Mercurial > hg > icedtea9
changeset 2648:0637ff9bfd77
PR2541: Allow the user to specify the cacerts file to use
2016-03-31 Andrew John Hughes <gnu_andrew@member.fsf.org>
PR2541: Allow the user to specify the cacerts file
to use
* Makefile.am:
(uninstall-local): Delete the cacerts file.
2015-07-16 Andrew John Hughes <gnu_andrew@member.fsf.org>
PR2541: Allow the user to specify the cacerts file
to use
* INSTALL: Document --with-cacerts-file.
* Makefile.am:
(JDK_CACERTS_FILE): Replace hardcoded value with
@ALT_CACERTS_FILE@.
(install-data-local): Install the cacerts file.
* NEWS: Updated.
* acinclude.m4:
(IT_WITH_CACERTS_FILE): Allow a cacerts file to
be specified, defaulting to
${SYSTEM_JDK_DIR}/jre/lib/security/cacerts
* configure.ac:
Invoke IT_WITH_CACERTS_FILE.
| author | Andrew John Hughes <gnu_andrew@member.fsf.org> |
|---|---|
| date | Fri, 01 Apr 2016 01:37:13 +0100 |
| parents | b1d858e368bb |
| children | 03f444adc703 |
| files | ChangeLog INSTALL Makefile.am NEWS acinclude.m4 configure.ac |
| diffstat | 6 files changed, 64 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/ChangeLog Fri Apr 01 00:54:40 2016 +0100 +++ b/ChangeLog Fri Apr 01 01:37:13 2016 +0100 @@ -1,3 +1,27 @@ +2016-03-31 Andrew John Hughes <gnu_andrew@member.fsf.org> + + PR2541: Allow the user to specify the cacerts file + to use + * Makefile.am: + (uninstall-local): Delete the cacerts file. + +2015-07-16 Andrew John Hughes <gnu_andrew@member.fsf.org> + + PR2541: Allow the user to specify the cacerts file + to use + * INSTALL: Document --with-cacerts-file. + * Makefile.am: + (JDK_CACERTS_FILE): Replace hardcoded value with + @ALT_CACERTS_FILE@. + (install-data-local): Install the cacerts file. + * NEWS: Updated. + * acinclude.m4: + (IT_WITH_CACERTS_FILE): Allow a cacerts file to + be specified, defaulting to + ${SYSTEM_JDK_DIR}/jre/lib/security/cacerts + * configure.ac: + Invoke IT_WITH_CACERTS_FILE. + 2015-07-13 Andrew John Hughes <gnu_andrew@member.fsf.org> PR2523: Add executable stack markings
--- a/INSTALL Fri Apr 01 00:54:40 2016 +0100 +++ b/INSTALL Fri Apr 01 01:37:13 2016 +0100 @@ -169,6 +169,8 @@ * --with-abs-install-dir: The final install location of the j2sdk-image, for use in the SystemTap tapset. * --with-llvm-config: Specify the location of the llvm-config binary. * --with-version-suffix: Appends the given text to the JDK version output. +* --with-cacerts-file: Specify the location of a cacerts file, defaulting to + ${SYSTEM_JDK_DIR}/jre/lib/security/cacerts Other options may be supplied which enable or disable new features. These are documented fully in the relevant section below.
--- a/Makefile.am Fri Apr 01 00:54:40 2016 +0100 +++ b/Makefile.am Fri Apr 01 01:37:13 2016 +0100 @@ -88,7 +88,7 @@ VERSION_SETTINGS_FILE_BACKUP = $$(basename $(VERSION_SETTINGS_FILE)).bak -JDK_CACERTS_FILE = $(SYSTEM_JDK_DIR)/jre/lib/security/cacerts +JDK_CACERTS_FILE = @ALT_CACERTS_FILE@ CACERTS_FILE = \ `if [ -h $(JDK_CACERTS_FILE) ] ; then $(READLINK) -e $(JDK_CACERTS_FILE) ; else echo $(JDK_CACERTS_FILE); fi` @@ -2659,6 +2659,8 @@ for files in $(BUILD_SDK_DIR)/jre/lib/management/*.template; do \ $(INSTALL_DATA) $${files} $(DESTDIR)${prefix}/jre/lib/management; \ done + $(INSTALL_DATA) $(BUILD_SDK_DIR)/jre/lib/security/cacerts \ + $(DESTDIR)${prefix}/jre/lib/security $(INSTALL_DATA) $(BUILD_SDK_DIR)/jre/lib/security/java.policy \ $(DESTDIR)${prefix}/jre/lib/security $(INSTALL_DATA) $(BUILD_SDK_DIR)/jre/lib/security/java.security \ @@ -2789,6 +2791,7 @@ for files in $(BUILD_SDK_DIR)/jre/lib/management/*.template; do \ rm -vf $(DESTDIR)${prefix}/jre/lib/management/$$(basename $${files}); \ done + rm -vf $(DESTDIR)${prefix}/jre/lib/security/cacerts rm -vf $(DESTDIR)${prefix}/jre/lib/security/java.policy rm -vf $(DESTDIR)${prefix}/jre/lib/security/java.security rm -vf $(DESTDIR)${prefix}/jre/lib/security/nss.cfg
--- a/NEWS Fri Apr 01 00:54:40 2016 +0100 +++ b/NEWS Fri Apr 01 01:37:13 2016 +0100 @@ -127,6 +127,7 @@ - PR2456: Installation path for hotspot_gc.stp is wrong, due to changed j2sdk-image location - PR2459: Policy JAR files should be timestamped with the date of the policy file they hold - PR2511: Reset success following calls in LayoutManager.cpp + - PR2541: Allow the user to specify the cacerts file to use - PR2631: jvm.cfg missing for ppc64le - PR2633: s390 builds still fail as BUILD_NUM_BITS is never set - PR2675: Update ppc64le autotools infrastructure following PR2237
--- a/acinclude.m4 Fri Apr 01 00:54:40 2016 +0100 +++ b/acinclude.m4 Fri Apr 01 01:37:13 2016 +0100 @@ -2263,6 +2263,38 @@ AC_SUBST(ENABLE_HOTSPOT_CHECKSUM) ]) +AC_DEFUN_ONCE([IT_WITH_CACERTS_FILE], +[ + CACERTS_DEFAULT=${SYSTEM_JDK_DIR}/jre/lib/security/cacerts + AC_MSG_CHECKING([whether to copy a certificate authority certificates (cacerts) file]) + AC_ARG_WITH([cacerts-file], + [AS_HELP_STRING([--with-cacerts-file[[=PATH]]],specify the location of the cacerts file)], + [ + ALT_CACERTS_FILE=${withval} + ], + [ + ALT_CACERTS_FILE="yes" + ]) + AC_MSG_RESULT(${ALT_CACERTS_FILE}) + if test "x${ALT_CACERTS_FILE}" != "xno"; then + if test "x${ALT_CACERTS_FILE}" = "xyes"; then + AC_MSG_NOTICE([No cacerts file specified; using ${CACERTS_DEFAULT}]) + ALT_CACERTS_FILE=${CACERTS_DEFAULT} ; + fi + AC_MSG_CHECKING([if $ALT_CACERTS_FILE is a valid keystore file]) + if test -f "${ALT_CACERTS_FILE}" && \ + ${FILE} ${ALT_CACERTS_FILE} | ${GREP} 'Java KeyStore' >&AS_MESSAGE_LOG_FD 2>&1; then + AC_MSG_RESULT([yes]) + else + AC_MSG_RESULT([no]) + AC_MSG_WARN([No valid cacerts file found; one won't be passed to the OpenJDK build]) + ALT_CACERTS_FILE="no" + fi + fi + AM_CONDITIONAL(USE_ALT_CACERTS_FILE, test "x${ALT_CACERTS_FILE}" != "xno") + AC_SUBST(ALT_CACERTS_FILE) +]) + AC_DEFUN_ONCE([IT_ENABLE_NASHORN_CHECKSUM], [ AC_REQUIRE([IT_WITH_NASHORN_SRC_ZIP])