1 |
|
2 |
# HG changeset patch |
3 |
# User andrew |
4 |
# Date 1478057514 0 |
5 |
# Node ID 1c4d5cb2096ae55106111da200b0bcad304f650c |
6 |
# Parent 3d53f19b48384e5252f4ec8891f7a3a82d77af2a |
7 |
PR3183: Support Fedora/RHEL system crypto policy |
8 |
|
9 |
diff -r 3d53f19b4838 -r 1c4d5cb2096a src/share/classes/java/security/Security.java |
10 |
--- openjdk/jdk/src/share/classes/java/security/Security.java Wed Oct 26 03:51:39 2016 +0100 |
11 |
+++ openjdk/jdk/src/share/classes/java/security/Security.java Wed Nov 02 03:31:54 2016 +0000 |
12 |
@@ -43,6 +43,9 @@ |
13 |
* implementation-specific location, which is typically the properties file |
14 |
* {@code lib/security/java.security} in the Java installation directory. |
15 |
* |
16 |
+ * <p>Additional default values of security properties are read from a |
17 |
+ * system-specific location, if available.</p> |
18 |
+ * |
19 |
* @author Benjamin Renaud |
20 |
*/ |
21 |
|
22 |
@@ -52,6 +55,10 @@ |
23 |
private static final Debug sdebug = |
24 |
Debug.getInstance("properties"); |
25 |
|
26 |
+ /* System property file*/ |
27 |
+ private static final String SYSTEM_PROPERTIES = |
28 |
+ "/etc/crypto-policies/back-ends/java.config"; |
29 |
+ |
30 |
/* The java.security properties */ |
31 |
private static Properties props; |
32 |
|
33 |
@@ -93,6 +100,7 @@ |
34 |
if (sdebug != null) { |
35 |
sdebug.println("reading security properties file: " + |
36 |
propFile); |
37 |
+ sdebug.println(props.toString()); |
38 |
} |
39 |
} catch (IOException e) { |
40 |
if (sdebug != null) { |
41 |
@@ -114,6 +122,31 @@ |
42 |
} |
43 |
|
44 |
if ("true".equalsIgnoreCase(props.getProperty |
45 |
+ ("security.useSystemPropertiesFile"))) { |
46 |
+ |
47 |
+ // now load the system file, if it exists, so its values |
48 |
+ // will win if they conflict with the earlier values |
49 |
+ try (BufferedInputStream bis = |
50 |
+ new BufferedInputStream(new FileInputStream(SYSTEM_PROPERTIES))) { |
51 |
+ props.load(bis); |
52 |
+ loadedProps = true; |
53 |
+ |
54 |
+ if (sdebug != null) { |
55 |
+ sdebug.println("reading system security properties file " + |
56 |
+ SYSTEM_PROPERTIES); |
57 |
+ sdebug.println(props.toString()); |
58 |
+ } |
59 |
+ } catch (IOException e) { |
60 |
+ if (sdebug != null) { |
61 |
+ sdebug.println |
62 |
+ ("unable to load security properties from " + |
63 |
+ SYSTEM_PROPERTIES); |
64 |
+ e.printStackTrace(); |
65 |
+ } |
66 |
+ } |
67 |
+ } |
68 |
+ |
69 |
+ if ("true".equalsIgnoreCase(props.getProperty |
70 |
("security.overridePropertiesFile"))) { |
71 |
|
72 |
String extraPropFile = System.getProperty |
73 |
diff -r 3d53f19b4838 -r 1c4d5cb2096a src/share/lib/security/java.security-aix |
74 |
--- openjdk/jdk/src/share/lib/security/java.security-aix Wed Oct 26 03:51:39 2016 +0100 |
75 |
+++ openjdk/jdk/src/share/lib/security/java.security-aix Wed Nov 02 03:31:54 2016 +0000 |
76 |
@@ -276,6 +276,13 @@ |
77 |
security.overridePropertiesFile=true |
78 |
|
79 |
# |
80 |
+# Determines whether this properties file will be appended to |
81 |
+# using the system properties file stored at |
82 |
+# /etc/crypto-policies/back-ends/java.config |
83 |
+# |
84 |
+security.useSystemPropertiesFile=false |
85 |
+ |
86 |
+# |
87 |
# Determines the default key and trust manager factory algorithms for |
88 |
# the javax.net.ssl package. |
89 |
# |
90 |
diff -r 3d53f19b4838 -r 1c4d5cb2096a src/share/lib/security/java.security-linux |
91 |
--- openjdk/jdk/src/share/lib/security/java.security-linux Wed Oct 26 03:51:39 2016 +0100 |
92 |
+++ openjdk/jdk/src/share/lib/security/java.security-linux Wed Nov 02 03:31:54 2016 +0000 |
93 |
@@ -276,6 +276,13 @@ |
94 |
security.overridePropertiesFile=true |
95 |
|
96 |
# |
97 |
+# Determines whether this properties file will be appended to |
98 |
+# using the system properties file stored at |
99 |
+# /etc/crypto-policies/back-ends/java.config |
100 |
+# |
101 |
+security.useSystemPropertiesFile=false |
102 |
+ |
103 |
+# |
104 |
# Determines the default key and trust manager factory algorithms for |
105 |
# the javax.net.ssl package. |
106 |
# |
107 |
diff -r 3d53f19b4838 -r 1c4d5cb2096a src/share/lib/security/java.security-macosx |
108 |
--- openjdk/jdk/src/share/lib/security/java.security-macosx Wed Oct 26 03:51:39 2016 +0100 |
109 |
+++ openjdk/jdk/src/share/lib/security/java.security-macosx Wed Nov 02 03:31:54 2016 +0000 |
110 |
@@ -279,6 +279,13 @@ |
111 |
security.overridePropertiesFile=true |
112 |
|
113 |
# |
114 |
+# Determines whether this properties file will be appended to |
115 |
+# using the system properties file stored at |
116 |
+# /etc/crypto-policies/back-ends/java.config |
117 |
+# |
118 |
+security.useSystemPropertiesFile=false |
119 |
+ |
120 |
+# |
121 |
# Determines the default key and trust manager factory algorithms for |
122 |
# the javax.net.ssl package. |
123 |
# |
124 |
diff -r 3d53f19b4838 -r 1c4d5cb2096a src/share/lib/security/java.security-solaris |
125 |
--- openjdk/jdk/src/share/lib/security/java.security-solaris Wed Oct 26 03:51:39 2016 +0100 |
126 |
+++ openjdk/jdk/src/share/lib/security/java.security-solaris Wed Nov 02 03:31:54 2016 +0000 |
127 |
@@ -278,6 +278,13 @@ |
128 |
security.overridePropertiesFile=true |
129 |
|
130 |
# |
131 |
+# Determines whether this properties file will be appended to |
132 |
+# using the system properties file stored at |
133 |
+# /etc/crypto-policies/back-ends/java.config |
134 |
+# |
135 |
+security.useSystemPropertiesFile=false |
136 |
+ |
137 |
+# |
138 |
# Determines the default key and trust manager factory algorithms for |
139 |
# the javax.net.ssl package. |
140 |
# |
141 |
diff -r 3d53f19b4838 -r 1c4d5cb2096a src/share/lib/security/java.security-windows |
142 |
--- openjdk/jdk/src/share/lib/security/java.security-windows Wed Oct 26 03:51:39 2016 +0100 |
143 |
+++ openjdk/jdk/src/share/lib/security/java.security-windows Wed Nov 02 03:31:54 2016 +0000 |
144 |
@@ -279,6 +279,13 @@ |
145 |
security.overridePropertiesFile=true |
146 |
|
147 |
# |
148 |
+# Determines whether this properties file will be appended to |
149 |
+# using the system properties file stored at |
150 |
+# /etc/crypto-policies/back-ends/java.config |
151 |
+# |
152 |
+security.useSystemPropertiesFile=false |
153 |
+ |
154 |
+# |
155 |
# Determines the default key and trust manager factory algorithms for |
156 |
# the javax.net.ssl package. |
157 |
# |
158 |
|