diff --git a/THIRD_PARTY_README b/THIRD_PARTY_README
index 7dc54a05723..643ea79ce6e 100644
--- a/THIRD_PARTY_README
+++ b/THIRD_PARTY_README
@@ -1334,11 +1334,13 @@ SUCH DAMAGE.
--------------------------------------------------------------------------------
-%% This notice is provided with respect to Joni v1.1.9, which may be
+%% This notice is provided with respect to Joni v2.1.16, which may be
included with JRE 8, JDK 8, and OpenJDK 8.
--- begin of LICENSE ---
+Copyright (c) 2017 JRuby Team
+
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
diff --git a/closed/OpenJ9.gmk b/closed/OpenJ9.gmk
index 68a82e10f9d..b327cf05e6e 100644
--- a/closed/OpenJ9.gmk
+++ b/closed/OpenJ9.gmk
@@ -1,5 +1,5 @@
# ===========================================================================
-# (c) Copyright IBM Corp. 2017, 2019 All Rights Reserved
+# (c) Copyright IBM Corp. 2017, 2020 All Rights Reserved
# ===========================================================================
# This code is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 2 only, as
@@ -86,6 +86,22 @@ endif
stage_openj9_build_jdk \
#
+# jitserver
+
+ifeq (true,$(OPENJ9_ENABLE_JITSERVER))
+$(eval $(call SetupCopyFiles,OPENJ9_STAGED_FILES, \
+ DEST := $(JDK_OUTPUTDIR)/bin, \
+ SRC := $(OPENJ9_VM_BUILD_DIR), \
+ FILES := jitserver$(EXE_SUFFIX) \
+ ))
+
+$(eval $(call SetupCopyFiles,OPENJ9_STAGED_FILES, \
+ DEST := $(JDK_OUTPUTDIR)/jre/bin, \
+ SRC := $(OPENJ9_VM_BUILD_DIR), \
+ FILES := jitserver$(EXE_SUFFIX) \
+ ))
+endif # OPENJ9_ENABLE_JITSERVER
+
# redirector
$(foreach subdir, j9vm server, \
@@ -323,6 +339,13 @@ else
SPEC_SED_SCRIPT += $(call SedDisable,module_ddr)
endif
+# Adjust JITServer enablement flags.
+ifeq (true,$(OPENJ9_ENABLE_JITSERVER))
+ FEATURE_SED_SCRIPT += $(call SedEnable,build_jitserver)
+else
+ FEATURE_SED_SCRIPT += $(call SedDisable,build_jitserver)
+endif
+
# openj9_stage_buildspec_file
# ---------------------------
# param 1 = The simple name of the file to copy.
diff --git a/closed/make/Javadoc.gmk b/closed/make/Javadoc.gmk
new file mode 100644
index 00000000000..c549040b260
--- /dev/null
+++ b/closed/make/Javadoc.gmk
@@ -0,0 +1,485 @@
+# Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation. Oracle designates this
+# particular file as subject to the "Classpath" exception as provided
+# by Oracle in the LICENSE file that accompanied this code.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+# ===========================================================================
+# (c) Copyright IBM Corp. 2019, 2020 All Rights Reserved
+# ===========================================================================
+
+#############################################################################
+# This file is included by (and is based on) make/Javadoc.gmk
+# OpenJ9 adds a number of packages to the jdk and also overrides certain
+# core api and com.sun.management classes.
+# The targets in this file generate the javadoc for the additional classes
+# and modify the page footers in the overridden files to carry the correct
+# copyrights.
+# Javadoc for the OpenJ9 extensions packages is created under docs/platform
+#############################################################################
+
+#############################################################################
+# Set the link prefix for the JavaSE core and com.sun.management packages
+# to reference the pages created in this build.
+JAVASE_BASE_URL := $(JDKJRE2COREAPI)
+
+#############################################################################
+# Source files for openj9 extensions javadoc
+OPENJ9_DOCS_SRCDIR := $(JDK_OUTPUTDIR)/j9jcl_sources/jdk/src/share/classes
+
+#############################################################################
+# Update macros which hold a list of the source directories.
+# ALL_SOURCE_DIRS is used in the PackageFilter function
+ALL_SOURCE_DIRS := $(OPENJ9_DOCS_SRCDIR) $(ALL_SOURCE_DIRS)
+# ALL_EXISTING_SOURCE_DIRS is used in the $(DIRECTORY_CACHE) target
+ALL_EXISTING_SOURCE_DIRS := $(wildcard $(ALL_SOURCE_DIRS))
+
+#############################################################################
+# html page footer for the OpenJ9 extensions and overrides pages
+OPENJ9_BASE_URL := https://www.eclipse.org/openj9/
+OPENJ9_BUG_SUBMIT_URL := https://github.com/eclipse/openj9/issues
+OPENJ9_FULL_COMPANY_NAME := IBM Corp
+OPENJ9_JAVADOC_BOTTOM = \
+ Link to Eclipse OpenJ9 documentation.
\
+ To raise a bug report or suggest an improvement create an Eclipse Openj9 issue.
\
+ Copyright © $(FIRST_COPYRIGHT_YEAR), $(COPYRIGHT_YEAR), $(OPENJ9_FULL_COMPANY_NAME). All rights reserved.
+
+#############################################################################
+#
+# openj9-sharedclassesdocs
+#
+
+OPENJ9_SHAREDCLASSES_PKGS := com.ibm.oti.shared
+
+OPENJ9_SHAREDCLASSES_FIRST_COPYRIGHT_YEAR := 1998
+
+OPENJ9_SHAREDCLASSES_DOCDIR := $(PLATFORM_DOCSDIR)/sharedclasses
+OPENJ9_SHAREDCLASSES_DOCTITLE := OpenJ9 Shared Classes
+OPENJ9_SHAREDCLASSES_WINDOWTITLE := OpenJ9 Shared Classes
+OPENJ9_SHAREDCLASSES_HEADER := OpenJ9 Shared Classes
+
+# The index.html, options, and packages files
+OPENJ9_SHAREDCLASSES_INDEX_FILE := $(OPENJ9_SHAREDCLASSES_DOCDIR)/index.html
+OPENJ9_SHAREDCLASSES_OPTIONS_FILE := $(DOCSTMPDIR)/openj9.sharedclasses.options
+OPENJ9_SHAREDCLASSES_PACKAGES_FILE := $(DOCSTMPDIR)/openj9.sharedclasses.packages
+
+openj9-sharedclassesdocs: $(OPENJ9_SHAREDCLASSES_INDEX_FILE)
+
+# Set relative location to platform document root
+$(OPENJ9_SHAREDCLASSES_INDEX_FILE): GET2DOCSDIR := $(PLATFORM_DOCSDIR)/..
+
+# Run javadoc if the index file is out of date or missing
+$(OPENJ9_SHAREDCLASSES_INDEX_FILE): $(OPENJ9_SHAREDCLASSES_OPTIONS_FILE) $(OPENJ9_SHAREDCLASSES_PACKAGES_FILE)
+ $(prep-javadoc)
+ $(call JavadocSummary,$(OPENJ9_SHAREDCLASSES_OPTIONS_FILE),$(OPENJ9_SHAREDCLASSES_PACKAGES_FILE))
+ $(JAVADOC_CMD) -d $(@D) \
+ @$(OPENJ9_SHAREDCLASSES_OPTIONS_FILE) @$(OPENJ9_SHAREDCLASSES_PACKAGES_FILE)
+
+$(OPENJ9_SHAREDCLASSES_OPTIONS_FILE): FIRST_COPYRIGHT_YEAR := $(OPENJ9_SHAREDCLASSES_FIRST_COPYRIGHT_YEAR)
+$(OPENJ9_SHAREDCLASSES_OPTIONS_FILE):
+ $(prep-target)
+ @($(call OptionOnly,$(COMMON_JAVADOCFLAGS)) ; \
+ $(call OptionPair,-sourcepath,$(OPENJ9_DOCS_SRCDIR)) ; \
+ $(call OptionPair,-encoding,ascii) ; \
+ $(call OptionPair,-doctitle,$(OPENJ9_SHAREDCLASSES_DOCTITLE)) ; \
+ $(call OptionPair,-windowtitle,$(OPENJ9_SHAREDCLASSES_WINDOWTITLE) $(DRAFT_WINTITLE)) ; \
+ $(call OptionPair,-header,$(OPENJ9_SHAREDCLASSES_HEADER)$(DRAFT_HEADER)) ; \
+ $(call OptionPair,-bottom,$(OPENJ9_JAVADOC_BOTTOM)$(DRAFT_BOTTOM)) ; \
+ $(call OptionTrip,-linkoffline,$(JAVASE_BASE_URL),$(COREAPI_DOCSDIR)/) ; \
+ ) > $@
+
+# Create a file with the package names in it
+$(OPENJ9_SHAREDCLASSES_PACKAGES_FILE): $(DIRECTORY_CACHE) $(call PackageDependencies,$(OPENJ9_SHAREDCLASSES_PKGS))
+ $(prep-target)
+ $(call PackageFilter,$(OPENJ9_SHAREDCLASSES_PKGS))
+
+#############################################################################
+#
+# openj9-gpudocs
+#
+
+OPENJ9_GPU_PKGS := com.ibm.gpu
+
+OPENJ9_GPU_FIRST_COPYRIGHT_YEAR := 2014
+
+OPENJ9_GPU_DOCDIR := $(PLATFORM_DOCSDIR)/gpu
+OPENJ9_GPU2COREAPI := $(JDKJRE2COREAPI)
+OPENJ9_GPU_DOCTITLE := OpenJ9 GPU Classes
+OPENJ9_GPU_WINDOWTITLE := OpenJ9 GPU Classes
+OPENJ9_GPU_HEADER := OpenJ9 GPU Classes
+
+# The index.html, options, and packages files
+OPENJ9_GPU_INDEX_FILE := $(OPENJ9_GPU_DOCDIR)/index.html
+OPENJ9_GPU_OPTIONS_FILE := $(DOCSTMPDIR)/openj9.gpu.options
+OPENJ9_GPU_PACKAGES_FILE := $(DOCSTMPDIR)/openj9.gpu.packages
+
+openj9-gpudocs: $(OPENJ9_GPU_INDEX_FILE)
+
+# Set relative location to platform document root
+$(OPENJ9_GPU_INDEX_FILE): GET2DOCSDIR := $(PLATFORM_DOCSDIR)/..
+
+# Run javadoc if the index file is out of date or missing
+$(OPENJ9_GPU_INDEX_FILE): $(OPENJ9_GPU_OPTIONS_FILE) $(OPENJ9_GPU_PACKAGES_FILE)
+ $(prep-javadoc)
+ $(call JavadocSummary,$(OPENJ9_GPU_OPTIONS_FILE),$(OPENJ9_GPU_PACKAGES_FILE))
+ $(JAVADOC_CMD) -d $(@D) \
+ @$(OPENJ9_GPU_OPTIONS_FILE) @$(OPENJ9_GPU_PACKAGES_FILE)
+
+$(OPENJ9_GPU_OPTIONS_FILE): FIRST_COPYRIGHT_YEAR := $(OPENJ9_GPU_FIRST_COPYRIGHT_YEAR)
+$(OPENJ9_GPU_OPTIONS_FILE):
+ $(prep-target)
+ @($(call OptionOnly,$(COMMON_JAVADOCFLAGS)) ; \
+ $(call OptionPair,-sourcepath,$(OPENJ9_DOCS_SRCDIR)) ; \
+ $(call OptionPair,-encoding,ascii) ; \
+ $(call OptionPair,-doctitle,$(OPENJ9_GPU_DOCTITLE)) ; \
+ $(call OptionPair,-windowtitle,$(OPENJ9_GPU_WINDOWTITLE) $(DRAFT_WINTITLE)) ; \
+ $(call OptionPair,-header,$(OPENJ9_GPU_HEADER)$(DRAFT_HEADER)) ; \
+ $(call OptionPair,-bottom,$(OPENJ9_JAVADOC_BOTTOM)$(DRAFT_BOTTOM)) ; \
+ $(call OptionTrip,-linkoffline,$(JAVASE_BASE_URL),$(COREAPI_DOCSDIR)/) ; \
+ ) > $@
+
+# Create a file with the package names in it
+$(OPENJ9_GPU_PACKAGES_FILE): $(DIRECTORY_CACHE) $(call PackageDependencies,$(OPENJ9_GPU_PKGS))
+ $(prep-target)
+ $(call PackageFilter,$(OPENJ9_GPU_PKGS))
+
+#############################################################################
+#
+# openj9-cudadocs
+#
+
+OPENJ9_CUDA_PKGS := com.ibm.cuda
+
+OPENJ9_CUDA_FIRST_COPYRIGHT_YEAR := 2013
+
+OPENJ9_CUDA_DOCDIR := $(PLATFORM_DOCSDIR)/cuda
+OPENJ9_CUDA2COREAPI := $(JDKJRE2COREAPI)
+OPENJ9_CUDA_DOCTITLE := OpenJ9 CUDA Classes
+OPENJ9_CUDA_WINDOWTITLE := OpenJ9 CUDA Classes
+OPENJ9_CUDA_HEADER := OpenJ9 CUDA Classes
+
+# The index.html, options, and packages files
+OPENJ9_CUDA_INDEX_FILE := $(OPENJ9_CUDA_DOCDIR)/index.html
+OPENJ9_CUDA_OPTIONS_FILE := $(DOCSTMPDIR)/openj9.cuda.options
+OPENJ9_CUDA_PACKAGES_FILE := $(DOCSTMPDIR)/openj9.cuda.packages
+
+openj9-cudadocs: $(OPENJ9_CUDA_INDEX_FILE)
+
+# Set relative location to platform document root
+$(OPENJ9_CUDA_INDEX_FILE): GET2DOCSDIR := $(PLATFORM_DOCSDIR)/..
+
+# Run javadoc if the index file is out of date or missing
+$(OPENJ9_CUDA_INDEX_FILE): $(OPENJ9_CUDA_OPTIONS_FILE) $(OPENJ9_CUDA_PACKAGES_FILE)
+ $(prep-javadoc)
+ $(call JavadocSummary,$(OPENJ9_CUDA_OPTIONS_FILE),$(OPENJ9_CUDA_PACKAGES_FILE))
+ $(JAVADOC_CMD) -d $(@D) \
+ @$(OPENJ9_CUDA_OPTIONS_FILE) @$(OPENJ9_CUDA_PACKAGES_FILE)
+
+$(OPENJ9_CUDA_OPTIONS_FILE): FIRST_COPYRIGHT_YEAR := $(OPENJ9_CUDA_FIRST_COPYRIGHT_YEAR)
+$(OPENJ9_CUDA_OPTIONS_FILE):
+ $(prep-target)
+ @($(call OptionOnly,$(COMMON_JAVADOCFLAGS)) ; \
+ $(call OptionPair,-sourcepath,$(OPENJ9_DOCS_SRCDIR)) ; \
+ $(call OptionPair,-encoding,ascii) ; \
+ $(call OptionPair,-doctitle,$(OPENJ9_CUDA_DOCTITLE)) ; \
+ $(call OptionPair,-windowtitle,$(OPENJ9_CUDA_WINDOWTITLE) $(DRAFT_WINTITLE)) ; \
+ $(call OptionPair,-header,$(OPENJ9_CUDA_HEADER)$(DRAFT_HEADER)) ; \
+ $(call OptionPair,-bottom,$(OPENJ9_JAVADOC_BOTTOM)$(DRAFT_BOTTOM)) ; \
+ $(call OptionTrip,-linkoffline,$(JAVASE_BASE_URL),$(COREAPI_DOCSDIR)/) ; \
+ ) > $@
+
+# Create a file with the package names in it
+$(OPENJ9_CUDA_PACKAGES_FILE): $(DIRECTORY_CACHE) $(call PackageDependencies,$(OPENJ9_CUDA_PKGS))
+ $(prep-target)
+ $(call PackageFilter,$(OPENJ9_CUDA_PKGS))
+
+#############################################################################
+#
+# openj9-dataaccessdocs
+#
+
+OPENJ9_DATAACCESS_PKGS := com.ibm.dataaccess
+
+OPENJ9_DATAACCESS_FIRST_COPYRIGHT_YEAR := 2013
+
+OPENJ9_DATAACCESS_DOCDIR := $(PLATFORM_DOCSDIR)/dataaccess
+OPENJ9_DATAACCESS2COREAPI := $(JDKJRE2COREAPI)
+OPENJ9_DATAACCESS_DOCTITLE := OpenJ9 Data Access Acceleration Classes
+OPENJ9_DATAACCESS_WINDOWTITLE := OpenJ9 Data Access Acceleration Classes
+OPENJ9_DATAACCESS_HEADER := OpenJ9 Data Access Acceleration Classes
+
+# The index.html, options, and packages files
+OPENJ9_DATAACCESS_INDEX_FILE := $(OPENJ9_DATAACCESS_DOCDIR)/index.html
+OPENJ9_DATAACCESS_OPTIONS_FILE := $(DOCSTMPDIR)/openj9.dataaccess.options
+OPENJ9_DATAACCESS_PACKAGES_FILE := $(DOCSTMPDIR)/openj9.dataaccess.packages
+
+openj9-dataaccessdocs: $(OPENJ9_DATAACCESS_INDEX_FILE)
+
+# Set relative location to platform document root
+$(OPENJ9_DATAACCESS_INDEX_FILE): GET2DOCSDIR := $(PLATFORM_DOCSDIR)/..
+
+# Run javadoc if the index file is out of date or missing
+$(OPENJ9_DATAACCESS_INDEX_FILE): $(OPENJ9_DATAACCESS_OPTIONS_FILE) $(OPENJ9_DATAACCESS_PACKAGES_FILE)
+ $(prep-javadoc)
+ $(call JavadocSummary,$(OPENJ9_DATAACCESS_OPTIONS_FILE),$(OPENJ9_DATAACCESS_PACKAGES_FILE))
+ $(JAVADOC_CMD) -d $(@D) \
+ @$(OPENJ9_DATAACCESS_OPTIONS_FILE) @$(OPENJ9_DATAACCESS_PACKAGES_FILE)
+
+$(OPENJ9_DATAACCESS_OPTIONS_FILE): FIRST_COPYRIGHT_YEAR := $(OPENJ9_DATAACCESS_FIRST_COPYRIGHT_YEAR)
+$(OPENJ9_DATAACCESS_OPTIONS_FILE):
+ $(prep-target)
+ @($(call OptionOnly,$(COMMON_JAVADOCFLAGS)) ; \
+ $(call OptionPair,-sourcepath,$(OPENJ9_DOCS_SRCDIR)) ; \
+ $(call OptionPair,-encoding,ascii) ; \
+ $(call OptionPair,-doctitle,$(OPENJ9_DATAACCESS_DOCTITLE)) ; \
+ $(call OptionPair,-windowtitle,$(OPENJ9_DATAACCESS_WINDOWTITLE) $(DRAFT_WINTITLE)) ; \
+ $(call OptionPair,-header,$(OPENJ9_DATAACCESS_HEADER)$(DRAFT_HEADER)) ; \
+ $(call OptionPair,-bottom,$(OPENJ9_JAVADOC_BOTTOM)$(DRAFT_BOTTOM)) ; \
+ $(call OptionTrip,-linkoffline,$(JAVASE_BASE_URL),$(COREAPI_DOCSDIR)/) ; \
+ ) > $@
+
+# Create a file with the package names in it
+$(OPENJ9_DATAACCESS_PACKAGES_FILE): $(DIRECTORY_CACHE) $(call PackageDependencies,$(OPENJ9_DATAACCESS_PKGS))
+ $(prep-target)
+ $(call PackageFilter,$(OPENJ9_DATAACCESS_PKGS))
+
+#############################################################################
+#
+# openj9-jvmdocs
+#
+
+OPENJ9_JVM_PKGS := com.ibm.jvm
+
+OPENJ9_JVM_FIRST_COPYRIGHT_YEAR := 1998
+
+OPENJ9_JVM_DOCDIR := $(PLATFORM_DOCSDIR)/jvm
+OPENJ9_JVM2COREAPI := $(JDKJRE2COREAPI)
+OPENJ9_JVM_DOCTITLE := OpenJ9 JVM Diagnostic Utilities Classes
+OPENJ9_JVM_WINDOWTITLE := OpenJ9 JVM Diagnostic Utilities Classes
+OPENJ9_JVM_HEADER := OpenJ9 JVM Diagnostic Utilities Classes
+
+# The index.html, options, and packages files
+OPENJ9_JVM_INDEX_FILE := $(OPENJ9_JVM_DOCDIR)/index.html
+OPENJ9_JVM_OPTIONS_FILE := $(DOCSTMPDIR)/openj9.jvm.options
+OPENJ9_JVM_PACKAGES_FILE := $(DOCSTMPDIR)/openj9.jvm.packages
+
+openj9-jvmdocs: $(OPENJ9_JVM_INDEX_FILE)
+
+# Set relative location to platform document root
+$(OPENJ9_JVM_INDEX_FILE): GET2DOCSDIR := $(PLATFORM_DOCSDIR)/..
+
+# Run javadoc if the index file is out of date or missing
+$(OPENJ9_JVM_INDEX_FILE): $(OPENJ9_JVM_OPTIONS_FILE) $(OPENJ9_JVM_PACKAGES_FILE)
+ $(prep-javadoc)
+ $(call JavadocSummary,$(OPENJ9_JVM_OPTIONS_FILE),$(OPENJ9_JVM_PACKAGES_FILE))
+ $(JAVADOC_CMD) -d $(@D) \
+ @$(OPENJ9_JVM_OPTIONS_FILE) @$(OPENJ9_JVM_PACKAGES_FILE)
+
+$(OPENJ9_JVM_OPTIONS_FILE): FIRST_COPYRIGHT_YEAR := $(OPENJ9_JVM_FIRST_COPYRIGHT_YEAR)
+$(OPENJ9_JVM_OPTIONS_FILE):
+ $(prep-target)
+ @($(call OptionOnly,$(COMMON_JAVADOCFLAGS)) ; \
+ $(call OptionPair,-sourcepath,$(OPENJ9_DOCS_SRCDIR)) ; \
+ $(call OptionPair,-encoding,ascii) ; \
+ $(call OptionPair,-doctitle,$(OPENJ9_JVM_DOCTITLE)) ; \
+ $(call OptionPair,-windowtitle,$(OPENJ9_JVM_WINDOWTITLE) $(DRAFT_WINTITLE)) ; \
+ $(call OptionPair,-header,$(OPENJ9_JVM_HEADER)$(DRAFT_HEADER)) ; \
+ $(call OptionPair,-bottom,$(OPENJ9_JAVADOC_BOTTOM)$(DRAFT_BOTTOM)) ; \
+ $(call OptionTrip,-linkoffline,$(JAVASE_BASE_URL),$(COREAPI_DOCSDIR)/) ; \
+ ) > $@
+
+# Create a file with the package names in it
+$(OPENJ9_JVM_PACKAGES_FILE): $(DIRECTORY_CACHE) $(call PackageDependencies,$(OPENJ9_JVM_PKGS))
+ $(prep-target)
+ $(call PackageFilter,$(OPENJ9_JVM_PKGS))
+
+#############################################################################
+#
+# openj9 mgmtdocs
+#
+# The openjdk com.sun.management classes are specific to the
+# hotspot virtual machine and do not work with openj9.
+# openj9 provides the com.ibm.lang.management,
+# com.ibm.virtualization.management and
+# openj9.lang.management packages for managing the openj9
+# virtual machine.
+# Some of the openj9 com.ibm.lang.management classes implement
+# com.sun.management interfaces, so those com.sun.management
+# classes need to be included in the javadoc.
+#
+# The required openjdk com.sun.management interface source files
+# are copied to a temporary location, which is then used as the
+# source file location for the javadoc, rather than the actual
+# openjdk source tree.
+#
+# The MGMT_XXX macros are defined in make/Javadoc.gmk
+
+#############################################################################
+# Location of the openjdk com.sun.management source files
+SUN_MGMT_SRCDIR := $(JDK_SHARE_CLASSES)/com/sun/management
+
+#############################################################################
+# Somewhere to copy the openjdk com.sun.management interfaces referenced by
+# the com.ibm.lang.management to.
+TEMP_SUN_MGMT_PKGDIR := $(TEMPDIR)/mgmt
+TEMP_SUN_MGMT_SRCDIR := $(TEMP_SUN_MGMT_PKGDIR)/com/sun/management
+
+OPENJ9_MGMT_PKGS := com.ibm.lang.management com.ibm.virtualization.management openj9.lang.management
+ALL_MGMT_PKGS = $(OPENJ9_MGMT_PKGS) $(MGMT_PKGS)
+
+OPENJ9_MGMT_FIRST_COPYRIGHT_YEAR := 2001
+OPENJ9_MGMT_DOCDIR := $(JRE_API_DOCSDIR)/management/extension
+OPENJ9_MGMT_DOCTITLE := OpenJ9 Monitoring and Management Interface Classes
+OPENJ9_MGMT_WINDOWTITLE := OpenJ9 Monitoring and Management Interface Classes
+OPENJ9_MGMT_HEADER := OpenJ9 Monitoring and Management Interface Classes
+
+#############################################################################
+# The index.html, options, and packages files
+OPENJ9_MGMT_INDEXALL_FILE = $(OPENJ9_MGMT_DOCDIR)/index-all.html
+OPENJ9_MGMT_INDEX_FILE = $(OPENJ9_MGMT_DOCDIR)/index.html
+OPENJ9_MGMT_OPTIONS_FILE := $(DOCSTMPDIR)/openj9.mgmt.options
+OPENJ9_MGMT_PACKAGES_FILE := $(DOCSTMPDIR)/openj9.mgmt.packages
+
+#############################################################################
+# Set the link prefix for the JavaSE core and com.sun.management packages
+# point at the pages created in this build.
+JAVASE_BASE_URL := ../../$(JDKJRE2COREAPI)
+MGMT_BASE_URL := $(OPENJ9_MGMT_DOCDIR)
+OPENJ9_MGMT_SRCPATH := $(OPENJ9_DOCS_SRCDIR)$(PATH_SEP)$(TEMP_SUN_MGMT_PKGDIR)
+
+#############################################################################
+# Run javadoc if the index-all.html file is out of date or missing.
+# The openjdk build already uses index.html as its marker, so this
+# uses the index-all.html file instead.
+# The dependency on the index.html file ensures this javadoc
+# generation will replace the openjdk javadoc generation.
+$(OPENJ9_MGMT_INDEXALL_FILE): FIRST_COPYRIGHT_YEAR := $(OPENJ9_MGMT_FIRST_COPYRIGHT_YEAR)
+$(OPENJ9_MGMT_INDEXALL_FILE): $(OPENJ9_MGMT_INDEX_FILE) $(OPENJ9_MGMT_OPTIONS_FILE) $(OPENJ9_MGMT_PACKAGES_FILE)
+ $(MKDIR) -p $(TEMP_SUN_MGMT_SRCDIR)
+ if [ ! -d $(TEMP_SUN_MGMT_SRCDIR) ]; then echo Error: $(TEMP_SUN_MGMT_SRCDIR) does not exist, mkdir -p $(TEMP_SUN_MGMT_SRCDIR) must have failed; exit 1; fi
+ $(CP) $(SUN_MGMT_SRCDIR)/GarbageCollectorMXBean.java $(TEMP_SUN_MGMT_SRCDIR)
+ $(CP) $(SUN_MGMT_SRCDIR)/OperatingSystemMXBean.java $(TEMP_SUN_MGMT_SRCDIR)
+ $(CP) $(SUN_MGMT_SRCDIR)/UnixOperatingSystemMXBean.java $(TEMP_SUN_MGMT_SRCDIR)
+ $(CP) $(SUN_MGMT_SRCDIR)/package-info.java $(TEMP_SUN_MGMT_SRCDIR)
+ $(prep-javadoc)
+ $(call JavadocSummary,$(OPENJ9_MGMT_OPTIONS_FILE),$(OPENJ9_MGMT_PACKAGES_FILE))
+ $(JAVADOC_CMD) -d $(@D) @$(OPENJ9_MGMT_OPTIONS_FILE) @$(OPENJ9_MGMT_PACKAGES_FILE) 1>&2
+ $(RM) -r $(TEMP_SUN_MGMT_PKGDIR)
+
+$(OPENJ9_MGMT_OPTIONS_FILE):
+ $(prep-target)
+ @($(call OptionOnly,$(COMMON_JAVADOCFLAGS)) ; \
+ $(call OptionPair,-sourcepath,$(OPENJ9_MGMT_SRCPATH)) ; \
+ $(call OptionPair,-encoding,ascii) ; \
+ $(call OptionPair,-doctitle,$(MGMT_DOCTITLE)) ; \
+ $(call OptionPair,-windowtitle,$(MGMT_WINDOWTITLE) $(DRAFT_WINTITLE)) ; \
+ $(call OptionPair,-header,$(MGMT_HEADER)$(DRAFT_HEADER)) ; \
+ $(call OptionPair,-bottom,$(MGMT_BOTTOM)$(DRAFT_BOTTOM)) ; \
+ $(call OptionTrip,-linkoffline,$(JAVASE_BASE_URL),$(COREAPI_DOCSDIR)/) ; \
+ $(call OptionTrip,-linkoffline,$(MGMT_BASE_URL),$(MGMT_DOCDIR)/) ; \
+ ) > $@
+
+# Create a file with the package names in it
+$(OPENJ9_MGMT_PACKAGES_FILE): $(DIRECTORY_CACHE) $(call PackageDependencies,$(ALL_MGMT_PKGS))
+ $(prep-target)
+ $(call PackageFilter,$(ALL_MGMT_PKGS))
+
+#############################################################################
+# The javadoc tool only allows for a single setting for headers and footers
+# per invocation, which means that the jdk management and core api openjdk
+# classes which have been replaced by openj9 will contain the openjdk page
+# footer.
+# The commands below locate the javadoc pages generated from the openj9
+# overrides and replace the footer in those pages.
+# '.' need escaping in the sed regex. If more sed special characters are
+# introduced in the openjdk footer in future these would need escaping also.
+# '&' needs escaping in sed replacement text.
+# When pages are being generated openj9 extensions (under the docs/platform
+# directory), the correct footer is specified directly in the javadoc command.
+#
+# The OpenJ9 classes are built from the j9jcl_sources and closed/src
+# directories.
+# The packages are beneath directories called /share/classes (or /unix/classes,
+# /windows/classes etc.) which do not appear in the javadoc tree structure.
+# The commands below replace the footer in the javadoc html pages for the
+# following files:
+# 1. The openj9 java source files which override the openjdk versions
+# 2. The openj9.xxxx modules, including the javadoc generated files such as
+# enum class pages, module-summary.html, package-summary.html etc.)
+# A temporary script file is used to avoid the xargs command line length limit
+# of 255 chars.
+
+OPENJ9_SUBST_BOTTOM = $(subst &,\&,$(OPENJ9_JAVADOC_BOTTOM))
+
+#############################################################################
+# sed command to replace the footer in the jdk management javadoc files.
+MGMT_BOTTOM_REGEX = $(subst .,\.,$(MGMT_BOTTOM))
+OPENJ9_MGMT_SUBST_COMMAND = $(SED) -e '\''s|$(MGMT_BOTTOM_REGEX)|$(OPENJ9_SUBST_BOTTOM)|g'\''
+
+#############################################################################
+# sed command to replace the footer in the core api javadoc files.
+# Openjdk Core API doc is generated with the -Xdocrootparent javadoc option,
+# so apply the same substition to the page footer before matching.
+COREAPI_BOTTOM_REGEX = $(subst {@docroot}/,$(subst .,\.,$(DOCS_BASE_URL)),$(subst .,\.,$(COREAPI_BOTTOM)))
+OPENJ9_COREAPI_SUBST_COMMAND = $(SED) -e '\''s|$(COREAPI_BOTTOM_REGEX)|$(OPENJ9_SUBST_BOTTOM)|g'\''
+
+################################################################################
+OPENJ9_JAVADOC_MARKER := $(TEMPDIR)/_javadoc_openj9.marker
+OPENJ9_JAVADOC_SCRIPT := $(TEMPDIR)/_javadoc_openj9_footer_replace.sh
+OPENJ9_JAVADOC_TEMP := $(TEMPDIR)/_javadoc_temp.html
+
+################################################################################
+# Use a marker file as target with dependencies which ensure footers are not
+# updated until the pages have been updated by the openjdk javadoc targets.
+
+OPENJ9_JAVADOC_SCRIPT_BODY = \
+ for path in "$$@" ; do \
+ if [ -f "$(COREAPI_DOCSDIR)/$$path" ] ; then \
+ $(CP) "$(COREAPI_DOCSDIR)/$$path" "$(OPENJ9_JAVADOC_TEMP)" ; \
+ $(OPENJ9_COREAPI_SUBST_COMMAND) < "$(OPENJ9_JAVADOC_TEMP)" > "$(COREAPI_DOCSDIR)/$$path" ; \
+ $(RM) "$(OPENJ9_JAVADOC_TEMP)" ; \
+ fi ; \
+ if [ -f "$(JRE_API_DOCSDIR)/management/extension/$$path" ] ; then \
+ $(CP) "$(JRE_API_DOCSDIR)/management/extension/$$path" "$(OPENJ9_JAVADOC_TEMP)" ; \
+ $(OPENJ9_MGMT_SUBST_COMMAND) < "$(OPENJ9_JAVADOC_TEMP)" > "$(JRE_API_DOCSDIR)/management/extension/$$path" ; \
+ $(RM) "$(OPENJ9_JAVADOC_TEMP)" ; \
+ fi ; \
+ done \
+ #
+
+$(OPENJ9_JAVADOC_MARKER) : $(COREAPI_DOCSDIR)/index.html $(OPENJ9_MGMT_INDEXALL_FILE)
+ $(ECHO) '$(OPENJ9_JAVADOC_SCRIPT_BODY)' >$(OPENJ9_JAVADOC_SCRIPT)
+ $(CD) $(JDK_OUTPUTDIR)/j9jcl_sources/jdk/src ; \
+ $(FIND) . -type f -name '*.java' \
+ | $(SED) -e 's|/[^/]\+/classes/|/|' -e 's|\.java$$|.html|' \
+ | $(XARGS) $(BASH) $(OPENJ9_JAVADOC_SCRIPT)
+ $(CD) $(TOPDIR)/closed/adds/jdk/src; \
+ $(FIND) . -type f -name '*.java' \
+ | $(SED) -e 's|/[^/]\+/classes/|/|' -e 's|\.java$$|.html|' \
+ | $(XARGS) $(BASH) $(OPENJ9_JAVADOC_SCRIPT)
+ $(CD) $(JRE_API_DOCSDIR)/management/extension; \
+ $(FIND) . -type f '(' -path '*/openj9*/*.html' ')' -o '(' -path '*/com/ibm/*.html' ')' \
+ | $(XARGS) $(BASH) $(OPENJ9_JAVADOC_SCRIPT)
+ $(RM) -f $(OPENJ9_JAVADOC_SCRIPT)
+ $(TOUCH) $@
+
+# ALL_OTHER_TARGETS are declared as PHONY in make/Javadoc.gmk
+ALL_OTHER_TARGETS += $(OPENJ9_JAVADOC_MARKER) openj9-sharedclassesdocs openj9-gpudocs openj9-cudadocs openj9-dataaccessdocs openj9-jvmdocs
diff --git a/closed/openjdk-tag.gmk b/closed/openjdk-tag.gmk
index 851f2f73587..669cbc60bbb 100644
--- a/closed/openjdk-tag.gmk
+++ b/closed/openjdk-tag.gmk
@@ -1 +1 @@
-OPENJDK_TAG := jdk8u242-b04
+OPENJDK_TAG := jdk8u242-b06
diff --git a/common/autoconf/generated-configure.sh b/common/autoconf/generated-configure.sh
index 1aeb3f78ec0..776dbb33e1c 100644
--- a/common/autoconf/generated-configure.sh
+++ b/common/autoconf/generated-configure.sh
@@ -4397,7 +4397,7 @@ VS_SDK_PLATFORM_NAME_2017=
#CUSTOM_AUTOCONF_INCLUDE
# Do not change or remove the following line, it is needed for consistency checks:
-DATE_WHEN_GENERATED=1576018331
+DATE_WHEN_GENERATED=1577815762
###############################################################################
#
diff --git a/corba/THIRD_PARTY_README b/corba/THIRD_PARTY_README
index 7dc54a05723..643ea79ce6e 100644
--- a/corba/THIRD_PARTY_README
+++ b/corba/THIRD_PARTY_README
@@ -1334,11 +1334,13 @@ SUCH DAMAGE.
--------------------------------------------------------------------------------
-%% This notice is provided with respect to Joni v1.1.9, which may be
+%% This notice is provided with respect to Joni v2.1.16, which may be
included with JRE 8, JDK 8, and OpenJDK 8.
--- begin of LICENSE ---
+Copyright (c) 2017 JRuby Team
+
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
diff --git a/jaxp/THIRD_PARTY_README b/jaxp/THIRD_PARTY_README
index 7dc54a05723..643ea79ce6e 100644
--- a/jaxp/THIRD_PARTY_README
+++ b/jaxp/THIRD_PARTY_README
@@ -1334,11 +1334,13 @@ SUCH DAMAGE.
--------------------------------------------------------------------------------
-%% This notice is provided with respect to Joni v1.1.9, which may be
+%% This notice is provided with respect to Joni v2.1.16, which may be
included with JRE 8, JDK 8, and OpenJDK 8.
--- begin of LICENSE ---
+Copyright (c) 2017 JRuby Team
+
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
diff --git a/jaxws/THIRD_PARTY_README b/jaxws/THIRD_PARTY_README
index 7dc54a05723..643ea79ce6e 100644
--- a/jaxws/THIRD_PARTY_README
+++ b/jaxws/THIRD_PARTY_README
@@ -1334,11 +1334,13 @@ SUCH DAMAGE.
--------------------------------------------------------------------------------
-%% This notice is provided with respect to Joni v1.1.9, which may be
+%% This notice is provided with respect to Joni v2.1.16, which may be
included with JRE 8, JDK 8, and OpenJDK 8.
--- begin of LICENSE ---
+Copyright (c) 2017 JRuby Team
+
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
diff --git a/jdk/THIRD_PARTY_README b/jdk/THIRD_PARTY_README
index 7dc54a05723..643ea79ce6e 100644
--- a/jdk/THIRD_PARTY_README
+++ b/jdk/THIRD_PARTY_README
@@ -1334,11 +1334,13 @@ SUCH DAMAGE.
--------------------------------------------------------------------------------
-%% This notice is provided with respect to Joni v1.1.9, which may be
+%% This notice is provided with respect to Joni v2.1.16, which may be
included with JRE 8, JDK 8, and OpenJDK 8.
--- begin of LICENSE ---
+Copyright (c) 2017 JRuby Team
+
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
diff --git a/jdk/make/closed/autoconf/custom-hook.m4 b/jdk/make/closed/autoconf/custom-hook.m4
index 61fb6960ffe..8e48a2607c5 100644
--- a/jdk/make/closed/autoconf/custom-hook.m4
+++ b/jdk/make/closed/autoconf/custom-hook.m4
@@ -702,20 +702,6 @@ AC_DEFUN([CONFIGURE_OPENSSL],
AC_MSG_CHECKING([if we should bundle openssl])
AC_MSG_RESULT([$BUNDLE_OPENSSL])
-
- if test "x$OPENJ9_ENABLE_JITSERVER" = xtrue ; then
- if test "x$OPENJDK_TARGET_OS" = xlinux ; then
- if test "x$OPENSSL_DIR" != x ; then
- AC_MSG_CHECKING([if the required OPENSSL API exists for JITServer in $OPENSSL_DIR])
- if $GREP -q -w SSL_CTX_set_ecdh_auto "$OPENSSL_DIR/include/openssl/ssl.h" 2> /dev/null ; then
- AC_MSG_RESULT([yes])
- else
- AC_MSG_RESULT([no])
- AC_MSG_ERROR([SSL_CTX_set_ecdh_auto is required by JITServer])
- fi
- fi
- fi
- fi
fi
AC_SUBST(OPENSSL_BUNDLE_LIB_PATH)
diff --git a/jdk/make/closed/autoconf/generated-configure.sh b/jdk/make/closed/autoconf/generated-configure.sh
index ab40f35680b..fa8de290048 100644
--- a/jdk/make/closed/autoconf/generated-configure.sh
+++ b/jdk/make/closed/autoconf/generated-configure.sh
@@ -4576,7 +4576,7 @@ VS_SDK_PLATFORM_NAME_2017=
# Do not change or remove the following line, it is needed for consistency checks:
-DATE_WHEN_GENERATED=1576018331
+DATE_WHEN_GENERATED=1577815762
###############################################################################
#
@@ -55786,23 +55786,6 @@ $as_echo "yes" >&6; }
$as_echo_n "checking if we should bundle openssl... " >&6; }
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $BUNDLE_OPENSSL" >&5
$as_echo "$BUNDLE_OPENSSL" >&6; }
-
- if test "x$OPENJ9_ENABLE_JITSERVER" = xtrue ; then
- if test "x$OPENJDK_TARGET_OS" = xlinux ; then
- if test "x$OPENSSL_DIR" != x ; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking if the required OPENSSL API exists for JITServer in $OPENSSL_DIR" >&5
-$as_echo_n "checking if the required OPENSSL API exists for JITServer in $OPENSSL_DIR... " >&6; }
- if $GREP -q -w SSL_CTX_set_ecdh_auto "$OPENSSL_DIR/include/openssl/ssl.h" 2> /dev/null ; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
- else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
- as_fn_error $? "SSL_CTX_set_ecdh_auto is required by JITServer" "$LINENO" 5
- fi
- fi
- fi
- fi
fi
diff --git a/jdk/make/src/classes/build/tools/generatelsrequivmaps/EquivMapsGenerator.java b/jdk/make/src/classes/build/tools/generatelsrequivmaps/EquivMapsGenerator.java
index c693eedc245..ba83f92a183 100644
--- a/jdk/make/src/classes/build/tools/generatelsrequivmaps/EquivMapsGenerator.java
+++ b/jdk/make/src/classes/build/tools/generatelsrequivmaps/EquivMapsGenerator.java
@@ -4,7 +4,9 @@
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
+ * published by the Free Software Foundation. Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
diff --git a/jdk/make/src/native/add_gnu_debuglink/add_gnu_debuglink.c b/jdk/make/src/native/add_gnu_debuglink/add_gnu_debuglink.c
index b65457c0d99..a9985fa5ffb 100644
--- a/jdk/make/src/native/add_gnu_debuglink/add_gnu_debuglink.c
+++ b/jdk/make/src/native/add_gnu_debuglink/add_gnu_debuglink.c
@@ -4,7 +4,9 @@
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
+ * published by the Free Software Foundation. Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
diff --git a/jdk/make/src/native/fix_empty_sec_hdr_flags/fix_empty_sec_hdr_flags.c b/jdk/make/src/native/fix_empty_sec_hdr_flags/fix_empty_sec_hdr_flags.c
index 68bd0938668..fc583ec9862 100644
--- a/jdk/make/src/native/fix_empty_sec_hdr_flags/fix_empty_sec_hdr_flags.c
+++ b/jdk/make/src/native/fix_empty_sec_hdr_flags/fix_empty_sec_hdr_flags.c
@@ -4,7 +4,9 @@
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
+ * published by the Free Software Foundation. Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
diff --git a/jdk/src/macosx/native/jobjc/JObjC.xcodeproj/default.pbxuser b/jdk/src/macosx/native/jobjc/JObjC.xcodeproj/default.pbxuser
index cda3de5e2f2..dd674ec5583 100644
--- a/jdk/src/macosx/native/jobjc/JObjC.xcodeproj/default.pbxuser
+++ b/jdk/src/macosx/native/jobjc/JObjC.xcodeproj/default.pbxuser
@@ -5,7 +5,9 @@
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
+ * published by the Free Software Foundation. Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
diff --git a/jdk/src/macosx/native/sun/awt/CGraphicsDevice.m b/jdk/src/macosx/native/sun/awt/CGraphicsDevice.m
index c04a6a3807f..870162e9fdd 100644
--- a/jdk/src/macosx/native/sun/awt/CGraphicsDevice.m
+++ b/jdk/src/macosx/native/sun/awt/CGraphicsDevice.m
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -94,16 +94,18 @@ static CFMutableArrayRef getAllValidDisplayModes(jint displayID){
static CGDisplayModeRef getBestModeForParameters(CFArrayRef allModes, int w, int h, int bpp, int refrate) {
CGDisplayModeRef bestGuess = NULL;
CFIndex numModes = CFArrayGetCount(allModes), n;
- int thisBpp = 0;
+
for(n = 0; n < numModes; n++ ) {
CGDisplayModeRef cRef = (CGDisplayModeRef) CFArrayGetValueAtIndex(allModes, n);
if(cRef == NULL) {
continue;
}
CFStringRef modeString = CGDisplayModeCopyPixelEncoding(cRef);
- thisBpp = getBPPFromModeString(modeString);
+ int thisBpp = getBPPFromModeString(modeString);
CFRelease(modeString);
- if (thisBpp != bpp || (int)CGDisplayModeGetHeight(cRef) != h || (int)CGDisplayModeGetWidth(cRef) != w) {
+ int thisH = (int)CGDisplayModeGetHeight(cRef);
+ int thisW = (int)CGDisplayModeGetWidth(cRef);
+ if (thisBpp != bpp || thisH != h || thisW != w) {
// One of the key parameters does not match
continue;
}
@@ -114,11 +116,12 @@ static CGDisplayModeRef getBestModeForParameters(CFArrayRef allModes, int w, int
// Refresh rate might be 0 in display mode and we ask for specific display rate
// but if we do not find exact match then 0 refresh rate might be just Ok
- if (CGDisplayModeGetRefreshRate(cRef) == refrate) {
+ int thisRefrate = (int)CGDisplayModeGetRefreshRate(cRef);
+ if (thisRefrate == refrate) {
// Exact match
return cRef;
}
- if (CGDisplayModeGetRefreshRate(cRef) == 0) {
+ if (thisRefrate == 0) {
// Not exactly what was asked for, but may fit our needs if we don't find an exact match
bestGuess = cRef;
}
diff --git a/jdk/src/share/classes/java/io/ObjectInputStream.java b/jdk/src/share/classes/java/io/ObjectInputStream.java
index fe358a32cda..9766d824fc8 100644
--- a/jdk/src/share/classes/java/io/ObjectInputStream.java
+++ b/jdk/src/share/classes/java/io/ObjectInputStream.java
@@ -3526,7 +3526,15 @@ String readLongUTF() throws IOException {
* utflen bytes.
*/
private String readUTFBody(long utflen) throws IOException {
- StringBuilder sbuf = new StringBuilder();
+ StringBuilder sbuf;
+ if (utflen > 0 && utflen < Integer.MAX_VALUE) {
+ // a reasonable initial capacity based on the UTF length
+ int initialCapacity = Math.min((int)utflen, 0xFFFF);
+ sbuf = new StringBuilder(initialCapacity);
+ } else {
+ sbuf = new StringBuilder();
+ }
+
if (!blkmode) {
end = pos = 0;
}
diff --git a/jdk/src/share/classes/java/lang/ClassLoader.java b/jdk/src/share/classes/java/lang/ClassLoader.java
index 2e98092f63e..925fdacce3f 100644
--- a/jdk/src/share/classes/java/lang/ClassLoader.java
+++ b/jdk/src/share/classes/java/lang/ClassLoader.java
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2013, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Azul Systems, Inc. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -1467,6 +1468,17 @@ private static synchronized void initSystemClassLoader() {
}
}
+ /*
+ * Initialize default paths for native libraries search.
+ * Must be done early as JDK may load libraries during bootstrap.
+ *
+ * @see java.lang.System#initPhase1
+ */
+ static void initLibraryPaths() {
+ usr_paths = initializePath("java.library.path");
+ sys_paths = initializePath("sun.boot.library.path");
+ }
+
// Returns true if the specified class loader can be found in this class
// loader's delegation chain.
boolean isAncestor(ClassLoader cl) {
@@ -1809,10 +1821,9 @@ static void loadLibrary(Class> fromClass, String name,
boolean isAbsolute) {
ClassLoader loader =
(fromClass == null) ? null : fromClass.getClassLoader();
- if (sys_paths == null) {
- usr_paths = initializePath("java.library.path");
- sys_paths = initializePath("sun.boot.library.path");
- }
+ assert sys_paths != null : "should be initialized at this point";
+ assert usr_paths != null : "should be initialized at this point";
+
if (isAbsolute) {
if (loadLibrary0(fromClass, new File(name))) {
return;
@@ -1902,13 +1913,14 @@ public Object run() {
name +
" already loaded in another classloader");
}
- /* If the library is being loaded (must be by the same thread,
- * because Runtime.load and Runtime.loadLibrary are
- * synchronous). The reason is can occur is that the JNI_OnLoad
- * function can cause another loadLibrary invocation.
+ /*
+ * When a library is being loaded, JNI_OnLoad function can cause
+ * another loadLibrary invocation that should succeed.
*
- * Thus we can use a static stack to hold the list of libraries
- * we are loading.
+ * We use a static stack to hold the list of libraries we are
+ * loading because this can happen only when called by the
+ * same thread because Runtime.load and Runtime.loadLibrary
+ * are synchronous.
*
* If there is a pending load operation for the library, we
* immediately return success; otherwise, we raise
diff --git a/jdk/src/share/classes/java/lang/Runtime.java b/jdk/src/share/classes/java/lang/Runtime.java
index 9e53dc939ec..5039059149f 100644
--- a/jdk/src/share/classes/java/lang/Runtime.java
+++ b/jdk/src/share/classes/java/lang/Runtime.java
@@ -1,5 +1,6 @@
/*
* Copyright (c) 1995, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Azul Systems, Inc. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -797,7 +798,7 @@ public void load(String filename) {
load0(Reflection.getCallerClass(), filename);
}
- synchronized void load0(Class> fromClass, String filename) {
+ void load0(Class> fromClass, String filename) {
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkLink(filename);
@@ -858,14 +859,14 @@ public void loadLibrary(String libname) {
loadLibrary0(Reflection.getCallerClass(), libname);
}
- synchronized void loadLibrary0(Class> fromClass, String libname) {
+ void loadLibrary0(Class> fromClass, String libname) {
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkLink(libname);
}
if (libname.indexOf((int)File.separatorChar) != -1) {
throw new UnsatisfiedLinkError(
- "Directory separator should not appear in library name: " + libname);
+ "Directory separator should not appear in library name: " + libname);
}
ClassLoader.loadLibrary(fromClass, libname, false);
}
diff --git a/jdk/src/share/classes/java/lang/System.java b/jdk/src/share/classes/java/lang/System.java
index b2747fa7a41..7bc235beff7 100644
--- a/jdk/src/share/classes/java/lang/System.java
+++ b/jdk/src/share/classes/java/lang/System.java
@@ -1192,6 +1192,8 @@ private static void initializeSystemClass() {
setOut0(newPrintStream(fdOut, props.getProperty("sun.stdout.encoding")));
setErr0(newPrintStream(fdErr, props.getProperty("sun.stderr.encoding")));
+ ClassLoader.initLibraryPaths();
+
// Load the zip library now in order to keep java.util.zip.ZipFile
// from trying to use itself to load this library later.
loadLibrary("zip");
diff --git a/jdk/src/share/classes/java/security/cert/X509CertSelector.java b/jdk/src/share/classes/java/security/cert/X509CertSelector.java
index 4a1ff7ef50d..0fe97a60204 100644
--- a/jdk/src/share/classes/java/security/cert/X509CertSelector.java
+++ b/jdk/src/share/classes/java/security/cert/X509CertSelector.java
@@ -2115,8 +2115,11 @@ private boolean matchSubjectKeyID(X509Certificate xcert) {
if (certSubjectKeyID == null ||
!Arrays.equals(subjectKeyID, certSubjectKeyID)) {
if (debug != null) {
- debug.println("X509CertSelector.match: "
- + "subject key IDs don't match");
+ debug.println("X509CertSelector.match: subject key IDs " +
+ "don't match\nX509CertSelector.match: subjectKeyID: " +
+ Arrays.toString(subjectKeyID) +
+ "\nX509CertSelector.match: certSubjectKeyID: " +
+ Arrays.toString(certSubjectKeyID));
}
return false;
}
diff --git a/jdk/src/share/classes/sun/misc/URLClassPath.java b/jdk/src/share/classes/sun/misc/URLClassPath.java
index c884809f7b7..601e01c434a 100644
--- a/jdk/src/share/classes/sun/misc/URLClassPath.java
+++ b/jdk/src/share/classes/sun/misc/URLClassPath.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -1344,10 +1344,15 @@ private URL[] parseClassPath(URL base, String value)
int i = 0;
while (st.hasMoreTokens()) {
String path = st.nextToken();
- URL url = DISABLE_CP_URL_CHECK ? new URL(base, path) : safeResolve(base, path);
+ URL url = DISABLE_CP_URL_CHECK ? new URL(base, path) : tryResolve(base, path);
if (url != null) {
urls[i] = url;
i++;
+ } else {
+ if (DEBUG_CP_URL_CHECK) {
+ System.err.println("Class-Path entry: \"" + path
+ + "\" ignored in JAR file " + base);
+ }
}
}
if (i == 0) {
@@ -1359,36 +1364,74 @@ private URL[] parseClassPath(URL base, String value)
return urls;
}
- /*
- * Return a URL for the given path resolved against the base URL, or
- * null if the resulting URL is invalid.
+ static URL tryResolve(URL base, String input) throws MalformedURLException {
+ if ("file".equalsIgnoreCase(base.getProtocol())) {
+ return tryResolveFile(base, input);
+ } else {
+ return tryResolveNonFile(base, input);
+ }
+ }
+
+ /**
+ * Attempt to return a file URL by resolving input against a base file
+ * URL. The input is an absolute or relative file URL that encodes a
+ * file path.
+ *
+ * @apiNote Nonsensical input such as a Windows file path with a drive
+ * letter cannot be disambiguated from an absolute URL so will be rejected
+ * (by returning null) by this method.
+ *
+ * @return the resolved URL or null if the input is an absolute URL with
+ * a scheme other than file (ignoring case)
+ * @throws MalformedURLException
*/
- static URL safeResolve(URL base, String path) {
- String child = path.replace(File.separatorChar, '/');
- try {
- if (!URI.create(child).isAbsolute()) {
- URL url = new URL(base, child);
- if (base.getProtocol().equalsIgnoreCase("file")) {
- return url;
- } else {
- String bp = base.getPath();
- String urlp = url.getPath();
- int pos = bp.lastIndexOf('/');
- if (pos == -1) {
- pos = bp.length() - 1;
- }
- if (urlp.regionMatches(0, bp, 0, pos + 1)
- && urlp.indexOf("..", pos) == -1) {
- return url;
- }
- }
+ static URL tryResolveFile(URL base, String input) throws MalformedURLException {
+ int index = input.indexOf(':');
+ boolean isFile;
+ if (index >= 0) {
+ String scheme = input.substring(0, index);
+ isFile = "file".equalsIgnoreCase(scheme);
+ } else {
+ isFile = true;
+ }
+ return (isFile) ? new URL(base, input) : null;
+ }
+
+ /**
+ * Attempt to return a URL by resolving input against a base URL. Returns
+ * null if the resolved URL is not contained by the base URL.
+ *
+ * @return the resolved URL or null
+ * @throws MalformedURLException
+ */
+ static URL tryResolveNonFile(URL base, String input) throws MalformedURLException {
+ String child = input.replace(File.separatorChar, '/');
+ if (isRelative(child)) {
+ URL url = new URL(base, child);
+ String bp = base.getPath();
+ String urlp = url.getPath();
+ int pos = bp.lastIndexOf('/');
+ if (pos == -1) {
+ pos = bp.length() - 1;
+ }
+ if (urlp.regionMatches(0, bp, 0, pos + 1)
+ && urlp.indexOf("..", pos) == -1) {
+ return url;
}
- } catch (MalformedURLException | IllegalArgumentException e) {}
- if (DEBUG_CP_URL_CHECK) {
- System.err.println("Class-Path entry: \"" + path + "\" ignored in JAR file " + base);
}
return null;
}
+
+ /**
+ * Returns true if the given input is a relative URI.
+ */
+ static boolean isRelative(String child) {
+ try {
+ return !URI.create(child).isAbsolute();
+ } catch (IllegalArgumentException e) {
+ return false;
+ }
+ }
}
/*
diff --git a/jdk/src/share/classes/sun/net/www/MessageHeader.java b/jdk/src/share/classes/sun/net/www/MessageHeader.java
index 34b6307826f..6ab2008dd4f 100644
--- a/jdk/src/share/classes/sun/net/www/MessageHeader.java
+++ b/jdk/src/share/classes/sun/net/www/MessageHeader.java
@@ -288,14 +288,44 @@ public synchronized Map> filterAndAddHeaders(
return Collections.unmodifiableMap(m);
}
+ /** Check if a line of message header looks like a request line.
+ * This method does not perform a full validation but simply
+ * returns false if the line does not end with 'HTTP/[1-9].[0-9]'
+ * @param line the line to check.
+ * @return true if the line might be a request line.
+ */
+ private boolean isRequestline(String line) {
+ String k = line.trim();
+ int i = k.lastIndexOf(' ');
+ if (i <= 0) return false;
+ int len = k.length();
+ if (len - i < 9) return false;
+
+ char c1 = k.charAt(len-3);
+ char c2 = k.charAt(len-2);
+ char c3 = k.charAt(len-1);
+ if (c1 < '1' || c1 > '9') return false;
+ if (c2 != '.') return false;
+ if (c3 < '0' || c3 > '9') return false;
+
+ return (k.substring(i+1, len-3).equalsIgnoreCase("HTTP/"));
+ }
+
+
/** Prints the key-value pairs represented by this
- header. Also prints the RFC required blank line
- at the end. Omits pairs with a null key. */
+ header. Also prints the RFC required blank line
+ at the end. Omits pairs with a null key. Omits
+ colon if key-value pair is the requestline. */
public synchronized void print(PrintStream p) {
for (int i = 0; i < nkeys; i++)
if (keys[i] != null) {
- p.print(keys[i] +
- (values[i] != null ? ": "+values[i]: "") + "\r\n");
+ StringBuilder sb = new StringBuilder(keys[i]);
+ if (values[i] != null) {
+ sb.append(": " + values[i]);
+ } else if (i != 0 || !isRequestline(keys[i])) {
+ sb.append(":");
+ }
+ p.print(sb.append("\r\n"));
}
p.print("\r\n");
p.flush();
diff --git a/jdk/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java b/jdk/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java
index 30c94891892..07d8e98a045 100644
--- a/jdk/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java
+++ b/jdk/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java
@@ -982,7 +982,7 @@ private void setCertEntry(String alias, Certificate cert,
new CertEntry((X509Certificate) cert, null, alias, AnyUsage,
attributes);
certificateCount++;
- entries.put(alias, certEntry);
+ entries.put(alias.toLowerCase(Locale.ENGLISH), certEntry);
if (debug != null) {
debug.println("Setting a trusted certificate at alias '" + alias +
diff --git a/jdk/src/share/lib/security/cacerts b/jdk/src/share/lib/security/cacerts
index 1db6c41b89d..2adbd1168cb 100644
Binary files a/jdk/src/share/lib/security/cacerts and b/jdk/src/share/lib/security/cacerts differ
diff --git a/jdk/src/share/native/sun/font/layout/MorphTables2.cpp b/jdk/src/share/native/sun/font/layout/MorphTables2.cpp
index ff69cb9a41e..eb628a1a32d 100644
--- a/jdk/src/share/native/sun/font/layout/MorphTables2.cpp
+++ b/jdk/src/share/native/sun/font/layout/MorphTables2.cpp
@@ -192,7 +192,7 @@ void MorphTableHeader2::process(const LEReferenceTo &base, LE
for (subtable = 0; LE_SUCCESS(success) && subtable < nSubtables; subtable++) {
if(subtable>0) {
le_uint32 length = SWAPL(subtableHeader->length);
- if (length & 0x03) { // incorrect alignment for 32 bit tables
+ if (length & 0x01) { // incorrect alignment for 32 bit tables
success = LE_MEMORY_ALLOCATION_ERROR; // as good a choice as any
return;
}
diff --git a/jdk/src/solaris/classes/java/lang/UNIXProcess.java b/jdk/src/solaris/classes/java/lang/UNIXProcess.java
index 1793a8f35c4..fe26fd89301 100644
--- a/jdk/src/solaris/classes/java/lang/UNIXProcess.java
+++ b/jdk/src/solaris/classes/java/lang/UNIXProcess.java
@@ -408,8 +408,7 @@ public synchronized boolean waitFor(long timeout, TimeUnit unit)
long deadline = System.nanoTime() + remainingNanos;
do {
- // Round up to next millisecond
- wait(TimeUnit.NANOSECONDS.toMillis(remainingNanos + 999_999L));
+ TimeUnit.NANOSECONDS.timedWait(this, remainingNanos);
if (hasExited) {
return true;
}
diff --git a/jdk/src/solaris/native/java/util/TimeZone_md.c b/jdk/src/solaris/native/java/util/TimeZone_md.c
index 3507c1c6514..7ec893b6b62 100644
--- a/jdk/src/solaris/native/java/util/TimeZone_md.c
+++ b/jdk/src/solaris/native/java/util/TimeZone_md.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -42,6 +42,8 @@
#include "jvm.h"
#include "TimeZone_md.h"
+static char *isFileIdentical(char* buf, size_t size, char *pathname);
+
#define SKIP_SPACE(p) while (*p == ' ' || *p == '\t') p++;
#if defined(_ALLBSD_SOURCE)
@@ -65,6 +67,8 @@ static const char *ZONEINFO_DIR = "/usr/share/lib/zoneinfo";
static const char *DEFAULT_ZONEINFO_FILE = "/usr/share/lib/zoneinfo/localtime";
#endif /* defined(__linux__) || defined(_ALLBSD_SOURCE) */
+static const char popularZones[][4] = {"UTC", "GMT"};
+
#if defined(_AIX)
static const char *ETC_ENVIRONMENT_FILE = "/etc/environment";
#endif
@@ -114,14 +118,28 @@ static char *
findZoneinfoFile(char *buf, size_t size, const char *dir)
{
DIR *dirp = NULL;
- struct stat statbuf;
struct dirent64 *dp = NULL;
struct dirent64 *entry = NULL;
char *pathname = NULL;
- int fd = -1;
- char *dbuf = NULL;
char *tz = NULL;
+ if (strcmp(dir, ZONEINFO_DIR) == 0) {
+ /* fast path for 1st iteration */
+ unsigned int i;
+ for (i = 0; i < sizeof (popularZones) / sizeof (popularZones[0]); i++) {
+ pathname = getPathName(dir, popularZones[i]);
+ if (pathname == NULL) {
+ continue;
+ }
+ tz = isFileIdentical(buf, size, pathname);
+ free((void *) pathname);
+ pathname = NULL;
+ if (tz != NULL) {
+ return tz;
+ }
+ }
+ }
+
dirp = opendir(dir);
if (dirp == NULL) {
return NULL;
@@ -161,40 +179,14 @@ findZoneinfoFile(char *buf, size_t size, const char *dir)
if (pathname == NULL) {
break;
}
- if (stat(pathname, &statbuf) == -1) {
- break;
- }
- if (S_ISDIR(statbuf.st_mode)) {
- tz = findZoneinfoFile(buf, size, pathname);
- if (tz != NULL) {
- break;
- }
- } else if (S_ISREG(statbuf.st_mode) && (size_t)statbuf.st_size == size) {
- dbuf = (char *) malloc(size);
- if (dbuf == NULL) {
- break;
- }
- if ((fd = open(pathname, O_RDONLY)) == -1) {
- break;
- }
- if (read(fd, dbuf, size) != (ssize_t) size) {
- break;
- }
- if (memcmp(buf, dbuf, size) == 0) {
- tz = getZoneName(pathname);
- if (tz != NULL) {
- tz = strdup(tz);
- }
- break;
- }
- free((void *) dbuf);
- dbuf = NULL;
- (void) close(fd);
- fd = -1;
- }
+ tz = isFileIdentical(buf, size, pathname);
+
free((void *) pathname);
pathname = NULL;
+ if (tz != NULL) {
+ break;
+ }
}
if (entry != NULL) {
@@ -203,16 +195,53 @@ findZoneinfoFile(char *buf, size_t size, const char *dir)
if (dirp != NULL) {
(void) closedir(dirp);
}
- if (pathname != NULL) {
- free((void *) pathname);
- }
- if (fd != -1) {
- (void) close(fd);
+ return tz;
+}
+
+/*
+ * Checks if the file pointed to by pathname matches
+ * the data contents in buf.
+ * Returns a representation of the timezone file name
+ * if file match is found, otherwise NULL.
+ */
+static char *
+isFileIdentical(char *buf, size_t size, char *pathname)
+{
+ char *possibleMatch = NULL;
+ struct stat statbuf;
+ char *dbuf = NULL;
+ int fd = -1;
+ int res;
+
+ if (stat(pathname, &statbuf) == -1) {
+ return NULL;
}
- if (dbuf != NULL) {
+
+ if (S_ISDIR(statbuf.st_mode)) {
+ possibleMatch = findZoneinfoFile(buf, size, pathname);
+ } else if (S_ISREG(statbuf.st_mode) && (size_t)statbuf.st_size == size) {
+ dbuf = (char *) malloc(size);
+ if (dbuf == NULL) {
+ return NULL;
+ }
+ if ((fd = open(pathname, O_RDONLY)) == -1) {
+ goto freedata;
+ }
+ if (read(fd, dbuf, size) != (ssize_t) size) {
+ goto freedata;
+ }
+ if (memcmp(buf, dbuf, size) == 0) {
+ possibleMatch = getZoneName(pathname);
+ if (possibleMatch != NULL) {
+ possibleMatch = strdup(possibleMatch);
+ }
+ }
+ freedata:
free((void *) dbuf);
+ dbuf = NULL;
+ (void) close(fd);
}
- return tz;
+ return possibleMatch;
}
#if defined(__linux__) || defined(MACOSX)
diff --git a/jdk/src/solaris/native/sun/awt/gtk_interface.c b/jdk/src/solaris/native/sun/awt/gtk_interface.c
index 8157efed471..42db9b6fe0d 100644
--- a/jdk/src/solaris/native/sun/awt/gtk_interface.c
+++ b/jdk/src/solaris/native/sun/awt/gtk_interface.c
@@ -44,19 +44,19 @@ typedef struct {
} GtkLib;
static GtkLib gtk_libs[] = {
- {
- GTK_2,
- JNI_LIB_NAME("gtk-x11-2.0"),
- VERSIONED_JNI_LIB_NAME("gtk-x11-2.0", "0"),
- >k2_load,
- >k2_check
- },
{
GTK_3,
JNI_LIB_NAME("gtk-3"),
VERSIONED_JNI_LIB_NAME("gtk-3", "0"),
>k3_load,
>k3_check
+ },
+ {
+ GTK_2,
+ JNI_LIB_NAME("gtk-x11-2.0"),
+ VERSIONED_JNI_LIB_NAME("gtk-x11-2.0", "0"),
+ >k2_load,
+ >k2_check
}
};
diff --git a/jdk/src/windows/classes/java/lang/ProcessImpl.java b/jdk/src/windows/classes/java/lang/ProcessImpl.java
index 37c32375475..1970260e57e 100644
--- a/jdk/src/windows/classes/java/lang/ProcessImpl.java
+++ b/jdk/src/windows/classes/java/lang/ProcessImpl.java
@@ -520,11 +520,15 @@ public boolean waitFor(long timeout, TimeUnit unit)
if (timeout <= 0) return false;
long remainingNanos = unit.toNanos(timeout);
- long deadline = System.nanoTime() + remainingNanos ;
+ long deadline = System.nanoTime() + remainingNanos;
do {
// Round up to next millisecond
long msTimeout = TimeUnit.NANOSECONDS.toMillis(remainingNanos + 999_999L);
+ if (msTimeout < 0) {
+ // if wraps around then wait a long while
+ msTimeout = Integer.MAX_VALUE;
+ }
waitForTimeoutInterruptibly(handle, msTimeout);
if (Thread.interrupted())
throw new InterruptedException();
@@ -538,7 +542,7 @@ public boolean waitFor(long timeout, TimeUnit unit)
}
private static native void waitForTimeoutInterruptibly(
- long handle, long timeout);
+ long handle, long timeoutMillis);
public void destroy() { terminateProcess(handle); }
diff --git a/jdk/src/windows/classes/sun/awt/shell/Win32ShellFolderManager2.java b/jdk/src/windows/classes/sun/awt/shell/Win32ShellFolderManager2.java
index add8f731ee2..bc4039ad945 100644
--- a/jdk/src/windows/classes/sun/awt/shell/Win32ShellFolderManager2.java
+++ b/jdk/src/windows/classes/sun/awt/shell/Win32ShellFolderManager2.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -25,7 +25,8 @@
package sun.awt.shell;
-import java.awt.*;
+import java.awt.Image;
+import java.awt.Toolkit;
import java.awt.image.BufferedImage;
import java.io.File;
@@ -33,14 +34,29 @@
import java.io.IOException;
import java.security.AccessController;
import java.security.PrivilegedAction;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Arrays;
import java.util.List;
-import java.util.concurrent.*;
+import java.util.concurrent.Callable;
+import java.util.concurrent.ExecutionException;
+import java.util.concurrent.Future;
+import java.util.concurrent.LinkedBlockingQueue;
+import java.util.concurrent.RejectedExecutionException;
+import java.util.concurrent.ThreadFactory;
+import java.util.concurrent.ThreadPoolExecutor;
+import java.util.concurrent.TimeUnit;
import java.util.stream.Stream;
-import static sun.awt.shell.Win32ShellFolder2.*;
import sun.awt.OSInfo;
import sun.misc.ThreadGroupUtils;
+import sun.util.logging.PlatformLogger;
+
+import static sun.awt.shell.Win32ShellFolder2.DESKTOP;
+import static sun.awt.shell.Win32ShellFolder2.DRIVES;
+import static sun.awt.shell.Win32ShellFolder2.Invoker;
+import static sun.awt.shell.Win32ShellFolder2.NETWORK;
+import static sun.awt.shell.Win32ShellFolder2.PERSONAL;
+import static sun.awt.shell.Win32ShellFolder2.RECENT;
// NOTE: This class supersedes Win32ShellFolderManager, which was removed
// from distribution after version 1.4.2.
@@ -54,6 +70,9 @@
public class Win32ShellFolderManager2 extends ShellFolderManager {
+ private static final PlatformLogger
+ log = PlatformLogger.getLogger("sun.awt.shell.Win32ShellFolderManager2");
+
static {
// Load library here
sun.awt.windows.WToolkit.loadLibraries();
@@ -137,12 +156,13 @@ static Win32ShellFolder2 getDesktop() {
if (desktop == null) {
try {
desktop = new Win32ShellFolder2(DESKTOP);
- } catch (SecurityException e) {
- // Ignore error
- } catch (IOException e) {
- // Ignore error
- } catch (InterruptedException e) {
- // Ignore error
+ } catch (final SecurityException ignored) {
+ // Ignore, the message may have sensitive information, not
+ // accessible other ways
+ } catch (IOException | InterruptedException e) {
+ if (log.isLoggable(PlatformLogger.Level.WARNING)) {
+ log.warning("Cannot access 'Desktop'", e);
+ }
}
}
return desktop;
@@ -152,12 +172,13 @@ static Win32ShellFolder2 getDrives() {
if (drives == null) {
try {
drives = new Win32ShellFolder2(DRIVES);
- } catch (SecurityException e) {
- // Ignore error
- } catch (IOException e) {
- // Ignore error
- } catch (InterruptedException e) {
- // Ignore error
+ } catch (final SecurityException ignored) {
+ // Ignore, the message may have sensitive information, not
+ // accessible other ways
+ } catch (IOException | InterruptedException e) {
+ if (log.isLoggable(PlatformLogger.Level.WARNING)) {
+ log.warning("Cannot access 'Drives'", e);
+ }
}
}
return drives;
@@ -170,12 +191,13 @@ static Win32ShellFolder2 getRecent() {
if (path != null) {
recent = createShellFolder(getDesktop(), new File(path));
}
- } catch (SecurityException e) {
- // Ignore error
- } catch (InterruptedException e) {
- // Ignore error
- } catch (IOException e) {
- // Ignore error
+ } catch (final SecurityException ignored) {
+ // Ignore, the message may have sensitive information, not
+ // accessible other ways
+ } catch (InterruptedException | IOException e) {
+ if (log.isLoggable(PlatformLogger.Level.WARNING)) {
+ log.warning("Cannot access 'Recent'", e);
+ }
}
}
return recent;
@@ -185,12 +207,13 @@ static Win32ShellFolder2 getNetwork() {
if (network == null) {
try {
network = new Win32ShellFolder2(NETWORK);
- } catch (SecurityException e) {
- // Ignore error
- } catch (IOException e) {
- // Ignore error
- } catch (InterruptedException e) {
- // Ignore error
+ } catch (final SecurityException ignored) {
+ // Ignore, the message may have sensitive information, not
+ // accessible other ways
+ } catch (IOException | InterruptedException e) {
+ if (log.isLoggable(PlatformLogger.Level.WARNING)) {
+ log.warning("Cannot access 'Network'", e);
+ }
}
}
return network;
@@ -210,12 +233,13 @@ static Win32ShellFolder2 getPersonal() {
personal.setIsPersonal();
}
}
- } catch (SecurityException e) {
- // Ignore error
- } catch (InterruptedException e) {
- // Ignore error
- } catch (IOException e) {
- // Ignore error
+ } catch (final SecurityException ignored) {
+ // Ignore, the message may have sensitive information, not
+ // accessible other ways
+ } catch (InterruptedException | IOException e) {
+ if (log.isLoggable(PlatformLogger.Level.WARNING)) {
+ log.warning("Cannot access 'Personal'", e);
+ }
}
}
return personal;
@@ -316,8 +340,14 @@ public Object get(String key) {
folders.add(createShellFolder(new File((String)value)));
}
} catch (IOException e) {
+ if (log.isLoggable(PlatformLogger.Level.WARNING)) {
+ log.warning("Cannot read value = " + value, e);
+ }
// Skip this value
} catch (InterruptedException e) {
+ if (log.isLoggable(PlatformLogger.Level.WARNING)) {
+ log.warning("Cannot read value = " + value, e);
+ }
// Return empty result
return new File[0];
}
diff --git a/jdk/src/windows/native/java/lang/ProcessImpl_md.c b/jdk/src/windows/native/java/lang/ProcessImpl_md.c
index 3a013c1591c..8dcf8972e1e 100644
--- a/jdk/src/windows/native/java/lang/ProcessImpl_md.c
+++ b/jdk/src/windows/native/java/lang/ProcessImpl_md.c
@@ -421,10 +421,10 @@ JNIEXPORT void JNICALL
Java_java_lang_ProcessImpl_waitForTimeoutInterruptibly(JNIEnv *env,
jclass ignored,
jlong handle,
- jlong timeout)
+ jlong timeoutMillis)
{
HANDLE events[2];
- DWORD dwTimeout = (DWORD)timeout;
+ DWORD dwTimeout = (DWORD)timeoutMillis;
DWORD result;
events[0] = (HANDLE) handle;
events[1] = JVM_GetThreadInterruptEvent();
diff --git a/jdk/test/ProblemList.txt b/jdk/test/ProblemList.txt
index b94b2926ef1..c86b5ec52ff 100644
--- a/jdk/test/ProblemList.txt
+++ b/jdk/test/ProblemList.txt
@@ -270,6 +270,9 @@ sun/rmi/transport/tcp/DisableRMIOverHttp/DisableRMIOverHTTPTest.java windows-
# 8026976
sun/security/pkcs11/ec/TestKeyFactory.java generic-all
+# 8180837
+sun/security/pkcs11/Secmod/AddTrustedCert.java generic-all
+sun/security/pkcs11/tls/TestKeyMaterial.java generic-all
# 7164518
sun/security/krb5/auto/Unreachable.java macosx-all
diff --git a/jdk/test/com/sun/tools/attach/StartManagementAgent.java b/jdk/test/com/sun/tools/attach/StartManagementAgent.java
index da8289558ae..cc3969084eb 100644
--- a/jdk/test/com/sun/tools/attach/StartManagementAgent.java
+++ b/jdk/test/com/sun/tools/attach/StartManagementAgent.java
@@ -93,7 +93,7 @@ private static void basicTests(VirtualMachine vm) throws Exception {
} catch(AttachOperationFailedException ex) {
// We expect parsing of "apa" above to fail, but if the file path
// can't be read we get a different exception message
- if (!ex.getMessage().contains("Invalid com.sun.management.jmxremote.port number")) {
+ if (!ex.getMessage().contains("NumberFormatException: For input string: \"apa\"")) {
throw ex;
}
}
diff --git a/jdk/test/java/awt/GraphicsDevice/CheckDisplayModes.java b/jdk/test/java/awt/GraphicsDevice/CheckDisplayModes.java
index 719ee9b43a7..9fced188d63 100644
--- a/jdk/test/java/awt/GraphicsDevice/CheckDisplayModes.java
+++ b/jdk/test/java/awt/GraphicsDevice/CheckDisplayModes.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2013, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -23,7 +23,7 @@
/*
* @test
- * @bug 8007146
+ * @bug 8007146 8213119
* @summary [macosx] Setting a display mode crashes JDK under VNC
* @author Alexander Scherbatiy
* @run main CheckDisplayModes
@@ -36,27 +36,28 @@ public class CheckDisplayModes {
public static void main(String[] args) {
GraphicsEnvironment ge = GraphicsEnvironment.getLocalGraphicsEnvironment();
- GraphicsDevice graphicDevice = ge.getDefaultScreenDevice();
- if (!graphicDevice.isDisplayChangeSupported()) {
- System.err.println("Display mode change is not supported on this host. Test is considered passed.");
- return;
- }
- DisplayMode defaultDisplayMode = graphicDevice.getDisplayMode();
- checkDisplayMode(defaultDisplayMode);
- graphicDevice.setDisplayMode(defaultDisplayMode);
+ for (GraphicsDevice graphicDevice : ge.getScreenDevices()) {
+ if (!graphicDevice.isDisplayChangeSupported()) {
+ System.err.println("Display mode change is not supported on this host. Test is considered passed.");
+ continue;
+ }
+ DisplayMode defaultDisplayMode = graphicDevice.getDisplayMode();
+ checkDisplayMode(defaultDisplayMode);
+ graphicDevice.setDisplayMode(defaultDisplayMode);
- DisplayMode[] displayModes = graphicDevice.getDisplayModes();
- boolean isDefaultDisplayModeIncluded = false;
- for (DisplayMode displayMode : displayModes) {
- checkDisplayMode(displayMode);
- graphicDevice.setDisplayMode(displayMode);
- if (defaultDisplayMode.equals(displayMode)) {
- isDefaultDisplayModeIncluded = true;
+ DisplayMode[] displayModes = graphicDevice.getDisplayModes();
+ boolean isDefaultDisplayModeIncluded = false;
+ for (DisplayMode displayMode : displayModes) {
+ checkDisplayMode(displayMode);
+ graphicDevice.setDisplayMode(displayMode);
+ if (defaultDisplayMode.equals(displayMode)) {
+ isDefaultDisplayModeIncluded = true;
+ }
}
- }
- if (!isDefaultDisplayModeIncluded) {
- throw new RuntimeException("Default display mode is not included");
+ if (!isDefaultDisplayModeIncluded) {
+ throw new RuntimeException("Default display mode is not included");
+ }
}
}
diff --git a/jdk/test/java/awt/font/TextLayout/HangulShapingTest.java b/jdk/test/java/awt/font/TextLayout/HangulShapingTest.java
new file mode 100644
index 00000000000..2febfad3dbc
--- /dev/null
+++ b/jdk/test/java/awt/font/TextLayout/HangulShapingTest.java
@@ -0,0 +1,72 @@
+// Copyright 2019 Azul Systems, Inc. All Rights Reserved.
+// DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+//
+// This code is free software; you can redistribute it and/or modify it under
+// the terms of the GNU General Public License version 2 only, as published by
+// the Free Software Foundation.
+//
+// This code is distributed in the hope that it will be useful, but WITHOUT ANY
+// WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+// A PARTICULAR PURPOSE. See the GNU General Public License version 2 for more
+// details (a copy is included in the LICENSE file that accompanied this code).
+//
+// You should have received a copy of the GNU General Public License version 2
+// along with this work; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// Please contact Azul Systems, 385 Moffett Park Drive, Suite 115, Sunnyvale,
+// CA 94089 USA or visit www.azul.com if you need additional information or
+// have any questions.
+
+import java.awt.Font;
+import java.awt.Color;
+import java.awt.Graphics2D;
+import java.awt.image.BufferedImage;
+
+/*
+ * @test
+ * @bug 8215210
+ * @summary Downport of prr's fix to a certain ICU wrong condition breaking some Hangul shaping
+ * @run main/othervm -Dsun.font.layoutengine=icu HangulShapingTest
+ */
+public class HangulShapingTest {
+ public static void main(String args[]) {
+ if (!System.getProperty("os.name").startsWith("Mac")) {
+ return;
+ }
+
+ // images of the strings as drawn should be identical
+ String beforeString = "\u1100\u1161 \u1102\u1161";
+ String afterString = "\uAC00 \uB098";
+ int w = 100, h = 100;
+
+ BufferedImage bi1 = drawit(w, h, beforeString);
+ BufferedImage bi2 = drawit(w, h, afterString);
+
+ boolean same = true;
+ for (int x = 0; x < w; x++) {
+ for (int y = 0; y < h; y++) {
+ int c1 = bi1.getRGB(x, y);
+ int c2 = bi2.getRGB(x, y);
+ same &= (c1 == c2);
+ }
+ if (!same) {
+ break;
+ }
+ }
+ if (!same) {
+ throw new RuntimeException("Images differ");
+ }
+ }
+ private static BufferedImage drawit(int w, int h, String toDraw) {
+ BufferedImage bi = new BufferedImage(w, h, BufferedImage.TYPE_INT_RGB);
+ Graphics2D biGraphics = bi.createGraphics();
+ biGraphics.setColor(Color.white);
+ biGraphics.fillRect(0, 0, w, h);
+ biGraphics.setColor(Color.black);
+ Font font = new Font("Dialog", Font.PLAIN, 20);
+ biGraphics.setFont(font);
+ biGraphics.drawString(toDraw, 10, 40);
+ return bi;
+ }
+}
diff --git a/jdk/test/java/awt/font/TextLayout/HebrewIsRTLTest.java b/jdk/test/java/awt/font/TextLayout/HebrewIsRTLTest.java
new file mode 100644
index 00000000000..1ced41de189
--- /dev/null
+++ b/jdk/test/java/awt/font/TextLayout/HebrewIsRTLTest.java
@@ -0,0 +1,75 @@
+// Copyright 2019 Azul Systems, Inc. All Rights Reserved.
+// DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+//
+// This code is free software; you can redistribute it and/or modify it under
+// the terms of the GNU General Public License version 2 only, as published by
+// the Free Software Foundation.
+//
+// This code is distributed in the hope that it will be useful, but WITHOUT ANY
+// WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+// A PARTICULAR PURPOSE. See the GNU General Public License version 2 for more
+// details (a copy is included in the LICENSE file that accompanied this code).
+//
+// You should have received a copy of the GNU General Public License version 2
+// along with this work; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// Please contact Azul Systems, 385 Moffett Park Drive, Suite 115, Sunnyvale,
+// CA 94089 USA or visit www.azul.com if you need additional information or
+// have any questions.
+
+import java.awt.Font;
+import java.awt.Color;
+import java.awt.Graphics2D;
+import java.awt.image.BufferedImage;
+
+/*
+ * @test
+ * @summary Fix to 8215210 should not break RTL with AAT fonts.
+ * @run main/othervm -Dsun.font.layoutengine=icu HebrewIsRTLTest
+ */
+public class HebrewIsRTLTest {
+ static final String hebrewString = "\u05E9\u059E\u05E9\u0595\u05E9\u05A9\u05E9\u0592\u05E9\u0599\u05E9\u059E\u05E9\u0595\u05E9\u05A9\u05E9\u0592\u05E9\u0599 . \u05E9\u0599\u05E9\u05A1\u05E9\u0595\u05E9\u0593";
+ public static void main(String args[]) {
+ if (!System.getProperty("os.name").startsWith("Mac")) {
+ return;
+ }
+
+ // calculate text size
+ BufferedImage biMetrics = new BufferedImage(1000, 1000, BufferedImage.TYPE_INT_RGB);
+ Graphics2D biMetricsGraphics = biMetrics.createGraphics();
+ Font font = new Font("TimesRoman", Font.PLAIN, 40);
+ biMetricsGraphics.setFont(font);
+ int width = biMetricsGraphics.getFontMetrics().stringWidth(hebrewString);
+ int height = biMetricsGraphics.getFontMetrics().getHeight();
+
+ // create minimal image
+ BufferedImage bi = new BufferedImage(width, height, BufferedImage.TYPE_INT_RGB);
+ Graphics2D biGraphics = bi.createGraphics();
+ biGraphics.setColor(Color.white);
+ biGraphics.fillRect(0, 0, width, height);
+ biGraphics.setColor(Color.black);
+ biGraphics.setFont(font);
+ biGraphics.drawString(hebrewString, 0, height);
+
+ int y = bi.getHeight() / 2;
+ int x;
+ int rgb, rgbLeftCount = 0, rgbRightCount = 0;
+
+ for (x = 0; x < bi.getWidth()/2; x++) {
+ rgb = bi.getRGB(x, y);
+ if (rgb == Color.BLACK.getRGB()) {
+ rgbLeftCount++;
+ }
+ }
+ for (x = bi.getWidth()/2 + 1; x < bi.getWidth(); x++) {
+ rgb = bi.getRGB(x, y);
+ if (rgb == Color.BLACK.getRGB()) {
+ rgbRightCount++;
+ }
+ }
+ if (rgbLeftCount > rgbRightCount) {
+ throw new RuntimeException("Hebrew text seems drawn LTR");
+ }
+ }
+}
diff --git a/jdk/test/java/lang/ProcessBuilder/Basic.java b/jdk/test/java/lang/ProcessBuilder/Basic.java
index 1db1d31d8c4..7a9260acbf2 100644
--- a/jdk/test/java/lang/ProcessBuilder/Basic.java
+++ b/jdk/test/java/lang/ProcessBuilder/Basic.java
@@ -61,6 +61,15 @@ public class Basic {
/* used for AIX only */
static final String libpath = System.getenv("LIBPATH");
+ /**
+ * Returns the number of milliseconds since time given by
+ * startNanoTime, which must have been previously returned from a
+ * call to {@link System.nanoTime()}.
+ */
+ private static long millisElapsedSince(long startNanoTime) {
+ return TimeUnit.NANOSECONDS.toMillis(System.nanoTime() - startNanoTime);
+ }
+
private static String commandOutput(Reader r) throws Throwable {
StringBuilder sb = new StringBuilder();
int c;
@@ -2294,40 +2303,98 @@ public void run() {
//----------------------------------------------------------------
// Check that Process.waitFor(timeout, TimeUnit.MILLISECONDS)
- // interrupt works as expected.
+ // interrupt works as expected, if interrupted while waiting.
//----------------------------------------------------------------
try {
List childArgs = new ArrayList(javaChildArgs);
childArgs.add("sleep");
final Process p = new ProcessBuilder(childArgs).start();
final long start = System.nanoTime();
- final CountDownLatch ready = new CountDownLatch(1);
- final CountDownLatch done = new CountDownLatch(1);
+ final CountDownLatch aboutToWaitFor = new CountDownLatch(1);
final Thread thread = new Thread() {
public void run() {
try {
- final boolean result;
- try {
- ready.countDown();
- result = p.waitFor(30000, TimeUnit.MILLISECONDS);
- } catch (InterruptedException e) {
- return;
- }
+ aboutToWaitFor.countDown();
+ Thread.currentThread().interrupt();
+ boolean result = p.waitFor(30L * 1000L, TimeUnit.MILLISECONDS);
fail("waitFor() wasn't interrupted, its return value was: " + result);
- } catch (Throwable t) {
- unexpected(t);
- } finally {
- done.countDown();
- }
+ } catch (InterruptedException success) {
+ } catch (Throwable t) { unexpected(t); }
+ }
+ };
+
+ thread.start();
+ aboutToWaitFor.await();
+ thread.interrupt();
+ thread.join(10L * 1000L);
+ check(millisElapsedSince(start) < 10L * 1000L);
+ check(!thread.isAlive());
+ p.destroy();
+ } catch (Throwable t) { unexpected(t); }
+
+ //----------------------------------------------------------------
+ // Check that Process.waitFor(Long.MAX_VALUE, TimeUnit.MILLISECONDS)
+ // interrupt works as expected, if interrupted while waiting.
+ //----------------------------------------------------------------
+ try {
+ List childArgs = new ArrayList(javaChildArgs);
+ childArgs.add("sleep");
+ final Process p = new ProcessBuilder(childArgs).start();
+ final long start = System.nanoTime();
+ final CountDownLatch aboutToWaitFor = new CountDownLatch(1);
+
+ final Thread thread = new Thread() {
+ public void run() {
+ try {
+ aboutToWaitFor.countDown();
+ Thread.currentThread().interrupt();
+ boolean result = p.waitFor(Long.MAX_VALUE, TimeUnit.MILLISECONDS);
+ fail("waitFor() wasn't interrupted, its return value was: " + result);
+ } catch (InterruptedException success) {
+ } catch (Throwable t) { unexpected(t); }
+ }
+ };
+
+ thread.start();
+ aboutToWaitFor.await();
+ thread.interrupt();
+ thread.join(10L * 1000L);
+ check(millisElapsedSince(start) < 10L * 1000L);
+ check(!thread.isAlive());
+ p.destroy();
+ } catch (Throwable t) { unexpected(t); }
+
+ //----------------------------------------------------------------
+ // Check that Process.waitFor(timeout, TimeUnit.MILLISECONDS)
+ // interrupt works as expected, if interrupted before waiting.
+ //----------------------------------------------------------------
+ try {
+ List childArgs = new ArrayList(javaChildArgs);
+ childArgs.add("sleep");
+ final Process p = new ProcessBuilder(childArgs).start();
+ final long start = System.nanoTime();
+ final CountDownLatch threadStarted = new CountDownLatch(1);
+
+ final Thread thread = new Thread() {
+ public void run() {
+ try {
+ threadStarted.countDown();
+ do { Thread.yield(); }
+ while (!Thread.currentThread().isInterrupted());
+ boolean result = p.waitFor(30L * 1000L, TimeUnit.MILLISECONDS);
+ fail("waitFor() wasn't interrupted, its return value was: " + result);
+ } catch (InterruptedException success) {
+ } catch (Throwable t) { unexpected(t); }
}
};
thread.start();
- ready.await();
- Thread.sleep(1000);
+ threadStarted.await();
thread.interrupt();
- done.await();
+ thread.join(10L * 1000L);
+ check(millisElapsedSince(start) < 10L * 1000L);
+ check(!thread.isAlive());
p.destroy();
} catch (Throwable t) { unexpected(t); }
diff --git a/jdk/test/java/lang/Runtime/loadLibrary/LoadLibraryTest.java b/jdk/test/java/lang/Runtime/loadLibrary/LoadLibraryTest.java
new file mode 100644
index 00000000000..62eac12e186
--- /dev/null
+++ b/jdk/test/java/lang/Runtime/loadLibrary/LoadLibraryTest.java
@@ -0,0 +1,156 @@
+/*
+ * Copyright (c) 2018, Amazon and/or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Azul Systems, Inc. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * @test
+ * @bug 8231584
+ * @library /lib/testlibrary
+ * @run main/othervm LoadLibraryTest
+ */
+
+import java.nio.file.FileSystems;
+import java.nio.file.Files;
+import java.nio.file.Paths;
+import java.nio.file.Path;
+import java.net.MalformedURLException;
+import java.net.URLClassLoader;
+import java.net.URL;
+
+public class LoadLibraryTest {
+ static Thread thread1 = null;
+ static Thread thread2 = null;
+
+ static volatile boolean thread1Ready = false;
+
+ private static final String TEST_SRC = System.getProperty("test.src");
+ private static final Path SRC_DIR = Paths.get(TEST_SRC, "src");
+ private static final Path CLS_DIR = Paths.get("classes");
+
+ static TestClassLoader loader;
+ static void someLibLoad() {
+ try {
+/*
+ FileSystems.getDefault();
+
+ // jdk/jdk: loads directly from Bootstrap Classloader (doesn't take lock on Runtime)
+ java.net.NetworkInterface.getNetworkInterfaces();
+
+ System.out.println(jdk.net.ExtendedSocketOptions.SO_FLOW_SLA);
+*/
+ Class c = Class.forName("Target2", true, loader);
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ static class TestClassLoader extends URLClassLoader {
+ boolean passed = false;
+
+ public boolean passed() {
+ return passed;
+ }
+
+ TestClassLoader() throws MalformedURLException {
+ super(new URL[] { new URL("file://" + CLS_DIR.toAbsolutePath().toString() + '/') });
+ }
+
+ public String findLibrary(String name) {
+ System.out.println("findLibrary " + name);
+
+ if ("someLibrary".equals(name)) {
+ try {
+ synchronized(thread1) {
+ while(!thread1Ready) {
+ thread1.wait();
+ }
+ thread1.notifyAll();
+ }
+
+ Thread.sleep(10000);
+
+ System.out.println("Thread2 load");
+ someLibLoad();
+
+ // no deadlock happened
+ passed = true;
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ return null;
+ }
+
+ return super.findLibrary(name);
+ }
+ }
+
+
+ public static void main(String[] args) throws Exception {
+ loader = new TestClassLoader();
+
+ if (!CompilerUtils.compile(SRC_DIR, CLS_DIR)) {
+ throw new Exception("Can't compile");
+ }
+
+ thread1 = new Thread() {
+ public void run() {
+ try {
+ synchronized(this) {
+ thread1Ready = true;
+ thread1.notifyAll();
+ thread1.wait();
+ }
+ } catch(InterruptedException e) {
+ throw new RuntimeException(e);
+ }
+
+ System.out.println("Thread1 load");
+ someLibLoad();
+ };
+ };
+
+ thread2 = new Thread() {
+ public void run() {
+ try {
+ Class c = Class.forName("Target", true, loader);
+ System.out.println(c);
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ };
+ };
+
+ thread1.setDaemon(true);
+ thread2.setDaemon(true);
+
+ thread1.start();
+ thread2.start();
+
+ thread1.join();
+ thread2.join();
+
+ if (!loader.passed()) {
+ throw new RuntimeException("FAIL");
+ }
+ }
+}
diff --git a/jdk/test/java/lang/Runtime/loadLibrary/src/Target.java b/jdk/test/java/lang/Runtime/loadLibrary/src/Target.java
new file mode 100644
index 00000000000..fc51481053d
--- /dev/null
+++ b/jdk/test/java/lang/Runtime/loadLibrary/src/Target.java
@@ -0,0 +1,34 @@
+/*
+ * Copyright (c) 2019, Azul Systems, Inc. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+class Target {
+ static {
+ try {
+ System.loadLibrary("someLibrary");
+ throw new RuntimeException("someLibrary was loaded");
+ } catch (UnsatisfiedLinkError e) {
+ // expected: we do not have a someLibrary
+ }
+ }
+}
+
diff --git a/jdk/test/java/lang/Runtime/loadLibrary/src/Target2.java b/jdk/test/java/lang/Runtime/loadLibrary/src/Target2.java
new file mode 100644
index 00000000000..bc8dfc5e63b
--- /dev/null
+++ b/jdk/test/java/lang/Runtime/loadLibrary/src/Target2.java
@@ -0,0 +1,29 @@
+/*
+ * Copyright (c) 2019, Azul Systems, Inc. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+class Target2 {
+ static {
+ System.loadLibrary("awt");
+ }
+}
+
diff --git a/jdk/test/java/net/CookieHandler/B6791927.java b/jdk/test/java/net/CookieHandler/B6791927.java
index 4b870158d58..bc5374b2a98 100644
--- a/jdk/test/java/net/CookieHandler/B6791927.java
+++ b/jdk/test/java/net/CookieHandler/B6791927.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2009, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -23,8 +23,9 @@
/**
* @test
- * @bug 6791927
+ * @bug 6791927 8233886
* @summary Wrong Locale in HttpCookie::expiryDate2DeltaSeconds
+ * @run main/othervm B6791927
*/
import java.net.*;
@@ -32,12 +33,14 @@
import java.util.Locale;
public class B6791927 {
- public static final void main( String[] aaParamters ) throws Exception{
+ public static final void main(String[] aaParamters) throws Exception {
Locale reservedLocale = Locale.getDefault();
try {
// Forces a non US locale
Locale.setDefault(Locale.FRANCE);
- List cookies = HttpCookie.parse("set-cookie: CUSTOMER=WILE_E_COYOTE; expires=Sat, 09-Nov-2019 23:12:40 GMT");
+ List cookies = HttpCookie.parse("set-cookie:" +
+ " CUSTOMER=WILE_E_COYOTE;" +
+ " expires=Sat, 09-Nov-2041 23:12:40 GMT");
if (cookies == null || cookies.isEmpty()) {
throw new RuntimeException("No cookie found");
}
diff --git a/jdk/test/java/security/cert/CertPathBuilder/selfIssued/KeyUsageMatters.java b/jdk/test/java/security/cert/CertPathBuilder/selfIssued/KeyUsageMatters.java
index 75bf2ec5a02..79dce7e4434 100644
--- a/jdk/test/java/security/cert/CertPathBuilder/selfIssued/KeyUsageMatters.java
+++ b/jdk/test/java/security/cert/CertPathBuilder/selfIssued/KeyUsageMatters.java
@@ -29,12 +29,12 @@
/**
* @test
- * @bug 6852744
+ * @bug 6852744 8133489
* @summary PIT b61: PKI test suite fails because self signed certificates
* are being rejected
- * @run main/othervm KeyUsageMatters subca
- * @run main/othervm KeyUsageMatters subci
- * @run main/othervm KeyUsageMatters alice
+ * @run main/othervm -Djava.security.debug=certpath KeyUsageMatters subca
+ * @run main/othervm -Djava.security.debug=certpath KeyUsageMatters subci
+ * @run main/othervm -Djava.security.debug=certpath KeyUsageMatters alice
* @author Xuelei Fan
*/
diff --git a/jdk/test/lib/testlibrary/ClassFileInstaller.java b/jdk/test/lib/testlibrary/ClassFileInstaller.java
index dd8777b1ff2..0f5b515a6c9 100644
--- a/jdk/test/lib/testlibrary/ClassFileInstaller.java
+++ b/jdk/test/lib/testlibrary/ClassFileInstaller.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2013, 2018, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -21,28 +21,229 @@
* questions.
*/
+import java.io.ByteArrayInputStream;
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileOutputStream;
+import java.io.FileNotFoundException;
import java.io.InputStream;
+import java.io.ByteArrayInputStream;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.StandardCopyOption;
+import java.util.zip.ZipEntry;
+import java.util.zip.ZipOutputStream;
/**
- * Dump a class file for a class on the class path in the current directory
+ * Dump a class file for a class on the class path in the current directory, or
+ * in the specified JAR file. This class is usually used when you build a class
+ * from a test library, but want to use this class in a sub-process.
+ *
+ * For example, to build the following library class:
+ * test/lib/sun/hotspot/WhiteBox.java
+ *
+ * You would use the following tags:
+ *
+ * @library /test/lib
+ * @build sun.hotspot.WhiteBox
+ *
+ * JTREG would build the class file under
+ * ${JTWork}/classes/test/lib/sun/hotspot/WhiteBox.class
+ *
+ * With you run your main test class using "@run main MyMainClass", JTREG would setup the
+ * -classpath to include "${JTWork}/classes/test/lib/", so MyMainClass would be able to
+ * load the WhiteBox class.
+ *
+ * However, if you run a sub process, and do not wish to use the exact same -classpath,
+ * You can use ClassFileInstaller to ensure that WhiteBox is available in the current
+ * directory of your test:
+ *
+ * @run main ClassFileInstaller sun.hotspot.WhiteBox
+ *
+ * Or, you can use the -jar option to store the class in the specified JAR file. If a relative
+ * path name is given, the JAR file would be relative to the current directory of
+ *
+ * @run main ClassFileInstaller -jar myjar.jar sun.hotspot.WhiteBox
*/
public class ClassFileInstaller {
+ /**
+ * You can enable debug tracing of ClassFileInstaller by running JTREG with
+ * jtreg -DClassFileInstaller.debug=true ...
+ */
+ public static boolean DEBUG = Boolean.getBoolean("ClassFileInstaller.debug");
+
/**
* @param args The names of the classes to dump
* @throws Exception
*/
public static void main(String... args) throws Exception {
- for (String arg : args) {
- ClassLoader cl = ClassFileInstaller.class.getClassLoader();
+ if (args.length > 1 && args[0].equals("-jar")) {
+ if (args.length < 2) {
+ throw new RuntimeException("Usage: ClassFileInstaller \n" +
+ "where possible options include:\n" +
+ " -jar Write to the JAR file ");
+ }
+ writeJar(args[1], null, args, 2, args.length);
+ } else {
+ if (DEBUG) {
+ System.out.println("ClassFileInstaller: Writing to " + System.getProperty("user.dir"));
+ }
+ for (String arg : args) {
+ writeClassToDisk(arg);
+ }
+ }
+ }
+
+ public static class Manifest {
+ private InputStream in;
+
+ private Manifest(InputStream in) {
+ this.in = in;
+ }
+
+ static Manifest fromSourceFile(String fileName) throws Exception {
+ String pathName = System.getProperty("test.src") + File.separator + fileName;
+ return new Manifest(new FileInputStream(pathName));
+ }
+
+ // Example:
+ // String manifest = "Premain-Class: RedefineClassHelper\n" +
+ // "Can-Redefine-Classes: true\n";
+ // ClassFileInstaller.writeJar("redefineagent.jar",
+ // ClassFileInstaller.Manifest.fromString(manifest),
+ // "RedefineClassHelper");
+ static Manifest fromString(String manifest) throws Exception {
+ return new Manifest(new ByteArrayInputStream(manifest.getBytes()));
+ }
+
+ public InputStream getInputStream() {
+ return in;
+ }
+ }
+
+ private static void writeJar(String jarFile, Manifest manifest, String classes[], int from, int to) throws Exception {
+ if (DEBUG) {
+ System.out.println("ClassFileInstaller: Writing to " + getJarPath(jarFile));
+ }
+
+ (new File(jarFile)).delete();
+ FileOutputStream fos = new FileOutputStream(jarFile);
+ ZipOutputStream zos = new ZipOutputStream(fos);
+
+ // The manifest must be the first or second entry. See comments in JarInputStream
+ // constructor and JDK-5046178.
+ if (manifest != null) {
+ writeToDisk(zos, "META-INF/MANIFEST.MF", manifest.getInputStream());
+ }
+
+ for (int i=from; i 0) {
+ pathName = prependPath + "/" + pathName;
+ }
+ writeToDisk(zos, pathName, is);
+ }
+
+ public static void writeClassToDisk(String className, byte[] bytecode) throws Exception {
+ writeClassToDisk(null, className, bytecode);
+ }
+ private static void writeClassToDisk(ZipOutputStream zos, String className, byte[] bytecode) throws Exception {
+ writeClassToDisk(zos, className, bytecode, "");
+ }
+
+ public static void writeClassToDisk(String className, byte[] bytecode, String prependPath) throws Exception {
+ writeClassToDisk(null, className, bytecode, prependPath);
+ }
+ private static void writeClassToDisk(ZipOutputStream zos, String className, byte[] bytecode, String prependPath) throws Exception {
+ // Convert dotted class name to a path to a class file
+ String pathName = className.replace('.', '/').concat(".class");
+ if (prependPath.length() > 0) {
+ pathName = prependPath + "/" + pathName;
+ }
+ writeToDisk(zos, pathName, new ByteArrayInputStream(bytecode));
+ }
+
+ private static void writeToDisk(ZipOutputStream zos, String pathName, InputStream is) throws Exception {
+ if (DEBUG) {
+ System.out.println("ClassFileInstaller: Writing " + pathName);
+ }
+ if (zos != null) {
+ ZipEntry ze = new ZipEntry(pathName);
+ zos.putNextEntry(ze);
+ byte[] buf = new byte[1024];
+ int len;
+ while ((len = is.read(buf))>0){
+ zos.write(buf, 0, len);
+ }
+ } else {
// Create the class file's package directory
Path p = Paths.get(pathName);
Path parent = p.getParent();
@@ -52,5 +253,6 @@ public static void main(String... args) throws Exception {
// Create the class file
Files.copy(is, p, StandardCopyOption.REPLACE_EXISTING);
}
+ is.close();
}
}
diff --git a/jdk/test/security/infra/java/security/cert/CertPathValidator/certification/AmazonCA.java b/jdk/test/security/infra/java/security/cert/CertPathValidator/certification/AmazonCA.java
new file mode 100644
index 00000000000..6cb50066b6d
--- /dev/null
+++ b/jdk/test/security/infra/java/security/cert/CertPathValidator/certification/AmazonCA.java
@@ -0,0 +1,552 @@
+/*
+ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8233223
+ * @summary Interoperability tests with Amazon's CA1, CA2, CA3, and CA4
+ * @build ValidatePathWithParams
+ * @run main/othervm -Djava.security.debug=certpath AmazonCA OCSP
+ * @run main/othervm -Djava.security.debug=certpath AmazonCA CRL
+ */
+
+/*
+ * Obtain TLS test artifacts for Amazon CAs from:
+ *
+ * Amazon Root CA 1
+ * Valid - https://good.sca1a.amazontrust.com/
+ * Revoked - https://revoked.sca1a.amazontrust.com/
+ * Amazon Root CA 2
+ * Valid - https://good.sca2a.amazontrust.com/
+ * Revoked - https://revoked.sca2a.amazontrust.com/
+ * Amazon Root CA 3
+ * Valid - https://good.sca3a.amazontrust.com/
+ * Revoked - https://revoked.sca3a.amazontrust.com/
+ * Amazon Root CA 4
+ * Valid - https://good.sca4a.amazontrust.com/
+ * Revoked - https://revoked.sca4a.amazontrust.com/
+ */
+public class AmazonCA {
+
+ public static void main(String[] args) throws Exception {
+
+ ValidatePathWithParams pathValidator = new ValidatePathWithParams(null);
+ boolean ocspEnabled = false;
+
+ if (args.length >= 1 && "CRL".equalsIgnoreCase(args[0])) {
+ pathValidator.enableCRLCheck();
+ } else {
+ // OCSP check by default
+ pathValidator.enableOCSPCheck();
+ ocspEnabled = true;
+ }
+
+ new AmazonCA_1().runTest(pathValidator, ocspEnabled);
+ new AmazonCA_2().runTest(pathValidator, ocspEnabled);
+ new AmazonCA_3().runTest(pathValidator, ocspEnabled);
+ new AmazonCA_4().runTest(pathValidator, ocspEnabled);
+ }
+}
+
+class AmazonCA_1 {
+
+ // Owner: CN=Amazon, OU=Server CA 1A, O=Amazon, C=US
+ // Issuer: CN=Amazon Root CA 1, O=Amazon, C=US
+ // Serial number: 67f9457508c648c09ca652e71791830e72592
+ // Valid from: Wed Oct 21 17:00:00 PDT 2015 until: Sat Oct 18 17:00:00 PDT 2025
+ private static final String INT = "-----BEGIN CERTIFICATE-----\n" +
+ "MIIERzCCAy+gAwIBAgITBn+UV1CMZIwJymUucXkYMOclkjANBgkqhkiG9w0BAQsF\n" +
+ "ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6\n" +
+ "b24gUm9vdCBDQSAxMB4XDTE1MTAyMjAwMDAwMFoXDTI1MTAxOTAwMDAwMFowRjEL\n" +
+ "MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEVMBMGA1UECxMMU2VydmVyIENB\n" +
+ "IDFBMQ8wDQYDVQQDEwZBbWF6b24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" +
+ "AoIBAQCeQM3XCsIZunv8bSJxOqkc/ed87uL76FDB7teBNThDRB+1J7aITuadbNfH\n" +
+ "5ZfZykrdZ1qQLKxP6DwHOmJr9u2b4IxjUX9qUMuq4B02ghD2g6yU3YivEosZ7fpo\n" +
+ "srD2TBN29JpgPGrOrpOE+ArZuIpBjdKFinemu6fTDD0NCeQlfyHXd1NOYyfYRLTa\n" +
+ "xlpDqr/2M41BgSkWQfSPHHyRWNQgWBiGsIQaS8TK0g8OWi1ov78+2K9DWT+AHgXW\n" +
+ "AanjZK91GfygPXJYSlAGxSiBAwH/KhAMifhaoFYAbH0Yuohmd85B45G2xVsop4TM\n" +
+ "Dsl007U7qnS7sdJ4jYGzEvva/a95AgMBAAGjggE5MIIBNTASBgNVHRMBAf8ECDAG\n" +
+ "AQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUYtRCXoZwdWqQvMa40k1g\n" +
+ "wjS6UTowHwYDVR0jBBgwFoAUhBjMhTTsvAyUlC4IWZzHshBOCggwewYIKwYBBQUH\n" +
+ "AQEEbzBtMC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5yb290Y2ExLmFtYXpvbnRy\n" +
+ "dXN0LmNvbTA6BggrBgEFBQcwAoYuaHR0cDovL2NydC5yb290Y2ExLmFtYXpvbnRy\n" +
+ "dXN0LmNvbS9yb290Y2ExLmNlcjA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3Js\n" +
+ "LnJvb3RjYTEuYW1hem9udHJ1c3QuY29tL3Jvb3RjYTEuY3JsMBEGA1UdIAQKMAgw\n" +
+ "BgYEVR0gADANBgkqhkiG9w0BAQsFAAOCAQEAMHbSWHRFMzGNIE0qhN6gnRahTrTU\n" +
+ "CDPwe7l9/q0IA+QBlrpUHnlAreetYeH1jB8uF3qXXzy22gpBU7NqulTkqSPByT1J\n" +
+ "xOhpT2FpO5R3VAdMPdWfSEgtrED0jkmyUQrR1T+/A+nBLdJZeQcl+OqLgeY790JM\n" +
+ "JJTsJnnI6FBWeTGhcDI4Y+n3KS3QCVePeWI7jx1dhrHcXH+QDX8Ywe31hV7YENdr\n" +
+ "HDpUXrjK6eHN8gazy8G6pndXHFwHp4auiZbJbYAk/q1peOTRagD2JojcLkm+i3cD\n" +
+ "843t4By6YT/PVlePU2PCWejkrJQnKQAPOov7IA8kuO2RDWuzE/zF6Hotdg==\n" +
+ "-----END CERTIFICATE-----";
+
+ // Owner: CN=good.sca1a.amazontrust.com, O=Amazon Trust Services, L=Seattle, ST=Washington, C=US, \
+ // SERIALNUMBER=5846743, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, \
+ // OID.1.3.6.1.4.1.311.60.2.1.3=US
+ // Issuer: CN=Amazon, OU=Server CA 1A, O=Amazon, C=US
+ // Serial number: 703e4e4bbd78e2b6db5634f36c4ee944cb1a4
+ // Valid from: Mon Jul 29 16:53:36 PDT 2019 until: Sat Aug 29 16:53:36 PDT 2020
+ private static final String VALID = "-----BEGIN CERTIFICATE-----\n" +
+ "MIIFEzCCA/ugAwIBAgITBwPk5LvXjitttWNPNsTulEyxpDANBgkqhkiG9w0BAQsF\n" +
+ "ADBGMQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2\n" +
+ "ZXIgQ0EgMUExDzANBgNVBAMTBkFtYXpvbjAeFw0xOTA3MjkyMzUzMzZaFw0yMDA4\n" +
+ "MjkyMzUzMzZaMIHaMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwC\n" +
+ "AQITCERlbGF3YXJlMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjEQMA4G\n" +
+ "A1UEBRMHNTg0Njc0MzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24x\n" +
+ "EDAOBgNVBAcTB1NlYXR0bGUxHjAcBgNVBAoTFUFtYXpvbiBUcnVzdCBTZXJ2aWNl\n" +
+ "czEjMCEGA1UEAxMaZ29vZC5zY2ExYS5hbWF6b250cnVzdC5jb20wggEiMA0GCSqG\n" +
+ "SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQyuJ83c2Zf9k29f6iLqd8nJSuHSk1v+SS\n" +
+ "0sYyG8tjscfCC1HcOdNj37vtiNN65sXh/e/kBKH9wvzhCLOJbBqVKRHOZuHdJEpH\n" +
+ "35R6C/PbcV/tp49g6mNmBe+lcmm/cwwCtYvkL0rgL/OKB0liFhhRIqy2TPg08op/\n" +
+ "RlY2DdbgBA2B3g7wdMo0hK3SO56/QUccUtLRm43km9Yd4E3U+CEUyDd0Bmc/YbPa\n" +
+ "htuXVsXJwiwlwooomujIIENhFw3htdcsu2apRj8EYUrKL8Mvvn+h16gDyobj0f01\n" +
+ "jWXlUgmH2lzUzca5eGuphfvmWN/ME/yqC2mMvWGnWySycqtT8VdJAgMBAAGjggFj\n" +
+ "MIIBXzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0OBBYEFFENOZBwFkjVdQX0iK32c77z\n" +
+ "SUl6MB8GA1UdIwQYMBaAFGLUQl6GcHVqkLzGuNJNYMI0ulE6MB0GA1UdJQQWMBQG\n" +
+ "CCsGAQUFBwMBBggrBgEFBQcDAjB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGG\n" +
+ "IWh0dHA6Ly9vY3NwLnNjYTFhLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYq\n" +
+ "aHR0cDovL2NydC5zY2ExYS5hbWF6b250cnVzdC5jb20vc2NhMWEuY2VyMCUGA1Ud\n" +
+ "EQQeMByCGmdvb2Quc2NhMWEuYW1hem9udHJ1c3QuY29tMFAGA1UdIARJMEcwDQYL\n" +
+ "YIZIAYb9bgEHGAMwNgYFZ4EMAQEwLTArBggrBgEFBQcCARYfaHR0cHM6Ly93d3cu\n" +
+ "YW1hem9udHJ1c3QuY29tL2NwczANBgkqhkiG9w0BAQsFAAOCAQEAmn7z6Ub1sL77\n" +
+ "wyUEaCq/Odqm+2RtYYMJ1MeW6nTXTfAgZ/iLx/6hStafd9AK9gHiTCggBpj6KgnF\n" +
+ "UsGMDeX879jP675fH6SEk710QPDhIrfAzwE0pF/eUNsd7pLwne32zHX0ouCoAt4d\n" +
+ "KwBCZkKNUkdj4U+bpOJzvtcTP9JlzziLp9IFRjjQh3xKgfblx57CmRJbqH3fT5JJ\n" +
+ "IAIDVTz3ZUcqhPTFAnNsO1oNBEyrO5X9rwCiSy7aRijY/11R75mIIvyA9zyd9ss1\n" +
+ "kvrrER0GWMTDvC84FZD2vhkXgPTFrB1Dn9f3QgO5APT9GCFY5hdpqqPEXOSdRzQo\n" +
+ "h9j4OQAqtA==\n" +
+ "-----END CERTIFICATE-----";
+
+ // Owner: CN=revoked.sca1a.amazontrust.com, O=Amazon Trust Services, L=Seattle, ST=Washington, C=US, \
+ // SERIALNUMBER=5846743, OID.2.5.4.15=PrivateOrganization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, \
+ // OID.1.3.6.1.4.1.311.60.2.1.3=US
+ // Issuer: CN=Amazon, OU=Server CA 1A, O=Amazon, C=US
+ // Serial number: 6f1d774ad5e7b6d251d217661782bbdb6f37d
+ // Valid from: Mon Jan 28 15:34:38 PST 2019 until: Thu Apr 28 16:34:38 PDT 2022
+ private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" +
+ "MIIE2zCCA8OgAwIBAgITBvHXdK1ee20lHSF2YXgrvbbzfTANBgkqhkiG9w0BAQsF\n" +
+ "ADBGMQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2\n" +
+ "ZXIgQ0EgMUExDzANBgNVBAMTBkFtYXpvbjAeFw0xOTAxMjgyMzM0MzhaFw0yMjA0\n" +
+ "MjgyMzM0MzhaMIHcMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwC\n" +
+ "AQITCERlbGF3YXJlMRwwGgYDVQQPExNQcml2YXRlT3JnYW5pemF0aW9uMRAwDgYD\n" +
+ "VQQFEwc1ODQ2NzQzMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQ\n" +
+ "MA4GA1UEBxMHU2VhdHRsZTEeMBwGA1UEChMVQW1hem9uIFRydXN0IFNlcnZpY2Vz\n" +
+ "MSYwJAYDVQQDEx1yZXZva2VkLnNjYTFhLmFtYXpvbnRydXN0LmNvbTCCASIwDQYJ\n" +
+ "KoZIhvcNAQEBBQADggEPADCCAQoCggEBANUoHop9sW+QlgVsdtacioraTAWHcSTd\n" +
+ "MNkOkOEMgJIFPyfdcDvW/H2NvpdYeIQqzaCgT2kcsONWTZTPJMirCPnzl1ohHOZU\n" +
+ "uTnOVkamGxvNmQCURLBXmlCMRTCI5RY3CuYntFFbSPAnbumsF+K/gKqcE6ME53Bw\n" +
+ "PAwn4qwavB0i5Ib7Jk8XYzxSYXC9l8QLxt6fshPJRlecpXzfmVFvMAm3IbaLcpuv\n" +
+ "AtD+8I2KwjNtBPRPNYeFsWxwsgUGAyHEGa61oTGUqqAXu5YmPfyK+YTOJdoofsh4\n" +
+ "Tf3K7AKxnPWuvY3RNTs1pzEVwJYZqSsNwbgyKJJ4+0Xe4iP7qB8SYf8CAwEAAaOC\n" +
+ "ASkwggElMA4GA1UdDwEB/wQEAwIFoDAdBgNVHQ4EFgQUGHreoz+LP/Wr+RKzuexO\n" +
+ "V8ICtmEwHwYDVR0jBBgwFoAUYtRCXoZwdWqQvMa40k1gwjS6UTowHQYDVR0lBBYw\n" +
+ "FAYIKwYBBQUHAwEGCCsGAQUFBwMCMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcw\n" +
+ "AYYhaHR0cDovL29jc3Auc2NhMWEuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAC\n" +
+ "hipodHRwOi8vY3J0LnNjYTFhLmFtYXpvbnRydXN0LmNvbS9zY2ExYS5jZXIwKAYD\n" +
+ "VR0RBCEwH4IdcmV2b2tlZC5zY2ExYS5hbWF6b250cnVzdC5jb20wEwYDVR0gBAww\n" +
+ "CjAIBgZngQwBAgEwDQYJKoZIhvcNAQELBQADggEBABSbe1UCLL7Qay6XK5wD8B5a\n" +
+ "wvR1XG3UrggpVIz/w5cutEm/yE71hzE0gag/3YPbNYEnaLbJH+9jz4YW9wd/cEPj\n" +
+ "xSK5PErAQjCd+aA4LKN1xqkSysgYknl0y47hJBXGnWf+hxvBBHeSoUzM0KIC21pC\n" +
+ "ZyXrmfaPCQAz13ruYIYdQaETqXGVORmKbf/a+Zn18/tfQt0LeeCYVoSopbXWQvcJ\n" +
+ "gUMtdIqYQmb8aVj0pdZXwKl4yZ2DtlS3Z9MpWNgQNlhRPmiYlu28y2yTtZ9SwD6m\n" +
+ "2f+cwc19aJrDT4Y280px+jRU7dIE6oZVJU+yBRVIZYpUFAB7extCMVxnTkCf8Dk=\n" +
+ "-----END CERTIFICATE-----";
+
+ public void runTest(ValidatePathWithParams pathValidator, boolean ocspEnabled) throws Exception {
+ // EE certificates don't have CRLDP extension
+ if (!ocspEnabled){
+ pathValidator.validate(new String[]{INT},
+ ValidatePathWithParams.Status.GOOD, null, System.out);
+
+ return;
+ }
+
+ // Validate valid
+ pathValidator.validate(new String[]{VALID, INT},
+ ValidatePathWithParams.Status.GOOD, null, System.out);
+
+ // Validate Revoked
+ pathValidator.validate(new String[]{REVOKED, INT},
+ ValidatePathWithParams.Status.REVOKED,
+ "Mon Jan 28 15:35:56 PST 2019", System.out);
+ }
+}
+
+class AmazonCA_2 {
+
+ // Owner: CN=Amazon, OU=Server CA 2A, O=Amazon, C=US
+ // Issuer: CN=Amazon Root CA 2, O=Amazon, C=US
+ // Serial number: 67f945755f187a91f8163f3e624620177ff38
+ // Valid from: Wed Oct 21 17:00:00 PDT 2015 until: Sat Oct 18 17:00:00 PDT 2025
+ private static final String INT = "-----BEGIN CERTIFICATE-----\n" +
+ "MIIGRzCCBC+gAwIBAgITBn+UV1Xxh6kfgWPz5iRiAXf/ODANBgkqhkiG9w0BAQwF\n" +
+ "ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6\n" +
+ "b24gUm9vdCBDQSAyMB4XDTE1MTAyMjAwMDAwMFoXDTI1MTAxOTAwMDAwMFowRjEL\n" +
+ "MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEVMBMGA1UECxMMU2VydmVyIENB\n" +
+ "IDJBMQ8wDQYDVQQDEwZBbWF6b24wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK\n" +
+ "AoICAQC0P8hSLewmrZ41CCPBQytZs5NBFMq5ztbnMf+kZUp9S25LPfjNW3zgC/6E\n" +
+ "qCTWNVMMHhq7ez9IQJk48qbfBTLlZkuKnUWbA9vowrDfcxUN0mRE4B/TJbveXyTf\n" +
+ "vE91iDlqDrERecE9D8sdjzURrtHTp27lZdRkXFvfEVCq4hl3sHkzjodisaQthLp1\n" +
+ "gLsiA7vKt+8zcL4Aeq52UyYb8r4/jdZ3KaQp8O/T4VwDCRKm8ey3kttpJWaflci7\n" +
+ "eRzNjY7gE3NMANVXCeQwOBfH2GjINFCObmPsqiBuoAnsv2k5aQLNoU1OZk08ClXm\n" +
+ "mEZ2rI5qZUTX1HuefBJnpMkPugFCw8afaHnB13SkLE7wxX8SZRdDIe5WiwyDL1tR\n" +
+ "2+8lpz4JsMoFopHmD3GaHyjbN+hkOqHgLltwewOsiyM0u3CZphypN2KeD+1FLjnY\n" +
+ "TgdIAd1FRgK2ZXDDrEdjnsSEfShKf0l4mFPSBs9E3U6sLmubDRXKLLLpa/dF4eKu\n" +
+ "LEKS1bXYT28iM6D5gSCnzho5G4d18jQD/slmc5XmRo5Pig0RyBwDaLuxeIZuiJ0A\n" +
+ "J6YFhffbrLYF5dEQl0cU+t3VBK5u/o1WkWXsZawU038lWn/AXerodT/pAcrtWA4E\n" +
+ "NQEN09WEKMhZVPhqdwhF/Gusr04mQtKt7T2v6UMQvtVglv5E7wIDAQABo4IBOTCC\n" +
+ "ATUwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0OBBYE\n" +
+ "FNpDStD8AcBLv1gnjHbNCoHzlC70MB8GA1UdIwQYMBaAFLAM8Eww9AVYAkj9M+VS\n" +
+ "r0uE42ZSMHsGCCsGAQUFBwEBBG8wbTAvBggrBgEFBQcwAYYjaHR0cDovL29jc3Au\n" +
+ "cm9vdGNhMi5hbWF6b250cnVzdC5jb20wOgYIKwYBBQUHMAKGLmh0dHA6Ly9jcnQu\n" +
+ "cm9vdGNhMi5hbWF6b250cnVzdC5jb20vcm9vdGNhMi5jZXIwPwYDVR0fBDgwNjA0\n" +
+ "oDKgMIYuaHR0cDovL2NybC5yb290Y2EyLmFtYXpvbnRydXN0LmNvbS9yb290Y2Ey\n" +
+ "LmNybDARBgNVHSAECjAIMAYGBFUdIAAwDQYJKoZIhvcNAQEMBQADggIBAEO5W+iF\n" +
+ "yChjDyyrmiwFupVWQ0Xy2ReFNQiZq7XKVHvsLQe01moSLnxcBxioOPBKt1KkZO7w\n" +
+ "Gcbmke0+7AxLaG/F5NPnzRtK1/pRhXQ0XdU8pVh/1/h4GoqRlZ/eN0JDarUhZPkV\n" +
+ "kSr96LUYDTxcsAidF7zkzWfmtcJg/Aw8mi14xKVEa6aVyKu54c8kKkdlt0WaigOv\n" +
+ "Z/xYhxp24AfoFKaIraDNdsD8q2N7eDYeN4WGLzNSlil+iFjzflI9mq1hTuI/ZNjV\n" +
+ "rbvob6FUQ8Cc524gMjbpZCNuZ1gfXzwwhGp0AnQF6CJsWF9uwPpZEVFnnnfiWH3M\n" +
+ "oup41EvBhqaAqOlny0sm5pI82nRUCAE3DLkJ1+eAtdQaYblZQkQrRyTuPmJEm+5y\n" +
+ "QwdDVw6uHc5OsSj/tyhh8zJ2Xq3zgh3dMONGjJEysxGaCoIb+61PWwMy2dIarVwI\n" +
+ "r+c+AY+3PrhgBspNdWZ87JzNHii7ksdjUSVGTTy1vGXgPYrv0lp0IMnKaZP58xiw\n" +
+ "rDx7uTlQuPVWNOZvCaT3ZcoxTsNKNscIUe+WJjWx5hdzpv/oksDPY5ltZ0j3hlDS\n" +
+ "D+Itk95/cNJVRM/0HpxI1SX9MTZtOSJoEDdUtOpVaOuBAvEK4gvTzdt0r5L+fuI6\n" +
+ "o5LAuRo/LO1xVRH49KFRoaznzU3Ch9+kbPb3\n" +
+ "-----END CERTIFICATE-----";
+
+ // Owner: CN=good.sca2a.amazontrust.com, O=Amazon Trust Services, L=Seattle, ST=Washington, C=US, \
+ // SERIALNUMBER=5846743, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, \
+ // OID.1.3.6.1.4.1.311.60.2.1.3=US
+ // Issuer: CN=Amazon, OU=Server CA 2A, O=Amazon, C=US
+ // Serial number: 703e4e70616c90d611fd04a5ecc635665184e
+ // Valid from: Mon Jul 29 16:54:06 PDT 2019 until: Sat Aug 29 16:54:06 PDT 2020
+ private static final String VALID = "-----BEGIN CERTIFICATE-----\n" +
+ "MIIHEzCCBPugAwIBAgITBwPk5wYWyQ1hH9BKXsxjVmUYTjANBgkqhkiG9w0BAQwF\n" +
+ "ADBGMQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2\n" +
+ "ZXIgQ0EgMkExDzANBgNVBAMTBkFtYXpvbjAeFw0xOTA3MjkyMzU0MDZaFw0yMDA4\n" +
+ "MjkyMzU0MDZaMIHaMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwC\n" +
+ "AQITCERlbGF3YXJlMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjEQMA4G\n" +
+ "A1UEBRMHNTg0Njc0MzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24x\n" +
+ "EDAOBgNVBAcTB1NlYXR0bGUxHjAcBgNVBAoTFUFtYXpvbiBUcnVzdCBTZXJ2aWNl\n" +
+ "czEjMCEGA1UEAxMaZ29vZC5zY2EyYS5hbWF6b250cnVzdC5jb20wggIiMA0GCSqG\n" +
+ "SIb3DQEBAQUAA4ICDwAwggIKAoICAQC+XjOB3ZCFX+b9y9reP+e6EAQz4ytiMSqU\n" +
+ "O4s5MyYLkY6n4BIZHmgWeQ2IgW1VrH8ho+Iu3UsTiuhd3/L/q/w+T0OJfcrWngTs\n" +
+ "uVcIuvUr32ObPeeWbg/m/lkN7hqH1jY62iybYVrFXiLo1+0G92PUazcyNvyA20+G\n" +
+ "HsvGG5jlArWNgRLdc8KUXxvnDUxx5vu4jeHEZnqSwuulV1h9ve0UutkmoK0Sk7Rz\n" +
+ "HMxYK0LmUT5OvcNQSkUi5nLi+M1FxnYYgsELwSiKSSEDfEdgxooMAiVTgw51Q/DB\n" +
+ "lTOjAIDL3K3J0yGfIG3bwLvE1qz2Z5yWn8f3JibIah7LrC4PiZDDLHFM6V9l+YqU\n" +
+ "RqimJ5BltSyAx7bxQNZ1AW3Lxvvm894i4k6/Vdf1CDovRuTMPCDAQmKA/A/AQ7TN\n" +
+ "q3bBimX6UyuJu0I8RyvAYKzFhOOqe4vXrbndTbje/jnzTNQPeIIcuRa9cgXTOrbw\n" +
+ "86FTUKj6AZXihRWjKWsQpDwdgE0tQETZ3ynCXfbBKfFmn0MSjeX0CEEAZdYHR8EV\n" +
+ "F271Yt7UJjS/FP702aHTOWk7zFbIRfFQODvBhn0I8p/Stk2sDq4/YsbXVZOe3+ad\n" +
+ "YavoiODGSAH6ZcZzULumgK9eii0koAOPB/xqXnkcTS63gEHOKjLQl3hqdVZRCugv\n" +
+ "1CwUXLvoSwIDAQABo4IBYzCCAV8wDgYDVR0PAQH/BAQDAgWgMB0GA1UdDgQWBBTa\n" +
+ "j6dHgPdOxTGLcwaNDeaMnlSxNjAfBgNVHSMEGDAWgBTaQ0rQ/AHAS79YJ4x2zQqB\n" +
+ "85Qu9DAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYIKwYBBQUHAQEE\n" +
+ "aTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5zY2EyYS5hbWF6b250cnVzdC5j\n" +
+ "b20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQuc2NhMmEuYW1hem9udHJ1c3QuY29t\n" +
+ "L3NjYTJhLmNlcjAlBgNVHREEHjAcghpnb29kLnNjYTJhLmFtYXpvbnRydXN0LmNv\n" +
+ "bTBQBgNVHSAESTBHMA0GC2CGSAGG/W4BBxgDMDYGBWeBDAEBMC0wKwYIKwYBBQUH\n" +
+ "AgEWH2h0dHBzOi8vd3d3LmFtYXpvbnRydXN0LmNvbS9jcHMwDQYJKoZIhvcNAQEM\n" +
+ "BQADggIBAE6RwZAZvN0i9ygwzqoX9DhSPtvZ3xIO0G0Bhgjkb986+p8XJstU3gEM\n" +
+ "8P2i1J/YthXCnRGedm+Odxx+31G6xIYfP5S5g7HyRGkj/aXNXy4s3KjH8HJgOY9N\n" +
+ "ra3XfC05OKq5FpyZQDZ+hxCdLrH3Gs+UxREbu+LuIKUpI7nMVEjn9XynKyOdKN21\n" +
+ "Kq5VsuI0fDWCYvUN1M+lI/LgE5HbNJVQJs+dB7g1/kaOeaLia7Wk1ys+uRzB58rp\n" +
+ "FKAoLk++HWTfNDkbN8vKRfHhJ/xhI9ju3TWcci6EyFVAym1C62UkJNI0KHgQ+zc7\n" +
+ "nl1tv/ytj8N/eJoysyp23lJ5qrVetlQORfgXryGkWBMYBvYF8zbBb/f+UXHDKVWt\n" +
+ "9l1lL6HQGY/tTo253pj6/FgDD35bZdjLQeUVmbnz679S5oUmoH5ZtSdnpUTghU3p\n" +
+ "bae9adBFY9S1pm50Q3ckRVBAwNqNmI0KKUh14Ms8KSAUHg19NvGsBonqwOT2rdbv\n" +
+ "xZ47N6c2eCl/cjMvzre0v0NoUO+3og2GHeAoOwVos6480YDbMqp739tOFPxBcsII\n" +
+ "6SjpDVh+14dkSW6kEKeaCFLR+eChqutri1VQbQ49nmADQWw9Al8vBytSnPv0YN6W\n" +
+ "XfIE1Qj7YmHu/UuoeKVsqDqoP/no29+96dtfd4afJqlIoyZUqXpt\n" +
+ "-----END CERTIFICATE-----";
+
+ // Owner: CN=revoked.sca2a.amazontrust.com, O=Amazon Trust Services, L=Seattle, ST=Washington, C=US, \
+ // SERIALNUMBER=5846743, OID.2.5.4.15=PrivateOrganization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, \
+ // OID.1.3.6.1.4.1.311.60.2.1.3=US
+ //Issuer: CN=Amazon, OU=Server CA 2A, O=Amazon, C=US
+ //Serial number: 6f1d782c0aa2f4866b7b522c279b939b92369
+ //Valid from: Mon Jan 28 15:37:45 PST 2019 until: Thu Apr 28 16:37:45 PDT 2022
+ private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" +
+ "MIIG2zCCBMOgAwIBAgITBvHXgsCqL0hmt7Uiwnm5ObkjaTANBgkqhkiG9w0BAQwF\n" +
+ "ADBGMQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2\n" +
+ "ZXIgQ0EgMkExDzANBgNVBAMTBkFtYXpvbjAeFw0xOTAxMjgyMzM3NDVaFw0yMjA0\n" +
+ "MjgyMzM3NDVaMIHcMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwC\n" +
+ "AQITCERlbGF3YXJlMRwwGgYDVQQPExNQcml2YXRlT3JnYW5pemF0aW9uMRAwDgYD\n" +
+ "VQQFEwc1ODQ2NzQzMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQ\n" +
+ "MA4GA1UEBxMHU2VhdHRsZTEeMBwGA1UEChMVQW1hem9uIFRydXN0IFNlcnZpY2Vz\n" +
+ "MSYwJAYDVQQDEx1yZXZva2VkLnNjYTJhLmFtYXpvbnRydXN0LmNvbTCCAiIwDQYJ\n" +
+ "KoZIhvcNAQEBBQADggIPADCCAgoCggIBAKFm418X8hN1YTgD2XpMb4sp78mw8k3j\n" +
+ "Dq/vnpX48evVUzNpHpy4qRz/ZHBR4HUJO4lhfnX+CO0uRqqqx4F0JZRQB3KevaU8\n" +
+ "QGWHdJGhEddnurDhrgOUa+ZroqUnMCsTJfbyGtC6aiEXeu/eMhEUFkuBxJH1JtwD\n" +
+ "dQXMXuMjG07SVjOkhTkbMDzA/YbUqkDeOIybifDuvA5LEsl+kReY0b6RYFo2Tt/M\n" +
+ "dPhJD8q3Wsu+XCiCnbpcwlEVGxiD2RVRXJJ9o3ALGOxqU69V+lYS0kkwNHT7oV9J\n" +
+ "rhgt7iOCq0aoTAxu2j4FCp0JHNhGoW9pXoMXnmS6kK80hzLNYDxvKEaVaKkiYHw5\n" +
+ "CV0Vwii05ICa14nrStH/jcRNLyU+gp+6OeerPV3jpKWshGKWewF+2UiWU2WHTSrd\n" +
+ "Wis0/qEfFK/kSraAxpd+KavEEavKeudoMAHIxMACOk9E/fF5zhd2y4G1q1BdoRlR\n" +
+ "KP4GIV2v6qH6Ru2mNSuge9il6kDXxFNucrYKLDbAqkqalohkvDavcPoG9gZT3etv\n" +
+ "4IcgJriIWRxbJwKPpwJM+6wa6RpwoeJMuEp3ZBP7KDaQ8YX4rlf4zXLAsOKCNA9K\n" +
+ "OS/qYQ/I4g0E1WhfgEKClaLPS2u7jeVR6s1t4txGo4vq5Dkt17KTCew/WsX3rckf\n" +
+ "a2p5zvFcfpCNAgMBAAGjggEpMIIBJTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0OBBYE\n" +
+ "FAF8N1wV8EoYFkMXH6tEnmR/7vI+MB8GA1UdIwQYMBaAFNpDStD8AcBLv1gnjHbN\n" +
+ "CoHzlC70MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1BggrBgEFBQcB\n" +
+ "AQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnNjYTJhLmFtYXpvbnRydXN0\n" +
+ "LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5zY2EyYS5hbWF6b250cnVzdC5j\n" +
+ "b20vc2NhMmEuY2VyMCgGA1UdEQQhMB+CHXJldm9rZWQuc2NhMmEuYW1hem9udHJ1\n" +
+ "c3QuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMA0GCSqGSIb3DQEBDAUAA4ICAQBC\n" +
+ "VwR1NFk1IYIF4cjU7ML1aj8OIn+8mtakGQnuSJLK6ypSysINJBS48ZDdP6XZXvyD\n" +
+ "iTS0xEAPjAZHTqrABdNYmvJeL2RnN99DIwVzBpZp4NLTXbiSW7jb0Y5cEPDGJMOo\n" +
+ "SUAAM6fsiPRfz5vX4XVPznbcF2AwE/NVV+L3n9LVRt7qv2VqIEvLioR56Dq+5ofR\n" +
+ "4bw0BVlEYWF4Gsy7WDDTL1iLNBUwZTqBHwTv0fgDRiPqb/odmLQuRANwcJy8B8Zr\n" +
+ "s/yX4SeESaRdA82lAlQilksQitXS2qvQN06GEDOgUxYE6EabFdgklV5JypKqdOly\n" +
+ "vzpaDpF3z5W8Bj3D4fns1Kjrh1pPh5JRvg+616diKnQRt4X5q+EtmnXhDvIGMISI\n" +
+ "FuGwj57CNQ2x2MY2HHKWPrOccpQfEEvoSNR+ntYWrtSSttZq948O+zZBk1TXWuXV\n" +
+ "TVXllqTg8lp6d5cfKgvtHKgt98WkpPOcLVrNuVnMAIfDw6ar54dVKqrvkeEcF6mJ\n" +
+ "7oMKjJX/Vu9lYoGViBIfdeqcCPWSI8BpnCKaG7dTQO3Q1ObGmLdGBRlsRh+d+S5l\n" +
+ "Fq326ckbjx537e5/ai31lOR7OwVh9TDweKLqIACjs987C0EJSEfoOue25WRww2va\n" +
+ "iX9SrTPm4GxQ2OJgYwx0+HbezJXFN+dhaOFUavTSFw==\n" +
+ "-----END CERTIFICATE-----";
+
+ public void runTest(ValidatePathWithParams pathValidator, boolean ocspEnabled) throws Exception {
+ // EE certificates don't have CRLDP extension
+ if (!ocspEnabled){
+ pathValidator.validate(new String[]{INT},
+ ValidatePathWithParams.Status.GOOD, null, System.out);
+
+ return;
+ }
+
+ // Validate valid
+ pathValidator.validate(new String[]{VALID, INT},
+ ValidatePathWithParams.Status.GOOD, null, System.out);
+
+ // Validate Revoked
+ pathValidator.validate(new String[]{REVOKED, INT},
+ ValidatePathWithParams.Status.REVOKED,
+ "Mon Jan 28 15:38:57 PST 2019", System.out);
+ }
+}
+
+class AmazonCA_3 {
+
+ // Owner: CN=Amazon, OU=Server CA 3A, O=Amazon, C=US
+ // Issuer: CN=Amazon Root CA 3, O=Amazon, C=US
+ // Serial number: 67f945758fe55b9ee3f75831d47f07d226c8a
+ // Valid from: Wed Oct 21 17:00:00 PDT 2015 until: Sat Oct 18 17:00:00 PDT 2025
+ private static final String INT = "-----BEGIN CERTIFICATE-----\n" +
+ "MIICuzCCAmGgAwIBAgITBn+UV1j+VbnuP3WDHUfwfSJsijAKBggqhkjOPQQDAjA5\n" +
+ "MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g\n" +
+ "Um9vdCBDQSAzMB4XDTE1MTAyMjAwMDAwMFoXDTI1MTAxOTAwMDAwMFowRjELMAkG\n" +
+ "A1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEVMBMGA1UECxMMU2VydmVyIENBIDNB\n" +
+ "MQ8wDQYDVQQDEwZBbWF6b24wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATYcYsK\n" +
+ "mYdR0Gj8Xz45E/lfcTTnXhg2EtAIYBIHyXv/ZQyyyCas1aptX/I5T1coT6XK181g\n" +
+ "nB8hADuKfWlNoIYRo4IBOTCCATUwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8B\n" +
+ "Af8EBAMCAYYwHQYDVR0OBBYEFATc4JXl6LlrlKHvjFsxHhN+VZfaMB8GA1UdIwQY\n" +
+ "MBaAFKu229cGnjesMIYHkXDHnMQZsXjAMHsGCCsGAQUFBwEBBG8wbTAvBggrBgEF\n" +
+ "BQcwAYYjaHR0cDovL29jc3Aucm9vdGNhMy5hbWF6b250cnVzdC5jb20wOgYIKwYB\n" +
+ "BQUHMAKGLmh0dHA6Ly9jcnQucm9vdGNhMy5hbWF6b250cnVzdC5jb20vcm9vdGNh\n" +
+ "My5jZXIwPwYDVR0fBDgwNjA0oDKgMIYuaHR0cDovL2NybC5yb290Y2EzLmFtYXpv\n" +
+ "bnRydXN0LmNvbS9yb290Y2EzLmNybDARBgNVHSAECjAIMAYGBFUdIAAwCgYIKoZI\n" +
+ "zj0EAwIDSAAwRQIgOl/vux0qfxNm05W3eofa9lKwz6oKvdu6g6Sc0UlwgRcCIQCS\n" +
+ "WSQ6F6JHLoeOWLyFFF658eNKEKbkEGMHz34gLX/N3g==\n" +
+ "-----END CERTIFICATE-----";
+
+ // Owner: CN=good.sca3a.amazontrust.com, O=Amazon Trust Services, L=Seattle, ST=Washington, C=US, \
+ // SERIALNUMBER=5846743, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, \
+ // OID.1.3.6.1.4.1.311.60.2.1.3=US
+ // Issuer: CN=Amazon, OU=Server CA 3A, O=Amazon, C=US
+ // Serial number: 703e4e9bbc2605f37967a0e95f31f4789a677
+ // Valid from: Mon Jul 29 16:54:43 PDT 2019 until: Sat Aug 29 16:54:43 PDT 2020
+ private static final String VALID = "-----BEGIN CERTIFICATE-----\n" +
+ "MIIDhzCCAy2gAwIBAgITBwPk6bvCYF83lnoOlfMfR4mmdzAKBggqhkjOPQQDAjBG\n" +
+ "MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg\n" +
+ "Q0EgM0ExDzANBgNVBAMTBkFtYXpvbjAeFw0xOTA3MjkyMzU0NDNaFw0yMDA4Mjky\n" +
+ "MzU0NDNaMIHaMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwCAQIT\n" +
+ "CERlbGF3YXJlMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjEQMA4GA1UE\n" +
+ "BRMHNTg0Njc0MzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAO\n" +
+ "BgNVBAcTB1NlYXR0bGUxHjAcBgNVBAoTFUFtYXpvbiBUcnVzdCBTZXJ2aWNlczEj\n" +
+ "MCEGA1UEAxMaZ29vZC5zY2EzYS5hbWF6b250cnVzdC5jb20wWTATBgcqhkjOPQIB\n" +
+ "BggqhkjOPQMBBwNCAARl4yxf8XcvWR0LZ+YuBC0CpkwtU2NiMdlIM7eX0lxhQp53\n" +
+ "NpLlCrPRNzOWrjCJDdn21D0u7PrtN94UHLHOg9X0o4IBYzCCAV8wDgYDVR0PAQH/\n" +
+ "BAQDAgeAMB0GA1UdDgQWBBT2cHmOJFLWfg1Op7xAdAnqYcwaPzAfBgNVHSMEGDAW\n" +
+ "gBQE3OCV5ei5a5Sh74xbMR4TflWX2jAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB\n" +
+ "BQUHAwIwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5z\n" +
+ "Y2EzYS5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQuc2Nh\n" +
+ "M2EuYW1hem9udHJ1c3QuY29tL3NjYTNhLmNlcjAlBgNVHREEHjAcghpnb29kLnNj\n" +
+ "YTNhLmFtYXpvbnRydXN0LmNvbTBQBgNVHSAESTBHMA0GC2CGSAGG/W4BBxgDMDYG\n" +
+ "BWeBDAEBMC0wKwYIKwYBBQUHAgEWH2h0dHBzOi8vd3d3LmFtYXpvbnRydXN0LmNv\n" +
+ "bS9jcHMwCgYIKoZIzj0EAwIDSAAwRQIgURdcqJVr4PWNIkmWcSKmzgZ1i94hQpGe\n" +
+ "mWbE9osk4m0CIQDhxIguihwvDa5RsBwdM0aRDgGKLNHigGqJoKqgH0d2qg==\n" +
+ "-----END CERTIFICATE-----";
+
+ // Owner: CN=revoked.sca3a.amazontrust.com, O=Amazon Trust Services, L=Seattle, ST=Washington, C=US, \
+ // SERIALNUMBER=5846743, OID.2.5.4.15=PrivateOrganization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, \
+ // OID.1.3.6.1.4.1.311.60.2.1.3=US
+ // Issuer: CN=Amazon, OU=Server CA 3A, O=Amazon, C=US
+ // Serial number: 6f1d78cf0ca64ce7f551a6f2a0715cc0e8b50
+ // Valid from: Mon Jan 28 15:40:01 PST 2019 until: Thu Apr 28 16:40:01 PDT 2022
+ private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" +
+ "MIIDTzCCAvWgAwIBAgITBvHXjPDKZM5/VRpvKgcVzA6LUDAKBggqhkjOPQQDAjBG\n" +
+ "MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg\n" +
+ "Q0EgM0ExDzANBgNVBAMTBkFtYXpvbjAeFw0xOTAxMjgyMzQwMDFaFw0yMjA0Mjgy\n" +
+ "MzQwMDFaMIHcMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwCAQIT\n" +
+ "CERlbGF3YXJlMRwwGgYDVQQPExNQcml2YXRlT3JnYW5pemF0aW9uMRAwDgYDVQQF\n" +
+ "Ewc1ODQ2NzQzMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4G\n" +
+ "A1UEBxMHU2VhdHRsZTEeMBwGA1UEChMVQW1hem9uIFRydXN0IFNlcnZpY2VzMSYw\n" +
+ "JAYDVQQDEx1yZXZva2VkLnNjYTNhLmFtYXpvbnRydXN0LmNvbTBZMBMGByqGSM49\n" +
+ "AgEGCCqGSM49AwEHA0IABJNl90Jq0wddpFj+JbLtmvGR/1geL5t1tvV406jGpYn2\n" +
+ "C5lAFjwASFy7pAnazZbfSkIDUU2i2XU0+7Cs+j1S/EOjggEpMIIBJTAOBgNVHQ8B\n" +
+ "Af8EBAMCB4AwHQYDVR0OBBYEFPhX3dYays5Sps0xTgouLkZzYLg4MB8GA1UdIwQY\n" +
+ "MBaAFATc4JXl6LlrlKHvjFsxHhN+VZfaMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr\n" +
+ "BgEFBQcDAjB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3Nw\n" +
+ "LnNjYTNhLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5z\n" +
+ "Y2EzYS5hbWF6b250cnVzdC5jb20vc2NhM2EuY2VyMCgGA1UdEQQhMB+CHXJldm9r\n" +
+ "ZWQuc2NhM2EuYW1hem9udHJ1c3QuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMAoG\n" +
+ "CCqGSM49BAMCA0gAMEUCICLb16/50S4fOAFafi5lagdx7q6EDPPm596g19eQDMXk\n" +
+ "AiEAksCMLypRB4t30FABlsEjhVCBIxay0iIer2OcCIrhfEI=\n" +
+ "-----END CERTIFICATE-----";
+
+ public void runTest(ValidatePathWithParams pathValidator, boolean ocspEnabled) throws Exception {
+ // EE certificates don't have CRLDP extension
+ if (!ocspEnabled){
+ pathValidator.validate(new String[]{INT},
+ ValidatePathWithParams.Status.GOOD, null, System.out);
+
+ return;
+ }
+
+ // Validate valid
+ pathValidator.validate(new String[]{VALID, INT},
+ ValidatePathWithParams.Status.GOOD, null, System.out);
+
+ // Validate Revoked
+ pathValidator.validate(new String[]{REVOKED, INT},
+ ValidatePathWithParams.Status.REVOKED,
+ "Mon Jan 28 15:40:35 PST 2019", System.out);
+ }
+}
+
+class AmazonCA_4 {
+
+ // Owner: CN=Amazon, OU=Server CA 4A, O=Amazon, C=US
+ // Issuer: CN=Amazon Root CA 4, O=Amazon, C=US
+ // Serial number: 67f94575a8862a9072e3239c37ceba1274e18
+ // Valid from: Wed Oct 21 17:00:00 PDT 2015 until: Sat Oct 18 17:00:00 PDT 2025
+ private static final String INT = "-----BEGIN CERTIFICATE-----\n" +
+ "MIIC+TCCAn6gAwIBAgITBn+UV1qIYqkHLjI5w3zroSdOGDAKBggqhkjOPQQDAzA5\n" +
+ "MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g\n" +
+ "Um9vdCBDQSA0MB4XDTE1MTAyMjAwMDAwMFoXDTI1MTAxOTAwMDAwMFowRjELMAkG\n" +
+ "A1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEVMBMGA1UECxMMU2VydmVyIENBIDRB\n" +
+ "MQ8wDQYDVQQDEwZBbWF6b24wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASRP0kIW0Ha\n" +
+ "7+ORvEVhIS5gIgkH66X5W9vBRTX14oG/1elIyI6LbFZ+E5KAufL0XoWJGI1WbPRm\n" +
+ "HW246FKSzF0wOEZZyxEROz6tuaVsnXRHRE76roS/Wr064uJpKH+Lv+SjggE5MIIB\n" +
+ "NTASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQU\n" +
+ "pSHN2+tTIZmqytlnQpQlsnv0wuMwHwYDVR0jBBgwFoAU0+zHOmVuzOHadppW+5zz\n" +
+ "hm1X5YEwewYIKwYBBQUHAQEEbzBtMC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5y\n" +
+ "b290Y2E0LmFtYXpvbnRydXN0LmNvbTA6BggrBgEFBQcwAoYuaHR0cDovL2NydC5y\n" +
+ "b290Y2E0LmFtYXpvbnRydXN0LmNvbS9yb290Y2E0LmNlcjA/BgNVHR8EODA2MDSg\n" +
+ "MqAwhi5odHRwOi8vY3JsLnJvb3RjYTQuYW1hem9udHJ1c3QuY29tL3Jvb3RjYTQu\n" +
+ "Y3JsMBEGA1UdIAQKMAgwBgYEVR0gADAKBggqhkjOPQQDAwNpADBmAjEA59RAOBaj\n" +
+ "uh0rT/OOTWPEv6TBnb9XEadburBaXb8SSrR8il+NdkfS9WXRAzbwrG7LAjEA3ukD\n" +
+ "1HrQq+WXHBM5sIuViJI/Zh7MOjsc159Q+dn36PBqLRq03AXqE/lRjnv8C5nj\n" +
+ "-----END CERTIFICATE-----";
+
+ // Owner: CN=good.sca4a.amazontrust.com, O=Amazon Trust Services, L=Seattle, ST=Washington, C=US, \
+ // SERIALNUMBER=5846743, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, \
+ // OID.1.3.6.1.4.1.311.60.2.1.3=US
+ // Issuer: CN=Amazon, OU=Server CA 4A, O=Amazon, C=US
+ // Serial number: 703e4ec57c72d5669efbc98875c3f6bc3f934
+ // Valid from: Mon Jul 29 16:55:17 PDT 2019 until: Sat Aug 29 16:55:17 PDT 2020
+ private static final String VALID = "-----BEGIN CERTIFICATE-----\n" +
+ "MIIDxTCCA0qgAwIBAgITBwPk7FfHLVZp77yYh1w/a8P5NDAKBggqhkjOPQQDAzBG\n" +
+ "MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg\n" +
+ "Q0EgNEExDzANBgNVBAMTBkFtYXpvbjAeFw0xOTA3MjkyMzU1MTdaFw0yMDA4Mjky\n" +
+ "MzU1MTdaMIHaMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwCAQIT\n" +
+ "CERlbGF3YXJlMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjEQMA4GA1UE\n" +
+ "BRMHNTg0Njc0MzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAO\n" +
+ "BgNVBAcTB1NlYXR0bGUxHjAcBgNVBAoTFUFtYXpvbiBUcnVzdCBTZXJ2aWNlczEj\n" +
+ "MCEGA1UEAxMaZ29vZC5zY2E0YS5hbWF6b250cnVzdC5jb20wdjAQBgcqhkjOPQIB\n" +
+ "BgUrgQQAIgNiAAS9fqMYfOBsdXMSsPjqOlTgIGOlOQWA7Wg6XwVvHTr0+UN+XTeC\n" +
+ "yZN+XjLbEDQ0CF5eryRZ535sDpwh3qNe0lYFO1n1+2iDtDI1jhhLNYNxBpVnR2BU\n" +
+ "2l9EuRmgRbQpDCajggFjMIIBXzAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0OBBYEFMd0\n" +
+ "itH5IcE6DpM1uTSBV/6DLmK7MB8GA1UdIwQYMBaAFKUhzdvrUyGZqsrZZ0KUJbJ7\n" +
+ "9MLjMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1BggrBgEFBQcBAQRp\n" +
+ "MGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnNjYTRhLmFtYXpvbnRydXN0LmNv\n" +
+ "bTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5zY2E0YS5hbWF6b250cnVzdC5jb20v\n" +
+ "c2NhNGEuY2VyMCUGA1UdEQQeMByCGmdvb2Quc2NhNGEuYW1hem9udHJ1c3QuY29t\n" +
+ "MFAGA1UdIARJMEcwDQYLYIZIAYb9bgEHGAMwNgYFZ4EMAQEwLTArBggrBgEFBQcC\n" +
+ "ARYfaHR0cHM6Ly93d3cuYW1hem9udHJ1c3QuY29tL2NwczAKBggqhkjOPQQDAwNp\n" +
+ "ADBmAjEA2RBD1F+rnm394VkqA3ncysM3deoyfWqaoAO5923MNisswPnHfVqnfeXf\n" +
+ "ZwTAvVTBAjEAiiaPx9GRjEk8IBKvCSbTp9rPogVTN7zDDQGrwA83O0pRP7A0dxtT\n" +
+ "pn/0K5Sj8otp\n" +
+ "-----END CERTIFICATE-----";
+
+ // Owner: CN=revoked.sca4a.amazontrust.com, O=Amazon Trust Services, L=Seattle, ST=Washington, C=US, \
+ // SERIALNUMBER=5846743, OID.2.5.4.15=PrivateOrganization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, \
+ // OID.1.3.6.1.4.1.311.60.2.1.3=US
+ // Issuer: CN=Amazon, OU=Server CA 4A, O=Amazon, C=US
+ // Serial number: 6f1d79295c384a699d51c2d756bd46213b5b3
+ // Valid from: Mon Jan 28 15:41:16 PST 2019 until: Thu Apr 28 16:41:16 PDT 2022
+ private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" +
+ "MIIDjTCCAxKgAwIBAgITBvHXkpXDhKaZ1RwtdWvUYhO1szAKBggqhkjOPQQDAzBG\n" +
+ "MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg\n" +
+ "Q0EgNEExDzANBgNVBAMTBkFtYXpvbjAeFw0xOTAxMjgyMzQxMTZaFw0yMjA0Mjgy\n" +
+ "MzQxMTZaMIHcMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwCAQIT\n" +
+ "CERlbGF3YXJlMRwwGgYDVQQPExNQcml2YXRlT3JnYW5pemF0aW9uMRAwDgYDVQQF\n" +
+ "Ewc1ODQ2NzQzMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4G\n" +
+ "A1UEBxMHU2VhdHRsZTEeMBwGA1UEChMVQW1hem9uIFRydXN0IFNlcnZpY2VzMSYw\n" +
+ "JAYDVQQDEx1yZXZva2VkLnNjYTRhLmFtYXpvbnRydXN0LmNvbTB2MBAGByqGSM49\n" +
+ "AgEGBSuBBAAiA2IABLuNpZTcNU3FElNP3Y/OeXIZcIMXkFTBi/n92fNwHfqUbEhH\n" +
+ "H+PovJ26eAGvb5a8bGc275MBFcVnWL0rCVgM+j9KAtBDCRJX3f7mo0D2VKcmtZKu\n" +
+ "jPxwGPy2kuqM505dGqOCASkwggElMA4GA1UdDwEB/wQEAwIHgDAdBgNVHQ4EFgQU\n" +
+ "zUFIhn+hphzCKA2qgAdLztSBzJgwHwYDVR0jBBgwFoAUpSHN2+tTIZmqytlnQpQl\n" +
+ "snv0wuMwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMHUGCCsGAQUFBwEB\n" +
+ "BGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3Auc2NhNGEuYW1hem9udHJ1c3Qu\n" +
+ "Y29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnNjYTRhLmFtYXpvbnRydXN0LmNv\n" +
+ "bS9zY2E0YS5jZXIwKAYDVR0RBCEwH4IdcmV2b2tlZC5zY2E0YS5hbWF6b250cnVz\n" +
+ "dC5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEwCgYIKoZIzj0EAwMDaQAwZgIxALDA\n" +
+ "klY3iKwyzwpwVtLfLxzQEl45xvE2VjBJvfJJ60KhJt7Ud0gt0zxkogh29+mpEQIx\n" +
+ "ANTG1mk8OJB41DU7ru1Pwc6ju8STw1FdwDp/Eliqhvnm2i0k4/F1bBHLta2mlC2V\n" +
+ "hg==\n" +
+ "-----END CERTIFICATE-----";
+
+ public void runTest(ValidatePathWithParams pathValidator, boolean ocspEnabled) throws Exception {
+ // EE certificates don't have CRLDP extension
+ if (!ocspEnabled){
+ pathValidator.validate(new String[]{INT},
+ ValidatePathWithParams.Status.GOOD, null, System.out);
+
+ return;
+ }
+
+ // Validate valid
+ pathValidator.validate(new String[]{VALID, INT},
+ ValidatePathWithParams.Status.GOOD, null, System.out);
+
+ // Validate Revoked
+ pathValidator.validate(new String[]{REVOKED, INT},
+ ValidatePathWithParams.Status.REVOKED,
+ "Mon Jan 28 15:41:53 PST 2019", System.out);
+ }
+}
diff --git a/jdk/test/security/infra/java/security/cert/CertPathValidator/certification/LuxTrustCA.java b/jdk/test/security/infra/java/security/cert/CertPathValidator/certification/LuxTrustCA.java
new file mode 100644
index 00000000000..63ba5e1bbab
--- /dev/null
+++ b/jdk/test/security/infra/java/security/cert/CertPathValidator/certification/LuxTrustCA.java
@@ -0,0 +1,194 @@
+/*
+ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8232019
+ * @summary Interoperability tests with LuxTrust Global Root 2 CA
+ * @build ValidatePathWithParams
+ * @run main/othervm -Djava.security.debug=certpath LuxTrustCA OCSP
+ * @run main/othervm -Djava.security.debug=certpath LuxTrustCA CRL
+ */
+
+/*
+ * Obtain TLS test artifacts for LuxTrust CAs from:
+ *
+ * LuxTrust Global Root 2 CA sent test certificates as attachment
+ */
+public class LuxTrustCA {
+
+ // Owner: CN=LuxTrust Global Qualified CA 3, O=LuxTrust S.A., C=LU
+ // Issuer: CN=LuxTrust Global Root 2, O=LuxTrust S.A., C=LU
+ // Serial number: 413dea1a28c2253845558e047f3e2a8b5b9baeae
+ // Valid from: Fri Mar 06 06:12:15 PST 2015 until: Mon Mar 05 05:21:57 PST 2035
+ private static final String INT = "-----BEGIN CERTIFICATE-----\n" +
+ "MIIGcjCCBFqgAwIBAgIUQT3qGijCJThFVY4Efz4qi1ubrq4wDQYJKoZIhvcNAQEL\n" +
+ "BQAwRjELMAkGA1UEBhMCTFUxFjAUBgNVBAoMDUx1eFRydXN0IFMuQS4xHzAdBgNV\n" +
+ "BAMMFkx1eFRydXN0IEdsb2JhbCBSb290IDIwHhcNMTUwMzA2MTQxMjE1WhcNMzUw\n" +
+ "MzA1MTMyMTU3WjBOMQswCQYDVQQGEwJMVTEWMBQGA1UECgwNTHV4VHJ1c3QgUy5B\n" +
+ "LjEnMCUGA1UEAwweTHV4VHJ1c3QgR2xvYmFsIFF1YWxpZmllZCBDQSAzMIICIjAN\n" +
+ "BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuZ5iXSmFbP80gWb0kieYsImcyIo3\n" +
+ "QYg+XA3NlwH6QtI0PgZEG9dSo8pM7VMIzE5zq8tgJ50HnPdYflvfhkEKvAW2NuNX\n" +
+ "6hi/6HK4Nye+kB+INjpfAHmLft3GT95e+frk/t7hJNorK44xzqfWZKLNGysEHIri\n" +
+ "ddcePWOk3J/VMc9CsSemeZbmeZW1/xXeqolMS7JIDZ3+0DgVCYsKIK+b3sAQ8iqX\n" +
+ "bQlQyvymG6QyoQoJbuEP23iawRMWKNWk+sjzOkPAAQDtgEEVdggzzudLSM04C5Cj\n" +
+ "eLlLYuXgljler9bKRk9wW8nkareLZsn9uCDihGXGyC5m9jseGY1KAnlV8usLjBFA\n" +
+ "iW5OCnzcOg+CPsVucoRhS6uvXcu7VtHRGo5yLysJVv7sj6cx5lMvQKAMLviVi3kp\n" +
+ "hZKYfqVLAVFJpXTpunY2GayVGf/uOpzNoiSRpcxxYjmAlPKNeTgXVl5Mc0zojgT/\n" +
+ "MZTGFN7ov7n01yodN6OhfTADacvaKfj2C2CwdCJvMqvlUuCKrvuXbdZrtRm3BZXr\n" +
+ "ghGhuQmG0Tir7VVCI0WZjVjyHs2rpUcCQ6+D1WymKhzp0mrXdaFzYRce7FrEk69J\n" +
+ "WzWVp/9/GKnnb0//camavEaI4V64MVxYAir5AL/j7d4JIOqhPPU14ajxmC6dEH84\n" +
+ "guVs0Lo/dwVTUzsCAwEAAaOCAU4wggFKMBIGA1UdEwEB/wQIMAYBAf8CAQAwQwYD\n" +
+ "VR0gBDwwOjA4BggrgSsBAQEKAzAsMCoGCCsGAQUFBwIBFh5odHRwczovL3JlcG9z\n" +
+ "aXRvcnkubHV4dHJ1c3QubHUwagYIKwYBBQUHAQEEXjBcMCsGCCsGAQUFBzABhh9o\n" +
+ "dHRwOi8vbHRncm9vdC5vY3NwLmx1eHRydXN0Lmx1MC0GCCsGAQUFBzAChiFodHRw\n" +
+ "Oi8vY2EubHV4dHJ1c3QubHUvTFRHUkNBMi5jcnQwDgYDVR0PAQH/BAQDAgEGMB8G\n" +
+ "A1UdIwQYMBaAFP8YKHb5SAUsoa7xKxsrslP4S3yzMDMGA1UdHwQsMCowKKAmoCSG\n" +
+ "Imh0dHA6Ly9jcmwubHV4dHJ1c3QubHUvTFRHUkNBMi5jcmwwHQYDVR0OBBYEFGOP\n" +
+ "wosDsauO2FNHlh2ZqH32rKh1MA0GCSqGSIb3DQEBCwUAA4ICAQADB6M/edbOO9iJ\n" +
+ "COnVxayJ1NBk08/BVKlHwe7HBYAzT6Kmo3TbMUwOpcGI2e/NBCR3F4wTzXOVvFmv\n" +
+ "dBl7sdS6uMSLBTrav+5LChcFDBQj26X5VQDcXkA8b/u6J4Ve7CwoSesYg9H0fsJ3\n" +
+ "v12QrmGUUao9gbamKP1TFriO+XiIaDLYectruusRktIke9qy8MCpNSarZqr3oD3c\n" +
+ "/+N5D3lDlGpaz1IL8TpbubFEQHPCr6JiwR+qSqGRfxv8vIvOOAVxe7np5QhtwmCk\n" +
+ "XdMOPQ/XOOuEA06bez+zHkASX64at7dXru+4JUEbpijjMA+1jbFZr20OeBIQZL7o\n" +
+ "Est+FF8lFuvmucC9TS9QnlF28WJExvpIknjS7LhFMGXB9w380q38ZOuKjPZpoztY\n" +
+ "eyUpf8gxzV7fE5Q1okhnsDZ+12vBzBruzJcwtNuXyLyIh3fVN0LunVd+NP2kGjB2\n" +
+ "t9WD2Y0CaKxWx8snDdrSbAi46TpNoe04eroWgZOvdN0hEmf2d8tYBSJ/XZekU9sC\n" +
+ "Aww5vxHnXJi6CZHhjt8f1mMhyE2gBvmpk4CFetViO2sG0n/nsxCQNpnclsax/eJu\n" +
+ "XmGiZ3OPCIRijI5gy3pLRgnbgLyktWoOkmT/gxtWDLfVZwEt52JL8d550KIgttyR\n" +
+ "qX81LJWGSDdpnzeRVQEnzAt6+RebAQ==\n" +
+ "-----END CERTIFICATE-----";
+
+ // Owner: T=Private Person, SERIALNUMBER=00100978855105608536,
+ // GIVENNAME=TokenPRIActive, SURNAME=Test, CN=TokenPRIActive Test, C=DE
+ // Issuer: CN=LuxTrust Global Qualified CA 3, O=LuxTrust S.A., C=LU
+ // Serial number: 3814b6
+ // Valid from: Wed Jul 10 04:36:12 PDT 2019 until: Sun Jul 10 04:36:12 PDT 2022
+ private static final String VALID = "-----BEGIN CERTIFICATE-----\n" +
+ "MIIG/jCCBOagAwIBAgIDOBS2MA0GCSqGSIb3DQEBCwUAME4xCzAJBgNVBAYTAkxV\n" +
+ "MRYwFAYDVQQKDA1MdXhUcnVzdCBTLkEuMScwJQYDVQQDDB5MdXhUcnVzdCBHbG9i\n" +
+ "YWwgUXVhbGlmaWVkIENBIDMwHhcNMTkwNzEwMTEzNjEyWhcNMjIwNzEwMTEzNjEy\n" +
+ "WjCBizELMAkGA1UEBhMCREUxHDAaBgNVBAMTE1Rva2VuUFJJQWN0aXZlIFRlc3Qx\n" +
+ "DTALBgNVBAQTBFRlc3QxFzAVBgNVBCoTDlRva2VuUFJJQWN0aXZlMR0wGwYDVQQF\n" +
+ "ExQwMDEwMDk3ODg1NTEwNTYwODUzNjEXMBUGA1UEDBMOUHJpdmF0ZSBQZXJzb24w\n" +
+ "ggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDb8l2RJNS7iA9hJFj8aR25\n" +
+ "kpU/ZQTHl8Z9yrTLhr4VcMWMxqeOQUcUU27SgIuFvU9s/68OuaIhxyu6eohaGCLC\n" +
+ "wzFFRg8OlsUYuI1QtUEliIjmHOMDqSNIt093+SDV64osnHw5fpfy8V0zehEkd7QR\n" +
+ "t7Aq38ixCQyxCmNIDJeDCKJT+wwdLaKuw/4SEpR9sygSxZ3kG6kF4icsgYuiOCRx\n" +
+ "+DrS1wP9kcrQVWQ0bJbGzwxLZXCHaJsWE1Y17mQAO4Iv/9icqDkP3bZBU5GCgbNT\n" +
+ "JEP2GiUUPU3nL41Tlq03+iDmkS2bpWCtFZmTgUg+1nJEb7PSCJ9VcoflOOFgX/ku\n" +
+ "TQCJWwhsgyOneEZAg7PpzOj2msxA9RWI88FzRnX/zyjWEpdUCVJ85hFw8u+UZ7k1\n" +
+ "eF37oOpgNxQMJ+/ey7huneTzyhpFz/TqJpfMmwaGbPL6zmPLAMQalIPQj+68zlcX\n" +
+ "qyeKVbZU74Vm051kXb/3qs6CeUpT4HrY3UmHWLvOdNkCAwEAAaOCAiUwggIhMB8G\n" +
+ "A1UdIwQYMBaAFGOPwosDsauO2FNHlh2ZqH32rKh1MGYGCCsGAQUFBwEBBFowWDAn\n" +
+ "BggrBgEFBQcwAYYbaHR0cDovL3FjYS5vY3NwLmx1eHRydXN0Lmx1MC0GCCsGAQUF\n" +
+ "BzAChiFodHRwOi8vY2EubHV4dHJ1c3QubHUvTFRHUUNBMy5jcnQwggEuBgNVHSAE\n" +
+ "ggElMIIBITCCARMGC4g3AQOBKwEBCgMFMIIBAjAqBggrBgEFBQcCARYeaHR0cHM6\n" +
+ "Ly9yZXBvc2l0b3J5Lmx1eHRydXN0Lmx1MIHTBggrBgEFBQcCAjCBxgyBw0x1eFRy\n" +
+ "dXN0IENlcnRpZmljYXRlIG5vdCBvbiBTU0NEIGNvbXBsaWFudCB3aXRoIEVUU0kg\n" +
+ "VFMgMTAyIDA0MiBOQ1AgY2VydGlmaWNhdGUgcG9saWN5LiBLZXkgR2VuZXJhdGlv\n" +
+ "biBieSBDU1AuIFNvbGUgQXV0aG9yaXNlZCBVc2FnZTogU2lnbmF0dXJlLCBEYXRh\n" +
+ "IG9yIEVudGl0eSBBdXRoZW50aWNhdGlvbiBhbmQgRGF0YSBFbmNyeXB0aW9uLjAI\n" +
+ "BgYEAI96AQEwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5sdXh0cnVzdC5s\n" +
+ "dS9MVEdRQ0EzLmNybDARBgNVHQ4ECgQISND+8GZyXrcwDgYDVR0PAQH/BAQDAgTw\n" +
+ "MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggIBAA54w2kGy+hJsYSyrQ5C\n" +
+ "ft0rasUHQviEiy31H2Z1lh4yEPLiuUsaepdzG4bov/J1RewX1fL7fvErraKK7nNr\n" +
+ "ioAXNElHtC0wfxGx0xGaCz7xsZIDFgpzyPqS+vd8VKbRCOY66AI+3aPiatCsk+BM\n" +
+ "Hp9GwW3B1e5EOgXiWVNxzYFtav5QSAj28IEV7ZuN2BIiU+phawRaoFy+4glMB7zE\n" +
+ "J5AM/Zfi50Q85ljy1kWUueFE3VNDafAUGOF5gTHvkKqj6LznUkqcT8m96Wd0IbF2\n" +
+ "BLYjnKPF6lGJsivErGqMwQIhlUUMkRQ13/hftL12rIiSjC1C/6cnbxOjWEOGnler\n" +
+ "Qn2zu2OTGnnrYxp/hojdZggb5Yt9mkM3EmyuqP1W4g0xtMv9q97swm/fHz/rDh8T\n" +
+ "MqrEOJzz284IM0DXjXq1wkmsZ/6/ueCyf0oBN0csvYspZKmLAydZ+jZmjdKKxX+N\n" +
+ "dreauHgOq1knLHkMb/YIyA+Oh6SBlNXL4Iae8APQcRGnylHQ1lc/YHTqWh8N1tmn\n" +
+ "no5r1kVJBYYtkI3oufaLtP7JIazteZlqTN+tubMJhO4xGgt6bqEpQiid9r3UnIjR\n" +
+ "esLYxXS5qRwSoOSleXT98H75+Ok1WR3ciD4exBR8/KcUtDITvDJhkBHnRHm40jFs\n" +
+ "5UbHFf98S6G9dqzsqW8+2Bpn\n" +
+ "-----END CERTIFICATE-----";
+
+ // Owner: T=Private Person, SERIALNUMBER=00100918135105608625,
+ // GIVENNAME=TokenPRIREV, SURNAME=Test, CN=TokenPRIREV Test, C=LU
+ // Issuer: CN=LuxTrust Global Qualified CA 3, O=LuxTrust S.A., C=LU
+ // Serial number: 3814b8
+ // Valid from: Wed Jul 10 04:36:48 PDT 2019 until: Sun Jul 10 04:36:48 PDT 2022
+ private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" +
+ "MIIG+DCCBOCgAwIBAgIDOBS4MA0GCSqGSIb3DQEBCwUAME4xCzAJBgNVBAYTAkxV\n" +
+ "MRYwFAYDVQQKDA1MdXhUcnVzdCBTLkEuMScwJQYDVQQDDB5MdXhUcnVzdCBHbG9i\n" +
+ "YWwgUXVhbGlmaWVkIENBIDMwHhcNMTkwNzEwMTEzNjQ4WhcNMjIwNzEwMTEzNjQ4\n" +
+ "WjCBhTELMAkGA1UEBhMCTFUxGTAXBgNVBAMTEFRva2VuUFJJUkVWIFRlc3QxDTAL\n" +
+ "BgNVBAQTBFRlc3QxFDASBgNVBCoTC1Rva2VuUFJJUkVWMR0wGwYDVQQFExQwMDEw\n" +
+ "MDkxODEzNTEwNTYwODYyNTEXMBUGA1UEDBMOUHJpdmF0ZSBQZXJzb24wggGiMA0G\n" +
+ "CSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQCcm7y4c/D58u6g3m6HGdfiqDXa2yEl\n" +
+ "H2cAeSb85fsAX08iXfa/U/kmFqqycwp2nsJdfor6HEEqHsmozyjjIWHDEsq+cUre\n" +
+ "SO6d2Ag29MrxsAWZ1XAol40FcxNN+yEL9Xs5doqqcbz3OoKdxkoWVdYq3D7peizF\n" +
+ "OER4M2XA0KSLiKXDapDCfTVLE6qRG6Cn5mqnlqbUtkI6vSsda5mWLSNe4Qw/PIMw\n" +
+ "v7ZDn5dHeHoV6UpZC95Ole5vMQfjAOsy4nRc1zofQz7iPw4ClNzDQSuonaAKSk3Y\n" +
+ "1KjWPmHshb6BoANL+ce1KuWESKV3D5lBkVVLTeoBkWQu7ViJviF2HE5UoPRSGijO\n" +
+ "nmGOTZRsjOJXPe7/pEq9SQ477EufnSsoCj1cPCtaowbsO7oswzV/axKMhhZf6nU7\n" +
+ "0wd9xUuMgMRKBfi026mYK7pdxJ85qE8qKlqeNprje+g1sjxMDbMHARA427Px0IUJ\n" +
+ "mzIJk0ysAQvbqQVe8QQM/f+PH3mUkXR02H8CAwEAAaOCAiUwggIhMB8GA1UdIwQY\n" +
+ "MBaAFGOPwosDsauO2FNHlh2ZqH32rKh1MGYGCCsGAQUFBwEBBFowWDAnBggrBgEF\n" +
+ "BQcwAYYbaHR0cDovL3FjYS5vY3NwLmx1eHRydXN0Lmx1MC0GCCsGAQUFBzAChiFo\n" +
+ "dHRwOi8vY2EubHV4dHJ1c3QubHUvTFRHUUNBMy5jcnQwggEuBgNVHSAEggElMIIB\n" +
+ "ITCCARMGC4g3AQOBKwEBCgMFMIIBAjAqBggrBgEFBQcCARYeaHR0cHM6Ly9yZXBv\n" +
+ "c2l0b3J5Lmx1eHRydXN0Lmx1MIHTBggrBgEFBQcCAjCBxgyBw0x1eFRydXN0IENl\n" +
+ "cnRpZmljYXRlIG5vdCBvbiBTU0NEIGNvbXBsaWFudCB3aXRoIEVUU0kgVFMgMTAy\n" +
+ "IDA0MiBOQ1AgY2VydGlmaWNhdGUgcG9saWN5LiBLZXkgR2VuZXJhdGlvbiBieSBD\n" +
+ "U1AuIFNvbGUgQXV0aG9yaXNlZCBVc2FnZTogU2lnbmF0dXJlLCBEYXRhIG9yIEVu\n" +
+ "dGl0eSBBdXRoZW50aWNhdGlvbiBhbmQgRGF0YSBFbmNyeXB0aW9uLjAIBgYEAI96\n" +
+ "AQEwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5sdXh0cnVzdC5sdS9MVEdR\n" +
+ "Q0EzLmNybDARBgNVHQ4ECgQIS0KUXpWyku0wDgYDVR0PAQH/BAQDAgTwMAwGA1Ud\n" +
+ "EwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggIBAFSnezuyeRO0sh9e8/1N+2RE6Uhb\n" +
+ "RIdLKmaS8hMOyUNBapnHfJAdOn7j767qWQjRop5VNCcv0zDOxAqApxFiz4gJdzBY\n" +
+ "FVrEVwYos8a3BHLXNxfwIWEJ6EjlqI2qI3NjqK8m4M8LTq4G94V2/MOFVpXeCLju\n" +
+ "r0s+XZep2Sk9J4ofUOc8Gp7IZNhPzIlfKQ+KhnWovde4bpL3zRpp4u7Y580XsBuN\n" +
+ "kow2Eg84tRzSVizmgLPuRbySHuMo1jGIP7F9FdtOC8VVSjntfCXSEQqOvpH4YZ8S\n" +
+ "V4qP17CQHPWW1kOHAyXpkAjU+6SOlmF76Adv9nQFTZ6DAnKqiuxmi8EVCv96aFD7\n" +
+ "Ih+zBF7kj7fghPjUzsVdB6gI4VwuFCXEaAfWlxJS67s1hKnsCyqX3cu+Gnq9aRt+\n" +
+ "08iaTVEdrKL95AYYobVbnGJ7bH87SpenjLL+CDctXNNDlpJZ8eRYcQe+Q4dg+8L8\n" +
+ "X8tkXBeRbiZD1U7XwVBnKF6sJmhA4F/h/EJzwX0lp7EU6EO91bSiwD2NFVs+64UR\n" +
+ "9lftfFFm5In2N3vjDR/3nrCf3Jq9f0g7bTrNJmo+hc0+fD+zlAhZAx+ii2xE1cY1\n" +
+ "KLH2zXNzPUgIqYGdVQwn1TUFJN8JgGKsXwc+P51nEpgf6JVyK1m7EtVGtr9gF7DI\n" +
+ "P+4VSqTbTp4/l5n0\n" +
+ "-----END CERTIFICATE-----";
+
+ public static void main(String[] args) throws Exception {
+
+ ValidatePathWithParams pathValidator = new ValidatePathWithParams(null);
+
+ if (args.length >= 1 && "CRL".equalsIgnoreCase(args[0])) {
+ pathValidator.enableCRLCheck();
+ } else {
+ // OCSP check by default
+ pathValidator.enableOCSPCheck();
+ }
+
+ // Validate valid
+ pathValidator.validate(new String[]{VALID, INT},
+ ValidatePathWithParams.Status.GOOD, null, System.out);
+
+ // Validate Revoked
+ pathValidator.validate(new String[]{REVOKED, INT},
+ ValidatePathWithParams.Status.REVOKED,
+ "Wed Jul 10 04:48:49 PDT 2019", System.out);
+ }
+}
diff --git a/jdk/test/sun/misc/URLClassPath/JarClassPathFileEntry.java b/jdk/test/sun/misc/URLClassPath/JarClassPathFileEntry.java
new file mode 100644
index 00000000000..6f57ec514d6
--- /dev/null
+++ b/jdk/test/sun/misc/URLClassPath/JarClassPathFileEntry.java
@@ -0,0 +1,103 @@
+/*
+ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.io.File;
+import java.net.URL;
+import java.net.URLClassLoader;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.util.jar.Attributes;
+import java.util.jar.Manifest;
+import jdk.testlibrary.InMemoryJavaCompiler;
+import jdk.testlibrary.JarUtils;
+
+/*
+ * @test
+ * @bug 8216401
+ * @summary Test loading of JAR Class-Path entry with file: scheme
+ * @library /lib/testlibrary
+ *
+ * @run main/othervm JarClassPathFileEntry
+ * @run main/othervm -Djdk.net.URLClassPath.disableClassPathURLCheck=true JarClassPathFileEntry
+ * @run main/othervm -Djdk.net.URLClassPath.disableClassPathURLCheck=false JarClassPathFileEntry
+ */
+
+public class JarClassPathFileEntry {
+ private final static boolean IS_WINDOWS = System.getProperty("os.name").startsWith("Windows");
+
+ private final static String TEST_CLASSES = System.getProperty("test.classes");
+ private final static String OTHER_DIR = TEST_CLASSES + "/OTHER/";
+
+ private final static Path OTHER_JAR_PATH = Paths.get(OTHER_DIR, "Other.jar");
+ private final static Path CONTEXT_JAR_PATH = Paths.get(TEST_CLASSES, "Context.jar");
+
+ public static void main(String[] args) throws Throwable {
+ // Create Other.class in OTHER_DIR, off the default classpath
+ byte klassbuf[] = InMemoryJavaCompiler.compile("Other",
+ "public class Other {}");
+ ClassFileInstaller.writeClassToDisk("Other", klassbuf, OTHER_DIR);
+
+ // Create Other.jar in OTHER_DIR
+ JarUtils.createJarFile(OTHER_JAR_PATH,
+ Paths.get(OTHER_DIR),
+ Paths.get(OTHER_DIR, "Other.class"));
+
+ // Create Context.class
+ klassbuf = InMemoryJavaCompiler.compile("Context",
+ "public class Context {}");
+ ClassFileInstaller.writeClassToDisk("Context", klassbuf, TEST_CLASSES);
+
+ // Create Context.jar w/ "file:" entry for Other.jar
+ Manifest mf = new Manifest();
+ Attributes attrs = mf.getMainAttributes();
+ attrs.put(Attributes.Name.MANIFEST_VERSION, "1.0");
+
+ String classPathEntry = "file:" + (IS_WINDOWS ? toUnixPath(OTHER_JAR_PATH.toString())
+ : OTHER_JAR_PATH.toString());
+ attrs.put(Attributes.Name.CLASS_PATH, classPathEntry);
+
+ System.out.println("Creating Context.jar with Class-Path: " + classPathEntry);
+ JarUtils.createJarFile(CONTEXT_JAR_PATH, mf,
+ Paths.get(TEST_CLASSES),
+ Paths.get(TEST_CLASSES, "Context.class"));
+
+ // Use URLClassLoader w/ Context.jar to load Other.class, which will
+ // load via the Class-Path entry
+ URL url = CONTEXT_JAR_PATH.toUri().toURL();
+ URLClassLoader ucl = new URLClassLoader(new URL[]{ url },
+ null); // don't delegate to App CL
+ Class> otherClass = Class.forName("Other", true, ucl); // ClassNotFoundException -> fail
+ System.out.println("Loaded: " + otherClass);
+ }
+
+ /* Convert a Windows path to a unix-style path, and remove any drive letter */
+ private static String toUnixPath(String orig) {
+ String retVal = new File(orig).toURI().getPath();
+ int colonAt = retVal.indexOf(':');
+
+ if (colonAt != -1 && colonAt < 3) {
+ retVal = retVal.substring(colonAt + 1); // Start after the drive letter
+ }
+ return retVal;
+ }
+}
diff --git a/jdk/test/sun/net/www/B8185898.java b/jdk/test/sun/net/www/B8185898.java
new file mode 100644
index 00000000000..67f3998e6bd
--- /dev/null
+++ b/jdk/test/sun/net/www/B8185898.java
@@ -0,0 +1,283 @@
+/*
+ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * @test
+ * @bug 8185898
+ * @library /lib/testlibrary
+ * @run main/othervm B8185898
+ * @summary setRequestProperty(key, null) results in HTTP header without colon in request
+ */
+
+import java.io.*;
+import java.net.*;
+import java.util.Arrays;
+import java.util.List;
+import java.util.Map;
+import java.util.HashMap;
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.Executors;
+import java.util.stream.Collectors;
+import java.util.Collections;
+
+import jdk.testlibrary.net.URIBuilder;
+import sun.net.www.MessageHeader;
+import com.sun.net.httpserver.HttpContext;
+import com.sun.net.httpserver.HttpExchange;
+import com.sun.net.httpserver.HttpHandler;
+import com.sun.net.httpserver.HttpServer;
+
+import static java.nio.charset.StandardCharsets.ISO_8859_1;
+import static java.nio.charset.StandardCharsets.UTF_8;
+
+/*
+ * Test checks that MessageHeader with key != null and value == null is set correctly
+ * and printed according to HTTP standard in the format :
+ * */
+public class B8185898 {
+
+ static HttpServer server;
+ static final String RESPONSE_BODY = "Test response body";
+ static final String H1 = "X-header1";
+ static final String H2 = "X-header2";
+ static final String VALUE = "This test value should appear";
+ static final List oneList = Arrays.asList(VALUE);
+ static final List zeroList = Arrays.asList("");
+ static int port;
+ static URL url;
+ static volatile Map> headers;
+
+ static class Handler implements HttpHandler {
+
+ public void handle(HttpExchange t) throws IOException {
+ InputStream is = t.getRequestBody();
+ InetSocketAddress rem = t.getRemoteAddress();
+ headers = t.getRequestHeaders(); // Get request headers on the server side
+ while(is.read() != -1){}
+ is.close();
+
+ OutputStream os = t.getResponseBody();
+ t.sendResponseHeaders(200, RESPONSE_BODY.length());
+ os.write(RESPONSE_BODY.getBytes(UTF_8));
+ t.close();
+ }
+ }
+
+ public static void main(String[] args) throws Exception {
+ ExecutorService exec = Executors.newCachedThreadPool();
+ InetAddress loopback = InetAddress.getLoopbackAddress();
+
+ try {
+ InetSocketAddress addr = new InetSocketAddress(loopback, 0);
+ server = HttpServer.create(addr, 100);
+ HttpHandler handler = new Handler();
+ HttpContext context = server.createContext("/", handler);
+ server.setExecutor(exec);
+ server.start();
+
+ port = server.getAddress().getPort();
+ System.out.println("Server on port: " + port);
+ url = URIBuilder.newBuilder()
+ .scheme("http")
+ .loopback()
+ .port(port)
+ .path("/foo")
+ .toURLUnchecked();
+ System.out.println("URL: " + url);
+ testMessageHeader();
+ testMessageHeaderMethods();
+ testURLConnectionMethods();
+ } finally {
+ server.stop(0);
+ System.out.println("After server shutdown");
+ exec.shutdown();
+ }
+ }
+
+ // Test message header with malformed message header and fake request line
+ static void testMessageHeader() {
+ final String badHeader = "This is not a request line for HTTP/1.1";
+ final String fakeRequestLine = "This /is/a/fake/status/line HTTP/2.0";
+ final String expectedHeaders = fakeRequestLine + "\r\n"
+ + H1 + ": " + VALUE + "\r\n"
+ + H2 + ": " + VALUE + "\r\n"
+ + badHeader + ":\r\n\r\n";
+
+ MessageHeader header = new MessageHeader();
+ header.add(H1, VALUE);
+ header.add(H2, VALUE);
+ header.add(badHeader, null);
+ header.prepend(fakeRequestLine, null);
+ ByteArrayOutputStream out = new ByteArrayOutputStream();
+ header.print(new PrintStream(out));
+
+ if (!out.toString().equals(expectedHeaders)) {
+ throw new AssertionError("FAILED: expected: "
+ + expectedHeaders + "\nReceived: " + out.toString());
+ } else {
+ System.out.println("PASSED: ::print returned correct "
+ + "status line and headers:\n" + out.toString());
+ }
+ }
+
+ // Test MessageHeader::print, ::toString, implicitly testing that
+ // MessageHeader::mergeHeader formats headers correctly for responses
+ static void testMessageHeaderMethods() throws IOException {
+ // {{inputString1, expectedToString1, expectedPrint1}, {...}}
+ String[][] strings = {
+ {"HTTP/1.1 200 OK\r\n"
+ + "Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2\r\n"
+ + "Connection: keep-alive\r\n"
+ + "Host: 127.0.0.1:12345\r\n"
+ + "User-agent: Java/12\r\n\r\nfoooo",
+ "pairs: {null: HTTP/1.1 200 OK}"
+ + "{Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2}"
+ + "{Connection: keep-alive}"
+ + "{Host: 127.0.0.1:12345}"
+ + "{User-agent: Java/12}",
+ "Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2\r\n"
+ + "Connection: keep-alive\r\n"
+ + "Host: 127.0.0.1:12345\r\n"
+ + "User-agent: Java/12\r\n\r\n"},
+ {"HTTP/1.1 200 OK\r\n"
+ + "Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2\r\n"
+ + "Connection: keep-alive\r\n"
+ + "Host: 127.0.0.1:12345\r\n"
+ + "User-agent: Java/12\r\n"
+ + "X-Header:\r\n\r\n",
+ "pairs: {null: HTTP/1.1 200 OK}"
+ + "{Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2}"
+ + "{Connection: keep-alive}"
+ + "{Host: 127.0.0.1:12345}"
+ + "{User-agent: Java/12}"
+ + "{X-Header: }",
+ "Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2\r\n"
+ + "Connection: keep-alive\r\n"
+ + "Host: 127.0.0.1:12345\r\n"
+ + "User-agent: Java/12\r\n"
+ + "X-Header: \r\n\r\n"},
+ };
+
+ System.out.println("Test custom message headers");
+ for (String[] s : strings) {
+ // Test MessageHeader::toString
+ MessageHeader header = new MessageHeader(
+ new ByteArrayInputStream(s[0].getBytes(ISO_8859_1)));
+ if (!header.toString().endsWith(s[1])) {
+ throw new AssertionError("FAILED: expected: "
+ + s[1] + "\nReceived: " + header);
+ } else {
+ System.out.println("PASSED: ::toString returned correct "
+ + "status line and headers:\n" + header);
+ }
+
+ // Test MessageHeader::print
+ ByteArrayOutputStream out = new ByteArrayOutputStream();
+ header.print(new PrintStream(out));
+ if (!out.toString().equals(s[2])) {
+ throw new AssertionError("FAILED: expected: "
+ + s[2] + "\nReceived: " + out.toString());
+ } else {
+ System.out.println("PASSED: ::print returned correct "
+ + "status line and headers:\n" + out.toString());
+ }
+ }
+ }
+
+ // Test methods URLConnection::getRequestProperties,
+ // ::getHeaderField, ::getHeaderFieldKey
+ static void testURLConnectionMethods() throws IOException {
+ HttpURLConnection urlConn = (HttpURLConnection) url.openConnection(Proxy.NO_PROXY);
+ urlConn.setRequestProperty(H1, "");
+ urlConn.setRequestProperty(H1, VALUE);
+ urlConn.setRequestProperty(H2, null); // Expected to contain ':' between key and value
+ Map> props = urlConn.getRequestProperties();
+ Map> expectedMap = new HashMap>();
+ expectedMap.put(H1, oneList);
+ expectedMap.put(H2, Arrays.asList((String)null));
+
+ // Test request properties
+ System.out.println("Client request properties");
+ StringBuilder sb = new StringBuilder();
+ props.forEach((k, v) -> sb.append(k + ": "
+ + v.stream().collect(Collectors.joining()) + "\n"));
+ System.out.println(sb);
+
+ if (!props.equals(expectedMap)) {
+ throw new AssertionError("Unexpected properties returned: "
+ + props);
+ } else {
+ System.out.println("Properties returned as expected");
+ }
+
+ // Test header fields
+ String headerField = urlConn.getHeaderField(0);
+ if (!headerField.contains("200 OK")) {
+ throw new AssertionError("Expected headerField[0]: status line. "
+ + "Received: " + headerField);
+ } else {
+ System.out.println("PASSED: headerField[0] contains status line: "
+ + headerField);
+ }
+
+ String headerFieldKey = urlConn.getHeaderFieldKey(0);
+ if (headerFieldKey != null) {
+ throw new AssertionError("Expected headerFieldKey[0]: null. "
+ + "Received: " + headerFieldKey);
+ } else {
+ System.out.println("PASSED: headerFieldKey[0] is null");
+ }
+
+ // Check that test request headers are included with correct format
+ try (
+ BufferedReader in = new BufferedReader(
+ new InputStreamReader(urlConn.getInputStream()))
+ ) {
+ if (!headers.keySet().contains(H1)) {
+ throw new AssertionError("Expected key not found: "
+ + H1 + ": " + VALUE);
+ } else if (!headers.get(H1).equals(oneList)) {
+ throw new AssertionError("Unexpected key-value pair: "
+ + H1 + ": " + headers.get(H1));
+ } else {
+ System.out.println("PASSED: " + H1 + " included in request headers");
+ }
+
+ if (!headers.keySet().contains(H2)) {
+ throw new AssertionError("Expected key not found: "
+ + H2 + ": ");
+ // Check that empty list is returned
+ } else if (!headers.get(H2).equals(zeroList)) {
+ throw new AssertionError("Unexpected key-value pair: "
+ + H2 + ": " + headers.get(H2));
+ } else {
+ System.out.println("PASSED: " + H2 + " included in request headers");
+ }
+
+ String inputLine;
+ while ((inputLine = in.readLine()) != null) {
+ System.out.println(inputLine);
+ }
+ }
+ }
+}
diff --git a/jdk/test/sun/security/ec/SignatureDigestTruncate.java b/jdk/test/sun/security/ec/SignatureDigestTruncate.java
index a0ebbb2cf58..18208fc38f4 100644
--- a/jdk/test/sun/security/ec/SignatureDigestTruncate.java
+++ b/jdk/test/sun/security/ec/SignatureDigestTruncate.java
@@ -91,22 +91,25 @@ private static void runTest(String alg, String curveName,
String privateKeyStr, String msgStr, String kStr, String sigStr)
throws Exception {
+ System.out.println("Testing " + alg + " with " + curveName);
+
byte[] privateKey = Convert.hexStringToByteArray(privateKeyStr);
byte[] msg = Convert.hexStringToByteArray(msgStr);
byte[] k = Convert.hexStringToByteArray(kStr);
byte[] expectedSig = Convert.hexStringToByteArray(sigStr);
- AlgorithmParameters params = AlgorithmParameters.getInstance("EC");
+ AlgorithmParameters params =
+ AlgorithmParameters.getInstance("EC", "SunEC");
params.init(new ECGenParameterSpec(curveName));
ECParameterSpec ecParams =
params.getParameterSpec(ECParameterSpec.class);
- KeyFactory kf = KeyFactory.getInstance("EC");
+ KeyFactory kf = KeyFactory.getInstance("EC", "SunEC");
BigInteger s = new BigInteger(1, privateKey);
ECPrivateKeySpec privKeySpec = new ECPrivateKeySpec(s, ecParams);
PrivateKey privKey = kf.generatePrivate(privKeySpec);
- Signature sig = Signature.getInstance(alg);
+ Signature sig = Signature.getInstance(alg, "SunEC");
sig.initSign(privKey, new FixedRandom(k));
sig.update(msg);
byte[] computedSig = sig.sign();
diff --git a/jdk/test/sun/security/lib/cacerts/VerifyCACerts.java b/jdk/test/sun/security/lib/cacerts/VerifyCACerts.java
index 585f1e9cc65..bed497b0046 100644
--- a/jdk/test/sun/security/lib/cacerts/VerifyCACerts.java
+++ b/jdk/test/sun/security/lib/cacerts/VerifyCACerts.java
@@ -26,7 +26,7 @@
* @test
* @bug 8189131 8198240 8191844 8189949 8191031 8196141 8204923 8195774 8199779
* 8209452 8209506 8210432 8195793 8216577 8222089 8222133 8222137 8222136
- * 8223499
+ * 8223499 8232019 8233223
* @summary Check root CA entries in cacerts file
*/
import java.io.File;
@@ -50,7 +50,7 @@ public class VerifyCACerts {
+ File.separator + "security" + File.separator + "cacerts";
// The numbers of certs now.
- private static final int COUNT = 88;
+ private static final int COUNT = 93;
// map of cert alias to SHA-256 fingerprint
@SuppressWarnings("serial")
@@ -233,6 +233,16 @@ public class VerifyCACerts {
"DD:69:36:FE:21:F8:F0:77:C1:23:A1:A5:21:C1:22:24:F7:22:55:B7:3E:03:A7:26:06:93:E8:A2:4B:0F:A3:89");
put("globalsignrootcar6 [jdk]",
"2C:AB:EA:FE:37:D0:6C:A2:2A:BA:73:91:C0:03:3D:25:98:29:52:C4:53:64:73:49:76:3A:3A:B5:AD:6C:CF:69");
+ put("luxtrustglobalroot2ca [jdk]",
+ "54:45:5F:71:29:C2:0B:14:47:C4:18:F9:97:16:8F:24:C5:8F:C5:02:3B:F5:DA:5B:E2:EB:6E:1D:D8:90:2E:D5");
+ put("amazonrootca1 [jdk]",
+ "8E:CD:E6:88:4F:3D:87:B1:12:5B:A3:1A:C3:FC:B1:3D:70:16:DE:7F:57:CC:90:4F:E1:CB:97:C6:AE:98:19:6E");
+ put("amazonrootca2 [jdk]",
+ "1B:A5:B2:AA:8C:65:40:1A:82:96:01:18:F8:0B:EC:4F:62:30:4D:83:CE:C4:71:3A:19:C3:9C:01:1E:A4:6D:B4");
+ put("amazonrootca3 [jdk]",
+ "18:CE:6C:FE:7B:F1:4E:60:B2:E3:47:B8:DF:E8:68:CB:31:D0:2E:BB:3A:DA:27:15:69:F5:03:43:B4:6D:B3:A4");
+ put("amazonrootca4 [jdk]",
+ "E3:5D:28:41:9E:D0:20:25:CF:A6:90:38:CD:62:39:62:45:8D:A5:C6:95:FB:DE:A3:C2:2B:0B:FB:25:89:70:92");
}
};
diff --git a/jdk/test/sun/security/pkcs12/MixedcaseAlias.java b/jdk/test/sun/security/pkcs12/MixedcaseAlias.java
new file mode 100644
index 00000000000..520da009b75
--- /dev/null
+++ b/jdk/test/sun/security/pkcs12/MixedcaseAlias.java
@@ -0,0 +1,68 @@
+/*
+ * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8173956
+ * @summary KeyStore regression due to default keystore being changed to PKCS12
+ */
+
+import java.io.*;
+import java.security.KeyStore;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+
+/**
+ * Test that a PKCS12 keystore entry with mixed-case alias can be retrieved.
+ */
+public class MixedcaseAlias {
+ private static final String DIR = System.getProperty("test.src", ".");
+ private static final String CERT = DIR + "/trusted.pem";
+ private static final String ALIAS = "Mixed-case Alias";
+
+ public static void main(String[] ignored) throws Exception {
+ KeyStore keystore = KeyStore.getInstance("PKCS12");
+ keystore.load(null, null);
+
+ keystore.setCertificateEntry(ALIAS, loadCertificate(CERT));
+ KeyStore.Entry entry = keystore.getEntry(ALIAS, null);
+
+ if (entry == null) {
+ throw new Exception(
+ "Error retrieving keystore entry using a mixed-case alias");
+ }
+
+ System.out.println("OK");
+ }
+
+ private static Certificate loadCertificate(String certFile)
+ throws Exception {
+ X509Certificate cert = null;
+ try (FileInputStream certStream = new FileInputStream(certFile)) {
+ CertificateFactory factory =
+ CertificateFactory.getInstance("X.509");
+ return factory.generateCertificate(certStream);
+ }
+ }
+}
diff --git a/jdk/test/sun/security/provider/DSA/TestAlgParameterGenerator.java b/jdk/test/sun/security/provider/DSA/TestAlgParameterGenerator.java
index 43ed0a9980b..385f1fb0f94 100644
--- a/jdk/test/sun/security/provider/DSA/TestAlgParameterGenerator.java
+++ b/jdk/test/sun/security/provider/DSA/TestAlgParameterGenerator.java
@@ -23,56 +23,59 @@
/*
* @test
- * @bug 7044060 8181048
+ * @bug 7044060 8055351 8181048
* @summary verify that DSA parameter generation works
- * @run main/othervm/timeout=300 TestAlgParameterGenerator
+ * @run main/timeout=600 TestAlgParameterGenerator
*/
-import java.security.*;
-import java.security.spec.*;
-import java.security.interfaces.*;
+
+import java.security.AlgorithmParameterGenerator;
+import java.security.AlgorithmParameters;
+import java.security.spec.DSAGenParameterSpec;
+import java.security.spec.DSAParameterSpec;
public class TestAlgParameterGenerator {
private static void checkParamStrength(AlgorithmParameters param,
- int strength) throws Exception {
+ int strength) throws Exception {
String algo = param.getAlgorithm();
if (!algo.equalsIgnoreCase("DSA")) {
- throw new Exception("Unexpected type of parameters: " + algo);
+ throw new RuntimeException("Unexpected type of parameters: " + algo);
}
DSAParameterSpec spec = param.getParameterSpec(DSAParameterSpec.class);
int valueL = spec.getP().bitLength();
if (strength != valueL) {
System.out.println("Expected " + strength + " but actual " + valueL);
- throw new Exception("Wrong P strength");
+ throw new RuntimeException("Wrong P strength");
}
}
+
private static void checkParamStrength(AlgorithmParameters param,
- DSAGenParameterSpec genParam)
- throws Exception {
+ DSAGenParameterSpec genParam)
+ throws Exception {
String algo = param.getAlgorithm();
if (!algo.equalsIgnoreCase("DSA")) {
- throw new Exception("Unexpected type of parameters: " + algo);
+ throw new RuntimeException("Unexpected type of parameters: " + algo);
}
DSAParameterSpec spec = param.getParameterSpec(DSAParameterSpec.class);
int valueL = spec.getP().bitLength();
int strength = genParam.getPrimePLength();
if (strength != valueL) {
System.out.println("P: Expected " + strength + " but actual " + valueL);
- throw new Exception("Wrong P strength");
+ throw new RuntimeException("Wrong P strength");
}
int valueN = spec.getQ().bitLength();
strength = genParam.getSubprimeQLength();
if (strength != valueN) {
System.out.println("Q: Expected " + strength + " but actual " + valueN);
- throw new Exception("Wrong Q strength");
+ throw new RuntimeException("Wrong Q strength");
}
}
public static void main(String[] args) throws Exception {
- AlgorithmParameterGenerator apg =
- AlgorithmParameterGenerator.getInstance("DSA", "SUN");
-
+ AlgorithmParameterGenerator apg
+ = AlgorithmParameterGenerator.getInstance("DSA", "SUN");
long start, stop;
+
// make sure no-init still works
start = System.currentTimeMillis();
AlgorithmParameters param = apg.generateParameters();
@@ -80,9 +83,8 @@ public static void main(String[] args) throws Exception {
System.out.println("Time: " + (stop - start) + " ms.");
// make sure the old model works
- int[] strengths = { 512, 768, 1024 };
- for (int i = 0; i < strengths.length; i++) {
- int sizeP = strengths[i];
+ int[] strengths = {512, 768, 1024};
+ for (int sizeP : strengths) {
System.out.println("Generating " + sizeP + "-bit DSA Parameters");
start = System.currentTimeMillis();
apg.init(sizeP);
@@ -93,18 +95,17 @@ public static void main(String[] args) throws Exception {
}
// now the newer model
- DSAGenParameterSpec spec1 = new DSAGenParameterSpec(1024, 160);
- DSAGenParameterSpec spec2 = new DSAGenParameterSpec(2048, 224);
- DSAGenParameterSpec spec3 = new DSAGenParameterSpec(2048, 256);
- //DSAGenParameterSpec spec4 = new DSAGenParameterSpec(3072, 256);
DSAGenParameterSpec[] specSet = {
- spec1, spec2, spec3//, spec4
+ new DSAGenParameterSpec(1024, 160),
+ new DSAGenParameterSpec(2048, 224),
+ new DSAGenParameterSpec(2048, 256)
+ // no support for prime size 3072
+ // ,new DSAGenParameterSpec(3072, 256)
};
- for (int i = 0; i < specSet.length; i++) {
- DSAGenParameterSpec genParam = specSet[i];
- System.out.println("Generating (" + genParam.getPrimePLength() +
- ", " + genParam.getSubprimeQLength() +
- ") DSA Parameters");
+
+ for (DSAGenParameterSpec genParam : specSet) {
+ System.out.println("Generating (" + genParam.getPrimePLength()
+ + ", " + genParam.getSubprimeQLength() + ") DSA Parameters");
start = System.currentTimeMillis();
apg.init(genParam, null);
param = apg.generateParameters();
diff --git a/jdk/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/PostThruProxy.java b/jdk/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/PostThruProxy.java
index 9fb21a2348d..389029c1492 100644
--- a/jdk/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/PostThruProxy.java
+++ b/jdk/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/PostThruProxy.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2001, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -21,27 +21,31 @@
* questions.
*/
-/*
- * This test is run using PostThruProxy.sh
- */
-
import java.io.*;
import java.net.*;
import java.security.KeyStore;
import javax.net.*;
import javax.net.ssl.*;
-import java.security.cert.*;
+
+import jdk.testlibrary.OutputAnalyzer;
+import jdk.testlibrary.ProcessTools;
/*
- * This test case is written to test the https POST through a proxy.
- * There is no proxy authentication done.
- *
- * PostThruProxy.java -- includes a simple server that serves
- * http POST method requests in secure channel, and a client
- * that makes https POST request through a proxy.
+ * @test
+ * @bug 4423074
+ * @summary This test case is written to test the https POST through a proxy.
+ * There is no proxy authentication done. It includes a simple server
+ * that serves http POST method requests in secure channel, and a client
+ * that makes https POST request through a proxy.
+ * @library /lib/testlibrary
+ * @compile OriginServer.java ProxyTunnelServer.java
+ * @run main/othervm PostThruProxy
*/
-
public class PostThruProxy {
+
+ private static final String TEST_SRC = System.getProperty("test.src", ".");
+ private static final int TIMEOUT = 30000;
+
/*
* Where do we find the keystores?
*/
@@ -76,14 +80,10 @@ public byte[] getBytes() {
/*
* Main method to create the server and client
*/
- public static void main(String args[]) throws Exception
- {
- String keyFilename =
- args[1] + "/" + pathToStores +
- "/" + keyStoreFile;
- String trustFilename =
- args[1] + "/" + pathToStores +
- "/" + trustStoreFile;
+ public static void main(String args[]) throws Exception {
+ String keyFilename = TEST_SRC + "/" + pathToStores + "/" + keyStoreFile;
+ String trustFilename = TEST_SRC + "/" + pathToStores + "/"
+ + trustStoreFile;
System.setProperty("javax.net.ssl.keyStore", keyFilename);
System.setProperty("javax.net.ssl.keyStorePassword", passwd);
@@ -95,10 +95,9 @@ public static void main(String args[]) throws Exception
* setup the server
*/
try {
- ServerSocketFactory ssf =
- PostThruProxy.getServerSocketFactory(useSSL);
+ ServerSocketFactory ssf = getServerSocketFactory(useSSL);
ServerSocket ss = ssf.createServerSocket(serverPort);
- ss.setSoTimeout(30000); // 30 seconds
+ ss.setSoTimeout(TIMEOUT); // 30 seconds
serverPort = ss.getLocalPort();
new TestServer(ss);
} catch (Exception e) {
@@ -108,35 +107,29 @@ public static void main(String args[]) throws Exception
}
// trigger the client
try {
- doClientSide(args[0]);
+ doClientSide();
} catch (Exception e) {
System.out.println("Client side failed: " +
e.getMessage());
throw e;
- }
+ }
}
private static ServerSocketFactory getServerSocketFactory
(boolean useSSL) throws Exception {
if (useSSL) {
- SSLServerSocketFactory ssf = null;
// set up key manager to do server authentication
- SSLContext ctx;
- KeyManagerFactory kmf;
- KeyStore ks;
+ SSLContext ctx = SSLContext.getInstance("TLS");
+ KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
+ KeyStore ks = KeyStore.getInstance("JKS");
char[] passphrase = passwd.toCharArray();
- ctx = SSLContext.getInstance("TLS");
- kmf = KeyManagerFactory.getInstance("SunX509");
- ks = KeyStore.getInstance("JKS");
-
ks.load(new FileInputStream(System.getProperty(
"javax.net.ssl.keyStore")), passphrase);
kmf.init(ks, passphrase);
ctx.init(kmf.getKeyManagers(), null, null);
- ssf = ctx.getServerSocketFactory();
- return ssf;
+ return ctx.getServerSocketFactory();
} else {
return ServerSocketFactory.getDefault();
}
@@ -147,7 +140,7 @@ public static void main(String args[]) throws Exception
*/
static String postMsg = "Testing HTTP post on a https server";
- static void doClientSide(String hostname) throws Exception {
+ static void doClientSide() throws Exception {
HostnameVerifier reservedHV =
HttpsURLConnection.getDefaultHostnameVerifier();
try {
@@ -162,10 +155,12 @@ static void doClientSide(String hostname) throws Exception {
*/
HttpsURLConnection.setDefaultHostnameVerifier(
new NameVerifier());
- URL url = new URL("https://" + hostname+ ":" + serverPort);
+ URL url = new URL("https://" + getHostname() +":" + serverPort);
Proxy p = new Proxy(Proxy.Type.HTTP, pAddr);
HttpsURLConnection https = (HttpsURLConnection)url.openConnection(p);
+ https.setConnectTimeout(TIMEOUT);
+ https.setReadTimeout(TIMEOUT);
https.setDoOutput(true);
https.setRequestMethod("POST");
PrintStream ps = null;
@@ -190,6 +185,9 @@ static void doClientSide(String hostname) throws Exception {
if (ps != null)
ps.close();
throw e;
+ } catch (SocketTimeoutException e) {
+ System.out.println("Client can not get response in time: "
+ + e.getMessage());
}
} finally {
HttpsURLConnection.setDefaultHostnameVerifier(reservedHV);
@@ -210,4 +208,13 @@ static SocketAddress setupProxy() throws IOException {
pserver.start();
return new InetSocketAddress("localhost", pserver.getPort());
}
+
+ private static String getHostname() {
+ try {
+ OutputAnalyzer oa = ProcessTools.executeCommand("hostname");
+ return oa.getOutput().trim();
+ } catch (Throwable e) {
+ throw new RuntimeException("Get hostname failed.", e);
+ }
+ }
}
diff --git a/jdk/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/PostThruProxy.sh b/jdk/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/PostThruProxy.sh
deleted file mode 100644
index 1b7cf984e8b..00000000000
--- a/jdk/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/PostThruProxy.sh
+++ /dev/null
@@ -1,58 +0,0 @@
-#!/bin/sh
-
-#
-# Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
-# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
-#
-# This code is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License version 2 only, as
-# published by the Free Software Foundation.
-#
-# This code is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-# version 2 for more details (a copy is included in the LICENSE file that
-# accompanied this code).
-#
-# You should have received a copy of the GNU General Public License version
-# 2 along with this work; if not, write to the Free Software Foundation,
-# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
-#
-# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
-# or visit www.oracle.com if you need additional information or have any
-# questions.
-#
-
-
-#
-# @test
-# @bug 4423074
-# @summary Need to rebase all the duplicated classes from Merlin
-
-HOSTNAME=`uname -n`
-OS=`uname -s`
-case "$OS" in
- SunOS | Linux | Darwin | AIX )
- PS=":"
- FS="/"
- ;;
- CYGWIN* )
- PS=";"
- FS="/"
- ;;
- Windows* )
- PS=";"
- FS="\\"
- ;;
- * )
- echo "Unrecognized system!"
- exit 1;
- ;;
-esac
-
-${COMPILEJAVA}${FS}bin${FS}javac ${TESTJAVACOPTS} ${TESTTOOLVMOPTS} -d . \
- ${TESTSRC}${FS}OriginServer.java \
- ${TESTSRC}${FS}ProxyTunnelServer.java \
- ${TESTSRC}${FS}PostThruProxy.java
-${TESTJAVA}${FS}bin${FS}java ${TESTVMOPTS} PostThruProxy ${HOSTNAME} ${TESTSRC}
-exit
diff --git a/jdk/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/PostThruProxyWithAuth.java b/jdk/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/PostThruProxyWithAuth.java
index ccd8360ea9e..15f89768d84 100644
--- a/jdk/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/PostThruProxyWithAuth.java
+++ b/jdk/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/PostThruProxyWithAuth.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2001, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -21,28 +21,31 @@
* questions.
*/
-/*
- * This test is run through PostThruProxyWithAuth.sh
- */
-
import java.io.*;
import java.net.*;
import java.security.KeyStore;
import javax.net.*;
import javax.net.ssl.*;
-import java.security.cert.*;
+
+import jdk.testlibrary.OutputAnalyzer;
+import jdk.testlibrary.ProcessTools;
/*
- * This test case is written to test the https POST through a proxy
- * with proxy authentication.
- *
- * PostThruProxyWithAuth.java -- includes a simple server that serves
- * http POST method requests in secure channel, and a client
- * that makes https POST request through a proxy.
+ * @test
+ * @bug 4423074
+ * @summary This test case is written to test the https POST through a proxy
+ * with proxy authentication. It includes a simple server that serves
+ * http POST method requests in secure channel, and a client that
+ * makes https POST request through a proxy.
+ * @library /lib/testlibrary
+ * @compile OriginServer.java ProxyTunnelServer.java
+ * @run main/othervm -Djdk.http.auth.tunneling.disabledSchemes= PostThruProxyWithAuth
*/
-
public class PostThruProxyWithAuth {
+ private static final String TEST_SRC = System.getProperty("test.src", ".");
+ private static final int TIMEOUT = 30000;
+
/*
* Where do we find the keystores?
*/
@@ -78,14 +81,10 @@ public byte[] getBytes() {
/*
* Main method to create the server and client
*/
- public static void main(String args[]) throws Exception
- {
- String keyFilename =
- args[1] + "/" + pathToStores +
- "/" + keyStoreFile;
- String trustFilename =
- args[1] + "/" + pathToStores +
- "/" + trustStoreFile;
+ public static void main(String args[]) throws Exception {
+ String keyFilename = TEST_SRC + "/" + pathToStores + "/" + keyStoreFile;
+ String trustFilename = TEST_SRC + "/" + pathToStores + "/"
+ + trustStoreFile;
System.setProperty("javax.net.ssl.keyStore", keyFilename);
System.setProperty("javax.net.ssl.keyStorePassword", passwd);
@@ -97,10 +96,9 @@ public static void main(String args[]) throws Exception
* setup the server
*/
try {
- ServerSocketFactory ssf =
- PostThruProxyWithAuth.getServerSocketFactory(useSSL);
+ ServerSocketFactory ssf = getServerSocketFactory(useSSL);
ServerSocket ss = ssf.createServerSocket(serverPort);
- ss.setSoTimeout(30000); // 30 seconds
+ ss.setSoTimeout(TIMEOUT); // 30 seconds
serverPort = ss.getLocalPort();
new TestServer(ss);
} catch (Exception e) {
@@ -110,7 +108,7 @@ public static void main(String args[]) throws Exception
}
// trigger the client
try {
- doClientSide(args[0]);
+ doClientSide();
} catch (Exception e) {
System.out.println("Client side failed: " +
e.getMessage());
@@ -121,24 +119,18 @@ public static void main(String args[]) throws Exception
private static ServerSocketFactory getServerSocketFactory
(boolean useSSL) throws Exception {
if (useSSL) {
- SSLServerSocketFactory ssf = null;
// set up key manager to do server authentication
- SSLContext ctx;
- KeyManagerFactory kmf;
- KeyStore ks;
+ SSLContext ctx = SSLContext.getInstance("TLS");
+ KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
+ KeyStore ks = KeyStore.getInstance("JKS");
char[] passphrase = passwd.toCharArray();
- ctx = SSLContext.getInstance("TLS");
- kmf = KeyManagerFactory.getInstance("SunX509");
- ks = KeyStore.getInstance("JKS");
-
ks.load(new FileInputStream(System.getProperty(
"javax.net.ssl.keyStore")), passphrase);
kmf.init(ks, passphrase);
ctx.init(kmf.getKeyManagers(), null, null);
- ssf = ctx.getServerSocketFactory();
- return ssf;
+ return ctx.getServerSocketFactory();
} else {
return ServerSocketFactory.getDefault();
}
@@ -149,7 +141,7 @@ public static void main(String args[]) throws Exception
*/
static String postMsg = "Testing HTTP post on a https server";
- static void doClientSide(String hostname) throws Exception {
+ static void doClientSide() throws Exception {
/*
* setup up a proxy
*/
@@ -161,10 +153,12 @@ static void doClientSide(String hostname) throws Exception {
*/
HttpsURLConnection.setDefaultHostnameVerifier(
new NameVerifier());
- URL url = new URL("https://" + hostname + ":" + serverPort);
+ URL url = new URL("https://" + getHostname() + ":" + serverPort);
Proxy p = new Proxy(Proxy.Type.HTTP, pAddr);
HttpsURLConnection https = (HttpsURLConnection)url.openConnection(p);
+ https.setConnectTimeout(TIMEOUT);
+ https.setReadTimeout(TIMEOUT);
https.setDoOutput(true);
https.setRequestMethod("POST");
PrintStream ps = null;
@@ -188,6 +182,9 @@ static void doClientSide(String hostname) throws Exception {
if (ps != null)
ps.close();
throw e;
+ } catch (SocketTimeoutException e) {
+ System.out.println("Client can not get response in time: "
+ + e.getMessage());
}
}
@@ -221,4 +218,13 @@ public PasswordAuthentication getPasswordAuthentication() {
"test123".toCharArray());
}
}
+
+ private static String getHostname() {
+ try {
+ OutputAnalyzer oa = ProcessTools.executeCommand("hostname");
+ return oa.getOutput().trim();
+ } catch (Throwable e) {
+ throw new RuntimeException("Get hostname failed.", e);
+ }
+ }
}
diff --git a/jdk/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/PostThruProxyWithAuth.sh b/jdk/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/PostThruProxyWithAuth.sh
deleted file mode 100644
index a89827c9db8..00000000000
--- a/jdk/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/PostThruProxyWithAuth.sh
+++ /dev/null
@@ -1,59 +0,0 @@
-#!/bin/sh
-
-#
-# Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
-# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
-#
-# This code is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License version 2 only, as
-# published by the Free Software Foundation.
-#
-# This code is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-# version 2 for more details (a copy is included in the LICENSE file that
-# accompanied this code).
-#
-# You should have received a copy of the GNU General Public License version
-# 2 along with this work; if not, write to the Free Software Foundation,
-# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
-#
-# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
-# or visit www.oracle.com if you need additional information or have any
-# questions.
-#
-
-
-#
-# @test
-# @bug 4423074
-# @summary Need to rebase all the duplicated classes from Merlin
-
-HOSTNAME=`uname -n`
-OS=`uname -s`
-case "$OS" in
- SunOS | Linux | Darwin | AIX )
- PS=":"
- FS="/"
- ;;
- CYGWIN* )
- PS=";"
- FS="/"
- ;;
- Windows* )
- PS=";"
- FS="\\"
- ;;
- * )
- echo "Unrecognized system!"
- exit 1;
- ;;
-esac
-
-${COMPILEJAVA}${FS}bin${FS}javac ${TESTJAVACOPTS} ${TESTTOOLVMOPTS} -d . ${TESTSRC}${FS}OriginServer.java \
- ${TESTSRC}${FS}ProxyTunnelServer.java \
- ${TESTSRC}${FS}PostThruProxyWithAuth.java
-${TESTJAVA}${FS}bin${FS}java ${TESTVMOPTS} \
- -Djdk.http.auth.tunneling.disabledSchemes= \
- PostThruProxyWithAuth ${HOSTNAME} ${TESTSRC}
-exit
diff --git a/jdk/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/ProxyTunnelServer.java b/jdk/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/ProxyTunnelServer.java
index f4987685faa..02a7af75317 100644
--- a/jdk/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/ProxyTunnelServer.java
+++ b/jdk/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/ProxyTunnelServer.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2001, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -32,13 +32,14 @@
import java.io.*;
import java.net.*;
-import javax.net.ssl.*;
import javax.net.ServerSocketFactory;
import sun.net.www.*;
import java.util.Base64;
public class ProxyTunnelServer extends Thread {
+ private static final int TIMEOUT = 30000;
+
private static ServerSocket ss = null;
/*
* holds the registered user's username and password
@@ -64,8 +65,9 @@ public class ProxyTunnelServer extends Thread {
public ProxyTunnelServer() throws IOException {
if (ss == null) {
- ss = (ServerSocket) ServerSocketFactory.getDefault().
- createServerSocket(0);
+ ss = (ServerSocket) ServerSocketFactory.getDefault()
+ .createServerSocket(0);
+ ss.setSoTimeout(TIMEOUT);
}
}
@@ -86,6 +88,9 @@ public void run() {
try {
clientSocket = ss.accept();
processRequests();
+ } catch (SocketTimeoutException e) {
+ System.out.println(
+ "Proxy can not get response in time: " + e.getMessage());
} catch (Exception e) {
System.out.println("Proxy Failed: " + e);
e.printStackTrace();
@@ -188,8 +193,8 @@ private void doTunnel() throws Exception {
serverToClient.start();
System.out.println("Proxy: Started tunneling.......");
- clientToServer.join();
- serverToClient.join();
+ clientToServer.join(TIMEOUT);
+ serverToClient.join(TIMEOUT);
System.out.println("Proxy: Finished tunneling........");
clientToServer.close();
@@ -219,13 +224,11 @@ public void run() {
int BUFFER_SIZE = 400;
byte[] buf = new byte[BUFFER_SIZE];
int bytesRead = 0;
- int count = 0; // keep track of the amount of data transfer
try {
while ((bytesRead = input.read(buf)) >= 0) {
output.write(buf, 0, bytesRead);
output.flush();
- count += bytesRead;
}
} catch (IOException e) {
/*
@@ -236,7 +239,7 @@ public void run() {
}
}
- public void close() {
+ private void close() {
try {
if (!sockIn.isClosed())
sockIn.close();
@@ -275,7 +278,7 @@ private void retrieveConnectInfo(String connectStr) throws Exception {
serverPort = Integer.parseInt(connectInfo.substring(endi+1));
} catch (Exception e) {
throw new IOException("Proxy recieved a request: "
- + connectStr);
+ + connectStr, e);
}
serverInetAddr = InetAddress.getByName(serverName);
}
diff --git a/langtools/THIRD_PARTY_README b/langtools/THIRD_PARTY_README
index 7dc54a05723..643ea79ce6e 100644
--- a/langtools/THIRD_PARTY_README
+++ b/langtools/THIRD_PARTY_README
@@ -1334,11 +1334,13 @@ SUCH DAMAGE.
--------------------------------------------------------------------------------
-%% This notice is provided with respect to Joni v1.1.9, which may be
+%% This notice is provided with respect to Joni v2.1.16, which may be
included with JRE 8, JDK 8, and OpenJDK 8.
--- begin of LICENSE ---
+Copyright (c) 2017 JRuby Team
+
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
diff --git a/nashorn/THIRD_PARTY_README b/nashorn/THIRD_PARTY_README
index 7dc54a05723..643ea79ce6e 100644
--- a/nashorn/THIRD_PARTY_README
+++ b/nashorn/THIRD_PARTY_README
@@ -1334,11 +1334,13 @@ SUCH DAMAGE.
--------------------------------------------------------------------------------
-%% This notice is provided with respect to Joni v1.1.9, which may be
+%% This notice is provided with respect to Joni v2.1.16, which may be
included with JRE 8, JDK 8, and OpenJDK 8.
--- begin of LICENSE ---
+Copyright (c) 2017 JRuby Team
+
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights