rpms / java-1.8.0-openjdk

Clone
Source Code
GIT

Blame SOURCES/pr2974-rh1337583-add_systemlineendings_option_to_keytool_and_use_line_separator_instead_of_crlf_in_pkcs10.patch

c7 c7-alt c7-armhfp c7-beta c8 c8-beta c8-containeronly-stream-flatpak c8s c9 c9-beta
  1.   66549da75ffd1c99f5a79da97057fc9dffc7ff42
  2.   SOURCES
  3.   pr2974-rh1337583-add_systemlineendings_option_to_keytool_and_use_line_separator_instead_of_crlf_in_pkcs10.patch
Blob History Raw
4ca1da 
# HG changeset patch
4ca1da 
# User andrew
4ca1da 
# Date 1464316115 -3600
4ca1da 
#      Fri May 27 03:28:35 2016 +0100
4ca1da 
# Node ID 794541fbbdc323f7da8a5cee75611f977eee66ee
4ca1da 
# Parent  0be28a33e12dfc9ae1e4be381530643f691d351a
4ca1da 
PR2974: PKCS#10 certificate requests now use CRLF line endings rather than system line endings
4ca1da 
Summary: Add -systemlineendings option to keytool to allow system line endings to be used again.
4ca1da
d92b92 
diff --git openjdk.orig/jdk/src/share/classes/sun/security/pkcs10/PKCS10.java openjdk/jdk/src/share/classes/sun/security/pkcs10/PKCS10.java
d92b92 
--- openjdk.orig/jdk/src/share/classes/sun/security/pkcs10/PKCS10.java
4ca1da 
+++ openjdk/jdk/src/share/classes/sun/security/pkcs10/PKCS10.java
d92b92 
@@ -35,6 +35,7 @@
4ca1da
4ca1da 
 import java.util.Base64;
4ca1da
4ca1da 
+import sun.security.action.GetPropertyAction;
4ca1da 
 import sun.security.util.*;
4ca1da 
 import sun.security.x509.AlgorithmId;
4ca1da 
 import sun.security.x509.X509Key;
d92b92 
@@ -74,6 +75,14 @@
4ca1da 
  * @author Hemma Prafullchandra
4ca1da 
  */
4ca1da 
 public class PKCS10 {
4ca1da 
+
4ca1da 
+    private static final byte[] sysLineEndings;
4ca1da 
+
4ca1da 
+    static {
4ca1da 
+        sysLineEndings =
4ca1da 
+	    AccessController.doPrivileged(new GetPropertyAction("line.separator")).getBytes();
4ca1da 
+    }
4ca1da 
+
4ca1da 
     /**
4ca1da 
      * Constructs an unsigned PKCS #10 certificate request.  Before this
4ca1da 
      * request may be used, it must be encoded and signed.  Then it
d92b92 
@@ -303,13 +312,39 @@
4ca1da 
      */
4ca1da 
     public void print(PrintStream out)
4ca1da 
     throws IOException, SignatureException {
4ca1da 
+        print(out, false);
4ca1da 
+    }
4ca1da 
+
4ca1da 
+    /**
4ca1da 
+     * Prints an E-Mailable version of the certificate request on the print
4ca1da 
+     * stream passed.  The format is a common base64 encoded one, supported
4ca1da 
+     * by most Certificate Authorities because Netscape web servers have
4ca1da 
+     * used this for some time.  Some certificate authorities expect some
4ca1da 
+     * more information, in particular contact information for the web
4ca1da 
+     * server administrator.
4ca1da 
+     *
4ca1da 
+     * @param out the print stream where the certificate request
4ca1da 
+     *  will be printed.
4ca1da 
+     * @param systemLineEndings true if the request should be terminated
4ca1da 
+     *  using the system line endings.
4ca1da 
+     * @exception IOException when an output operation failed
4ca1da 
+     * @exception SignatureException when the certificate request was
4ca1da 
+     *  not yet signed.
4ca1da 
+     */
4ca1da 
+    public void print(PrintStream out, boolean systemLineEndings)
4ca1da 
+    throws IOException, SignatureException {
4ca1da 
+        byte[] lineEndings;
4ca1da 
+
4ca1da 
         if (encoded == null)
4ca1da 
             throw new SignatureException("Cert request was not signed");
4ca1da
4ca1da 
+        if (systemLineEndings)
4ca1da 
+            lineEndings = sysLineEndings;
4ca1da 
+        else
4ca1da 
+            lineEndings = new byte[] {'\r', '\n'}; // CRLF
4ca1da
4ca1da 
-        byte[] CRLF = new byte[] {'\r', '\n'};
4ca1da 
         out.println("-----BEGIN NEW CERTIFICATE REQUEST-----");
4ca1da 
-        out.println(Base64.getMimeEncoder(64, CRLF).encodeToString(encoded));
4ca1da 
+        out.println(Base64.getMimeEncoder(64, lineEndings).encodeToString(encoded));
4ca1da 
         out.println("-----END NEW CERTIFICATE REQUEST-----");
4ca1da 
     }
4ca1da
d92b92 
diff --git openjdk.orig/jdk/src/share/classes/sun/security/tools/keytool/Main.java openjdk/jdk/src/share/classes/sun/security/tools/keytool/Main.java
d92b92 
--- openjdk.orig/jdk/src/share/classes/sun/security/tools/keytool/Main.java
4ca1da 
+++ openjdk/jdk/src/share/classes/sun/security/tools/keytool/Main.java
d92b92 
@@ -126,6 +126,7 @@
4ca1da 
     private String infilename = null;
4ca1da 
     private String outfilename = null;
4ca1da 
     private String srcksfname = null;
4ca1da 
+    private boolean systemLineEndings = false;
4ca1da
4ca1da 
     // User-specified providers are added before any command is called.
4ca1da 
     // However, they are not removed before the end of the main() method.
d92b92 
@@ -188,7 +189,7 @@
4ca1da 
         CERTREQ("Generates.a.certificate.request",
4ca1da 
             ALIAS, SIGALG, FILEOUT, KEYPASS, KEYSTORE, DNAME,
4ca1da 
             STOREPASS, STORETYPE, PROVIDERNAME, PROVIDERCLASS,
4ca1da 
-            PROVIDERARG, PROVIDERPATH, V, PROTECTED),
4ca1da 
+            PROVIDERARG, PROVIDERPATH, SYSTEMLINEENDINGS, V, PROTECTED),
4ca1da 
         CHANGEALIAS("Changes.an.entry.s.alias",
4ca1da 
             ALIAS, DESTALIAS, KEYPASS, KEYSTORE, STOREPASS,
4ca1da 
             STORETYPE, PROVIDERNAME, PROVIDERCLASS, PROVIDERARG,
d92b92 
@@ -321,6 +322,7 @@
4ca1da 
         STARTDATE("startdate", "<startdate>", "certificate.validity.start.date.time"),
4ca1da 
         STOREPASS("storepass", "<arg>", "keystore.password"),
4ca1da 
         STORETYPE("storetype", "<storetype>", "keystore.type"),
4ca1da 
+        SYSTEMLINEENDINGS("systemlineendings", null, "system.line.endings"),
4ca1da 
         TRUSTCACERTS("trustcacerts", null, "trust.certificates.from.cacerts"),
4ca1da 
         V("v", null, "verbose.output"),
4ca1da 
         VALIDITY("validity", "<valDays>", "validity.number.of.days");
d92b92 
@@ -561,6 +563,8 @@
4ca1da 
                 protectedPath = true;
4ca1da 
             } else if (collator.compare(flags, "-srcprotected") == 0) {
4ca1da 
                 srcprotectedPath = true;
4ca1da 
+            } else if (collator.compare(flags, "-systemlineendings") == 0) {
4ca1da 
+                systemLineEndings = true;
4ca1da 
             } else  {
4ca1da 
                 System.err.println(rb.getString("Illegal.option.") + flags);
4ca1da 
                 tinyHelp();
d92b92 
@@ -1464,7 +1468,7 @@
4ca1da
4ca1da 
         // Sign the request and base-64 encode it
4ca1da 
         request.encodeAndSign(subject, signature);
4ca1da 
-        request.print(out);
4ca1da 
+        request.print(out, systemLineEndings);
4ca1da
4ca1da 
         checkWeak(rb.getString("the.generated.certificate.request"), request);
4ca1da 
     }
d92b92 
@@ -4544,4 +4548,3 @@
4ca1da 
         return new Pair<>(a,b);
4ca1da 
     }
4ca1da 
 }
4ca1da 
-
d92b92 
diff --git openjdk.orig/jdk/src/share/classes/sun/security/tools/keytool/Resources.java openjdk/jdk/src/share/classes/sun/security/tools/keytool/Resources.java
d92b92 
--- openjdk.orig/jdk/src/share/classes/sun/security/tools/keytool/Resources.java
4ca1da 
+++ openjdk/jdk/src/share/classes/sun/security/tools/keytool/Resources.java
4ca1da 
@@ -168,6 +168,8 @@
4ca1da 
                 "keystore password"}, //-storepass
4ca1da 
         {"keystore.type",
4ca1da 
                 "keystore type"}, //-storetype
4ca1da 
+	{"system.line.endings",
4ca1da 
+	        "use system line endings rather than CRLF to terminate output"}, //-systemlineendings
4ca1da 
         {"trust.certificates.from.cacerts",
4ca1da 
                 "trust certificates from cacerts"}, //-trustcacerts
4ca1da 
         {"verbose.output",

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation