diff --git a/.hgtags b/.hgtags index 9829d9ab8ca..f43637f7385 100644 --- a/.hgtags +++ b/.hgtags @@ -536,4 +536,18 @@ de9fd809bb475401aad188eab2264226788aad81 jdk-12+26 f15d443f97318e9b40e6f451e327ff69ed4ec361 jdk-12+27 a47b8125b7cc9ef59619745c163975fe935b57ed jdk-13+4 659b004b6a1bd8c31e766cbdf328d8f8473fd4d7 jdk-12+28 - +e3ed960609927b5fdfd0a797159835cd83a81a31 jdk-13+5 +44f41693631f9b5ac78ff4d2bfabd6734fe46df2 jdk-12+29 +b5f05fe4a6f8b3996a000c20078b356d991ca8ec jdk-13+6 +6c377af36a5c4203f16aed8a5e4c2ecc08fcd8bd jdk-12+30 +021917019cda1c0c5853255322274f37693a2431 jdk-13+7 +b5f7bb57de2f797be34f6c75d45c3245ad37ab97 jdk-12+31 +a535ba736cabc6886acdff36de3a096c46e5ddc5 jdk-13+8 +4ce47bc1fb92cf94c6e3d1f49d582f02dcb851ab jdk-12+32 +c081f3ea6b9300265a4a34e38f970b1e3ddaae9f jdk-13+9 +b67884871b5fff79c5ef3eb8ac74dd48d71ea9b1 jdk-12+33 +8e069f7b4fabfe05d9f500783e6d56cb0196d25c jdk-13+10 +21ea4076a275a0f498afa517e9ee1b94a9cf0255 jdk-13+11 +1d7aec80147a6d92b101a76aef92f3ddc88bedf4 jdk-13+12 +b67884871b5fff79c5ef3eb8ac74dd48d71ea9b1 jdk-12-ga +83cace4142c8563b6a921787db02388e1bc48d01 jdk-13+13 diff --git a/doc/building.html b/doc/building.html index 36e9c617203..dc6f097e35c 100644 --- a/doc/building.html +++ b/doc/building.html @@ -237,7 +237,7 @@

For rpm-based distributions (Fedora, Red Hat, etc), try this:

sudo yum groupinstall "Development Tools"

AIX

-

The regular builds by SAP is using AIX version 7.1, but AIX 5.3 is also supported. See the OpenJDK PowerPC Port Status Page for details.

+

Please consult the AIX section of the Supported Build Platforms OpenJDK Build Wiki page for details about which versions of AIX are supported.

Native Compiler (Toolchain) Requirements

Large portions of the JDK consists of native code, that needs to be compiled to be able to run on the target platform. In theory, toolchain and operating system should be independent factors, but in practice there's more or less a one-to-one correlation between target operating system and toolchain.

@@ -373,8 +373,7 @@ CC: Sun C++ 5.13 SunOS_i386 151846-10 2015/10/30

If you have multiple versions of Visual Studio installed, configure will by default pick the latest. You can request a specific version to be used by setting --with-toolchain-version, e.g. --with-toolchain-version=2015.

If you get LINK: fatal error LNK1123: failure during conversion to COFF: file invalid when building using Visual Studio 2010, you have encountered KB2757355, a bug triggered by a specific installation order. However, the solution suggested by the KB article does not always resolve the problem. See this stackoverflow discussion for other suggestions.

IBM XL C/C++

-

The regular builds by SAP is using version 12.1, described as IBM XL C/C++ for AIX, V12.1 (5765-J02, 5725-C72) Version: 12.01.0000.0017.

-

See the OpenJDK PowerPC Port Status Page for details.

+

Please consult the AIX section of the Supported Build Platforms OpenJDK Build Wiki page for details about which versions of XLC are supported.

Boot JDK Requirements

Paradoxically, building the JDK requires a pre-existing JDK. This is called the "boot JDK". The boot JDK does not, however, have to be a JDK built directly from the source code available in the OpenJDK Community. If you are porting the JDK to a new platform, chances are that there already exists another JDK for that platform that is usable as boot JDK.

The rule of thumb is that the boot JDK for building JDK major version N should be a JDK of major version N-1, so for building JDK 9 a JDK 8 would be suitable as boot JDK. However, the JDK should be able to "build itself", so an up-to-date build of the current JDK source is an acceptable alternative. If you are following the N-1 rule, make sure you've got the latest update version, since JDK 8 GA might not be able to build JDK 9 on all platforms.

diff --git a/doc/building.md b/doc/building.md index 1f714a14b6b..2f64c7ee6b1 100644 --- a/doc/building.md +++ b/doc/building.md @@ -295,9 +295,9 @@ sudo yum groupinstall "Development Tools" ### AIX -The regular builds by SAP is using AIX version 7.1, but AIX 5.3 is also -supported. See the [OpenJDK PowerPC Port Status Page]( -http://cr.openjdk.java.net/~simonis/ppc-aix-port) for details. +Please consult the AIX section of the [Supported Build Platforms]( +https://wiki.openjdk.java.net/display/Build/Supported+Build+Platforms) OpenJDK +Build Wiki page for details about which versions of AIX are supported. ## Native Compiler (Toolchain) Requirements @@ -419,11 +419,10 @@ https://stackoverflow.com/questions/10888391) for other suggestions. ### IBM XL C/C++ -The regular builds by SAP is using version 12.1, described as `IBM XL C/C++ for -AIX, V12.1 (5765-J02, 5725-C72) Version: 12.01.0000.0017`. +Please consult the AIX section of the [Supported Build Platforms]( +https://wiki.openjdk.java.net/display/Build/Supported+Build+Platforms) OpenJDK +Build Wiki page for details about which versions of XLC are supported. -See the [OpenJDK PowerPC Port Status Page]( -http://cr.openjdk.java.net/~simonis/ppc-aix-port) for details. ## Boot JDK Requirements diff --git a/doc/testing.html b/doc/testing.html index 52999754726..c35ee54b849 100644 --- a/doc/testing.html +++ b/doc/testing.html @@ -1,24 +1,19 @@ - + - - - + + + Testing the JDK - - + + -
+

Testing the JDK

- * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - *
Permission Target NameWhat the Permission AllowsRisks of Allowing this Permission
setHostnameVerifierThe ability to set a callback which can decide whether to - * allow a mismatch between the host being connected to by - * an HttpsURLConnection and the common name field in - * server certificate. - * Malicious - * code can set a verifier that monitors host names visited by - * HttpsURLConnection requests or that allows server certificates - * with invalid common names. - *
getSSLSessionContextThe ability to get the SSLSessionContext of an SSLSession. - * Malicious code may monitor sessions which have been established - * with SSL peers or might invalidate sessions to slow down performance. - *
- * - * @see java.security.BasicPermission - * @see java.security.Permission - * @see java.security.Permissions - * @see java.security.PermissionCollection - * @see java.lang.SecurityManager - * - * - * @author Marianne Mueller - * @author Roland Schemers - * - * @deprecated As of JDK 1.4, this implementation-specific class was - * replaced by {@link javax.net.ssl.SSLPermission}. - */ -@Deprecated(since="1.4") -public final class SSLPermission extends BasicPermission { - - private static final long serialVersionUID = -2583684302506167542L; - - /** - * Creates a new SSLPermission with the specified name. - * The name is the symbolic name of the SSLPermission, such as - * "setDefaultAuthenticator", etc. An asterisk - * may appear at the end of the name, following a ".", or by itself, to - * signify a wildcard match. - * - * @param name the name of the SSLPermission. - */ - - public SSLPermission(String name) - { - super(name); - } - - /** - * Creates a new SSLPermission object with the specified name. - * The name is the symbolic name of the SSLPermission, and the - * actions String is currently unused and should be null. This - * constructor exists for use by the Policy object - * to instantiate new Permission objects. - * - * @param name the name of the SSLPermission. - * @param actions should be null. - */ - - public SSLPermission(String name, String actions) - { - super(name, actions); - } -} diff --git a/src/java.base/share/classes/com/sun/net/ssl/SSLSecurity.java b/src/java.base/share/classes/com/sun/net/ssl/SSLSecurity.java deleted file mode 100644 index 664b53e0489..00000000000 --- a/src/java.base/share/classes/com/sun/net/ssl/SSLSecurity.java +++ /dev/null @@ -1,699 +0,0 @@ -/* - * Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Oracle designates this - * particular file as subject to the "Classpath" exception as provided - * by Oracle in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -/* - * NOTE: this file was copied from javax.net.ssl.SSLSecurity, - * but was heavily modified to allow com.sun.* users to - * access providers written using the javax.sun.* APIs. - */ - -package com.sun.net.ssl; - -import java.util.*; -import java.io.*; -import java.security.*; -import java.security.Provider.Service; -import java.net.Socket; - -import sun.security.jca.*; - -/** - * This class instantiates implementations of JSSE engine classes from - * providers registered with the java.security.Security object. - * - * @author Jan Luehe - * @author Jeff Nisewanger - * @author Brad Wetmore - */ - -final class SSLSecurity { - - /* - * Don't let anyone instantiate this. - */ - private SSLSecurity() { - } - - - // ProviderList.getService() is not accessible now, implement our own loop - private static Service getService(String type, String alg) { - ProviderList list = Providers.getProviderList(); - for (Provider p : list.providers()) { - Service s = p.getService(type, alg); - if (s != null) { - return s; - } - } - return null; - } - - /** - * The body of the driver for the getImpl method. - */ - private static Object[] getImpl1(String algName, String engineType, - Service service) throws NoSuchAlgorithmException - { - Provider provider = service.getProvider(); - String className = service.getClassName(); - Class implClass; - try { - ClassLoader cl = provider.getClass().getClassLoader(); - if (cl == null) { - // system class - implClass = Class.forName(className); - } else { - implClass = cl.loadClass(className); - } - } catch (ClassNotFoundException e) { - throw new NoSuchAlgorithmException("Class " + className + - " configured for " + - engineType + - " not found: " + - e.getMessage()); - } catch (SecurityException e) { - throw new NoSuchAlgorithmException("Class " + className + - " configured for " + - engineType + - " cannot be accessed: " + - e.getMessage()); - } - - /* - * JSSE 1.0, 1.0.1, and 1.0.2 used the com.sun.net.ssl API as the - * API was being developed. As JSSE was folded into the main - * release, it was decided to promote the com.sun.net.ssl API to - * be javax.net.ssl. It is desired to keep binary compatibility - * with vendors of JSSE implementation written using the - * com.sun.net.sll API, so we do this magic to handle everything. - * - * API used Implementation used Supported? - * ======== =================== ========== - * com.sun javax Yes - * com.sun com.sun Yes - * javax javax Yes - * javax com.sun Not Currently - * - * Make sure the implementation class is a subclass of the - * corresponding engine class. - * - * In wrapping these classes, there's no way to know how to - * wrap all possible classes that extend the TrustManager/KeyManager. - * We only wrap the x509 variants. - */ - - try { // catch instantiation errors - - /* - * (The following Class.forName()s should alway work, because - * this class and all the SPI classes in javax.crypto are - * loaded by the same class loader.) That is, unless they - * give us a SPI class that doesn't exist, say SSLFoo, - * or someone has removed classes from the java.base module. - */ - - Class typeClassJavax; - Class typeClassCom; - Object obj = null; - - /* - * Odds are more likely that we have a javax variant, try this - * first. - */ - if (((typeClassJavax = Class.forName("javax.net.ssl." + - engineType + "Spi")) != null) && - (checkSuperclass(implClass, typeClassJavax))) { - - if (engineType.equals("SSLContext")) { - obj = new SSLContextSpiWrapper(algName, provider); - } else if (engineType.equals("TrustManagerFactory")) { - obj = new TrustManagerFactorySpiWrapper(algName, provider); - } else if (engineType.equals("KeyManagerFactory")) { - obj = new KeyManagerFactorySpiWrapper(algName, provider); - } else { - /* - * We should throw an error if we get - * something totally unexpected. Don't ever - * expect to see this one... - */ - throw new IllegalStateException( - "Class " + implClass.getName() + - " unknown engineType wrapper:" + engineType); - } - - } else if (((typeClassCom = Class.forName("com.sun.net.ssl." + - engineType + "Spi")) != null) && - (checkSuperclass(implClass, typeClassCom))) { - obj = service.newInstance(null); - } - - if (obj != null) { - return new Object[] { obj, provider }; - } else { - throw new NoSuchAlgorithmException( - "Couldn't locate correct object or wrapper: " + - engineType + " " + algName); - } - - } catch (ClassNotFoundException e) { - IllegalStateException exc = new IllegalStateException( - "Engine Class Not Found for " + engineType); - exc.initCause(e); - throw exc; - } - } - - /** - * Returns an array of objects: the first object in the array is - * an instance of an implementation of the requested algorithm - * and type, and the second object in the array identifies the provider - * of that implementation. - * The provName argument can be null, in which case all - * configured providers will be searched in order of preference. - */ - static Object[] getImpl(String algName, String engineType, String provName) - throws NoSuchAlgorithmException, NoSuchProviderException - { - Service service; - if (provName != null) { - ProviderList list = Providers.getProviderList(); - Provider prov = list.getProvider(provName); - if (prov == null) { - throw new NoSuchProviderException("No such provider: " + - provName); - } - service = prov.getService(engineType, algName); - } else { - service = getService(engineType, algName); - } - if (service == null) { - throw new NoSuchAlgorithmException("Algorithm " + algName - + " not available"); - } - return getImpl1(algName, engineType, service); - } - - - /** - * Returns an array of objects: the first object in the array is - * an instance of an implementation of the requested algorithm - * and type, and the second object in the array identifies the provider - * of that implementation. - * The prov argument can be null, in which case all - * configured providers will be searched in order of preference. - */ - static Object[] getImpl(String algName, String engineType, Provider prov) - throws NoSuchAlgorithmException - { - Service service = prov.getService(engineType, algName); - if (service == null) { - throw new NoSuchAlgorithmException("No such algorithm: " + - algName); - } - return getImpl1(algName, engineType, service); - } - - /* - * Checks whether one class is the superclass of another - */ - private static boolean checkSuperclass(Class subclass, Class superclass) { - if ((subclass == null) || (superclass == null)) - return false; - - while (!subclass.equals(superclass)) { - subclass = subclass.getSuperclass(); - if (subclass == null) { - return false; - } - } - return true; - } - - /* - * Return at most the first "resize" elements of an array. - * - * Didn't want to use java.util.Arrays, as PJava may not have it. - */ - static Object[] truncateArray(Object[] oldArray, Object[] newArray) { - - for (int i = 0; i < newArray.length; i++) { - newArray[i] = oldArray[i]; - } - - return newArray; - } - -} - - -/* - * ================================================================= - * The remainder of this file is for the wrapper and wrapper-support - * classes. When SSLSecurity finds something which extends the - * javax.net.ssl.*Spi, we need to go grab a real instance of the - * thing that the Spi supports, and wrap into a com.sun.net.ssl.*Spi - * object. This also mean that anything going down into the SPI - * needs to be wrapped, as well as anything coming back up. - */ -@SuppressWarnings("deprecation") -final class SSLContextSpiWrapper extends SSLContextSpi { - - private javax.net.ssl.SSLContext theSSLContext; - - SSLContextSpiWrapper(String algName, Provider prov) throws - NoSuchAlgorithmException { - theSSLContext = javax.net.ssl.SSLContext.getInstance(algName, prov); - } - - @SuppressWarnings("deprecation") - protected void engineInit(KeyManager[] kma, TrustManager[] tma, - SecureRandom sr) throws KeyManagementException { - - // Keep track of the actual number of array elements copied - int dst; - int src; - javax.net.ssl.KeyManager[] kmaw; - javax.net.ssl.TrustManager[] tmaw; - - // Convert com.sun.net.ssl.kma to a javax.net.ssl.kma - // wrapper if need be. - if (kma != null) { - kmaw = new javax.net.ssl.KeyManager[kma.length]; - for (src = 0, dst = 0; src < kma.length; ) { - /* - * These key managers may implement both javax - * and com.sun interfaces, so if they do - * javax, there's no need to wrap them. - */ - if (!(kma[src] instanceof javax.net.ssl.KeyManager)) { - /* - * Do we know how to convert them? If not, oh well... - * We'll have to drop them on the floor in this - * case, cause we don't know how to handle them. - * This will be pretty rare, but put here for - * completeness. - */ - if (kma[src] instanceof X509KeyManager) { - kmaw[dst] = (javax.net.ssl.KeyManager) - new X509KeyManagerJavaxWrapper( - (X509KeyManager)kma[src]); - dst++; - } - } else { - // We can convert directly, since they implement. - kmaw[dst] = (javax.net.ssl.KeyManager)kma[src]; - dst++; - } - src++; - } - - /* - * If dst != src, there were more items in the original array - * than in the new array. Compress the new elements to avoid - * any problems down the road. - */ - if (dst != src) { - kmaw = (javax.net.ssl.KeyManager []) - SSLSecurity.truncateArray(kmaw, - new javax.net.ssl.KeyManager [dst]); - } - } else { - kmaw = null; - } - - // Now do the same thing with the TrustManagers. - if (tma != null) { - tmaw = new javax.net.ssl.TrustManager[tma.length]; - - for (src = 0, dst = 0; src < tma.length; ) { - /* - * These key managers may implement both...see above... - */ - if (!(tma[src] instanceof javax.net.ssl.TrustManager)) { - // Do we know how to convert them? - if (tma[src] instanceof X509TrustManager) { - tmaw[dst] = (javax.net.ssl.TrustManager) - new X509TrustManagerJavaxWrapper( - (X509TrustManager)tma[src]); - dst++; - } - } else { - tmaw[dst] = (javax.net.ssl.TrustManager)tma[src]; - dst++; - } - src++; - } - - if (dst != src) { - tmaw = (javax.net.ssl.TrustManager []) - SSLSecurity.truncateArray(tmaw, - new javax.net.ssl.TrustManager [dst]); - } - } else { - tmaw = null; - } - - theSSLContext.init(kmaw, tmaw, sr); - } - - protected javax.net.ssl.SSLSocketFactory - engineGetSocketFactory() { - return theSSLContext.getSocketFactory(); - } - - protected javax.net.ssl.SSLServerSocketFactory - engineGetServerSocketFactory() { - return theSSLContext.getServerSocketFactory(); - } - -} - -@SuppressWarnings("deprecation") -final class TrustManagerFactorySpiWrapper extends TrustManagerFactorySpi { - - private javax.net.ssl.TrustManagerFactory theTrustManagerFactory; - - TrustManagerFactorySpiWrapper(String algName, Provider prov) throws - NoSuchAlgorithmException { - theTrustManagerFactory = - javax.net.ssl.TrustManagerFactory.getInstance(algName, prov); - } - - protected void engineInit(KeyStore ks) throws KeyStoreException { - theTrustManagerFactory.init(ks); - } - - protected TrustManager[] engineGetTrustManagers() { - - int dst; - int src; - - javax.net.ssl.TrustManager[] tma = - theTrustManagerFactory.getTrustManagers(); - - TrustManager[] tmaw = new TrustManager[tma.length]; - - for (src = 0, dst = 0; src < tma.length; ) { - if (!(tma[src] instanceof com.sun.net.ssl.TrustManager)) { - // We only know how to wrap X509TrustManagers, as - // TrustManagers don't have any methods to wrap. - if (tma[src] instanceof javax.net.ssl.X509TrustManager) { - tmaw[dst] = (TrustManager) - new X509TrustManagerComSunWrapper( - (javax.net.ssl.X509TrustManager)tma[src]); - dst++; - } - } else { - tmaw[dst] = (TrustManager)tma[src]; - dst++; - } - src++; - } - - if (dst != src) { - tmaw = (TrustManager []) - SSLSecurity.truncateArray(tmaw, new TrustManager [dst]); - } - - return tmaw; - } - -} - -@SuppressWarnings("deprecation") -final class KeyManagerFactorySpiWrapper extends KeyManagerFactorySpi { - - private javax.net.ssl.KeyManagerFactory theKeyManagerFactory; - - KeyManagerFactorySpiWrapper(String algName, Provider prov) throws - NoSuchAlgorithmException { - theKeyManagerFactory = - javax.net.ssl.KeyManagerFactory.getInstance(algName, prov); - } - - protected void engineInit(KeyStore ks, char[] password) - throws KeyStoreException, NoSuchAlgorithmException, - UnrecoverableKeyException { - theKeyManagerFactory.init(ks, password); - } - - protected KeyManager[] engineGetKeyManagers() { - - int dst; - int src; - - javax.net.ssl.KeyManager[] kma = - theKeyManagerFactory.getKeyManagers(); - - KeyManager[] kmaw = new KeyManager[kma.length]; - - for (src = 0, dst = 0; src < kma.length; ) { - if (!(kma[src] instanceof com.sun.net.ssl.KeyManager)) { - // We only know how to wrap X509KeyManagers, as - // KeyManagers don't have any methods to wrap. - if (kma[src] instanceof javax.net.ssl.X509KeyManager) { - kmaw[dst] = (KeyManager) - new X509KeyManagerComSunWrapper( - (javax.net.ssl.X509KeyManager)kma[src]); - dst++; - } - } else { - kmaw[dst] = (KeyManager)kma[src]; - dst++; - } - src++; - } - - if (dst != src) { - kmaw = (KeyManager []) - SSLSecurity.truncateArray(kmaw, new KeyManager [dst]); - } - - return kmaw; - } - -} - -// ================================= - -@SuppressWarnings("deprecation") -final class X509KeyManagerJavaxWrapper implements - javax.net.ssl.X509KeyManager { - - private X509KeyManager theX509KeyManager; - - X509KeyManagerJavaxWrapper(X509KeyManager obj) { - theX509KeyManager = obj; - } - - public String[] getClientAliases(String keyType, Principal[] issuers) { - return theX509KeyManager.getClientAliases(keyType, issuers); - } - - public String chooseClientAlias(String[] keyTypes, Principal[] issuers, - Socket socket) { - String retval; - - if (keyTypes == null) { - return null; - } - - /* - * Scan the list, look for something we can pass back. - */ - for (int i = 0; i < keyTypes.length; i++) { - if ((retval = theX509KeyManager.chooseClientAlias(keyTypes[i], - issuers)) != null) - return retval; - } - return null; - - } - - /* - * JSSE 1.0.x was only socket based, but it's possible someone might - * want to install a really old provider. We should at least - * try to be nice. - */ - public String chooseEngineClientAlias( - String[] keyTypes, Principal[] issuers, - javax.net.ssl.SSLEngine engine) { - String retval; - - if (keyTypes == null) { - return null; - } - - /* - * Scan the list, look for something we can pass back. - */ - for (int i = 0; i < keyTypes.length; i++) { - if ((retval = theX509KeyManager.chooseClientAlias(keyTypes[i], - issuers)) != null) - return retval; - } - - return null; - } - - public String[] getServerAliases(String keyType, Principal[] issuers) { - return theX509KeyManager.getServerAliases(keyType, issuers); - } - - public String chooseServerAlias(String keyType, Principal[] issuers, - Socket socket) { - - if (keyType == null) { - return null; - } - return theX509KeyManager.chooseServerAlias(keyType, issuers); - } - - /* - * JSSE 1.0.x was only socket based, but it's possible someone might - * want to install a really old provider. We should at least - * try to be nice. - */ - public String chooseEngineServerAlias( - String keyType, Principal[] issuers, - javax.net.ssl.SSLEngine engine) { - - if (keyType == null) { - return null; - } - return theX509KeyManager.chooseServerAlias(keyType, issuers); - } - - public java.security.cert.X509Certificate[] - getCertificateChain(String alias) { - return theX509KeyManager.getCertificateChain(alias); - } - - public PrivateKey getPrivateKey(String alias) { - return theX509KeyManager.getPrivateKey(alias); - } -} - -@SuppressWarnings("deprecation") -final class X509TrustManagerJavaxWrapper implements - javax.net.ssl.X509TrustManager { - - private X509TrustManager theX509TrustManager; - - X509TrustManagerJavaxWrapper(X509TrustManager obj) { - theX509TrustManager = obj; - } - - public void checkClientTrusted( - java.security.cert.X509Certificate[] chain, String authType) - throws java.security.cert.CertificateException { - if (!theX509TrustManager.isClientTrusted(chain)) { - throw new java.security.cert.CertificateException( - "Untrusted Client Certificate Chain"); - } - } - - public void checkServerTrusted( - java.security.cert.X509Certificate[] chain, String authType) - throws java.security.cert.CertificateException { - if (!theX509TrustManager.isServerTrusted(chain)) { - throw new java.security.cert.CertificateException( - "Untrusted Server Certificate Chain"); - } - } - - public java.security.cert.X509Certificate[] getAcceptedIssuers() { - return theX509TrustManager.getAcceptedIssuers(); - } -} - -@SuppressWarnings("deprecation") -final class X509KeyManagerComSunWrapper implements X509KeyManager { - - private javax.net.ssl.X509KeyManager theX509KeyManager; - - X509KeyManagerComSunWrapper(javax.net.ssl.X509KeyManager obj) { - theX509KeyManager = obj; - } - - public String[] getClientAliases(String keyType, Principal[] issuers) { - return theX509KeyManager.getClientAliases(keyType, issuers); - } - - public String chooseClientAlias(String keyType, Principal[] issuers) { - String [] keyTypes = new String [] { keyType }; - return theX509KeyManager.chooseClientAlias(keyTypes, issuers, null); - } - - public String[] getServerAliases(String keyType, Principal[] issuers) { - return theX509KeyManager.getServerAliases(keyType, issuers); - } - - public String chooseServerAlias(String keyType, Principal[] issuers) { - return theX509KeyManager.chooseServerAlias(keyType, issuers, null); - } - - public java.security.cert.X509Certificate[] - getCertificateChain(String alias) { - return theX509KeyManager.getCertificateChain(alias); - } - - public PrivateKey getPrivateKey(String alias) { - return theX509KeyManager.getPrivateKey(alias); - } -} - -@SuppressWarnings("deprecation") -final class X509TrustManagerComSunWrapper implements X509TrustManager { - - private javax.net.ssl.X509TrustManager theX509TrustManager; - - X509TrustManagerComSunWrapper(javax.net.ssl.X509TrustManager obj) { - theX509TrustManager = obj; - } - - public boolean isClientTrusted( - java.security.cert.X509Certificate[] chain) { - try { - theX509TrustManager.checkClientTrusted(chain, "UNKNOWN"); - return true; - } catch (java.security.cert.CertificateException e) { - return false; - } - } - - public boolean isServerTrusted( - java.security.cert.X509Certificate[] chain) { - try { - theX509TrustManager.checkServerTrusted(chain, "UNKNOWN"); - return true; - } catch (java.security.cert.CertificateException e) { - return false; - } - } - - public java.security.cert.X509Certificate[] getAcceptedIssuers() { - return theX509TrustManager.getAcceptedIssuers(); - } -} diff --git a/src/java.base/share/classes/com/sun/net/ssl/TrustManager.java b/src/java.base/share/classes/com/sun/net/ssl/TrustManager.java deleted file mode 100644 index 376b111fd81..00000000000 --- a/src/java.base/share/classes/com/sun/net/ssl/TrustManager.java +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Oracle designates this - * particular file as subject to the "Classpath" exception as provided - * by Oracle in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -/* - * NOTE: this file was copied from javax.net.ssl.TrustManager - */ - -package com.sun.net.ssl; - -/** - * Base interface for JSSE trust managers which manage - * authentication trust decisions for different types of - * authentication material. - * - * @deprecated As of JDK 1.4, this implementation-specific class was - * replaced by {@link javax.net.ssl.TrustManager}. - */ -@Deprecated(since="1.4") -public interface TrustManager { -} diff --git a/src/java.base/share/classes/com/sun/net/ssl/TrustManagerFactory.java b/src/java.base/share/classes/com/sun/net/ssl/TrustManagerFactory.java deleted file mode 100644 index b580f04af34..00000000000 --- a/src/java.base/share/classes/com/sun/net/ssl/TrustManagerFactory.java +++ /dev/null @@ -1,220 +0,0 @@ -/* - * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Oracle designates this - * particular file as subject to the "Classpath" exception as provided - * by Oracle in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -/* - * NOTE: this file was copied from javax.net.ssl.TrustManagerFactory - */ - -package com.sun.net.ssl; - -import java.security.*; - -/** - * This class acts as a factory for trust managers based on a - * source of trust material. Each trust manager manages a specific - * type of trust material for use by secure sockets. The trust - * material is based on a KeyStore and/or provider specific sources. - * - * @deprecated As of JDK 1.4, this implementation-specific class was - * replaced by {@link javax.net.ssl.TrustManagerFactory}. - */ -@Deprecated(since="1.4") -public class TrustManagerFactory { - // The provider - private Provider provider; - - // The provider implementation (delegate) - private TrustManagerFactorySpi factorySpi; - - // The name of the trust management algorithm. - private String algorithm; - - /** - *

The default TrustManager can be changed by setting the value of the - * {@code sun.ssl.trustmanager.type} security property to the desired name. - * - * @return the default type as specified by the - * {@code sun.ssl.trustmanager.type} security property, or an - * implementation-specific default if no such property exists. - * - * @see java.security.Security security properties - */ - public static final String getDefaultAlgorithm() { - String type; - type = AccessController.doPrivileged(new PrivilegedAction<>() { - public String run() { - return Security.getProperty("sun.ssl.trustmanager.type"); - } - }); - if (type == null) { - type = "SunX509"; - } - return type; - - } - - /** - * Creates a TrustManagerFactory object. - * - * @param factorySpi the delegate - * @param provider the provider - * @param algorithm the algorithm - */ - protected TrustManagerFactory(TrustManagerFactorySpi factorySpi, - Provider provider, String algorithm) { - this.factorySpi = factorySpi; - this.provider = provider; - this.algorithm = algorithm; - } - - /** - * Returns the algorithm name of this TrustManagerFactory - * object. - * - *

This is the same name that was specified in one of the - * getInstance calls that created this - * TrustManagerFactory object. - * - * @return the algorithm name of this TrustManagerFactory - * object. - */ - public final String getAlgorithm() { - return this.algorithm; - } - - /** - * Generates a TrustManagerFactory object that implements the - * specified trust management algorithm. - * If the default provider package provides an implementation of the - * requested trust management algorithm, an instance of - * TrustManagerFactory containing that implementation is - * returned. If the algorithm is not available in the default provider - * package, other provider packages are searched. - * - * @param algorithm the standard name of the requested trust management - * algorithm. - * - * @return the new TrustManagerFactory object - * - * @exception NoSuchAlgorithmException if the specified algorithm is not - * available in the default provider package or any of the other provider - * packages that were searched. - */ - public static final TrustManagerFactory getInstance(String algorithm) - throws NoSuchAlgorithmException - { - try { - Object[] objs = SSLSecurity.getImpl(algorithm, - "TrustManagerFactory", (String) null); - return new TrustManagerFactory((TrustManagerFactorySpi)objs[0], - (Provider)objs[1], - algorithm); - } catch (NoSuchProviderException e) { - throw new NoSuchAlgorithmException(algorithm + " not found"); - } - } - - /** - * Generates a TrustManagerFactory object for the specified - * trust management algorithm from the specified provider. - * - * @param algorithm the standard name of the requested trust management - * algorithm. - * @param provider the name of the provider - * - * @return the new TrustManagerFactory object - * - * @exception NoSuchAlgorithmException if the specified algorithm is not - * available from the specified provider. - * @exception NoSuchProviderException if the specified provider has not - * been configured. - */ - public static final TrustManagerFactory getInstance(String algorithm, - String provider) - throws NoSuchAlgorithmException, NoSuchProviderException - { - if (provider == null || provider.isEmpty()) - throw new IllegalArgumentException("missing provider"); - Object[] objs = SSLSecurity.getImpl(algorithm, "TrustManagerFactory", - provider); - return new TrustManagerFactory((TrustManagerFactorySpi)objs[0], - (Provider)objs[1], algorithm); - } - - /** - * Generates a TrustManagerFactory object for the specified - * trust management algorithm from the specified provider. - * - * @param algorithm the standard name of the requested trust management - * algorithm. - * @param provider an instance of the provider - * - * @return the new TrustManagerFactory object - * - * @exception NoSuchAlgorithmException if the specified algorithm is not - * available from the specified provider. - */ - public static final TrustManagerFactory getInstance(String algorithm, - Provider provider) - throws NoSuchAlgorithmException - { - if (provider == null) - throw new IllegalArgumentException("missing provider"); - Object[] objs = SSLSecurity.getImpl(algorithm, "TrustManagerFactory", - provider); - return new TrustManagerFactory((TrustManagerFactorySpi)objs[0], - (Provider)objs[1], algorithm); - } - - /** - * Returns the provider of this TrustManagerFactory object. - * - * @return the provider of this TrustManagerFactory object - */ - public final Provider getProvider() { - return this.provider; - } - - - /** - * Initializes this factory with a source of certificate - * authorities and related trust material. The - * provider may also include a provider-specific source - * of key material. - * - * @param ks the key store or null - */ - public void init(KeyStore ks) throws KeyStoreException { - factorySpi.engineInit(ks); - } - - /** - * Returns one trust manager for each type of trust material. - * @return the trust managers - */ - public TrustManager[] getTrustManagers() { - return factorySpi.engineGetTrustManagers(); - } -} diff --git a/src/java.base/share/classes/com/sun/net/ssl/TrustManagerFactorySpi.java b/src/java.base/share/classes/com/sun/net/ssl/TrustManagerFactorySpi.java deleted file mode 100644 index 8ab1901c4ea..00000000000 --- a/src/java.base/share/classes/com/sun/net/ssl/TrustManagerFactorySpi.java +++ /dev/null @@ -1,62 +0,0 @@ -/* - * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Oracle designates this - * particular file as subject to the "Classpath" exception as provided - * by Oracle in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -/* - * NOTE: this file was copied from javax.net.ssl.TrustManagerFactorySpi - */ - -package com.sun.net.ssl; - -import java.security.*; - -/** - * This class defines the Service Provider Interface (SPI) - * for the TrustManagerFactory class. - * - *

All the abstract methods in this class must be implemented by each - * cryptographic service provider who wishes to supply the implementation - * of a particular trust manager factory. - * - * @deprecated As of JDK 1.4, this implementation-specific class was - * replaced by {@link javax.net.ssl.TrustManagerFactorySpi}. - */ -@Deprecated(since="1.4") -public abstract class TrustManagerFactorySpi { - /** - * Initializes this factory with a source of certificate - * authorities and related trust material. The - * provider may also include a provider-specific source - * of key material. - * - * @param ks the key store or null - */ - protected abstract void engineInit(KeyStore ks) throws KeyStoreException; - - /** - * Returns one trust manager for each type of trust material. - * @return the trust managers - */ - protected abstract TrustManager[] engineGetTrustManagers(); -} diff --git a/src/java.base/share/classes/com/sun/net/ssl/X509KeyManager.java b/src/java.base/share/classes/com/sun/net/ssl/X509KeyManager.java deleted file mode 100644 index 8d4019c8721..00000000000 --- a/src/java.base/share/classes/com/sun/net/ssl/X509KeyManager.java +++ /dev/null @@ -1,109 +0,0 @@ -/* - * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Oracle designates this - * particular file as subject to the "Classpath" exception as provided - * by Oracle in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -/* - * NOTE: this file was copied from javax.net.ssl.X509KeyManager - */ - -package com.sun.net.ssl; - -import java.security.KeyManagementException; -import java.security.PrivateKey; -import java.security.Principal; -import java.security.cert.X509Certificate; - -/** - * Instances of this interface manage which X509 certificate-based - * key pairs are used to authenticate the local side of a secure - * socket. The individual entries are identified by unique alias names. - * - * @deprecated As of JDK 1.4, this implementation-specific class was - * replaced by {@link javax.net.ssl.X509KeyManager}. - */ -@Deprecated(since="1.4") -public interface X509KeyManager extends KeyManager { - /** - * Get the matching aliases for authenticating the client side of a secure - * socket given the public key type and the list of - * certificate issuer authorities recognized by the peer (if any). - * - * @param keyType the key algorithm type name - * @param issuers the list of acceptable CA issuer subject names - * @return the matching alias names - */ - public String[] getClientAliases(String keyType, Principal[] issuers); - - /** - * Choose an alias to authenticate the client side of a secure - * socket given the public key type and the list of - * certificate issuer authorities recognized by the peer (if any). - * - * @param keyType the key algorithm type name - * @param issuers the list of acceptable CA issuer subject names - * @return the alias name for the desired key - */ - public String chooseClientAlias(String keyType, Principal[] issuers); - - /** - * Get the matching aliases for authenticating the server side of a secure - * socket given the public key type and the list of - * certificate issuer authorities recognized by the peer (if any). - * - * @param keyType the key algorithm type name - * @param issuers the list of acceptable CA issuer subject names - * @return the matching alias names - */ - public String[] getServerAliases(String keyType, Principal[] issuers); - - /** - * Choose an alias to authenticate the server side of a secure - * socket given the public key type and the list of - * certificate issuer authorities recognized by the peer (if any). - * - * @param keyType the key algorithm type name - * @param issuers the list of acceptable CA issuer subject names - * @return the alias name for the desired key - */ - public String chooseServerAlias(String keyType, Principal[] issuers); - - /** - * Returns the certificate chain associated with the given alias. - * - * @param alias the alias name - * - * @return the certificate chain (ordered with the user's certificate first - * and the root certificate authority last) - */ - public X509Certificate[] getCertificateChain(String alias); - - /* - * Returns the key associated with the given alias. - * - * @param alias the alias name - * - * @return the requested key - */ - public PrivateKey getPrivateKey(String alias); -} diff --git a/src/java.base/share/classes/com/sun/net/ssl/X509TrustManager.java b/src/java.base/share/classes/com/sun/net/ssl/X509TrustManager.java deleted file mode 100644 index 041c3e6f587..00000000000 --- a/src/java.base/share/classes/com/sun/net/ssl/X509TrustManager.java +++ /dev/null @@ -1,73 +0,0 @@ -/* - * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Oracle designates this - * particular file as subject to the "Classpath" exception as provided - * by Oracle in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -/* - * NOTE: this file was copied from javax.net.ssl.X509TrustManager - */ - -package com.sun.net.ssl; - -import java.security.cert.X509Certificate; - -/** - * Instance of this interface manage which X509 certificates - * may be used to authenticate the remote side of a secure - * socket. Decisions may be based on trusted certificate - * authorities, certificate revocation lists, online - * status checking or other means. - * - * @deprecated As of JDK 1.4, this implementation-specific class was - * replaced by {@link javax.net.ssl.X509TrustManager}. - */ -@Deprecated(since="1.4") -public interface X509TrustManager extends TrustManager { - /** - * Given the partial or complete certificate chain - * provided by the peer, build a certificate path - * to a trusted root and return true if it can be - * validated and is trusted for client SSL authentication. - * - * @param chain the peer certificate chain - */ - public boolean isClientTrusted(X509Certificate[] chain); - - /** - * Given the partial or complete certificate chain - * provided by the peer, build a certificate path - * to a trusted root and return true if it can be - * validated and is trusted for server SSL authentication. - * - * @param chain the peer certificate chain - */ - public boolean isServerTrusted(X509Certificate[] chain); - - /** - * Return an array of certificate authority certificates - * which are trusted for authenticating peers. - * - * @return the acceptable CA issuer certificates - */ - public X509Certificate[] getAcceptedIssuers(); -} diff --git a/src/java.base/share/classes/com/sun/net/ssl/internal/ssl/Provider.java b/src/java.base/share/classes/com/sun/net/ssl/internal/ssl/Provider.java deleted file mode 100644 index f158f88bda1..00000000000 --- a/src/java.base/share/classes/com/sun/net/ssl/internal/ssl/Provider.java +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Copyright (c) 2007, 2017, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Oracle designates this - * particular file as subject to the "Classpath" exception as provided - * by Oracle in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -package com.sun.net.ssl.internal.ssl; - -import sun.security.ssl.SunJSSE; - -/** - * Main class for the SunJSSE provider. The actual code was moved to the - * class sun.security.ssl.SunJSSE, but for backward compatibility we - * continue to use this class as the main Provider class. - */ -@Deprecated(since="9") -public final class Provider extends SunJSSE { - - private static final long serialVersionUID = 3231825739635378733L; - - // standard constructor - public Provider() { - super(); - } - - // preferred constructor to enable FIPS mode at runtime - public Provider(java.security.Provider cryptoProvider) { - super(cryptoProvider); - } - - // constructor to enable FIPS mode from java.security file - public Provider(String cryptoProvider) { - super(cryptoProvider); - } - - // public for now, but we may want to change it or not document it. - public static synchronized boolean isFIPS() { - return SunJSSE.isFIPS(); - } - - /** - * Installs the JSSE provider. - */ - public static synchronized void install() { - /* nop. Remove this method in the future. */ - } - -} diff --git a/src/java.base/share/classes/com/sun/net/ssl/internal/ssl/X509ExtendedTrustManager.java b/src/java.base/share/classes/com/sun/net/ssl/internal/ssl/X509ExtendedTrustManager.java deleted file mode 100644 index 2af41b97fe5..00000000000 --- a/src/java.base/share/classes/com/sun/net/ssl/internal/ssl/X509ExtendedTrustManager.java +++ /dev/null @@ -1,123 +0,0 @@ -/* - * Copyright (c) 2005, 2017, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Oracle designates this - * particular file as subject to the "Classpath" exception as provided - * by Oracle in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -package com.sun.net.ssl.internal.ssl; - -import javax.net.ssl.X509TrustManager; - -import java.security.cert.X509Certificate; -import java.security.cert.CertificateException; - -/** - * Instance of this class is an extension of X509TrustManager. - *

- * Note that this class is referenced by the Deploy workspace. Any updates - * must make sure that they do not cause any breakage there. - *

- * It takes the responsiblity of checking the peer identity with its - * principal declared in the cerificate. - *

- * The class provides an alternative to HostnameVerifer. - * If application customizes its HostnameVerifer for - * HttpsURLConnection, the peer identity will be checked - * by the customized HostnameVerifer; otherwise, it will - * be checked by the extended trust manager. - *

- * RFC2830 defines the server identification specification for "LDAP" - * algorithm. RFC2818 defines both the server identification and the - * client identification specification for "HTTPS" algorithm. - * - * @see X509TrustManager - * @see HostnameVerifier - * - * @since 1.6 - * @author Xuelei Fan - */ -@Deprecated(since="9") -public abstract class X509ExtendedTrustManager implements X509TrustManager { - /** - * Constructor used by subclasses only. - */ - protected X509ExtendedTrustManager() { - } - - /** - * Given the partial or complete certificate chain provided by the - * peer, check its identity and build a certificate path to a trusted - * root, return if it can be validated and is trusted for client SSL - * authentication based on the authentication type. - *

- * The authentication type is determined by the actual certificate - * used. For instance, if RSAPublicKey is used, the authType - * should be "RSA". Checking is case-sensitive. - *

- * The algorithm parameter specifies the client identification protocol - * to use. If the algorithm and the peer hostname are available, the - * peer hostname is checked against the peer's identity presented in - * the X509 certificate, in order to prevent masquerade attacks. - * - * @param chain the peer certificate chain - * @param authType the authentication type based on the client certificate - * @param hostname the peer hostname - * @param algorithm the identification algorithm - * @throws IllegalArgumentException if null or zero-length chain - * is passed in for the chain parameter or if null or zero-length - * string is passed in for the authType parameter - * @throws CertificateException if the certificate chain is not trusted - * by this TrustManager. - */ - public abstract void checkClientTrusted(X509Certificate[] chain, - String authType, String hostname, String algorithm) - throws CertificateException; - - /** - * Given the partial or complete certificate chain provided by the - * peer, check its identity and build a certificate path to a trusted - * root, return if it can be validated and is trusted for server SSL - * authentication based on the authentication type. - *

- * The authentication type is the key exchange algorithm portion - * of the cipher suites represented as a String, such as "RSA", - * "DHE_DSS". Checking is case-sensitive. - *

- * The algorithm parameter specifies the server identification protocol - * to use. If the algorithm and the peer hostname are available, the - * peer hostname is checked against the peer's identity presented in - * the X509 certificate, in order to prevent masquerade attacks. - * - * @param chain the peer certificate chain - * @param authType the key exchange algorithm used - * @param hostname the peer hostname - * @param algorithm the identification algorithm - * @throws IllegalArgumentException if null or zero-length chain - * is passed in for the chain parameter or if null or zero-length - * string is passed in for the authType parameter - * @throws CertificateException if the certificate chain is not trusted - * by this TrustManager. - */ - public abstract void checkServerTrusted(X509Certificate[] chain, - String authType, String hostname, String algorithm) - throws CertificateException; -} diff --git a/src/java.base/share/classes/com/sun/net/ssl/internal/www/protocol/https/DelegateHttpsURLConnection.java b/src/java.base/share/classes/com/sun/net/ssl/internal/www/protocol/https/DelegateHttpsURLConnection.java deleted file mode 100644 index 46b8e299911..00000000000 --- a/src/java.base/share/classes/com/sun/net/ssl/internal/www/protocol/https/DelegateHttpsURLConnection.java +++ /dev/null @@ -1,178 +0,0 @@ -/* - * Copyright (c) 2001, 2017, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Oracle designates this - * particular file as subject to the "Classpath" exception as provided - * by Oracle in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -package com.sun.net.ssl.internal.www.protocol.https; - -import java.net.URL; -import java.net.Proxy; -import java.io.IOException; -import java.util.Collection; -import java.util.List; -import java.util.Iterator; - -import java.security.Principal; -import java.security.cert.*; - -import javax.security.auth.x500.X500Principal; - -import sun.security.util.HostnameChecker; -import sun.security.util.DerValue; -import sun.security.x509.X500Name; - -import sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection; - -/** - * This class was introduced to provide an additional level of - * abstraction between javax.net.ssl.HttpURLConnection and - * com.sun.net.ssl.HttpURLConnection objects.

- * - * javax.net.ssl.HttpURLConnection is used in the new sun.net version - * of protocol implementation (this one) - * com.sun.net.ssl.HttpURLConnection is used in the com.sun version. - * - */ -@Deprecated(since="9") -@SuppressWarnings("deprecation") // HttpsURLConnection is deprecated -public class DelegateHttpsURLConnection extends AbstractDelegateHttpsURLConnection { - - // we need a reference to the HttpsURLConnection to get - // the properties set there - // we also need it to be public so that it can be referenced - // from sun.net.www.protocol.http.HttpURLConnection - // this is for ResponseCache.put(URI, URLConnection) - // second parameter needs to be cast to javax.net.ssl.HttpsURLConnection - // instead of AbstractDelegateHttpsURLConnection - - public com.sun.net.ssl.HttpsURLConnection httpsURLConnection; - - DelegateHttpsURLConnection(URL url, - sun.net.www.protocol.http.Handler handler, - com.sun.net.ssl.HttpsURLConnection httpsURLConnection) - throws IOException { - this(url, null, handler, httpsURLConnection); - } - - DelegateHttpsURLConnection(URL url, Proxy p, - sun.net.www.protocol.http.Handler handler, - com.sun.net.ssl.HttpsURLConnection httpsURLConnection) - throws IOException { - super(url, p, handler); - this.httpsURLConnection = httpsURLConnection; - } - - protected javax.net.ssl.SSLSocketFactory getSSLSocketFactory() { - return httpsURLConnection.getSSLSocketFactory(); - } - - protected javax.net.ssl.HostnameVerifier getHostnameVerifier() { - // note: getHostnameVerifier() never returns null - return new VerifierWrapper(httpsURLConnection.getHostnameVerifier()); - } - - /* - * Called by layered delegator's finalize() method to handle closing - * the underlying object. - */ - protected void dispose() throws Throwable { - super.finalize(); - } -} - -class VerifierWrapper implements javax.net.ssl.HostnameVerifier { - @SuppressWarnings("deprecation") - private com.sun.net.ssl.HostnameVerifier verifier; - - @SuppressWarnings("deprecation") - VerifierWrapper(com.sun.net.ssl.HostnameVerifier verifier) { - this.verifier = verifier; - } - - /* - * In com.sun.net.ssl.HostnameVerifier the method is defined - * as verify(String urlHostname, String certHostname). - * This means we need to extract the hostname from the X.509 certificate - * in this wrapper. - */ - public boolean verify(String hostname, javax.net.ssl.SSLSession session) { - try { - Certificate[] serverChain = session.getPeerCertificates(); - if ((serverChain == null) || (serverChain.length == 0)) { - return false; - } - if (serverChain[0] instanceof X509Certificate == false) { - return false; - } - X509Certificate serverCert = (X509Certificate)serverChain[0]; - String serverName = getServername(serverCert); - if (serverName == null) { - return false; - } - return verifier.verify(hostname, serverName); - } catch (javax.net.ssl.SSLPeerUnverifiedException e) { - return false; - } - } - - /* - * Extract the name of the SSL server from the certificate. - * - * Note this code is essentially a subset of the hostname extraction - * code in HostnameChecker. - */ - private static String getServername(X509Certificate peerCert) { - try { - // compare to subjectAltNames if dnsName is present - Collection> subjAltNames = peerCert.getSubjectAlternativeNames(); - if (subjAltNames != null) { - for (Iterator> itr = subjAltNames.iterator(); itr.hasNext(); ) { - List next = itr.next(); - if (((Integer)next.get(0)).intValue() == 2) { - // compare dNSName with host in url - String dnsName = ((String)next.get(1)); - return dnsName; - } - } - } - - // else check against common name in the subject field - X500Name subject = HostnameChecker.getSubjectX500Name(peerCert); - - DerValue derValue = subject.findMostSpecificAttribute - (X500Name.commonName_oid); - if (derValue != null) { - try { - String name = derValue.getAsString(); - return name; - } catch (IOException e) { - // ignore - } - } - } catch (java.security.cert.CertificateException e) { - // ignore - } - return null; - } - -} diff --git a/src/java.base/share/classes/com/sun/net/ssl/internal/www/protocol/https/HttpsURLConnectionOldImpl.java b/src/java.base/share/classes/com/sun/net/ssl/internal/www/protocol/https/HttpsURLConnectionOldImpl.java deleted file mode 100644 index eb7c11b21f9..00000000000 --- a/src/java.base/share/classes/com/sun/net/ssl/internal/www/protocol/https/HttpsURLConnectionOldImpl.java +++ /dev/null @@ -1,506 +0,0 @@ -/* - * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Oracle designates this - * particular file as subject to the "Classpath" exception as provided - * by Oracle in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -/* - * NOTE: This class lives in the package sun.net.www.protocol.https. - * There is a copy in com.sun.net.ssl.internal.www.protocol.https for JSSE - * 1.0.2 compatibility. It is 100% identical except the package and extends - * lines. Any changes should be made to be class in sun.net.* and then copied - * to com.sun.net.*. - */ - -// For both copies of the file, uncomment one line and comment the other -// package sun.net.www.protocol.https; -package com.sun.net.ssl.internal.www.protocol.https; - -import java.net.URL; -import java.net.Proxy; -import java.net.ProtocolException; -import java.net.MalformedURLException; -import java.io.*; -import java.net.Authenticator; -import javax.net.ssl.*; -import java.security.Permission; -import java.util.Map; -import java.util.List; -import sun.net.www.http.HttpClient; - -/** - * A class to represent an HTTP connection to a remote object. - * - * Ideally, this class should subclass and inherit the http handler - * implementation, but it can't do so because that class have the - * wrong Java Type. Thus it uses the delegate (aka, the - * Adapter/Wrapper design pattern) to reuse code from the http - * handler. - * - * Since it would use a delegate to access - * sun.net.www.protocol.http.HttpURLConnection functionalities, it - * needs to implement all public methods in it's super class and all - * the way to Object. - * - */ - -// For both copies of the file, uncomment one line and comment the other -// public class HttpsURLConnectionImpl -// extends javax.net.ssl.HttpsURLConnection { -@Deprecated(since="9") -@SuppressWarnings("deprecation") // HttpsURLConnection is deprecated -public class HttpsURLConnectionOldImpl - extends com.sun.net.ssl.HttpsURLConnection { - - private DelegateHttpsURLConnection delegate; - -// For both copies of the file, uncomment one line and comment the other -// HttpsURLConnectionImpl(URL u, Handler handler) throws IOException { - HttpsURLConnectionOldImpl(URL u, Handler handler) throws IOException { - this(u, null, handler); - } - - static URL checkURL(URL u) throws IOException { - if (u != null) { - if (u.toExternalForm().indexOf('\n') > -1) { - throw new MalformedURLException("Illegal character in URL"); - } - } - return u; - } -// For both copies of the file, uncomment one line and comment the other -// HttpsURLConnectionImpl(URL u, Handler handler) throws IOException { - HttpsURLConnectionOldImpl(URL u, Proxy p, Handler handler) throws IOException { - super(checkURL(u)); - delegate = new DelegateHttpsURLConnection(url, p, handler, this); - } - - /** - * Create a new HttpClient object, bypassing the cache of - * HTTP client objects/connections. - * - * @param url the URL being accessed - */ - protected void setNewClient(URL url) throws IOException { - delegate.setNewClient(url, false); - } - - /** - * Obtain a HttpClient object. Use the cached copy if specified. - * - * @param url the URL being accessed - * @param useCache whether the cached connection should be used - * if present - */ - protected void setNewClient(URL url, boolean useCache) - throws IOException { - delegate.setNewClient(url, useCache); - } - - /** - * Create a new HttpClient object, set up so that it uses - * per-instance proxying to the given HTTP proxy. This - * bypasses the cache of HTTP client objects/connections. - * - * @param url the URL being accessed - * @param proxyHost the proxy host to use - * @param proxyPort the proxy port to use - */ - protected void setProxiedClient(URL url, String proxyHost, int proxyPort) - throws IOException { - delegate.setProxiedClient(url, proxyHost, proxyPort); - } - - /** - * Obtain a HttpClient object, set up so that it uses per-instance - * proxying to the given HTTP proxy. Use the cached copy of HTTP - * client objects/connections if specified. - * - * @param url the URL being accessed - * @param proxyHost the proxy host to use - * @param proxyPort the proxy port to use - * @param useCache whether the cached connection should be used - * if present - */ - protected void setProxiedClient(URL url, String proxyHost, int proxyPort, - boolean useCache) throws IOException { - delegate.setProxiedClient(url, proxyHost, proxyPort, useCache); - } - - /** - * Implements the HTTP protocol handler's "connect" method, - * establishing an SSL connection to the server as necessary. - */ - public void connect() throws IOException { - delegate.connect(); - } - - /** - * Used by subclass to access "connected" variable. Since we are - * delegating the actual implementation to "delegate", we need to - * delegate the access of "connected" as well. - */ - protected boolean isConnected() { - return delegate.isConnected(); - } - - /** - * Used by subclass to access "connected" variable. Since we are - * delegating the actual implementation to "delegate", we need to - * delegate the access of "connected" as well. - */ - protected void setConnected(boolean conn) { - delegate.setConnected(conn); - } - - /** - * Returns the cipher suite in use on this connection. - */ - public String getCipherSuite() { - return delegate.getCipherSuite(); - } - - /** - * Returns the certificate chain the client sent to the - * server, or null if the client did not authenticate. - */ - public java.security.cert.Certificate [] - getLocalCertificates() { - return delegate.getLocalCertificates(); - } - - /** - * Returns the server's certificate chain, or throws - * SSLPeerUnverified Exception if - * the server did not authenticate. - */ - public java.security.cert.Certificate [] - getServerCertificates() throws SSLPeerUnverifiedException { - return delegate.getServerCertificates(); - } - - /* - * Allowable input/output sequences: - * [interpreted as POST/PUT] - * - get output, [write output,] get input, [read input] - * - get output, [write output] - * [interpreted as GET] - * - get input, [read input] - * Disallowed: - * - get input, [read input,] get output, [write output] - */ - - public synchronized OutputStream getOutputStream() throws IOException { - return delegate.getOutputStream(); - } - - public synchronized InputStream getInputStream() throws IOException { - return delegate.getInputStream(); - } - - public InputStream getErrorStream() { - return delegate.getErrorStream(); - } - - /** - * Disconnect from the server. - */ - public void disconnect() { - delegate.disconnect(); - } - - public boolean usingProxy() { - return delegate.usingProxy(); - } - - /** - * Returns an unmodifiable Map of the header fields. - * The Map keys are Strings that represent the - * response-header field names. Each Map value is an - * unmodifiable List of Strings that represents - * the corresponding field values. - * - * @return a Map of header fields - * @since 1.4 - */ - public Map> getHeaderFields() { - return delegate.getHeaderFields(); - } - - /** - * Gets a header field by name. Returns null if not known. - * @param name the name of the header field - */ - public String getHeaderField(String name) { - return delegate.getHeaderField(name); - } - - /** - * Gets a header field by index. Returns null if not known. - * @param n the index of the header field - */ - public String getHeaderField(int n) { - return delegate.getHeaderField(n); - } - - /** - * Gets a header field by index. Returns null if not known. - * @param n the index of the header field - */ - public String getHeaderFieldKey(int n) { - return delegate.getHeaderFieldKey(n); - } - - /** - * Sets request property. If a property with the key already - * exists, overwrite its value with the new value. - * @param value the value to be set - */ - public void setRequestProperty(String key, String value) { - delegate.setRequestProperty(key, value); - } - - /** - * Adds a general request property specified by a - * key-value pair. This method will not overwrite - * existing values associated with the same key. - * - * @param key the keyword by which the request is known - * (e.g., "accept"). - * @param value the value associated with it. - * @see #getRequestProperties(java.lang.String) - * @since 1.4 - */ - public void addRequestProperty(String key, String value) { - delegate.addRequestProperty(key, value); - } - - /** - * Overwrite super class method - */ - public int getResponseCode() throws IOException { - return delegate.getResponseCode(); - } - - public String getRequestProperty(String key) { - return delegate.getRequestProperty(key); - } - - /** - * Returns an unmodifiable Map of general request - * properties for this connection. The Map keys - * are Strings that represent the request-header - * field names. Each Map value is a unmodifiable List - * of Strings that represents the corresponding - * field values. - * - * @return a Map of the general request properties for this connection. - * @throws IllegalStateException if already connected - * @since 1.4 - */ - public Map> getRequestProperties() { - return delegate.getRequestProperties(); - } - - /* - * We support JDK 1.2.x so we can't count on these from JDK 1.3. - * We override and supply our own version. - */ - public void setInstanceFollowRedirects(boolean shouldFollow) { - delegate.setInstanceFollowRedirects(shouldFollow); - } - - public boolean getInstanceFollowRedirects() { - return delegate.getInstanceFollowRedirects(); - } - - public void setRequestMethod(String method) throws ProtocolException { - delegate.setRequestMethod(method); - } - - public String getRequestMethod() { - return delegate.getRequestMethod(); - } - - public String getResponseMessage() throws IOException { - return delegate.getResponseMessage(); - } - - public long getHeaderFieldDate(String name, long Default) { - return delegate.getHeaderFieldDate(name, Default); - } - - public Permission getPermission() throws IOException { - return delegate.getPermission(); - } - - public URL getURL() { - return delegate.getURL(); - } - - public int getContentLength() { - return delegate.getContentLength(); - } - - public long getContentLengthLong() { - return delegate.getContentLengthLong(); - } - - public String getContentType() { - return delegate.getContentType(); - } - - public String getContentEncoding() { - return delegate.getContentEncoding(); - } - - public long getExpiration() { - return delegate.getExpiration(); - } - - public long getDate() { - return delegate.getDate(); - } - - public long getLastModified() { - return delegate.getLastModified(); - } - - public int getHeaderFieldInt(String name, int Default) { - return delegate.getHeaderFieldInt(name, Default); - } - - public long getHeaderFieldLong(String name, long Default) { - return delegate.getHeaderFieldLong(name, Default); - } - - public Object getContent() throws IOException { - return delegate.getContent(); - } - - @SuppressWarnings("rawtypes") - public Object getContent(Class[] classes) throws IOException { - return delegate.getContent(classes); - } - - public String toString() { - return delegate.toString(); - } - - public void setDoInput(boolean doinput) { - delegate.setDoInput(doinput); - } - - public boolean getDoInput() { - return delegate.getDoInput(); - } - - public void setDoOutput(boolean dooutput) { - delegate.setDoOutput(dooutput); - } - - public boolean getDoOutput() { - return delegate.getDoOutput(); - } - - public void setAllowUserInteraction(boolean allowuserinteraction) { - delegate.setAllowUserInteraction(allowuserinteraction); - } - - public boolean getAllowUserInteraction() { - return delegate.getAllowUserInteraction(); - } - - public void setUseCaches(boolean usecaches) { - delegate.setUseCaches(usecaches); - } - - public boolean getUseCaches() { - return delegate.getUseCaches(); - } - - public void setIfModifiedSince(long ifmodifiedsince) { - delegate.setIfModifiedSince(ifmodifiedsince); - } - - public long getIfModifiedSince() { - return delegate.getIfModifiedSince(); - } - - public boolean getDefaultUseCaches() { - return delegate.getDefaultUseCaches(); - } - - public void setDefaultUseCaches(boolean defaultusecaches) { - delegate.setDefaultUseCaches(defaultusecaches); - } - - /* - * finalize (dispose) the delegated object. Otherwise - * sun.net.www.protocol.http.HttpURLConnection's finalize() - * would have to be made public. - */ - protected void finalize() throws Throwable { - delegate.dispose(); - } - - public boolean equals(Object obj) { - return delegate.equals(obj); - } - - public int hashCode() { - return delegate.hashCode(); - } - - public void setConnectTimeout(int timeout) { - delegate.setConnectTimeout(timeout); - } - - public int getConnectTimeout() { - return delegate.getConnectTimeout(); - } - - public void setReadTimeout(int timeout) { - delegate.setReadTimeout(timeout); - } - - public int getReadTimeout() { - return delegate.getReadTimeout(); - } - - public void setFixedLengthStreamingMode (int contentLength) { - delegate.setFixedLengthStreamingMode(contentLength); - } - - public void setFixedLengthStreamingMode(long contentLength) { - delegate.setFixedLengthStreamingMode(contentLength); - } - - public void setChunkedStreamingMode (int chunklen) { - delegate.setChunkedStreamingMode(chunklen); - } - - @Override - public void setAuthenticator(Authenticator auth) { - delegate.setAuthenticator(auth); - } -} diff --git a/src/java.base/share/classes/com/sun/security/cert/internal/x509/X509V1CertImpl.java b/src/java.base/share/classes/com/sun/security/cert/internal/x509/X509V1CertImpl.java index 0fb1a6c1e88..9e64617eb5f 100644 --- a/src/java.base/share/classes/com/sun/security/cert/internal/x509/X509V1CertImpl.java +++ b/src/java.base/share/classes/com/sun/security/cert/internal/x509/X509V1CertImpl.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -51,7 +51,8 @@ import java.util.Vector; * * @author Jeff Nisewanger */ -@Deprecated +@SuppressWarnings("removal") +@Deprecated(since="9", forRemoval=true) public class X509V1CertImpl extends X509Certificate implements Serializable { static final long serialVersionUID = -2048442350420423405L; private java.security.cert.X509Certificate wrappedCert; diff --git a/src/java.base/share/classes/java/io/DataInput.java b/src/java.base/share/classes/java/io/DataInput.java index 86d8d3eb9fd..303b612e8be 100644 --- a/src/java.base/share/classes/java/io/DataInput.java +++ b/src/java.base/share/classes/java/io/DataInput.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995, 2017, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1995, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -48,7 +48,7 @@ package java.io; * may be thrown if the input stream has been * closed. * - *

Modified UTF-8

+ *

Modified UTF-8

*

* Implementations of the DataInput and DataOutput interfaces represent * Unicode strings in a format that is a slight modification of UTF-8. diff --git a/src/java.base/share/classes/java/io/File.java b/src/java.base/share/classes/java/io/File.java index 3dbbd1a291a..c5d67f42cf2 100644 --- a/src/java.base/share/classes/java/io/File.java +++ b/src/java.base/share/classes/java/io/File.java @@ -128,7 +128,7 @@ import sun.security.action.GetPropertyAction; * created, the abstract pathname represented by a File object * will never change. * - *

Interoperability with {@code java.nio.file} package

+ *

Interoperability with {@code java.nio.file} package

* *

The {@code java.nio.file} * package defines interfaces and classes for the Java virtual machine to access diff --git a/src/java.base/share/classes/java/io/InputStream.java b/src/java.base/share/classes/java/io/InputStream.java index 938f041bbb7..66dcac4a1d4 100644 --- a/src/java.base/share/classes/java/io/InputStream.java +++ b/src/java.base/share/classes/java/io/InputStream.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1994, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1994, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -237,7 +237,7 @@ public abstract class InputStream implements Closeable { * b[off+len-1] unaffected. * *

In every case, elements b[0] through - * b[off] and elements b[off+len] through + * b[off-1] and elements b[off+len] through * b[b.length-1] are unaffected. * *

The read(b, off, len) method diff --git a/src/java.base/share/classes/java/lang/AbstractStringBuilder.java b/src/java.base/share/classes/java/lang/AbstractStringBuilder.java index 2af6f1723f3..997fa07645e 100644 --- a/src/java.base/share/classes/java/lang/AbstractStringBuilder.java +++ b/src/java.base/share/classes/java/lang/AbstractStringBuilder.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -91,6 +91,22 @@ abstract class AbstractStringBuilder implements Appendable, CharSequence { } } + /** + * Creates an AbstractStringBuilder with the specified coder and with + * the initial capacity equal to the smaller of (length + addition) + * and Integer.MAX_VALUE. + */ + AbstractStringBuilder(byte coder, int length, int addition) { + if (length < 0) { + throw new NegativeArraySizeException("Negative length: " + length); + } + this.coder = coder; + int capacity = (length < Integer.MAX_VALUE - addition) + ? length + addition : Integer.MAX_VALUE; + value = (coder == LATIN1) + ? new byte[capacity] : StringUTF16.newBytesFor(capacity); + } + /** * Compares the objects of two AbstractStringBuilder implementations lexicographically. * diff --git a/src/java.base/share/classes/java/lang/Character.java b/src/java.base/share/classes/java/lang/Character.java index 1c3580c24d7..1fa7d4ba977 100644 --- a/src/java.base/share/classes/java/lang/Character.java +++ b/src/java.base/share/classes/java/lang/Character.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -35,37 +35,31 @@ import jdk.internal.misc.VM; /** * The {@code Character} class wraps a value of the primitive - * type {@code char} in an object. An object of type + * type {@code char} in an object. An object of class * {@code Character} contains a single field whose type is * {@code char}. *

- * In addition, this class provides several methods for determining - * a character's category (lowercase letter, digit, etc.) and for converting - * characters from uppercase to lowercase and vice versa. - *

- * Character information is based on the Unicode Standard, version 11.0.0. - *

- * The methods and data of class {@code Character} are defined by - * the information in the UnicodeData file that is part of the - * Unicode Character Database maintained by the Unicode - * Consortium. This file specifies various properties including name - * and general category for every defined Unicode code point or - * character range. - *

- * The file and its description are available from the Unicode Consortium at: - *

- *

- * The code point, U+32FF, is reserved by the Unicode Consortium - * to represent the Japanese square character for the new era that begins - * May 2019. Relevant methods in the Character class return the same - * properties as for the existing Japanese era characters (e.g., U+337E for - * "Meizi"). For the details of the code point, refer to - * - * http://blog.unicode.org/2018/09/new-japanese-era.html. + * In addition, this class provides a large number of static methods for + * determining a character's category (lowercase letter, digit, etc.) + * and for converting characters from uppercase to lowercase and vice + * versa. * - *

Unicode Character Representations

+ *

Unicode Conformance

+ *

+ * The fields and methods of class {@code Character} are defined in terms + * of character information from the Unicode Standard, specifically the + * UnicodeData file that is part of the Unicode Character Database. + * This file specifies properties including name and category for every + * assigned Unicode code point or character range. The file is available + * from the Unicode Consortium at + * http://www.unicode.org. + *

+ * The Java SE 13 Platform uses character information from version 11.0 + * of the Unicode Standard, plus the Japanese Era code point, + * {@code U+32FF}, from the first version of the Unicode Standard + * after 11.0 that assigns the code point. + * + *

Unicode Character Representations

* *

The {@code char} data type (and therefore the value that a * {@code Character} object encapsulates) are based on the @@ -9495,7 +9489,7 @@ class Character implements java.io.Serializable, Comparable { * character in a Java identifier. *

* A character may start a Java identifier if and only if - * one of the following is true: + * one of the following conditions is true: *