1 |
# HG changeset patch |
2 |
# User andrew |
3 |
# Date 1459487045 -3600 |
4 |
# Fri Apr 01 06:04:05 2016 +0100 |
5 |
# Node ID 3334efeacd8327a14b7d2f392f4546e3c29c594b |
6 |
# Parent 6b81fd2227d14226f2121f2d51b464536925686e |
7 |
PR2888: OpenJDK should check for system cacerts database (e.g. /etc/pki/java/cacerts) |
8 |
|
9 |
diff --git a/src/share/classes/sun/security/ssl/TrustManagerFactoryImpl.java b/src/share/classes/sun/security/ssl/TrustManagerFactoryImpl.java |
10 |
--- openjdk/jdk/src/share/classes/sun/security/ssl/TrustManagerFactoryImpl.java |
11 |
+++ openjdk/jdk/src/share/classes/sun/security/ssl/TrustManagerFactoryImpl.java |
12 |
@@ -174,15 +174,20 @@ |
13 |
storeFile = new File(storeFileName); |
14 |
fis = getFileInputStream(storeFile); |
15 |
} else { |
16 |
- String javaHome = props.get("javaHome"); |
17 |
- storeFile = new File(javaHome + sep + "lib" + sep |
18 |
- + "security" + sep + |
19 |
- "jssecacerts"); |
20 |
+ /* Check system cacerts DB first; /etc/pki/java/cacerts */ |
21 |
+ storeFile = new File(sep + "etc" + sep + "pki" + sep |
22 |
+ + "java" + sep + "cacerts"); |
23 |
if ((fis = getFileInputStream(storeFile)) == null) { |
24 |
+ String javaHome = props.get("javaHome"); |
25 |
storeFile = new File(javaHome + sep + "lib" + sep |
26 |
- + "security" + sep + |
27 |
- "cacerts"); |
28 |
- fis = getFileInputStream(storeFile); |
29 |
+ + "security" + sep + |
30 |
+ "jssecacerts"); |
31 |
+ if ((fis = getFileInputStream(storeFile)) == null) { |
32 |
+ storeFile = new File(javaHome + sep + "lib" + sep |
33 |
+ + "security" + sep + |
34 |
+ "cacerts"); |
35 |
+ fis = getFileInputStream(storeFile); |
36 |
+ } |
37 |
} |
38 |
} |
39 |
|
40 |
diff --git a/src/share/classes/sun/security/tools/KeyStoreUtil.java b/src/share/classes/sun/security/tools/KeyStoreUtil.java |
41 |
--- openjdk/jdk/src/share/classes/sun/security/tools/KeyStoreUtil.java |
42 |
+++ openjdk/jdk/src/share/classes/sun/security/tools/KeyStoreUtil.java |
43 |
@@ -87,9 +87,14 @@ |
44 |
throws Exception |
45 |
{ |
46 |
String sep = File.separator; |
47 |
- File file = new File(System.getProperty("java.home") + sep |
48 |
- + "lib" + sep + "security" + sep |
49 |
- + "cacerts"); |
50 |
+ /* Check system cacerts DB first; /etc/pki/java/cacerts */ |
51 |
+ File file = new File(sep + "etc" + sep + "pki" + sep |
52 |
+ + "java" + sep + "cacerts"); |
53 |
+ if (!file.exists()) { |
54 |
+ file = new File(System.getProperty("java.home") + sep |
55 |
+ + "lib" + sep + "security" + sep |
56 |
+ + "cacerts"); |
57 |
+ } |
58 |
if (!file.exists()) { |
59 |
return null; |
60 |
} |