Mercurial > hg > icedtea6
changeset 3182:6f0c7f0ded92
Fix issues found with b34.
OJ51, PR2187: Sync patch for 4873188 with 7 version
OJ52, PR2185: Application of 6786276 introduces compatibility issue
OJ53, PR2181: strict-aliasing warnings issued on PPC32
OJ54, PR2182: 6911104 reintroduces test fragment removed in existing 6964018 backport
S6730740, PR2186: Fix for 6729881 has apparently broken several 64 bit tests: "Bad address"
S7031830, PR2183: bad_record_mac failure on TLSv1.2 enabled connection with SSLEngine
2015-01-21 Andrew John Hughes <gnu.andrew@redhat.com>
* Makefile.am:
(ICEDTEA_PATCHES): Add patches below.
* NEWS: Updated.
* patches/openjdk/6730740-pr2186-64-bit_breakage_in_6729881.patch,
* patches/openjdk/7031830-pr2183-bad_record_mac_failure.patch,
* patches/openjdk/oj51-pr2187-sync_4873188.patch,
* patches/openjdk/oj52-pr2185-no_serbia_montenegro.patch,
* patches/openjdk/oj53-pr2181-strict_aliasing_on_ppc32.patch,
* patches/openjdk/oj54-pr2182-6911104_reintroduces_test_fragment.patch:
New patches to fix issues found in b34.
author | Andrew John Hughes <gnu.andrew@redhat.com> |
---|---|
date | Thu, 22 Jan 2015 00:48:41 +0000 |
parents | 00ac747c97a2 |
children | cc9dd4878fae 51379b337a8e |
files | ChangeLog Makefile.am NEWS patches/openjdk/6730740-pr2186-64-bit_breakage_in_6729881.patch patches/openjdk/7031830-pr2183-bad_record_mac_failure.patch patches/openjdk/oj51-pr2187-sync_4873188.patch patches/openjdk/oj52-pr2185-no_serbia_montenegro.patch patches/openjdk/oj53-pr2181-strict_aliasing_on_ppc32.patch patches/openjdk/oj54-pr2182-6911104_reintroduces_test_fragment.patch |
diffstat | 9 files changed, 774 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/ChangeLog Wed Jan 21 18:48:53 2015 +0000 +++ b/ChangeLog Thu Jan 22 00:48:41 2015 +0000 @@ -1,3 +1,16 @@ +2015-01-21 Andrew John Hughes <gnu.andrew@redhat.com> + + * Makefile.am: + (ICEDTEA_PATCHES): Add patches below. + * NEWS: Updated. + * patches/openjdk/6730740-pr2186-64-bit_breakage_in_6729881.patch, + * patches/openjdk/7031830-pr2183-bad_record_mac_failure.patch, + * patches/openjdk/oj51-pr2187-sync_4873188.patch, + * patches/openjdk/oj52-pr2185-no_serbia_montenegro.patch, + * patches/openjdk/oj53-pr2181-strict_aliasing_on_ppc32.patch, + * patches/openjdk/oj54-pr2182-6911104_reintroduces_test_fragment.patch: + New patches to fix issues found in b34. + 2014-10-29 Andrew John Hughes <gnu.andrew@redhat.com> * Makefile.am:
--- a/Makefile.am Wed Jan 21 18:48:53 2015 +0000 +++ b/Makefile.am Thu Jan 22 00:48:41 2015 +0000 @@ -609,7 +609,13 @@ patches/pr2070-type_punning_warnings.patch \ patches/pr2082-s390_type_fixes.patch \ patches/pr2096-4096-bit_dh.patch \ - patches/pr2179-avoid_x86_workaround_on_zero.patch + patches/pr2179-avoid_x86_workaround_on_zero.patch \ + patches/openjdk/6730740-pr2186-64-bit_breakage_in_6729881.patch \ + patches/openjdk/oj51-pr2187-sync_4873188.patch \ + patches/openjdk/7031830-pr2183-bad_record_mac_failure.patch \ + patches/openjdk/oj52-pr2185-no_serbia_montenegro.patch \ + patches/openjdk/oj53-pr2181-strict_aliasing_on_ppc32.patch \ + patches/openjdk/oj54-pr2182-6911104_reintroduces_test_fragment.patch if WITH_RHINO ICEDTEA_PATCHES += \
--- a/NEWS Wed Jan 21 18:48:53 2015 +0000 +++ b/NEWS Thu Jan 22 00:48:41 2015 +0000 @@ -164,10 +164,16 @@ - S8062807: Exporting RMI objects fails when run under restrictive SecurityManager - S8064560: (tz) Support tzdata2014j * Backports + - OJ51, PR2187: Sync patch for 4873188 with 7 version + - OJ52, PR2185: Application of 6786276 introduces compatibility issue + - OJ53, PR2181: strict-aliasing warnings issued on PPC32 + - OJ54, PR2182: 6911104 reintroduces test fragment removed in existing 6964018 backport - S6611637: NullPointerException in sun.font.GlyphLayout$EngineRecord.init - S6727719: Performance of TextLayout.getBounds() + - S6730740, PR2186: Fix for 6729881 has apparently broken several 64 bit tests: "Bad address" - S6745225: Memory leak while drawing Attributed String - S6904962: GlyphVector.getVisualBounds should not be affected by leading or trailing white space. + - S7031830, PR2183: bad_record_mac failure on TLSv1.2 enabled connection with SSLEngine - S7151089: PS NUMA: NUMA allocator should not attempt to free pages when using SHM large pages - S8000897, PR2173, RH1155012: VM crash in CompileBroker - S8013057: Detect mmap() commit failures in Linux and Solaris os::commit_memory() impls and call vm_exit_out_of_memory()
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/openjdk/6730740-pr2186-64-bit_breakage_in_6729881.patch Thu Jan 22 00:48:41 2015 +0000 @@ -0,0 +1,55 @@ +# HG changeset patch +# User chegar +# Date 1217350415 25200 +# Tue Jul 29 09:53:35 2008 -0700 +# Node ID 629fa51e0281243c7341bce37e4421a7069c72ee +# Parent 31845b0edbd16232f26c266f1f79729fb83a6975 +6730740: Fix for 6729881 has apparently broken several 64 bit tests: "Bad address" +Reviewed-by: alanb, jccollet + +diff -r 31845b0edbd1 -r 629fa51e0281 src/solaris/native/java/net/linux_close.c +--- openjdk/jdk/src/solaris/native/java/net/linux_close.c Wed Jan 21 20:57:52 2015 +0000 ++++ openjdk/jdk/src/solaris/native/java/net/linux_close.c Tue Jul 29 09:53:35 2008 -0700 +@@ -281,7 +281,9 @@ + + int NET_RecvFrom(int s, void *buf, int len, unsigned int flags, + struct sockaddr *from, int *fromlen) { +- BLOCKING_IO_RETURN_INT( s, recvfrom(s, buf, len, flags, from, (socklen_t)fromlen) ); ++ socklen_t socklen = *fromlen; ++ BLOCKING_IO_RETURN_INT( s, recvfrom(s, buf, len, flags, from, &socklen) ); ++ *fromlen = socklen; + } + + int NET_Send(int s, void *msg, int len, unsigned int flags) { +@@ -298,7 +300,9 @@ + } + + int NET_Accept(int s, struct sockaddr *addr, int *addrlen) { +- BLOCKING_IO_RETURN_INT( s, accept(s, addr, (socklen_t)addrlen) ); ++ socklen_t socklen = *addrlen; ++ BLOCKING_IO_RETURN_INT( s, accept(s, addr, &socklen) ); ++ *addrlen = socklen; + } + + int NET_Connect(int s, struct sockaddr *addr, int addrlen) { +diff -r 31845b0edbd1 -r 629fa51e0281 src/solaris/native/java/net/net_util_md.c +--- openjdk/jdk/src/solaris/native/java/net/net_util_md.c Wed Jan 21 20:57:52 2015 +0000 ++++ openjdk/jdk/src/solaris/native/java/net/net_util_md.c Tue Jul 29 09:53:35 2008 -0700 +@@ -1104,7 +1104,16 @@ + } + #endif + +- rv = getsockopt(fd, level, opt, result, (socklen_t)len); ++#ifdef __solaris__ ++ rv = getsockopt(fd, level, opt, result, len); ++#else ++ { ++ socklen_t socklen = *len; ++ rv = getsockopt(fd, level, opt, result, &socklen); ++ *len = socklen; ++ } ++#endif ++ + if (rv < 0) { + return rv; + }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/openjdk/7031830-pr2183-bad_record_mac_failure.patch Thu Jan 22 00:48:41 2015 +0000 @@ -0,0 +1,522 @@ +# HG changeset patch +# User wetmore +# Date 1421871245 0 +# Wed Jan 21 20:14:05 2015 +0000 +# Node ID 8b1568063cd45ed88422dd8d98f019f9971708e8 +# Parent bbff2a7acd335d23a7946a1b7eedd42946946311 +7031830: bad_record_mac failure on TLSv1.2 enabled connection with SSLEngine +Reviewed-by: xuelei, weijun, asaha + +diff -r bbff2a7acd33 -r 8b1568063cd4 src/share/classes/sun/security/ssl/CipherBox.java +--- openjdk/jdk/src/share/classes/sun/security/ssl/CipherBox.java Wed Jan 21 20:02:14 2015 +0000 ++++ openjdk/jdk/src/share/classes/sun/security/ssl/CipherBox.java Wed Jan 21 20:14:05 2015 +0000 +@@ -312,9 +312,11 @@ + byte[] buf = null; + int limit = bb.limit(); + if (bb.hasArray()) { ++ int arrayOffset = bb.arrayOffset(); + buf = bb.array(); +- System.arraycopy(buf, pos, +- buf, pos + prefix.length, limit - pos); ++ System.arraycopy(buf, arrayOffset + pos, ++ buf, arrayOffset + pos + prefix.length, ++ limit - pos); + bb.limit(limit + prefix.length); + } else { + buf = new byte[limit - pos]; +@@ -500,9 +502,10 @@ + byte[] buf = null; + int limit = bb.limit(); + if (bb.hasArray()) { ++ int arrayOffset = bb.arrayOffset(); + buf = bb.array(); +- System.arraycopy(buf, pos + blockSize, +- buf, pos, limit - pos - blockSize); ++ System.arraycopy(buf, arrayOffset + pos + blockSize, ++ buf, arrayOffset + pos, limit - pos - blockSize); + bb.limit(limit - blockSize); + } else { + buf = new byte[limit - pos - blockSize]; +diff -r bbff2a7acd33 -r 8b1568063cd4 test/sun/security/ssl/com/sun/net/ssl/internal/ssl/SSLEngineImpl/SSLEngineBadBufferArrayAccess.java +--- /dev/null Thu Jan 01 00:00:00 1970 +0000 ++++ openjdk/jdk/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/SSLEngineImpl/SSLEngineBadBufferArrayAccess.java Wed Jan 21 20:14:05 2015 +0000 +@@ -0,0 +1,479 @@ ++/* ++ * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++ ++/* ++ * @test ++ * @bug 7031830 ++ * @summary bad_record_mac failure on TLSv1.2 enabled connection with SSLEngine ++ * @run main/othervm SSLEngineBadBufferArrayAccess ++ * ++ * SunJSSE does not support dynamic system properties, no way to re-use ++ * system properties in samevm/agentvm mode. ++ */ ++ ++/** ++ * A SSLSocket/SSLEngine interop test case. This is not the way to ++ * code SSLEngine-based servers, but works for what we need to do here, ++ * which is to make sure that SSLEngine/SSLSockets can talk to each other. ++ * SSLEngines can use direct or indirect buffers, and different code ++ * is used to get at the buffer contents internally, so we test that here. ++ * ++ * The test creates one SSLSocket (client) and one SSLEngine (server). ++ * The SSLSocket talks to a raw ServerSocket, and the server code ++ * does the translation between byte [] and ByteBuffers that the SSLEngine ++ * can use. The "transport" layer consists of a Socket Input/OutputStream ++ * and two byte buffers for the SSLEngines: think of them ++ * as directly connected pipes. ++ * ++ * Again, this is a *very* simple example: real code will be much more ++ * involved. For example, different threading and I/O models could be ++ * used, transport mechanisms could close unexpectedly, and so on. ++ * ++ * When this application runs, notice that several messages ++ * (wrap/unwrap) pass before any application data is consumed or ++ * produced. (For more information, please see the SSL/TLS ++ * specifications.) There may several steps for a successful handshake, ++ * so it's typical to see the following series of operations: ++ * ++ * client server message ++ * ====== ====== ======= ++ * write() ... ClientHello ++ * ... unwrap() ClientHello ++ * ... wrap() ServerHello/Certificate ++ * read() ... ServerHello/Certificate ++ * write() ... ClientKeyExchange ++ * write() ... ChangeCipherSpec ++ * write() ... Finished ++ * ... unwrap() ClientKeyExchange ++ * ... unwrap() ChangeCipherSpec ++ * ... unwrap() Finished ++ * ... wrap() ChangeCipherSpec ++ * ... wrap() Finished ++ * read() ... ChangeCipherSpec ++ * read() ... Finished ++ * ++ * This particular bug had a problem where byte buffers backed by an ++ * array didn't offset correctly, and we got bad MAC errors. ++ */ ++import javax.net.ssl.*; ++import javax.net.ssl.SSLEngineResult.*; ++import java.io.*; ++import java.net.*; ++import java.security.*; ++import java.nio.*; ++ ++public class SSLEngineBadBufferArrayAccess { ++ ++ /* ++ * Enables logging of the SSL/TLS operations. ++ */ ++ private static boolean logging = true; ++ ++ /* ++ * Enables the JSSE system debugging system property: ++ * ++ * -Djavax.net.debug=all ++ * ++ * This gives a lot of low-level information about operations underway, ++ * including specific handshake messages, and might be best examined ++ * after gaining some familiarity with this application. ++ */ ++ private static boolean debug = false; ++ private SSLContext sslc; ++ private SSLEngine serverEngine; // server-side SSLEngine ++ private SSLSocket sslSocket; // client-side socket ++ private ServerSocket serverSocket; // server-side Socket, generates the... ++ private Socket socket; // server-side socket that will read ++ ++ private final byte[] serverMsg = "Hi there Client, I'm a Server".getBytes(); ++ private final byte[] clientMsg = "Hello Server, I'm a Client".getBytes(); ++ ++ private ByteBuffer serverOut; // write side of serverEngine ++ private ByteBuffer serverIn; // read side of serverEngine ++ ++ private volatile Exception clientException; ++ private volatile Exception serverException; ++ ++ /* ++ * For data transport, this example uses local ByteBuffers. ++ */ ++ private ByteBuffer cTOs; // "reliable" transport client->server ++ private ByteBuffer sTOc; // "reliable" transport server->client ++ ++ /* ++ * The following is to set up the keystores/trust material. ++ */ ++ private static final String pathToStores = "../../../../../../../etc/"; ++ private static final String keyStoreFile = "keystore"; ++ private static final String trustStoreFile = "truststore"; ++ private static final String passwd = "passphrase"; ++ private static String keyFilename = ++ System.getProperty("test.src", ".") + "/" + pathToStores ++ + "/" + keyStoreFile; ++ private static String trustFilename = ++ System.getProperty("test.src", ".") + "/" + pathToStores ++ + "/" + trustStoreFile; ++ ++ /* ++ * Main entry point for this test. ++ */ ++ public static void main(String args[]) throws Exception { ++ if (debug) { ++ System.setProperty("javax.net.debug", "all"); ++ } ++ ++ String [] protocols = new String [] { ++ "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2" }; ++ ++ for (String protocol : protocols) { ++ log("Testing " + protocol); ++ /* ++ * Run the tests with direct and indirect buffers. ++ */ ++ SSLEngineBadBufferArrayAccess test = ++ new SSLEngineBadBufferArrayAccess(protocol); ++ test.runTest(true); ++ test.runTest(false); ++ } ++ ++ System.out.println("Test Passed."); ++ } ++ ++ /* ++ * Create an initialized SSLContext to use for these tests. ++ */ ++ public SSLEngineBadBufferArrayAccess(String protocol) throws Exception { ++ ++ KeyStore ks = KeyStore.getInstance("JKS"); ++ KeyStore ts = KeyStore.getInstance("JKS"); ++ ++ char[] passphrase = "passphrase".toCharArray(); ++ ++ ks.load(new FileInputStream(keyFilename), passphrase); ++ ts.load(new FileInputStream(trustFilename), passphrase); ++ ++ KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); ++ kmf.init(ks, passphrase); ++ ++ TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509"); ++ tmf.init(ts); ++ ++ SSLContext sslCtx = SSLContext.getInstance(protocol); ++ ++ sslCtx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); ++ ++ sslc = sslCtx; ++ } ++ ++ /* ++ * Run the test. ++ * ++ * Sit in a tight loop, with the server engine calling wrap/unwrap ++ * regardless of whether data is available or not. We do this until ++ * we get the application data. Then we shutdown and go to the next one. ++ * ++ * The main loop handles all of the I/O phases of the SSLEngine's ++ * lifetime: ++ * ++ * initial handshaking ++ * application data transfer ++ * engine closing ++ * ++ * One could easily separate these phases into separate ++ * sections of code. ++ */ ++ private void runTest(boolean direct) throws Exception { ++ boolean serverClose = direct; ++ ++ serverSocket = new ServerSocket(0); ++ int port = serverSocket.getLocalPort(); ++ Thread thread = createClientThread(port, serverClose); ++ ++ socket = serverSocket.accept(); ++ socket.setSoTimeout(500); ++ serverSocket.close(); ++ ++ createSSLEngine(); ++ createBuffers(direct); ++ ++ try { ++ boolean closed = false; ++ ++ InputStream is = socket.getInputStream(); ++ OutputStream os = socket.getOutputStream(); ++ ++ SSLEngineResult serverResult; // results from last operation ++ ++ /* ++ * Examining the SSLEngineResults could be much more involved, ++ * and may alter the overall flow of the application. ++ * ++ * For example, if we received a BUFFER_OVERFLOW when trying ++ * to write to the output pipe, we could reallocate a larger ++ * pipe, but instead we wait for the peer to drain it. ++ */ ++ byte[] inbound = new byte[8192]; ++ byte[] outbound = new byte[8192]; ++ ++ while (!isEngineClosed(serverEngine)) { ++ int len = 0; ++ ++ // Inbound data ++ log("================"); ++ ++ // Read from the Client side. ++ try { ++ len = is.read(inbound); ++ if (len == -1) { ++ throw new Exception("Unexpected EOF"); ++ } ++ cTOs.put(inbound, 0, len); ++ } catch (SocketTimeoutException ste) { ++ // swallow. Nothing yet, probably waiting on us. ++ } ++ ++ cTOs.flip(); ++ ++ serverResult = serverEngine.unwrap(cTOs, serverIn); ++ log("server unwrap: ", serverResult); ++ runDelegatedTasks(serverResult, serverEngine); ++ cTOs.compact(); ++ ++ // Outbound data ++ log("----"); ++ ++ serverResult = serverEngine.wrap(serverOut, sTOc); ++ log("server wrap: ", serverResult); ++ runDelegatedTasks(serverResult, serverEngine); ++ ++ sTOc.flip(); ++ ++ if ((len = sTOc.remaining()) != 0) { ++ sTOc.get(outbound, 0, len); ++ os.write(outbound, 0, len); ++ // Give the other side a chance to process ++ } ++ ++ sTOc.compact(); ++ ++ if (!closed && (serverOut.remaining() == 0)) { ++ closed = true; ++ ++ /* ++ * We'll alternate initiatating the shutdown. ++ * When the server initiates, it will take one more ++ * loop, but tests the orderly shutdown. ++ */ ++ if (serverClose) { ++ serverEngine.closeOutbound(); ++ } ++ serverIn.flip(); ++ ++ /* ++ * A sanity check to ensure we got what was sent. ++ */ ++ if (serverIn.remaining() != clientMsg.length) { ++ throw new Exception("Client: Data length error"); ++ } ++ ++ for (int i = 0; i < clientMsg.length; i++) { ++ if (clientMsg[i] != serverIn.get()) { ++ throw new Exception("Client: Data content error"); ++ } ++ } ++ serverIn.compact(); ++ } ++ } ++ return; ++ } catch (Exception e) { ++ serverException = e; ++ } finally { ++ socket.close(); ++ ++ // Wait for the client to join up with us. ++ thread.join(); ++ if (serverException != null) { ++ throw serverException; ++ } ++ if (clientException != null) { ++ throw clientException; ++ } ++ } ++ } ++ ++ /* ++ * Create a client thread which does simple SSLSocket operations. ++ * We'll write and read one data packet. ++ */ ++ private Thread createClientThread(final int port, ++ final boolean serverClose) throws Exception { ++ ++ Thread t = new Thread("ClientThread") { ++ ++ @Override ++ public void run() { ++ try { ++ Thread.sleep(1000); // Give server time to finish setup. ++ ++ sslSocket = (SSLSocket) sslc.getSocketFactory(). ++ createSocket("localhost", port); ++ OutputStream os = sslSocket.getOutputStream(); ++ InputStream is = sslSocket.getInputStream(); ++ ++ // write(byte[]) goes in one shot. ++ os.write(clientMsg); ++ ++ byte[] inbound = new byte[2048]; ++ int pos = 0; ++ ++ int len; ++done: ++ while ((len = is.read(inbound, pos, 2048 - pos)) != -1) { ++ pos += len; ++ // Let the client do the closing. ++ if ((pos == serverMsg.length) && !serverClose) { ++ sslSocket.close(); ++ break done; ++ } ++ } ++ ++ if (pos != serverMsg.length) { ++ throw new Exception("Client: Data length error"); ++ } ++ ++ for (int i = 0; i < serverMsg.length; i++) { ++ if (inbound[i] != serverMsg[i]) { ++ throw new Exception("Client: Data content error"); ++ } ++ } ++ } catch (Exception e) { ++ clientException = e; ++ } ++ } ++ }; ++ t.start(); ++ return t; ++ } ++ ++ /* ++ * Using the SSLContext created during object creation, ++ * create/configure the SSLEngines we'll use for this test. ++ */ ++ private void createSSLEngine() throws Exception { ++ /* ++ * Configure the serverEngine to act as a server in the SSL/TLS ++ * handshake. ++ */ ++ serverEngine = sslc.createSSLEngine(); ++ serverEngine.setUseClientMode(false); ++ serverEngine.getNeedClientAuth(); ++ } ++ ++ /* ++ * Create and size the buffers appropriately. ++ */ ++ private void createBuffers(boolean direct) { ++ ++ SSLSession session = serverEngine.getSession(); ++ int appBufferMax = session.getApplicationBufferSize(); ++ int netBufferMax = session.getPacketBufferSize(); ++ ++ /* ++ * We'll make the input buffers a bit bigger than the max needed ++ * size, so that unwrap()s following a successful data transfer ++ * won't generate BUFFER_OVERFLOWS. ++ * ++ * We'll use a mix of direct and indirect ByteBuffers for ++ * tutorial purposes only. In reality, only use direct ++ * ByteBuffers when they give a clear performance enhancement. ++ */ ++ if (direct) { ++ serverIn = ByteBuffer.allocateDirect(appBufferMax + 50); ++ cTOs = ByteBuffer.allocateDirect(netBufferMax); ++ sTOc = ByteBuffer.allocateDirect(netBufferMax); ++ } else { ++ serverIn = ByteBuffer.allocate(appBufferMax + 50); ++ cTOs = ByteBuffer.allocate(netBufferMax); ++ sTOc = ByteBuffer.allocate(netBufferMax); ++ } ++ ++ serverOut = ByteBuffer.wrap(serverMsg); ++ } ++ ++ /* ++ * If the result indicates that we have outstanding tasks to do, ++ * go ahead and run them in this thread. ++ */ ++ private static void runDelegatedTasks(SSLEngineResult result, ++ SSLEngine engine) throws Exception { ++ ++ if (result.getHandshakeStatus() == HandshakeStatus.NEED_TASK) { ++ Runnable runnable; ++ while ((runnable = engine.getDelegatedTask()) != null) { ++ log("\trunning delegated task..."); ++ runnable.run(); ++ } ++ HandshakeStatus hsStatus = engine.getHandshakeStatus(); ++ if (hsStatus == HandshakeStatus.NEED_TASK) { ++ throw new Exception( ++ "handshake shouldn't need additional tasks"); ++ } ++ log("\tnew HandshakeStatus: " + hsStatus); ++ } ++ } ++ ++ private static boolean isEngineClosed(SSLEngine engine) { ++ return (engine.isOutboundDone() && engine.isInboundDone()); ++ } ++ ++ /* ++ * Logging code ++ */ ++ private static boolean resultOnce = true; ++ ++ private static void log(String str, SSLEngineResult result) { ++ if (!logging) { ++ return; ++ } ++ if (resultOnce) { ++ resultOnce = false; ++ System.out.println("The format of the SSLEngineResult is: \n" ++ + "\t\"getStatus() / getHandshakeStatus()\" +\n" ++ + "\t\"bytesConsumed() / bytesProduced()\"\n"); ++ } ++ HandshakeStatus hsStatus = result.getHandshakeStatus(); ++ log(str ++ + result.getStatus() + "/" + hsStatus + ", " ++ + result.bytesConsumed() + "/" + result.bytesProduced() ++ + " bytes"); ++ if (hsStatus == HandshakeStatus.FINISHED) { ++ log("\t...ready for application data"); ++ } ++ } ++ ++ private static void log(String str) { ++ if (logging) { ++ System.out.println(str); ++ } ++ } ++}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/openjdk/oj51-pr2187-sync_4873188.patch Thu Jan 22 00:48:41 2015 +0000 @@ -0,0 +1,58 @@ +# HG changeset patch +# User andrew +# Date 1421870534 0 +# Wed Jan 21 20:02:14 2015 +0000 +# Node ID bbff2a7acd335d23a7946a1b7eedd42946946311 +# Parent 7fc691671bf07fe00940e02452235f711e50112e +OPENJDK6-51: Sync patch for 4873188 with 7 version +Reviewed-by: omajid + +diff -r 7fc691671bf0 -r bbff2a7acd33 src/share/classes/sun/security/ssl/CipherBox.java +--- openjdk/jdk/src/share/classes/sun/security/ssl/CipherBox.java Tue Jan 20 03:06:20 2015 +0000 ++++ openjdk/jdk/src/share/classes/sun/security/ssl/CipherBox.java Wed Jan 21 20:02:14 2015 +0000 +@@ -500,10 +500,9 @@ + byte[] buf = null; + int limit = bb.limit(); + if (bb.hasArray()) { +- int arrayOffset = bb.arrayOffset(); + buf = bb.array(); +- System.arraycopy(buf, arrayOffset + pos + blockSize, +- buf, arrayOffset + pos, limit - pos - blockSize); ++ System.arraycopy(buf, pos + blockSize, ++ buf, pos, limit - pos - blockSize); + bb.limit(limit - blockSize); + } else { + buf = new byte[limit - pos - blockSize]; +diff -r 7fc691671bf0 -r bbff2a7acd33 src/share/classes/sun/security/ssl/SSLEngineImpl.java +--- openjdk/jdk/src/share/classes/sun/security/ssl/SSLEngineImpl.java Tue Jan 20 03:06:20 2015 +0000 ++++ openjdk/jdk/src/share/classes/sun/security/ssl/SSLEngineImpl.java Wed Jan 21 20:02:14 2015 +0000 +@@ -1261,6 +1261,14 @@ + writer.writeRecord(eor, ea, writeMAC, writeCipher); + + /* ++ * turn off the flag of the first application record if we really ++ * consumed at least byte. ++ */ ++ if (isFirstAppOutputRecord && ea.deltaApp() > 0) { ++ isFirstAppOutputRecord = false; ++ } ++ ++ /* + * We only need to check the sequence number state for + * non-handshaking record. + * +@@ -1279,14 +1287,6 @@ + } + } + +- /* +- * turn off the flag of the first application record if we really +- * consumed at least byte. +- */ +- if (isFirstAppOutputRecord && ea.deltaApp() > 0) { +- isFirstAppOutputRecord = false; +- } +- + return hsStatus; + } +
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/openjdk/oj52-pr2185-no_serbia_montenegro.patch Thu Jan 22 00:48:41 2015 +0000 @@ -0,0 +1,73 @@ +# HG changeset patch +# User andrew +# Date 1421873872 0 +# Wed Jan 21 20:57:52 2015 +0000 +# Node ID 31845b0edbd16232f26c266f1f79729fb83a6975 +# Parent 41b13b19b58f4945f18828e8a7ecf35c3a12a596 +OPENJDK6-52: Application of 6786276 introduces compatibility issue +Summary: Add back ISO-3166 code CS and adjust LocaleTest to account for the extra country. +Reviewed-by: omajid + +diff -r 41b13b19b58f -r 31845b0edbd1 src/share/classes/java/util/LocaleISOData.java +--- openjdk/jdk/src/share/classes/java/util/LocaleISOData.java Wed Jan 21 20:27:18 2015 +0000 ++++ openjdk/jdk/src/share/classes/java/util/LocaleISOData.java Wed Jan 21 20:57:52 2015 +0000 +@@ -275,7 +275,7 @@ + + "CN" + "CHN" // China, People's Republic of + + "CO" + "COL" // Colombia, Republic of + + "CR" + "CRI" // Costa Rica, Republic of +-// + "CS" + "SCG" // Serbia and Montenegro ++ + "CS" + "SCG" // Serbia and Montenegro + + "CU" + "CUB" // Cuba, Republic of + + "CV" + "CPV" // Cape Verde, Republic of + + "CW" + "CUW" // Cura\u00e7ao +diff -r 41b13b19b58f -r 31845b0edbd1 test/java/util/Locale/Bug6786276.java +--- /dev/null Thu Jan 01 00:00:00 1970 +0000 ++++ openjdk/jdk/test/java/util/Locale/Bug6786276.java Wed Jan 21 20:57:52 2015 +0000 +@@ -0,0 +1,47 @@ ++/* ++ * Copyright 2015 Red Hat, Inc. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++/* ++ * @test ++ * @bug 6786276 ++ * @summary Verify that the ISO-3166 code for Serbia & Montenegro is still present ++ */ ++ ++import java.util.Arrays; ++import java.util.Locale; ++ ++public class Bug6786276 ++{ ++ public static void main(String[] args) ++ { ++ String[] localeCodes = Locale.getISOCountries(); ++ System.err.println("Locale codes: " + Arrays.toString(localeCodes)); ++ int serbiaMontenegro = Arrays.binarySearch(localeCodes, "CS"); ++ if (serbiaMontenegro >= 0) { ++ System.out.println("Serbia & Montenegro ISO code present, index " ++ + serbiaMontenegro); ++ } else { ++ System.out.println("Serbia & Montenegro ISO code not present"); ++ throw new RuntimeException("Serbia & Montenegro ISO code not present."); ++ } ++ } ++}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/openjdk/oj53-pr2181-strict_aliasing_on_ppc32.patch Thu Jan 22 00:48:41 2015 +0000 @@ -0,0 +1,25 @@ +diff -Nru openjdk.orig/jdk/make/common/Defs-linux.gmk openjdk/jdk/make/common/Defs-linux.gmk +--- openjdk.orig/jdk/make/common/Defs-linux.gmk 2015-01-21 21:25:32.000282631 +0000 ++++ openjdk/jdk/make/common/Defs-linux.gmk 2015-01-21 21:27:09.061441927 +0000 +@@ -115,7 +115,7 @@ + CFLAGS_REQUIRED_m68k += + CFLAGS_REQUIRED_mips += + CFLAGS_REQUIRED_mipsel += -D_LITTLE_ENDIAN +-CFLAGS_REQUIRED_ppc += -m32 ++CFLAGS_REQUIRED_ppc += -m32 -fsigned-char -D_BIG_ENDIAN + CFLAGS_REQUIRED_ppc64 += -m64 + CFLAGS_REQUIRED_s390 += + CFLAGS_REQUIRED_s390x += -m64 +@@ -160,11 +160,7 @@ + # + # Misc compiler options + # +-ifeq ($(ARCH),ppc) +- CFLAGS_COMMON = -fsigned-char +-else # ARCH +- CFLAGS_COMMON = -fno-strict-aliasing +-endif # ARCH ++CFLAGS_COMMON = -fno-strict-aliasing + PIC_CODE_LARGE = -fPIC + PIC_CODE_SMALL = -fpic + GLOBAL_KPIC = $(PIC_CODE_LARGE)
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/openjdk/oj54-pr2182-6911104_reintroduces_test_fragment.patch Thu Jan 22 00:48:41 2015 +0000 @@ -0,0 +1,15 @@ +diff -r 7fc691671bf0 test/sun/tools/common/CommonSetup.sh +--- openjdk/jdk/test/sun/tools/common/CommonSetup.sh Tue Jan 20 03:06:20 2015 +0000 ++++ openjdk/jdk/test/sun/tools/common/CommonSetup.sh Wed Jan 21 01:23:27 2015 +0000 +@@ -111,11 +111,6 @@ + PS=";" + isWindows=true + ;; +- CYGWIN* ) +- PS=";" +- OS="Windows" +- isCygwin=true +- ;; + * ) + isUnknownOS=true + ;;