s
with any leading zeros removed.
- */
- static String stripLeadingZeros(String s) {
- return s.replaceFirst("^0+", "");
- }
-
- /**
- * Extract a hexadecimal digit from position position
- * of string s
.
- */
- static int getHexDigit(String s, int position) {
- int value = Character.digit(s.charAt(position), 16);
- if (value <= -1 || value >= 16) {
- throw new AssertionError("Unxpected failure of digit converstion of " +
- s.charAt(position));
- }
- return value;
- }
-
-
}
diff --git a/src/share/classes/sun/misc/JavaIOAccess.java b/src/share/classes/sun/misc/JavaIOAccess.java
index 2a076a9d84de8d71659023dd94af4a53eaa61bac..f0b50a8ac4e3dd8343cb5cadb8fd20dd9c0faf7e 100644
--- a/src/share/classes/sun/misc/JavaIOAccess.java
+++ b/src/share/classes/sun/misc/JavaIOAccess.java
@@ -29,6 +29,5 @@ import java.nio.charset.Charset;
public interface JavaIOAccess {
public Console console();
- public Runnable consoleRestoreHook();
public Charset charset();
}
diff --git a/src/share/classes/sun/misc/JavaIODeleteOnExitAccess.java b/src/share/classes/sun/misc/JavaIODeleteOnExitAccess.java
deleted file mode 100644
index 54aef8b428a76b6f3e0bb212c29a60b4379dbb72..0000000000000000000000000000000000000000
--- a/src/share/classes/sun/misc/JavaIODeleteOnExitAccess.java
+++ /dev/null
@@ -1,30 +0,0 @@
-/*
- * Copyright 2005 Sun Microsystems, Inc. All Rights Reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation. Sun designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Sun in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
- * CA 95054 USA or visit www.sun.com if you need additional information or
- * have any questions.
- */
-
-package sun.misc;
-
-public interface JavaIODeleteOnExitAccess extends Runnable {
- public void run();
-}
diff --git a/src/share/classes/sun/misc/JavaLangAccess.java b/src/share/classes/sun/misc/JavaLangAccess.java
index 7c1cc55032f7e9431d7fbe17554fba478c857897..c288bc8402f04f7af27fb967b0d4830c6cdacde3 100644
--- a/src/share/classes/sun/misc/JavaLangAccess.java
+++ b/src/share/classes/sun/misc/JavaLangAccess.java
@@ -54,4 +54,7 @@ public interface JavaLangAccess {
/** Set thread's blocker field. */
void blockedOn(Thread t, Interruptible b);
+
+ /** register shutdown hook */
+ void registerShutdownHook(int slot, Runnable r);
}
diff --git a/src/share/classes/sun/misc/SharedSecrets.java b/src/share/classes/sun/misc/SharedSecrets.java
index 938e54c6c503a96fc788bc3260610545924332ae..16b5727c60444cf4999deeb3f917cb82639673bd 100644
--- a/src/share/classes/sun/misc/SharedSecrets.java
+++ b/src/share/classes/sun/misc/SharedSecrets.java
@@ -44,7 +44,6 @@ public class SharedSecrets {
private static JavaUtilJarAccess javaUtilJarAccess;
private static JavaLangAccess javaLangAccess;
private static JavaIOAccess javaIOAccess;
- private static JavaIODeleteOnExitAccess javaIODeleteOnExitAccess;
private static JavaNetAccess javaNetAccess;
private static JavaNioAccess javaNioAccess;
private static JavaIOFileDescriptorAccess javaIOFileDescriptorAccess;
@@ -103,17 +102,6 @@ public class SharedSecrets {
return javaIOAccess;
}
- public static void setJavaIODeleteOnExitAccess(JavaIODeleteOnExitAccess jida) {
- javaIODeleteOnExitAccess = jida;
- }
-
- public static JavaIODeleteOnExitAccess getJavaIODeleteOnExitAccess() {
- if (javaIODeleteOnExitAccess == null) {
- unsafe.ensureClassInitialized(File.class);
- }
- return javaIODeleteOnExitAccess;
- }
-
public static void setJavaIOFileDescriptorAccess(JavaIOFileDescriptorAccess jiofda) {
javaIOFileDescriptorAccess = jiofda;
}
diff --git a/src/share/classes/sun/security/jgss/spnego/NegTokenInit.java b/src/share/classes/sun/security/jgss/spnego/NegTokenInit.java
index 6003cdfaeabbce1225b14bf137807303746c6ba5..9bb77fd7a1d849a3c419cfe9a6671e20ee55095b 100644
--- a/src/share/classes/sun/security/jgss/spnego/NegTokenInit.java
+++ b/src/share/classes/sun/security/jgss/spnego/NegTokenInit.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2005-2006 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2005-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -66,11 +66,11 @@ public class NegTokenInit extends SpNegoToken {
private byte[] mechTypes = null;
private Oid[] mechTypeList = null;
- private byte[] reqFlags = null;
+ private BitArray reqFlags = null;
private byte[] mechToken = null;
private byte[] mechListMIC = null;
- NegTokenInit(byte[] mechTypes, byte[] flags,
+ NegTokenInit(byte[] mechTypes, BitArray flags,
byte[] token, byte[] mechListMIC)
{
super(NEG_TOKEN_INIT_ID);
@@ -101,7 +101,7 @@ public class NegTokenInit extends SpNegoToken {
// write context flags with CONTEXT 01
if (reqFlags != null) {
DerOutputStream flags = new DerOutputStream();
- flags.putBitString(reqFlags);
+ flags.putUnalignedBitString(reqFlags);
initToken.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x01), flags);
}
@@ -237,7 +237,7 @@ public class NegTokenInit extends SpNegoToken {
return mechTypeList;
}
- byte[] getReqFlags() {
+ BitArray getReqFlags() {
return reqFlags;
}
diff --git a/src/share/classes/sun/security/jgss/spnego/SpNegoContext.java b/src/share/classes/sun/security/jgss/spnego/SpNegoContext.java
index 7185b0e08a720a7ce66fd045111a1094f50e5d66..a84e8a260015b125f6ca3a6f142b9e5def545ca6 100644
--- a/src/share/classes/sun/security/jgss/spnego/SpNegoContext.java
+++ b/src/share/classes/sun/security/jgss/spnego/SpNegoContext.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2005-2008 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2005-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -53,13 +53,6 @@ public class SpNegoContext implements GSSContextSpi {
private int state = STATE_NEW;
- private static final int CHECKSUM_DELEG_FLAG = 1;
- private static final int CHECKSUM_MUTUAL_FLAG = 2;
- private static final int CHECKSUM_REPLAY_FLAG = 4;
- private static final int CHECKSUM_SEQUENCE_FLAG = 8;
- private static final int CHECKSUM_CONF_FLAG = 16;
- private static final int CHECKSUM_INTEG_FLAG = 32;
-
/*
* Optional features that the application can set and their default
* values.
@@ -697,25 +690,17 @@ public class SpNegoContext implements GSSContextSpi {
/**
* get the context flags
*/
- private byte[] getContextFlags() {
- int flags = 0;
-
- if (getCredDelegState())
- flags |= CHECKSUM_DELEG_FLAG;
- if (getMutualAuthState())
- flags |= CHECKSUM_MUTUAL_FLAG;
- if (getReplayDetState())
- flags |= CHECKSUM_REPLAY_FLAG;
- if (getSequenceDetState())
- flags |= CHECKSUM_SEQUENCE_FLAG;
- if (getIntegState())
- flags |= CHECKSUM_INTEG_FLAG;
- if (getConfState())
- flags |= CHECKSUM_CONF_FLAG;
-
- byte[] temp = new byte[1];
- temp[0] = (byte)(flags & 0xff);
- return temp;
+ private BitArray getContextFlags() {
+ BitArray out = new BitArray(7);
+
+ if (getCredDelegState()) out.set(0, true);
+ if (getMutualAuthState()) out.set(1, true);
+ if (getReplayDetState()) out.set(2, true);
+ if (getSequenceDetState()) out.set(3, true);
+ if (getConfState()) out.set(5, true);
+ if (getIntegState()) out.set(6, true);
+
+ return out;
}
private void setContextFlags() {
diff --git a/src/share/classes/sun/security/provider/certpath/OCSPResponse.java b/src/share/classes/sun/security/provider/certpath/OCSPResponse.java
index 20bac34f2ccfaa6b098730c466b92703f21961a1..62cd4288ed00f1a58dd65dc80c6fca51ce326564 100644
--- a/src/share/classes/sun/security/provider/certpath/OCSPResponse.java
+++ b/src/share/classes/sun/security/provider/certpath/OCSPResponse.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2003-2008 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2003-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -28,8 +28,6 @@ package sun.security.provider.certpath;
import java.io.*;
import java.math.BigInteger;
import java.security.*;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateFactory;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CRLReason;
import java.security.cert.X509Certificate;
@@ -335,7 +333,7 @@ class OCSPResponse {
// Check whether the cert returned by the responder is trusted
if (x509Certs != null && x509Certs[0] != null) {
- X509Certificate cert = x509Certs[0];
+ X509CertImpl cert = x509Certs[0];
// First check if the cert matches the responder cert which
// was set locally.
@@ -344,8 +342,8 @@ class OCSPResponse {
// Next check if the cert was issued by the responder cert
// which was set locally.
- } else if (cert.getIssuerDN().equals(
- responderCert.getSubjectDN())) {
+ } else if (cert.getIssuerX500Principal().equals(
+ responderCert.getSubjectX500Principal())) {
// Check for the OCSPSigning key purpose
List+ * A CA may specify that an OCSP client can trust a responder for the + * lifetime of the responder's certificate. The CA does so by including + * the extension id-pkix-ocsp-nocheck. This SHOULD be a non-critical + * extension. The value of the extension should be NULL. CAs issuing + * such a certificate should realized that a compromise of the + * responder's key, is as serious as the compromise of a CA key used to + * sign CRLs, at least for the validity period of this certificate. CA's + * may choose to issue this type of certificate with a very short + * lifetime and renew it frequently. + *
+ * id-pkix-ocsp-nocheck OBJECT IDENTIFIER ::= { id-pkix-ocsp 5 } + *+ * + * @author Xuelei Fan + * @see Extension + * @see CertAttrSet + */ +public class OCSPNoCheckExtension extends Extension + implements CertAttrSet