 2.3.10
+
+* Wed Jun 05 2013 Jiri Vanek <jvanek@redhat.com> - 1.7.0.19-2.3.9.14.fc19
+- Added client/server directories so they can be owned
+- Renamed patch 107 to 200
+- Added nss support from 6.5
+- Added fix for RH857717, owned /etc/.java/ and /etc/.java/.systemPrefs
+- Removed ant-nodeps, should not be needed
+
+* Tue May 28 2013 Jiri Vanek <jvanek@redhat.com> - 1.7.0.19-2.3.9.13.el7
+- javadoc put into fully versioned directory, but without arch (to be kept noarch)
+ - uniquejavadocdir
+- updated to latest 2.3.9 tarball - fixing the rhbz#967436
+
+* Mon May 27 2013 Omair Majid <omajid@redhat.com> - 1.7.0.19-2.3.9.12.el7
+- Allowed multiple OpenJDKs to be installed in parallel
+- Removed archname
+- Added arch to all, not only multilib arches
+- uniquesuffix is now holding fully versioned name
+- Intorduced source11 remove-buildids.sh
+
+* Fri May 17 2013 Omair Majid <omajid@redhat.com> - 1.7.0.19-2.3.9.12.el7
+- Replace %%{name} with %%{uniquesuffix} where it's used as a unique suffix.
+
+* Thu May 16 2013 Jiri Vanek <jvanek@redhat.com>
+- added variable arm_arches as restriction to some cases of not jit_arches
+
+* Tue May 14 2013 Jiri Vanek <jvanek@redhat.com>
+- patch402 gstackbounds.patch applied only to jit arches
+- patch403 PStack-808293.patch likewise
+
+* Mon May 13 2013 Jiri Vanek <jvanek@redhat.com>
+- initial, not buildable, sync with f19