rpms / java-11-openjdk

Clone
Source Code
GIT

Blame SOURCES/RHBZ-1249083-system-crypto-policy-PR3183.patch

c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta c9-containeronly-stream-flatpak
  1.   fdc7ab97e8c0f308956b05bbd3a75582e0bae3d2
  2.   SOURCES
  3.   RHBZ-1249083-system-crypto-policy-PR3183.patch
Blob History Raw
dba1cf
dba1cf 
# HG changeset patch
dba1cf 
# User andrew
dba1cf 
# Date 1478057514 0
dba1cf 
# Node ID 1c4d5cb2096ae55106111da200b0bcad304f650c
dba1cf 
# Parent  3d53f19b48384e5252f4ec8891f7a3a82d77af2a
dba1cf 
PR3183: Support Fedora/RHEL system crypto policy
dba1cf 
diff -r 3d53f19b4838 -r 1c4d5cb2096a src/java.base/share/classes/java/security/Security.java
dba1cf 
--- a/src/java.base/share/classes/java/security/Security.java	Wed Oct 26 03:51:39 2016 +0100
dba1cf 
+++ b/src/java.base/share/classes/java/security/Security.java	Wed Nov 02 03:31:54 2016 +0000
dba1cf 
@@ -43,6 +43,9 @@
dba1cf 
  * implementation-specific location, which is typically the properties file
dba1cf 
  * {@code conf/security/java.security} in the Java installation directory.
dba1cf 
  *
dba1cf 
+ * 
Additional default values of security properties are read from a
dba1cf 
+ * system-specific location, if available.
dba1cf 
+ *
dba1cf 
  * @author Benjamin Renaud
dba1cf 
  * @since 1.1
dba1cf 
  */
dba1cf 
@@ -52,6 +55,10 @@
dba1cf 
     private static final Debug sdebug =
dba1cf 
                         Debug.getInstance("properties");
dba1cf
dba1cf 
+    /* System property file*/
dba1cf 
+    private static final String SYSTEM_PROPERTIES =
dba1cf 
+        "/etc/crypto-policies/back-ends/java.config";
dba1cf 
+
dba1cf 
     /* The java.security properties */
dba1cf 
     private static Properties props;
dba1cf
dba1cf 
@@ -93,6 +100,7 @@
dba1cf 
                 if (sdebug != null) {
dba1cf 
                     sdebug.println("reading security properties file: " +
dba1cf 
                                 propFile);
dba1cf 
+                    sdebug.println(props.toString());
dba1cf 
                 }
dba1cf 
             } catch (IOException e) {
dba1cf 
                 if (sdebug != null) {
dba1cf 
@@ -114,6 +122,31 @@
dba1cf 
         }
dba1cf
dba1cf 
         if ("true".equalsIgnoreCase(props.getProperty
dba1cf 
+                ("security.useSystemPropertiesFile"))) {
dba1cf 
+
dba1cf 
+            // now load the system file, if it exists, so its values
dba1cf 
+            // will win if they conflict with the earlier values
dba1cf 
+            try (BufferedInputStream bis =
dba1cf 
+                 new BufferedInputStream(new FileInputStream(SYSTEM_PROPERTIES))) {
dba1cf 
+                props.load(bis);
dba1cf 
+                loadedProps = true;
dba1cf 
+
dba1cf 
+                if (sdebug != null) {
dba1cf 
+                    sdebug.println("reading system security properties file " +
dba1cf 
+                                   SYSTEM_PROPERTIES);
dba1cf 
+                    sdebug.println(props.toString());
dba1cf 
+                }
dba1cf 
+            } catch (IOException e) {
dba1cf 
+                if (sdebug != null) {
dba1cf 
+                    sdebug.println
dba1cf 
+                        ("unable to load security properties from " +
dba1cf 
+                         SYSTEM_PROPERTIES);
dba1cf 
+                    e.printStackTrace();
dba1cf 
+                }
dba1cf 
+            }
dba1cf 
+        }
dba1cf 
+
dba1cf 
+        if ("true".equalsIgnoreCase(props.getProperty
dba1cf 
                 ("security.overridePropertiesFile"))) {
dba1cf
dba1cf 
             String extraPropFile = System.getProperty
dba1cf 
diff -r 3d53f19b4838 -r 1c4d5cb2096a src/java.base/share/conf/security/java.security
dba1cf 
--- a/src/java.base/share/conf/security/java.security	Wed Oct 26 03:51:39 2016 +0100
dba1cf 
+++ b/src/java.base/share/conf/security/java.security	Wed Nov 02 03:31:54 2016 +0000
dba1cf 
@@ -276,6 +276,13 @@
dba1cf 
 security.overridePropertiesFile=true
dba1cf
dba1cf 
 #
dba1cf 
+# Determines whether this properties file will be appended to
dba1cf 
+# using the system properties file stored at
dba1cf 
+# /etc/crypto-policies/back-ends/java.config
dba1cf 
+#
dba1cf 
+security.useSystemPropertiesFile=true
dba1cf 
+
dba1cf 
+#
dba1cf 
 # Determines the default key and trust manager factory algorithms for
dba1cf 
 # the javax.net.ssl package.
dba1cf 
 #

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation