Merge

.hgtags

@@ -474,6 +474,7 @@ ed9e7ba6a419a80cbcdc60f4634388af054bdc76 jdk8u65-b10
 d26fd80f684d44fd9b16e84e585dda3757d4a19c jdk8u65-b14
 64c3b5808a701b6328c18028d1c98bc41679f718 jdk8u65-b15
 372d63c0daaff36677d40f5f05b051f5e4e9e4ea jdk8u65-b16
+14a4b0a9a0b7a3d06432b484f226c71920460808 jdk8u65-b17
 e9f82302d5fdef8a0976640e09363895e9dcde3c jdk8u66-b00
 64d7bd4e98150447916f210e3bfd6875a4c2728a jdk8u66-b01
 d8210091911b14930192abd3138ee37c281fb632 jdk8u66-b02
@@ -487,5 +488,6 @@ e951c898bb6ca7be2ce49ac23f8442c0bccad4e9 jdk8u66-b13
 371fc17e38ccf9a729e34c518f6942162ba6c225 jdk8u66-b14
 ea602badedd0cd0c352c072220a884e8f1335e33 jdk8u66-b15
 5ceafca6a734e13d51319df6afd40678d68f9851 jdk8u66-b16
+e6d562c0f079dfd1e21c3734b2dca16f4b2e2494 jdk8u66-b17
 be5faa9c77042f202106c18f4e8ea211137b4a3b jdk8u72-b00
 5ad1e9e8e8417f80c91d7e0f1f44cdf89b34ead3 jdk8u72-b01

src/share/lib/security/java.security-aix

@@ -481,7 +481,7 @@ krb5.kdc.bad.policy = tryLast
 #   jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
 #
 #
-jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024
+jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024
 
 # Algorithm restrictions for Secure Socket Layer/Transport Layer Security
 # (SSL/TLS) processing

src/share/lib/security/java.security-linux

@@ -481,7 +481,7 @@ krb5.kdc.bad.policy = tryLast
 #   jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
 #
 #
-jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024
+jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024
 
 # Algorithm restrictions for Secure Socket Layer/Transport Layer Security
 # (SSL/TLS) processing

src/share/lib/security/java.security-macosx

@@ -484,7 +484,7 @@ krb5.kdc.bad.policy = tryLast
 #   jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
 #
 #
-jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024
+jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024
 
 # Algorithm restrictions for Secure Socket Layer/Transport Layer Security
 # (SSL/TLS) processing

src/share/lib/security/java.security-solaris

@@ -483,7 +483,7 @@ krb5.kdc.bad.policy = tryLast
 #   jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
 #
 #
-jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024
+jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024
 
 # Algorithm restrictions for Secure Socket Layer/Transport Layer Security
 # (SSL/TLS) processing

src/share/lib/security/java.security-windows

@@ -484,7 +484,7 @@ krb5.kdc.bad.policy = tryLast
 #   jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
 #
 #
-jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024
+jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024
 
 # Algorithm restrictions for Secure Socket Layer/Transport Layer Security
 # (SSL/TLS) processing

test/java/security/cert/CertPathBuilder/selfIssued/DisableRevocation.java

 /*
- * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,12 +21,6 @@
  * questions.
  */
 
-//
-// Security properties, once set, cannot revert to unset.  To avoid
-// conflicts with tests running in the same VM isolate this test by
-// running it in otherVM mode.
-//
-
 /**
  * @test
  * @bug 6852744
@@ -240,10 +234,6 @@ public final class DisableRevocation {
 
 
     public static void main(String[] args) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         CertPathBuilder builder = CertPathBuilder.getInstance("PKIX");
 
         X509CertSelector selector = generateSelector(args[0]);

test/java/security/cert/CertPathBuilder/selfIssued/KeyUsageMatters.java

 /*
- * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,12 +21,6 @@
  * questions.
  */
 
-//
-// Security properties, once set, cannot revert to unset.  To avoid
-// conflicts with tests running in the same VM isolate this test by
-// running it in otherVM mode.
-//
-
 /**
  * @test
  * @bug 6852744
@@ -283,10 +277,6 @@ public final class KeyUsageMatters {
 
 
     public static void main(String[] args) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         CertPathBuilder builder = CertPathBuilder.getInstance("PKIX");
 
         X509CertSelector selector = generateSelector(args[0]);

test/java/security/cert/CertPathBuilder/selfIssued/StatusLoopDependency.java

 /*
- * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,12 +21,6 @@
  * questions.
  */
 
-//
-// Security properties, once set, cannot revert to unset.  To avoid
-// conflicts with tests running in the same VM isolate this test by
-// running it in otherVM mode.
-//
-
 /**
  * @test
  * @bug 6852744
@@ -289,10 +283,6 @@ public final class StatusLoopDependency {
 
 
     public static void main(String[] args) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         CertPathBuilder builder = CertPathBuilder.getInstance("PKIX");
 
         X509CertSelector selector = generateSelector(args[0]);

test/java/security/cert/CertPathValidator/OCSP/AIACheck.java

 /*
- * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2004, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,19 +21,12 @@
  * questions.
  */
 
-//
-// Security properties, once set, cannot revert to unset.  To avoid
-// conflicts with tests running in the same VM isolate this test by
-// running it in otherVM mode.
-//
-
 /**
  * @test
  * @bug 5072953
  * @summary Verify that the URL for an OCSP responder can be extracted from a
  *          certificate's AuthorityInfoAccess extension when OCSP certifiate
  *          validation has been enabled.
- * @run main/othervm AIACheck
  */
 
 import java.io.*;
@@ -58,10 +51,6 @@ public class AIACheck {
     }
 
     public static void main(String args[]) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         X509Certificate aiaCert = loadCertificate("AIACert.pem");
         X509Certificate rootCert = loadCertificate("RootCert.pem");
 

test/java/security/cert/CertPathValidator/OCSP/FailoverToCRL.java

 /*
- * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,24 +21,16 @@
  * questions.
  */
 
-//
-// Security properties, once set, cannot revert to unset.  To avoid
-// conflicts with tests running in the same VM isolate this test by
-// running it in otherVM mode.
-//
-
 /**
  * @test
  * @bug 6383095
  * @summary CRL revoked certificate failures masked by OCSP failures
- * @run main/othervm FailoverToCRL
- * @author Xuelei Fan
- */
-
-/*
+ *
  * Note that the certificate validity is from Mar 16 14:55:35 2009 GMT to
  * Dec 1 14:55:35 2028 GMT, please update it with newer certificate if
  * expires.
+ *
+ * @author Xuelei Fan
  */
 
 /*
@@ -237,10 +229,6 @@ public class FailoverToCRL {
     }
 
     public static void main(String args[]) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         CertPath path = generateCertificatePath();
         Set<TrustAnchor> anchors = generateTrustAnchors();
         CertStore crls = generateCertificateStore();

test/java/security/cert/CertPathValidator/indirectCRL/CircularCRLOneLevel.java

 /*
- * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,18 +21,11 @@
  * questions.
  */
 
-//
-// Security properties, once set, cannot revert to unset.  To avoid
-// conflicts with tests running in the same VM isolate this test by
-// running it in otherVM mode.
-//
-
 /**
  * @test
  *
  * @bug 6720721
  * @summary CRL check with circular depency support needed
- * @run main/othervm CircularCRLOneLevel
  * @author Xuelei Fan
  */
 
@@ -165,10 +158,6 @@ public class CircularCRLOneLevel {
     }
 
     public static void main(String args[]) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         CertPath path = generateCertificatePath();
         Set<TrustAnchor> anchors = generateTrustAnchors();
         CertStore crls = generateCertificateStore();

test/java/security/cert/CertPathValidator/indirectCRL/CircularCRLOneLevelRevoked.java

 /*
- * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,18 +21,11 @@
  * questions.
  */
 
-//
-// Security properties, once set, cannot revert to unset.  To avoid
-// conflicts with tests running in the same VM isolate this test by
-// running it in otherVM mode.
-//
-
 /**
  * @test
  *
  * @bug 6720721
  * @summary CRL check with circular depency support needed
- * @run main/othervm CircularCRLOneLevelRevoked
  * @author Xuelei Fan
  */
 
@@ -166,10 +159,6 @@ public class CircularCRLOneLevelRevoked {
     }
 
     public static void main(String args[]) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         CertPath path = generateCertificatePath();
         Set<TrustAnchor> anchors = generateTrustAnchors();
         CertStore crls = generateCertificateStore();

test/java/security/cert/CertPathValidator/indirectCRL/CircularCRLTwoLevel.java

 /*
- * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,18 +21,11 @@
  * questions.
  */
 
-//
-// Security properties, once set, cannot revert to unset.  To avoid
-// conflicts with tests running in the same VM isolate this test by
-// running it in otherVM mode.
-//
-
 /**
  * @test
  *
  * @bug 6720721
  * @summary CRL check with circular depency support needed
- * @run main/othervm CircularCRLTwoLevel
  * @author Xuelei Fan
  */
 
@@ -217,10 +210,6 @@ public class CircularCRLTwoLevel {
     }
 
     public static void main(String args[]) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         CertPath path = generateCertificatePath();
         Set<TrustAnchor> anchors = generateTrustAnchors();
         CertStore crls = generateCertificateStore();

test/java/security/cert/CertPathValidator/indirectCRL/CircularCRLTwoLevelRevoked.java

 /*
- * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,18 +21,11 @@
  * questions.
  */
 
-//
-// Security properties, once set, cannot revert to unset.  To avoid
-// conflicts with tests running in the same VM isolate this test by
-// running it in otherVM mode.
-//
-
 /**
  * @test
  *
  * @bug 6720721
  * @summary CRL check with circular depency support needed
- * @run main/othervm CircularCRLTwoLevelRevoked
  * @author Xuelei Fan
  */
 
@@ -218,10 +211,6 @@ public class CircularCRLTwoLevelRevoked {
     }
 
     public static void main(String args[]) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         CertPath path = generateCertificatePath();
         Set<TrustAnchor> anchors = generateTrustAnchors();
         CertStore crls = generateCertificateStore();

test/sun/security/ssl/com/sun/net/ssl/internal/ssl/SSLContextImpl/MD2InTrustAnchor.java

 /*
- * Copyright (c) 2011, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,15 +23,13 @@
  * questions.
  */
 
-//
-// SunJSSE does not support dynamic system properties, no way to re-use
-// system properties in samevm/agentvm mode.
-//
-
 /*
  * @test
  * @bug 7113275
  * @summary compatibility issue with MD2 trust anchor and old X509TrustManager
+ *
+ *     SunJSSE does not support dynamic system properties, no way to re-use
+ *     system properties in samevm/agentvm mode.
  * @run main/othervm MD2InTrustAnchor PKIX TLSv1.1
  * @run main/othervm MD2InTrustAnchor SunX509 TLSv1.1
  * @run main/othervm MD2InTrustAnchor PKIX TLSv1.2
@@ -42,7 +40,6 @@ import java.net.*;
 import java.util.*;
 import java.io.*;
 import javax.net.ssl.*;
-import java.security.Security;
 import java.security.KeyStore;
 import java.security.KeyFactory;
 import java.security.cert.Certificate;
@@ -286,10 +283,6 @@ public class MD2InTrustAnchor {
     volatile Exception clientException = null;
 
     public static void main(String[] args) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         if (debug)
             System.setProperty("javax.net.debug", "all");
 

test/sun/security/ssl/com/sun/net/ssl/internal/ssl/SSLContextImpl/TrustTrustedCert.java

 /*
- * Copyright (c) 2011, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,15 +23,13 @@
  * questions.
  */
 
-//
-// SunJSSE does not support dynamic system properties, no way to re-use
-// system properties in samevm/agentvm mode.
-//
-
 /*
  * @test
  * @bug 7113275
  * @summary compatibility issue with MD2 trust anchor and old X509TrustManager
+ *
+ *     SunJSSE does not support dynamic system properties, no way to re-use
+ *     system properties in samevm/agentvm mode.
  * @run main/othervm TrustTrustedCert PKIX TLSv1.1
  * @run main/othervm TrustTrustedCert SunX509 TLSv1.1
  * @run main/othervm TrustTrustedCert PKIX TLSv1.2
@@ -338,10 +336,6 @@ public class TrustTrustedCert {
     volatile Exception clientException = null;
 
     public static void main(String[] args) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         if (debug)
             System.setProperty("javax.net.debug", "all");
 

test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509KeyManager/PreferredKey.java

 /*
- * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,18 +21,11 @@
  * questions.
  */
 
-//
-// Security properties, once set, cannot revert to unset.  To avoid
-// conflicts with tests running in the same VM isolate this test by
-// running it in otherVM mode.
-//
-
 /*
  * @test
  * @bug 6302644
  * @summary X509KeyManager implementation for NewSunX509 doesn't return most
  *          preferable key
- * @run main/othervm PreferredKey
  */
 import java.io.*;
 import java.net.*;
@@ -56,10 +49,6 @@ public class PreferredKey {
 
 
     public static void main(String[] args) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         KeyStore ks;
         KeyManagerFactory kmf;
         X509KeyManager km;

test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509TrustManagerImpl/BasicConstraints.java

 /*
- * Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,16 +21,14 @@
  * questions.
  */
 
-//
-// SunJSSE does not support dynamic system properties, no way to re-use
-// system properties in samevm/agentvm mode.
-//
-
 /*
  * @test
  * @bug 7166570
  * @summary JSSE certificate validation has started to fail for
  *     certificate chains
+ *
+ *     SunJSSE does not support dynamic system properties, no way to re-use
+ *     system properties in samevm/agentvm mode.
  * @run main/othervm BasicConstraints PKIX
  * @run main/othervm BasicConstraints SunX509
  */
@@ -39,7 +37,6 @@ import java.net.*;
 import java.util.*;
 import java.io.*;
 import javax.net.ssl.*;
-import java.security.Security;
 import java.security.KeyStore;
 import java.security.KeyFactory;
 import java.security.cert.*;
@@ -457,10 +454,6 @@ public class BasicConstraints {
     volatile Exception clientException = null;
 
     public static void main(String args[]) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         if (debug)
             System.setProperty("javax.net.debug", "all");
 

test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509TrustManagerImpl/PKIXExtendedTM.java

 /*
- * Copyright (c) 2010, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,23 +21,21 @@
  * questions.
  */
 
-//
-// SunJSSE does not support dynamic system properties, no way to re-use
-// system properties in samevm/agentvm mode.
-//
 
 /*
  * @test
  * @bug 6916074
  * @summary Add support for TLS 1.2
  * @run main/othervm PKIXExtendedTM
+ *
+ *     SunJSSE does not support dynamic system properties, no way to re-use
+ *     system properties in samevm/agentvm mode.
  */
 
 import java.net.*;
 import java.util.*;
 import java.io.*;
 import javax.net.ssl.*;
-import java.security.Security;
 import java.security.KeyStore;
 import java.security.KeyFactory;
 import java.security.cert.Certificate;
@@ -793,10 +791,6 @@ public class PKIXExtendedTM {
     volatile Exception clientException = null;
 
     public static void main(String args[]) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         if (debug)
             System.setProperty("javax.net.debug", "all");
 

test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509TrustManagerImpl/SelfIssuedCert.java

 /*
- * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,17 +21,15 @@
  * questions.
  */
 
-//
-// SunJSSE does not support dynamic system properties, no way to re-use
-// system properties in samevm/agentvm mode.
-//
-
 /*
  * @test
  * @bug 6822460
  * @summary support self-issued certificate
  * @run main/othervm SelfIssuedCert PKIX
  * @run main/othervm SelfIssuedCert SunX509
+ *
+ *     SunJSSE does not support dynamic system properties, no way to re-use
+ *     system properties in samevm/agentvm mode.
  * @author Xuelei Fan
  */
 
@@ -39,7 +37,6 @@ import java.net.*;
 import java.util.*;
 import java.io.*;
 import javax.net.ssl.*;
-import java.security.Security;
 import java.security.KeyStore;
 import java.security.KeyFactory;
 import java.security.cert.Certificate;
@@ -305,10 +302,6 @@ public class SelfIssuedCert {
     volatile Exception clientException = null;
 
     public static void main(String args[]) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         if (debug)
             System.setProperty("javax.net.debug", "all");
 

test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509TrustManagerImpl/SunX509ExtendedTM.java

 /*
- * Copyright (c) 2010, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,23 +21,20 @@
  * questions.
  */
 
-//
-// SunJSSE does not support dynamic system properties, no way to re-use
-// system properties in samevm/agentvm mode.
-//
-
 /*
  * @test
  * @bug 6916074
  * @summary Add support for TLS 1.2
  * @run main/othervm SunX509ExtendedTM
+ *
+ *     SunJSSE does not support dynamic system properties, no way to re-use
+ *     system properties in samevm/agentvm mode.
  */
 
 import java.net.*;
 import java.util.*;
 import java.io.*;
 import javax.net.ssl.*;
-import java.security.Security;
 import java.security.KeyStore;
 import java.security.KeyFactory;
 import java.security.cert.Certificate;
@@ -795,10 +792,6 @@ public class SunX509ExtendedTM {
     volatile Exception clientException = null;
 
     public static void main(String args[]) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         if (debug)
             System.setProperty("javax.net.debug", "all");
 

test/sun/security/ssl/com/sun/net/ssl/internal/www/protocol/https/HttpsURLConnection/CriticalSubjectAltName.java

 /*
- * Copyright (c) 2001, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,21 +21,18 @@
  * questions.
  */
 
-//
-// SunJSSE does not support dynamic system properties, no way to re-use
-// system properties in samevm/agentvm mode.
-//
-
 /*
  * @test
  * @bug 6668231
  * @summary Presence of a critical subjectAltName causes JSSE's SunX509 to
  *          fail trusted checks
  * @run main/othervm CriticalSubjectAltName
+ *
+ *     SunJSSE does not support dynamic system properties, no way to re-use
+ *     system properties in samevm/agentvm mode.
+ *
  * @author Xuelei Fan
- */
-
-/*
+ *
  * This test depends on binary keystore, crisubn.jks and trusted.jks. Because
  * JAVA keytool cannot generate X509 certificate with SubjectAltName extension,
  * the certificates are generated with openssl toolkits and then imported into
@@ -50,7 +47,6 @@
 import java.io.*;
 import java.net.*;
 import javax.net.ssl.*;
-import java.security.Security;
 import java.security.cert.Certificate;
 
 public class CriticalSubjectAltName implements HostnameVerifier {
@@ -158,10 +154,6 @@ public class CriticalSubjectAltName implements HostnameVerifier {
     volatile Exception clientException = null;
 
     public static void main(String[] args) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         String keyFilename =
             System.getProperty("test.src", "./") + "/" + pathToStores +
                 "/" + keyStoreFile;

test/sun/security/ssl/javax/net/ssl/ServerName/SSLSocketSNISensitive.java

 /*
- * Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -44,7 +44,6 @@ import java.net.*;
 import java.util.*;
 import java.io.*;
 import javax.net.ssl.*;
-import java.security.Security;
 import java.security.KeyStore;
 import java.security.KeyFactory;
 import java.security.cert.Certificate;
@@ -432,10 +431,6 @@ public class SSLSocketSNISensitive {
     volatile Exception clientException = null;
 
     public static void main(String[] args) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         if (debug)
             System.setProperty("javax.net.debug", "all");
 

test/sun/security/ssl/javax/net/ssl/TLSv11/EmptyCertificateAuthorities.java

 /*
- * Copyright (c) 2010, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,16 +23,15 @@
  * questions.
  */
 
-//
-// SunJSSE does not support dynamic system properties, no way to re-use
-// system properties in samevm/agentvm mode.
-//
-
 /*
  * @test
  * @bug 4873188
  * @summary Support TLS 1.1
  * @run main/othervm EmptyCertificateAuthorities
+ *
+ *     SunJSSE does not support dynamic system properties, no way to re-use
+ *     system properties in samevm/agentvm mode.
+ *
  * @author Xuelei Fan
  */
 
@@ -229,10 +228,6 @@ public class EmptyCertificateAuthorities {
     volatile Exception clientException = null;
 
     public static void main(String[] args) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         String keyFilename =
             System.getProperty("test.src", ".") + "/" + pathToStores +
                 "/" + keyStoreFile;

test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/DNSIdentities.java

 /*
- * Copyright (c) 2010, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,15 +21,13 @@
  * questions.
  */
 
-//
-// SunJSSE does not support dynamic system properties, no way to re-use
-// system properties in samevm/agentvm mode.
-//
-
 /* @test
  * @bug 6766775
  * @summary X509 certificate hostname checking is broken in JDK1.6.0_10
  * @run main/othervm DNSIdentities
+ *
+ *     SunJSSE does not support dynamic system properties, no way to re-use
+ *     system properties in samevm/agentvm mode.
  * @author Xuelei Fan
  */
 
@@ -37,7 +35,6 @@ import java.net.*;
 import java.util.*;
 import java.io.*;
 import javax.net.ssl.*;
-import java.security.Security;
 import java.security.KeyStore;
 import java.security.KeyFactory;
 import java.security.cert.Certificate;
@@ -746,10 +743,6 @@ public class DNSIdentities {
     volatile Exception clientException = null;
 
     public static void main(String args[]) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         if (debug)
             System.setProperty("javax.net.debug", "all");
 

test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/IPAddressIPIdentities.java

 /*
- * Copyright (c) 2010, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,15 +21,13 @@
  * questions.
  */
 
-//
-// SunJSSE does not support dynamic system properties, no way to re-use
-// system properties in samevm/agentvm mode.
-//
-
 /* @test
  * @summary X509 certificate hostname checking is broken in JDK1.6.0_10
  * @bug 6766775
  * @run main/othervm IPAddressIPIdentities
+ *
+ *     SunJSSE does not support dynamic system properties, no way to re-use
+ *     system properties in samevm/agentvm mode.
  * @author Xuelei Fan
  */
 
@@ -37,7 +35,6 @@ import java.net.*;
 import java.util.*;
 import java.io.*;
 import javax.net.ssl.*;
-import java.security.Security;
 import java.security.KeyStore;
 import java.security.KeyFactory;
 import java.security.cert.Certificate;
@@ -747,10 +744,6 @@ public class IPAddressIPIdentities {
     volatile Exception clientException = null;
 
     public static void main(String args[]) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         if (debug)
             System.setProperty("javax.net.debug", "all");
 

test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/IPIdentities.java

 /*
- * Copyright (c) 2010, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,15 +21,13 @@
  * questions.
  */
 
-//
-// SunJSSE does not support dynamic system properties, no way to re-use
-// system properties in samevm/agentvm mode.
-//
-
 /* @test
  * @summary X509 certificate hostname checking is broken in JDK1.6.0_10
  * @bug 6766775
  * @run main/othervm IPIdentities
+ *
+ *     SunJSSE does not support dynamic system properties, no way to re-use
+ *     system properties in samevm/agentvm mode.
  * @author Xuelei Fan
  */
 
@@ -37,7 +35,6 @@ import java.net.*;
 import java.util.*;
 import java.io.*;
 import javax.net.ssl.*;
-import java.security.Security;
 import java.security.KeyStore;
 import java.security.KeyFactory;
 import java.security.cert.Certificate;
@@ -746,10 +743,6 @@ public class IPIdentities {
     volatile Exception clientException = null;
 
     public static void main(String args[]) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         if (debug)
             System.setProperty("javax.net.debug", "all");
 

test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/Identities.java

 /*
- * Copyright (c) 2010, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,15 +21,13 @@
  * questions.
  */
 
-//
-// SunJSSE does not support dynamic system properties, no way to re-use
-// system properties in samevm/agentvm mode.
-//
-
 /* @test
  * @bug 6766775
  * @summary X509 certificate hostname checking is broken in JDK1.6.0_10
  * @run main/othervm Identities
+ *
+ *     SunJSSE does not support dynamic system properties, no way to re-use
+ *     system properties in samevm/agentvm mode.
  * @author Xuelei Fan
  */
 
@@ -37,7 +35,6 @@ import java.net.*;
 import java.util.*;
 import java.io.*;
 import javax.net.ssl.*;
-import java.security.Security;
 import java.security.KeyStore;
 import java.security.KeyFactory;
 import java.security.cert.Certificate;
@@ -746,10 +743,6 @@ public class Identities {
     volatile Exception clientException = null;
 
     public static void main(String args[]) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         if (debug)
             System.setProperty("javax.net.debug", "all");