Mercurial > hg > release > icedtea8-forest-3.0 > jdk
changeset 11680:3334efeacd83 icedtea-3.0.0
PR2888: OpenJDK should check for system cacerts database (e.g. /etc/pki/java/cacerts)
author | andrew |
---|---|
date | Fri, 01 Apr 2016 06:04:05 +0100 |
parents | 6b81fd2227d1 |
children | 4a8297aeb8a9 |
files | src/share/classes/sun/security/ssl/TrustManagerFactoryImpl.java src/share/classes/sun/security/tools/KeyStoreUtil.java |
diffstat | 2 files changed, 20 insertions(+), 10 deletions(-) [+] |
line wrap: on
line diff
--- a/src/share/classes/sun/security/ssl/TrustManagerFactoryImpl.java Fri Apr 01 05:33:37 2016 +0100 +++ b/src/share/classes/sun/security/ssl/TrustManagerFactoryImpl.java Fri Apr 01 06:04:05 2016 +0100 @@ -174,15 +174,20 @@ storeFile = new File(storeFileName); fis = getFileInputStream(storeFile); } else { - String javaHome = props.get("javaHome"); - storeFile = new File(javaHome + sep + "lib" + sep - + "security" + sep + - "jssecacerts"); + /* Check system cacerts DB first; /etc/pki/java/cacerts */ + storeFile = new File(sep + "etc" + sep + "pki" + sep + + "java" + sep + "cacerts"); if ((fis = getFileInputStream(storeFile)) == null) { + String javaHome = props.get("javaHome"); storeFile = new File(javaHome + sep + "lib" + sep - + "security" + sep + - "cacerts"); - fis = getFileInputStream(storeFile); + + "security" + sep + + "jssecacerts"); + if ((fis = getFileInputStream(storeFile)) == null) { + storeFile = new File(javaHome + sep + "lib" + sep + + "security" + sep + + "cacerts"); + fis = getFileInputStream(storeFile); + } } }
--- a/src/share/classes/sun/security/tools/KeyStoreUtil.java Fri Apr 01 05:33:37 2016 +0100 +++ b/src/share/classes/sun/security/tools/KeyStoreUtil.java Fri Apr 01 06:04:05 2016 +0100 @@ -87,9 +87,14 @@ throws Exception { String sep = File.separator; - File file = new File(System.getProperty("java.home") + sep - + "lib" + sep + "security" + sep - + "cacerts"); + /* Check system cacerts DB first; /etc/pki/java/cacerts */ + File file = new File(sep + "etc" + sep + "pki" + sep + + "java" + sep + "cacerts"); + if (!file.exists()) { + file = new File(System.getProperty("java.home") + sep + + "lib" + sep + "security" + sep + + "cacerts"); + } if (!file.exists()) { return null; }