Skip to content
This repository has been archived by the owner. It is now read-only.
Permalink
Browse files
8270872: Final nroff manpage update for JDK 17
Reviewed-by: darcy, mr, iris, naoto
  • Loading branch information
jonathan-gibbons committed Aug 5, 2021
1 parent 90f85ff commit dfacda488bfbe2e11e8d607a6d08527710286982
Showing 27 changed files with 258 additions and 172 deletions.
@@ -22,7 +22,7 @@
.\"t
.\" Automatically generated by Pandoc 2.3.1
.\"
.TH "JAVA" "1" "2021" "JDK 17\-ea" "JDK Commands"
.TH "JAVA" "1" "2021" "JDK 17" "JDK Commands"
.hy
.SH NAME
.PP
@@ -1813,6 +1813,30 @@ is needed.
.PP
You can specify values for multiple parameters by separating them with a
comma.
Event settings and .jfc options can be specified using the following
syntax:
.TP
.B \f[CB]option=\f[R]\f[I]value\f[R]
Specifies the option value to modify.
To list available options, use the \f[CB]JAVA_HOME\f[R]/bin/jfr tool.
.RS
.RE
.TP
.B \f[CB]event\-setting\f[R]=\f[I]value\f[R]
Specifies the event setting value to modify.
Use the form: #= To add a new event setting, prefix the event name with
\[aq]+\[aq].
.RS
.RE
.PP
You can specify values for multiple event settings and .jfc options by
separating them with a comma.
In case of a conflict between a parameter and a .jfc option, the
parameter will take precedence.
The whitespace delimiter can be omitted for timespan values, i.e.
20ms.
For more information about the settings syntax, see Javadoc of the
jdk.jfr package.
.RE
.TP
.B \f[CB]\-XX:ThreadStackSize=\f[R]\f[I]size\f[R]
@@ -22,7 +22,7 @@
.\"t
.\" Automatically generated by Pandoc 2.3.1
.\"
.TH "KEYTOOL" "1" "2021" "JDK 17\-ea" "JDK Commands"
.TH "KEYTOOL" "1" "2021" "JDK 17" "JDK Commands"
.hy
.SH NAME
.PP
@@ -382,6 +382,10 @@ For example, an Elliptic Curve name.
.IP \[bu] 2
{\f[CB]\-sigalg\f[R] \f[I]alg\f[R]}: Signature algorithm name
.IP \[bu] 2
{\f[CB]\-signer\f[R] \f[I]alias\f[R]}: Signer alias
.IP \[bu] 2
[\f[CB]\-signerkeypass\f[R] \f[I]arg\f[R]]: Signer key password
.IP \[bu] 2
[\f[CB]\-dname\f[R] \f[I]name\f[R]]: Distinguished name
.IP \[bu] 2
{\f[CB]\-startdate\f[R] \f[I]date\f[R]}: Certificate validity start date
@@ -417,16 +421,21 @@ with an optional configure argument.
.PP
Use the \f[CB]\-genkeypair\f[R] command to generate a key pair (a public
key and associated private key).
Wraps the public key in an X.509 v3 self\-signed certificate, which is
stored as a single\-element certificate chain.
This certificate chain and the private key are stored in a new keystore
entry that is identified by its alias.
When the \f[CB]\-signer\f[R] option is not specified, the public key is
wrapped in an X.509 v3 self\-signed certificate and stored as a
single\-element certificate chain.
When the \f[CB]\-signer\f[R] option is specified, a new certificate is
generated and signed by the designated signer and stored as a
multiple\-element certificate chain (containing the generated
certificate itself, and the signer???s certificate chain).
The certificate chain and private key are stored in a new keystore entry
that is identified by its alias.
.PP
The \f[CB]\-keyalg\f[R] value specifies the algorithm to be used to
generate the key pair, and the \f[CB]\-keysize\f[R] value specifies the
size of each key to be generated.
The \f[CB]\-sigalg\f[R] value specifies the algorithm that should be used
to sign the self\-signed certificate.
to sign the certificate.
This algorithm must be compatible with the \f[CB]\-keyalg\f[R] value.
.PP
The \f[CB]\-groupname\f[R] value specifies the named group (for example,
@@ -435,9 +444,30 @@ generated.
Only one of \f[CB]\-groupname\f[R] and \f[CB]\-keysize\f[R] can be
specified.
.PP
The \f[CB]\-signer\f[R] value specifies the alias of a
\f[CB]PrivateKeyEntry\f[R] for the signer that already exists in the
keystore.
This option is used to sign the certificate with the signer???s private
key.
This is especially useful for key agreement algorithms (i.e.
the \f[CB]\-keyalg\f[R] value is \f[CB]XDH\f[R], \f[CB]X25519\f[R],
\f[CB]X448\f[R], or \f[CB]DH\f[R]) as these keys cannot be used for digital
signatures, and therefore a self\-signed certificate cannot be created.
.PP
The \f[CB]\-signerkeypass\f[R] value specifies the password of the
signer???s private key.
It can be specified if the private key of the signer entry is protected
by a password different from the store password.
.PP
The \f[CB]\-dname\f[R] value specifies the X.500 Distinguished Name to be
associated with the value of \f[CB]\-alias\f[R], and is used as the issuer
and subject fields in the self\-signed certificate.
associated with the value of \f[CB]\-alias\f[R].
If the \f[CB]\-signer\f[R] option is not specified, the issuer and subject
fields of the self\-signed certificate are populated with the specified
distinguished name.
If the \f[CB]\-signer\f[R] option is specified, the subject field of the
certificate is populated with the specified distinguished name and the
issuer field is populated with the subject field of the signer\[aq]s
certificate.
If a distinguished name is not provided at the command line, then the
user is prompted for one.
.PP
@@ -1531,9 +1561,9 @@ The following examples show the defaults for various option values:
\-alias\ "mykey"

\-keysize
\ \ \ \ 2048\ (when\ using\ \-genkeypair\ and\ \-keyalg\ is\ "RSA",\ "DSA",\ or\ "RSASSA\-PSS")
\ \ \ \ 2048\ (when\ using\ \-genkeypair\ and\ \-keyalg\ is\ "RSA",\ "DSA",\ "RSASSA\-PSS",\ or\ "DH")
\ \ \ \ 256\ (when\ using\ \-genkeypair\ and\ \-keyalg\ is\ "EC")
\ \ \ \ 255\ (when\ using\ \-genkeypair\ and\ \-keyalg\ is\ "EdDSA")
\ \ \ \ 255\ (when\ using\ \-genkeypair\ and\ \-keyalg\ is\ "EdDSA",\ or\ "XDH)
\ \ \ \ 56\ (when\ using\ \-genseckey\ and\ \-keyalg\ is\ "DES")
\ \ \ \ 168\ (when\ using\ \-genseckey\ and\ \-keyalg\ is\ "DESede")

@@ -2531,16 +2561,17 @@ The first certificate in the chain contains the public key that
corresponds to the private key.
.RS
.PP
When keys are first generated, the chain starts off containing a single
element, a self\-signed certificate.
When keys are first generated, the chain usually starts off containing a
single element, a self\-signed certificate.
See \-genkeypair in \f[B]Commands\f[R].
A self\-signed certificate is one for which the issuer (signer) is the
same as the subject.
The subject is the entity whose public key is being authenticated by the
certificate.
Whenever the \f[CB]\-genkeypair\f[R] command is called to generate a new
When the \f[CB]\-genkeypair\f[R] command is called to generate a new
public/private key pair, it also wraps the public key into a
self\-signed certificate.
self\-signed certificate (unless the \f[CB]\-signer\f[R] option is
specified).
.PP
Later, after a Certificate Signing Request (CSR) was generated with the
\f[CB]\-certreq\f[R] command and sent to a Certification Authority (CA),
@@ -21,7 +21,7 @@
.\"
.\" Automatically generated by Pandoc 2.3.1
.\"
.TH "RMIREGISTRY" "1" "2021" "JDK 17\-ea" "JDK Commands"
.TH "RMIREGISTRY" "1" "2021" "JDK 17" "JDK Commands"
.hy
.SH NAME
.PP
@@ -21,7 +21,7 @@
.\"
.\" Automatically generated by Pandoc 2.3.1
.\"
.TH "JRUNSCRIPT" "1" "2021" "JDK 17\-ea" "JDK Commands"
.TH "JRUNSCRIPT" "1" "2021" "JDK 17" "JDK Commands"
.hy
.SH NAME
.PP
@@ -21,7 +21,7 @@
.\"
.\" Automatically generated by Pandoc 2.3.1
.\"
.TH "JAVAC" "1" "2021" "JDK 17\-ea" "JDK Commands"
.TH "JAVAC" "1" "2021" "JDK 17" "JDK Commands"
.hy
.SH NAME
.PP
@@ -360,6 +360,11 @@ Prints a synopsis of the set of extra options.
.RS
.RE
.TP
.B \f[CB]\-\-help\-lint\f[R]
Prints the supported keys for the \f[CB]\-Xlint\f[R] option.
.RS
.RE
.TP
.B \f[CB]\-implicit:\f[R][\f[CB]none\f[R], \f[CB]class\f[R]]
Specifies whether or not to generate class files for implicitly
referenced files:
@@ -2111,18 +2116,18 @@ For example:
Warns about issues related to annotation processing.
The compiler generates this warning when you have a class that has an
annotation, and you use an annotation processor that cannot handle that
type of exception.
type of annotation.
For example, the following is a simple annotation processor:
.RS
.PP
\f[B]Source file AnnocProc.java\f[R]:
\f[B]Source file AnnoProc.java\f[R]:
.IP
.nf
\f[CB]
import\ java.util.*;
import\ javax.annotation.processing.*;
import\ javax.lang.model.*;
import\ javaz.lang.model.element.*;
import\ javax.lang.model.element.*;

\@SupportedAnnotationTypes("NotAnno")
public\ class\ AnnoProc\ extends\ AbstractProcessor\ {
@@ -21,7 +21,7 @@
.\"
.\" Automatically generated by Pandoc 2.3.1
.\"
.TH "SERIALVER" "1" "2021" "JDK 17\-ea" "JDK Commands"
.TH "SERIALVER" "1" "2021" "JDK 17" "JDK Commands"
.hy
.SH NAME
.PP
@@ -1,4 +1,4 @@
.\" Copyright (c) 2019, 2021, Oracle and/or its affiliates. All rights reserved.
.\" Copyright (c) 2019, 2020, Oracle and/or its affiliates. All rights reserved.
.\" DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
.\"
.\" This code is free software; you can redistribute it and/or modify it
@@ -21,7 +21,7 @@
.\"
.\" Automatically generated by Pandoc 2.3.1
.\"
.TH "JHSDB" "1" "2021" "JDK 17\-ea" "JDK Commands"
.TH "JHSDB" "1" "2021" "JDK 17" "JDK Commands"
.hy
.SH NAME
.PP
@@ -31,35 +31,35 @@ analyze the content of a core dump from a crashed Java Virtual Machine
.SH SYNOPSIS
.PP
\f[CB]jhsdb\f[R] \f[CB]clhsdb\f[R] [\f[CB]\-\-pid\f[R] \f[I]pid\f[R] |
\f[CB]\-\-exe\f[R] \f[I]executable\f[R] \f[CB]\-\-core\f[R] \f[I]coredump\f[R] |
\f[CB]\-\-connect\f[R] \f[I][serverid\@]debugd\-host[:registryport][/servername]\f[R]\]
\f[CB]\-\-exe\f[R] \f[I]executable\f[R] \f[CB]\-\-core\f[R]
\f[I]coredump\f[R]]
.PP
\f[CB]jhsdb\f[R] \f[CB]hsdb\f[R] [\f[CB]\-\-pid\f[R] \f[I]pid\f[R] |
\f[CB]\-\-exe\f[R] \f[I]executable\f[R] \f[CB]\-\-core\f[R] \f[I]coredump\f[R] |
\f[CB]\-\-connect\f[R] \f[I][serverid\@]debugd\-host[:registryport][/servername]\f[R]\]
\f[CB]\-\-exe\f[R] \f[I]executable\f[R] \f[CB]\-\-core\f[R]
\f[I]coredump\f[R]]
.PP
\f[CB]jhsdb\f[R] \f[CB]debugd\f[R] (\f[CB]\-\-pid\f[R] \f[I]pid\f[R] |
\f[CB]\-\-exe\f[R] \f[I]executable\f[R] \f[CB]\-\-core\f[R]
\f[I]coredump\f[R]) [\f[I]options\f[R]]
.PP
\f[CB]jhsdb\f[R] \f[CB]jstack\f[R] (\f[CB]\-\-pid\f[R] \f[I]pid\f[R] |
\f[CB]\-\-exe\f[R] \f[I]executable\f[R] \f[CB]\-\-core\f[R] \f[I]coredump\f[R]
| \f[CB]\-\-connect\f[R] \f[I][serverid\@]debugd\-host[:registryport][/servername]\f[R])
| \f[CB]\-\-connect\f[R] \f[I][server\-id\@]debugd\-host\f[R])
[\f[I]options\f[R]]
.PP
\f[CB]jhsdb\f[R] \f[CB]jmap\f[R] (\f[CB]\-\-pid\f[R] \f[I]pid\f[R] |
\f[CB]\-\-exe\f[R] \f[I]executable\f[R] \f[CB]\-\-core\f[R] \f[I]coredump\f[R]
| \f[CB]\-\-connect\f[R] \f[I][serverid\@]debugd\-host[:registryport][/servername]\f[R])
| \f[CB]\-\-connect\f[R] \f[I][server\-id\@]debugd\-host\f[R])
[\f[I]options\f[R]]
.PP
\f[CB]jhsdb\f[R] \f[CB]jinfo\f[R] (\f[CB]\-\-pid\f[R] \f[I]pid\f[R] |
\f[CB]\-\-exe\f[R] \f[I]executable\f[R] \f[CB]\-\-core\f[R] \f[I]coredump\f[R]
| \f[CB]\-\-connect\f[R] \f[I][serverid\@]debugd\-host[:registryport][/servername]\f[R])
| \f[CB]\-\-connect\f[R] \f[I][server\-id\@]debugd\-host\f[R])
[\f[I]options\f[R]]
.PP
\f[CB]jhsdb\f[R] \f[CB]jsnap\f[R] (\f[CB]\-\-pid\f[R] \f[I]pid\f[R] |
\f[CB]\-\-exe\f[R] \f[I]executable\f[R] \f[CB]\-\-core\f[R] \f[I]coredump\f[R]
| \f[CB]\-\-connect\f[R] \f[I][serverid\@]debugd\-host[:registryport][/servername]\f[R])
| \f[CB]\-\-connect\f[R] \f[I][server\-id\@]debugd\-host\f[R])
[\f[I]options\f[R]]
.TP
.B \f[I]pid\f[R]
@@ -81,7 +81,7 @@ The core file to which the \f[CB]jhsdb\f[R] tool should attach.
.RS
.RE
.TP
.B \f[I][serverid\@]debugd\-host[:registryport][/servername]\f[R]
.B \f[I][server\-id\@]debugd\-host\f[R]
An optional server ID and the address of the remote debug server
(debugd).
.RS
@@ -158,10 +158,9 @@ Displays the options available for the \f[I]command\f[R].
.RE
.SH OPTIONS FOR THE DEBUGD MODE
.TP
.B \f[CB]\-\-serverid\f[R] \f[I]serverid\f[R]
.B \f[CB]\-\-serverid\f[R] \f[I]server\-id\f[R]
An optional unique ID for this debug server.
This is required if multiple debug servers are run on the same server instance.
It would be added to RMI object name for server instance.
This is required if multiple debug servers are run on the same machine.
.RS
.RE
.TP
@@ -180,16 +179,6 @@ If the system property is not set, the default port 1099 is used.
.RS
.RE
.TP
.B \f[CB]\-\-disable-registry\f[R]
Disable starting RMI registry on startup.
This option overrides the system property
\[aq]sun.jvm.hotspot.rmi.startRegistry\[aq].
If not specified, RMI registry will be started on startup.
Otherwise it will not be started, and the already started RMI registry
will be used instead.
.RS
.RE
.TP
.B \f[CB]\-\-hostname\f[R] \f[I]hostname\f[R]
Sets the hostname the RMI connector is bound.
The value could be a hostname or an IPv4/IPv6 address.
@@ -199,13 +188,6 @@ If not specified, the system property is used.
If the system property is not set, a system hostname is used.
.RS
.RE
.TP
.B \f[CB]\-\-servername\f[R] \f[I]servername\f[R]
Sets the instance name of debugd server to distinguish SA debugee.
It is used for RMI object name for server instance.
If not specified, "SARemoteDebugger" will be used.
.RS
.RE
.SH OPTIONS FOR THE JINFO MODE
.TP
.B \f[CB]\-\-flags\f[R]
@@ -21,7 +21,7 @@
.\"
.\" Automatically generated by Pandoc 2.3.1
.\"
.TH "JAR" "1" "2021" "JDK 17\-ea" "JDK Commands"
.TH "JAR" "1" "2021" "JDK 17" "JDK Commands"
.hy
.SH NAME
.PP
@@ -1,4 +1,4 @@
.\" Copyright (c) 1998, 2020, Oracle and/or its affiliates. All rights reserved.
.\" Copyright (c) 1998, 2021, Oracle and/or its affiliates. All rights reserved.
.\" DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
.\"
.\" This code is free software; you can redistribute it and/or modify it
@@ -22,7 +22,7 @@
.\"t
.\" Automatically generated by Pandoc 2.3.1
.\"
.TH "JARSIGNER" "1" "2021" "JDK 17\-ea" "JDK Commands"
.TH "JARSIGNER" "1" "2021" "JDK 17" "JDK Commands"
.hy
.SH NAME
.PP
@@ -554,16 +554,19 @@ See Signature File.
.PP
One reason the hash of the manifest file that is stored in the
\f[CB]\&.SF\f[R] file header might not equal the hash of the current
manifest file is that one or more files were added to the JAR file (with
the \f[CB]jar\f[R] tool) after the signature and \f[CB]\&.SF\f[R] file were
generated.
When the \f[CB]jar\f[R] tool is used to add files, the manifest file is
changed by adding sections to it for the new files, but the
\f[CB]\&.SF\f[R] file isn\[aq]t changed.
A verification is still considered successful when none of the files
that were in the JAR file when the signature was generated have been
manifest file is that it might contain sections for newly added files
after the file was signed.
For example, suppose one or more files were added to the signed JAR file
(using the \f[CB]jar\f[R] tool) that already contains a signature and a
\f[CB]\&.SF\f[R] file.
If the JAR file is signed again by a different signer, then the manifest
file is changed (sections are added to it for the new files by the
\f[CB]jarsigner\f[R] tool) and a new \f[CB]\&.SF\f[R] file is created, but
the original \f[CB]\&.SF\f[R] file is unchanged.
A verification is still considered successful if none of the files that
were in the JAR file when the original signature was generated have been
changed since then.
This happens when the hashes in the non\-header sections of the
This is because the hashes in the non\-header sections of the
\f[CB]\&.SF\f[R] file equal the hashes of the corresponding sections in
the manifest file.
.RE

1 comment on commit dfacda4

@openjdk-notifier
Copy link

@openjdk-notifier openjdk-notifier bot commented on dfacda4 Aug 5, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please sign in to comment.