Skip to content

D
dragonwell11

openanolis / dragonwell11

通知 7
Star 2
Fork 0
D
dragonwell11
提交 bbee31b3 编写于 作者: D duke
浏览文件
操作

Merge

上级 5e0985a0 e5771075
展开全部 隐藏空白更改
内联 并排
Showing with 2678 addition and 1661 deletion
.hgtags-top-repo
浏览文件 @ bbee31b3
......@@ -132,3 +132,4 @@ b910aac18c772b823b1f7da03e2c6528725cc6de jdk8-b05
fb1bc13260d76447e269e843859eb593fe2a8ab2 jdk8-b08
8adb70647b5af5273dfe6a540f07be667cd50216 jdk8-b09
a6c4c248e8fa350c35014fa94bab5ac1a1ac3299 jdk8-b10
1defbc57940a56f0aa41e9dee87b71e8c8b71103 jdk8-b11
corba/.hgtags
浏览文件 @ bbee31b3
......@@ -132,3 +132,4 @@ cc1b599b986a37cb57de4584c5e58169766ca535 jdk8-b05
0d52b1c87aa8fdea7fdc9c4126ea58f95ca6b351 jdk8-b08
a891732c1a83082177ff7a4cf1506068d9cc0a47 jdk8-b09
cda87f7fefcee3b89742a57ce5ad9b03a54c210d jdk8-b10
0199e4fef5cc2bd234c65b93220459ef7a3bb3b1 jdk8-b11
hotspot/.hgtags
浏览文件 @ bbee31b3
......@@ -193,3 +193,5 @@ da883b9e6d3788057f9577e72712998ed82c9b7e hs23-b01
e4f412d2b75d2c797acff965aa2c420e3d358f09 hs23-b02
d815de2e85e511b7deab2a83cf80c0224d011da9 jdk8-b10
4d3850d9d326ac3a9bee2d867727e954322d014e hs23-b03
4538caeef7b6cbd4302bebced805d65e68ccf301 jdk8-b11
6534482ff68ad79066dfe15dfb6d8905f09681bd hs23-b04
hotspot/make/hotspot_version
浏览文件 @ bbee31b3
......@@ -35,7 +35,7 @@ HOTSPOT_VM_COPYRIGHT=Copyright 2011
HS_MAJOR_VER=23
HS_MINOR_VER=0
HS_BUILD_NUMBER=03
HS_BUILD_NUMBER=04
JDK_MAJOR_VER=1
JDK_MINOR_VER=8
......
hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/compactibleFreeListSpace.cpp
浏览文件 @ bbee31b3
......@@ -62,7 +62,7 @@ void CompactibleFreeListSpace::set_cms_values() {
MinChunkSize = numQuanta(sizeof(FreeChunk), MinObjAlignmentInBytes) * MinObjAlignment;
assert(IndexSetStart == 0 && IndexSetStride == 0, "already set");
IndexSetStart = MinObjAlignment;
IndexSetStart = (int) MinChunkSize;
IndexSetStride = MinObjAlignment;
}
......@@ -138,7 +138,7 @@ CompactibleFreeListSpace::CompactibleFreeListSpace(BlockOffsetSharedArray* bs,
} else {
_fitStrategy = FreeBlockStrategyNone;
}
checkFreeListConsistency();
check_free_list_consistency();
// Initialize locks for parallel case.
......@@ -1358,17 +1358,29 @@ FreeChunk* CompactibleFreeListSpace::getChunkFromGreater(size_t numWords) {
ShouldNotReachHere();
}
bool CompactibleFreeListSpace::verifyChunkInIndexedFreeLists(FreeChunk* fc)
const {
bool CompactibleFreeListSpace::verifyChunkInIndexedFreeLists(FreeChunk* fc) const {
assert(fc->size() < IndexSetSize, "Size of chunk is too large");
return _indexedFreeList[fc->size()].verifyChunkInFreeLists(fc);
}
bool CompactibleFreeListSpace::verify_chunk_is_linear_alloc_block(FreeChunk* fc) const {
assert((_smallLinearAllocBlock._ptr != (HeapWord*)fc) ||
(_smallLinearAllocBlock._word_size == fc->size()),
"Linear allocation block shows incorrect size");
return ((_smallLinearAllocBlock._ptr == (HeapWord*)fc) &&
(_smallLinearAllocBlock._word_size == fc->size()));
}
// Check if the purported free chunk is present either as a linear
// allocation block, the size-indexed table of (smaller) free blocks,
// or the larger free blocks kept in the binary tree dictionary.
bool CompactibleFreeListSpace::verifyChunkInFreeLists(FreeChunk* fc) const {
if (fc->size() >= IndexSetSize) {
return dictionary()->verifyChunkInFreeLists(fc);
} else {
if (verify_chunk_is_linear_alloc_block(fc)) {
return true;
} else if (fc->size() < IndexSetSize) {
return verifyChunkInIndexedFreeLists(fc);
} else {
return dictionary()->verifyChunkInFreeLists(fc);
}
}
......@@ -2495,7 +2507,8 @@ void CompactibleFreeListSpace::verifyIndexedFreeList(size_t size) const {
FreeChunk* tail = _indexedFreeList[size].tail();
size_t num = _indexedFreeList[size].count();
size_t n = 0;
guarantee((size % 2 == 0) || fc == NULL, "Odd slots should be empty");
guarantee(((size >= MinChunkSize) && (size % IndexSetStride == 0)) || fc == NULL,
"Slot should have been empty");
for (; fc != NULL; fc = fc->next(), n++) {
guarantee(fc->size() == size, "Size inconsistency");
guarantee(fc->isFree(), "!free?");
......@@ -2506,14 +2519,14 @@ void CompactibleFreeListSpace::verifyIndexedFreeList(size_t size) const {
}
#ifndef PRODUCT
void CompactibleFreeListSpace::checkFreeListConsistency() const {
void CompactibleFreeListSpace::check_free_list_consistency() const {
assert(_dictionary->minSize() <= IndexSetSize,
"Some sizes can't be allocated without recourse to"
" linear allocation buffers");
assert(MIN_TREE_CHUNK_SIZE*HeapWordSize == sizeof(TreeChunk),
"else MIN_TREE_CHUNK_SIZE is wrong");
assert((IndexSetStride == 2 && IndexSetStart == 2) ||
(IndexSetStride == 1 && IndexSetStart == 1), "just checking");
assert((IndexSetStride == 2 && IndexSetStart == 4) || // 32-bit
(IndexSetStride == 1 && IndexSetStart == 3), "just checking"); // 64-bit
assert((IndexSetStride != 2) || (MinChunkSize % 2 == 0),
"Some for-loops may be incorrectly initialized");
assert((IndexSetStride != 2) || (IndexSetSize % 2 == 1),
......@@ -2688,33 +2701,27 @@ void CFLS_LAB::compute_desired_plab_size() {
}
}
// If this is changed in the future to allow parallel
// access, one would need to take the FL locks and,
// depending on how it is used, stagger access from
// parallel threads to reduce contention.
void CFLS_LAB::retire(int tid) {
// We run this single threaded with the world stopped;
// so no need for locks and such.
#define CFLS_LAB_PARALLEL_ACCESS 0
NOT_PRODUCT(Thread* t = Thread::current();)
assert(Thread::current()->is_VM_thread(), "Error");
assert(CompactibleFreeListSpace::IndexSetStart == CompactibleFreeListSpace::IndexSetStride,
"Will access to uninitialized slot below");
#if CFLS_LAB_PARALLEL_ACCESS
for (size_t i = CompactibleFreeListSpace::IndexSetSize - 1;
i > 0;
i -= CompactibleFreeListSpace::IndexSetStride) {
#else // CFLS_LAB_PARALLEL_ACCESS
for (size_t i = CompactibleFreeListSpace::IndexSetStart;
i < CompactibleFreeListSpace::IndexSetSize;
i += CompactibleFreeListSpace::IndexSetStride) {
#endif // !CFLS_LAB_PARALLEL_ACCESS
assert(_num_blocks[i] >= (size_t)_indexedFreeList[i].count(),
"Can't retire more than what we obtained");
if (_num_blocks[i] > 0) {
size_t num_retire = _indexedFreeList[i].count();
assert(_num_blocks[i] > num_retire, "Should have used at least one");
{
#if CFLS_LAB_PARALLEL_ACCESS
MutexLockerEx x(_cfls->_indexedFreeListParLocks[i],
Mutex::_no_safepoint_check_flag);
#endif // CFLS_LAB_PARALLEL_ACCESS
// MutexLockerEx x(_cfls->_indexedFreeListParLocks[i],
// Mutex::_no_safepoint_check_flag);
// Update globals stats for num_blocks used
_global_num_blocks[i] += (_num_blocks[i] - num_retire);
_global_num_workers[i]++;
......
hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/compactibleFreeListSpace.hpp
浏览文件 @ bbee31b3
......@@ -502,10 +502,14 @@ class CompactibleFreeListSpace: public CompactibleSpace {
void verifyFreeLists() const PRODUCT_RETURN;
void verifyIndexedFreeLists() const;
void verifyIndexedFreeList(size_t size) const;
// verify that the given chunk is in the free lists.
// Verify that the given chunk is in the free lists:
// i.e. either the binary tree dictionary, the indexed free lists
// or the linear allocation block.
bool verifyChunkInFreeLists(FreeChunk* fc) const;
// Verify that the given chunk is the linear allocation block
bool verify_chunk_is_linear_alloc_block(FreeChunk* fc) const;
// Do some basic checks on the the free lists.
void checkFreeListConsistency() const PRODUCT_RETURN;
void check_free_list_consistency() const PRODUCT_RETURN;
// Printing support
void dump_at_safepoint_with_locks(CMSCollector* c, outputStream* st);
......
hotspot/src/share/vm/gc_implementation/g1/concurrentMarkThread.cpp
浏览文件 @ bbee31b3
......@@ -147,12 +147,8 @@ void ConcurrentMarkThread::run() {
}
}
} while (cm()->restart_for_overflow());
double counting_start_time = os::elapsedVTime();
// YSR: These look dubious (i.e. redundant) !!! FIX ME
slt()->manipulatePLL(SurrogateLockerThread::acquirePLL);
slt()->manipulatePLL(SurrogateLockerThread::releaseAndNotifyPLL);
double counting_start_time = os::elapsedVTime();
if (!cm()->has_aborted()) {
double count_start_sec = os::elapsedTime();
if (PrintGC) {
......@@ -175,6 +171,7 @@ void ConcurrentMarkThread::run() {
}
}
}
double end_time = os::elapsedVTime();
_vtime_count_accum += (end_time - counting_start_time);
// Update the total virtual time before doing this, since it will try
......@@ -335,13 +332,15 @@ void ConcurrentMarkThread::sleepBeforeNextCycle() {
clear_started();
}
// Note: this method, although exported by the ConcurrentMarkSweepThread,
// which is a non-JavaThread, can only be called by a JavaThread.
// Currently this is done at vm creation time (post-vm-init) by the
// main/Primordial (Java)Thread.
// XXX Consider changing this in the future to allow the CMS thread
// Note: As is the case with CMS - this method, although exported
// by the ConcurrentMarkThread, which is a non-JavaThread, can only
// be called by a JavaThread. Currently this is done at vm creation
// time (post-vm-init) by the main/Primordial (Java)Thread.
// XXX Consider changing this in the future to allow the CM thread
// itself to create this thread?
void ConcurrentMarkThread::makeSurrogateLockerThread(TRAPS) {
assert(UseG1GC, "SLT thread needed only for concurrent GC");
assert(THREAD->is_Java_thread(), "must be a Java thread");
assert(_slt == NULL, "SLT already created");
_slt = SurrogateLockerThread::make(THREAD);
}
hotspot/src/share/vm/gc_implementation/g1/g1CollectedHeap.cpp
浏览文件 @ bbee31b3
......@@ -5502,34 +5502,36 @@ void G1CollectedHeap::cleanUpCardTable() {
CardTableModRefBS* ct_bs = (CardTableModRefBS*) (barrier_set());
double start = os::elapsedTime();
// Iterate over the dirty cards region list.
G1ParCleanupCTTask cleanup_task(ct_bs, this);
{
// Iterate over the dirty cards region list.
G1ParCleanupCTTask cleanup_task(ct_bs, this);
if (ParallelGCThreads > 0) {
set_par_threads(workers()->total_workers());
workers()->run_task(&cleanup_task);
set_par_threads(0);
} else {
while (_dirty_cards_region_list) {
HeapRegion* r = _dirty_cards_region_list;
cleanup_task.clear_cards(r);
_dirty_cards_region_list = r->get_next_dirty_cards_region();
if (_dirty_cards_region_list == r) {
// The last region.
_dirty_cards_region_list = NULL;
if (ParallelGCThreads > 0) {
set_par_threads(workers()->total_workers());
workers()->run_task(&cleanup_task);
set_par_threads(0);
} else {
while (_dirty_cards_region_list) {
HeapRegion* r = _dirty_cards_region_list;
cleanup_task.clear_cards(r);
_dirty_cards_region_list = r->get_next_dirty_cards_region();
if (_dirty_cards_region_list == r) {
// The last region.
_dirty_cards_region_list = NULL;
}
r->set_next_dirty_cards_region(NULL);
}
r->set_next_dirty_cards_region(NULL);
}
#ifndef PRODUCT
if (G1VerifyCTCleanup || VerifyAfterGC) {
G1VerifyCardTableCleanup cleanup_verifier(this, ct_bs);
heap_region_iterate(&cleanup_verifier);
}
#endif
}
double elapsed = os::elapsedTime() - start;
g1_policy()->record_clear_ct_time(elapsed * 1000.0);
#ifndef PRODUCT
if (G1VerifyCTCleanup || VerifyAfterGC) {
G1VerifyCardTableCleanup cleanup_verifier(this, ct_bs);
heap_region_iterate(&cleanup_verifier);
}
#endif
}
void G1CollectedHeap::free_collection_set(HeapRegion* cs_head) {
......
hotspot/src/share/vm/gc_implementation/g1/g1CollectorPolicy.cpp
浏览文件 @ bbee31b3
......@@ -320,6 +320,7 @@ G1CollectorPolicy::G1CollectorPolicy() :
_par_last_termination_attempts = new double[_parallel_gc_threads];
_par_last_gc_worker_end_times_ms = new double[_parallel_gc_threads];
_par_last_gc_worker_times_ms = new double[_parallel_gc_threads];
_par_last_gc_worker_other_times_ms = new double[_parallel_gc_threads];
// start conservatively
_expensive_region_limit_ms = 0.5 * (double) MaxGCPauseMillis;
......@@ -497,7 +498,6 @@ void G1CollectorPolicy::init() {
initialize_gc_policy_counters();
G1YoungGenSizer sizer;
size_t initial_region_num = sizer.initial_young_region_num();
_min_desired_young_length = sizer.min_young_region_num();
_max_desired_young_length = sizer.max_young_region_num();
......@@ -511,17 +511,14 @@ void G1CollectorPolicy::init() {
}
}
// GenCollectorPolicy guarantees that min <= initial <= max.
// Asserting here just to state that we rely on this property.
assert(_min_desired_young_length <= _max_desired_young_length, "Invalid min/max young gen size values");
assert(initial_region_num <= _max_desired_young_length, "Initial young gen size too large");
assert(_min_desired_young_length <= initial_region_num, "Initial young gen size too small");
set_adaptive_young_list_length(_min_desired_young_length < _max_desired_young_length);
if (adaptive_young_list_length()) {
_young_list_fixed_length = 0;
} else {
_young_list_fixed_length = initial_region_num;
assert(_min_desired_young_length == _max_desired_young_length, "Min and max young size differ");
_young_list_fixed_length = _min_desired_young_length;
}
_free_regions_at_end_of_collection = _g1->free_regions();
update_young_list_target_length();
......@@ -976,6 +973,7 @@ void G1CollectorPolicy::record_collection_pause_start(double start_time_sec,
_par_last_termination_attempts[i] = -1234.0;
_par_last_gc_worker_end_times_ms[i] = -1234.0;
_par_last_gc_worker_times_ms[i] = -1234.0;
_par_last_gc_worker_other_times_ms[i] = -1234.0;
}
#endif
......@@ -984,8 +982,10 @@ void G1CollectorPolicy::record_collection_pause_start(double start_time_sec,
_cur_aux_times_set[i] = false;
}
_satb_drain_time_set = false;
_last_satb_drain_processed_buffers = -1;
// These are initialized to zero here and they are set during
// the evacuation pause if marking is in progress.
_cur_satb_drain_time_ms = 0.0;
_last_satb_drain_processed_buffers = 0;
_last_young_gc_full = false;
......@@ -1097,61 +1097,65 @@ void G1CollectorPolicy::print_par_sizes(int level,
(int)total, (int)avg, (int)min, (int)max, (int)max - (int)min);
}
void G1CollectorPolicy::print_stats (int level,
const char* str,
double value) {
void G1CollectorPolicy::print_stats(int level,
const char* str,
double value) {
LineBuffer(level).append_and_print_cr("[%s: %5.1lf ms]", str, value);
}
void G1CollectorPolicy::print_stats (int level,
const char* str,
int value) {
void G1CollectorPolicy::print_stats(int level,
const char* str,
int value) {
LineBuffer(level).append_and_print_cr("[%s: %d]", str, value);
}
double G1CollectorPolicy::avg_value (double* data) {
double G1CollectorPolicy::avg_value(double* data) {
if (G1CollectedHeap::use_parallel_gc_threads()) {
double ret = 0.0;
for (uint i = 0; i < ParallelGCThreads; ++i)
for (uint i = 0; i < ParallelGCThreads; ++i) {
ret += data[i];
}
return ret / (double) ParallelGCThreads;
} else {
return data[0];
}
}
double G1CollectorPolicy::max_value (double* data) {
double G1CollectorPolicy::max_value(double* data) {
if (G1CollectedHeap::use_parallel_gc_threads()) {
double ret = data[0];
for (uint i = 1; i < ParallelGCThreads; ++i)
if (data[i] > ret)
for (uint i = 1; i < ParallelGCThreads; ++i) {
if (data[i] > ret) {
ret = data[i];
}
}
return ret;
} else {
return data[0];
}
}
double G1CollectorPolicy::sum_of_values (double* data) {
double G1CollectorPolicy::sum_of_values(double* data) {
if (G1CollectedHeap::use_parallel_gc_threads()) {
double sum = 0.0;
for (uint i = 0; i < ParallelGCThreads; i++)
for (uint i = 0; i < ParallelGCThreads; i++) {
sum += data[i];
}
return sum;
} else {
return data[0];
}
}
double G1CollectorPolicy::max_sum (double* data1,
double* data2) {
double G1CollectorPolicy::max_sum(double* data1, double* data2) {
double ret = data1[0] + data2[0];
if (G1CollectedHeap::use_parallel_gc_threads()) {
for (uint i = 1; i < ParallelGCThreads; ++i) {
double data = data1[i] + data2[i];
if (data > ret)
if (data > ret) {
ret = data;
}
}
}
return ret;
......@@ -1251,6 +1255,10 @@ void G1CollectorPolicy::record_collection_pause_end() {
_n_pauses++;
// These values are used to update the summary information that is
// displayed when TraceGen0Time is enabled, and are output as part
// of the PrintGCDetails output, in the non-parallel case.
double ext_root_scan_time = avg_value(_par_last_ext_root_scan_times_ms);
double mark_stack_scan_time = avg_value(_par_last_mark_stack_scan_times_ms);
double update_rs_time = avg_value(_par_last_update_rs_times_ms);
......@@ -1260,42 +1268,68 @@ void G1CollectorPolicy::record_collection_pause_end() {
double obj_copy_time = avg_value(_par_last_obj_copy_times_ms);
double termination_time = avg_value(_par_last_termination_times_ms);
double parallel_known_time = update_rs_time +
ext_root_scan_time +
mark_stack_scan_time +
scan_rs_time +
obj_copy_time +
termination_time;
double known_time = ext_root_scan_time +
mark_stack_scan_time +
update_rs_time +
scan_rs_time +
obj_copy_time;
double other_time_ms = elapsed_ms;
// Subtract the SATB drain time. It's initialized to zero at the
// start of the pause and is updated during the pause if marking
// is in progress.
other_time_ms -= _cur_satb_drain_time_ms;
if (parallel) {
other_time_ms -= _cur_collection_par_time_ms;
} else {
other_time_ms -= known_time;
}
double parallel_other_time = _cur_collection_par_time_ms - parallel_known_time;
// Subtract the time taken to clean the card table from the
// current value of "other time"
other_time_ms -= _cur_clear_ct_time_ms;
PauseSummary* summary = _summary;
// TraceGen0Time and TraceGen1Time summary info updating.
_all_pause_times_ms->add(elapsed_ms);
if (update_stats) {
_recent_rs_scan_times_ms->add(scan_rs_time);
_recent_pause_times_ms->add(elapsed_ms);
_recent_rs_sizes->add(rs_size);
MainBodySummary* body_summary = summary->main_body_summary();
guarantee(body_summary != NULL, "should not be null!");
_summary->record_total_time_ms(elapsed_ms);
_summary->record_other_time_ms(other_time_ms);
MainBodySummary* body_summary = _summary->main_body_summary();
assert(body_summary != NULL, "should not be null!");
if (_satb_drain_time_set)
body_summary->record_satb_drain_time_ms(_cur_satb_drain_time_ms);
else
body_summary->record_satb_drain_time_ms(0.0);
// This will be non-zero iff marking is currently in progress (i.e.
// _g1->mark_in_progress() == true) and the currrent pause was not
// an initial mark pause. Since the body_summary items are NumberSeqs,
// however, they have to be consistent and updated in lock-step with
// each other. Therefore we unconditionally record the SATB drain
// time - even if it's zero.
body_summary->record_satb_drain_time_ms(_cur_satb_drain_time_ms);
body_summary->record_ext_root_scan_time_ms(ext_root_scan_time);
body_summary->record_mark_stack_scan_time_ms(mark_stack_scan_time);
body_summary->record_update_rs_time_ms(update_rs_time);
body_summary->record_scan_rs_time_ms(scan_rs_time);
body_summary->record_obj_copy_time_ms(obj_copy_time);
if (parallel) {
body_summary->record_parallel_time_ms(_cur_collection_par_time_ms);
body_summary->record_clear_ct_time_ms(_cur_clear_ct_time_ms);
body_summary->record_termination_time_ms(termination_time);
double parallel_known_time = known_time + termination_time;
double parallel_other_time = _cur_collection_par_time_ms - parallel_known_time;
body_summary->record_parallel_other_time_ms(parallel_other_time);
}
body_summary->record_mark_closure_time_ms(_mark_closure_time_ms);
body_summary->record_clear_ct_time_ms(_cur_clear_ct_time_ms);
// We exempt parallel collection from this check because Alloc Buffer
// fragmentation can produce negative collections. Same with evac
......@@ -1307,6 +1341,7 @@ void G1CollectorPolicy::record_collection_pause_end() {
|| _g1->evacuation_failed()
|| surviving_bytes <= _collection_set_bytes_used_before,
"Or else negative collection!");
_recent_CS_bytes_used_before->add(_collection_set_bytes_used_before);
_recent_CS_bytes_surviving->add(surviving_bytes);
......@@ -1357,6 +1392,13 @@ void G1CollectorPolicy::record_collection_pause_end() {
}
}
for (int i = 0; i < _aux_num; ++i) {
if (_cur_aux_times_set[i]) {
_all_aux_times_ms[i].add(_cur_aux_times_ms[i]);
}
}
if (G1PolicyVerbose > 1) {
gclog_or_tty->print_cr(" Recording collection pause(%d)", _n_pauses);
}
......@@ -1383,61 +1425,60 @@ void G1CollectorPolicy::record_collection_pause_end() {
recent_avg_pause_time_ratio() * 100.0);
}
double other_time_ms = elapsed_ms;
if (_satb_drain_time_set) {
other_time_ms -= _cur_satb_drain_time_ms;
}
if (parallel) {
other_time_ms -= _cur_collection_par_time_ms + _cur_clear_ct_time_ms;
} else {
other_time_ms -=
update_rs_time +
ext_root_scan_time + mark_stack_scan_time +
scan_rs_time + obj_copy_time;
}
// PrintGCDetails output
if (PrintGCDetails) {
bool print_marking_info =
_g1->mark_in_progress() && !last_pause_included_initial_mark;
gclog_or_tty->print_cr("%s, %1.8lf secs]",
(last_pause_included_initial_mark) ? " (initial-mark)" : "",
elapsed_ms / 1000.0);
if (_satb_drain_time_set) {
if (print_marking_info) {
print_stats(1, "SATB Drain Time", _cur_satb_drain_time_ms);
}
if (_last_satb_drain_processed_buffers >= 0) {
print_stats(2, "Processed Buffers", _last_satb_drain_processed_buffers);
}
if (parallel) {
print_stats(1, "Parallel Time", _cur_collection_par_time_ms);
print_par_stats(2, "GC Worker Start Time", _par_last_gc_worker_start_times_ms);
print_par_stats(2, "GC Worker Start", _par_last_gc_worker_start_times_ms);
print_par_stats(2, "Ext Root Scanning", _par_last_ext_root_scan_times_ms);
if (print_marking_info) {
print_par_stats(2, "Mark Stack Scanning", _par_last_mark_stack_scan_times_ms);
}
print_par_stats(2, "Update RS", _par_last_update_rs_times_ms);
print_par_sizes(3, "Processed Buffers", _par_last_update_rs_processed_buffers);
print_par_stats(2, "Ext Root Scanning", _par_last_ext_root_scan_times_ms);
print_par_stats(2, "Mark Stack Scanning", _par_last_mark_stack_scan_times_ms);
print_par_stats(2, "Scan RS", _par_last_scan_rs_times_ms);
print_par_stats(2, "Object Copy", _par_last_obj_copy_times_ms);
print_par_stats(2, "Termination", _par_last_termination_times_ms);
print_par_sizes(3, "Termination Attempts", _par_last_termination_attempts);
print_par_stats(2, "GC Worker End Time", _par_last_gc_worker_end_times_ms);
print_par_stats(2, "GC Worker End", _par_last_gc_worker_end_times_ms);
for (int i = 0; i < _parallel_gc_threads; i++) {
_par_last_gc_worker_times_ms[i] = _par_last_gc_worker_end_times_ms[i] - _par_last_gc_worker_start_times_ms[i];
}
print_par_stats(2, "GC Worker Times", _par_last_gc_worker_times_ms);
print_stats(2, "Parallel Other", parallel_other_time);
print_stats(1, "Clear CT", _cur_clear_ct_time_ms);
double worker_known_time = _par_last_ext_root_scan_times_ms[i] +
_par_last_mark_stack_scan_times_ms[i] +
_par_last_update_rs_times_ms[i] +
_par_last_scan_rs_times_ms[i] +
_par_last_obj_copy_times_ms[i] +
_par_last_termination_times_ms[i];
_par_last_gc_worker_other_times_ms[i] = _cur_collection_par_time_ms - worker_known_time;
}
print_par_stats(2, "GC Worker", _par_last_gc_worker_times_ms);
print_par_stats(2, "GC Worker Other", _par_last_gc_worker_other_times_ms);
} else {
print_stats(1, "Update RS", update_rs_time);
print_stats(2, "Processed Buffers",
(int)update_rs_processed_buffers);
print_stats(1, "Ext Root Scanning", ext_root_scan_time);
print_stats(1, "Mark Stack Scanning", mark_stack_scan_time);
if (print_marking_info) {
print_stats(1, "Mark Stack Scanning", mark_stack_scan_time);
}
print_stats(1, "Update RS", update_rs_time);
print_stats(2, "Processed Buffers", (int)update_rs_processed_buffers);
print_stats(1, "Scan RS", scan_rs_time);
print_stats(1, "Object Copying", obj_copy_time);
}
print_stats(1, "Clear CT", _cur_clear_ct_time_ms);
#ifndef PRODUCT
print_stats(1, "Cur Clear CC", _cur_clear_cc_time_ms);
print_stats(1, "Cum Clear CC", _cum_clear_cc_time_ms);
......@@ -1461,16 +1502,6 @@ void G1CollectorPolicy::record_collection_pause_end() {
}
}
_all_pause_times_ms->add(elapsed_ms);
if (update_stats) {
summary->record_total_time_ms(elapsed_ms);
summary->record_other_time_ms(other_time_ms);
}
for (int i = 0; i < _aux_num; ++i)
if (_cur_aux_times_set[i]) {
_all_aux_times_ms[i].add(_cur_aux_times_ms[i]);
}
// Update the efficiency-since-mark vars.
double proc_ms = elapsed_ms * (double) _parallel_gc_threads;
if (elapsed_ms < MIN_TIMER_GRANULARITY) {
......@@ -2138,17 +2169,17 @@ void G1CollectorPolicy::count_CS_bytes_used() {
_g1->collection_set_iterate(&cs_closure);
}
void G1CollectorPolicy::print_summary (int level,
const char* str,
NumberSeq* seq) const {
void G1CollectorPolicy::print_summary(int level,
const char* str,
NumberSeq* seq) const {
double sum = seq->sum();
LineBuffer(level + 1).append_and_print_cr("%-24s = %8.2lf s (avg = %8.2lf ms)",
str, sum / 1000.0, seq->avg());
}
void G1CollectorPolicy::print_summary_sd (int level,
const char* str,
NumberSeq* seq) const {
void G1CollectorPolicy::print_summary_sd(int level,
const char* str,
NumberSeq* seq) const {
print_summary(level, str, seq);
LineBuffer(level + 6).append_and_print_cr("(num = %5d, std dev = %8.2lf ms, max = %8.2lf ms)",
seq->num(), seq->sd(), seq->maximum());
......@@ -2211,20 +2242,18 @@ void G1CollectorPolicy::print_summary(PauseSummary* summary) const {
print_summary(1, "SATB Drain", body_summary->get_satb_drain_seq());
if (parallel) {
print_summary(1, "Parallel Time", body_summary->get_parallel_seq());
print_summary(2, "Ext Root Scanning", body_summary->get_ext_root_scan_seq());
print_summary(2, "Mark Stack Scanning", body_summary->get_mark_stack_scan_seq());
print_summary(2, "Update RS", body_summary->get_update_rs_seq());
print_summary(2, "Ext Root Scanning",
body_summary->get_ext_root_scan_seq());
print_summary(2, "Mark Stack Scanning",
body_summary->get_mark_stack_scan_seq());
print_summary(2, "Scan RS", body_summary->get_scan_rs_seq());
print_summary(2, "Object Copy", body_summary->get_obj_copy_seq());
print_summary(2, "Termination", body_summary->get_termination_seq());
print_summary(2, "Other", body_summary->get_parallel_other_seq());
print_summary(2, "Parallel Other", body_summary->get_parallel_other_seq());
{
NumberSeq* other_parts[] = {
body_summary->get_update_rs_seq(),
body_summary->get_ext_root_scan_seq(),
body_summary->get_mark_stack_scan_seq(),
body_summary->get_update_rs_seq(),
body_summary->get_scan_rs_seq(),
body_summary->get_obj_copy_seq(),
body_summary->get_termination_seq()
......@@ -2234,18 +2263,16 @@ void G1CollectorPolicy::print_summary(PauseSummary* summary) const {
check_other_times(2, body_summary->get_parallel_other_seq(),
&calc_other_times_ms);
}
print_summary(1, "Mark Closure", body_summary->get_mark_closure_seq());
print_summary(1, "Clear CT", body_summary->get_clear_ct_seq());
} else {
print_summary(1, "Ext Root Scanning", body_summary->get_ext_root_scan_seq());
print_summary(1, "Mark Stack Scanning", body_summary->get_mark_stack_scan_seq());
print_summary(1, "Update RS", body_summary->get_update_rs_seq());
print_summary(1, "Ext Root Scanning",
body_summary->get_ext_root_scan_seq());
print_summary(1, "Mark Stack Scanning",
body_summary->get_mark_stack_scan_seq());
print_summary(1, "Scan RS", body_summary->get_scan_rs_seq());
print_summary(1, "Object Copy", body_summary->get_obj_copy_seq());
}
}
print_summary(1, "Mark Closure", body_summary->get_mark_closure_seq());
print_summary(1, "Clear CT", body_summary->get_clear_ct_seq());
print_summary(1, "Other", summary->get_other_seq());
{
if (body_summary != NULL) {
......
hotspot/src/share/vm/gc_implementation/g1/g1CollectorPolicy.hpp
浏览文件 @ bbee31b3
......@@ -74,7 +74,7 @@ class MainBodySummary: public CHeapObj {
define_num_seq(termination) // parallel only
define_num_seq(parallel_other) // parallel only
define_num_seq(mark_closure)
define_num_seq(clear_ct) // parallel only
define_num_seq(clear_ct)
};
class Summary: public PauseSummary,
......@@ -115,7 +115,6 @@ private:
double _cur_collection_par_time_ms;
double _cur_satb_drain_time_ms;
double _cur_clear_ct_time_ms;
bool _satb_drain_time_set;
double _cur_ref_proc_time_ms;
double _cur_ref_enq_time_ms;
......@@ -176,6 +175,11 @@ private:
double* _par_last_gc_worker_end_times_ms;
double* _par_last_gc_worker_times_ms;
// Each workers 'other' time i.e. the elapsed time of the parallel
// phase of the pause minus the sum of the individual sub-phase
// times for a given worker thread.
double* _par_last_gc_worker_other_times_ms;
// indicates whether we are in full young or partially young GC mode
bool _full_young_gcs;
......@@ -892,11 +896,12 @@ public:
}
void record_satb_drain_time(double ms) {
assert(_g1->mark_in_progress(), "shouldn't be here otherwise");
_cur_satb_drain_time_ms = ms;
_satb_drain_time_set = true;
}
void record_satb_drain_processed_buffers (int processed_buffers) {
void record_satb_drain_processed_buffers(int processed_buffers) {
assert(_g1->mark_in_progress(), "shouldn't be here otherwise");
_last_satb_drain_processed_buffers = processed_buffers;
}
......
hotspot/src/share/vm/gc_implementation/g1/g1RemSet.cpp
浏览文件 @ bbee31b3
......@@ -122,10 +122,10 @@ public:
void set_try_claimed() { _try_claimed = true; }
void scanCard(size_t index, HeapRegion *r) {
DirtyCardToOopClosure* cl =
r->new_dcto_closure(_oc,
CardTableModRefBS::Precise,
HeapRegionDCTOC::IntoCSFilterKind);
// Stack allocate the DirtyCardToOopClosure instance
HeapRegionDCTOC cl(_g1h, r, _oc,
CardTableModRefBS::Precise,
HeapRegionDCTOC::IntoCSFilterKind);
// Set the "from" region in the closure.
_oc->set_region(r);
......@@ -140,7 +140,7 @@ public:
// scans (the rsets of the regions in the cset can intersect).
_ct_bs->set_card_claimed(index);
_cards_done++;
cl->do_MemRegion(mr);
cl.do_MemRegion(mr);
}
}
......
hotspot/src/share/vm/gc_implementation/g1/heapRegion.cpp
浏览文件 @ bbee31b3
......@@ -340,14 +340,6 @@ void HeapRegion::reset_after_compaction() {
init_top_at_mark_start();
}
DirtyCardToOopClosure*
HeapRegion::new_dcto_closure(OopClosure* cl,
CardTableModRefBS::PrecisionStyle precision,
HeapRegionDCTOC::FilterKind fk) {
return new HeapRegionDCTOC(G1CollectedHeap::heap(),
this, cl, precision, fk);
}
void HeapRegion::hr_clear(bool par, bool clear_space) {
assert(_humongous_type == NotHumongous,
"we should have already filtered out humongous regions");
......
hotspot/src/share/vm/gc_implementation/g1/heapRegion.hpp
浏览文件 @ bbee31b3
......@@ -431,6 +431,14 @@ class HeapRegion: public G1OffsetTableContigSpace {
return _humongous_start_region;
}
// Same as Space::is_in_reserved, but will use the original size of the region.
// The original size is different only for start humongous regions. They get
// their _end set up to be the end of the last continues region of the
// corresponding humongous object.
bool is_in_reserved_raw(const void* p) const {
return _bottom <= p && p < _orig_end;
}
// Makes the current region be a "starts humongous" region, i.e.,
// the first region in a series of one or more contiguous regions
// that will contain a single "humongous" object. The two parameters
......@@ -569,11 +577,6 @@ class HeapRegion: public G1OffsetTableContigSpace {
// allocated in the current region before the last call to "save_mark".
void oop_before_save_marks_iterate(OopClosure* cl);
DirtyCardToOopClosure*
new_dcto_closure(OopClosure* cl,
CardTableModRefBS::PrecisionStyle precision,
HeapRegionDCTOC::FilterKind fk);
// Note the start or end of marking. This tells the heap region
// that the collector is about to start or has finished (concurrently)
// marking the heap.
......
hotspot/src/share/vm/gc_implementation/g1/heapRegionRemSet.cpp
浏览文件 @ bbee31b3
......@@ -143,7 +143,11 @@ protected:
// If the test below fails, then this table was reused concurrently
// with this operation. This is OK, since the old table was coarsened,
// and adding a bit to the new table is never incorrect.
if (loc_hr->is_in_reserved(from)) {
// If the table used to belong to a continues humongous region and is
// now reused for the corresponding start humongous region, we need to
// make sure that we detect this. Thus, we call is_in_reserved_raw()
// instead of just is_in_reserved() here.
if (loc_hr->is_in_reserved_raw(from)) {
size_t hw_offset = pointer_delta((HeapWord*)from, loc_hr->bottom());
CardIdx_t from_card = (CardIdx_t)
hw_offset >> (CardTableModRefBS::card_shift - LogHeapWordSize);
......
hotspot/src/share/vm/gc_implementation/g1/vm_operations_g1.cpp
浏览文件 @ bbee31b3
......@@ -23,6 +23,7 @@
*/
#include "precompiled.hpp"
#include "gc_implementation/g1/concurrentMarkThread.inline.hpp"
#include "gc_implementation/g1/g1CollectedHeap.inline.hpp"
#include "gc_implementation/g1/g1CollectorPolicy.hpp"
#include "gc_implementation/g1/vm_operations_g1.hpp"
......@@ -165,6 +166,20 @@ void VM_G1IncCollectionPause::doit_epilogue() {
}
}
void VM_CGC_Operation::acquire_pending_list_lock() {
// The caller may block while communicating
// with the SLT thread in order to acquire/release the PLL.
ConcurrentMarkThread::slt()->
manipulatePLL(SurrogateLockerThread::acquirePLL);
}
void VM_CGC_Operation::release_and_notify_pending_list_lock() {
// The caller may block while communicating
// with the SLT thread in order to acquire/release the PLL.
ConcurrentMarkThread::slt()->
manipulatePLL(SurrogateLockerThread::releaseAndNotifyPLL);
}
void VM_CGC_Operation::doit() {
gclog_or_tty->date_stamp(PrintGC && PrintGCDateStamps);
TraceCPUTime tcpu(PrintGCDetails, true, gclog_or_tty);
......@@ -180,12 +195,19 @@ void VM_CGC_Operation::doit() {
}
bool VM_CGC_Operation::doit_prologue() {
// Note the relative order of the locks must match that in
// VM_GC_Operation::doit_prologue() or deadlocks can occur
acquire_pending_list_lock();
Heap_lock->lock();
SharedHeap::heap()->_thread_holds_heap_lock_for_gc = true;
return true;
}
void VM_CGC_Operation::doit_epilogue() {
// Note the relative order of the unlocks must match that in
// VM_GC_Operation::doit_epilogue()
SharedHeap::heap()->_thread_holds_heap_lock_for_gc = false;
Heap_lock->unlock();
release_and_notify_pending_list_lock();
}
hotspot/src/share/vm/gc_implementation/g1/vm_operations_g1.hpp
浏览文件 @ bbee31b3
......@@ -93,11 +93,17 @@ public:
}
};
// Concurrent GC stop-the-world operations such as initial and final mark;
// Concurrent GC stop-the-world operations such as remark and cleanup;
// consider sharing these with CMS's counterparts.
class VM_CGC_Operation: public VM_Operation {
VoidClosure* _cl;
const char* _printGCMessage;
protected:
// java.lang.ref.Reference support
void acquire_pending_list_lock();
void release_and_notify_pending_list_lock();
public:
VM_CGC_Operation(VoidClosure* cl, const char *printGCMsg)
: _cl(cl), _printGCMessage(printGCMsg) { }
......
hotspot/src/share/vm/gc_implementation/shared/concurrentGCThread.cpp
浏览文件 @ bbee31b3
......@@ -224,6 +224,8 @@ void SurrogateLockerThread::manipulatePLL(SLT_msg_type msg) {
MutexLockerEx x(&_monitor, Mutex::_no_safepoint_check_flag);
assert(_buffer == empty, "Should be empty");
assert(msg != empty, "empty message");
assert(!Heap_lock->owned_by_self(), "Heap_lock owned by requesting thread");
_buffer = msg;
while (_buffer != empty) {
_monitor.notify();
......
jdk/.hgtags
浏览文件 @ bbee31b3
......@@ -132,3 +132,4 @@ bdb870cc269ef8b221d17a217be89092400b59d2 jdk8-b06
1c023bcd0c5a01ac07bc7eea728aafbb0d8991e9 jdk8-b08
f1ec21b8142168ff40f3278d2f6b5fe4bd5f3b26 jdk8-b09
4788745572ef2bde34924ef34e7e4d55ba07e979 jdk8-b10
7ab0d613cd1a271a9763ffb894dc1f0a5b95a7e4 jdk8-b11
jdk/make/com/sun/security/auth/module/Makefile
浏览文件 @ bbee31b3
......@@ -78,7 +78,3 @@ endif # linux
#
include $(BUILDDIR)/common/Library.gmk
#
# JVMDI implementation lives in the VM.
#
OTHER_LDLIBS = $(JVMLIB)
jdk/make/common/Defs.gmk
浏览文件 @ bbee31b3
......@@ -220,14 +220,30 @@ JDK_LOCALES = ja zh_CN
JRE_NONEXIST_LOCALES = en en_US de_DE es_ES fr_FR it_IT ja_JP ko_KR sv_SE zh
#
# All libraries except libjava and libjvm itself link against libjvm and
# libjava, the latter for its exported common utilities. libjava only links
# against libjvm. Programs' makefiles take their own responsibility for
# For now, most libraries except libjava and libjvm itself link against libjvm
# and libjava, the latter for its exported common utilities. libjava only
# links against libjvm. Programs' makefiles take their own responsibility for
# adding other libs.
#
# The makefiles for these packages do not link against libjvm and libjava.
# This list will eventually go away and each Programs' makefiles
# will have to explicitly declare that they want to link to libjava/libjvm
#
NO_JAVALIB_PKGS = \
sun.security.mscapi \
sun.security.krb5 \
sun.security.pkcs11 \
sun.security.jgss \
sun.security.jgss.wrapper \
sun.security.ec \
sun.security.smartcardio \
com.sun.security.auth.module
ifdef PACKAGE
# put JAVALIB first, but do not lose any platform specific values....
LDLIBS_COMMON = $(JAVALIB)
ifeq (,$(findstring $(PACKAGE),$(NO_JAVALIB_PKGS)))
LDLIBS_COMMON = $(JAVALIB)
endif
endif # PACKAGE
#
......
jdk/make/common/Library.gmk
浏览文件 @ bbee31b3
......@@ -165,7 +165,7 @@ $(ACTUAL_LIBRARY):: $(OBJDIR)/$(LIBRARY).lcf
$(LINK) -dll -out:$(OBJDIR)/$(@F) \
-map:$(OBJDIR)/$(LIBRARY).map \
$(LFLAGS) @$(OBJDIR)/$(LIBRARY).lcf \
$(OTHER_LCF) $(JAVALIB) $(LDLIBS)
$(OTHER_LCF) $(LDLIBS)
$(CP) $(OBJDIR)/$(@F) $@
@$(call binary_file_verification,$@)
$(CP) $(OBJDIR)/$(LIBRARY).map $(@D)
......
jdk/make/java/java/mapfile-vers
浏览文件 @ bbee31b3
......@@ -90,7 +90,6 @@ SUNWprivate_1.1 {
Java_java_io_FileSystem_getFileSystem;
Java_java_io_ObjectInputStream_bytesToDoubles;
Java_java_io_ObjectInputStream_bytesToFloats;
Java_java_io_ObjectInputStream_latestUserDefinedLoader;
Java_java_io_ObjectOutputStream_doublesToBytes;
Java_java_io_ObjectOutputStream_floatsToBytes;
Java_java_io_ObjectStreamClass_hasStaticInitializer;
......@@ -275,6 +274,7 @@ SUNWprivate_1.1 {
Java_sun_misc_Version_getJvmVersionInfo;
Java_sun_misc_Version_getJvmSpecialVersion;
Java_sun_misc_VM_getThreadStateValues;
Java_sun_misc_VM_latestUserDefinedLoader;
Java_sun_misc_VM_initialize;
Java_sun_misc_VMSupport_initAgentProperties;
......
jdk/make/sun/javazic/tzdata/VERSION
浏览文件 @ bbee31b3
......@@ -21,4 +21,4 @@
# or visit www.oracle.com if you need additional information or have any
# questions.
#
tzdata2011j
tzdata2011l
jdk/make/sun/javazic/tzdata/asia
浏览文件 @ bbee31b3
......@@ -2216,7 +2216,47 @@ Zone Asia/Karachi 4:28:12 - LMT 1907
# http://www.timeanddate.com/news/time/westbank-gaza-end-dst-2010.html
# </a>
# From Steffen Thorsen (2011-08-26):
# Gaza and the West Bank did go back to standard time in the beginning of
# August, and will now enter daylight saving time again on 2011-08-30
# 00:00 (so two periods of DST in 2011). The pause was because of
# Ramadan.
#
# <a href="http://www.maannews.net/eng/ViewDetails.aspx?ID=416217">
# http://www.maannews.net/eng/ViewDetails.aspx?ID=416217
# </a>
# Additional info:
# <a href="http://www.timeanddate.com/news/time/palestine-dst-2011.html">
# http://www.timeanddate.com/news/time/palestine-dst-2011.html
# </a>
# From Alexander Krivenyshev (2011-08-27):
# According to the article in The Jerusalem Post:
# "...Earlier this month, the Palestinian government in the West Bank decided to
# move to standard time for 30 days, during Ramadan. The Palestinians in the
# Gaza Strip accepted the change and also moved their clocks one hour back.
# The Hamas government said on Saturday that it won't observe summertime after
# the Muslim feast of Id al-Fitr, which begins on Tuesday..."
# ...
# <a href="http://www.jpost.com/MiddleEast/Article.aspx?id=235650">
# http://www.jpost.com/MiddleEast/Article.aspx?id=235650
# </a>
# or
# <a href="http://www.worldtimezone.com/dst_news/dst_news_gazastrip05.html">
# http://www.worldtimezone.com/dst_news/dst_news_gazastrip05.html
# </a>
# The rules for Egypt are stolen from the `africa' file.
# From Steffen Thorsen (2011-09-30):
# West Bank did end Daylight Saving Time this morning/midnight (2011-09-30
# 00:00).
# So West Bank and Gaza now have the same time again.
#
# Many sources, including:
# <a href="http://www.maannews.net/eng/ViewDetails.aspx?ID=424808">
# http://www.maannews.net/eng/ViewDetails.aspx?ID=424808
# </a>
# Rule NAME FROM TO TYPE IN ON AT SAVE LETTER/S
Rule EgyptAsia 1957 only - May 10 0:00 1:00 S
Rule EgyptAsia 1957 1958 - Oct 1 0:00 0 -
......@@ -2232,19 +2272,37 @@ Rule Palestine 2005 only - Oct 4 2:00 0 -
Rule Palestine 2006 2008 - Apr 1 0:00 1:00 S
Rule Palestine 2006 only - Sep 22 0:00 0 -
Rule Palestine 2007 only - Sep Thu>=8 2:00 0 -
Rule Palestine 2008 only - Aug lastFri 2:00 0 -
Rule Palestine 2008 only - Aug lastFri 0:00 0 -
Rule Palestine 2009 only - Mar lastFri 0:00 1:00 S
Rule Palestine 2010 max - Mar lastSat 0:01 1:00 S
Rule Palestine 2009 max - Sep Fri>=1 2:00 0 -
Rule Palestine 2009 only - Sep Fri>=1 2:00 0 -
Rule Palestine 2010 only - Mar lastSat 0:01 1:00 S
Rule Palestine 2010 only - Aug 11 0:00 0 -
# From Arthur David Olson (2011-09-20):
# 2011 transitions per http://www.timeanddate.com as of 2011-09-20.
# Zone NAME GMTOFF RULES FORMAT [UNTIL]
Zone Asia/Gaza 2:17:52 - LMT 1900 Oct
2:00 Zion EET 1948 May 15
2:00 EgyptAsia EE%sT 1967 Jun 5
2:00 Zion I%sT 1996
2:00 Jordan EE%sT 1999
2:00 Palestine EE%sT
2:00 Palestine EE%sT 2011 Apr 2 12:01
2:00 1:00 EEST 2011 Aug 1
2:00 - EET
Zone Asia/Hebron 2:20:23 - LMT 1900 Oct
2:00 Zion EET 1948 May 15
2:00 EgyptAsia EE%sT 1967 Jun 5
2:00 Zion I%sT 1996
2:00 Jordan EE%sT 1999
2:00 Palestine EE%sT 2008 Aug
2:00 1:00 EEST 2008 Sep
2:00 Palestine EE%sT 2011 Apr 1 12:01
2:00 1:00 EEST 2011 Aug 1
2:00 - EET 2011 Aug 30
2:00 1:00 EEST 2011 Sep 30 3:00
2:00 - EET
# Paracel Is
# no information
......
jdk/make/sun/javazic/tzdata/australasia
浏览文件 @ bbee31b3
......@@ -318,6 +318,18 @@ Zone Indian/Cocos 6:27:40 - LMT 1900
# http://www.worldtimezone.com/dst_news/dst_news_fiji04.html
# </a>
# From Steffen Thorsen (2011-10-03):
# Now the dates have been confirmed, and at least our start date
# assumption was correct (end date was one week wrong).
#
# <a href="http://www.fiji.gov.fj/index.php?option=com_content&view=article&id=4966:daylight-saving-starts-in-fiji&catid=71:press-releases&Itemid=155">
# www.fiji.gov.fj/index.php?option=com_content&view=article&id=4966:daylight-saving-starts-in-fiji&catid=71:press-releases&Itemid=155
# </a>
# which says
# Members of the public are reminded to change their time to one hour in
# advance at 2am to 3am on October 23, 2011 and one hour back at 3am to
# 2am on February 26 next year.
# Rule NAME FROM TO TYPE IN ON AT SAVE LETTER/S
Rule Fiji 1998 1999 - Nov Sun>=1 2:00 1:00 S
Rule Fiji 1999 2000 - Feb lastSun 3:00 0 -
......@@ -325,6 +337,8 @@ Rule Fiji 2009 only - Nov 29 2:00 1:00 S
Rule Fiji 2010 only - Mar lastSun 3:00 0 -
Rule Fiji 2010 only - Oct 24 2:00 1:00 S
Rule Fiji 2011 only - Mar Sun>=1 3:00 0 -
Rule Fiji 2011 only - Oct 23 2:00 1:00 S
Rule Fiji 2012 only - Feb 26 3:00 0 -
# Zone NAME GMTOFF RULES FORMAT [UNTIL]
Zone Pacific/Fiji 11:53:40 - LMT 1915 Oct 26 # Suva
12:00 Fiji FJ%sT # Fiji Time
......
jdk/make/sun/javazic/tzdata/europe
浏览文件 @ bbee31b3
......@@ -583,9 +583,9 @@ Rule Russia 1985 1991 - Mar lastSun 2:00s 1:00 S
#
Rule Russia 1992 only - Mar lastSat 23:00 1:00 S
Rule Russia 1992 only - Sep lastSat 23:00 0 -
Rule Russia 1993 max - Mar lastSun 2:00s 1:00 S
Rule Russia 1993 2010 - Mar lastSun 2:00s 1:00 S
Rule Russia 1993 1995 - Sep lastSun 2:00s 0 -
Rule Russia 1996 max - Oct lastSun 2:00s 0 -
Rule Russia 1996 2010 - Oct lastSun 2:00s 0 -
# From Alexander Krivenyshev (2011-06-14):
# According to Kremlin press service, Russian President Dmitry Medvedev
......@@ -605,7 +605,6 @@ Rule Russia 1996 max - Oct lastSun 2:00s 0 -
# From Arthur David Olson (2011-06-15):
# Take "abolishing daylight saving time" to mean that time is now considered
# to be standard.
# At least for now, keep the "old" Russia rules for the benefit of Belarus.
# These are for backward compatibility with older versions.
......@@ -711,6 +710,23 @@ Zone Europe/Vienna 1:05:20 - LMT 1893 Apr
1:00 EU CE%sT
# Belarus
# From Yauhen Kharuzhy (2011-09-16):
# By latest Belarus government act Europe/Minsk timezone was changed to
# GMT+3 without DST (was GMT+2 with DST).
#
# Sources (Russian language):
# 1.
# <a href="http://www.belta.by/ru/all_news/society/V-Belarusi-otmenjaetsja-perexod-na-sezonnoe-vremja_i_572952.html">
# http://www.belta.by/ru/all_news/society/V-Belarusi-otmenjaetsja-perexod-na-sezonnoe-vremja_i_572952.html
# </a>
# 2.
# <a href="http://naviny.by/rubrics/society/2011/09/16/ic_articles_116_175144/">
# http://naviny.by/rubrics/society/2011/09/16/ic_articles_116_175144/
# </a>
# 3.
# <a href="http://news.tut.by/society/250578.html">
# http://news.tut.by/society/250578.html
# </a>
# Zone NAME GMTOFF RULES FORMAT [UNTIL]
Zone Europe/Minsk 1:50:16 - LMT 1880
1:50 - MMT 1924 May 2 # Minsk Mean Time
......@@ -722,7 +738,8 @@ Zone Europe/Minsk 1:50:16 - LMT 1880
2:00 1:00 EEST 1991 Sep 29 2:00s
2:00 - EET 1992 Mar 29 0:00s
2:00 1:00 EEST 1992 Sep 27 0:00s
2:00 Russia EE%sT
2:00 Russia EE%sT 2011 Mar 27 2:00s
3:00 - FET # Further-eastern European Time
# Belgium
#
......@@ -2056,7 +2073,7 @@ Zone Europe/Kaliningrad 1:22:00 - LMT 1893 Apr
2:00 Poland CE%sT 1946
3:00 Russia MSK/MSD 1991 Mar 31 2:00s
2:00 Russia EE%sT 2011 Mar 27 2:00s
3:00 - KALT
3:00 - FET # Further-eastern European Time
#
# From Oscar van Vlijmen (2001-08-25): [This region consists of]
# Respublika Adygeya, Arkhangel'skaya oblast',
......@@ -2211,7 +2228,7 @@ Zone Asia/Irkutsk 6:57:20 - LMT 1880
# [parts of] Respublika Sakha (Yakutiya), Chitinskaya oblast'.
# From Oscar van Vlijmen (2009-11-29):
# ...some regions of RUssia were merged with others since 2005...
# ...some regions of [Russia] were merged with others since 2005...
# Some names were changed, no big deal, except for one instance: a new name.
# YAK/YAKST: UTC+9 Zabajkal'skij kraj.
......@@ -2635,6 +2652,28 @@ Link Europe/Istanbul Asia/Istanbul # Istanbul is in both continents.
# of March at 3am the time is changing to 4am and each last Sunday of
# October the time at 4am is changing to 3am"
# From Alexander Krivenyshev (2011-09-20):
# On September 20, 2011 the deputies of the Verkhovna Rada agreed to
# abolish the transfer clock to winter time.
#
# Bill number 8330 of MP from the Party of Regions Oleg Nadoshi got
# approval from 266 deputies.
#
# Ukraine abolishes transter back to the winter time (in Russian)
# <a href="http://news.mail.ru/politics/6861560/">
# http://news.mail.ru/politics/6861560/
# </a>
#
# The Ukrainians will no longer change the clock (in Russian)
# <a href="http://www.segodnya.ua/news/14290482.html">
# http://www.segodnya.ua/news/14290482.html
# </a>
#
# Deputies cancelled the winter time (in Russian)
# <a href="http://www.pravda.com.ua/rus/news/2011/09/20/6600616/">
# http://www.pravda.com.ua/rus/news/2011/09/20/6600616/
# </a>
# Zone NAME GMTOFF RULES FORMAT [UNTIL]
# Most of Ukraine since 1970 has been like Kiev.
# "Kyiv" is the transliteration of the Ukrainian name, but
......@@ -2648,7 +2687,8 @@ Zone Europe/Kiev 2:02:04 - LMT 1880
3:00 - MSK 1990 Jul 1 2:00
2:00 - EET 1992
2:00 E-Eur EE%sT 1995
2:00 EU EE%sT
2:00 EU EE%sT 2011 Mar lastSun 1:00u
3:00 - FET # Further-eastern European Time
# Ruthenia used CET 1990/1991.
# "Uzhhorod" is the transliteration of the Ukrainian name, but
# "Uzhgorod" is more common in English.
......@@ -2662,7 +2702,8 @@ Zone Europe/Uzhgorod 1:29:12 - LMT 1890 Oct
1:00 - CET 1991 Mar 31 3:00
2:00 - EET 1992
2:00 E-Eur EE%sT 1995
2:00 EU EE%sT
2:00 EU EE%sT 2011 Mar lastSun 1:00u
3:00 - FET # Further-eastern European Time
# Zaporozh'ye and eastern Lugansk oblasts observed DST 1990/1991.
# "Zaporizhia" is the transliteration of the Ukrainian name, but
# "Zaporozh'ye" is more common in English. Use the common English
......@@ -2675,7 +2716,8 @@ Zone Europe/Zaporozhye 2:20:40 - LMT 1880
1:00 C-Eur CE%sT 1943 Oct 25
3:00 Russia MSK/MSD 1991 Mar 31 2:00
2:00 E-Eur EE%sT 1995
2:00 EU EE%sT
2:00 EU EE%sT 2011 Mar lastSun 1:00u
3:00 - FET # Further-eastern European Time
# Central Crimea used Moscow time 1994/1997.
Zone Europe/Simferopol 2:16:24 - LMT 1880
2:16 - SMT 1924 May 2 # Simferopol Mean T
......@@ -2700,7 +2742,8 @@ Zone Europe/Simferopol 2:16:24 - LMT 1880
# Assume it happened in March by not changing the clocks.
3:00 Russia MSK/MSD 1997
3:00 - MSK 1997 Mar lastSun 1:00u
2:00 EU EE%sT
2:00 EU EE%sT 2011 Mar lastSun 1:00u
3:00 - FET # Further-eastern European Time
###############################################################################
......
jdk/make/sun/javazic/tzdata/northamerica
浏览文件 @ bbee31b3
......@@ -505,7 +505,7 @@ Zone America/Juneau 15:02:19 - LMT 1867 Oct 18
-8:00 US P%sT 1983 Oct 30 2:00
-9:00 US Y%sT 1983 Nov 30
-9:00 US AK%sT
Zone America/Sitka -14:58:47 - LMT 1867 Oct 18
Zone America/Sitka 14:58:47 - LMT 1867 Oct 18
-9:01:13 - LMT 1900 Aug 20 12:00
-8:00 - PST 1942
-8:00 US P%sT 1946
......@@ -1190,31 +1190,21 @@ Rule StJohns 1960 1986 - Oct lastSun 2:00 0 S
# INMS (2000-09-12) says that, since 1988 at least, Newfoundland switches
# at 00:01 local time. For now, assume it started in 1987.
# From Michael Pelley (2011-08-05):
# The Government of Newfoundland and Labrador has pending changes to
# modify the hour for daylight savings time to come into effect in
# November 2011. This modification would change the time from 12:01AM to
# 2:00AM on the dates of the switches of Daylight Savings Time to/from
# Standard Time.
#
# As a matter of reference, in Canada provinces have the authority of
# setting time zone information. The legislation has passed our
# legislative body (The House of Assembly) and is awaiting the
# proclamation to come into effect. You may find this information at:
# <a href="http://www.assembly.nl.ca/legislation/sr/lists/Proclamation.htm">
# http://www.assembly.nl.ca/legislation/sr/lists/Proclamation.htm
# </a>
# and
# search within that web page for Standard Time (Amendment) Act. The Act
# may be found at:
# <a href="http://www.assembly.nl.ca/business/bills/Bill1106.htm">
# http://www.assembly.nl.ca/business/bills/Bill1106.htm
# From Michael Pelley (2011-09-12):
# We received today, Monday, September 12, 2011, notification that the
# changes to the Newfoundland Standard Time Act have been proclaimed.
# The change in the Act stipulates that the change from Daylight Savings
# Time to Standard Time and from Standard Time to Daylight Savings Time
# now occurs at 2:00AM.
# ...
# <a href="http://www.assembly.nl.ca/legislation/sr/annualstatutes/2011/1106.chp.htm">
# http://www.assembly.nl.ca/legislation/sr/annualstatutes/2011/1106.chp.htm
# </a>
# ...
# MICHAEL PELLEY | Manager of Enterprise Architecture - Solution Delivery
# Office of the Chief Information Officer Executive Council Government of
# Newfoundland & Labrador P.O. Box 8700, 40 Higgins Line, St. John's NL
# A1B 4J6
# MICHAEL PELLEY | Manager of Enterprise Architecture - Solution Delivery
# Office of the Chief Information Officer
# Executive Council
# Government of Newfoundland & Labrador
Rule StJohns 1987 only - Apr Sun>=1 0:01 1:00 D
Rule StJohns 1987 2006 - Oct lastSun 0:01 0 S
......
jdk/make/sun/javazic/tzdata/southamerica
浏览文件 @ bbee31b3
......@@ -819,6 +819,26 @@ Zone America/La_Paz -4:32:36 - LMT 1890
# <a href="http://www.timeanddate.com/news/time/brazil-dst-2008-2009.html">
# http://www.timeanddate.com/news/time/brazil-dst-2008-2009.html
# </a>
#
# From Alexander Krivenyshev (2011-10-04):
# State Bahia will return to Daylight savings time this year after 8 years off.
# The announcement was made by Governor Jaques Wagner in an interview to a
# television station in Salvador.
# In Portuguese:
# <a href="http://g1.globo.com/bahia/noticia/2011/10/governador-jaques-wagner-confirma-horario-de-verao-na-bahia.html">
# http://g1.globo.com/bahia/noticia/2011/10/governador-jaques-wagner-confirma-horario-de-verao-na-bahia.html
# </a> and
# <a href="http://noticias.terra.com.br/brasil/noticias/0,,OI5390887-EI8139,00-Bahia+volta+a+ter+horario+de+verao+apos+oito+anos.html">
# http://noticias.terra.com.br/brasil/noticias/0,,OI5390887-EI8139,00-Bahia+volta+a+ter+horario+de+verao+apos+oito+anos.html
# </a>
# From Guilherme Bernardes Rodrigues (2011-10-07):
# There is news in the media, however there is still no decree about it.
# I just send a e-mail to Zulmira Brandão at
# <a href="http://pcdsh01.on.br/">http://pcdsh01.on.br/</a> the
# oficial agency about time in Brazil, and she confirmed that the old rule is
# still in force.
# Rule NAME FROM TO TYPE IN ON AT SAVE LETTER/S
# Decree <a href="http://pcdsh01.on.br/HV20466.htm">20,466</a> (1931-10-01)
......@@ -1057,6 +1077,9 @@ Zone America/Maceio -2:22:52 - LMT 1914
Zone America/Bahia -2:34:04 - LMT 1914
-3:00 Brazil BR%sT 2003 Sep 24
-3:00 - BRT
# as noted above, not yet in operation.
# -3:00 - BRT 2011 Oct 16
# -3:00 Brazil BR%sT
#
# Goias (GO), Distrito Federal (DF), Minas Gerais (MG),
# Espirito Santo (ES), Rio de Janeiro (RJ), Sao Paulo (SP), Parana (PR),
......
jdk/make/sun/javazic/tzdata/zone.tab
浏览文件 @ bbee31b3
......@@ -341,7 +341,8 @@ PL +5215+02100 Europe/Warsaw
PM +4703-05620 America/Miquelon
PN -2504-13005 Pacific/Pitcairn
PR +182806-0660622 America/Puerto_Rico
PS +3130+03428 Asia/Gaza
PS +3130+03428 Asia/Gaza Gaza Strip
PS +313200+0350542 Asia/Hebron West Bank
PT +3843-00908 Europe/Lisbon mainland
PT +3238-01654 Atlantic/Madeira Madeira Islands
PT +3744-02540 Atlantic/Azores Azores
......
jdk/make/sun/rmi/rmi/Makefile
浏览文件 @ bbee31b3
......@@ -30,15 +30,8 @@
BUILDDIR = ../../..
PACKAGE = sun.rmi
PRODUCT = sun
LIBRARY = rmi
include $(BUILDDIR)/common/Defs.gmk
#
# Add use of a mapfile
#
FILES_m = mapfile-vers
include $(BUILDDIR)/common/Mapfile-vers.gmk
#
# Java files to compile.
#
......@@ -51,32 +44,10 @@ AUTO_FILES_JAVA_DIRS = \
sun/rmi/transport \
com/sun/rmi
#
# Native files to compile.
#
FILES_c = \
sun/rmi/server/MarshalInputStream.c
#
# Add ambient vpath to pick up files not part of sun.rmi package
#
vpath %.c $(SHARE_SRC)/native/sun/rmi/server
#
# Exported files that require generated .h
#
FILES_export = \
sun/rmi/server/MarshalInputStream.java
#
# Link to JVM for JVM_LatestUserDefinedLoader
#
OTHER_LDLIBS = $(JVMLIB)
#
# Rules
#
include $(BUILDDIR)/common/Library.gmk
include $(BUILDDIR)/common/Rules.gmk
#
# Full package names of implementations requiring stubs
......
jdk/make/sun/rmi/rmi/mapfile-vers 已删除 100644 → 0
浏览文件 @ 5e0985a0
#
# Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 2 only, as
# published by the Free Software Foundation. Oracle designates this
# particular file as subject to the "Classpath" exception as provided
# by Oracle in the LICENSE file that accompanied this code.
#
# This code is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# version 2 for more details (a copy is included in the LICENSE file that
# accompanied this code).
#
# You should have received a copy of the GNU General Public License version
# 2 along with this work; if not, write to the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
# or visit www.oracle.com if you need additional information or have any
# questions.
#
# Define library interface.
SUNWprivate_1.1 {
global:
Java_sun_rmi_server_MarshalInputStream_latestUserDefinedLoader;
local:
*;
};
jdk/make/sun/security/ec/Makefile
浏览文件 @ bbee31b3
......@@ -192,10 +192,8 @@ ifeq ($(NATIVE_ECC_AVAILABLE), true)
#
# Libraries to link
#
ifeq ($(PLATFORM), windows)
OTHER_LDLIBS += $(JVMLIB)
else
OTHER_LDLIBS = -ldl $(JVMLIB) $(LIBCXX)
ifneq ($(PLATFORM), windows)
OTHER_LDLIBS = $(LIBCXX)
endif
include $(BUILDDIR)/common/Mapfile-vers.gmk
......
jdk/make/sun/security/jgss/wrapper/Makefile
浏览文件 @ bbee31b3
......@@ -72,5 +72,6 @@ include $(BUILDDIR)/common/Library.gmk
# Libraries to link
#
ifneq ($(PLATFORM), windows)
OTHER_LDLIBS = -ldl $(JVMLIB)
OTHER_LDLIBS = -ldl
endif
jdk/make/sun/security/krb5/Makefile
浏览文件 @ bbee31b3
......@@ -69,15 +69,6 @@ else
include $(BUILDDIR)/common/Classes.gmk
endif # PLATFORM
#
# Libraries to link
#
ifeq ($(PLATFORM), windows)
OTHER_LDLIBS = $(JVMLIB)
else
OTHER_LDLIBS = -ldl $(JVMLIB)
endif
build:
ifeq ($(PLATFORM),windows)
$(call make-launcher, kinit, sun.security.krb5.internal.tools.Kinit, , )
......
jdk/make/sun/security/mscapi/Makefile
浏览文件 @ bbee31b3
......@@ -159,7 +159,7 @@ include $(BUILDDIR)/common/Library.gmk
# Libraries to link
#
ifeq ($(PLATFORM), windows)
OTHER_LDLIBS += $(JVMLIB) Crypt32.Lib
OTHER_LDLIBS += Crypt32.Lib
endif
#
......
jdk/make/sun/security/other/Makefile
浏览文件 @ bbee31b3
......@@ -38,6 +38,7 @@ AUTO_FILES_JAVA_DIRS = \
sun/security/acl \
sun/security/jca \
sun/security/pkcs \
sun/security/pkcs10 \
sun/security/pkcs12 \
sun/security/provider \
sun/security/rsa \
......
jdk/make/sun/security/pkcs11/Makefile
浏览文件 @ bbee31b3
......@@ -159,10 +159,8 @@ include $(BUILDDIR)/common/Library.gmk
#
# Libraries to link
#
ifeq ($(PLATFORM), windows)
OTHER_LDLIBS = $(JVMLIB)
else
OTHER_LDLIBS = -ldl $(JVMLIB)
ifneq ($(PLATFORM), windows)
OTHER_LDLIBS = -ldl
endif
# Other config files
......
jdk/make/sun/security/smartcardio/Makefile
浏览文件 @ bbee31b3
......@@ -73,8 +73,8 @@ include $(BUILDDIR)/common/Library.gmk
# Libraries to link
#
ifeq ($(PLATFORM), windows)
OTHER_LDLIBS = $(JVMLIB) winscard.lib
OTHER_LDLIBS = winscard.lib
else
OTHER_LDLIBS = -ldl $(JVMLIB)
OTHER_LDLIBS = -ldl
OTHER_CFLAGS = -D__sun_jdk
endif
jdk/src/share/classes/java/io/ObjectInputStream.java
浏览文件 @ bbee31b3
......@@ -2025,8 +2025,9 @@ public class ObjectInputStream
* This method should not be removed or its signature changed without
* corresponding modifications to the above class.
*/
// REMIND: change name to something more accurate?
private static native ClassLoader latestUserDefinedLoader();
private static ClassLoader latestUserDefinedLoader() {
return sun.misc.VM.latestUserDefinedLoader();
}
/**
* Default GetField implementation.
......
jdk/src/share/classes/java/util/Collections.java
浏览文件 @ bbee31b3
......@@ -2351,6 +2351,64 @@ public class Collections {
}
}
/**
* Returns a dynamically typesafe view of the specified queue.
* Any attempt to insert an element of the wrong type will result in
* an immediate {@link ClassCastException}. Assuming a queue contains
* no incorrectly typed elements prior to the time a dynamically typesafe
* view is generated, and that all subsequent access to the queue
* takes place through the view, it is <i>guaranteed</i> that the
* queue cannot contain an incorrectly typed element.
*
* <p>A discussion of the use of dynamically typesafe views may be
* found in the documentation for the {@link #checkedCollection
* checkedCollection} method.
*
* <p>The returned queue will be serializable if the specified queue
* is serializable.
*
* <p>Since {@code null} is considered to be a value of any reference
* type, the returned queue permits insertion of {@code null} elements
* whenever the backing queue does.
*
* @param queue the queue for which a dynamically typesafe view is to be
* returned
* @param type the type of element that {@code queue} is permitted to hold
* @return a dynamically typesafe view of the specified queue
* @since 1.8
*/
public static <E> Queue<E> checkedQueue(Queue<E> queue, Class<E> type) {
return new CheckedQueue<>(queue, type);
}
/**
* @serial include
*/
static class CheckedQueue<E>
extends CheckedCollection<E>
implements Queue<E>, Serializable
{
private static final long serialVersionUID = 1433151992604707767L;
final Queue<E> queue;
CheckedQueue(Queue<E> queue, Class<E> elementType) {
super(queue, elementType);
this.queue = queue;
}
public E element() {return queue.element();}
public boolean equals(Object o) {return o == this || c.equals(o);}
public int hashCode() {return c.hashCode();}
public E peek() {return queue.peek();}
public E poll() {return queue.poll();}
public E remove() {return queue.remove();}
public boolean offer(E e) {
typeCheck(e);
return add(e);
}
}
/**
* Returns a dynamically typesafe view of the specified set.
* Any attempt to insert an element of the wrong type will result in
......
jdk/src/share/classes/sun/misc/VM.java
浏览文件 @ bbee31b3
......@@ -371,6 +371,12 @@ public class VM {
private final static int JVMTI_THREAD_STATE_WAITING_INDEFINITELY = 0x0010;
private final static int JVMTI_THREAD_STATE_WAITING_WITH_TIMEOUT = 0x0020;
/*
* Returns the first non-null class loader up the execution stack,
* or null if only code from the null class loader is on the stack.
*/
public static native ClassLoader latestUserDefinedLoader();
static {
initialize();
}
......
jdk/src/share/classes/sun/rmi/server/MarshalInputStream.java
浏览文件 @ bbee31b3
......@@ -109,14 +109,6 @@ public class MarshalInputStream extends ObjectInputStream {
}
}
/**
* Load the "rmi" native library.
*/
static {
java.security.AccessController.doPrivileged(
new sun.security.action.LoadLibraryAction("rmi"));
}
/**
* Create a new MarshalInputStream object.
*/
......@@ -262,7 +254,9 @@ public class MarshalInputStream extends ObjectInputStream {
* Returns the first non-null class loader up the execution stack, or null
* if only code from the null class loader is on the stack.
*/
private static native ClassLoader latestUserDefinedLoader();
private static ClassLoader latestUserDefinedLoader() {
return sun.misc.VM.latestUserDefinedLoader();
}
/**
* Fix for 4179055: Need to assist resolving sun stubs; resolve
......
jdk/src/share/classes/sun/security/pkcs/PKCS7.java
浏览文件 @ bbee31b3
......@@ -27,6 +27,7 @@ package sun.security.pkcs;
import java.io.*;
import java.math.BigInteger;
import java.net.URI;
import java.util.*;
import java.security.cert.X509Certificate;
import java.security.cert.CertificateException;
......@@ -35,6 +36,7 @@ import java.security.cert.CRLException;
import java.security.cert.CertificateFactory;
import java.security.*;
import sun.security.timestamp.*;
import sun.security.util.*;
import sun.security.x509.AlgorithmId;
import sun.security.x509.CertificateIssuerName;
......@@ -68,6 +70,30 @@ public class PKCS7 {
private Principal[] certIssuerNames;
/*
* Random number generator for creating nonce values
*/
private static final SecureRandom RANDOM;
static {
SecureRandom tmp = null;
try {
tmp = SecureRandom.getInstance("SHA1PRNG");
} catch (NoSuchAlgorithmException e) {
// should not happen
}
RANDOM = tmp;
}
/*
* Object identifier for the timestamping key purpose.
*/
private static final String KP_TIMESTAMPING_OID = "1.3.6.1.5.5.7.3.8";
/*
* Object identifier for extendedKeyUsage extension
*/
private static final String EXTENDED_KEY_USAGE_OID = "2.5.29.37";
/**
* Unmarshals a PKCS7 block from its encoded form, parsing the
* encoded bytes from the InputStream.
......@@ -733,4 +759,164 @@ public class PKCS7 {
public boolean isOldStyle() {
return this.oldStyle;
}
/**
* Assembles a PKCS #7 signed data message that optionally includes a
* signature timestamp.
*
* @param signature the signature bytes
* @param signerChain the signer's X.509 certificate chain
* @param content the content that is signed; specify null to not include
* it in the PKCS7 data
* @param signatureAlgorithm the name of the signature algorithm
* @param tsaURI the URI of the Timestamping Authority; or null if no
* timestamp is requested
* @return the bytes of the encoded PKCS #7 signed data message
* @throws NoSuchAlgorithmException The exception is thrown if the signature
* algorithm is unrecognised.
* @throws CertificateException The exception is thrown if an error occurs
* while processing the signer's certificate or the TSA's
* certificate.
* @throws IOException The exception is thrown if an error occurs while
* generating the signature timestamp or while generating the signed
* data message.
*/
public static byte[] generateSignedData(byte[] signature,
X509Certificate[] signerChain,
byte[] content,
String signatureAlgorithm,
URI tsaURI)
throws CertificateException, IOException, NoSuchAlgorithmException
{
// Generate the timestamp token
PKCS9Attributes unauthAttrs = null;
if (tsaURI != null) {
// Timestamp the signature
HttpTimestamper tsa = new HttpTimestamper(tsaURI);
byte[] tsToken = generateTimestampToken(tsa, signature);
// Insert the timestamp token into the PKCS #7 signer info element
// (as an unsigned attribute)
unauthAttrs =
new PKCS9Attributes(new PKCS9Attribute[]{
new PKCS9Attribute(
PKCS9Attribute.SIGNATURE_TIMESTAMP_TOKEN_STR,
tsToken)});
}
// Create the SignerInfo
X500Name issuerName =
X500Name.asX500Name(signerChain[0].getIssuerX500Principal());
BigInteger serialNumber = signerChain[0].getSerialNumber();
String encAlg = AlgorithmId.getEncAlgFromSigAlg(signatureAlgorithm);
String digAlg = AlgorithmId.getDigAlgFromSigAlg(signatureAlgorithm);
SignerInfo signerInfo = new SignerInfo(issuerName, serialNumber,
AlgorithmId.get(digAlg), null,
AlgorithmId.get(encAlg),
signature, unauthAttrs);
// Create the PKCS #7 signed data message
SignerInfo[] signerInfos = {signerInfo};
AlgorithmId[] algorithms = {signerInfo.getDigestAlgorithmId()};
// Include or exclude content
ContentInfo contentInfo = (content == null)
? new ContentInfo(ContentInfo.DATA_OID, null)
: new ContentInfo(content);
PKCS7 pkcs7 = new PKCS7(algorithms, contentInfo,
signerChain, signerInfos);
ByteArrayOutputStream p7out = new ByteArrayOutputStream();
pkcs7.encodeSignedData(p7out);
return p7out.toByteArray();
}
/**
* Requests, processes and validates a timestamp token from a TSA using
* common defaults. Uses the following defaults in the timestamp request:
* SHA-1 for the hash algorithm, a 64-bit nonce, and request certificate
* set to true.
*
* @param tsa the timestamping authority to use
* @param toBeTimestamped the token that is to be timestamped
* @return the encoded timestamp token
* @throws IOException The exception is thrown if an error occurs while
* communicating with the TSA.
* @throws CertificateException The exception is thrown if the TSA's
* certificate is not permitted for timestamping.
*/
private static byte[] generateTimestampToken(Timestamper tsa,
byte[] toBeTimestamped)
throws IOException, CertificateException
{
// Generate a timestamp
MessageDigest messageDigest = null;
TSRequest tsQuery = null;
try {
// SHA-1 is always used.
messageDigest = MessageDigest.getInstance("SHA-1");
tsQuery = new TSRequest(toBeTimestamped, messageDigest);
} catch (NoSuchAlgorithmException e) {
// ignore
}
// Generate a nonce
BigInteger nonce = null;
if (RANDOM != null) {
nonce = new BigInteger(64, RANDOM);
tsQuery.setNonce(nonce);
}
tsQuery.requestCertificate(true);
TSResponse tsReply = tsa.generateTimestamp(tsQuery);
int status = tsReply.getStatusCode();
// Handle TSP error
if (status != 0 && status != 1) {
throw new IOException("Error generating timestamp: " +
tsReply.getStatusCodeAsText() + " " +
tsReply.getFailureCodeAsText());
}
PKCS7 tsToken = tsReply.getToken();
TimestampToken tst = tsReply.getTimestampToken();
if (!tst.getHashAlgorithm().getName().equals("SHA")) {
throw new IOException("Digest algorithm not SHA-1 in "
+ "timestamp token");
}
if (!MessageDigest.isEqual(tst.getHashedMessage(),
tsQuery.getHashedMessage())) {
throw new IOException("Digest octets changed in timestamp token");
}
BigInteger replyNonce = tst.getNonce();
if (replyNonce == null && nonce != null) {
throw new IOException("Nonce missing in timestamp token");
}
if (replyNonce != null && !replyNonce.equals(nonce)) {
throw new IOException("Nonce changed in timestamp token");
}
// Examine the TSA's certificate (if present)
for (SignerInfo si: tsToken.getSignerInfos()) {
X509Certificate cert = si.getCertificate(tsToken);
if (cert == null) {
// Error, we've already set tsRequestCertificate = true
throw new CertificateException(
"Certificate not included in timestamp token");
} else {
if (!cert.getCriticalExtensionOIDs().contains(
EXTENDED_KEY_USAGE_OID)) {
throw new CertificateException(
"Certificate is not valid for timestamping");
}
List<String> keyPurposes = cert.getExtendedKeyUsage();
if (keyPurposes == null ||
!keyPurposes.contains(KP_TIMESTAMPING_OID)) {
throw new CertificateException(
"Certificate is not valid for timestamping");
}
}
}
return tsReply.getEncodedToken();
}
}
jdk/src/share/classes/sun/security/pkcs/SignerInfo.java
浏览文件 @ bbee31b3
......@@ -28,10 +28,14 @@ package sun.security.pkcs;
import java.io.OutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertPath;
import java.security.cert.X509Certificate;
import java.security.*;
import java.util.ArrayList;
import sun.security.timestamp.TimestampToken;
import sun.security.util.*;
import sun.security.x509.AlgorithmId;
import sun.security.x509.X500Name;
......@@ -51,6 +55,8 @@ public class SignerInfo implements DerEncoder {
AlgorithmId digestAlgorithmId;
AlgorithmId digestEncryptionAlgorithmId;
byte[] encryptedDigest;
Timestamp timestamp;
private boolean hasTimestamp = true;
PKCS9Attributes authenticatedAttributes;
PKCS9Attributes unauthenticatedAttributes;
......@@ -442,6 +448,62 @@ public class SignerInfo implements DerEncoder {
return unauthenticatedAttributes;
}
/*
* Extracts a timestamp from a PKCS7 SignerInfo.
*
* Examines the signer's unsigned attributes for a
* <tt>signatureTimestampToken</tt> attribute. If present,
* then it is parsed to extract the date and time at which the
* timestamp was generated.
*
* @param info A signer information element of a PKCS 7 block.
*
* @return A timestamp token or null if none is present.
* @throws IOException if an error is encountered while parsing the
* PKCS7 data.
* @throws NoSuchAlgorithmException if an error is encountered while
* verifying the PKCS7 object.
* @throws SignatureException if an error is encountered while
* verifying the PKCS7 object.
* @throws CertificateException if an error is encountered while generating
* the TSA's certpath.
*/
public Timestamp getTimestamp()
throws IOException, NoSuchAlgorithmException, SignatureException,
CertificateException
{
if (timestamp != null || !hasTimestamp)
return timestamp;
if (unauthenticatedAttributes == null) {
hasTimestamp = false;
return null;
}
PKCS9Attribute tsTokenAttr =
unauthenticatedAttributes.getAttribute(
PKCS9Attribute.SIGNATURE_TIMESTAMP_TOKEN_OID);
if (tsTokenAttr == null) {
hasTimestamp = false;
return null;
}
PKCS7 tsToken = new PKCS7((byte[])tsTokenAttr.getValue());
// Extract the content (an encoded timestamp token info)
byte[] encTsTokenInfo = tsToken.getContentInfo().getData();
// Extract the signer (the Timestamping Authority)
// while verifying the content
SignerInfo[] tsa = tsToken.verify(encTsTokenInfo);
// Expect only one signer
ArrayList<X509Certificate> chain = tsa[0].getCertificateChain(tsToken);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
CertPath tsaChain = cf.generateCertPath(chain);
// Create a timestamp token info object
TimestampToken tsTokenInfo = new TimestampToken(encTsTokenInfo);
// Create a timestamp object
timestamp = new Timestamp(tsTokenInfo.getDate(), tsaChain);
return timestamp;
}
public String toString() {
HexDumpEncoder hexDump = new HexDumpEncoder();
......@@ -467,5 +529,4 @@ public class SignerInfo implements DerEncoder {
}
return out;
}
}
jdk/src/share/classes/sun/security/pkcs/PKCS10.java jdk/src/share/classes/sun/security/pkcs10/PKCS10.java
浏览文件 @ bbee31b3
......@@ -24,7 +24,7 @@
*/
package sun.security.pkcs;
package sun.security.pkcs10;
import java.io.PrintStream;
import java.io.IOException;
......
jdk/src/share/classes/sun/security/pkcs/PKCS10Attribute.java jdk/src/share/classes/sun/security/pkcs10/PKCS10Attribute.java
浏览文件 @ bbee31b3
/*
* Copyright (c) 1997, 1998, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -23,11 +23,12 @@
* questions.
*/
package sun.security.pkcs;
package sun.security.pkcs10;
import java.io.OutputStream;
import java.io.IOException;
import sun.security.pkcs.PKCS9Attribute;
import sun.security.util.*;
/**
......
jdk/src/share/classes/sun/security/pkcs/PKCS10Attributes.java jdk/src/share/classes/sun/security/pkcs10/PKCS10Attributes.java
浏览文件 @ bbee31b3
/*
* Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -23,7 +23,7 @@
* questions.
*/
package sun.security.pkcs;
package sun.security.pkcs10;
import java.io.IOException;
import java.io.OutputStream;
......
jdk/src/share/classes/sun/security/pkcs11/Config.java
浏览文件 @ bbee31b3
......@@ -192,6 +192,11 @@ final class Config {
// works only for NSS providers created via the Secmod API
private boolean nssUseSecmodTrust = false;
// Flag to indicate whether the X9.63 encoding for EC points shall be used
// (true) or whether that encoding shall be wrapped in an ASN.1 OctetString
// (false).
private boolean useEcX963Encoding = false;
private Config(String filename, InputStream in) throws IOException {
if (in == null) {
if (filename.startsWith("--")) {
......@@ -320,6 +325,10 @@ final class Config {
return nssUseSecmodTrust;
}
boolean getUseEcX963Encoding() {
return useEcX963Encoding;
}
private static String expand(final String s) throws IOException {
try {
return PropertyExpander.expand(s);
......@@ -440,6 +449,8 @@ final class Config {
parseNSSArgs(word);
} else if (word.equals("nssUseSecmodTrust")) {
nssUseSecmodTrust = parseBooleanEntry(word);
} else if (word.equals("useEcX963Encoding")) {
useEcX963Encoding = parseBooleanEntry(word);
} else {
throw new ConfigurationException
("Unknown keyword '" + word + "', line " + st.lineno());
......
jdk/src/share/classes/sun/security/pkcs11/KeyCache.java
浏览文件 @ bbee31b3
/*
* Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -48,7 +48,7 @@ import sun.security.util.Cache;
*/
final class KeyCache {
private final Cache strongCache;
private final Cache<IdentityWrapper, P11Key> strongCache;
private WeakReference<Map<Key,P11Key>> cacheReference;
......@@ -77,7 +77,7 @@ final class KeyCache {
}
synchronized P11Key get(Key key) {
P11Key p11Key = (P11Key)strongCache.get(new IdentityWrapper(key));
P11Key p11Key = strongCache.get(new IdentityWrapper(key));
if (p11Key != null) {
return p11Key;
}
......@@ -94,8 +94,8 @@ final class KeyCache {
Map<Key,P11Key> map =
(cacheReference == null) ? null : cacheReference.get();
if (map == null) {
map = new IdentityHashMap<Key,P11Key>();
cacheReference = new WeakReference<Map<Key,P11Key>>(map);
map = new IdentityHashMap<>();
cacheReference = new WeakReference<>(map);
}
map.put(key, p11Key);
}
......
jdk/src/share/classes/sun/security/pkcs11/P11ECKeyFactory.java
浏览文件 @ bbee31b3
......@@ -203,14 +203,20 @@ final class P11ECKeyFactory extends P11KeyFactory {
private PublicKey generatePublic(ECPoint point, ECParameterSpec params) throws PKCS11Exception {
byte[] encodedParams = ECParameters.encodeParameters(params);
byte[] encodedPoint = null;
DerValue pkECPoint = new DerValue(DerValue.tag_OctetString,
ECParameters.encodePoint(point, params.getCurve()));
byte[] encodedPoint =
ECParameters.encodePoint(point, params.getCurve());
try {
encodedPoint = pkECPoint.toByteArray();
} catch (IOException e) {
throw new IllegalArgumentException("Could not DER encode point", e);
// Check whether the X9.63 encoding of an EC point shall be wrapped
// in an ASN.1 OCTET STRING
if (!token.config.getUseEcX963Encoding()) {
try {
encodedPoint =
new DerValue(DerValue.tag_OctetString, encodedPoint)
.toByteArray();
} catch (IOException e) {
throw new
IllegalArgumentException("Could not DER encode point", e);
}
}
CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
......
jdk/src/share/classes/sun/security/pkcs11/P11Key.java
浏览文件 @ bbee31b3
......@@ -1028,28 +1028,21 @@ abstract class P11Key implements Key {
try {
params = P11ECKeyFactory.decodeParameters
(attributes[1].getByteArray());
/*
* An uncompressed EC point may be in either of two formats.
* First try the OCTET STRING encoding:
* 04 <length> 04 <X-coordinate> <Y-coordinate>
*
* Otherwise try the raw encoding:
* 04 <X-coordinate> <Y-coordinate>
*/
byte[] ecKey = attributes[0].getByteArray();
try {
// Check whether the X9.63 encoding of an EC point is wrapped
// in an ASN.1 OCTET STRING
if (!token.config.getUseEcX963Encoding()) {
DerValue wECPoint = new DerValue(ecKey);
if (wECPoint.getTag() != DerValue.tag_OctetString)
throw new IOException("Unexpected tag: " +
wECPoint.getTag());
if (wECPoint.getTag() != DerValue.tag_OctetString) {
throw new IOException("Could not DER decode EC point." +
" Unexpected tag: " + wECPoint.getTag());
}
w = P11ECKeyFactory.decodePoint
(wECPoint.getDataBytes(), params.getCurve());
} catch (IOException e) {
// Failover
} else {
w = P11ECKeyFactory.decodePoint(ecKey, params.getCurve());
}
......
jdk/src/share/classes/sun/security/provider/X509Factory.java
浏览文件 @ bbee31b3
......@@ -64,8 +64,10 @@ public class X509Factory extends CertificateFactorySpi {
private static final int ENC_MAX_LENGTH = 4096 * 1024; // 4 MB MAX
private static final Cache certCache = Cache.newSoftMemoryCache(750);
private static final Cache crlCache = Cache.newSoftMemoryCache(750);
private static final Cache<Object, X509CertImpl> certCache
= Cache.newSoftMemoryCache(750);
private static final Cache<Object, X509CRLImpl> crlCache
= Cache.newSoftMemoryCache(750);
/**
* Generates an X.509 certificate object and initializes it with
......@@ -90,7 +92,7 @@ public class X509Factory extends CertificateFactorySpi {
try {
byte[] encoding = readOneBlock(is);
if (encoding != null) {
X509CertImpl cert = (X509CertImpl)getFromCache(certCache, encoding);
X509CertImpl cert = getFromCache(certCache, encoding);
if (cert != null) {
return cert;
}
......@@ -151,7 +153,7 @@ public class X509Factory extends CertificateFactorySpi {
} else {
encoding = c.getEncoded();
}
X509CertImpl newC = (X509CertImpl)getFromCache(certCache, encoding);
X509CertImpl newC = getFromCache(certCache, encoding);
if (newC != null) {
return newC;
}
......@@ -181,7 +183,7 @@ public class X509Factory extends CertificateFactorySpi {
} else {
encoding = c.getEncoded();
}
X509CRLImpl newC = (X509CRLImpl)getFromCache(crlCache, encoding);
X509CRLImpl newC = getFromCache(crlCache, encoding);
if (newC != null) {
return newC;
}
......@@ -198,18 +200,17 @@ public class X509Factory extends CertificateFactorySpi {
/**
* Get the X509CertImpl or X509CRLImpl from the cache.
*/
private static synchronized Object getFromCache(Cache cache,
private static synchronized <K,V> V getFromCache(Cache<K,V> cache,
byte[] encoding) {
Object key = new Cache.EqualByteArray(encoding);
Object value = cache.get(key);
return value;
return cache.get(key);
}
/**
* Add the X509CertImpl or X509CRLImpl to the cache.
*/
private static synchronized void addToCache(Cache cache, byte[] encoding,
Object value) {
private static synchronized <V> void addToCache(Cache<Object, V> cache,
byte[] encoding, V value) {
if (encoding.length > ENC_MAX_LENGTH) {
return;
}
......@@ -361,7 +362,7 @@ public class X509Factory extends CertificateFactorySpi {
try {
byte[] encoding = readOneBlock(is);
if (encoding != null) {
X509CRLImpl crl = (X509CRLImpl)getFromCache(crlCache, encoding);
X509CRLImpl crl = getFromCache(crlCache, encoding);
if (crl != null) {
return crl;
}
......@@ -669,6 +670,23 @@ public class X509Factory extends CertificateFactorySpi {
bout.write(midByte);
bout.write(lowByte);
length = (highByte << 16) | (midByte << 8) | lowByte;
} else if (n == 0x84) {
int highByte = is.read();
int nextByte = is.read();
int midByte = is.read();
int lowByte = is.read();
if (lowByte == -1) {
throw new IOException("Incomplete BER/DER length info");
}
if (highByte > 127) {
throw new IOException("Invalid BER/DER data (a little huge?)");
}
bout.write(highByte);
bout.write(nextByte);
bout.write(midByte);
bout.write(lowByte);
length = (highByte << 24 ) | (nextByte << 16) |
(midByte << 8) | lowByte;
} else { // ignore longer length forms
throw new IOException("Invalid BER/DER data (too huge?)");
}
......
jdk/src/share/classes/sun/security/provider/certpath/CertStoreHelper.java
浏览文件 @ bbee31b3
/*
* Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -27,32 +27,87 @@ package sun.security.provider.certpath;
import java.net.URI;
import java.util.Collection;
import java.util.HashMap;
import java.util.Map;
import java.security.AccessController;
import java.security.NoSuchAlgorithmException;
import java.security.InvalidAlgorithmParameterException;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.cert.CertStore;
import java.security.cert.X509CertSelector;
import java.security.cert.X509CRLSelector;
import javax.security.auth.x500.X500Principal;
import java.io.IOException;
import sun.security.util.Cache;
/**
* Helper used by URICertStore when delegating to another CertStore to
* fetch certs and CRLs.
* Helper used by URICertStore and others when delegating to another CertStore
* to fetch certs and CRLs.
*/
public interface CertStoreHelper {
public abstract class CertStoreHelper {
private static final int NUM_TYPES = 2;
private final static Map<String,String> classMap = new HashMap<>(NUM_TYPES);
static {
classMap.put(
"LDAP",
"sun.security.provider.certpath.ldap.LDAPCertStoreHelper");
classMap.put(
"SSLServer",
"sun.security.provider.certpath.ssl.SSLServerCertStoreHelper");
};
private static Cache<String, CertStoreHelper> cache
= Cache.newSoftMemoryCache(NUM_TYPES);
public static CertStoreHelper getInstance(final String type)
throws NoSuchAlgorithmException
{
CertStoreHelper helper = cache.get(type);
if (helper != null) {
return helper;
}
final String cl = classMap.get(type);
if (cl == null) {
throw new NoSuchAlgorithmException(type + " not available");
}
try {
helper = AccessController.doPrivileged(
new PrivilegedExceptionAction<CertStoreHelper>() {
public CertStoreHelper run() throws ClassNotFoundException {
try {
Class<?> c = Class.forName(cl, true, null);
CertStoreHelper csh
= (CertStoreHelper)c.newInstance();
cache.put(type, csh);
return csh;
} catch (InstantiationException e) {
throw new AssertionError(e);
} catch (IllegalAccessException e) {
throw new AssertionError(e);
}
}
});
return helper;
} catch (PrivilegedActionException e) {
throw new NoSuchAlgorithmException(type + " not available",
e.getException());
}
}
/**
* Returns a CertStore using the given URI as parameters.
*/
CertStore getCertStore(URI uri)
public abstract CertStore getCertStore(URI uri)
throws NoSuchAlgorithmException, InvalidAlgorithmParameterException;
/**
* Wraps an existing X509CertSelector when needing to avoid DN matching
* issues.
*/
X509CertSelector wrap(X509CertSelector selector,
public abstract X509CertSelector wrap(X509CertSelector selector,
X500Principal certSubject,
String dn)
throws IOException;
......@@ -61,7 +116,7 @@ public interface CertStoreHelper {
* Wraps an existing X509CRLSelector when needing to avoid DN matching
* issues.
*/
X509CRLSelector wrap(X509CRLSelector selector,
public abstract X509CRLSelector wrap(X509CRLSelector selector,
Collection<X500Principal> certIssuers,
String dn)
throws IOException;
......
jdk/src/share/classes/sun/security/provider/certpath/URICertStore.java
浏览文件 @ bbee31b3
......@@ -30,8 +30,6 @@ import java.io.IOException;
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URLConnection;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
......@@ -102,8 +100,7 @@ class URICertStore extends CertStoreSpi {
private final CertificateFactory factory;
// cached Collection of X509Certificates (may be empty, never null)
private Collection<X509Certificate> certs =
Collections.<X509Certificate>emptySet();
private Collection<X509Certificate> certs = Collections.emptySet();
// cached X509CRL (may be null)
private X509CRL crl;
......@@ -120,35 +117,10 @@ class URICertStore extends CertStoreSpi {
// true if URI is ldap
private boolean ldap = false;
private CertStoreHelper ldapHelper;
private CertStore ldapCertStore;
private String ldapPath;
/**
* Holder class to lazily load LDAPCertStoreHelper if present.
*/
private static class LDAP {
private static final String CERT_STORE_HELPER =
"sun.security.provider.certpath.ldap.LDAPCertStoreHelper";
private static final CertStoreHelper helper =
AccessController.doPrivileged(
new PrivilegedAction<CertStoreHelper>() {
public CertStoreHelper run() {
try {
Class<?> c = Class.forName(CERT_STORE_HELPER, true, null);
return (CertStoreHelper)c.newInstance();
} catch (ClassNotFoundException cnf) {
return null;
} catch (InstantiationException e) {
throw new AssertionError(e);
} catch (IllegalAccessException e) {
throw new AssertionError(e);
}
}});
static CertStoreHelper helper() {
return helper;
}
}
/**
* Creates a URICertStore.
*
......@@ -164,10 +136,9 @@ class URICertStore extends CertStoreSpi {
this.uri = ((URICertStoreParameters) params).uri;
// if ldap URI, use an LDAPCertStore to fetch certs and CRLs
if (uri.getScheme().toLowerCase(Locale.ENGLISH).equals("ldap")) {
if (LDAP.helper() == null)
throw new NoSuchAlgorithmException("LDAP not present");
ldap = true;
ldapCertStore = LDAP.helper().getCertStore(uri);
ldapHelper = CertStoreHelper.getInstance("LDAP");
ldapCertStore = ldapHelper.getCertStore(uri);
ldapPath = uri.getPath();
// strip off leading '/'
if (ldapPath.charAt(0) == '/') {
......@@ -185,14 +156,14 @@ class URICertStore extends CertStoreSpi {
* Returns a URI CertStore. This method consults a cache of
* CertStores (shared per JVM) using the URI as a key.
*/
private static final Cache certStoreCache =
Cache.newSoftMemoryCache(CACHE_SIZE);
private static final Cache<URICertStoreParameters, CertStore>
certStoreCache = Cache.newSoftMemoryCache(CACHE_SIZE);
static synchronized CertStore getInstance(URICertStoreParameters params)
throws NoSuchAlgorithmException, InvalidAlgorithmParameterException {
if (debug != null) {
debug.println("CertStore URI:" + params.uri);
}
CertStore ucs = (CertStore) certStoreCache.get(params);
CertStore ucs = certStoreCache.get(params);
if (ucs == null) {
ucs = new UCS(new URICertStore(params), null, "URI", params);
certStoreCache.put(params, ucs);
......@@ -251,7 +222,7 @@ class URICertStore extends CertStoreSpi {
if (ldap) {
X509CertSelector xsel = (X509CertSelector) selector;
try {
xsel = LDAP.helper().wrap(xsel, xsel.getSubject(), ldapPath);
xsel = ldapHelper.wrap(xsel, xsel.getSubject(), ldapPath);
} catch (IOException ioe) {
throw new CertStoreException(ioe);
}
......@@ -273,62 +244,49 @@ class URICertStore extends CertStoreSpi {
return getMatchingCerts(certs, selector);
}
lastChecked = time;
InputStream in = null;
try {
URLConnection connection = uri.toURL().openConnection();
if (lastModified != 0) {
connection.setIfModifiedSince(lastModified);
}
in = connection.getInputStream();
long oldLastModified = lastModified;
lastModified = connection.getLastModified();
if (oldLastModified != 0) {
if (oldLastModified == lastModified) {
if (debug != null) {
debug.println("Not modified, using cached copy");
}
return getMatchingCerts(certs, selector);
} else if (connection instanceof HttpURLConnection) {
// some proxy servers omit last modified
HttpURLConnection hconn = (HttpURLConnection) connection;
if (hconn.getResponseCode()
== HttpURLConnection.HTTP_NOT_MODIFIED) {
try (InputStream in = connection.getInputStream()) {
lastModified = connection.getLastModified();
if (oldLastModified != 0) {
if (oldLastModified == lastModified) {
if (debug != null) {
debug.println("Not modified, using cached copy");
}
return getMatchingCerts(certs, selector);
} else if (connection instanceof HttpURLConnection) {
// some proxy servers omit last modified
HttpURLConnection hconn = (HttpURLConnection)connection;
if (hconn.getResponseCode()
== HttpURLConnection.HTTP_NOT_MODIFIED) {
if (debug != null) {
debug.println("Not modified, using cached copy");
}
return getMatchingCerts(certs, selector);
}
}
}
if (debug != null) {
debug.println("Downloading new certificates...");
}
// Safe cast since factory is an X.509 certificate factory
certs = (Collection<X509Certificate>)
factory.generateCertificates(in);
}
if (debug != null) {
debug.println("Downloading new certificates...");
}
// Safe cast since factory is an X.509 certificate factory
certs = (Collection<X509Certificate>)
factory.generateCertificates(in);
return getMatchingCerts(certs, selector);
} catch (IOException e) {
} catch (IOException | CertificateException e) {
if (debug != null) {
debug.println("Exception fetching certificates:");
e.printStackTrace();
}
} catch (CertificateException e) {
if (debug != null) {
debug.println("Exception fetching certificates:");
e.printStackTrace();
}
} finally {
if (in != null) {
try {
in.close();
} catch (IOException e) {
// ignore
}
}
}
// exception, forget previous values
lastModified = 0;
certs = Collections.<X509Certificate>emptySet();
certs = Collections.emptySet();
return certs;
}
......@@ -343,8 +301,7 @@ class URICertStore extends CertStoreSpi {
if (selector == null) {
return certs;
}
List<X509Certificate> matchedCerts =
new ArrayList<X509Certificate>(certs.size());
List<X509Certificate> matchedCerts = new ArrayList<>(certs.size());
for (X509Certificate cert : certs) {
if (selector.match(cert)) {
matchedCerts.add(cert);
......@@ -374,7 +331,7 @@ class URICertStore extends CertStoreSpi {
if (ldap) {
X509CRLSelector xsel = (X509CRLSelector) selector;
try {
xsel = LDAP.helper().wrap(xsel, null, ldapPath);
xsel = ldapHelper.wrap(xsel, null, ldapPath);
} catch (IOException ioe) {
throw new CertStoreException(ioe);
}
......@@ -395,61 +352,48 @@ class URICertStore extends CertStoreSpi {
return getMatchingCRLs(crl, selector);
}
lastChecked = time;
InputStream in = null;
try {
URLConnection connection = uri.toURL().openConnection();
if (lastModified != 0) {
connection.setIfModifiedSince(lastModified);
}
in = connection.getInputStream();
long oldLastModified = lastModified;
lastModified = connection.getLastModified();
if (oldLastModified != 0) {
if (oldLastModified == lastModified) {
if (debug != null) {
debug.println("Not modified, using cached copy");
}
return getMatchingCRLs(crl, selector);
} else if (connection instanceof HttpURLConnection) {
// some proxy servers omit last modified
HttpURLConnection hconn = (HttpURLConnection) connection;
if (hconn.getResponseCode()
== HttpURLConnection.HTTP_NOT_MODIFIED) {
try (InputStream in = connection.getInputStream()) {
lastModified = connection.getLastModified();
if (oldLastModified != 0) {
if (oldLastModified == lastModified) {
if (debug != null) {
debug.println("Not modified, using cached copy");
}
return getMatchingCRLs(crl, selector);
} else if (connection instanceof HttpURLConnection) {
// some proxy servers omit last modified
HttpURLConnection hconn = (HttpURLConnection)connection;
if (hconn.getResponseCode()
== HttpURLConnection.HTTP_NOT_MODIFIED) {
if (debug != null) {
debug.println("Not modified, using cached copy");
}
return getMatchingCRLs(crl, selector);
}
}
}
if (debug != null) {
debug.println("Downloading new CRL...");
}
crl = (X509CRL) factory.generateCRL(in);
}
if (debug != null) {
debug.println("Downloading new CRL...");
}
crl = (X509CRL) factory.generateCRL(in);
return getMatchingCRLs(crl, selector);
} catch (IOException e) {
} catch (IOException | CRLException e) {
if (debug != null) {
debug.println("Exception fetching CRL:");
e.printStackTrace();
}
} catch (CRLException e) {
if (debug != null) {
debug.println("Exception fetching CRL:");
e.printStackTrace();
}
} finally {
if (in != null) {
try {
in.close();
} catch (IOException e) {
// ignore
}
}
}
// exception, forget previous values
lastModified = 0;
crl = null;
return Collections.<X509CRL>emptyList();
return Collections.emptyList();
}
/**
......@@ -459,9 +403,9 @@ class URICertStore extends CertStoreSpi {
private static Collection<X509CRL> getMatchingCRLs
(X509CRL crl, CRLSelector selector) {
if (selector == null || (crl != null && selector.match(crl))) {
return Collections.<X509CRL>singletonList(crl);
return Collections.singletonList(crl);
} else {
return Collections.<X509CRL>emptyList();
return Collections.emptyList();
}
}
......
jdk/src/share/classes/sun/security/provider/certpath/X509CertificatePair.java
浏览文件 @ bbee31b3
/*
* Copyright (c) 2000, 2002, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -79,7 +79,8 @@ public class X509CertificatePair {
private X509Certificate reverse;
private byte[] encoded;
private static final Cache cache = Cache.newSoftMemoryCache(750);
private static final Cache<Object, X509CertificatePair> cache
= Cache.newSoftMemoryCache(750);
/**
* Creates an empty instance of X509CertificatePair.
......@@ -114,7 +115,7 @@ public class X509CertificatePair {
*
* For internal use only, external code should use generateCertificatePair.
*/
private X509CertificatePair(byte[] encoded)throws CertificateException {
private X509CertificatePair(byte[] encoded) throws CertificateException {
try {
parse(new DerValue(encoded));
this.encoded = encoded;
......@@ -138,7 +139,7 @@ public class X509CertificatePair {
public static synchronized X509CertificatePair generateCertificatePair
(byte[] encoded) throws CertificateException {
Object key = new Cache.EqualByteArray(encoded);
X509CertificatePair pair = (X509CertificatePair)cache.get(key);
X509CertificatePair pair = cache.get(key);
if (pair != null) {
return pair;
}
......
jdk/src/share/classes/sun/security/provider/certpath/ldap/LDAPCertStore.java
浏览文件 @ bbee31b3
/*
* Copyright (c) 2000, 2006, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -103,7 +103,7 @@ import sun.security.action.GetPropertyAction;
* @author Steve Hanna
* @author Andreas Sterbenz
*/
public class LDAPCertStore extends CertStoreSpi {
public final class LDAPCertStore extends CertStoreSpi {
private static final Debug debug = Debug.getInstance("certpath");
......@@ -160,7 +160,7 @@ public class LDAPCertStore extends CertStoreSpi {
*/
private boolean prefetchCRLs = false;
private final Cache valueCache;
private final Cache<String, byte[][]> valueCache;
private int cacheHits = 0;
private int cacheMisses = 0;
......@@ -207,10 +207,11 @@ public class LDAPCertStore extends CertStoreSpi {
* Returns an LDAP CertStore. This method consults a cache of
* CertStores (shared per JVM) using the LDAP server/port as a key.
*/
private static final Cache certStoreCache = Cache.newSoftMemoryCache(185);
private static final Cache<LDAPCertStoreParameters, CertStore>
certStoreCache = Cache.newSoftMemoryCache(185);
static synchronized CertStore getInstance(LDAPCertStoreParameters params)
throws NoSuchAlgorithmException, InvalidAlgorithmParameterException {
CertStore lcs = (CertStore) certStoreCache.get(params);
CertStore lcs = certStoreCache.get(params);
if (lcs == null) {
lcs = CertStore.getInstance("LDAP", params);
certStoreCache.put(params, lcs);
......@@ -232,7 +233,7 @@ public class LDAPCertStore extends CertStoreSpi {
private void createInitialDirContext(String server, int port)
throws InvalidAlgorithmParameterException {
String url = "ldap://" + server + ":" + port;
Hashtable<String,Object> env = new Hashtable<String,Object>();
Hashtable<String,Object> env = new Hashtable<>();
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, url);
......@@ -283,7 +284,7 @@ public class LDAPCertStore extends CertStoreSpi {
LDAPRequest(String name) {
this.name = name;
requestedAttributes = new ArrayList<String>(5);
requestedAttributes = new ArrayList<>(5);
}
String getName() {
......@@ -311,7 +312,7 @@ public class LDAPCertStore extends CertStoreSpi {
+ cacheMisses);
}
String cacheKey = name + "|" + attrId;
byte[][] values = (byte[][])valueCache.get(cacheKey);
byte[][] values = valueCache.get(cacheKey);
if (values != null) {
cacheHits++;
return values;
......@@ -347,7 +348,7 @@ public class LDAPCertStore extends CertStoreSpi {
System.out.println("LDAP requests: " + requests);
}
}
valueMap = new HashMap<String, byte[][]>(8);
valueMap = new HashMap<>(8);
String[] attrIds = requestedAttributes.toArray(STRING0);
Attributes attrs;
try {
......@@ -429,10 +430,10 @@ public class LDAPCertStore extends CertStoreSpi {
int n = encodedCert.length;
if (n == 0) {
return Collections.<X509Certificate>emptySet();
return Collections.emptySet();
}
List<X509Certificate> certs = new ArrayList<X509Certificate>(n);
List<X509Certificate> certs = new ArrayList<>(n);
/* decode certs and check if they satisfy selector */
for (int i = 0; i < n; i++) {
ByteArrayInputStream bais = new ByteArrayInputStream(encodedCert[i]);
......@@ -477,11 +478,10 @@ public class LDAPCertStore extends CertStoreSpi {
int n = encodedCertPair.length;
if (n == 0) {
return Collections.<X509CertificatePair>emptySet();
return Collections.emptySet();
}
List<X509CertificatePair> certPairs =
new ArrayList<X509CertificatePair>(n);
List<X509CertificatePair> certPairs = new ArrayList<>(n);
/* decode each cert pair and add it to the Collection */
for (int i = 0; i < n; i++) {
try {
......@@ -528,8 +528,7 @@ public class LDAPCertStore extends CertStoreSpi {
getCertPairs(request, CROSS_CERT);
// Find Certificates that match and put them in a list
ArrayList<X509Certificate> matchingCerts =
new ArrayList<X509Certificate>();
ArrayList<X509Certificate> matchingCerts = new ArrayList<>();
for (X509CertificatePair certPair : certPairs) {
X509Certificate cert;
if (forward != null) {
......@@ -587,7 +586,7 @@ public class LDAPCertStore extends CertStoreSpi {
int basicConstraints = xsel.getBasicConstraints();
String subject = xsel.getSubjectAsString();
String issuer = xsel.getIssuerAsString();
HashSet<X509Certificate> certs = new HashSet<X509Certificate>();
HashSet<X509Certificate> certs = new HashSet<>();
if (debug != null) {
debug.println("LDAPCertStore.engineGetCertificates() basicConstraints: "
+ basicConstraints);
......@@ -706,10 +705,10 @@ public class LDAPCertStore extends CertStoreSpi {
int n = encodedCRL.length;
if (n == 0) {
return Collections.<X509CRL>emptySet();
return Collections.emptySet();
}
List<X509CRL> crls = new ArrayList<X509CRL>(n);
List<X509CRL> crls = new ArrayList<>(n);
/* decode each crl and check if it matches selector */
for (int i = 0; i < n; i++) {
try {
......@@ -765,13 +764,13 @@ public class LDAPCertStore extends CertStoreSpi {
throw new CertStoreException("need X509CRLSelector to find CRLs");
}
X509CRLSelector xsel = (X509CRLSelector) selector;
HashSet<X509CRL> crls = new HashSet<X509CRL>();
HashSet<X509CRL> crls = new HashSet<>();
// Look in directory entry for issuer of cert we're checking.
Collection<Object> issuerNames;
X509Certificate certChecking = xsel.getCertificateChecking();
if (certChecking != null) {
issuerNames = new HashSet<Object>();
issuerNames = new HashSet<>();
X500Principal issuer = certChecking.getIssuerX500Principal();
issuerNames.add(issuer.getName(X500Principal.RFC2253));
} else {
......@@ -796,7 +795,7 @@ public class LDAPCertStore extends CertStoreSpi {
issuerName = (String)nameObject;
}
// If all we want is CA certs, try to get the (probably shorter) ARL
Collection<X509CRL> entryCRLs = Collections.<X509CRL>emptySet();
Collection<X509CRL> entryCRLs = Collections.emptySet();
if (certChecking == null || certChecking.getBasicConstraints() != -1) {
LDAPRequest request = new LDAPRequest(issuerName);
request.addRequestedAttribute(CROSS_CERT);
......@@ -1028,9 +1027,9 @@ public class LDAPCertStore extends CertStoreSpi {
throws IOException {
this.selector = selector == null ? new X509CRLSelector() : selector;
this.certIssuers = certIssuers;
issuerNames = new HashSet<Object>();
issuerNames = new HashSet<>();
issuerNames.add(ldapDN);
issuers = new HashSet<X500Principal>();
issuers = new HashSet<>();
issuers.add(new X500Name(ldapDN).asX500Principal());
}
// we only override the get (accessor methods) since the set methods
......
jdk/src/share/classes/sun/security/provider/certpath/ldap/LDAPCertStoreHelper.java
浏览文件 @ bbee31b3
/*
* Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -41,11 +41,9 @@ import sun.security.provider.certpath.CertStoreHelper;
* LDAP implementation of CertStoreHelper.
*/
public class LDAPCertStoreHelper
implements CertStoreHelper
public final class LDAPCertStoreHelper
extends CertStoreHelper
{
public LDAPCertStoreHelper() { }
@Override
public CertStore getCertStore(URI uri)
throws NoSuchAlgorithmException, InvalidAlgorithmParameterException
......
jdk/src/share/classes/sun/security/provider/certpath/ssl/SSLServerCertStore.java 0 → 100644
浏览文件 @ bbee31b3
/*
* Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package sun.security.provider.certpath.ssl;
import java.io.IOException;
import java.net.URI;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.Provider;
import java.security.cert.CertificateException;
import java.security.cert.CertSelector;
import java.security.cert.CertStore;
import java.security.cert.CertStoreException;
import java.security.cert.CertStoreParameters;
import java.security.cert.CertStoreSpi;
import java.security.cert.CRLSelector;
import java.security.cert.X509Certificate;
import java.security.cert.X509CRL;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
/**
* A CertStore that retrieves an SSL server's certificate chain.
*/
public final class SSLServerCertStore extends CertStoreSpi {
private final URI uri;
SSLServerCertStore(URI uri) throws InvalidAlgorithmParameterException {
super(null);
this.uri = uri;
}
public synchronized Collection<X509Certificate> engineGetCertificates
(CertSelector selector) throws CertStoreException
{
try {
SSLContext sc = SSLContext.getInstance("SSL");
GetChainTrustManager xtm = new GetChainTrustManager();
sc.init(null, new TrustManager[] { xtm }, null);
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(
new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;
}
});
uri.toURL().openConnection().connect();
return getMatchingCerts(xtm.serverChain, selector);
} catch (GeneralSecurityException | IOException e) {
throw new CertStoreException(e);
}
}
private static List<X509Certificate> getMatchingCerts
(List<X509Certificate> certs, CertSelector selector)
{
// if selector not specified, all certs match
if (selector == null) {
return certs;
}
List<X509Certificate> matchedCerts = new ArrayList<>(certs.size());
for (X509Certificate cert : certs) {
if (selector.match(cert)) {
matchedCerts.add(cert);
}
}
return matchedCerts;
}
public Collection<X509CRL> engineGetCRLs(CRLSelector selector)
throws CertStoreException
{
throw new UnsupportedOperationException();
}
static synchronized CertStore getInstance(URI uri)
throws InvalidAlgorithmParameterException
{
return new CS(new SSLServerCertStore(uri), null, "SSLServer", null);
}
/*
* An X509TrustManager that simply stores a reference to the server's
* certificate chain.
*/
private static class GetChainTrustManager implements X509TrustManager {
private List<X509Certificate> serverChain;
public X509Certificate[] getAcceptedIssuers() {
throw new UnsupportedOperationException();
}
public void checkClientTrusted(X509Certificate[] chain,
String authType)
throws CertificateException
{
throw new UnsupportedOperationException();
}
public void checkServerTrusted(X509Certificate[] chain,
String authType)
throws CertificateException
{
this.serverChain = (chain == null)
? Collections.<X509Certificate>emptyList()
: Arrays.asList(chain);
}
}
/**
* This class allows the SSLServerCertStore to be accessed as a CertStore.
*/
private static class CS extends CertStore {
protected CS(CertStoreSpi spi, Provider p, String type,
CertStoreParameters params)
{
super(spi, p, type, params);
}
}
}
jdk/src/share/classes/sun/security/pkcs/EncodingException.java jdk/src/share/classes/sun/security/provider/certpath/ssl/SSLServerCertStoreHelper.java
浏览文件 @ bbee31b3
/*
* Copyright (c) 1996, 2003, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -23,23 +23,47 @@
* questions.
*/
/**
* Generic PKCS Encoding exception.
*
* @author Benjamin Renaud
*/
package sun.security.provider.certpath.ssl;
package sun.security.pkcs;
import java.net.URI;
import java.util.Collection;
import java.security.NoSuchAlgorithmException;
import java.security.InvalidAlgorithmParameterException;
import java.security.cert.CertStore;
import java.security.cert.X509CertSelector;
import java.security.cert.X509CRLSelector;
import javax.security.auth.x500.X500Principal;
import java.io.IOException;
public class EncodingException extends Exception {
import sun.security.provider.certpath.CertStoreHelper;
private static final long serialVersionUID = 4060198374240668325L;
/**
* SSL implementation of CertStoreHelper.
*/
public final class SSLServerCertStoreHelper extends CertStoreHelper {
@Override
public CertStore getCertStore(URI uri)
throws NoSuchAlgorithmException, InvalidAlgorithmParameterException
{
return SSLServerCertStore.getInstance(uri);
}
public EncodingException() {
super();
@Override
public X509CertSelector wrap(X509CertSelector selector,
X500Principal certSubject,
String ldapDN)
throws IOException
{
throw new UnsupportedOperationException();
}
public EncodingException(String s) {
super(s);
@Override
public X509CRLSelector wrap(X509CRLSelector selector,
Collection<X500Principal> certIssuers,
String ldapDN)
throws IOException
{
throw new UnsupportedOperationException();
}
}
jdk/src/share/classes/sun/security/ssl/CipherBox.java
浏览文件 @ bbee31b3
/*
* Copyright (c) 1996, 2010, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -305,9 +305,11 @@ final class CipherBox {
byte[] buf = null;
int limit = bb.limit();
if (bb.hasArray()) {
int arrayOffset = bb.arrayOffset();
buf = bb.array();
System.arraycopy(buf, pos,
buf, pos + prefix.length, limit - pos);
System.arraycopy(buf, arrayOffset + pos,
buf, arrayOffset + pos + prefix.length,
limit - pos);
bb.limit(limit + prefix.length);
} else {
buf = new byte[limit - pos];
......@@ -491,9 +493,10 @@ final class CipherBox {
byte[] buf = null;
int limit = bb.limit();
if (bb.hasArray()) {
int arrayOffset = bb.arrayOffset();
buf = bb.array();
System.arraycopy(buf, pos + blockSize,
buf, pos, limit - pos - blockSize);
System.arraycopy(buf, arrayOffset + pos + blockSize,
buf, arrayOffset + pos, limit - pos - blockSize);
bb.limit(limit - blockSize);
} else {
buf = new byte[limit - pos - blockSize];
......
jdk/src/share/classes/sun/security/ssl/SSLSessionContextImpl.java
浏览文件 @ bbee31b3
/*
* Copyright (c) 1999, 2009, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -43,11 +43,14 @@ import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import sun.security.util.Cache;
import sun.security.util.Cache.CacheVisitor;
final class SSLSessionContextImpl implements SSLSessionContext {
private Cache sessionCache; // session cache, session id as key
private Cache sessionHostPortCache; // session cache, "host:port" as key
private Cache<SessionId, SSLSessionImpl> sessionCache;
// session cache, session id as key
private Cache<String, SSLSessionImpl> sessionHostPortCache;
// session cache, "host:port" as key
private int cacheLimit; // the max cache size
private int timeout; // timeout in seconds
......@@ -71,8 +74,7 @@ final class SSLSessionContextImpl implements SSLSessionContext {
throw new NullPointerException("session id cannot be null");
}
SSLSessionImpl sess =
(SSLSessionImpl)sessionCache.get(new SessionId(sessionId));
SSLSessionImpl sess = sessionCache.get(new SessionId(sessionId));
if (!isTimedout(sess)) {
return sess;
}
......@@ -157,8 +159,7 @@ final class SSLSessionContextImpl implements SSLSessionContext {
return null;
}
SSLSessionImpl sess =
(SSLSessionImpl)sessionHostPortCache.get(getKey(hostname, port));
SSLSessionImpl sess = sessionHostPortCache.get(getKey(hostname, port));
if (!isTimedout(sess)) {
return sess;
}
......@@ -193,7 +194,7 @@ final class SSLSessionContextImpl implements SSLSessionContext {
// package-private method, remove a cached SSLSession
void remove(SessionId key) {
SSLSessionImpl s = (SSLSessionImpl)sessionCache.get(key);
SSLSessionImpl s = sessionCache.get(key);
if (s != null) {
sessionCache.remove(key);
sessionHostPortCache.remove(
......@@ -233,17 +234,17 @@ final class SSLSessionContextImpl implements SSLSessionContext {
}
final class SessionCacheVisitor
implements sun.security.util.Cache.CacheVisitor {
implements Cache.CacheVisitor<SessionId, SSLSessionImpl> {
Vector<byte[]> ids = null;
// public void visit(java.util.Map<Object, Object> map) {}
public void visit(java.util.Map<Object, Object> map) {
ids = new Vector<byte[]>(map.size());
// public void visit(java.util.Map<K,V> map) {}
public void visit(java.util.Map<SessionId, SSLSessionImpl> map) {
ids = new Vector<>(map.size());
for (Object key : map.keySet()) {
SSLSessionImpl value = (SSLSessionImpl)map.get(key);
for (SessionId key : map.keySet()) {
SSLSessionImpl value = map.get(key);
if (!isTimedout(value)) {
ids.addElement(((SessionId)key).getId());
ids.addElement(key.getId());
}
}
}
......
jdk/src/share/classes/sun/security/timestamp/HttpTimestamper.java
浏览文件 @ bbee31b3
......@@ -28,13 +28,13 @@ package sun.security.timestamp;
import java.io.BufferedInputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.net.URI;
import java.net.URL;
import java.net.HttpURLConnection;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.*;
import sun.misc.IOUtils;
import sun.security.util.Debug;
/**
* A timestamper that communicates with a Timestamping Authority (TSA)
......@@ -58,20 +58,23 @@ public class HttpTimestamper implements Timestamper {
private static final String TS_REPLY_MIME_TYPE =
"application/timestamp-reply";
private static final boolean DEBUG = false;
private static final Debug debug = Debug.getInstance("ts");
/*
* HTTP URL identifying the location of the TSA
* HTTP URI identifying the location of the TSA
*/
private String tsaUrl = null;
private URI tsaURI = null;
/**
* Creates a timestamper that connects to the specified TSA.
*
* @param tsa The location of the TSA. It must be an HTTP URL.
* @param tsa The location of the TSA. It must be an HTTP URI.
* @throws IllegalArgumentException if tsaURI is not an HTTP URI
*/
public HttpTimestamper(String tsaUrl) {
this.tsaUrl = tsaUrl;
public HttpTimestamper(URI tsaURI) {
if (!tsaURI.getScheme().equalsIgnoreCase("http"))
throw new IllegalArgumentException("TSA must be an HTTP URI");
this.tsaURI = tsaURI;
}
/**
......@@ -85,7 +88,7 @@ public class HttpTimestamper implements Timestamper {
public TSResponse generateTimestamp(TSRequest tsQuery) throws IOException {
HttpURLConnection connection =
(HttpURLConnection) new URL(tsaUrl).openConnection();
(HttpURLConnection) tsaURI.toURL().openConnection();
connection.setDoOutput(true);
connection.setUseCaches(false); // ignore cache
connection.setRequestProperty("Content-Type", TS_QUERY_MIME_TYPE);
......@@ -93,15 +96,15 @@ public class HttpTimestamper implements Timestamper {
// Avoids the "hang" when a proxy is required but none has been set.
connection.setConnectTimeout(CONNECT_TIMEOUT);
if (DEBUG) {
if (debug != null) {
Set<Map.Entry<String, List<String>>> headers =
connection.getRequestProperties().entrySet();
System.out.println(connection.getRequestMethod() + " " + tsaUrl +
connection.getRequestProperties().entrySet();
debug.println(connection.getRequestMethod() + " " + tsaURI +
" HTTP/1.1");
for (Map.Entry<String, List<String>> entry : headers) {
System.out.println(" " + entry);
for (Map.Entry<String, List<String>> e : headers) {
debug.println(" " + e);
}
System.out.println();
debug.println();
}
connection.connect(); // No HTTP authentication is performed
......@@ -112,8 +115,8 @@ public class HttpTimestamper implements Timestamper {
byte[] request = tsQuery.encode();
output.write(request, 0, request.length);
output.flush();
if (DEBUG) {
System.out.println("sent timestamp query (length=" +
if (debug != null) {
debug.println("sent timestamp query (length=" +
request.length + ")");
}
} finally {
......@@ -127,17 +130,17 @@ public class HttpTimestamper implements Timestamper {
byte[] replyBuffer = null;
try {
input = new BufferedInputStream(connection.getInputStream());
if (DEBUG) {
if (debug != null) {
String header = connection.getHeaderField(0);
System.out.println(header);
debug.println(header);
int i = 1;
while ((header = connection.getHeaderField(i)) != null) {
String key = connection.getHeaderFieldKey(i);
System.out.println(" " + ((key==null) ? "" : key + ": ") +
debug.println(" " + ((key==null) ? "" : key + ": ") +
header);
i++;
}
System.out.println();
debug.println();
}
verifyMimeType(connection.getContentType());
......@@ -145,8 +148,8 @@ public class HttpTimestamper implements Timestamper {
int contentLength = connection.getContentLength();
replyBuffer = IOUtils.readFully(input, contentLength, false);
if (DEBUG) {
System.out.println("received timestamp response (length=" +
if (debug != null) {
debug.println("received timestamp response (length=" +
total + ")");
}
} finally {
......
jdk/src/share/classes/sun/security/timestamp/TSRequest.java
浏览文件 @ bbee31b3
/*
* Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -27,10 +27,13 @@ package sun.security.timestamp;
import java.io.IOException;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Extension;
import sun.security.util.DerValue;
import sun.security.util.DerOutputStream;
import sun.security.util.ObjectIdentifier;
import sun.security.x509.AlgorithmId;
/**
* This class provides a timestamp request, as defined in
......@@ -64,24 +67,9 @@ import sun.security.util.ObjectIdentifier;
public class TSRequest {
private static final ObjectIdentifier SHA1_OID;
private static final ObjectIdentifier MD5_OID;
static {
ObjectIdentifier sha1 = null;
ObjectIdentifier md5 = null;
try {
sha1 = new ObjectIdentifier("1.3.14.3.2.26");
md5 = new ObjectIdentifier("1.2.840.113549.2.5");
} catch (IOException ioe) {
// should not happen
}
SHA1_OID = sha1;
MD5_OID = md5;
}
private int version = 1;
private ObjectIdentifier hashAlgorithmId = null;
private AlgorithmId hashAlgorithmId = null;
private byte[] hashValue;
......@@ -94,30 +82,21 @@ public class TSRequest {
private X509Extension[] extensions = null;
/**
* Constructs a timestamp request for the supplied hash value..
* Constructs a timestamp request for the supplied data.
*
* @param hashValue The hash value. This is the data to be timestamped.
* @param hashAlgorithm The name of the hash algorithm.
* @param toBeTimeStamped The data to be timestamped.
* @param messageDigest The MessageDigest of the hash algorithm to use.
* @throws NoSuchAlgorithmException if the hash algorithm is not supported
*/
public TSRequest(byte[] hashValue, String hashAlgorithm) {
public TSRequest(byte[] toBeTimeStamped, MessageDigest messageDigest)
throws NoSuchAlgorithmException {
// Check the common hash algorithms
if ("MD5".equalsIgnoreCase(hashAlgorithm)) {
hashAlgorithmId = MD5_OID;
// Check that the hash value matches the hash algorithm
assert hashValue.length == 16;
} else if ("SHA-1".equalsIgnoreCase(hashAlgorithm) ||
"SHA".equalsIgnoreCase(hashAlgorithm) ||
"SHA1".equalsIgnoreCase(hashAlgorithm)) {
hashAlgorithmId = SHA1_OID;
// Check that the hash value matches the hash algorithm
assert hashValue.length == 20;
this.hashAlgorithmId = AlgorithmId.get(messageDigest.getAlgorithm());
this.hashValue = messageDigest.digest(toBeTimeStamped);
}
}
// Clone the hash value
this.hashValue = new byte[hashValue.length];
System.arraycopy(hashValue, 0, this.hashValue, 0, hashValue.length);
public byte[] getHashedMessage() {
return hashValue.clone();
}
/**
......@@ -176,9 +155,7 @@ public class TSRequest {
// encode messageImprint
DerOutputStream messageImprint = new DerOutputStream();
DerOutputStream hashAlgorithm = new DerOutputStream();
hashAlgorithm.putOID(hashAlgorithmId);
messageImprint.write(DerValue.tag_Sequence, hashAlgorithm);
hashAlgorithmId.encode(messageImprint);
messageImprint.putOctetString(hashValue);
request.write(DerValue.tag_Sequence, messageImprint);
......
jdk/src/share/classes/sun/security/timestamp/TSResponse.java
浏览文件 @ bbee31b3
......@@ -27,6 +27,7 @@ package sun.security.timestamp;
import java.io.IOException;
import sun.security.pkcs.PKCS7;
import sun.security.util.Debug;
import sun.security.util.DerValue;
/**
......@@ -175,18 +176,20 @@ public class TSResponse {
*/
public static final int SYSTEM_FAILURE = 25;
private static final boolean DEBUG = false;
private static final Debug debug = Debug.getInstance("ts");
private int status;
private String[] statusString = null;
private int failureInfo = -1;
private boolean[] failureInfo = null;
private byte[] encodedTsToken = null;
private PKCS7 tsToken = null;
private TimestampToken tstInfo;
/**
* Constructs an object to store the response to a timestamp request.
*
......@@ -215,11 +218,11 @@ public class TSResponse {
}
/**
* Retrieve the failure code returned by the TSA.
* Retrieve the failure info returned by the TSA.
*
* @return If -1 then no failure code was received.
* @return the failure info, or null if no failure code was received.
*/
public int getFailureCode() {
public boolean[] getFailureInfo() {
return failureInfo;
}
......@@ -250,42 +253,38 @@ public class TSResponse {
}
}
private boolean isSet(int position) {
return failureInfo[position];
}
public String getFailureCodeAsText() {
if (failureInfo == -1) {
return null;
if (failureInfo == null) {
return "";
}
switch (failureInfo) {
case BAD_ALG:
return "Unrecognized or unsupported alrorithm identifier.";
case BAD_REQUEST:
return "The requested transaction is not permitted or supported.";
case BAD_DATA_FORMAT:
return "The data submitted has the wrong format.";
case TIME_NOT_AVAILABLE:
return "The TSA's time source is not available.";
case UNACCEPTED_POLICY:
return "The requested TSA policy is not supported by the TSA.";
case UNACCEPTED_EXTENSION:
return "The requested extension is not supported by the TSA.";
case ADD_INFO_NOT_AVAILABLE:
return "The additional information requested could not be " +
"understood or is not available.";
case SYSTEM_FAILURE:
return "The request cannot be handled due to system failure.";
default:
return ("unknown status code " + status);
}
try {
if (isSet(BAD_ALG))
return "Unrecognized or unsupported algorithm identifier.";
if (isSet(BAD_REQUEST))
return "The requested transaction is not permitted or " +
"supported.";
if (isSet(BAD_DATA_FORMAT))
return "The data submitted has the wrong format.";
if (isSet(TIME_NOT_AVAILABLE))
return "The TSA's time source is not available.";
if (isSet(UNACCEPTED_POLICY))
return "The requested TSA policy is not supported by the TSA.";
if (isSet(UNACCEPTED_EXTENSION))
return "The requested extension is not supported by the TSA.";
if (isSet(ADD_INFO_NOT_AVAILABLE))
return "The additional information requested could not be " +
"understood or is not available.";
if (isSet(SYSTEM_FAILURE))
return "The request cannot be handled due to system failure.";
} catch (ArrayIndexOutOfBoundsException ex) {}
return ("unknown failure code");
}
/**
......@@ -297,6 +296,10 @@ public class TSResponse {
return tsToken;
}
public TimestampToken getTimestampToken() {
return tstInfo;
}
/**
* Retrieve the ASN.1 BER encoded timestamp token returned by the TSA.
*
......@@ -323,29 +326,30 @@ public class TSResponse {
// Parse status
DerValue status = derValue.data.getDerValue();
// Parse status
this.status = status.data.getInteger();
if (DEBUG) {
System.out.println("timestamp response: status=" + this.status);
DerValue statusInfo = derValue.data.getDerValue();
this.status = statusInfo.data.getInteger();
if (debug != null) {
debug.println("timestamp response: status=" + this.status);
}
// Parse statusString, if present
if (status.data.available() > 0) {
DerValue[] strings = status.data.getSequence(1);
statusString = new String[strings.length];
for (int i = 0; i < strings.length; i++) {
statusString[i] = strings[i].data.getUTF8String();
if (statusInfo.data.available() > 0) {
byte tag = (byte)statusInfo.data.peekByte();
if (tag == DerValue.tag_SequenceOf) {
DerValue[] strings = statusInfo.data.getSequence(1);
statusString = new String[strings.length];
for (int i = 0; i < strings.length; i++) {
statusString[i] = strings[i].getUTF8String();
if (debug != null) {
debug.println("timestamp response: statusString=" +
statusString[i]);
}
}
}
}
// Parse failInfo, if present
if (status.data.available() > 0) {
byte[] failInfo = status.data.getBitString();
int failureInfo = (new Byte(failInfo[0])).intValue();
if (failureInfo < 0 || failureInfo > 25 || failInfo.length != 1) {
throw new IOException("Bad encoding for timestamp response: " +
"unrecognized value for the failInfo element");
}
this.failureInfo = failureInfo;
if (statusInfo.data.available() > 0) {
this.failureInfo
= statusInfo.data.getUnalignedBitString().toBooleanArray();
}
// Parse timeStampToken, if present
......@@ -353,6 +357,7 @@ public class TSResponse {
DerValue timestampToken = derValue.data.getDerValue();
encodedTsToken = timestampToken.toByteArray();
tsToken = new PKCS7(encodedTsToken);
tstInfo = new TimestampToken(tsToken.getContentInfo().getData());
}
// Check the format of the timestamp response
......
jdk/src/share/classes/sun/security/x509/CertAndKeyGen.java jdk/src/share/classes/sun/security/tools/CertAndKeyGen.java
浏览文件 @ bbee31b3
......@@ -23,7 +23,7 @@
* questions.
*/
package sun.security.x509;
package sun.security.tools;
import java.io.IOException;
import java.security.cert.X509Certificate;
......@@ -32,7 +32,19 @@ import java.security.cert.CertificateEncodingException;
import java.security.*;
import java.util.Date;
import sun.security.pkcs.PKCS10;
import sun.security.pkcs10.PKCS10;
import sun.security.x509.AlgorithmId;
import sun.security.x509.CertificateAlgorithmId;
import sun.security.x509.CertificateIssuerName;
import sun.security.x509.CertificateSerialNumber;
import sun.security.x509.CertificateSubjectName;
import sun.security.x509.CertificateValidity;
import sun.security.x509.CertificateVersion;
import sun.security.x509.CertificateX509Key;
import sun.security.x509.X500Name;
import sun.security.x509.X509CertImpl;
import sun.security.x509.X509CertInfo;
import sun.security.x509.X509Key;
/**
......
jdk/src/share/classes/sun/security/tools/JarSigner.java
浏览文件 @ bbee31b3
......@@ -1277,11 +1277,10 @@ public class JarSigner {
System.out.println(rb.getString("TSA.location.") + tsaUrl);
}
if (tsaCert != null) {
String certUrl =
TimestampedSigner.getTimestampingUrl(tsaCert);
if (certUrl != null) {
URI tsaURI = TimestampedSigner.getTimestampingURI(tsaCert);
if (tsaURI != null) {
System.out.println(rb.getString("TSA.location.") +
certUrl);
tsaURI);
}
System.out.println(rb.getString("TSA.certificate.") +
printCert("", tsaCert, false, 0, false));
......
jdk/src/share/classes/sun/security/tools/KeyTool.java
浏览文件 @ bbee31b3
......@@ -38,10 +38,12 @@ import java.security.Signature;
import java.security.Timestamp;
import java.security.UnrecoverableEntryException;
import java.security.UnrecoverableKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.Provider;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.CertStoreException;
import java.security.cert.CRL;
import java.security.cert.X509Certificate;
import java.security.cert.CertificateException;
......@@ -63,23 +65,16 @@ import java.security.cert.X509CRLSelector;
import javax.security.auth.x500.X500Principal;
import sun.misc.BASE64Encoder;
import sun.security.util.ObjectIdentifier;
import sun.security.pkcs.PKCS10;
import sun.security.pkcs10.PKCS10;
import sun.security.pkcs10.PKCS10Attribute;
import sun.security.provider.X509Factory;
import sun.security.provider.certpath.CertStoreHelper;
import sun.security.util.Password;
import sun.security.util.PathList;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import sun.misc.BASE64Decoder;
import sun.security.pkcs.PKCS10Attribute;
import sun.security.pkcs.PKCS9Attribute;
import sun.security.provider.certpath.ldap.LDAPCertStoreHelper;
import sun.security.util.DerValue;
import sun.security.x509.*;
......@@ -917,18 +912,13 @@ public final class KeyTool {
// Perform the specified command
if (command == CERTREQ) {
PrintStream ps = null;
if (filename != null) {
ps = new PrintStream(new FileOutputStream
(filename));
out = ps;
}
try {
doCertReq(alias, sigAlgName, out);
} finally {
if (ps != null) {
ps.close();
try (PrintStream ps = new PrintStream(new FileOutputStream
(filename))) {
doCertReq(alias, sigAlgName, ps);
}
} else {
doCertReq(alias, sigAlgName, out);
}
if (verbose && filename != null) {
MessageFormat form = new MessageFormat(rb.getString
......@@ -941,18 +931,13 @@ public final class KeyTool {
doDeleteEntry(alias);
kssave = true;
} else if (command == EXPORTCERT) {
PrintStream ps = null;
if (filename != null) {
ps = new PrintStream(new FileOutputStream
(filename));
out = ps;
}
try {
doExportCert(alias, out);
} finally {
if (ps != null) {
ps.close();
try (PrintStream ps = new PrintStream(new FileOutputStream
(filename))) {
doExportCert(alias, ps);
}
} else {
doExportCert(alias, out);
}
if (filename != null) {
MessageFormat form = new MessageFormat(rb.getString
......@@ -973,16 +958,12 @@ public final class KeyTool {
doGenSecretKey(alias, keyAlgName, keysize);
kssave = true;
} else if (command == IDENTITYDB) {
InputStream inStream = System.in;
if (filename != null) {
inStream = new FileInputStream(filename);
}
try {
doImportIdentityDatabase(inStream);
} finally {
if (inStream != System.in) {
inStream.close();
try (InputStream inStream = new FileInputStream(filename)) {
doImportIdentityDatabase(inStream);
}
} else {
doImportIdentityDatabase(System.in);
}
} else if (command == IMPORTCERT) {
InputStream inStream = System.in;
......@@ -1101,29 +1082,21 @@ public final class KeyTool {
if (alias == null) {
alias = keyAlias;
}
PrintStream ps = null;
if (filename != null) {
ps = new PrintStream(new FileOutputStream(filename));
out = ps;
}
try {
doGenCRL(out);
} finally {
if (ps != null) {
ps.close();
try (PrintStream ps =
new PrintStream(new FileOutputStream(filename))) {
doGenCRL(ps);
}
} else {
doGenCRL(out);
}
} else if (command == PRINTCERTREQ) {
InputStream inStream = System.in;
if (filename != null) {
inStream = new FileInputStream(filename);
}
try {
doPrintCertReq(inStream, out);
} finally {
if (inStream != System.in) {
inStream.close();
try (InputStream inStream = new FileInputStream(filename)) {
doPrintCertReq(inStream, out);
}
} else {
doPrintCertReq(System.in, out);
}
} else if (command == PRINTCRL) {
doPrintCRL(filename, out);
......@@ -2070,12 +2043,13 @@ public final class KeyTool {
}
}
} else { // must be LDAP, and uri is not null
// Lazily load LDAPCertStoreHelper if present
CertStoreHelper helper = CertStoreHelper.getInstance("LDAP");
String path = uri.getPath();
if (path.charAt(0) == '/') path = path.substring(1);
LDAPCertStoreHelper h = new LDAPCertStoreHelper();
CertStore s = h.getCertStore(uri);
CertStore s = helper.getCertStore(uri);
X509CRLSelector sel =
h.wrap(new X509CRLSelector(), null, path);
helper.wrap(new X509CRLSelector(), null, path);
return s.getCRLs(sel);
}
}
......@@ -2259,18 +2233,12 @@ public final class KeyTool {
int pos = 0;
while (entries.hasMoreElements()) {
JarEntry je = entries.nextElement();
InputStream is = null;
try {
is = jf.getInputStream(je);
try (InputStream is = jf.getInputStream(je)) {
while (is.read(buffer) != -1) {
// we just read. this will throw a SecurityException
// if a signature/digest check fails. This also
// populate the signers
}
} finally {
if (is != null) {
is.close();
}
}
CodeSigner[] signers = je.getCodeSigners();
if (signers != null) {
......@@ -2316,85 +2284,52 @@ public final class KeyTool {
out.println(rb.getString("Not.a.signed.jar.file"));
}
} else if (sslserver != null) {
SSLContext sc = SSLContext.getInstance("SSL");
final boolean[] certPrinted = new boolean[1];
sc.init(null, new TrustManager[] {
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
// Lazily load SSLCertStoreHelper if present
CertStoreHelper helper = CertStoreHelper.getInstance("SSLServer");
CertStore cs = helper.getCertStore(new URI("https://" + sslserver));
Collection<? extends Certificate> chain;
try {
chain = cs.getCertificates(null);
if (chain.isEmpty()) {
// If the certs are not retrieved, we consider it an error
// even if the URL connection is successful.
throw new Exception(rb.getString(
"No.certificate.from.the.SSL.server"));
}
} catch (CertStoreException cse) {
if (cse.getCause() instanceof IOException) {
throw new Exception(rb.getString(
"No.certificate.from.the.SSL.server"),
cse.getCause());
} else {
throw cse;
}
}
public void checkClientTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
int i = 0;
for (Certificate cert : chain) {
try {
if (rfc) {
dumpCert(cert, out);
} else {
out.println("Certificate #" + i++);
out.println("====================================");
printX509Cert((X509Certificate)cert, out);
out.println();
}
public void checkServerTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
for (int i=0; i<certs.length; i++) {
X509Certificate cert = certs[i];
try {
if (rfc) {
dumpCert(cert, out);
} else {
out.println("Certificate #" + i);
out.println("====================================");
printX509Cert(cert, out);
out.println();
}
} catch (Exception e) {
if (debug) {
e.printStackTrace();
}
}
}
// Set to true where there's something to print
if (certs.length > 0) {
certPrinted[0] = true;
}
} catch (Exception e) {
if (debug) {
e.printStackTrace();
}
}
}, null);
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(
new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;
}
});
// HTTPS instead of raw SSL, so that -Dhttps.proxyHost and
// -Dhttps.proxyPort can be used. Since we only go through
// the handshake process, an HTTPS server is not needed.
// This program should be able to deal with any SSL-based
// network service.
Exception ex = null;
try {
new URL("https://" + sslserver).openConnection().connect();
} catch (Exception e) {
ex = e;
}
// If the certs are not printed out, we consider it an error even
// if the URL connection is successful.
if (!certPrinted[0]) {
Exception e = new Exception(
rb.getString("No.certificate.from.the.SSL.server"));
if (ex != null) {
e.initCause(ex);
}
throw e;
}
} else {
InputStream inStream = System.in;
if (filename != null) {
inStream = new FileInputStream(filename);
}
try {
printCertFromStream(inStream, out);
} finally {
if (inStream != System.in) {
inStream.close();
try (FileInputStream inStream = new FileInputStream(filename)) {
printCertFromStream(inStream, out);
}
} else {
printCertFromStream(System.in, out);
}
}
}
......@@ -2590,9 +2525,7 @@ public final class KeyTool {
X509Certificate cert = null;
try {
cert = (X509Certificate)cf.generateCertificate(in);
} catch (ClassCastException cce) {
throw new Exception(rb.getString("Input.not.an.X.509.certificate"));
} catch (CertificateException ce) {
} catch (ClassCastException | CertificateException ce) {
throw new Exception(rb.getString("Input.not.an.X.509.certificate"));
}
......@@ -3441,16 +3374,10 @@ public final class KeyTool {
if (!file.exists()) {
return null;
}
FileInputStream fis = null;
KeyStore caks = null;
try {
fis = new FileInputStream(file);
try (FileInputStream fis = new FileInputStream(file)) {
caks = KeyStore.getInstance(JKS);
caks.load(fis, null);
} finally {
if (fis != null) {
fis.close();
}
}
return caks;
}
......
jdk/src/share/classes/sun/security/util/PathList.java jdk/src/share/classes/sun/security/tools/PathList.java
浏览文件 @ bbee31b3
/*
* Copyright (c) 2004, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2004, 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -23,7 +23,7 @@
* questions.
*/
package sun.security.util;
package sun.security.tools;
import java.io.File;
import java.io.IOException;
......
jdk/src/share/classes/sun/security/tools/TimestampedSigner.java
浏览文件 @ bbee31b3
......@@ -25,22 +25,14 @@
package sun.security.tools;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.net.URI;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.List;
import com.sun.jarsigner.*;
import java.util.Arrays;
import sun.security.pkcs.*;
import sun.security.timestamp.*;
import sun.security.pkcs.PKCS7;
import sun.security.util.*;
import sun.security.x509.*;
......@@ -56,36 +48,12 @@ import sun.security.x509.*;
public final class TimestampedSigner extends ContentSigner {
/*
* Random number generator for creating nonce values
*/
private static final SecureRandom RANDOM;
static {
SecureRandom tmp = null;
try {
tmp = SecureRandom.getInstance("SHA1PRNG");
} catch (NoSuchAlgorithmException e) {
// should not happen
}
RANDOM = tmp;
}
/*
* Object identifier for the subject information access X.509 certificate
* extension.
*/
private static final String SUBJECT_INFO_ACCESS_OID = "1.3.6.1.5.5.7.1.11";
/*
* Object identifier for the timestamping key purpose.
*/
private static final String KP_TIMESTAMPING_OID = "1.3.6.1.5.5.7.3.8";
/*
* Object identifier for extendedKeyUsage extension
*/
private static final String EXTENDED_KEY_USAGE_OID = "2.5.29.37";
/*
* Object identifier for the timestamping access descriptors.
*/
......@@ -100,26 +68,6 @@ public final class TimestampedSigner extends ContentSigner {
AD_TIMESTAMPING_Id = tmp;
}
/*
* Location of the TSA.
*/
private String tsaUrl = null;
/*
* TSA's X.509 certificate.
*/
private X509Certificate tsaCertificate = null;
/*
* Generates an SHA-1 hash value for the data to be timestamped.
*/
private MessageDigest messageDigest = null;
/*
* Parameters for the timestamping protocol.
*/
private boolean tsRequestCertificate = true;
/**
* Instantiates a content signer that supports timestamped signatures.
*/
......@@ -134,7 +82,7 @@ public final class TimestampedSigner extends ContentSigner {
* and optionally the content that was signed, are packaged into a PKCS #7
* signed data message.
*
* @param parameters The non-null input parameters.
* @param params The non-null input parameters.
* @param omitContent true if the content should be omitted from the
* signed data message. Otherwise the content is included.
* @param applyTimestamp true if the signature should be timestamped.
......@@ -151,98 +99,41 @@ public final class TimestampedSigner extends ContentSigner {
* @throws NullPointerException The exception is thrown if parameters is
* null.
*/
public byte[] generateSignedData(ContentSignerParameters parameters,
public byte[] generateSignedData(ContentSignerParameters params,
boolean omitContent, boolean applyTimestamp)
throws NoSuchAlgorithmException, CertificateException, IOException {
if (parameters == null) {
if (params == null) {
throw new NullPointerException();
}
// Parse the signature algorithm to extract the digest and key
// algorithms. The expected format is:
// Parse the signature algorithm to extract the digest
// algorithm. The expected format is:
// "<digest>with<encryption>"
// or "<digest>with<encryption>and<mgf>"
String signatureAlgorithm = parameters.getSignatureAlgorithm();
String keyAlgorithm =
AlgorithmId.getEncAlgFromSigAlg(signatureAlgorithm);
String digestAlgorithm =
AlgorithmId.getDigAlgFromSigAlg(signatureAlgorithm);
AlgorithmId digestAlgorithmId = AlgorithmId.get(digestAlgorithm);
String signatureAlgorithm = params.getSignatureAlgorithm();
// Examine signer's certificate
X509Certificate[] signerCertificateChain =
parameters.getSignerCertificateChain();
Principal issuerName = signerCertificateChain[0].getIssuerDN();
if (!(issuerName instanceof X500Name)) {
// must extract the original encoded form of DN for subsequent
// name comparison checks (converting to a String and back to
// an encoded DN could cause the types of String attribute
// values to be changed)
X509CertInfo tbsCert = new
X509CertInfo(signerCertificateChain[0].getTBSCertificate());
issuerName = (Principal)
tbsCert.get(CertificateIssuerName.NAME + "." +
CertificateIssuerName.DN_NAME);
}
BigInteger serialNumber = signerCertificateChain[0].getSerialNumber();
X509Certificate[] signerChain = params.getSignerCertificateChain();
byte[] signature = params.getSignature();
// Include or exclude content
byte[] content = parameters.getContent();
ContentInfo contentInfo;
if (omitContent) {
contentInfo = new ContentInfo(ContentInfo.DATA_OID, null);
} else {
contentInfo = new ContentInfo(content);
}
byte[] content = (omitContent == true) ? null : params.getContent();
// Generate the timestamp token
byte[] signature = parameters.getSignature();
SignerInfo signerInfo = null;
URI tsaURI = null;
if (applyTimestamp) {
tsaCertificate = parameters.getTimestampingAuthorityCertificate();
URI tsaUri = parameters.getTimestampingAuthority();
if (tsaUri != null) {
tsaUrl = tsaUri.toString();
} else {
tsaURI = params.getTimestampingAuthority();
if (tsaURI == null) {
// Examine TSA cert
String certUrl = getTimestampingUrl(tsaCertificate);
if (certUrl == null) {
tsaURI = getTimestampingURI(
params.getTimestampingAuthorityCertificate());
if (tsaURI == null) {
throw new CertificateException(
"Subject Information Access extension not found");
}
tsaUrl = certUrl;
}
// Timestamp the signature
byte[] tsToken = generateTimestampToken(signature);
// Insert the timestamp token into the PKCS #7 signer info element
// (as an unsigned attribute)
PKCS9Attributes unsignedAttrs =
new PKCS9Attributes(new PKCS9Attribute[]{
new PKCS9Attribute(
PKCS9Attribute.SIGNATURE_TIMESTAMP_TOKEN_STR,
tsToken)});
signerInfo = new SignerInfo((X500Name)issuerName, serialNumber,
digestAlgorithmId, null, AlgorithmId.get(keyAlgorithm),
signature, unsignedAttrs);
} else {
signerInfo = new SignerInfo((X500Name)issuerName, serialNumber,
digestAlgorithmId, AlgorithmId.get(keyAlgorithm), signature);
}
SignerInfo[] signerInfos = {signerInfo};
AlgorithmId[] algorithms = {digestAlgorithmId};
// Create the PKCS #7 signed data message
PKCS7 p7 = new PKCS7(algorithms, contentInfo, signerCertificateChain,
null, signerInfos);
ByteArrayOutputStream p7out = new ByteArrayOutputStream();
p7.encodeSignedData(p7out);
return p7out.toByteArray();
return PKCS7.generateSignedData(signature, signerChain, content,
params.getSignatureAlgorithm(), tsaURI);
}
/**
......@@ -253,9 +144,9 @@ public final class TimestampedSigner extends ContentSigner {
* <tt>accessLocation</tt> field should contain an HTTP or HTTPS URL.
*
* @param tsaCertificate An X.509 certificate for the TSA.
* @return An HTTP or HTTPS URL or null if none was found.
* @return An HTTP or HTTPS URI or null if none was found.
*/
public static String getTimestampingUrl(X509Certificate tsaCertificate) {
public static URI getTimestampingURI(X509Certificate tsaCertificate) {
if (tsaCertificate == null) {
return null;
......@@ -282,7 +173,7 @@ public final class TimestampedSigner extends ContentSigner {
uri = (URIName) location.getName();
if (uri.getScheme().equalsIgnoreCase("http") ||
uri.getScheme().equalsIgnoreCase("https")) {
return uri.getName();
return uri.getURI();
}
}
}
......@@ -292,97 +183,4 @@ public final class TimestampedSigner extends ContentSigner {
}
return null;
}
/*
* Returns a timestamp token from a TSA for the given content.
* Performs a basic check on the token to confirm that it has been signed
* by a certificate that is permitted to sign timestamps.
*
* @param toBeTimestamped The data to be timestamped.
* @throws IOException The exception is throw if an error occurs while
* communicating with the TSA.
* @throws CertificateException The exception is throw if the TSA's
* certificate is not permitted for timestamping.
*/
private byte[] generateTimestampToken(byte[] toBeTimestamped)
throws CertificateException, IOException {
// Generate hash value for the data to be timestamped
// SHA-1 is always used.
if (messageDigest == null) {
try {
messageDigest = MessageDigest.getInstance("SHA-1");
} catch (NoSuchAlgorithmException e) {
// ignore
}
}
byte[] digest = messageDigest.digest(toBeTimestamped);
// Generate a timestamp
TSRequest tsQuery = new TSRequest(digest, "SHA-1");
// Generate a nonce
BigInteger nonce = null;
if (RANDOM != null) {
nonce = new BigInteger(64, RANDOM);
tsQuery.setNonce(nonce);
}
tsQuery.requestCertificate(tsRequestCertificate);
Timestamper tsa = new HttpTimestamper(tsaUrl); // use supplied TSA
TSResponse tsReply = tsa.generateTimestamp(tsQuery);
int status = tsReply.getStatusCode();
// Handle TSP error
if (status != 0 && status != 1) {
int failureCode = tsReply.getFailureCode();
if (failureCode == -1) {
throw new IOException("Error generating timestamp: " +
tsReply.getStatusCodeAsText());
} else {
throw new IOException("Error generating timestamp: " +
tsReply.getStatusCodeAsText() + " " +
tsReply.getFailureCodeAsText());
}
}
PKCS7 tsToken = tsReply.getToken();
TimestampToken tst = new TimestampToken(tsToken.getContentInfo().getData());
if (!tst.getHashAlgorithm().equals(
new AlgorithmId(new ObjectIdentifier("1.3.14.3.2.26")))) {
throw new IOException("Digest algorithm not SHA-1 in timestamp token");
}
if (!Arrays.equals(tst.getHashedMessage(), digest)) {
throw new IOException("Digest octets changed in timestamp token");
}
BigInteger replyNonce = tst.getNonce();
if (replyNonce == null && nonce != null) {
throw new IOException("Nonce missing in timestamp token");
}
if (replyNonce != null && !replyNonce.equals(nonce)) {
throw new IOException("Nonce changed in timestamp token");
}
// Examine the TSA's certificate (if present)
for (SignerInfo si: tsToken.getSignerInfos()) {
X509Certificate cert = si.getCertificate(tsToken);
if (cert == null) {
// Error, we've already set tsRequestCertificate = true
throw new CertificateException(
"Certificate not included in timestamp token");
} else {
if (!cert.getCriticalExtensionOIDs().contains(
EXTENDED_KEY_USAGE_OID)) {
throw new CertificateException(
"Certificate is not valid for timestamping");
}
List<String> keyPurposes = cert.getExtendedKeyUsage();
if (keyPurposes == null ||
! keyPurposes.contains(KP_TIMESTAMPING_OID)) {
throw new CertificateException(
"Certificate is not valid for timestamping");
}
}
}
return tsReply.getEncodedToken();
}
}
jdk/src/share/classes/sun/security/util/BigInt.java 已删除 100644 → 0
浏览文件 @ 5e0985a0
/*
* Copyright (c) 1996, 2006, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package sun.security.util;
import java.math.BigInteger;
/**
* A low-overhead arbitrary-precision <em>unsigned</em> integer.
* This is intended for use with ASN.1 parsing, and printing of
* such parsed values. Convert to "BigInteger" if you need to do
* arbitrary precision arithmetic, rather than just represent
* the number as a wrapped array of bytes.
*
* <P><em><b>NOTE:</b> This class may eventually disappear, to
* be supplanted by big-endian byte arrays which hold both signed
* and unsigned arbitrary-precision integers.</em>
*
* @author David Brownell
*/
public final class BigInt {
// Big endian -- MSB first.
private byte[] places;
/**
* Constructs a "Big" integer from a set of (big-endian) bytes.
* Leading zeroes should be stripped off.
*
* @param data a sequence of bytes, most significant bytes/digits
* first. CONSUMED.
*/
public BigInt(byte[] data) { places = data.clone(); }
/**
* Constructs a "Big" integer from a "BigInteger", which must be
* positive (or zero) in value.
*/
public BigInt(BigInteger i) {
byte[] temp = i.toByteArray();
if ((temp[0] & 0x80) != 0)
throw new IllegalArgumentException("negative BigInteger");
// XXX we assume exactly _one_ sign byte is used...
if (temp[0] != 0)
places = temp;
else {
places = new byte[temp.length - 1];
for (int j = 1; j < temp.length; j++)
places[j - 1] = temp[j];
}
}
/**
* Constructs a "Big" integer from a normal Java integer.
*
* @param i the java primitive integer
*/
public BigInt(int i) {
if (i < (1 << 8)) {
places = new byte[1];
places[0] = (byte) i;
} else if (i < (1 << 16)) {
places = new byte[2];
places[0] = (byte) (i >> 8);
places[1] = (byte) i;
} else if (i < (1 << 24)) {
places = new byte[3];
places[0] = (byte) (i >> 16);
places[1] = (byte) (i >> 8);
places[2] = (byte) i;
} else {
places = new byte[4];
places[0] = (byte) (i >> 24);
places[1] = (byte) (i >> 16);
places[2] = (byte) (i >> 8);
places[3] = (byte) i;
}
}
/**
* Converts the "big" integer to a java primitive integer.
*
* @excpet NumberFormatException if 32 bits is insufficient.
*/
public int toInt() {
if (places.length > 4)
throw new NumberFormatException("BigInt.toLong, too big");
int retval = 0, i = 0;
for (; i < places.length; i++)
retval = (retval << 8) + ((int)places[i] & 0xff);
return retval;
}
/**
* Returns a hexadecimal printed representation. The value is
* formatted to fit on lines of at least 75 characters, with
* embedded newlines. Words are separated for readability,
* with eight words (32 bytes) per line.
*/
public String toString() { return hexify(); }
/**
* Returns a BigInteger value which supports many arithmetic
* operations. Assumes negative values will never occur.
*/
public BigInteger toBigInteger()
{ return new BigInteger(1, places); }
/**
* Returns the data as a byte array. The most significant bit
* of the array is bit zero (as in <code>java.math.BigInteger</code>).
*/
public byte[] toByteArray() { return places.clone(); }
private static final String digits = "0123456789abcdef";
private String hexify() {
if (places.length == 0)
return " 0 ";
StringBuffer buf = new StringBuffer(places.length * 2);
buf.append(" "); // four spaces
for (int i = 0; i < places.length; i++) {
buf.append(digits.charAt((places[i] >> 4) & 0x0f));
buf.append(digits.charAt(places[i] & 0x0f));
if (((i + 1) % 32) == 0) {
if ((i + 1) != places.length)
buf.append("\n "); // line after four words
} else if (((i + 1) % 4) == 0)
buf.append(' '); // space between words
}
return buf.toString();
}
/**
* Returns true iff the parameter is a numerically equivalent
* BigInt.
*
* @param other the object being compared with this one.
*/
public boolean equals(Object other) {
if (other instanceof BigInt)
return equals((BigInt) other);
return false;
}
/**
* Returns true iff the parameter is numerically equivalent.
*
* @param other the BigInt being compared with this one.
*/
public boolean equals(BigInt other) {
if (this == other)
return true;
byte[] otherPlaces = other.toByteArray();
if (places.length != otherPlaces.length)
return false;
for (int i = 0; i < places.length; i++)
if (places[i] != otherPlaces[i])
return false;
return true;
}
/**
* Returns a hashcode for this BigInt.
*
* @return a hashcode for this BigInt.
*/
public int hashCode() {
return hexify().hashCode();
}
}
jdk/src/share/classes/sun/security/util/Cache.java
浏览文件 @ bbee31b3
......@@ -43,7 +43,7 @@ import java.lang.ref.*;
*
* . optional lifetime, specified in seconds.
*
* . save for concurrent use by multiple threads
* . safe for concurrent use by multiple threads
*
* . values are held by either standard references or via SoftReferences.
* SoftReferences have the advantage that they are automatically cleared
......@@ -69,7 +69,7 @@ import java.lang.ref.*;
*
* @author Andreas Sterbenz
*/
public abstract class Cache {
public abstract class Cache<K,V> {
protected Cache() {
// empty
......@@ -88,12 +88,12 @@ public abstract class Cache {
/**
* Add an entry to the cache.
*/
public abstract void put(Object key, Object value);
public abstract void put(K key, V value);
/**
* Get a value from the cache.
*/
public abstract Object get(Object key);
public abstract V get(Object key);
/**
* Remove an entry from the cache.
......@@ -113,14 +113,14 @@ public abstract class Cache {
/**
* accept a visitor
*/
public abstract void accept(CacheVisitor visitor);
public abstract void accept(CacheVisitor<K,V> visitor);
/**
* Return a new memory cache with the specified maximum size, unlimited
* lifetime for entries, with the values held by SoftReferences.
*/
public static Cache newSoftMemoryCache(int size) {
return new MemoryCache(true, size);
public static <K,V> Cache<K,V> newSoftMemoryCache(int size) {
return new MemoryCache<>(true, size);
}
/**
......@@ -128,23 +128,24 @@ public abstract class Cache {
* specified maximum lifetime (in seconds), with the values held
* by SoftReferences.
*/
public static Cache newSoftMemoryCache(int size, int timeout) {
return new MemoryCache(true, size, timeout);
public static <K,V> Cache<K,V> newSoftMemoryCache(int size, int timeout) {
return new MemoryCache<>(true, size, timeout);
}
/**
* Return a new memory cache with the specified maximum size, unlimited
* lifetime for entries, with the values held by standard references.
*/
public static Cache newHardMemoryCache(int size) {
return new MemoryCache(false, size);
public static <K,V> Cache<K,V> newHardMemoryCache(int size) {
return new MemoryCache<>(false, size);
}
/**
* Return a dummy cache that does nothing.
*/
public static Cache newNullCache() {
return NullCache.INSTANCE;
@SuppressWarnings("unchecked")
public static <K,V> Cache<K,V> newNullCache() {
return (Cache<K,V>) NullCache.INSTANCE;
}
/**
......@@ -152,8 +153,8 @@ public abstract class Cache {
* specified maximum lifetime (in seconds), with the values held
* by standard references.
*/
public static Cache newHardMemoryCache(int size, int timeout) {
return new MemoryCache(false, size, timeout);
public static <K,V> Cache<K,V> newHardMemoryCache(int size, int timeout) {
return new MemoryCache<>(false, size, timeout);
}
/**
......@@ -193,15 +194,15 @@ public abstract class Cache {
}
}
public interface CacheVisitor {
public void visit(Map<Object, Object> map);
public interface CacheVisitor<K,V> {
public void visit(Map<K,V> map);
}
}
class NullCache extends Cache {
class NullCache<K,V> extends Cache<K,V> {
final static Cache INSTANCE = new NullCache();
final static Cache<Object,Object> INSTANCE = new NullCache<>();
private NullCache() {
// empty
......@@ -215,11 +216,11 @@ class NullCache extends Cache {
// empty
}
public void put(Object key, Object value) {
public void put(K key, V value) {
// empty
}
public Object get(Object key) {
public V get(Object key) {
return null;
}
......@@ -235,23 +236,26 @@ class NullCache extends Cache {
// empty
}
public void accept(CacheVisitor visitor) {
public void accept(CacheVisitor<K,V> visitor) {
// empty
}
}
class MemoryCache extends Cache {
class MemoryCache<K,V> extends Cache<K,V> {
private final static float LOAD_FACTOR = 0.75f;
// XXXX
private final static boolean DEBUG = false;
private final Map<Object, CacheEntry> cacheMap;
private final Map<K, CacheEntry<K,V>> cacheMap;
private int maxSize;
private long lifetime;
private final ReferenceQueue<Object> queue;
// ReferenceQueue is of type V instead of Cache<K,V>
// to allow SoftCacheEntry to extend SoftReference<V>
private final ReferenceQueue<V> queue;
public MemoryCache(boolean soft, int maxSize) {
this(soft, maxSize, 0);
......@@ -260,10 +264,13 @@ class MemoryCache extends Cache {
public MemoryCache(boolean soft, int maxSize, int lifetime) {
this.maxSize = maxSize;
this.lifetime = lifetime * 1000;
this.queue = soft ? new ReferenceQueue<Object>() : null;
if (soft)
this.queue = new ReferenceQueue<>();
else
this.queue = null;
int buckets = (int)(maxSize / LOAD_FACTOR) + 1;
cacheMap = new LinkedHashMap<Object, CacheEntry>(buckets,
LOAD_FACTOR, true);
cacheMap = new LinkedHashMap<>(buckets, LOAD_FACTOR, true);
}
/**
......@@ -279,16 +286,17 @@ class MemoryCache extends Cache {
}
int startSize = cacheMap.size();
while (true) {
CacheEntry entry = (CacheEntry)queue.poll();
@SuppressWarnings("unchecked")
CacheEntry<K,V> entry = (CacheEntry<K,V>)queue.poll();
if (entry == null) {
break;
}
Object key = entry.getKey();
K key = entry.getKey();
if (key == null) {
// key is null, entry has already been removed
continue;
}
CacheEntry currentEntry = cacheMap.remove(key);
CacheEntry<K,V> currentEntry = cacheMap.remove(key);
// check if the entry in the map corresponds to the expired
// entry. If not, readd the entry
if ((currentEntry != null) && (entry != currentEntry)) {
......@@ -314,9 +322,9 @@ class MemoryCache extends Cache {
}
int cnt = 0;
long time = System.currentTimeMillis();
for (Iterator<CacheEntry> t = cacheMap.values().iterator();
for (Iterator<CacheEntry<K,V>> t = cacheMap.values().iterator();
t.hasNext(); ) {
CacheEntry entry = t.next();
CacheEntry<K,V> entry = t.next();
if (entry.isValid(time) == false) {
t.remove();
cnt++;
......@@ -339,7 +347,7 @@ class MemoryCache extends Cache {
if (queue != null) {
// if this is a SoftReference cache, first invalidate() all
// entries so that GC does not have to enqueue them
for (CacheEntry entry : cacheMap.values()) {
for (CacheEntry<K,V> entry : cacheMap.values()) {
entry.invalidate();
}
while (queue.poll() != null) {
......@@ -349,12 +357,12 @@ class MemoryCache extends Cache {
cacheMap.clear();
}
public synchronized void put(Object key, Object value) {
public synchronized void put(K key, V value) {
emptyQueue();
long expirationTime = (lifetime == 0) ? 0 :
System.currentTimeMillis() + lifetime;
CacheEntry newEntry = newEntry(key, value, expirationTime, queue);
CacheEntry oldEntry = cacheMap.put(key, newEntry);
CacheEntry<K,V> newEntry = newEntry(key, value, expirationTime, queue);
CacheEntry<K,V> oldEntry = cacheMap.put(key, newEntry);
if (oldEntry != null) {
oldEntry.invalidate();
return;
......@@ -362,8 +370,8 @@ class MemoryCache extends Cache {
if (maxSize > 0 && cacheMap.size() > maxSize) {
expungeExpiredEntries();
if (cacheMap.size() > maxSize) { // still too large?
Iterator<CacheEntry> t = cacheMap.values().iterator();
CacheEntry lruEntry = t.next();
Iterator<CacheEntry<K,V>> t = cacheMap.values().iterator();
CacheEntry<K,V> lruEntry = t.next();
if (DEBUG) {
System.out.println("** Overflow removal "
+ lruEntry.getKey() + " | " + lruEntry.getValue());
......@@ -374,9 +382,9 @@ class MemoryCache extends Cache {
}
}
public synchronized Object get(Object key) {
public synchronized V get(Object key) {
emptyQueue();
CacheEntry entry = cacheMap.get(key);
CacheEntry<K,V> entry = cacheMap.get(key);
if (entry == null) {
return null;
}
......@@ -393,7 +401,7 @@ class MemoryCache extends Cache {
public synchronized void remove(Object key) {
emptyQueue();
CacheEntry entry = cacheMap.remove(key);
CacheEntry<K,V> entry = cacheMap.remove(key);
if (entry != null) {
entry.invalidate();
}
......@@ -402,9 +410,9 @@ class MemoryCache extends Cache {
public synchronized void setCapacity(int size) {
expungeExpiredEntries();
if (size > 0 && cacheMap.size() > size) {
Iterator<CacheEntry> t = cacheMap.values().iterator();
Iterator<CacheEntry<K,V>> t = cacheMap.values().iterator();
for (int i = cacheMap.size() - size; i > 0; i--) {
CacheEntry lruEntry = t.next();
CacheEntry<K,V> lruEntry = t.next();
if (DEBUG) {
System.out.println("** capacity reset removal "
+ lruEntry.getKey() + " | " + lruEntry.getValue());
......@@ -431,60 +439,61 @@ class MemoryCache extends Cache {
}
// it is a heavyweight method.
public synchronized void accept(CacheVisitor visitor) {
public synchronized void accept(CacheVisitor<K,V> visitor) {
expungeExpiredEntries();
Map<Object, Object> cached = getCachedEntries();
Map<K,V> cached = getCachedEntries();
visitor.visit(cached);
}
private Map<Object, Object> getCachedEntries() {
Map<Object,Object> kvmap = new HashMap<Object,Object>(cacheMap.size());
private Map<K,V> getCachedEntries() {
Map<K,V> kvmap = new HashMap<>(cacheMap.size());
for (CacheEntry entry : cacheMap.values()) {
for (CacheEntry<K,V> entry : cacheMap.values()) {
kvmap.put(entry.getKey(), entry.getValue());
}
return kvmap;
}
protected CacheEntry newEntry(Object key, Object value,
long expirationTime, ReferenceQueue<Object> queue) {
protected CacheEntry<K,V> newEntry(K key, V value,
long expirationTime, ReferenceQueue<V> queue) {
if (queue != null) {
return new SoftCacheEntry(key, value, expirationTime, queue);
return new SoftCacheEntry<>(key, value, expirationTime, queue);
} else {
return new HardCacheEntry(key, value, expirationTime);
return new HardCacheEntry<>(key, value, expirationTime);
}
}
private static interface CacheEntry {
private static interface CacheEntry<K,V> {
boolean isValid(long currentTime);
void invalidate();
Object getKey();
K getKey();
Object getValue();
V getValue();
}
private static class HardCacheEntry implements CacheEntry {
private static class HardCacheEntry<K,V> implements CacheEntry<K,V> {
private Object key, value;
private K key;
private V value;
private long expirationTime;
HardCacheEntry(Object key, Object value, long expirationTime) {
HardCacheEntry(K key, V value, long expirationTime) {
this.key = key;
this.value = value;
this.expirationTime = expirationTime;
}
public Object getKey() {
public K getKey() {
return key;
}
public Object getValue() {
public V getValue() {
return value;
}
......@@ -503,24 +512,25 @@ class MemoryCache extends Cache {
}
}
private static class SoftCacheEntry
extends SoftReference<Object> implements CacheEntry {
private static class SoftCacheEntry<K,V>
extends SoftReference<V>
implements CacheEntry<K,V> {
private Object key;
private K key;
private long expirationTime;
SoftCacheEntry(Object key, Object value, long expirationTime,
ReferenceQueue<Object> queue) {
SoftCacheEntry(K key, V value, long expirationTime,
ReferenceQueue<V> queue) {
super(value, queue);
this.key = key;
this.expirationTime = expirationTime;
}
public Object getKey() {
public K getKey() {
return key;
}
public Object getValue() {
public V getValue() {
return get();
}
......
jdk/src/share/classes/sun/security/util/Debug.java
浏览文件 @ bbee31b3
/*
* Copyright (c) 1998, 2010, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -80,6 +80,7 @@ public class Debug {
System.err.println("policy loading and granting");
System.err.println("provider security provider debugging");
System.err.println("scl permissions SecureClassLoader assigns");
System.err.println("ts timestamping");
System.err.println();
System.err.println("The following can be used with access:");
System.err.println();
......
jdk/src/share/classes/sun/security/util/SignatureFileVerifier.java
浏览文件 @ bbee31b3
......@@ -35,7 +35,6 @@ import java.util.*;
import java.util.jar.*;
import sun.security.pkcs.*;
import sun.security.timestamp.TimestampToken;
import sun.misc.BASE64Decoder;
import sun.security.jca.Providers;
......@@ -485,7 +484,7 @@ public class SignatureFileVerifier {
signers = new ArrayList<CodeSigner>();
}
// Append the new code signer
signers.add(new CodeSigner(certChain, getTimestamp(info)));
signers.add(new CodeSigner(certChain, info.getTimestamp()));
if (debug != null) {
debug.println("Signature Block Certificate: " +
......@@ -500,62 +499,6 @@ public class SignatureFileVerifier {
}
}
/*
* Examines a signature timestamp token to generate a timestamp object.
*
* Examines the signer's unsigned attributes for a
* <tt>signatureTimestampToken</tt> attribute. If present,
* then it is parsed to extract the date and time at which the
* timestamp was generated.
*
* @param info A signer information element of a PKCS 7 block.
*
* @return A timestamp token or null if none is present.
* @throws IOException if an error is encountered while parsing the
* PKCS7 data.
* @throws NoSuchAlgorithmException if an error is encountered while
* verifying the PKCS7 object.
* @throws SignatureException if an error is encountered while
* verifying the PKCS7 object.
* @throws CertificateException if an error is encountered while generating
* the TSA's certpath.
*/
private Timestamp getTimestamp(SignerInfo info)
throws IOException, NoSuchAlgorithmException, SignatureException,
CertificateException {
Timestamp timestamp = null;
// Extract the signer's unsigned attributes
PKCS9Attributes unsignedAttrs = info.getUnauthenticatedAttributes();
if (unsignedAttrs != null) {
PKCS9Attribute timestampTokenAttr =
unsignedAttrs.getAttribute("signatureTimestampToken");
if (timestampTokenAttr != null) {
PKCS7 timestampToken =
new PKCS7((byte[])timestampTokenAttr.getValue());
// Extract the content (an encoded timestamp token info)
byte[] encodedTimestampTokenInfo =
timestampToken.getContentInfo().getData();
// Extract the signer (the Timestamping Authority)
// while verifying the content
SignerInfo[] tsa =
timestampToken.verify(encodedTimestampTokenInfo);
// Expect only one signer
ArrayList<X509Certificate> chain =
tsa[0].getCertificateChain(timestampToken);
CertPath tsaChain = certificateFactory.generateCertPath(chain);
// Create a timestamp token info object
TimestampToken timestampTokenInfo =
new TimestampToken(encodedTimestampTokenInfo);
// Create a timestamp object
timestamp =
new Timestamp(timestampTokenInfo.getDate(), tsaChain);
}
}
return timestamp;
}
// for the toHex function
private static final char[] hexc =
{'0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f'};
......
jdk/src/share/classes/sun/util/resources/TimeZoneNames.java
浏览文件 @ bbee31b3
......@@ -103,6 +103,8 @@ public final class TimeZoneNames extends TimeZoneNamesBundle {
"Eastern Daylight Time", "EDT"};
String EST_NSW[] = new String[] {"Eastern Standard Time (New South Wales)", "EST",
"Eastern Summer Time (New South Wales)", "EST"};
String FET[] = new String[] {"Further-eastern European Time", "FET",
"Further-eastern European Summer Time", "FEST"};
String GHMT[] = new String[] {"Ghana Mean Time", "GMT",
"Ghana Summer Time", "GHST"};
String GAMBIER[] = new String[] {"Gambier Time", "GAMT",
......@@ -186,7 +188,7 @@ public final class TimeZoneNames extends TimeZoneNamesBundle {
String SAMOA[] = new String[] {"Samoa Standard Time", "SST",
"Samoa Daylight Time", "SDT"};
String WST_SAMOA[] = new String[] {"West Samoa Time", "WST",
"West Samoa Summer Time", "WSST"};
"West Samoa Daylight Time", "WSDT"};
String ChST[] = new String[] {"Chamorro Standard Time", "ChST",
"Chamorro Daylight Time", "ChDT"};
String VICTORIA[] = new String[] {"Eastern Standard Time (Victoria)", "EST",
......@@ -511,6 +513,7 @@ public final class TimeZoneNames extends TimeZoneNamesBundle {
"Tajikistan Summer Time", "TJST"}},
{"Asia/Gaza", EET},
{"Asia/Harbin", CTT},
{"Asia/Hebron", EET},
{"Asia/Ho_Chi_Minh", ICT},
{"Asia/Hong_Kong", HKT},
{"Asia/Hovd", new String[] {"Hovd Time", "HOVT",
......@@ -674,9 +677,8 @@ public final class TimeZoneNames extends TimeZoneNamesBundle {
{"Europe/Isle_of_Man", GMTBST},
{"Europe/Istanbul", EET},
{"Europe/Jersey", GMTBST},
{"Europe/Kaliningrad", new String[] {"Kaliningrad Time", "KALT",
"Kaliningrad Summer Time", "KALST"}},
{"Europe/Kiev", EET},
{"Europe/Kaliningrad", FET},
{"Europe/Kiev", FET},
{"Europe/Lisbon", WET},
{"Europe/Ljubljana", CET},
{"Europe/London", GMTBST},
......@@ -684,7 +686,7 @@ public final class TimeZoneNames extends TimeZoneNamesBundle {
{"Europe/Madrid", CET},
{"Europe/Malta", CET},
{"Europe/Mariehamn", EET},
{"Europe/Minsk", EET},
{"Europe/Minsk", FET},
{"Europe/Monaco", CET},
{"Europe/Moscow", MSK},
{"Europe/Nicosia", EET},
......@@ -697,14 +699,14 @@ public final class TimeZoneNames extends TimeZoneNamesBundle {
"Samara Summer Time", "SAMST"}},
{"Europe/San_Marino", CET},
{"Europe/Sarajevo", CET},
{"Europe/Simferopol", EET},
{"Europe/Simferopol", FET},
{"Europe/Skopje", CET},
{"Europe/Sofia", EET},
{"Europe/Stockholm", CET},
{"Europe/Tallinn", EET},
{"Europe/Tirane", CET},
{"Europe/Tiraspol", EET},
{"Europe/Uzhgorod", EET},
{"Europe/Uzhgorod", FET},
{"Europe/Vaduz", CET},
{"Europe/Vatican", CET},
{"Europe/Vienna", CET},
......@@ -713,7 +715,7 @@ public final class TimeZoneNames extends TimeZoneNamesBundle {
"Volgograd Summer Time", "VOLST"}},
{"Europe/Warsaw", CET},
{"Europe/Zagreb", CET},
{"Europe/Zaporozhye", EET},
{"Europe/Zaporozhye", FET},
{"Europe/Zurich", CET},
{"GB", GMTBST},
{"GB-Eire", GMTBST},
......
jdk/src/share/classes/sun/util/resources/TimeZoneNames_de.java
浏览文件 @ bbee31b3
......@@ -103,6 +103,8 @@ public final class TimeZoneNames_de extends TimeZoneNamesBundle {
"\u00d6stliche Sommerzeit", "EDT"};
String EST_NSW[] = new String[] {"\u00d6stliche Normalzeit (New South Wales)", "EST",
"\u00d6stliche Sommerzeit (New South Wales)", "EST"};
String FET[] = new String[] {"Further-eastern European Time", "FET",
"Further-eastern European Summer Time", "FEST"};
String GHMT[] = new String[] {"Ghanaische Normalzeit", "GMT",
"Ghanaische Sommerzeit", "GHST"};
String GAMBIER[] = new String[] {"Gambier Zeit", "GAMT",
......@@ -186,7 +188,7 @@ public final class TimeZoneNames_de extends TimeZoneNamesBundle {
String SAMOA[] = new String[] {"Samoa Normalzeit", "SST",
"Samoa Sommerzeit", "SDT"};
String WST_SAMOA[] = new String[] {"West Samoa Zeit", "WST",
"West Samoa Sommerzeit", "WSST"};
"West Samoa Sommerzeit", "WSDT"};
String ChST[] = new String[] {"Chamorro Normalzeit", "ChST",
"Chamorro Sommerzeit", "ChDT"};
String VICTORIA[] = new String[] {"\u00d6stliche Normalzeit (Victoria)", "EST",
......@@ -511,6 +513,7 @@ public final class TimeZoneNames_de extends TimeZoneNamesBundle {
"Tadschikische Sommerzeit", "TJST"}},
{"Asia/Gaza", EET},
{"Asia/Harbin", CTT},
{"Asia/Hebron", EET},
{"Asia/Ho_Chi_Minh", ICT},
{"Asia/Hong_Kong", HKT},
{"Asia/Hovd", new String[] {"Hovd Zeit", "HOVT",
......@@ -674,9 +677,8 @@ public final class TimeZoneNames_de extends TimeZoneNamesBundle {
{"Europe/Isle_of_Man", GMTBST},
{"Europe/Istanbul", EET},
{"Europe/Jersey", GMTBST},
{"Europe/Kaliningrad", new String[] {"Kaliningrad Time", "KALT",
"Kaliningrad Summer Time", "KALST"}},
{"Europe/Kiev", EET},
{"Europe/Kaliningrad", FET},
{"Europe/Kiev", FET},
{"Europe/Lisbon", WET},
{"Europe/Ljubljana", CET},
{"Europe/London", GMTBST},
......@@ -684,7 +686,7 @@ public final class TimeZoneNames_de extends TimeZoneNamesBundle {
{"Europe/Madrid", CET},
{"Europe/Malta", CET},
{"Europe/Mariehamn", EET},
{"Europe/Minsk", EET},
{"Europe/Minsk", FET},
{"Europe/Monaco", CET},
{"Europe/Moscow", MSK},
{"Europe/Nicosia", EET},
......@@ -697,14 +699,14 @@ public final class TimeZoneNames_de extends TimeZoneNamesBundle {
"Samarische Sommerzeit", "SAMST"}},
{"Europe/San_Marino", CET},
{"Europe/Sarajevo", CET},
{"Europe/Simferopol", EET},
{"Europe/Simferopol", FET},
{"Europe/Skopje", CET},
{"Europe/Sofia", EET},
{"Europe/Stockholm", CET},
{"Europe/Tallinn", EET},
{"Europe/Tirane", CET},
{"Europe/Tiraspol", EET},
{"Europe/Uzhgorod", EET},
{"Europe/Uzhgorod", FET},
{"Europe/Vaduz", CET},
{"Europe/Vatican", CET},
{"Europe/Vienna", CET},
......@@ -713,7 +715,7 @@ public final class TimeZoneNames_de extends TimeZoneNamesBundle {
"Wolgograder Sommerzeit", "VOLST"}},
{"Europe/Warsaw", CET},
{"Europe/Zagreb", CET},
{"Europe/Zaporozhye", EET},
{"Europe/Zaporozhye", FET},
{"Europe/Zurich", CET},
{"GB", GMTBST},
{"GB-Eire", GMTBST},
......
jdk/src/share/classes/sun/util/resources/TimeZoneNames_es.java
浏览文件 @ bbee31b3
......@@ -103,6 +103,8 @@ public final class TimeZoneNames_es extends TimeZoneNamesBundle {
"Hora de verano Oriental", "EDT"};
String EST_NSW[] = new String[] {"Hora est\u00e1ndar Oriental (Nueva Gales del Sur)", "EST",
"Hora de verano Oriental (Nueva Gales del Sur)", "EST"};
String FET[] = new String[] {"Further-eastern European Time", "FET",
"Further-eastern European Summer Time", "FEST"};
String GHMT[] = new String[] {"Hora central de Ghana", "GMT",
"Hora de verano de Ghana", "GHST"};
String GAMBIER[] = new String[] {"Hora de Gambier", "GAMT",
......@@ -186,7 +188,7 @@ public final class TimeZoneNames_es extends TimeZoneNamesBundle {
String SAMOA[] = new String[] {"Hora est\u00e1ndar de Samoa", "SST",
"Hora de verano de Samoa", "SDT"};
String WST_SAMOA[] = new String[] {"Hora de Samoa Occidental", "WST",
"Hora de verano de Samoa Occidental", "WSST"};
"Hora de verano de Samoa Occidental", "WSDT"};
String ChST[] = new String[] {"Hora est\u00e1ndar de Chamorro", "ChST",
"Hora de verano de Chamorro", "ChDT"};
String VICTORIA[] = new String[] {"Hora est\u00e1ndar del Este (Victoria)", "EST",
......@@ -511,6 +513,7 @@ public final class TimeZoneNames_es extends TimeZoneNamesBundle {
"Hora de verano de Tajikist\u00e1n", "TJST"}},
{"Asia/Gaza", EET},
{"Asia/Harbin", CTT},
{"Asia/Hebron", EET},
{"Asia/Ho_Chi_Minh", ICT},
{"Asia/Hong_Kong", HKT},
{"Asia/Hovd", new String[] {"Hora de Hovd", "HOVT",
......@@ -674,9 +677,8 @@ public final class TimeZoneNames_es extends TimeZoneNamesBundle {
{"Europe/Isle_of_Man", GMTBST},
{"Europe/Istanbul", EET},
{"Europe/Jersey", GMTBST},
{"Europe/Kaliningrad", new String[] {"Kaliningrad Time", "KALT",
"Kaliningrad Summer Time", "KALST"}},
{"Europe/Kiev", EET},
{"Europe/Kaliningrad", FET},
{"Europe/Kiev", FET},
{"Europe/Lisbon", WET},
{"Europe/Ljubljana", CET},
{"Europe/London", GMTBST},
......@@ -684,7 +686,7 @@ public final class TimeZoneNames_es extends TimeZoneNamesBundle {
{"Europe/Madrid", CET},
{"Europe/Malta", CET},
{"Europe/Mariehamn", EET},
{"Europe/Minsk", EET},
{"Europe/Minsk", FET},
{"Europe/Monaco", CET},
{"Europe/Moscow", MSK},
{"Europe/Nicosia", EET},
......@@ -697,14 +699,14 @@ public final class TimeZoneNames_es extends TimeZoneNamesBundle {
"Hora de verano de Samara", "SAMST"}},
{"Europe/San_Marino", CET},
{"Europe/Sarajevo", CET},
{"Europe/Simferopol", EET},
{"Europe/Simferopol", FET},
{"Europe/Skopje", CET},
{"Europe/Sofia", EET},
{"Europe/Stockholm", CET},
{"Europe/Tallinn", EET},
{"Europe/Tirane", CET},
{"Europe/Tiraspol", EET},
{"Europe/Uzhgorod", EET},
{"Europe/Uzhgorod", FET},
{"Europe/Vaduz", CET},
{"Europe/Vatican", CET},
{"Europe/Vienna", CET},
......@@ -713,7 +715,7 @@ public final class TimeZoneNames_es extends TimeZoneNamesBundle {
"Hora de verano de Volgogrado", "VOLST"}},
{"Europe/Warsaw", CET},
{"Europe/Zagreb", CET},
{"Europe/Zaporozhye", EET},
{"Europe/Zaporozhye", FET},
{"Europe/Zurich", CET},
{"GB", GMTBST},
{"GB-Eire", GMTBST},
......
jdk/src/share/lib/security/sunpkcs11-solaris.cfg
浏览文件 @ bbee31b3
......@@ -11,6 +11,9 @@ library = /usr/lib/$ISA/libpkcs11.so
handleStartupErrors = ignoreAll
# Use the X9.63 encoding for EC points (do not wrap in an ASN.1 OctetString).
useEcX963Encoding = true
attributes = compatibility
disabledMechanisms = {
......
jdk/src/share/native/java/io/ObjectInputStream.c
浏览文件 @ bbee31b3
......@@ -173,16 +173,3 @@ Java_java_io_ObjectInputStream_bytesToDoubles(JNIEnv *env,
(*env)->ReleasePrimitiveArrayCritical(env, dst, doubles, 0);
}
/*
* Class: java_io_ObjectInputStream
* Method: latestUserDefinedLoader
* Signature: ()Ljava/lang/ClassLoader;
*
* Returns the first non-null class loader up the execution stack, or null
* if only code from the null class loader is on the stack.
*/
JNIEXPORT jobject JNICALL
Java_java_io_ObjectInputStream_latestUserDefinedLoader(JNIEnv *env, jclass cls)
{
return JVM_LatestUserDefinedLoader(env);
}
jdk/src/share/native/sun/misc/VM.c
浏览文件 @ bbee31b3
......@@ -111,6 +111,11 @@ Java_sun_misc_VM_getThreadStateValues(JNIEnv *env, jclass cls,
get_thread_state_info(env, JAVA_THREAD_STATE_TERMINATED, values, names);
}
JNIEXPORT jobject JNICALL
Java_sun_misc_VM_latestUserDefinedLoader(JNIEnv *env, jclass cls) {
return JVM_LatestUserDefinedLoader(env);
}
typedef void (JNICALL *GetJvmVersionInfo_fp)(JNIEnv*, jvm_version_info*, size_t);
JNIEXPORT void JNICALL
......
jdk/src/share/native/sun/security/pkcs11/wrapper/p11_digest.c
浏览文件 @ bbee31b3
......@@ -131,7 +131,7 @@ JNIEXPORT jint JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1DigestSingle
/* always use single part op, even for large data */
bufP = (CK_BYTE_PTR) malloc((size_t)jInLen);
if (bufP == NULL) {
JNU_ThrowOutOfMemoryError(env, 0);
throwOutOfMemoryError(env, 0);
return 0;
}
}
......@@ -190,7 +190,7 @@ JNIEXPORT void JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1DigestUpdate
bufLen = min(MAX_HEAP_BUFFER_LEN, jInLen);
bufP = (CK_BYTE_PTR) malloc((size_t)bufLen);
if (bufP == NULL) {
JNU_ThrowOutOfMemoryError(env, 0);
throwOutOfMemoryError(env, 0);
return;
}
}
......
jdk/test/ProblemList.txt
浏览文件 @ bbee31b3
此差异已折叠。
jdk/test/java/util/Collections/CheckedQueue.java 0 → 100644
浏览文件 @ bbee31b3
此差异已折叠。
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册