Tree - rpms/java-11-openjdk - CentOS Git server

rpms / java-11-openjdk

Files

Commit: 003b91d87e583be4f9a1782c5654a28663a948b2

Blob Blame History Raw

 # HG changeset patch
# User andrew
# Date 1545198926 0
#      Wed Dec 19 05:55:26 2018 +0000
# Node ID f2cbd688824c128db7fa848c8732fb0ab3507776
# Parent  81f07f6d1f8b7b51b136d3974c61bc8bb513770c
PR3695: Allow use of system crypto policy to be disabled by the user
Summary: Read user overrides first so security.useSystemPropertiesFile can be disabled and add -Djava.security.disableSystemPropertiesFile
 
diff --git a/src/java.base/share/classes/java/security/Security.java b/src/java.base/share/classes/java/security/Security.java
--- a/src/java.base/share/classes/java/security/Security.java
+++ b/src/java.base/share/classes/java/security/Security.java
@@ -125,31 +125,6 @@
         }
 
         if ("true".equalsIgnoreCase(props.getProperty
-                ("security.useSystemPropertiesFile"))) {
-
-            // now load the system file, if it exists, so its values
-            // will win if they conflict with the earlier values
-            try (BufferedInputStream bis =
-                 new BufferedInputStream(new FileInputStream(SYSTEM_PROPERTIES))) {
-                props.load(bis);
-                loadedProps = true;
-
-                if (sdebug != null) {
-                    sdebug.println("reading system security properties file " +
-                                   SYSTEM_PROPERTIES);
-                    sdebug.println(props.toString());
-                }
-            } catch (IOException e) {
-                if (sdebug != null) {
-                    sdebug.println
-                        ("unable to load security properties from " +
-                         SYSTEM_PROPERTIES);
-                    e.printStackTrace();
-                }
-            }
-        }
-
-        if ("true".equalsIgnoreCase(props.getProperty
                 ("security.overridePropertiesFile"))) {
 
             String extraPropFile = System.getProperty
@@ -215,6 +190,33 @@
             }
         }
 
+        String disableSystemProps = System.getProperty("java.security.disableSystemPropertiesFile");
+        if (disableSystemProps == null &&
+            "true".equalsIgnoreCase(props.getProperty
+                ("security.useSystemPropertiesFile"))) {
+
+            // now load the system file, if it exists, so its values
+            // will win if they conflict with the earlier values
+            try (BufferedInputStream bis =
+                 new BufferedInputStream(new FileInputStream(SYSTEM_PROPERTIES))) {
+                props.load(bis);
+                loadedProps = true;
+
+                if (sdebug != null) {
+                    sdebug.println("reading system security properties file " +
+                                   SYSTEM_PROPERTIES);
+                    sdebug.println(props.toString());
+                }
+            } catch (IOException e) {
+                if (sdebug != null) {
+                    sdebug.println
+                        ("unable to load security properties from " +
+                         SYSTEM_PROPERTIES);
+                    e.printStackTrace();
+                }
+            }
+        }
+
         if (!loadedProps) {
             initializeStatic();
             if (sdebug != null) {

	# HG changeset patch
	# User andrew
	# Date 1545198926 0
	# Wed Dec 19 05:55:26 2018 +0000
	# Node ID f2cbd688824c128db7fa848c8732fb0ab3507776
	# Parent 81f07f6d1f8b7b51b136d3974c61bc8bb513770c
	PR3695: Allow use of system crypto policy to be disabled by the user
	Summary: Read user overrides first so security.useSystemPropertiesFile can be disabled and add -Djava.security.disableSystemPropertiesFile

	diff --git a/src/java.base/share/classes/java/security/Security.java b/src/java.base/share/classes/java/security/Security.java
	--- a/src/java.base/share/classes/java/security/Security.java
	+++ b/src/java.base/share/classes/java/security/Security.java
	@@ -125,31 +125,6 @@
	}

	if ("true".equalsIgnoreCase(props.getProperty
	- ("security.useSystemPropertiesFile"))) {
	-
	- // now load the system file, if it exists, so its values
	- // will win if they conflict with the earlier values
	- try (BufferedInputStream bis =
	- new BufferedInputStream(new FileInputStream(SYSTEM_PROPERTIES))) {
	- props.load(bis);
	- loadedProps = true;
	-
	- if (sdebug != null) {
	- sdebug.println("reading system security properties file " +
	- SYSTEM_PROPERTIES);
	- sdebug.println(props.toString());
	- }
	- } catch (IOException e) {
	- if (sdebug != null) {
	- sdebug.println
	- ("unable to load security properties from " +
	- SYSTEM_PROPERTIES);
	- e.printStackTrace();
	- }
	- }
	- }
	-
	- if ("true".equalsIgnoreCase(props.getProperty
	("security.overridePropertiesFile"))) {

	String extraPropFile = System.getProperty
	@@ -215,6 +190,33 @@
	}
	}

	+ String disableSystemProps = System.getProperty("java.security.disableSystemPropertiesFile");
	+ if (disableSystemProps == null &&
	+ "true".equalsIgnoreCase(props.getProperty
	+ ("security.useSystemPropertiesFile"))) {
	+
	+ // now load the system file, if it exists, so its values
	+ // will win if they conflict with the earlier values
	+ try (BufferedInputStream bis =
	+ new BufferedInputStream(new FileInputStream(SYSTEM_PROPERTIES))) {
	+ props.load(bis);
	+ loadedProps = true;
	+
	+ if (sdebug != null) {
	+ sdebug.println("reading system security properties file " +
	+ SYSTEM_PROPERTIES);
	+ sdebug.println(props.toString());
	+ }
	+ } catch (IOException e) {
	+ if (sdebug != null) {
	+ sdebug.println
	+ ("unable to load security properties from " +
	+ SYSTEM_PROPERTIES);
	+ e.printStackTrace();
	+ }
	+ }
	+ }
	+
	if (!loadedProps) {
	initializeStatic();
	if (sdebug != null) {

rpms / java-11-openjdk

Source Code

Files