infernap12/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2026-02-13 11:55:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge

Browse Source
This commit is contained in:
Tim Bell 2009-03-21 13:52:13 -07:00
commit ffa70f7fdd
38 changed files with 993 additions and 1009 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
jdk/make/com/sun/jmx/Makefile
View File

@ -41,7 +41,15 @@ include $(BUILDDIR)/common/Defs.gmk
# Note : some targets are double colon rules and some single colon rules
# within common included gmk files : that is why the following for loop
# has been duplicated.
SUBDIRS = snmp
# When building the openjdk, build snmp only if importing binary plugs,
ifdef OPENJDK
ifeq ($(IMPORT_BINARY_PLUGS),true)
SUBDIRS = snmp
endif
else
SUBDIRS = snmp
endif
all build:
$(SUBDIRS-loop)

8
jdk/make/docs/Makefile
View File

@ -1,5 +1,5 @@
#
# Copyright 1997-2008 Sun Microsystems, Inc. All Rights Reserved.
# Copyright 1997-2009 Sun Microsystems, Inc. All Rights Reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
@ -204,6 +204,9 @@ JDI_DOCTITLE = "Java$(TRADEMARK) Debug Interface"
JDI_HEADER = "Java Debug Interface"
# JDI_PKGS is located in NON_CORE_PKGS.gmk
# Variables used by security components
SECURITYAPI_JAVADOCBOTTOM = '<font size="-1"><a href="http://bugs.sun.com/services/bugreport/index.jsp">Report a bug or request a feature.</a><br>Copyright $(THIS_YEAR) Sun Microsystems, Inc. All Rights Reserved. Use is subject to license terms.</font>'
#
# Variables used by JAAS target
#
@ -221,6 +224,7 @@ JAAS_JAVADOCFLAGS = $(COMMON_JAVADOCFLAGS) \
-windowtitle $(JAAS_WINDOWTITLE) \
-doctitle $(JAAS_DOCTITLE) \
-header $(JAAS_JAVADOCHEADER) \
-bottom $(SECURITYAPI_JAVADOCBOTTOM) \
-linkoffline ../../../../../api $(DOCSDIR)/api/ \
-overview $(TOPDIR)/src/share/classes/com/sun/security/auth/jaas-overview.html
JAAS_WINDOWTITLE = "Java Authentication and Authorization Service "
@ -243,6 +247,7 @@ JGSS_JAVADOCFLAGS = $(COMMON_JAVADOCFLAGS) \
-windowtitle $(JGSS_WINDOWTITLE) \
-doctitle $(JGSS_DOCTITLE) \
-header $(JGSS_JAVADOCHEADER) \
-bottom $(SECURITYAPI_JAVADOCBOTTOM) \
-linkoffline ../../../../../api $(DOCSDIR)/api/ \
-overview $(JGSS_SOURCEPATH)/com/sun/security/jgss/jgss-overview.html
@ -266,6 +271,7 @@ SMARTCARDIO_JAVADOCFLAGS = $(COMMON_JAVADOCFLAGS) \
-windowtitle $(SMARTCARDIO_WINDOWTITLE) \
-doctitle $(SMARTCARDIO_DOCTITLE) \
-header $(SMARTCARDIO_JAVADOCHEADER) \
-bottom $(SECURITYAPI_JAVADOCBOTTOM) \
-linkoffline ../../../../../api $(DOCSDIR)/api/
SMARTCARDIO_WINDOWTITLE = "Java Smart Card I/O"

1
jdk/make/java/java/FILES_java.gmk
View File

@ -449,7 +449,6 @@ JAVA_JAVA_java = \
sun/misc/Service.java \
sun/misc/JavaLangAccess.java \
sun/misc/JavaIOAccess.java \
sun/misc/JavaIODeleteOnExitAccess.java \
sun/misc/JavaIOFileDescriptorAccess.java \
sun/misc/JavaNioAccess.java

2
jdk/make/java/management/Makefile
View File

@ -46,6 +46,8 @@ include $(BUILDDIR)/common/Mapfile-vers.gmk
#
include FILES_c.gmk
# We don't need snmp here.
AUTO_JAVA_PRUNE = snmp
AUTO_FILES_JAVA_DIRS = java/lang/management com/sun/management sun/management
include Exportedfiles.gmk

1
jdk/make/javax/management/Makefile
View File

@ -35,6 +35,7 @@ include $(BUILDDIR)/common/Defs.gmk
#
# Files to compile
#
AUTO_JAVA_PRUNE = snmp
AUTO_FILES_JAVA_DIRS = javax/management com/sun/jmx com/sun/management/jmx
#

11
jdk/make/sun/management/Makefile
View File

@ -35,7 +35,16 @@ MGMT_LIB_SRC = $(SHARE_SRC)/lib/management
all build:: properties aclfile jmxremotefiles
SUBDIRS = snmp jmxremote
# When building the openjdk, build snmp only if importing binary plugs,
ifdef OPENJDK
ifeq ($(IMPORT_BINARY_PLUGS),true)
SUBDIRS = snmp
endif
else
SUBDIRS = snmp
endif
SUBDIRS += jmxremote
all build clean clobber::
$(SUBDIRS-loop)

29
jdk/src/share/classes/java/io/Console.java
View File

@ -503,6 +503,21 @@ public final class Console implements Flushable
// Set up JavaIOAccess in SharedSecrets
static {
// Add a shutdown hook to restore console's echo state should
// it be necessary.
sun.misc.SharedSecrets.getJavaLangAccess()
.registerShutdownHook(0 /* shutdown hook invocation order */,
new Runnable() {
public void run() {
try {
if (echoOff) {
echo(true);
}
} catch (IOException x) { }
}
});
sun.misc.SharedSecrets.setJavaIOAccess(new sun.misc.JavaIOAccess() {
public Console console() {
if (istty()) {
@ -513,20 +528,6 @@ public final class Console implements Flushable
return null;
}
// Add a shutdown hook to restore console's echo state should
// it be necessary.
public Runnable consoleRestoreHook() {
return new Runnable() {
public void run() {
try {
if (echoOff) {
echo(true);
}
} catch (IOException x) {}
}
};
}
public Charset charset() {
// This method is called in sun.security.util.Password,
// cons already exists when this method is called

19
jdk/src/share/classes/java/io/DeleteOnExitHook.java
View File

@ -34,17 +34,18 @@ import java.io.File;
*/
class DeleteOnExitHook {
private static DeleteOnExitHook instance = null;
static {
sun.misc.SharedSecrets.getJavaLangAccess()
.registerShutdownHook(2 /* Shutdown hook invocation order */,
new Runnable() {
public void run() {
runHooks();
}
});
}
private static LinkedHashSet<String> files = new LinkedHashSet<String>();
static DeleteOnExitHook hook() {
if (instance == null)
instance = new DeleteOnExitHook();
return instance;
}
private DeleteOnExitHook() {}
static synchronized void add(String file) {
@ -54,7 +55,7 @@ class DeleteOnExitHook {
files.add(file);
}
void run() {
static void runHooks() {
LinkedHashSet<String> theFiles;
synchronized (DeleteOnExitHook.class) {

12
jdk/src/share/classes/java/io/File.java
View File

@ -2147,18 +2147,6 @@ public class File
/** use serialVersionUID from JDK 1.0.2 for interoperability */
private static final long serialVersionUID = 301077366599181567L;
// Set up JavaIODeleteOnExitAccess in SharedSecrets
// Added here as DeleteOnExitHook is package-private and SharedSecrets cannot easily access it.
static {
sun.misc.SharedSecrets.setJavaIODeleteOnExitAccess(
new sun.misc.JavaIODeleteOnExitAccess() {
public void run() {
DeleteOnExitHook.hook().run();
}
}
);
}
// -- Integration with java.nio.file --
private volatile transient Path filePath;

20
jdk/src/share/classes/java/lang/ApplicationShutdownHooks.java
View File

@ -34,19 +34,19 @@ import java.util.*;
* @see java.lang.Runtime#removeShutdownHook
*/
class ApplicationShutdownHooks implements Runnable {
private static ApplicationShutdownHooks instance = null;
class ApplicationShutdownHooks {
static {
Shutdown.add(1 /* shutdown hook invocation order */,
new Runnable() {
public void run() {
runHooks();
}
});
}
/* The set of registered hooks */
private static IdentityHashMap<Thread, Thread> hooks = new IdentityHashMap<Thread, Thread>();
static synchronized ApplicationShutdownHooks hook() {
if (instance == null)
instance = new ApplicationShutdownHooks();
return instance;
}
private ApplicationShutdownHooks() {}
/* Add a new shutdown hook. Checks the shutdown state and the hook itself,
@ -82,7 +82,7 @@ class ApplicationShutdownHooks implements Runnable {
* to run in. Hooks are run concurrently and this method waits for
* them to finish.
*/
public void run() {
static void runHooks() {
Collection<Thread> threads;
synchronized(ApplicationShutdownHooks.class) {
threads = hooks.keySet();

38
jdk/src/share/classes/java/lang/Shutdown.java
View File

@ -25,8 +25,6 @@
package java.lang;
import java.util.ArrayList;
/**
* Package-private utility class containing data structures and logic
@ -47,8 +45,13 @@ class Shutdown {
/* Should we run all finalizers upon exit? */
private static boolean runFinalizersOnExit = false;
/* The set of registered, wrapped hooks, or null if there aren't any */
private static ArrayList<Runnable> hooks = new ArrayList<Runnable>();
// The system shutdown hooks are registered with a predefined slot.
// The list of shutdown hooks is as follows:
// (0) Console restore hook
// (1) Application hooks
// (2) DeleteOnExit hook
private static final int MAX_SYSTEM_HOOKS = 10;
private static final Runnable[] hooks = new Runnable[MAX_SYSTEM_HOOKS];
/* The preceding static fields are protected by this lock */
private static class Lock { };
@ -68,33 +71,18 @@ class Shutdown {
/* Add a new shutdown hook. Checks the shutdown state and the hook itself,
* but does not do any security checks.
*/
static void add(Runnable hook) {
static void add(int slot, Runnable hook) {
synchronized (lock) {
if (state > RUNNING)
throw new IllegalStateException("Shutdown in progress");
hooks.add(hook);
if (hooks[slot] != null)
throw new InternalError("Shutdown hook at slot " + slot + " already registered");
hooks[slot] = hook;
}
}
/* Remove a previously-registered hook. Like the add method, this method
* does not do any security checks.
*/
static boolean remove(Runnable hook) {
synchronized (lock) {
if (state > RUNNING)
throw new IllegalStateException("Shutdown in progress");
if (hook == null) throw new NullPointerException();
if (hooks == null) {
return false;
} else {
return hooks.remove(hook);
}
}
}
/* Run all registered shutdown hooks
*/
private static void runHooks() {
@ -103,7 +91,7 @@ class Shutdown {
*/
for (Runnable hook : hooks) {
try {
hook.run();
if (hook != null) hook.run();
} catch(Throwable t) {
if (t instanceof ThreadDeath) {
ThreadDeath td = (ThreadDeath)t;

13
jdk/src/share/classes/java/lang/System.java
View File

@ -34,7 +34,6 @@ import java.security.AllPermission;
import java.nio.channels.Channel;
import java.nio.channels.spi.SelectorProvider;
import sun.nio.ch.Interruptible;
import sun.net.InetAddressCachePolicy;
import sun.reflect.Reflection;
import sun.security.util.SecurityConstants;
import sun.reflect.annotation.AnnotationType;
@ -310,7 +309,6 @@ public final class System {
}
security = s;
InetAddressCachePolicy.setIfNotSet(InetAddressCachePolicy.FOREVER);
}
/**
@ -1121,14 +1119,6 @@ public final class System {
// Setup Java signal handlers for HUP, TERM, and INT (where available).
Terminator.setup();
// The order in with the hooks are added here is important as it
// determines the order in which they are run.
// (1)Console restore hook needs to be called first.
// (2)Application hooks must be run before calling deleteOnExitHook.
Shutdown.add(sun.misc.SharedSecrets.getJavaIOAccess().consoleRestoreHook());
Shutdown.add(ApplicationShutdownHooks.hook());
Shutdown.add(sun.misc.SharedSecrets.getJavaIODeleteOnExitAccess());
// Initialize any miscellenous operating system settings that need to be
// set for the class libraries. Currently this is no-op everywhere except
// for Windows where the process-wide error mode is set before the java.io
@ -1174,6 +1164,9 @@ public final class System {
public void blockedOn(Thread t, Interruptible b) {
t.blockedOn(b);
}
public void registerShutdownHook(int slot, Runnable r) {
Shutdown.add(slot, r);
}
});
}

2
jdk/src/share/classes/java/nio/file/SecureDirectoryStream.java
View File

@ -5,7 +5,7 @@
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Sun designates this
* particular file as subject to the "Classname" exception as provided
* particular file as subject to the "Classpath" exception as provided
* by Sun in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT

3
jdk/src/share/classes/java/util/regex/Pattern.java
View File

@ -2567,7 +2567,8 @@ loop: for(int x=0, offset=0; x<nCodePoints; x++, offset+=len) {
break;
case '<': // (?<xxx) look behind
ch = read();
if (Character.isLetter(ch)) { // named captured group
if (ASCII.isLower(ch) || ASCII.isUpper(ch) || ASCII.isDigit(ch)) {
// named captured group
String name = groupname(ch);
if (namedGroups().containsKey(name))
throw error("Named capturing group <" + name

38
jdk/src/share/classes/sun/management/Agent.java
View File

@ -31,9 +31,9 @@ import java.io.FileInputStream;
import java.io.BufferedInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
import java.text.MessageFormat;
import java.util.Properties;
import java.util.Enumeration;
import java.util.ResourceBundle;
import java.util.MissingResourceException;
import java.lang.management.ManagementFactory;
@ -41,7 +41,6 @@ import java.lang.reflect.Method;
import javax.management.remote.JMXConnectorServer;
import sun.management.snmp.AdaptorBootstrap;
import sun.management.jmxremote.ConnectorBootstrap;
import static sun.management.AgentConfigurationError.*;
import sun.misc.VMSupport;
@ -69,6 +68,9 @@ public class Agent {
private static final String LOCAL_CONNECTOR_ADDRESS_PROP =
"com.sun.management.jmxremote.localConnectorAddress";
private static final String SNMP_ADAPTOR_BOOTSTRAP_CLASS_NAME =
"sun.management.snmp.AdaptorBootstrap";
// invoked by -javaagent or -Dcom.sun.management.agent.class
public static void premain(String args) throws Exception {
agentmain(args);
@ -128,7 +130,7 @@ public class Agent {
try {
if (snmpPort != null) {
AdaptorBootstrap.initialize(snmpPort, props);
loadSnmpAgent(snmpPort, props);
}
/*
@ -204,6 +206,36 @@ public class Agent {
return mgmtProps;
}
private static void loadSnmpAgent(String snmpPort, Properties props) {
try {
// invoke the following through reflection:
// AdaptorBootstrap.initialize(snmpPort, props);
final Class<?> adaptorClass =
Class.forName(SNMP_ADAPTOR_BOOTSTRAP_CLASS_NAME,true,null);
final Method initializeMethod =
adaptorClass.getMethod("initialize",
String.class, Properties.class);
initializeMethod.invoke(null,snmpPort,props);
} catch (ClassNotFoundException x) {
// The SNMP packages are not present: throws an exception.
throw new UnsupportedOperationException("Unsupported management property: " + SNMP_PORT,x);
} catch (NoSuchMethodException x) {
// should not happen...
throw new UnsupportedOperationException("Unsupported management property: " + SNMP_PORT,x);
} catch (InvocationTargetException x) {
final Throwable cause = x.getCause();
if (cause instanceof RuntimeException)
throw (RuntimeException) cause;
else if (cause instanceof Error)
throw (Error) cause;
// should not happen...
throw new UnsupportedOperationException("Unsupported management property: " + SNMP_PORT,cause);
} catch (IllegalAccessException x) {
// should not happen...
throw new UnsupportedOperationException("Unsupported management property: " + SNMP_PORT,x);
}
}
// read config file and initialize the properties
private static void readConfiguration(String fname, Properties p) {
if (fname == null) {

812
jdk/src/share/classes/sun/misc/FormattedFloatingDecimal.java
View File

@ -978,15 +978,6 @@ public class FormattedFloatingDecimal{
return new String(result);
}
// This method should only ever be called if this object is constructed
// without Form.DECIMAL_FLOAT because the perThreadBuffer is not large
// enough to handle floating-point numbers of large precision.
public String toJavaFormatString() {
char result[] = (char[])(perThreadBuffer.get());
int i = getChars(result);
return new String(result, 0, i);
}
// returns the exponent before rounding
public int getExponent() {
return decExponent - 1;
@ -1157,265 +1148,6 @@ public class FormattedFloatingDecimal{
}
};
// This method should only ever be called if this object is constructed
// without Form.DECIMAL_FLOAT because the perThreadBuffer is not large
// enough to handle floating-point numbers of large precision.
public void appendTo(Appendable buf) {
char result[] = (char[])(perThreadBuffer.get());
int i = getChars(result);
if (buf instanceof StringBuilder)
((StringBuilder) buf).append(result, 0, i);
else if (buf instanceof StringBuffer)
((StringBuffer) buf).append(result, 0, i);
else
assert false;
}
public static FormattedFloatingDecimal
readJavaFormatString( String in ) throws NumberFormatException {
boolean isNegative = false;
boolean signSeen = false;
int decExp;
char c;
parseNumber:
try{
in = in.trim(); // don't fool around with white space.
// throws NullPointerException if null
int l = in.length();
if ( l == 0 ) throw new NumberFormatException("empty String");
int i = 0;
switch ( c = in.charAt( i ) ){
case '-':
isNegative = true;
//FALLTHROUGH
case '+':
i++;
signSeen = true;
}
// Check for NaN and Infinity strings
c = in.charAt(i);
if(c == 'N' || c == 'I') { // possible NaN or infinity
boolean potentialNaN = false;
char targetChars[] = null; // char arrary of "NaN" or "Infinity"
if(c == 'N') {
targetChars = notANumber;
potentialNaN = true;
} else {
targetChars = infinity;
}
// compare Input string to "NaN" or "Infinity"
int j = 0;
while(i < l && j < targetChars.length) {
if(in.charAt(i) == targetChars[j]) {
i++; j++;
}
else // something is amiss, throw exception
break parseNumber;
}
// For the candidate string to be a NaN or infinity,
// all characters in input string and target char[]
// must be matched ==> j must equal targetChars.length
// and i must equal l
if( (j == targetChars.length) && (i == l) ) { // return NaN or infinity
return (potentialNaN ? new FormattedFloatingDecimal(Double.NaN) // NaN has no sign
: new FormattedFloatingDecimal(isNegative?
Double.NEGATIVE_INFINITY:
Double.POSITIVE_INFINITY)) ;
}
else { // something went wrong, throw exception
break parseNumber;
}
} else if (c == '0') { // check for hexadecimal floating-point number
if (l > i+1 ) {
char ch = in.charAt(i+1);
if (ch == 'x' || ch == 'X' ) // possible hex string
return parseHexString(in);
}
} // look for and process decimal floating-point string
char[] digits = new char[ l ];
int nDigits= 0;
boolean decSeen = false;
int decPt = 0;
int nLeadZero = 0;
int nTrailZero= 0;
digitLoop:
while ( i < l ){
switch ( c = in.charAt( i ) ){
case '0':
if ( nDigits > 0 ){
nTrailZero += 1;
} else {
nLeadZero += 1;
}
break; // out of switch.
case '1':
case '2':
case '3':
case '4':
case '5':
case '6':
case '7':
case '8':
case '9':
while ( nTrailZero > 0 ){
digits[nDigits++] = '0';
nTrailZero -= 1;
}
digits[nDigits++] = c;
break; // out of switch.
case '.':
if ( decSeen ){
// already saw one ., this is the 2nd.
throw new NumberFormatException("multiple points");
}
decPt = i;
if ( signSeen ){
decPt -= 1;
}
decSeen = true;
break; // out of switch.
default:
break digitLoop;
}
i++;
}
/*
* At this point, we've scanned all the digits and decimal
* point we're going to see. Trim off leading and trailing
* zeros, which will just confuse us later, and adjust
* our initial decimal exponent accordingly.
* To review:
* we have seen i total characters.
* nLeadZero of them were zeros before any other digits.
* nTrailZero of them were zeros after any other digits.
* if ( decSeen ), then a . was seen after decPt characters
* ( including leading zeros which have been discarded )
* nDigits characters were neither lead nor trailing
* zeros, nor point
*/
/*
* special hack: if we saw no non-zero digits, then the
* answer is zero!
* Unfortunately, we feel honor-bound to keep parsing!
*/
if ( nDigits == 0 ){
digits = zero;
nDigits = 1;
if ( nLeadZero == 0 ){
// we saw NO DIGITS AT ALL,
// not even a crummy 0!
// this is not allowed.
break parseNumber; // go throw exception
}
}
/* Our initial exponent is decPt, adjusted by the number of
* discarded zeros. Or, if there was no decPt,
* then its just nDigits adjusted by discarded trailing zeros.
*/
if ( decSeen ){
decExp = decPt - nLeadZero;
} else {
decExp = nDigits+nTrailZero;
}
/*
* Look for 'e' or 'E' and an optionally signed integer.
*/
if ( (i < l) && (((c = in.charAt(i) )=='e') || (c == 'E') ) ){
int expSign = 1;
int expVal = 0;
int reallyBig = Integer.MAX_VALUE / 10;
boolean expOverflow = false;
switch( in.charAt(++i) ){
case '-':
expSign = -1;
//FALLTHROUGH
case '+':
i++;
}
int expAt = i;
expLoop:
while ( i < l ){
if ( expVal >= reallyBig ){
// the next character will cause integer
// overflow.
expOverflow = true;
}
switch ( c = in.charAt(i++) ){
case '0':
case '1':
case '2':
case '3':
case '4':
case '5':
case '6':
case '7':
case '8':
case '9':
expVal = expVal*10 + ( (int)c - (int)'0' );
continue;
default:
i--; // back up.
break expLoop; // stop parsing exponent.
}
}
int expLimit = bigDecimalExponent+nDigits+nTrailZero;
if ( expOverflow || ( expVal > expLimit ) ){
//
// The intent here is to end up with
// infinity or zero, as appropriate.
// The reason for yielding such a small decExponent,
// rather than something intuitive such as
// expSign*Integer.MAX_VALUE, is that this value
// is subject to further manipulation in
// doubleValue() and floatValue(), and I don't want
// it to be able to cause overflow there!
// (The only way we can get into trouble here is for
// really outrageous nDigits+nTrailZero, such as 2 billion. )
//
decExp = expSign*expLimit;
} else {
// this should not overflow, since we tested
// for expVal > (MAX+N), where N >= abs(decExp)
decExp = decExp + expSign*expVal;
}
// if we saw something not a digit ( or end of string )
// after the [Ee][+-], without seeing any digits at all
// this is certainly an error. If we saw some digits,
// but then some trailing garbage, that might be ok.
// so we just fall through in that case.
// HUMBUG
if ( i == expAt )
break parseNumber; // certainly bad
}
/*
* We parsed everything we could.
* If there are leftovers, then this is not good input!
*/
if ( i < l &&
((i != l - 1) ||
(in.charAt(i) != 'f' &&
in.charAt(i) != 'F' &&
in.charAt(i) != 'd' &&
in.charAt(i) != 'D'))) {
break parseNumber; // go throw exception
}
return new FormattedFloatingDecimal( isNegative, decExp, digits, nDigits, false, Integer.MAX_VALUE, Form.COMPATIBLE );
} catch ( StringIndexOutOfBoundsException e ){ }
throw new NumberFormatException("For input string: \"" + in + "\"");
}
/*
* Take a FormattedFloatingDecimal, which we presumably just scanned in,
* and find out what its value is, as a double.
@ -2035,548 +1767,4 @@ public class FormattedFloatingDecimal{
private static final char infinity[] = { 'I', 'n', 'f', 'i', 'n', 'i', 't', 'y' };
private static final char notANumber[] = { 'N', 'a', 'N' };
private static final char zero[] = { '0', '0', '0', '0', '0', '0', '0', '0' };
/*
* Grammar is compatible with hexadecimal floating-point constants
* described in section 6.4.4.2 of the C99 specification.
*/
private static Pattern hexFloatPattern = Pattern.compile(
//1 234 56 7 8 9
"([-+])?0[xX](((\\p{XDigit}+)\\.?)|((\\p{XDigit}*)\\.(\\p{XDigit}+)))[pP]([-+])?(\\p{Digit}+)[fFdD]?"
);
/*
* Convert string s to a suitable floating decimal; uses the
* double constructor and set the roundDir variable appropriately
* in case the value is later converted to a float.
*/
static FormattedFloatingDecimal parseHexString(String s) {
// Verify string is a member of the hexadecimal floating-point
// string language.
Matcher m = hexFloatPattern.matcher(s);
boolean validInput = m.matches();
if (!validInput) {
// Input does not match pattern
throw new NumberFormatException("For input string: \"" + s + "\"");
} else { // validInput
/*
* We must isolate the sign, significand, and exponent
* fields. The sign value is straightforward. Since
* floating-point numbers are stored with a normalized
* representation, the significand and exponent are
* interrelated.
*
* After extracting the sign, we normalized the
* significand as a hexadecimal value, calculating an
* exponent adjust for any shifts made during
* normalization. If the significand is zero, the
* exponent doesn't need to be examined since the output
* will be zero.
*
* Next the exponent in the input string is extracted.
* Afterwards, the significand is normalized as a *binary*
* value and the input value's normalized exponent can be
* computed. The significand bits are copied into a
* double significand; if the string has more logical bits
* than can fit in a double, the extra bits affect the
* round and sticky bits which are used to round the final
* value.
*/
// Extract significand sign
String group1 = m.group(1);
double sign = (( group1 == null ) || group1.equals("+"))? 1.0 : -1.0;
// Extract Significand magnitude
/*
* Based on the form of the significand, calculate how the
* binary exponent needs to be adjusted to create a
* normalized *hexadecimal* floating-point number; that
* is, a number where there is one nonzero hex digit to
* the left of the (hexa)decimal point. Since we are
* adjusting a binary, not hexadecimal exponent, the
* exponent is adjusted by a multiple of 4.
*
* There are a number of significand scenarios to consider;
* letters are used in indicate nonzero digits:
*
* 1. 000xxxx => x.xxx normalized
* increase exponent by (number of x's - 1)*4
*
* 2. 000xxx.yyyy => x.xxyyyy normalized
* increase exponent by (number of x's - 1)*4
*
* 3. .000yyy => y.yy normalized
* decrease exponent by (number of zeros + 1)*4
*
* 4. 000.00000yyy => y.yy normalized
* decrease exponent by (number of zeros to right of point + 1)*4
*
* If the significand is exactly zero, return a properly
* signed zero.
*/
String significandString =null;
int signifLength = 0;
int exponentAdjust = 0;
{
int leftDigits = 0; // number of meaningful digits to
// left of "decimal" point
// (leading zeros stripped)
int rightDigits = 0; // number of digits to right of
// "decimal" point; leading zeros
// must always be accounted for
/*
* The significand is made up of either
*
* 1. group 4 entirely (integer portion only)
*
* OR
*
* 2. the fractional portion from group 7 plus any
* (optional) integer portions from group 6.
*/
String group4;
if( (group4 = m.group(4)) != null) { // Integer-only significand
// Leading zeros never matter on the integer portion
significandString = stripLeadingZeros(group4);
leftDigits = significandString.length();
}
else {
// Group 6 is the optional integer; leading zeros
// never matter on the integer portion
String group6 = stripLeadingZeros(m.group(6));
leftDigits = group6.length();
// fraction
String group7 = m.group(7);
rightDigits = group7.length();
// Turn "integer.fraction" into "integer"+"fraction"
significandString =
((group6 == null)?"":group6) + // is the null
// check necessary?
group7;
}
significandString = stripLeadingZeros(significandString);
signifLength = significandString.length();
/*
* Adjust exponent as described above
*/
if (leftDigits >= 1) { // Cases 1 and 2
exponentAdjust = 4*(leftDigits - 1);
} else { // Cases 3 and 4
exponentAdjust = -4*( rightDigits - signifLength + 1);
}
// If the significand is zero, the exponent doesn't
// matter; return a properly signed zero.
if (signifLength == 0) { // Only zeros in input
return new FormattedFloatingDecimal(sign * 0.0);
}
}
// Extract Exponent
/*
* Use an int to read in the exponent value; this should
* provide more than sufficient range for non-contrived
* inputs. If reading the exponent in as an int does
* overflow, examine the sign of the exponent and
* significand to determine what to do.
*/
String group8 = m.group(8);
boolean positiveExponent = ( group8 == null ) || group8.equals("+");
long unsignedRawExponent;
try {
unsignedRawExponent = Integer.parseInt(m.group(9));
}
catch (NumberFormatException e) {
// At this point, we know the exponent is
// syntactically well-formed as a sequence of
// digits. Therefore, if an NumberFormatException
// is thrown, it must be due to overflowing int's
// range. Also, at this point, we have already
// checked for a zero significand. Thus the signs
// of the exponent and significand determine the
// final result:
//
// significand
// + -
// exponent + +infinity -infinity
// - +0.0 -0.0
return new FormattedFloatingDecimal(sign * (positiveExponent ?
Double.POSITIVE_INFINITY : 0.0));
}
long rawExponent =
(positiveExponent ? 1L : -1L) * // exponent sign
unsignedRawExponent; // exponent magnitude
// Calculate partially adjusted exponent
long exponent = rawExponent + exponentAdjust ;
// Starting copying non-zero bits into proper position in
// a long; copy explicit bit too; this will be masked
// later for normal values.
boolean round = false;
boolean sticky = false;
int bitsCopied=0;
int nextShift=0;
long significand=0L;
// First iteration is different, since we only copy
// from the leading significand bit; one more exponent
// adjust will be needed...
// IMPORTANT: make leadingDigit a long to avoid
// surprising shift semantics!
long leadingDigit = getHexDigit(significandString, 0);
/*
* Left shift the leading digit (53 - (bit position of
* leading 1 in digit)); this sets the top bit of the
* significand to 1. The nextShift value is adjusted
* to take into account the number of bit positions of
* the leadingDigit actually used. Finally, the
* exponent is adjusted to normalize the significand
* as a binary value, not just a hex value.
*/
if (leadingDigit == 1) {
significand |= leadingDigit << 52;
nextShift = 52 - 4;
/* exponent += 0 */ }
else if (leadingDigit <= 3) { // [2, 3]
significand |= leadingDigit << 51;
nextShift = 52 - 5;
exponent += 1;
}
else if (leadingDigit <= 7) { // [4, 7]
significand |= leadingDigit << 50;
nextShift = 52 - 6;
exponent += 2;
}
else if (leadingDigit <= 15) { // [8, f]
significand |= leadingDigit << 49;
nextShift = 52 - 7;
exponent += 3;
} else {
throw new AssertionError("Result from digit converstion too large!");
}
// The preceding if-else could be replaced by a single
// code block based on the high-order bit set in
// leadingDigit. Given leadingOnePosition,
// significand |= leadingDigit << (SIGNIFICAND_WIDTH - leadingOnePosition);
// nextShift = 52 - (3 + leadingOnePosition);
// exponent += (leadingOnePosition-1);
/*
* Now the exponent variable is equal to the normalized
* binary exponent. Code below will make representation
* adjustments if the exponent is incremented after
* rounding (includes overflows to infinity) or if the
* result is subnormal.
*/
// Copy digit into significand until the significand can't
// hold another full hex digit or there are no more input
// hex digits.
int i = 0;
for(i = 1;
i < signifLength && nextShift >= 0;
i++) {
long currentDigit = getHexDigit(significandString, i);
significand |= (currentDigit << nextShift);
nextShift-=4;
}
// After the above loop, the bulk of the string is copied.
// Now, we must copy any partial hex digits into the
// significand AND compute the round bit and start computing
// sticky bit.
if ( i < signifLength ) { // at least one hex input digit exists
long currentDigit = getHexDigit(significandString, i);
// from nextShift, figure out how many bits need
// to be copied, if any
switch(nextShift) { // must be negative
case -1:
// three bits need to be copied in; can
// set round bit
significand |= ((currentDigit & 0xEL) >> 1);
round = (currentDigit & 0x1L) != 0L;
break;
case -2:
// two bits need to be copied in; can
// set round and start sticky
significand |= ((currentDigit & 0xCL) >> 2);
round = (currentDigit &0x2L) != 0L;
sticky = (currentDigit & 0x1L) != 0;
break;
case -3:
// one bit needs to be copied in
significand |= ((currentDigit & 0x8L)>>3);
// Now set round and start sticky, if possible
round = (currentDigit &0x4L) != 0L;
sticky = (currentDigit & 0x3L) != 0;
break;
case -4:
// all bits copied into significand; set
// round and start sticky
round = ((currentDigit & 0x8L) != 0); // is top bit set?
// nonzeros in three low order bits?
sticky = (currentDigit & 0x7L) != 0;
break;
default:
throw new AssertionError("Unexpected shift distance remainder.");
// break;
}
// Round is set; sticky might be set.
// For the sticky bit, it suffices to check the
// current digit and test for any nonzero digits in
// the remaining unprocessed input.
i++;
while(i < signifLength && !sticky) {
currentDigit = getHexDigit(significandString,i);
sticky = sticky || (currentDigit != 0);
i++;
}
}
// else all of string was seen, round and sticky are
// correct as false.
// Check for overflow and update exponent accordingly.
if (exponent > DoubleConsts.MAX_EXPONENT) { // Infinite result
// overflow to properly signed infinity
return new FormattedFloatingDecimal(sign * Double.POSITIVE_INFINITY);
} else { // Finite return value
if (exponent <= DoubleConsts.MAX_EXPONENT && // (Usually) normal result
exponent >= DoubleConsts.MIN_EXPONENT) {
// The result returned in this block cannot be a
// zero or subnormal; however after the
// significand is adjusted from rounding, we could
// still overflow in infinity.
// AND exponent bits into significand; if the
// significand is incremented and overflows from
// rounding, this combination will update the
// exponent correctly, even in the case of
// Double.MAX_VALUE overflowing to infinity.
significand = (( ((long)exponent +
(long)DoubleConsts.EXP_BIAS) <<
(DoubleConsts.SIGNIFICAND_WIDTH-1))
& DoubleConsts.EXP_BIT_MASK) |
(DoubleConsts.SIGNIF_BIT_MASK & significand);
} else { // Subnormal or zero
// (exponent < DoubleConsts.MIN_EXPONENT)
if (exponent < (DoubleConsts.MIN_SUB_EXPONENT -1 )) {
// No way to round back to nonzero value
// regardless of significand if the exponent is
// less than -1075.
return new FormattedFloatingDecimal(sign * 0.0);
} else { // -1075 <= exponent <= MIN_EXPONENT -1 = -1023
/*
* Find bit position to round to; recompute
* round and sticky bits, and shift
* significand right appropriately.
*/
sticky = sticky || round;
round = false;
// Number of bits of significand to preserve is
// exponent - abs_min_exp +1
// check:
// -1075 +1074 + 1 = 0
// -1023 +1074 + 1 = 52
int bitsDiscarded = 53 -
((int)exponent - DoubleConsts.MIN_SUB_EXPONENT + 1);
assert bitsDiscarded >= 1 && bitsDiscarded <= 53;
// What to do here:
// First, isolate the new round bit
round = (significand & (1L << (bitsDiscarded -1))) != 0L;
if (bitsDiscarded > 1) {
// create mask to update sticky bits; low
// order bitsDiscarded bits should be 1
long mask = ~((~0L) << (bitsDiscarded -1));
sticky = sticky || ((significand & mask) != 0L ) ;
}
// Now, discard the bits
significand = significand >> bitsDiscarded;
significand = (( ((long)(DoubleConsts.MIN_EXPONENT -1) + // subnorm exp.
(long)DoubleConsts.EXP_BIAS) <<
(DoubleConsts.SIGNIFICAND_WIDTH-1))
& DoubleConsts.EXP_BIT_MASK) |
(DoubleConsts.SIGNIF_BIT_MASK & significand);
}
}
// The significand variable now contains the currently
// appropriate exponent bits too.
/*
* Determine if significand should be incremented;
* making this determination depends on the least
* significant bit and the round and sticky bits.
*
* Round to nearest even rounding table, adapted from
* table 4.7 in "Computer Arithmetic" by IsraelKoren.
* The digit to the left of the "decimal" point is the
* least significant bit, the digits to the right of
* the point are the round and sticky bits
*
* Number Round(x)
* x0.00 x0.
* x0.01 x0.
* x0.10 x0.
* x0.11 x1. = x0. +1
* x1.00 x1.
* x1.01 x1.
* x1.10 x1. + 1
* x1.11 x1. + 1
*/
boolean incremented = false;
boolean leastZero = ((significand & 1L) == 0L);
if( ( leastZero && round && sticky ) ||
((!leastZero) && round )) {
incremented = true;
significand++;
}
FormattedFloatingDecimal fd = new FormattedFloatingDecimal(FpUtils.rawCopySign(
Double.longBitsToDouble(significand),
sign));
/*
* Set roundingDir variable field of fd properly so
* that the input string can be properly rounded to a
* float value. There are two cases to consider:
*
* 1. rounding to double discards sticky bit
* information that would change the result of a float
* rounding (near halfway case between two floats)
*
* 2. rounding to double rounds up when rounding up
* would not occur when rounding to float.
*
* For former case only needs to be considered when
* the bits rounded away when casting to float are all
* zero; otherwise, float round bit is properly set
* and sticky will already be true.
*
* The lower exponent bound for the code below is the
* minimum (normalized) subnormal exponent - 1 since a
* value with that exponent can round up to the
* minimum subnormal value and the sticky bit
* information must be preserved (i.e. case 1).
*/
if ((exponent >= FloatConsts.MIN_SUB_EXPONENT-1) &&
(exponent <= FloatConsts.MAX_EXPONENT ) ){
// Outside above exponent range, the float value
// will be zero or infinity.
/*
* If the low-order 28 bits of a rounded double
* significand are 0, the double could be a
* half-way case for a rounding to float. If the
* double value is a half-way case, the double
* significand may have to be modified to round
* the the right float value (see the stickyRound
* method). If the rounding to double has lost
* what would be float sticky bit information, the
* double significand must be incremented. If the
* double value's significand was itself
* incremented, the float value may end up too
* large so the increment should be undone.
*/
if ((significand & 0xfffffffL) == 0x0L) {
// For negative values, the sign of the
// roundDir is the same as for positive values
// since adding 1 increasing the significand's
// magnitude and subtracting 1 decreases the
// significand's magnitude. If neither round
// nor sticky is true, the double value is
// exact and no adjustment is required for a
// proper float rounding.
if( round || sticky) {
if (leastZero) { // prerounding lsb is 0
// If round and sticky were both true,
// and the least significant
// significand bit were 0, the rounded
// significand would not have its
// low-order bits be zero. Therefore,
// we only need to adjust the
// significand if round XOR sticky is
// true.
if (round ^ sticky) {
fd.roundDir = 1;
}
}
else { // prerounding lsb is 1
// If the prerounding lsb is 1 and the
// resulting significand has its
// low-order bits zero, the significand
// was incremented. Here, we undo the
// increment, which will ensure the
// right guard and sticky bits for the
// float rounding.
if (round)
fd.roundDir = -1;
}
}
}
}
fd.fromHex = true;
return fd;
}
}
}
/**
* Return <code>s</code> with any leading zeros removed.
*/
static String stripLeadingZeros(String s) {
return s.replaceFirst("^0+", "");
}
/**
* Extract a hexadecimal digit from position <code>position</code>
* of string <code>s</code>.
*/
static int getHexDigit(String s, int position) {
int value = Character.digit(s.charAt(position), 16);
if (value <= -1 || value >= 16) {
throw new AssertionError("Unxpected failure of digit converstion of " +
s.charAt(position));
}
return value;
}
}

1
jdk/src/share/classes/sun/misc/JavaIOAccess.java
View File

@ -29,6 +29,5 @@ import java.nio.charset.Charset;
public interface JavaIOAccess {
public Console console();
public Runnable consoleRestoreHook();
public Charset charset();
}

30
jdk/src/share/classes/sun/misc/JavaIODeleteOnExitAccess.java
View File

@ -1,30 +0,0 @@
/*
* Copyright 2005 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Sun designates this
* particular file as subject to the "Classpath" exception as provided
* by Sun in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
package sun.misc;
public interface JavaIODeleteOnExitAccess extends Runnable {
public void run();
}

3
jdk/src/share/classes/sun/misc/JavaLangAccess.java
View File

@ -54,4 +54,7 @@ public interface JavaLangAccess {
/** Set thread's blocker field. */
void blockedOn(Thread t, Interruptible b);
/** register shutdown hook */
void registerShutdownHook(int slot, Runnable r);
}

12
jdk/src/share/classes/sun/misc/SharedSecrets.java
View File

@ -44,7 +44,6 @@ public class SharedSecrets {
private static JavaUtilJarAccess javaUtilJarAccess;
private static JavaLangAccess javaLangAccess;
private static JavaIOAccess javaIOAccess;
private static JavaIODeleteOnExitAccess javaIODeleteOnExitAccess;
private static JavaNetAccess javaNetAccess;
private static JavaNioAccess javaNioAccess;
private static JavaIOFileDescriptorAccess javaIOFileDescriptorAccess;
@ -103,17 +102,6 @@ public class SharedSecrets {
return javaIOAccess;
}
public static void setJavaIODeleteOnExitAccess(JavaIODeleteOnExitAccess jida) {
javaIODeleteOnExitAccess = jida;
}
public static JavaIODeleteOnExitAccess getJavaIODeleteOnExitAccess() {
if (javaIODeleteOnExitAccess == null) {
unsafe.ensureClassInitialized(File.class);
}
return javaIODeleteOnExitAccess;
}
public static void setJavaIOFileDescriptorAccess(JavaIOFileDescriptorAccess jiofda) {
javaIOFileDescriptorAccess = jiofda;
}

10
jdk/src/share/classes/sun/security/jgss/spnego/NegTokenInit.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2005-2006 Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2005-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -66,11 +66,11 @@ public class NegTokenInit extends SpNegoToken {
private byte[] mechTypes = null;
private Oid[] mechTypeList = null;
private byte[] reqFlags = null;
private BitArray reqFlags = null;
private byte[] mechToken = null;
private byte[] mechListMIC = null;
NegTokenInit(byte[] mechTypes, byte[] flags,
NegTokenInit(byte[] mechTypes, BitArray flags,
byte[] token, byte[] mechListMIC)
{
super(NEG_TOKEN_INIT_ID);
@ -101,7 +101,7 @@ public class NegTokenInit extends SpNegoToken {
// write context flags with CONTEXT 01
if (reqFlags != null) {
DerOutputStream flags = new DerOutputStream();
flags.putBitString(reqFlags);
flags.putUnalignedBitString(reqFlags);
initToken.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x01), flags);
}
@ -237,7 +237,7 @@ public class NegTokenInit extends SpNegoToken {
return mechTypeList;
}
byte[] getReqFlags() {
BitArray getReqFlags() {
return reqFlags;
}

35
jdk/src/share/classes/sun/security/jgss/spnego/SpNegoContext.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2005-2008 Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2005-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -53,13 +53,6 @@ public class SpNegoContext implements GSSContextSpi {
private int state = STATE_NEW;
private static final int CHECKSUM_DELEG_FLAG = 1;
private static final int CHECKSUM_MUTUAL_FLAG = 2;
private static final int CHECKSUM_REPLAY_FLAG = 4;
private static final int CHECKSUM_SEQUENCE_FLAG = 8;
private static final int CHECKSUM_CONF_FLAG = 16;
private static final int CHECKSUM_INTEG_FLAG = 32;
/*
* Optional features that the application can set and their default
* values.
@ -697,25 +690,17 @@ public class SpNegoContext implements GSSContextSpi {
/**
* get the context flags
*/
private byte[] getContextFlags() {
int flags = 0;
private BitArray getContextFlags() {
BitArray out = new BitArray(7);
if (getCredDelegState())
flags |= CHECKSUM_DELEG_FLAG;
if (getMutualAuthState())
flags |= CHECKSUM_MUTUAL_FLAG;
if (getReplayDetState())
flags |= CHECKSUM_REPLAY_FLAG;
if (getSequenceDetState())
flags |= CHECKSUM_SEQUENCE_FLAG;
if (getIntegState())
flags |= CHECKSUM_INTEG_FLAG;
if (getConfState())
flags |= CHECKSUM_CONF_FLAG;
if (getCredDelegState()) out.set(0, true);
if (getMutualAuthState()) out.set(1, true);
if (getReplayDetState()) out.set(2, true);
if (getSequenceDetState()) out.set(3, true);
if (getConfState()) out.set(5, true);
if (getIntegState()) out.set(6, true);
byte[] temp = new byte[1];
temp[0] = (byte)(flags & 0xff);
return temp;
return out;
}
private void setContextFlags() {

55
jdk/src/share/classes/sun/security/provider/certpath/OCSPResponse.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2003-2008 Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2003-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -28,8 +28,6 @@ package sun.security.provider.certpath;
import java.io.*;
import java.math.BigInteger;
import java.security.*;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CRLReason;
import java.security.cert.X509Certificate;
@ -335,7 +333,7 @@ class OCSPResponse {
// Check whether the cert returned by the responder is trusted
if (x509Certs != null && x509Certs[0] != null) {
X509Certificate cert = x509Certs[0];
X509CertImpl cert = x509Certs[0];
// First check if the cert matches the responder cert which
// was set locally.
@ -344,8 +342,8 @@ class OCSPResponse {
// Next check if the cert was issued by the responder cert
// which was set locally.
} else if (cert.getIssuerDN().equals(
responderCert.getSubjectDN())) {
} else if (cert.getIssuerX500Principal().equals(
responderCert.getSubjectX500Principal())) {
// Check for the OCSPSigning key purpose
List<String> keyPurposes = cert.getExtendedKeyUsage();
@ -360,6 +358,43 @@ class OCSPResponse {
"OCSP responses");
}
// check the validity
try {
Date dateCheckedAgainst = params.getDate();
if (dateCheckedAgainst == null) {
cert.checkValidity();
} else {
cert.checkValidity(dateCheckedAgainst);
}
} catch (GeneralSecurityException e) {
if (DEBUG != null) {
DEBUG.println("Responder's certificate is not " +
"within the validity period.");
}
throw new CertPathValidatorException(
"Responder's certificate not within the " +
"validity period");
}
// check for revocation
//
// A CA may specify that an OCSP client can trust a
// responder for the lifetime of the responder's
// certificate. The CA does so by including the
// extension id-pkix-ocsp-nocheck.
//
Extension noCheck =
cert.getExtension(PKIXExtensions.OCSPNoCheck_Id);
if (noCheck != null) {
if (DEBUG != null) {
DEBUG.println("Responder's certificate includes " +
"the extension id-pkix-ocsp-nocheck.");
}
} else {
// we should do the revocating checking of the
// authorized responder in a future update.
}
// verify the signature
try {
cert.verify(responderCert.getPublicKey());
@ -369,6 +404,14 @@ class OCSPResponse {
} catch (GeneralSecurityException e) {
responderCert = null;
}
} else {
if (DEBUG != null) {
DEBUG.println("Responder's certificate is not " +
"authorized to sign OCSP responses.");
}
throw new CertPathValidatorException(
"Responder's certificate not authorized to sign " +
"OCSP responses");
}
}

14
jdk/src/share/classes/sun/security/provider/certpath/PKIXMasterCertPathValidator.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2000-2008 Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2000-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -143,11 +143,15 @@ class PKIXMasterCertPathValidator {
}
} catch (CertPathValidatorException cpve) {
// Throw the saved OCSP exception
// (when the CRL check has also failed)
// Throw the saved OCSP exception unless the CRL
// checker has determined that the cert is revoked
if (ocspCause != null &&
currChecker instanceof CrlRevocationChecker) {
throw ocspCause;
currChecker instanceof CrlRevocationChecker) {
if (cpve.getReason() == BasicReason.REVOKED) {
throw cpve;
} else {
throw ocspCause;
}
}
/*
* Handle failover from OCSP to CRLs

12
jdk/src/share/classes/sun/security/tools/KeyTool.java
View File

@ -875,6 +875,18 @@ public final class KeyTool {
if (filename != null) {
inStream = new FileInputStream(filename);
}
// Read the full stream before feeding to X509Factory,
// otherwise, keytool -gencert | keytool -importcert
// might not work properly, since -gencert is slow
// and there's no data in the pipe at the beginning.
ByteArrayOutputStream bout = new ByteArrayOutputStream();
byte[] b = new byte[4096];
while (true) {
int len = inStream.read(b);
if (len < 0) break;
bout.write(b, 0, len);
}
inStream = new ByteArrayInputStream(bout.toByteArray());
try {
String importAlias = (alias!=null)?alias:keyAlias;
if (keyStore.entryInstanceOf(importAlias, KeyStore.PrivateKeyEntry.class)) {

132
jdk/src/share/classes/sun/security/x509/OCSPNoCheckExtension.java Normal file
View File

@ -0,0 +1,132 @@
/*
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Sun designates this
* particular file as subject to the "Classpath" exception as provided
* by Sun in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
package sun.security.x509;
import java.io.IOException;
import java.io.OutputStream;
import java.util.Enumeration;
import sun.security.util.*;
/**
* Represent the OCSP NoCheck Extension from RFC2560.
* <p>
* A CA may specify that an OCSP client can trust a responder for the
* lifetime of the responder's certificate. The CA does so by including
* the extension id-pkix-ocsp-nocheck. This SHOULD be a non-critical
* extension. The value of the extension should be NULL. CAs issuing
* such a certificate should realized that a compromise of the
* responder's key, is as serious as the compromise of a CA key used to
* sign CRLs, at least for the validity period of this certificate. CA's
* may choose to issue this type of certificate with a very short
* lifetime and renew it frequently.
* <pre>
* id-pkix-ocsp-nocheck OBJECT IDENTIFIER ::= { id-pkix-ocsp 5 }
* </pre>
*
* @author Xuelei Fan
* @see Extension
* @see CertAttrSet
*/
public class OCSPNoCheckExtension extends Extension
implements CertAttrSet<String> {
/**
* Identifier for this attribute, to be used with the
* get, set, delete methods of Certificate, x509 type.
*/
public static final String IDENT =
"x509.info.extensions.OCSPNoCheck";
/**
* Attribute names.
*/
public static final String NAME = "OCSPNoCheck";
/**
* Create a OCSPNoCheckExtension
*/
public OCSPNoCheckExtension() throws IOException {
this.extensionId = PKIXExtensions.OCSPNoCheck_Id;
this.critical = false;
this.extensionValue = new byte[0];
}
/**
* Create the extension from the passed DER encoded value.
*
* @param critical true if the extension is to be treated as critical.
* @param value an array of DER encoded bytes of the actual value.
* @exception IOException on error.
*/
public OCSPNoCheckExtension(Boolean critical, Object value)
throws IOException {
this.extensionId = PKIXExtensions.OCSPNoCheck_Id;
this.critical = critical.booleanValue();
// the value should be null, just ignore it here.
this.extensionValue = new byte[0];
}
/**
* Set the attribute value.
*/
public void set(String name, Object obj) throws IOException {
throw new IOException("No attribute is allowed by " +
"CertAttrSet:OCSPNoCheckExtension.");
}
/**
* Get the attribute value.
*/
public Object get(String name) throws IOException {
throw new IOException("No attribute is allowed by " +
"CertAttrSet:OCSPNoCheckExtension.");
}
/**
* Delete the attribute value.
*/
public void delete(String name) throws IOException {
throw new IOException("No attribute is allowed by " +
"CertAttrSet:OCSPNoCheckExtension.");
}
/**
* Return an enumeration of names of attributes existing within this
* attribute.
*/
public Enumeration<String> getElements() {
return (new AttributeNameEnumeration()).elements();
}
/**
* Return the name of this attribute.
*/
public String getName() {
return NAME;
}
}

4
jdk/src/share/classes/sun/security/x509/OIDMap.java
View File

@ -100,6 +100,8 @@ public class OIDMap {
DeltaCRLIndicatorExtension.NAME;
private static final String FRESHEST_CRL = ROOT + "." +
FreshestCRLExtension.NAME;
private static final String OCSPNOCHECK = ROOT + "." +
OCSPNoCheckExtension.NAME;
private static final int NetscapeCertType_data[] =
{ 2, 16, 840, 1, 113730, 1, 1 };
@ -161,6 +163,8 @@ public class OIDMap {
"sun.security.x509.DeltaCRLIndicatorExtension");
addInternal(FRESHEST_CRL, PKIXExtensions.FreshestCRL_Id,
"sun.security.x509.FreshestCRLExtension");
addInternal(OCSPNOCHECK, PKIXExtensions.OCSPNoCheck_Id,
"sun.security.x509.OCSPNoCheckExtension");
}
/**

11
jdk/src/share/classes/sun/security/x509/PKIXExtensions.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 1997-2005 Sun Microsystems, Inc. All Rights Reserved.
* Copyright 1997-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -74,6 +74,8 @@ public class PKIXExtensions {
private static final int AuthInfoAccess_data [] = { 1, 3, 6, 1, 5, 5, 7, 1, 1};
private static final int SubjectInfoAccess_data [] = { 1, 3, 6, 1, 5, 5, 7, 1, 11};
private static final int FreshestCRL_data [] = { 2, 5, 29, 46 };
private static final int OCSPNoCheck_data [] = { 1, 3, 6, 1, 5, 5, 7,
48, 1, 5};
/**
* Identifies the particular public key used to sign the certificate.
@ -216,6 +218,12 @@ public class PKIXExtensions {
*/
public static final ObjectIdentifier FreshestCRL_Id;
/**
* Identifies the OCSP client can trust the responder for the
* lifetime of the responder's certificate.
*/
public static final ObjectIdentifier OCSPNoCheck_Id;
static {
AuthorityKey_Id = ObjectIdentifier.newInternal(AuthorityKey_data);
SubjectKey_Id = ObjectIdentifier.newInternal(SubjectKey_data);
@ -257,5 +265,6 @@ public class PKIXExtensions {
SubjectInfoAccess_Id =
ObjectIdentifier.newInternal(SubjectInfoAccess_data);
FreshestCRL_Id = ObjectIdentifier.newInternal(FreshestCRL_data);
OCSPNoCheck_Id = ObjectIdentifier.newInternal(OCSPNoCheck_data);
}
}

2
jdk/src/solaris/classes/sun/nio/ch/UnixAsynchronousSocketChannelImpl.java
View File

@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA conne02110-1301 USA.
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or

2
jdk/src/windows/classes/sun/nio/ch/WindowsAsynchronousSocketChannelImpl.java
View File

@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA conne02110-1301 USA.
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or

74
jdk/test/com/sun/jmx/snmp/SnmpOidHashCode.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2003 Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2003-2008 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -28,7 +28,8 @@
* @build SnmpOidHashCode
* @run main SnmpOidHashCode
*/
import com.sun.jmx.snmp.SnmpOid;
import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
public class SnmpOidHashCode {
public static final String[] oids = {
@ -57,16 +58,81 @@ public class SnmpOidHashCode {
".39."+0xFFFFFFFFL
};
// We use an SnmpOidBuilder in order to adapt this test case to a
// configuration where the SNMP packages are not present in rt.jar.
//
public static final class SnmpOidBuilder {
public static final String SNMP_OID_CLASS_NAME =
"com.sun.jmx.snmp.SnmpOid";
private static final Class<?> SNMP_OID_CLASS;
private static final Constructor<?> SNMP_OID_CTOR;
static {
Class<?> snmpOidClass;
try {
snmpOidClass =
Class.forName(SNMP_OID_CLASS_NAME, true, null);
} catch (ClassNotFoundException x) {
snmpOidClass = null;
System.err.println("WARNING: can't load "+SNMP_OID_CLASS_NAME);
} catch (NoClassDefFoundError x) {
snmpOidClass = null;
System.err.println("WARNING: can't load "+SNMP_OID_CLASS_NAME);
}
SNMP_OID_CLASS = snmpOidClass;
if (SNMP_OID_CLASS != null) {
try {
SNMP_OID_CTOR = snmpOidClass.getConstructor(String.class);
} catch (Exception x) {
throw new ExceptionInInitializerError(x);
}
} else {
SNMP_OID_CTOR = null;
}
}
public static boolean isSnmpPresent() {
System.out.println(SnmpOidHashCode.class.getName()+
": Testing for SNMP Packages...");
return SNMP_OID_CLASS != null;
}
public static Object newSnmpOid(String oid)
throws InstantiationException,
IllegalAccessException,
InvocationTargetException {
return SNMP_OID_CTOR.newInstance(oid);
}
}
private static Object newSnmpOid(String oid) throws Exception {
try {
return SnmpOidBuilder.newSnmpOid(oid);
} catch (InvocationTargetException x) {
final Throwable cause = x.getCause();
if (cause instanceof Exception) throw (Exception)cause;
if (cause instanceof Error) throw (Error)cause;
throw x;
}
}
public static void main(String args[]) {
if (!SnmpOidBuilder.isSnmpPresent()) {
System.err.println("WARNING: "+
SnmpOidBuilder.SNMP_OID_CLASS_NAME+" not present.");
System.err.println(SnmpOidHashCode.class.getName()+
": test skipped.");
return;
}
try {
int errCount=0;
int collisions=0;
for (int i=0;i<oids.length;i++) {
System.out.println("Testing " + oids[i]);
final SnmpOid o1 = new SnmpOid(oids[i]);
final Object o1 = newSnmpOid(oids[i]);
final int startCount=errCount;
for (int j=0;j<oids.length;j++) {
final SnmpOid o2 = new SnmpOid(oids[j]);
final Object o2 = newSnmpOid(oids[j]);
if (o1.equals(o2)) {
if (!(oids[i].equals(oids[j]))) {
System.err.println("OIDs differ but " +

157
jdk/test/com/sun/jmx/snmp/TimeTicksWrapping.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2003 Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2003-2008 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -29,33 +29,158 @@
* @build TimeTicksWrapping
* @run main TimeTicksWrapping
*/
import com.sun.jmx.snmp.SnmpTimeticks;
import com.sun.jmx.snmp.SnmpUnsignedInt;
import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
public class TimeTicksWrapping {
// We use an SnmpTimeticksBuilder in order to adapt this test case to a
// configuration where the SNMP packages are not present in rt.jar.
//
public static final class SnmpTimeticksBuilder {
public static final long MAX_VALUE = 0x0ffffffffL;
public static final String SNMP_TIME_TICKS_CLASS_NAME =
"com.sun.jmx.snmp.SnmpTimeticks";
private static final Class<?> SNMP_TIME_TICKS_CLASS;
private static final Constructor<?> SNMP_long_CTOR;
private static final Constructor<?> SNMP_LONG_CTOR;
private static final Method SNMP_LONG_VALUE;
static {
Class<?> snmpTimeTicksClass;
try {
snmpTimeTicksClass =
Class.forName(SNMP_TIME_TICKS_CLASS_NAME, true, null);
} catch (ClassNotFoundException x) {
snmpTimeTicksClass = null;
System.err.println("WARNING: can't load "+
SNMP_TIME_TICKS_CLASS_NAME);
} catch (NoClassDefFoundError x) {
snmpTimeTicksClass = null;
System.err.println("WARNING: can't load "+
SNMP_TIME_TICKS_CLASS_NAME);
}
SNMP_TIME_TICKS_CLASS = snmpTimeTicksClass;
if (SNMP_TIME_TICKS_CLASS != null) {
try {
SNMP_long_CTOR =
SNMP_TIME_TICKS_CLASS.getConstructor(long.class);
} catch (Exception x) {
throw new ExceptionInInitializerError(x);
}
} else {
SNMP_long_CTOR = null;
}
if (SNMP_TIME_TICKS_CLASS != null) {
try {
SNMP_LONG_CTOR =
SNMP_TIME_TICKS_CLASS.getConstructor(Long.class);
} catch (Exception x) {
throw new ExceptionInInitializerError(x);
}
} else {
SNMP_LONG_CTOR = null;
}
if (SNMP_TIME_TICKS_CLASS != null) {
try {
SNMP_LONG_VALUE =
SNMP_TIME_TICKS_CLASS.getMethod("longValue");
} catch (Exception x) {
throw new ExceptionInInitializerError(x);
}
} else {
SNMP_LONG_VALUE = null;
}
}
private final Object timeticks;
public SnmpTimeticksBuilder(long ticks) throws Exception {
timeticks = newSnmpTimeticks(ticks);
}
public SnmpTimeticksBuilder(Long ticks) throws Exception {
timeticks = newSnmpTimeticks(ticks);
}
public long longValue() throws Exception {
return longValue(timeticks);
}
public static boolean isSnmpPresent() {
System.out.println(TimeTicksWrapping.class.getName()+
": Testing for SNMP Packages...");
return SNMP_TIME_TICKS_CLASS != null;
}
private static Object newSnmpTimeticks(long time)
throws Exception {
try {
return SNMP_long_CTOR.newInstance(time);
} catch (InvocationTargetException x) {
final Throwable cause = x.getCause();
if (cause instanceof Exception) throw (Exception) cause;
if (cause instanceof Error) throw (Error) cause;
throw x;
}
}
private static Object newSnmpTimeticks(Long time)
throws Exception {
try {
return SNMP_LONG_CTOR.newInstance(time);
} catch (InvocationTargetException x) {
final Throwable cause = x.getCause();
if (cause instanceof Exception) throw (Exception) cause;
if (cause instanceof Error) throw (Error) cause;
throw x;
}
}
private static long longValue(Object o)
throws Exception {
try {
return ((Long)SNMP_LONG_VALUE.invoke(o)).longValue();
} catch (InvocationTargetException x) {
final Throwable cause = x.getCause();
if (cause instanceof Exception) throw (Exception) cause;
if (cause instanceof Error) throw (Error) cause;
throw x;
}
}
}
public static final long[] oks = {
0L, 1L, (long)Integer.MAX_VALUE, (long)Integer.MAX_VALUE*2,
(long)Integer.MAX_VALUE*2+1L, (long)Integer.MAX_VALUE*2+2L,
(long)Integer.MAX_VALUE*3,
SnmpUnsignedInt.MAX_VALUE, SnmpUnsignedInt.MAX_VALUE+1L,
SnmpUnsignedInt.MAX_VALUE*3-1L, Long.MAX_VALUE
SnmpTimeticksBuilder.MAX_VALUE, SnmpTimeticksBuilder.MAX_VALUE+1L,
SnmpTimeticksBuilder.MAX_VALUE*3-1L, Long.MAX_VALUE
};
public static final long[] kos = {
-1L, (long)Integer.MIN_VALUE, (long)Integer.MIN_VALUE*2,
(long)Integer.MIN_VALUE*2-1L, (long)Integer.MIN_VALUE*3,
-SnmpUnsignedInt.MAX_VALUE, -(SnmpUnsignedInt.MAX_VALUE+1L),
-(SnmpUnsignedInt.MAX_VALUE*3-1L), Long.MIN_VALUE
-SnmpTimeticksBuilder.MAX_VALUE, -(SnmpTimeticksBuilder.MAX_VALUE+1L),
-(SnmpTimeticksBuilder.MAX_VALUE*3-1L), Long.MIN_VALUE
};
public static void main(String args[]) {
if (!SnmpTimeticksBuilder.isSnmpPresent()) {
System.err.println("WARNING: "+
SnmpTimeticksBuilder.SNMP_TIME_TICKS_CLASS_NAME+
" not present.");
System.err.println(TimeTicksWrapping.class.getName()+
": test skipped.");
return;
}
try {
SnmpTimeticks t;
SnmpTimeticksBuilder t = null;
for (int i=0;i<oks.length;i++) {
final long t1,t2,t3;
t1 = (new SnmpTimeticks(oks[i])).longValue();
t2 = (new SnmpTimeticks(new Long(oks[i]))).longValue();
t1 = (new SnmpTimeticksBuilder(oks[i])).longValue();
t2 = (new SnmpTimeticksBuilder(new Long(oks[i]))).longValue();
t3 = oks[i]%0x0100000000L;
if (t1 != t3)
throw new Exception("Value should have wrapped: " +
@ -64,16 +189,16 @@ public class TimeTicksWrapping {
throw new Exception("Value should have wrapped: " +
"Long("+oks[i]+") expected: " + t3);
if (t1 > SnmpUnsignedInt.MAX_VALUE)
if (t1 > SnmpTimeticksBuilder.MAX_VALUE)
throw new Exception("Value should have wrapped " +
"for " + oks[i] + ": " +
t1 + " exceeds max: " +
SnmpUnsignedInt.MAX_VALUE);
if (t2 > SnmpUnsignedInt.MAX_VALUE)
SnmpTimeticksBuilder.MAX_VALUE);
if (t2 > SnmpTimeticksBuilder.MAX_VALUE)
throw new Exception("Value should have wrapped " +
"for " + oks[i] + ": " +
t2 + " exceeds max: " +
SnmpUnsignedInt.MAX_VALUE);
SnmpTimeticksBuilder.MAX_VALUE);
if (t1 < 0)
throw new Exception("Value should have wrapped: " +
@ -90,14 +215,14 @@ public class TimeTicksWrapping {
for (int i=0;i<kos.length;i++) {
try {
t = new SnmpTimeticks(kos[i]);
t = new SnmpTimeticksBuilder(kos[i]);
throw new Exception("Value should have been rejected: " +
kos[i]);
} catch (IllegalArgumentException x) {
// OK!
}
try {
t = new SnmpTimeticks(new Long(kos[i]));
t = new SnmpTimeticksBuilder(new Long(kos[i]));
throw new Exception("Value should have been rejected: " +
"Long("+kos[i]+")");
} catch (IllegalArgumentException x) {

4
jdk/test/java/awt/Frame/FrameSize/TestFrameSize.java
View File

@ -15,6 +15,10 @@
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/*

265
jdk/test/java/security/cert/CertPathValidator/OCSP/FailoverToCRL.java Normal file
View File

@ -0,0 +1,265 @@
/*
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/**
* @test
* @bug 6383095
* @summary CRL revoked certificate failures masked by OCSP failures
*
* Note that the certificate validity is from Mar 16 14:55:35 2009 GMT to
* Dec 1 14:55:35 2028 GMT, please update it with newer certificate if
* expires.
*
* @author Xuelei Fan
*/
/*
* Certificates used in the test.
*
* end entity certificate:
* Data:
* Version: 3 (0x2)
* Serial Number: 25 (0x19)
* Signature Algorithm: md5WithRSAEncryption
* Issuer: C=US, ST=Some-State, L=Some-City, O=Some-Org
* Validity
* Not Before: Mar 16 14:55:35 2009 GMT
* Not After : Dec 1 14:55:35 2028 GMT
* Subject: C=US, ST=Some-State, L=Some-City, O=Some-Org, OU=SSL-Client,
* CN=localhost
* Subject Public Key Info:
* Public Key Algorithm: rsaEncryption
* RSA Public Key: (1024 bit)
* Modulus (1024 bit):
* 00:bb:f0:40:36:ac:26:54:4e:f4:a3:5a:00:2f:69:
* 21:6f:b9:7a:3a:93:ec:a2:f6:e1:8e:c7:63:d8:2f:
* 12:30:99:2e:b0:f2:8f:f8:27:2d:24:78:28:84:f7:
* 01:bf:8d:44:79:dd:3b:d2:55:f3:ce:3c:b2:5b:21:
* 7d:ef:fd:33:4a:b1:a3:ff:c6:c8:9b:b9:0f:7c:41:
* 35:97:f9:db:3a:05:60:05:15:af:59:17:92:a3:10:
* ad:16:1c:e4:07:53:af:a8:76:a2:56:2a:92:d3:f9:
* 28:e0:78:cf:5e:1f:48:ab:5c:19:dd:e1:67:43:ba:
* 75:8d:f5:82:ac:43:92:44:1b
* Exponent: 65537 (0x10001)
* X509v3 extensions:
* X509v3 Basic Constraints:
* CA:FALSE
* X509v3 Key Usage:
* Digital Signature, Non Repudiation, Key Encipherment
* X509v3 Subject Key Identifier:
* CD:BB:C8:85:AA:91:BD:FD:1D:BE:CD:67:7C:FF:B3:E9:4C:A8:22:E6
* X509v3 Authority Key Identifier:
* keyid:FA:B9:51:BF:4C:E7:D9:86:98:33:F9:E7:CB:1E:F1:33:49:F7:A8:14
* Signature Algorithm: md5WithRSAEncryption
*
*
* trusted certificate authority:
* Data:
* Version: 3 (0x2)
* Serial Number: 0 (0x0)
* Signature Algorithm: md5WithRSAEncryption
* Issuer: C=US, ST=Some-State, L=Some-City, O=Some-Org
* Validity
* Not Before: Dec 8 02:43:36 2008 GMT
* Not After : Aug 25 02:43:36 2028 GMT
* Subject: C=US, ST=Some-State, L=Some-City, O=Some-Org
* Subject Public Key Info:
* Public Key Algorithm: rsaEncryption
* RSA Public Key: (1024 bit)
* Modulus (1024 bit):
* 00:cb:c4:38:20:07:be:88:a7:93:b0:a1:43:51:2d:
* d7:8e:85:af:54:dd:ad:a2:7b:23:5b:cf:99:13:53:
* 99:45:7d:ee:6d:ba:2d:bf:e3:ad:6e:3d:9f:1a:f9:
* 03:97:e0:17:55:ae:11:26:57:de:01:29:8e:05:3f:
* 21:f7:e7:36:e8:2e:37:d7:48:ac:53:d6:60:0e:c7:
* 50:6d:f6:c5:85:f7:8b:a6:c5:91:35:72:3c:94:ee:
* f1:17:f0:71:e3:ec:1b:ce:ca:4e:40:42:b0:6d:ee:
* 6a:0e:d6:e5:ad:3c:0f:c9:ba:82:4f:78:f8:89:97:
* 89:2a:95:12:4c:d8:09:2a:e9
* Exponent: 65537 (0x10001)
* X509v3 extensions:
* X509v3 Subject Key Identifier:
* FA:B9:51:BF:4C:E7:D9:86:98:33:F9:E7:CB:1E:F1:33:49:F7:A8:14
* X509v3 Authority Key Identifier:
* keyid:FA:B9:51:BF:4C:E7:D9:86:98:33:F9:E7:CB:1E:F1:33:49:F7:A8:14
* DirName:/C=US/ST=Some-State/L=Some-City/O=Some-Org
* X509v3 Basic Constraints:
* CA:TRUE
* Signature Algorithm: md5WithRSAEncryption
*
* CRL:
* Certificate Revocation List (CRL):
* Version 2 (0x1)
* Signature Algorithm: md5WithRSAEncryption
* Issuer: /C=US/ST=Some-State/L=Some-City/O=Some-Org
* Last Update: Mar 16 16:27:14 2009 GMT
* Next Update: May 15 16:27:14 2028 GMT
* CRL extensions:
* X509v3 CRL Number:
* 2
* Revoked Certificates:
* Serial Number: 19
* Revocation Date: Mar 16 16:22:08 2009 GMT
* CRL entry extensions:
* X509v3 CRL Reason Code:
* Superseded
* Signature Algorithm: md5WithRSAEncryption
*/
import java.io.*;
import java.net.SocketException;
import java.util.*;
import java.security.Security;
import java.security.cert.*;
import java.security.InvalidAlgorithmParameterException;
import java.security.cert.CertPathValidatorException.BasicReason;
public class FailoverToCRL {
static String trusedCertStr =
"-----BEGIN CERTIFICATE-----\n" +
"MIICrDCCAhWgAwIBAgIBADANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET\n" +
"MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK\n" +
"EwhTb21lLU9yZzAeFw0wODEyMDgwMjQzMzZaFw0yODA4MjUwMjQzMzZaMEkxCzAJ\n" +
"BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp\n" +
"dHkxETAPBgNVBAoTCFNvbWUtT3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB\n" +
"gQDLxDggB76Ip5OwoUNRLdeOha9U3a2ieyNbz5kTU5lFfe5tui2/461uPZ8a+QOX\n" +
"4BdVrhEmV94BKY4FPyH35zboLjfXSKxT1mAOx1Bt9sWF94umxZE1cjyU7vEX8HHj\n" +
"7BvOyk5AQrBt7moO1uWtPA/JuoJPePiJl4kqlRJM2Akq6QIDAQABo4GjMIGgMB0G\n" +
"A1UdDgQWBBT6uVG/TOfZhpgz+efLHvEzSfeoFDBxBgNVHSMEajBogBT6uVG/TOfZ\n" +
"hpgz+efLHvEzSfeoFKFNpEswSTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUt\n" +
"U3RhdGUxEjAQBgNVBAcTCVNvbWUtQ2l0eTERMA8GA1UEChMIU29tZS1PcmeCAQAw\n" +
"DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQBcIm534U123Hz+rtyYO5uA\n" +
"ofd81G6FnTfEAV8Kw9fGyyEbQZclBv34A9JsFKeMvU4OFIaixD7nLZ/NZ+IWbhmZ\n" +
"LovmJXyCkOufea73pNiZ+f/4/ScZaIlM/PRycQSqbFNd4j9Wott+08qxHPLpsf3P\n" +
"6Mvf0r1PNTY2hwTJLJmKtg==\n" +
"-----END CERTIFICATE-----";
static String targetCertStr =
"-----BEGIN CERTIFICATE-----\n" +
"MIICizCCAfSgAwIBAgIBGTANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET\n" +
"MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK\n" +
"EwhTb21lLU9yZzAeFw0wOTAzMTYxNDU1MzVaFw0yODEyMDExNDU1MzVaMHIxCzAJ\n" +
"BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp\n" +
"dHkxETAPBgNVBAoTCFNvbWUtT3JnMRMwEQYDVQQLEwpTU0wtQ2xpZW50MRIwEAYD\n" +
"VQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALvwQDas\n" +
"JlRO9KNaAC9pIW+5ejqT7KL24Y7HY9gvEjCZLrDyj/gnLSR4KIT3Ab+NRHndO9JV\n" +
"8848slshfe/9M0qxo//GyJu5D3xBNZf52zoFYAUVr1kXkqMQrRYc5AdTr6h2olYq\n" +
"ktP5KOB4z14fSKtcGd3hZ0O6dY31gqxDkkQbAgMBAAGjWjBYMAkGA1UdEwQCMAAw\n" +
"CwYDVR0PBAQDAgXgMB0GA1UdDgQWBBTNu8iFqpG9/R2+zWd8/7PpTKgi5jAfBgNV\n" +
"HSMEGDAWgBT6uVG/TOfZhpgz+efLHvEzSfeoFDANBgkqhkiG9w0BAQQFAAOBgQBv\n" +
"p7JjCDOrMBNun46xs4Gz7Y4ygM5VHaFP0oO7369twvRSu0pCuIdZd5OIMPFeRqQw\n" +
"PA68ZdhYVR0pG5W7isV+jB+Dfge/IOgOA85sZ/6FlP3PBRW+YMQKKdRr5So3ook9\n" +
"PimQ7rbxRAofPECv20IUKFBbOUkU+gFcn+WbTKYxBw==\n" +
"-----END CERTIFICATE-----";
static String crlStr =
"-----BEGIN X509 CRL-----\n" +
"MIIBRTCBrwIBATANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzETMBEGA1UE\n" +
"CBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQKEwhTb21l\n" +
"LU9yZxcNMDkwMzE2MTYyNzE0WhcNMjgwNTE1MTYyNzE0WjAiMCACARkXDTA5MDMx\n" +
"NjE2MjIwOFowDDAKBgNVHRUEAwoBBKAOMAwwCgYDVR0UBAMCAQIwDQYJKoZIhvcN\n" +
"AQEEBQADgYEAMixJI9vBwYpOGosn46+T/MTEtlm2S5pIVT/xPDrHkCPfw8l4Zrgp\n" +
"dGPuUkglWdrGdxY9MNRUj2YFNfdZi6zZ7JF6XbkDHYOAKYgPDJRjS/0VcBntn5RJ\n" +
"sQfZsBqc9fFSP8gknRRn3LT41kr9xNRxTT1t3YYjv7J3zkMYyInqeUA=\n" +
"-----END X509 CRL-----";
private static CertPath generateCertificatePath()
throws CertificateException {
// generate certificate from cert strings
CertificateFactory cf = CertificateFactory.getInstance("X.509");
ByteArrayInputStream is =
new ByteArrayInputStream(targetCertStr.getBytes());
Certificate targetCert = cf.generateCertificate(is);
// generate certification path
List<Certificate> list = Arrays.asList(new Certificate[] {targetCert});
return cf.generateCertPath(list);
}
private static Set<TrustAnchor> generateTrustAnchors()
throws CertificateException {
// generate certificate from cert string
CertificateFactory cf = CertificateFactory.getInstance("X.509");
ByteArrayInputStream is =
new ByteArrayInputStream(trusedCertStr.getBytes());
Certificate trusedCert = cf.generateCertificate(is);
// generate a trust anchor
TrustAnchor anchor = new TrustAnchor((X509Certificate)trusedCert, null);
return Collections.singleton(anchor);
}
private static CertStore generateCertificateStore() throws Exception {
// generate CRL from CRL string
CertificateFactory cf = CertificateFactory.getInstance("X.509");
ByteArrayInputStream is =
new ByteArrayInputStream(crlStr.getBytes());
// generate a cert store
Collection<? extends CRL> crls = cf.generateCRLs(is);
return CertStore.getInstance("Collection",
new CollectionCertStoreParameters(crls));
}
public static void main(String args[]) throws Exception {
CertPath path = generateCertificatePath();
Set<TrustAnchor> anchors = generateTrustAnchors();
CertStore crls = generateCertificateStore();
PKIXParameters params = new PKIXParameters(anchors);
// add the CRL store
params.addCertStore(crls);
// Activate certificate revocation checking
params.setRevocationEnabled(true);
// Activate OCSP
Security.setProperty("ocsp.enable", "true");
System.setProperty("com.sun.security.enableCRLDP", "true");
// Ensure that the ocsp.responderURL property is not set.
if (Security.getProperty("ocsp.responderURL") != null) {
throw new
Exception("The ocsp.responderURL property must not be set");
}
CertPathValidator validator = CertPathValidator.getInstance("PKIX");
try {
validator.validate(path, params);
} catch (CertPathValidatorException cpve) {
if (cpve.getReason() != BasicReason.REVOKED) {
throw new Exception(
"unexpect exception, should be a REVOKED CPVE", cpve);
}
}
}
}

5
jdk/test/java/util/regex/RegExTest.java
View File

@ -3389,6 +3389,11 @@ public class RegExTest {
"gname",
"yyy");
check(Pattern.compile("x+(?<8gname>y+)z+"),
"xxxyyyzzz",
"8gname",
"yyy");
//backref
Pattern pattern = Pattern.compile("(a*)bc\\1");
check(pattern, "zzzaabcazzz", true); // found "abca"

1
jdk/test/javax/script/Test3.java
View File

@ -4,7 +4,6 @@
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT

92
jdk/test/sun/security/krb5/auto/SpnegoReqFlags.java Normal file
View File

@ -0,0 +1,92 @@
/*
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/*
* @test
* @bug 6815182
* @summary GSSAPI/SPNEGO does not work with server using MIT Kerberos library
*/
import sun.security.jgss.GSSUtil;
import sun.security.util.BitArray;
import sun.security.util.DerInputStream;
import sun.security.util.DerValue;
public class SpnegoReqFlags {
public static void main(String[] args)
throws Exception {
// Create and start the KDC
new OneKDC(null).writeJAASConf();
new SpnegoReqFlags().go();
}
void go() throws Exception {
Context c = Context.fromJAAS("client");
c.startAsClient(OneKDC.SERVER, GSSUtil.GSS_SPNEGO_MECH_OID);
byte[] token = c.doAs(new Action() {
@Override
public byte[] run(Context me, byte[] input) throws Exception {
me.x().requestCredDeleg(true);
me.x().requestReplayDet(false);
me.x().requestSequenceDet(false);
return me.x().initSecContext(new byte[0], 0, 0);
}
}, null);
DerValue d = new DerValue(token); // GSSToken
DerInputStream ins = d.data; // OID + mech token
d.data.getDerValue(); // skip OID
d = d.data.getDerValue(); // NegTokenInit
d = d.data.getDerValue(); // The SEQUENCE inside
boolean found = false;
// Go through all fields inside NegTokenInit. The reqFlags field
// is optional. It's even not recommended in RFC 4178.
while (d.data.available() > 0) {
DerValue d2 = d.data.getDerValue();
if (d2.isContextSpecific((byte)1)) {
found = true;
System.out.println("regFlags field located.");
BitArray ba = d2.data.getUnalignedBitString();
if (ba.length() != 7) {
throw new Exception("reqFlags should contain 7 bits");
}
if (!ba.get(0)) {
throw new Exception("delegFlag should be true");
}
if (ba.get(2) || ba.get(3)) {
throw new Exception("replay/sequenceFlag should be false");
}
}
}
if (!found) {
System.out.println("Warning: regFlags field not found, too new?");
}
c.dispose();
}
}

62
jdk/test/sun/security/tools/keytool/importreadall.sh Normal file
View File

@ -0,0 +1,62 @@
#
# Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 2 only, as
# published by the Free Software Foundation.
#
# This code is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# version 2 for more details (a copy is included in the LICENSE file that
# accompanied this code).
#
# You should have received a copy of the GNU General Public License version
# 2 along with this work; if not, write to the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
# Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
# CA 95054 USA or visit www.sun.com if you need additional information or
# have any questions.
#
# @test
# @bug 6819272
# @summary keytool -importcert should read the whole input
#
# @run shell importreadall.sh
# set a few environment variables so that the shell-script can run stand-alone
# in the source directory
if [ "${TESTSRC}" = "" ] ; then
TESTSRC="."
fi
if [ "${TESTJAVA}" = "" ] ; then
JAVA_CMD=`which java`
TESTJAVA=`dirname $JAVA_CMD`/..
fi
# set platform-dependent variables
OS=`uname -s`
case "$OS" in
Windows_* )
FS="\\"
;;
* )
FS="/"
;;
esac
KEYTOOL="${TESTJAVA}${FS}bin${FS}keytool -keystore importreadall.jks -storepass changeit -keypass changeit"
# In case the test is run twice in the same directory
$KEYTOOL -delete -alias a
$KEYTOOL -delete -alias ca
$KEYTOOL -genkeypair -alias a -dname CN=a || exit 1
$KEYTOOL -genkeypair -alias ca -dname CN=ca || exit 2
$KEYTOOL -certreq -alias a | $KEYTOOL -gencert -alias ca | $KEYTOOL -importcert -alias a
exit $?