rpms / java-1.8.0-openjdk

Clone
Source Code
GIT

Blame SOURCES/pr2888.patch

c7 c7-alt c7-armhfp c7-beta c8 c8-beta c8-containeronly-stream-flatpak c8s c9 c9-beta
  1.   605045027f5fd8ca94380e4d6ea70ac163ef3f58
  2.   SOURCES
  3.   pr2888.patch
Blob History Raw
045ef6 
# HG changeset patch
045ef6 
# User andrew
045ef6 
# Date 1459487045 -3600
045ef6 
#      Fri Apr 01 06:04:05 2016 +0100
045ef6 
# Node ID 3334efeacd8327a14b7d2f392f4546e3c29c594b
045ef6 
# Parent  6b81fd2227d14226f2121f2d51b464536925686e
045ef6 
PR2888: OpenJDK should check for system cacerts database (e.g. /etc/pki/java/cacerts)
045ef6
045ef6 
diff --git a/src/share/classes/sun/security/ssl/TrustManagerFactoryImpl.java b/src/share/classes/sun/security/ssl/TrustManagerFactoryImpl.java
045ef6 
--- openjdk/jdk/src/share/classes/sun/security/ssl/TrustManagerFactoryImpl.java
045ef6 
+++ openjdk/jdk/src/share/classes/sun/security/ssl/TrustManagerFactoryImpl.java
045ef6 
@@ -174,15 +174,20 @@
045ef6 
                     storeFile = new File(storeFileName);
045ef6 
                     fis = getFileInputStream(storeFile);
045ef6 
                 } else {
045ef6 
-                    String javaHome = props.get("javaHome");
045ef6 
-                    storeFile = new File(javaHome + sep + "lib" + sep
045ef6 
-                                                    + "security" + sep +
045ef6 
-                                                    "jssecacerts");
045ef6 
+                    /* Check system cacerts DB first; /etc/pki/java/cacerts */
045ef6 
+                    storeFile = new File(sep + "etc" + sep + "pki" + sep
045ef6 
+                                         + "java" + sep + "cacerts");
045ef6 
                     if ((fis = getFileInputStream(storeFile)) == null) {
045ef6 
+                        String javaHome = props.get("javaHome");
045ef6 
                         storeFile = new File(javaHome + sep + "lib" + sep
045ef6 
-                                                    + "security" + sep +
045ef6 
-                                                    "cacerts");
045ef6 
-                        fis = getFileInputStream(storeFile);
045ef6 
+                                             + "security" + sep +
045ef6 
+                                             "jssecacerts");
045ef6 
+                        if ((fis = getFileInputStream(storeFile)) == null) {
045ef6 
+                            storeFile = new File(javaHome + sep + "lib" + sep
045ef6 
+                                                 + "security" + sep +
045ef6 
+                                                 "cacerts");
045ef6 
+                            fis = getFileInputStream(storeFile);
045ef6 
+                        }
045ef6 
                     }
045ef6 
                 }
045ef6
045ef6 
diff --git a/src/share/classes/sun/security/tools/KeyStoreUtil.java b/src/share/classes/sun/security/tools/KeyStoreUtil.java
045ef6 
--- openjdk/jdk/src/share/classes/sun/security/tools/KeyStoreUtil.java
045ef6 
+++ openjdk/jdk/src/share/classes/sun/security/tools/KeyStoreUtil.java
045ef6 
@@ -87,9 +87,14 @@
045ef6 
         throws Exception
045ef6 
     {
045ef6 
         String sep = File.separator;
045ef6 
-        File file = new File(System.getProperty("java.home") + sep
045ef6 
-                             + "lib" + sep + "security" + sep
045ef6 
-                             + "cacerts");
045ef6 
+        /* Check system cacerts DB first; /etc/pki/java/cacerts */
045ef6 
+        File file = new File(sep + "etc" + sep + "pki" + sep
045ef6 
+                             + "java" + sep + "cacerts");
045ef6 
+        if (!file.exists()) {
045ef6 
+            file = new File(System.getProperty("java.home") + sep
045ef6 
+                            + "lib" + sep + "security" + sep
045ef6 
+                            + "cacerts");
045ef6 
+        }
045ef6 
         if (!file.exists()) {
045ef6 
             return null;
045ef6 
         }

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation