diff --git a/.gitignore b/.gitignore index 104039c..d48532f 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,4 @@ SOURCES/class-rewriter.tar.gz -SOURCES/openjdk-icedtea-2.6.12.tar.xz +SOURCES/openjdk-icedtea-2.6.13.tar.xz SOURCES/pulseaudio.tar.gz SOURCES/systemtap-tapset-2.6.12.tar.xz diff --git a/.java-1.7.0-openjdk.metadata b/.java-1.7.0-openjdk.metadata index 675dcd3..47d6837 100644 --- a/.java-1.7.0-openjdk.metadata +++ b/.java-1.7.0-openjdk.metadata @@ -1,4 +1,4 @@ fcc167de17354efb6e52cb387eb3e7dbb0316b53 SOURCES/class-rewriter.tar.gz -07ebb5c43a7a1214312b2cbeab38fc3d09e63fd9 SOURCES/openjdk-icedtea-2.6.12.tar.xz +924f474065a61e5bf5b026dba47565a6ca70bbdd SOURCES/openjdk-icedtea-2.6.13.tar.xz fb72b6b1f4735ad9b5799d0b5058b0b1dec67b17 SOURCES/pulseaudio.tar.gz 5ea75731a73ec4766b00024c1803d1f86c0af090 SOURCES/systemtap-tapset-2.6.12.tar.xz diff --git a/SOURCES/8197981.patch b/SOURCES/8197981.patch new file mode 100644 index 0000000..e0aab7b --- /dev/null +++ b/SOURCES/8197981.patch @@ -0,0 +1,32 @@ +# HG changeset patch +# User andrew +# Date 1518667645 0 +# Thu Feb 15 04:07:25 2018 +0000 +# Node ID ce3abb5889fb01808cab7489e83c1dc448743b70 +# Parent ad6e76e3c6a67082d22cadf07549b5dfdae2e4a5 +8197981: Missing return statement in __sync_val_compare_and_swap_8 +Summary: Fix issue discovered by -Wreturn-type on systems without LP64. +Reviewed-by: aph + +diff --git a/src/os_cpu/bsd_zero/vm/os_bsd_zero.cpp b/src/os_cpu/bsd_zero/vm/os_bsd_zero.cpp +--- openjdk/hotspot/src/os_cpu/bsd_zero/vm/os_bsd_zero.cpp ++++ openjdk/hotspot/src/os_cpu/bsd_zero/vm/os_bsd_zero.cpp +@@ -548,6 +548,7 @@ + long long unsigned int oldval, + long long unsigned int newval) { + ShouldNotCallThis(); ++ return 0; + } + }; + #endif // !_LP64 +diff --git a/src/os_cpu/linux_zero/vm/os_linux_zero.cpp b/src/os_cpu/linux_zero/vm/os_linux_zero.cpp +--- openjdk/hotspot/src/os_cpu/linux_zero/vm/os_linux_zero.cpp ++++ openjdk/hotspot/src/os_cpu/linux_zero/vm/os_linux_zero.cpp +@@ -504,6 +504,7 @@ + long long unsigned int oldval, + long long unsigned int newval) { + ShouldNotCallThis(); ++ return 0; + } + }; + #endif // !_LP64 diff --git a/SOURCES/java-1.7.0-openjdk-java-access-bridge-security.patch b/SOURCES/java-1.7.0-openjdk-java-access-bridge-security.patch index 7c13bfb..bd59cad 100644 --- a/SOURCES/java-1.7.0-openjdk-java-access-bridge-security.patch +++ b/SOURCES/java-1.7.0-openjdk-java-access-bridge-security.patch @@ -1,18 +1,18 @@ diff --git a/src/share/lib/security/java.security-linux b/src/share/lib/security/java.security-linux --- openjdk/jdk/src/share/lib/security/java.security-linux +++ openjdk/jdk/src/share/lib/security/java.security-linux -@@ -158,6 +158,8 @@ - com.sun.org.apache.xml.internal.utils.,\ +@@ -168,6 +168,8 @@ com.sun.org.glassfish.,\ + jdk.xml.internal.,\ oracle.jrockit.jfr.,\ + org.GNOME.Accessibility.,\ + org.GNOME.Bonobo.,\ org.jcp.xml.dsig.internal. # # List of comma-separated packages that start with or equal this string -@@ -200,6 +202,8 @@ - com.sun.org.apache.xml.internal.utils.,\ +@@ -211,6 +213,8 @@ com.sun.org.glassfish.,\ + jdk.xml.internal.,\ oracle.jrockit.jfr.,\ + org.GNOME.Accessibility.,\ + org.GNOME.Bonobo.,\ diff --git a/SOURCES/pr2809.patch b/SOURCES/pr2809.patch index d0f0b02..73f3a5b 100644 --- a/SOURCES/pr2809.patch +++ b/SOURCES/pr2809.patch @@ -10,49 +10,49 @@ Reviewed-by: wetmore diff --git a/src/share/lib/security/java.security-linux b/src/share/lib/security/java.security-linux --- openjdk/jdk/src/share/lib/security/java.security-linux +++ openjdk/jdk/src/share/lib/security/java.security-linux -@@ -501,7 +501,7 @@ +@@ -556,7 +556,7 @@ # # Example: # jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048 --jdk.tls.disabledAlgorithms=SSLv3, MD5withRSA, DH keySize < 768, \ -+jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768, \ - EC keySize < 224 +-jdk.tls.disabledAlgorithms=SSLv3, MD5withRSA, DH keySize < 1024, \ ++jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \ + EC keySize < 224, DES40_CBC, RC4_40 # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS) diff --git a/src/share/lib/security/java.security-macosx b/src/share/lib/security/java.security-macosx --- openjdk/jdk/src/share/lib/security/java.security-macosx +++ openjdk/jdk/src/share/lib/security/java.security-macosx -@@ -506,7 +506,7 @@ +@@ -561,7 +561,7 @@ # # Example: # jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048 --jdk.tls.disabledAlgorithms=SSLv3, MD5withRSA, DH keySize < 768, \ -+jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768, \ - EC keySize < 224 +-jdk.tls.disabledAlgorithms=SSLv3, MD5withRSA, DH keySize < 1024, \ ++jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \ + EC keySize < 224, DES40_CBC, RC4_40 # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS) diff --git a/src/share/lib/security/java.security-solaris b/src/share/lib/security/java.security-solaris --- openjdk/jdk/src/share/lib/security/java.security-solaris +++ openjdk/jdk/src/share/lib/security/java.security-solaris -@@ -505,7 +505,7 @@ +@@ -560,7 +560,7 @@ # # Example: # jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048 --jdk.tls.disabledAlgorithms=SSLv3, MD5withRSA, DH keySize < 768, \ -+jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768, \ - EC keySize < 224 +-jdk.tls.disabledAlgorithms=SSLv3, MD5withRSA, DH keySize < 1024, \ ++jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \ + EC keySize < 224, DES40_CBC, RC4_40 # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS) diff --git a/src/share/lib/security/java.security-windows b/src/share/lib/security/java.security-windows --- openjdk/jdk/src/share/lib/security/java.security-windows +++ openjdk/jdk/src/share/lib/security/java.security-windows -@@ -506,7 +506,7 @@ +@@ -561,7 +561,7 @@ # # Example: # jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048 --jdk.tls.disabledAlgorithms=SSLv3, MD5withRSA, DH keySize < 768, \ -+jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768, \ - EC keySize < 224 +-jdk.tls.disabledAlgorithms=SSLv3, MD5withRSA, DH keySize < 1024, \ ++jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \ + EC keySize < 224, DES40_CBC, RC4_40 # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS) diff --git a/test/javax/net/ssl/ciphersuites/DisabledAlgorithms.java b/test/javax/net/ssl/ciphersuites/DisabledAlgorithms.java diff --git a/SOURCES/pr3393-rh1273760.patch b/SOURCES/pr3393-rh1273760.patch index 15442f1..cb0764a 100644 --- a/SOURCES/pr3393-rh1273760.patch +++ b/SOURCES/pr3393-rh1273760.patch @@ -204,3 +204,17 @@ diff --git a/src/share/classes/sun/security/pkcs11/wrapper/PKCS11Constants.java // new for v2.20 amendment 3 public static final long CKG_MGF1_SHA224 = 0x00000005L; +diff --git a/src/share/classes/sun/security/pkcs11/Token.java b/src/share/classes/sun/security/pkcs11/Token.java +--- openjdk/jdk/src/share/classes/sun/security/pkcs11/Token.java ++++ openjdk/jdk/src/share/classes/sun/security/pkcs11/Token.java +@@ -377,6 +377,10 @@ + return keyStore; + } + ++ CK_MECHANISM_INFO getMechanismInfo(CK_MECHANISM mechanism) throws PKCS11Exception { ++ return getMechanismInfo(mechanism.mechanism); ++ } ++ + CK_MECHANISM_INFO getMechanismInfo(long mechanism) throws PKCS11Exception { + CK_MECHANISM_INFO result = mechInfoMap.get(mechanism); + if (result == null) { diff --git a/SOURCES/pr3497.patch b/SOURCES/pr3497.patch deleted file mode 100644 index 540ae00..0000000 --- a/SOURCES/pr3497.patch +++ /dev/null @@ -1,24 +0,0 @@ -# HG changeset patch -# User andrew -# Date 1511841133 0 -# Tue Nov 28 03:52:13 2017 +0000 -# Node ID bccc53c13c22acbc87a3829830ffb736d8c18bab -# Parent 24d492352bf29b67576fab7d46d86e6c698498f9 -PR3497: AArch64: Adapt to 8002074: Support for AES on SPARC - -diff --git a/src/cpu/aarch64/vm/aarch64.ad b/src/cpu/aarch64/vm/aarch64.ad ---- openjdk/hotspot/src/cpu/aarch64/vm/aarch64.ad -+++ openjdk/hotspot/src/cpu/aarch64/vm/aarch64.ad -@@ -1590,6 +1590,12 @@ - return Op_RegL; - } - -+// AArch64 AES instructions are compatible with SunJCE expanded -+// keys, hence we do not need to pass the original key to stubs -+const bool Matcher::pass_original_key_for_aes() { -+ return false; -+} -+ - // x86 supports misaligned vectors store/load. - const bool Matcher::misaligned_vectors_ok() { - // TODO fixme diff --git a/SOURCES/rh1022017.patch b/SOURCES/rh1022017.patch index 4983884..8165340 100644 --- a/SOURCES/rh1022017.patch +++ b/SOURCES/rh1022017.patch @@ -1,6 +1,6 @@ -diff --git a/src/share/classes/sun/security/ssl/SupportedEllipticCurvesExtension.java b/src/share/classes/sun/security/ssl/SupportedEllipticCurvesExtension.java ---- openjdk/jdk/src/share/classes/sun/security/ssl/SupportedEllipticCurvesExtension.java -+++ openjdk/jdk/src/share/classes/sun/security/ssl/SupportedEllipticCurvesExtension.java +diff --git a/src/share/classes/sun/security/ssl/EllipticCurvesExtension.java b/src/share/classes/sun/security/ssl/EllipticCurvesExtension.java +--- openjdk/jdk/src/share/classes/sun/security/ssl/EllipticCurvesExtension.java ++++ openjdk/jdk/src/share/classes/sun/security/ssl/EllipticCurvesExtension.java @@ -168,20 +168,10 @@ "contains no supported elliptic curves"); } diff --git a/SPECS/java-1.7.0-openjdk.spec b/SPECS/java-1.7.0-openjdk.spec index 9cf4d13..9e25745 100644 --- a/SPECS/java-1.7.0-openjdk.spec +++ b/SPECS/java-1.7.0-openjdk.spec @@ -5,7 +5,7 @@ # conflicting) files in the -debuginfo package %undefine _missing_build_ids_terminate_build -%global icedtea_version 2.6.12 +%global icedtea_version 2.6.13 %global hg_tag icedtea-{icedtea_version} %global aarch64 aarch64 arm64 armv8 @@ -154,8 +154,8 @@ # Standard JPackage naming and versioning defines. %global origin openjdk -%global updatever 161 -%global buildver 00 +%global updatever 171 +%global buildver 01 # Keep priority on 7digits in case updatever>9 %global priority 1700%{updatever} %global javaver 1.7.0 @@ -304,8 +304,8 @@ Patch400: rh1022017.patch Patch500: pr2809.patch # PR3393, RH1273760: Support using RSAandMGF1 with the SHA hash algorithms in the PKCS11 provider (will appear in 2.7.0) Patch501: pr3393-rh1273760.patch -# PR3497: AArch64: Adapt to 8002074: Support for AES on SPARC -Patch502: pr3497.patch +# 8197981: Missing return statement in __sync_val_compare_and_swap_8 +Patch502: 8197981.patch # End of tmp patches @@ -1469,6 +1469,26 @@ exit 0 %{_jvmdir}/%{jredir}/lib/accessibility.properties %changelog +* Thu Feb 15 2018 Andrew Hughes - 1:1.7.0.171-2.6.13.0 +- Fix missing return statement in src/os_cpu/linux_zero/vm/os_linux_zero.cpp (non-LP64 only) +- Resolves: rhbz#1528233 + +* Thu Feb 15 2018 Andrew Hughes - 1:1.7.0.171-2.6.13.0 +- Update to new tarball with AArch64 return value fixes, dropping local patch. +- Resolves: rhbz#1528233 + +* Wed Feb 14 2018 Andrew Hughes - 1:1.7.0.171-2.6.13.0 +- Extend pr3393-rh1273760.patch so Token.getMechanismInfo can handle CK_MECHANISM +- Resolves: rhbz#1528233 + +* Tue Feb 13 2018 Andrew Hughes - 1:1.7.0.171-2.6.13.0 +- Bump to 2.6.13 and u171b01. +- Update java-1.7.0-openjdk-java-access-bridge-security.patch to apply after 8186080 +- Drop PR3497 AArch64 patch now applied upstream. +- Update RC4 patch (8076221/PR2809) to apply after 8148108 (DH lower limit increase) +- Fix file path in rh1022017.patch. +- Resolves: rhbz#1528233 + * Tue Nov 28 2017 Andrew Hughes - 1:1.7.0.161-2.6.12.0 - Remove superfluous %%1 from policy JAR file path. - Resolves: rhbz#1499207