Blame SOURCES/pr2974-rh1337583.patch

2296bf
# HG changeset patch
2296bf
# User andrew
2296bf
# Date 1464316115 -3600
2296bf
#      Fri May 27 03:28:35 2016 +0100
2296bf
# Node ID 794541fbbdc323f7da8a5cee75611f977eee66ee
2296bf
# Parent  0be28a33e12dfc9ae1e4be381530643f691d351a
2296bf
PR2974: PKCS#10 certificate requests now use CRLF line endings rather than system line endings
2296bf
Summary: Add -systemlineendings option to keytool to allow system line endings to be used again.
2296bf
8f84c8
diff -r 0be28a33e12d -r 794541fbbdc3 src/share/classes/sun/security/pkcs10/PKCS10.java
8f84c8
--- openjdk/jdk/src/share/classes/sun/security/pkcs10/PKCS10.java	Tue Dec 29 10:40:43 2015 -0500
8f84c8
+++ openjdk/jdk/src/share/classes/sun/security/pkcs10/PKCS10.java	Fri May 27 03:28:35 2016 +0100
2296bf
@@ -30,6 +30,7 @@
2296bf
 import java.io.IOException;
2296bf
 import java.math.BigInteger;
2296bf
 
2296bf
+import java.security.AccessController;
2296bf
 import java.security.cert.CertificateException;
2296bf
 import java.security.NoSuchAlgorithmException;
2296bf
 import java.security.InvalidKeyException;
2296bf
@@ -39,6 +40,7 @@
2296bf
 
2296bf
 import java.util.Base64;
2296bf
 
2296bf
+import sun.security.action.GetPropertyAction;
2296bf
 import sun.security.util.*;
2296bf
 import sun.security.x509.AlgorithmId;
2296bf
 import sun.security.x509.X509Key;
2296bf
@@ -76,6 +78,14 @@
2296bf
  * @author Hemma Prafullchandra
2296bf
  */
2296bf
 public class PKCS10 {
2296bf
+
2296bf
+    private static final byte[] sysLineEndings;
2296bf
+
2296bf
+    static {
2296bf
+        sysLineEndings =
2296bf
+	    AccessController.doPrivileged(new GetPropertyAction("line.separator")).getBytes();
2296bf
+    }
2296bf
+
2296bf
     /**
2296bf
      * Constructs an unsigned PKCS #10 certificate request.  Before this
2296bf
      * request may be used, it must be encoded and signed.  Then it
8f84c8
@@ -286,13 +296,39 @@
2296bf
      */
2296bf
     public void print(PrintStream out)
2296bf
     throws IOException, SignatureException {
2296bf
+        print(out, false);
2296bf
+    }
2296bf
+
2296bf
+    /**
2296bf
+     * Prints an E-Mailable version of the certificate request on the print
2296bf
+     * stream passed.  The format is a common base64 encoded one, supported
2296bf
+     * by most Certificate Authorities because Netscape web servers have
2296bf
+     * used this for some time.  Some certificate authorities expect some
2296bf
+     * more information, in particular contact information for the web
2296bf
+     * server administrator.
2296bf
+     *
2296bf
+     * @param out the print stream where the certificate request
2296bf
+     *  will be printed.
2296bf
+     * @param systemLineEndings true if the request should be terminated
2296bf
+     *  using the system line endings.
2296bf
+     * @exception IOException when an output operation failed
2296bf
+     * @exception SignatureException when the certificate request was
2296bf
+     *  not yet signed.
2296bf
+     */
2296bf
+    public void print(PrintStream out, boolean systemLineEndings)
2296bf
+    throws IOException, SignatureException {
2296bf
+        byte[] lineEndings;
2296bf
+
2296bf
         if (encoded == null)
2296bf
             throw new SignatureException("Cert request was not signed");
2296bf
 
2296bf
+        if (systemLineEndings)
2296bf
+            lineEndings = sysLineEndings;
2296bf
+        else
2296bf
+            lineEndings = new byte[] {'\r', '\n'}; // CRLF
2296bf
 
8f84c8
-        byte[] CRLF = new byte[] {'\r', '\n'};
2296bf
         out.println("-----BEGIN NEW CERTIFICATE REQUEST-----");
8f84c8
-        out.println(Base64.getMimeEncoder(64, CRLF).encodeToString(encoded));
8f84c8
+        out.println(Base64.getMimeEncoder(64, lineEndings).encodeToString(encoded));
2296bf
         out.println("-----END NEW CERTIFICATE REQUEST-----");
2296bf
     }
2296bf
 
8f84c8
diff -r 0be28a33e12d -r 794541fbbdc3 src/share/classes/sun/security/tools/keytool/Main.java
8f84c8
--- openjdk/jdk/src/share/classes/sun/security/tools/keytool/Main.java	Tue Dec 29 10:40:43 2015 -0500
8f84c8
+++ openjdk/jdk/src/share/classes/sun/security/tools/keytool/Main.java	Fri May 27 03:28:35 2016 +0100
8f84c8
@@ -117,6 +117,7 @@
2296bf
     private String infilename = null;
2296bf
     private String outfilename = null;
2296bf
     private String srcksfname = null;
2296bf
+    private boolean systemLineEndings = false;
2296bf
 
2296bf
     // User-specified providers are added before any command is called.
2296bf
     // However, they are not removed before the end of the main() method.
8f84c8
@@ -163,7 +164,7 @@
2296bf
         CERTREQ("Generates.a.certificate.request",
2296bf
             ALIAS, SIGALG, FILEOUT, KEYPASS, KEYSTORE, DNAME,
2296bf
             STOREPASS, STORETYPE, PROVIDERNAME, PROVIDERCLASS,
2296bf
-            PROVIDERARG, PROVIDERPATH, V, PROTECTED),
2296bf
+            PROVIDERARG, PROVIDERPATH, SYSTEMLINEENDINGS, V, PROTECTED),
2296bf
         CHANGEALIAS("Changes.an.entry.s.alias",
2296bf
             ALIAS, DESTALIAS, KEYPASS, KEYSTORE, STOREPASS,
2296bf
             STORETYPE, PROVIDERNAME, PROVIDERCLASS, PROVIDERARG,
8f84c8
@@ -296,6 +297,7 @@
2296bf
         STARTDATE("startdate", "<startdate>", "certificate.validity.start.date.time"),
2296bf
         STOREPASS("storepass", "<arg>", "keystore.password"),
2296bf
         STORETYPE("storetype", "<storetype>", "keystore.type"),
2296bf
+        SYSTEMLINEENDINGS("systemlineendings", null, "system.line.endings"),
2296bf
         TRUSTCACERTS("trustcacerts", null, "trust.certificates.from.cacerts"),
2296bf
         V("v", null, "verbose.output"),
2296bf
         VALIDITY("validity", "<valDays>", "validity.number.of.days");
8f84c8
@@ -537,6 +539,8 @@
2296bf
                 protectedPath = true;
2296bf
             } else if (collator.compare(flags, "-srcprotected") == 0) {
2296bf
                 srcprotectedPath = true;
2296bf
+            } else if (collator.compare(flags, "-systemlineendings") == 0) {
2296bf
+                systemLineEndings = true;
2296bf
             } else  {
2296bf
                 System.err.println(rb.getString("Illegal.option.") + flags);
2296bf
                 tinyHelp();
8f84c8
@@ -1335,7 +1339,7 @@
2296bf
 
2296bf
         // Sign the request and base-64 encode it
2296bf
         request.encodeAndSign(subject, signature);
2296bf
-        request.print(out);
2296bf
+        request.print(out, systemLineEndings);
2296bf
     }
2296bf
 
2296bf
     /**
8f84c8
@@ -4191,4 +4195,3 @@
2296bf
         return new Pair<>(a,b);
2296bf
     }
2296bf
 }
2296bf
-
8f84c8
diff -r 0be28a33e12d -r 794541fbbdc3 src/share/classes/sun/security/tools/keytool/Resources.java
8f84c8
--- openjdk/jdk/src/share/classes/sun/security/tools/keytool/Resources.java	Tue Dec 29 10:40:43 2015 -0500
8f84c8
+++ openjdk/jdk/src/share/classes/sun/security/tools/keytool/Resources.java	Fri May 27 03:28:35 2016 +0100
2296bf
@@ -168,6 +168,8 @@
2296bf
                 "keystore password"}, //-storepass
2296bf
         {"keystore.type",
2296bf
                 "keystore type"}, //-storetype
2296bf
+	{"system.line.endings",
2296bf
+	        "use system line endings rather than CRLF to terminate output"}, //-systemlineendings
2296bf
         {"trust.certificates.from.cacerts",
2296bf
                 "trust certificates from cacerts"}, //-trustcacerts
2296bf
         {"verbose.output",