Merge

2025-08-28 07:14:30 +02:00 · 2018-12-04 13:35:04 +05:30 · 2018-12-04 13:35:04 +05:30 · 5f2062b484
commit 5f2062b484
parent 8c7140f4fe a0a108fb01
304 changed files with 5022 additions and 2024 deletions
--- a/src/java.base/share/classes/java/lang/invoke/MethodHandleNatives.java
+++ b/src/java.base/share/classes/java/lang/invoke/MethodHandleNatives.java
@ -75,6 +75,7 @@ class MethodHandleNatives {
    /** Represents a context to track nmethod dependencies on CallSite instance target. */
    static class CallSiteContext implements Runnable {
        //@Injected JVM_nmethodBucket* vmdependencies;
+        //@Injected jlong last_cleanup;

        static CallSiteContext make(CallSite cs) {
            final CallSiteContext newContext = new CallSiteContext();
--- a/src/java.base/share/classes/java/util/Date.java
+++ b/src/java.base/share/classes/java/util/Date.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1994, 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1994, 2018, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -84,12 +84,12 @@ import sun.util.calendar.ZoneInfo;
 * <i>not</i> adjusted for leap seconds. An interesting source of
 * further information is the United States Naval Observatory (USNO):
 * <blockquote><pre>
- *     <a href="http://www.usno.navy.mil/USNO">http://www.usno.navy.mil/USNO</a>
+ *     <a href="https://www.usno.navy.mil/USNO">https://www.usno.navy.mil/USNO</a>
 * </pre></blockquote>
 * <p>
 * and the material regarding "Systems of Time" at:
 * <blockquote><pre>
- *     <a href="http://www.usno.navy.mil/USNO/time/master-clock/systems-of-time">http://www.usno.navy.mil/USNO/time/master-clock/systems-of-time</a>
+ *     <a href="https://www.usno.navy.mil/USNO/time/master-clock/systems-of-time">https://www.usno.navy.mil/USNO/time/master-clock/systems-of-time</a>
 * </pre></blockquote>
 * <p>
 * which has descriptions of various different time systems including
--- a/src/java.base/share/classes/java/util/ResourceBundle.java
+++ b/src/java.base/share/classes/java/util/ResourceBundle.java
@ -3184,10 +3184,16 @@ public abstract class ResourceBundle {
                                bundleClass.getName() + " in " + m.toString());
                        }
                        try {
-                            // bundle in a unnamed module
-                            Constructor<ResourceBundle> ctor = bundleClass.getConstructor();
+                            Constructor<ResourceBundle> ctor = AccessController.doPrivileged(
+                                new PrivilegedExceptionAction<>() {
+                                    @Override
+                                    public Constructor<ResourceBundle> run() throws NoSuchMethodException {
+                                        return bundleClass.getDeclaredConstructor();
+                                    }
+                                });
                            if (!Modifier.isPublic(ctor.getModifiers())) {
-                                return null;
+                                throw new IllegalAccessException("no-arg constructor in " +
+                                    bundleClass.getName() + " is not publicly accessible.");
                            }

                            // java.base may not be able to read the bundleClass's module.
@ -3196,12 +3202,16 @@ public abstract class ResourceBundle {
                            bundle = ctor.newInstance((Object[]) null);
                        } catch (InvocationTargetException e) {
                            uncheckedThrow(e);
+                        } catch (PrivilegedActionException e) {
+                            assert e.getException() instanceof NoSuchMethodException;
+                            throw new InstantiationException("public no-arg constructor " +
+                                "does not exist in " + bundleClass.getName());
                        }
                    } else {
                        throw new ClassCastException(c.getName()
                                + " cannot be cast to ResourceBundle");
                    }
-                } catch (ClassNotFoundException|NoSuchMethodException e) {
+                } catch (ClassNotFoundException e) {
                }
            } else if (format.equals("java.properties")) {
                final String resourceName = toResourceName0(bundleName, "properties");
--- a/src/java.base/share/classes/java/util/doc-files/coll-reference.html
+++ b/src/java.base/share/classes/java/util/doc-files/coll-reference.html
@ -431,7 +431,7 @@ in an ordered list using the binary search algorithm.</li>
 fill(List, Object)</a></strong> - Overwrites every element in a
 list with the specified value.</li>
 <li><strong><a href=
-"../Collections.html#copy-java.util.List(java.util.List)">
+"../Collections.html#copy(java.util.List,java.util.List)">
 copy(List dest, List src)</a></strong> - Copies the source list
 into the destination list.</li>
 <li><strong><a href=
--- a/src/java.base/share/classes/java/util/spi/TimeZoneNameProvider.java
+++ b/src/java.base/share/classes/java/util/spi/TimeZoneNameProvider.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -52,7 +52,7 @@ public abstract class TimeZoneNameProvider extends LocaleServiceProvider {
     * presentation to the user in the specified locale. The given time
     * zone ID is "GMT" or one of the names defined using "Zone" entries
     * in the "tz database", a public domain time zone database at
-     * <a href="ftp://elsie.nci.nih.gov/pub/">ftp://elsie.nci.nih.gov/pub/</a>.
+     * <a href="https://www.iana.org/time-zones">https://www.iana.org/time-zones</a>.
     * The data of this database is contained in a file whose name starts with
     * "tzdata", and the specification of the data format is part of the zic.8
     * man page, which is contained in a file whose name starts with "tzcode".
--- a/src/java.base/share/classes/java/util/zip/Deflater.java
+++ b/src/java.base/share/classes/java/util/zip/Deflater.java
@ -224,7 +224,6 @@ public class Deflater {
     * One of the {@code setInput()} methods should be called whenever
     * {@code needsInput()} returns true indicating that more input data
     * is required.
-     * <p>
     * @param input the input data bytes
     * @param off the start offset of the data
     * @param len the length of the data
@ -248,7 +247,6 @@ public class Deflater {
     * One of the {@code setInput()} methods should be called whenever
     * {@code needsInput()} returns true indicating that more input data
     * is required.
-     * <p>
     * @param input the input data bytes
     * @see Deflater#needsInput
     */
--- a/src/java.base/share/classes/javax/net/ssl/SSLContext.java
+++ b/src/java.base/share/classes/javax/net/ssl/SSLContext.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2018, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -38,18 +38,16 @@ import sun.security.jca.GetInstance;
 * secure random bytes.
 *
 * <p> Every implementation of the Java platform is required to support the
- * following standard {@code SSLContext} protocols:
+ * following standard {@code SSLContext} protocol:
 * <ul>
- * <li>{@code TLSv1}</li>
- * <li>{@code TLSv1.1}</li>
 * <li>{@code TLSv1.2}</li>
 * </ul>
- * These protocols are described in the <a href=
+ * This protocol is described in the <a href=
 * "{@docRoot}/../specs/security/standard-names.html#sslcontext-algorithms">
 * SSLContext section</a> of the
 * Java Security Standard Algorithm Names Specification.
 * Consult the release documentation for your implementation to see if any
- * other algorithms are supported.
+ * other protocols are supported.
 *
 * @since 1.4
 */
--- a/src/java.base/share/classes/javax/net/ssl/SSLSessionContext.java
+++ b/src/java.base/share/classes/javax/net/ssl/SSLSessionContext.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -87,10 +87,17 @@ public interface SSLSessionContext {
     * A check for sessions exceeding the timeout is made immediately whenever
     * the timeout limit is changed for this <code>SSLSessionContext</code>.
     *
-     * @param seconds the new session timeout limit in seconds; zero means
-     *          there is no limit.
+     * @apiNote Note that the JDK Implementation uses default values for both
+     *          the session cache size and timeout.  See
+     *          {@code getSessionCacheSize} and {@code getSessionTimeout} for
+     *          more information.  Applications should consider their
+     *          performance requirements and override the defaults if necessary.
+     *
+     * @param seconds the new session timeout limit in seconds; zero means
+     *        there is no limit.
+     *
+     * @throws IllegalArgumentException if the timeout specified is {@code < 0}.
     *
-     * @exception IllegalArgumentException if the timeout specified is {@code < 0}.
     * @see #getSessionTimeout
     */
    public void setSessionTimeout(int seconds)
@ -109,33 +116,50 @@ public interface SSLSessionContext {
     * whenever the timeout limit is changed for this
     * <code>SSLSessionContext</code>.
     *
+     * @implNote The JDK implementation returns the session timeout as set by
+     *           the {@code setSessionTimeout} method, or if not set, a default
+     *           value of 86400 seconds (24 hours).
+     *
     * @return the session timeout limit in seconds; zero means there is no
-     * limit.
+     *         limit.
+     *
     * @see #setSessionTimeout
     */
    public int getSessionTimeout();

    /**
-     * Sets the size of the cache used for storing
-     * <code>SSLSession</code> objects grouped under this
-     * <code>SSLSessionContext</code>.
+     * Sets the size of the cache used for storing <code>SSLSession</code>
+     * objects grouped under this <code>SSLSessionContext</code>.
+     *
+     * @apiNote Note that the JDK Implementation uses default values for both
+     *          the session cache size and timeout.  See
+     *          {@code getSessionCacheSize} and {@code getSessionTimeout} for
+     *          more information.  Applications should consider their
+     *          performance requirements and override the defaults if necessary.
     *
     * @param size the new session cache size limit; zero means there is no
-     * limit.
-     * @exception IllegalArgumentException if the specified size is {@code < 0}.
+     *        limit.
+     *
+     * @throws IllegalArgumentException if the specified size is {@code < 0}.
+     *
     * @see #getSessionCacheSize
     */
    public void setSessionCacheSize(int size)
                 throws IllegalArgumentException;

    /**
-     * Returns the size of the cache used for storing
-     * <code>SSLSession</code> objects grouped under this
-     * <code>SSLSessionContext</code>.
+     * Returns the size of the cache used for storing <code>SSLSession</code>
+     * objects grouped under this <code>SSLSessionContext</code>.
+     *
+     * @implNote The JDK implementation returns the cache size as set by
+     *           the {@code setSessionCacheSize} method, or if not set, the
+     *           value of the {@systemProperty javax.net.ssl.sessionCacheSize}
+     *           system property.  If neither is set, it returns a default
+     *           value of 20480.
     *
     * @return size of the session cache; zero means there is no size limit.
+     *
     * @see #setSessionCacheSize
     */
    public int getSessionCacheSize();
-
 }
--- a/src/java.base/share/classes/sun/security/ssl/SSLSessionContextImpl.java
+++ b/src/java.base/share/classes/sun/security/ssl/SSLSessionContextImpl.java
@ -32,11 +32,13 @@ import java.util.Locale;
 import javax.net.ssl.SSLSession;
 import javax.net.ssl.SSLSessionContext;

-import sun.security.action.GetPropertyAction;
+import sun.security.action.GetIntegerAction;
 import sun.security.util.Cache;


 final class SSLSessionContextImpl implements SSLSessionContext {
+    private final static int DEFAULT_MAX_CACHE_SIZE = 20480;
+
    private final Cache<SessionId, SSLSessionImpl> sessionCache;
                                        // session cache, session id as key
    private final Cache<String, SSLSessionImpl> sessionHostPortCache;
@ -196,16 +198,29 @@ final class SSLSessionContextImpl implements SSLSessionContext {
    }

    private static int getDefaultCacheLimit() {
-        int defaultCacheLimit = 0;
        try {
-            String s = GetPropertyAction
-                    .privilegedGetProperty("javax.net.ssl.sessionCacheSize");
-            defaultCacheLimit = (s != null) ? Integer.parseInt(s) : 0;
+            int defaultCacheLimit = GetIntegerAction.privilegedGetProperty(
+                    "javax.net.ssl.sessionCacheSize", DEFAULT_MAX_CACHE_SIZE);
+
+            if (defaultCacheLimit >= 0) {
+                return defaultCacheLimit;
+            } else if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
+                SSLLogger.warning(
+                    "invalid System Property javax.net.ssl.sessionCacheSize, " +
+                    "use the default session cache size (" +
+                    DEFAULT_MAX_CACHE_SIZE + ") instead");
+            }
        } catch (Exception e) {
-            // swallow the exception
+            // unlikely, log it for safe
+            if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
+                SSLLogger.warning(
+                    "the System Property javax.net.ssl.sessionCacheSize is " +
+                    "not available, use the default value (" +
+                    DEFAULT_MAX_CACHE_SIZE + ") instead");
+            }
        }

-        return (defaultCacheLimit > 0) ? defaultCacheLimit : 0;
+        return DEFAULT_MAX_CACHE_SIZE;
    }

    private boolean isTimedout(SSLSession sess) {
--- a/src/java.base/share/classes/sun/security/tools/keytool/Main.java
+++ b/src/java.base/share/classes/sun/security/tools/keytool/Main.java
@ -51,6 +51,8 @@ import java.security.cert.CertificateException;
 import java.security.cert.URICertStoreParameters;


+import java.security.interfaces.ECKey;
+import java.security.spec.ECParameterSpec;
 import java.text.Collator;
 import java.text.MessageFormat;
 import java.util.*;
@ -70,6 +72,7 @@ import java.util.Base64;

 import sun.security.util.ECKeySizeParameterSpec;
 import sun.security.util.KeyUtil;
+import sun.security.util.NamedCurve;
 import sun.security.util.ObjectIdentifier;
 import sun.security.pkcs10.PKCS10;
 import sun.security.pkcs10.PKCS10Attribute;
@ -1882,11 +1885,12 @@ public final class Main {

        MessageFormat form = new MessageFormat(rb.getString
            ("Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for"));
-        Object[] source = {keysize,
-                            privKey.getAlgorithm(),
-                            chain[0].getSigAlgName(),
-                            validity,
-                            x500Name};
+        Object[] source = {
+                groupName == null ? keysize : KeyUtil.getKeySize(privKey),
+                fullDisplayAlgName(privKey),
+                chain[0].getSigAlgName(),
+                validity,
+                x500Name};
        System.err.println(form.format(source));

        if (keyPass == null) {
@ -3266,19 +3270,28 @@ public final class Main {
        }
    }

-    private String withWeak(PublicKey key) {
+    private String fullDisplayAlgName(Key key) {
+        String result = key.getAlgorithm();
+        if (key instanceof ECKey) {
+            ECParameterSpec paramSpec = ((ECKey) key).getParams();
+            if (paramSpec instanceof NamedCurve) {
+                result += " (" + paramSpec.toString().split(" ")[0] + ")";
+            }
+        }
+        return result;
+    }
+
+    private String withWeak(Key key) {
+        int kLen = KeyUtil.getKeySize(key);
+        String displayAlg = fullDisplayAlgName(key);
        if (DISABLED_CHECK.permits(SIG_PRIMITIVE_SET, key)) {
-            int kLen = KeyUtil.getKeySize(key);
            if (kLen >= 0) {
-                return String.format(rb.getString("key.bit"),
-                        kLen, key.getAlgorithm());
+                return String.format(rb.getString("key.bit"), kLen, displayAlg);
            } else {
-                return String.format(
-                        rb.getString("unknown.size.1"), key.getAlgorithm());
+                return String.format(rb.getString("unknown.size.1"), displayAlg);
            }
        } else {
-            return String.format(rb.getString("key.bit.weak"),
-                    KeyUtil.getKeySize(key), key.getAlgorithm());
+            return String.format(rb.getString("key.bit.weak"), kLen, displayAlg);
        }
    }