Blame SOURCES/pr3655-toggle_system_crypto_policy.patch

4ca1da
# HG changeset patch
4ca1da
# User andrew
4ca1da
# Date 1545198926 0
4ca1da
#      Wed Dec 19 05:55:26 2018 +0000
4ca1da
# Node ID f2cbd688824c128db7fa848c8732fb0ab3507776
4ca1da
# Parent  81f07f6d1f8b7b51b136d3974c61bc8bb513770c
4ca1da
PR3655: Allow use of system crypto policy to be disabled by the user
4ca1da
Summary: Read user overrides first so security.useSystemPropertiesFile can be disabled and add -Djava.security.disableSystemPropertiesFile
4ca1da
4ca1da
diff --git a/src/share/classes/javopenjdk.orig/jdk/security/Security.java openjdk/jdk/src/share/classes/java/security/Security.java
4ca1da
--- openjdk.orig/jdk/src/share/classes/java/security/Security.java
4ca1da
+++ openjdk/jdk/src/share/classes/java/security/Security.java
4ca1da
@@ -122,31 +122,6 @@
4ca1da
         }
4ca1da
 
4ca1da
         if ("true".equalsIgnoreCase(props.getProperty
4ca1da
-                ("security.useSystemPropertiesFile"))) {
4ca1da
-
4ca1da
-            // now load the system file, if it exists, so its values
4ca1da
-            // will win if they conflict with the earlier values
4ca1da
-            try (BufferedInputStream bis =
4ca1da
-                 new BufferedInputStream(new FileInputStream(SYSTEM_PROPERTIES))) {
4ca1da
-                props.load(bis);
4ca1da
-                loadedProps = true;
4ca1da
-
4ca1da
-                if (sdebug != null) {
4ca1da
-                    sdebug.println("reading system security properties file " +
4ca1da
-                                   SYSTEM_PROPERTIES);
4ca1da
-                    sdebug.println(props.toString());
4ca1da
-                }
4ca1da
-            } catch (IOException e) {
4ca1da
-                if (sdebug != null) {
4ca1da
-                    sdebug.println
4ca1da
-                        ("unable to load security properties from " +
4ca1da
-                         SYSTEM_PROPERTIES);
4ca1da
-                    e.printStackTrace();
4ca1da
-                }
4ca1da
-            }
4ca1da
-        }
4ca1da
-
4ca1da
-        if ("true".equalsIgnoreCase(props.getProperty
4ca1da
                 ("security.overridePropertiesFile"))) {
4ca1da
 
4ca1da
             String extraPropFile = System.getProperty
4ca1da
@@ -212,6 +187,33 @@
4ca1da
             }
4ca1da
         }
4ca1da
 
4ca1da
+        String disableSystemProps = System.getProperty("java.security.disableSystemPropertiesFile");
4ca1da
+        if (disableSystemProps == null &&
4ca1da
+            "true".equalsIgnoreCase(props.getProperty
4ca1da
+                ("security.useSystemPropertiesFile"))) {
4ca1da
+
4ca1da
+            // now load the system file, if it exists, so its values
4ca1da
+            // will win if they conflict with the earlier values
4ca1da
+            try (BufferedInputStream bis =
4ca1da
+                 new BufferedInputStream(new FileInputStream(SYSTEM_PROPERTIES))) {
4ca1da
+                props.load(bis);
4ca1da
+                loadedProps = true;
4ca1da
+
4ca1da
+                if (sdebug != null) {
4ca1da
+                    sdebug.println("reading system security properties file " +
4ca1da
+                                   SYSTEM_PROPERTIES);
4ca1da
+                    sdebug.println(props.toString());
4ca1da
+                }
4ca1da
+            } catch (IOException e) {
4ca1da
+                if (sdebug != null) {
4ca1da
+                    sdebug.println
4ca1da
+                        ("unable to load security properties from " +
4ca1da
+                         SYSTEM_PROPERTIES);
4ca1da
+                    e.printStackTrace();
4ca1da
+                }
4ca1da
+            }
4ca1da
+        }
4ca1da
+
4ca1da
         if (!loadedProps) {
4ca1da
             initializeStatic();
4ca1da
             if (sdebug != null) {