8175075: Add 3DES to the default disabled algorithm security property

Reviewed-by: xuelei, mullan, rhalade

src/share/lib/security/java.security-aix

@@ -620,7 +620,7 @@ jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024
 # Example:
 #   jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
 jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \
-    EC keySize < 224, DES40_CBC, RC4_40
+    EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC
 
 # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
 # processing in JSSE implementation.

src/share/lib/security/java.security-linux

@@ -620,7 +620,7 @@ jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024
 # Example:
 #   jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
 jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \
-    EC keySize < 224, DES40_CBC, RC4_40
+    EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC
 
 # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
 # processing in JSSE implementation.

src/share/lib/security/java.security-macosx

@@ -623,7 +623,7 @@ jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024
 # Example:
 #   jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
 jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \
-    EC keySize < 224, DES40_CBC, RC4_40
+    EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC
 
 # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
 # processing in JSSE implementation.

src/share/lib/security/java.security-solaris

@@ -622,7 +622,7 @@ jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024
 # Example:
 #   jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
 jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \
-    EC keySize < 224, DES40_CBC, RC4_40
+    EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC
 
 # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
 # processing in JSSE implementation.

src/share/lib/security/java.security-windows

@@ -623,7 +623,7 @@ jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024
 # Example:
 #   jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
 jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \
-    EC keySize < 224, DES40_CBC, RC4_40
+    EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC
 
 # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
 # processing in JSSE implementation.

test/sun/security/ssl/sun/net/www/protocol/https/NewImpl/ComHostnameVerifier.java

 /*
- * Copyright (c) 2001, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2018, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,21 +21,20 @@
  * questions.
  */
 
+// SunJSSE does not support dynamic system properties, no way to re-use
+// system properties in samevm/agentvm mode.
+
 /*
  * @test
- * @bug 4474255
- * @test 1.1 01/06/27
- * @bug 4484246
+ * @bug 4474255 4484246
  * @summary When an application enables anonymous SSL cipher suite,
  *        Hostname verification is not required
  * @run main/othervm ComHostnameVerifier
- *
- *     SunJSSE does not support dynamic system properties, no way to re-use
- *     system properties in samevm/agentvm mode.
  */
 
 import java.io.*;
 import java.net.*;
+import java.security.Security;
 import javax.net.ssl.*;
 import javax.security.cert.*;
 import com.sun.net.ssl.HostnameVerifier;
@@ -249,6 +248,8 @@ public class ComHostnameVerifier {
     volatile Exception clientException = null;
 
     public static void main(String[] args) throws Exception {
+        // re-enable 3DES
+        Security.setProperty("jdk.tls.disabledAlgorithms", "");
 
         if (debug)
             System.setProperty("javax.net.debug", "all");

test/sun/security/ssl/sun/net/www/protocol/https/NewImpl/JavaxHostnameVerifier.java

 /*
- * Copyright (c) 2001, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2018, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,21 +21,20 @@
  * questions.
  */
 
+// SunJSSE does not support dynamic system properties, no way to re-use
+// system properties in samevm/agentvm mode.
+
 /*
  * @test
- * @bug 4474255
- * @test 1.1 01/06/27
- * @bug 4484246
+ * @bug 4474255 4484246
  * @summary When an application enables anonymous SSL cipher suite,
  *        Hostname verification is not required
  * @run main/othervm JavaxHostnameVerifier
- *
- *     SunJSSE does not support dynamic system properties, no way to re-use
- *     system properties in samevm/agentvm mode.
  */
 
 import java.io.*;
 import java.net.*;
+import java.security.Security;
 import java.security.cert.*;
 import javax.net.ssl.*;
 
@@ -244,6 +243,8 @@ public class JavaxHostnameVerifier {
     volatile Exception clientException = null;
 
     public static void main(String[] args) throws Exception {
+        // re-enable 3DES
+        Security.setProperty("jdk.tls.disabledAlgorithms", "");
 
         if (debug)
             System.setProperty("javax.net.debug", "all");