OpenJDK / jdk / jdk
changeset 26042:3c9e4f896414
Merge
| author | lana |
|---|---|
| date | Thu, 28 Aug 2014 14:54:07 -0700 |
| parents | 34ff581349ea ca1b8bdbe663 |
| children | 6d67910f057c |
| files | jdk/.hgtags jdk/make/src/classes/build/tools/addtorestrictedpkgs/AddToRestrictedPkgs.java jdk/src/demo/share/jfc/Font2DTest/resources/TextResources.properties jdk/src/demo/share/jfc/Font2DTest/resources/TextResources_de.properties jdk/src/demo/share/jfc/Font2DTest/resources/TextResources_en.properties jdk/src/demo/share/jfc/Font2DTest/resources/TextResources_en_GB.properties jdk/src/demo/share/jfc/Font2DTest/resources/TextResources_ja.properties jdk/src/demo/share/jfc/Font2DTest/resources/TextResources_ko.properties jdk/src/demo/share/jfc/Font2DTest/resources/TextResources_zh_CN.properties jdk/src/demo/share/jfc/Font2DTest/resources/resource.data jdk/src/java.base/share/conf/security/java.security-aix jdk/src/java.base/share/conf/security/java.security-linux jdk/src/java.base/share/conf/security/java.security-macosx jdk/src/java.base/share/conf/security/java.security-solaris jdk/src/java.base/share/conf/security/java.security-windows jdk/test/sun/tools/jps/jps-Defaults.sh jdk/test/sun/tools/jps/jps-V_2.sh jdk/test/sun/tools/jps/jps-V_Output2.awk jdk/test/sun/tools/jps/jps-Vm_2.sh jdk/test/sun/tools/jps/jps-Vm_Output2.awk jdk/test/sun/tools/jps/jps-Vvm.sh jdk/test/sun/tools/jps/jps-Vvm_Output1.awk jdk/test/sun/tools/jps/jps-Vvml.sh jdk/test/sun/tools/jps/jps-Vvml_2.sh jdk/test/sun/tools/jps/jps-Vvml_Output1.awk jdk/test/sun/tools/jps/jps-Vvml_Output2.awk jdk/test/sun/tools/jps/jps-help.sh jdk/test/sun/tools/jps/jps-l_1.sh jdk/test/sun/tools/jps/jps-l_2.sh jdk/test/sun/tools/jps/jps-l_Output1.awk jdk/test/sun/tools/jps/jps-l_Output2.awk jdk/test/sun/tools/jps/jps-lm.sh jdk/test/sun/tools/jps/jps-lm_Output1.awk jdk/test/sun/tools/jps/jps-m.sh jdk/test/sun/tools/jps/jps-m_2.sh jdk/test/sun/tools/jps/jps-m_Output1.awk jdk/test/sun/tools/jps/jps-m_Output2.awk jdk/test/sun/tools/jps/jps-q.sh jdk/test/sun/tools/jps/jps-q_Output1.awk jdk/test/sun/tools/jps/jps-v_1.sh jdk/test/sun/tools/jps/jps-v_Output1.awk jdk/test/sun/tools/jps/jps-vm_1.sh jdk/test/sun/tools/jps/jps-vm_Output1.awk jdk/test/sun/tools/jps/jps_Output1.awk jdk/test/sun/tools/jps/vmflags |
| diffstat | 392 files changed, 14349 insertions(+), 9350 deletions(-) [+] |
line wrap: on
line diff
--- a/jdk/make/CopyIntoClasses.gmk Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/make/CopyIntoClasses.gmk Thu Aug 28 14:54:07 2014 -0700 @@ -164,15 +164,15 @@ ################################################################################ ifneq ($(OPENJDK_TARGET_OS), macosx) - OPENJDK_TARGET_OS_FLAVORMAP_PROPERTIES = $(JDK_TOPDIR)/src/$(OPENJDK_TARGET_OS_API_DIR)/classes/sun/awt/datatransfer/flavormap.properties + OPENJDK_TARGET_OS_FLAVORMAP_PROPERTIES = $(JDK_TOPDIR)/src/java.desktop/$(OPENJDK_TARGET_OS_API_DIR)/classes/sun/datatransfer/resources/flavormap.properties else - OPENJDK_TARGET_OS_FLAVORMAP_PROPERTIES = $(JDK_TOPDIR)/src/macosx/classes/sun/awt/datatransfer/flavormap.properties + OPENJDK_TARGET_OS_FLAVORMAP_PROPERTIES = $(JDK_TOPDIR)/src/java.desktop/macosx/classes/sun/datatransfer/resources/flavormap.properties endif -$(JDK_OUTPUTDIR)/classes/sun/awt/datatransfer/flavormap.properties: $(OPENJDK_TARGET_OS_FLAVORMAP_PROPERTIES) +$(JDK_OUTPUTDIR)/classes/sun/datatransfer/resources/flavormap.properties: $(OPENJDK_TARGET_OS_FLAVORMAP_PROPERTIES) $(install-file) -COPY_EXTRA += $(JDK_OUTPUTDIR)/classes/sun/awt/datatransfer/flavormap.properties +COPY_EXTRA += $(JDK_OUTPUTDIR)/classes/sun/datatransfer/resources/flavormap.properties ################################################################################
--- a/jdk/make/Tools.gmk Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/make/Tools.gmk Thu Aug 28 14:54:07 2014 -0700 @@ -101,6 +101,9 @@ TOOL_BLACKLISTED_CERTS = $(JAVA_SMALL) -cp $(JDK_OUTPUTDIR)/btclasses \ build.tools.blacklistedcertsconverter.BlacklistedCertsConverter +TOOL_MAKEJAVASECURITY = $(JAVA_SMALL) -cp $(JDK_OUTPUTDIR)/btclasses \ + build.tools.makejavasecurity.MakeJavaSecurity + # TODO: There are references to the jdwpgen.jar in jdk/make/netbeans/jdwpgen/build.xml # and nbproject/project.properties in the same dir. Needs to be looked at. @@ -136,9 +139,6 @@ -cp "$(JDK_OUTPUTDIR)/btclasses$(PATH_SEP)$(JDK_OUTPUTDIR)" \ build.tools.module.GenerateModulesXml -TOOL_ADDTORESTRICTEDPKGS = $(JAVA_SMALL) -cp $(JDK_OUTPUTDIR)/btclasses \ - build.tools.addtorestrictedpkgs.AddToRestrictedPkgs - ########################################################################################## # Tools needed on solaris because OBJCOPY is broken.
--- a/jdk/make/gendata/Gendata-java.base.gmk Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/make/gendata/Gendata-java.base.gmk Thu Aug 28 14:54:07 2014 -0700 @@ -62,25 +62,18 @@ ########################################################################################## -PROPS_SRC := $(JDK_TOPDIR)/src/java.base/share/conf/security/java.security-$(OPENJDK_TARGET_OS) -PROPS_DST := $(JDK_OUTPUTDIR)/lib/security/java.security - -# Optionally set this variable to a file to add extra restricted packages. -ifneq ($(RESTRICTED_PKGS_SRC), ) - - $(PROPS_DST): $(PROPS_SRC) $(RESTRICTED_PKGS_SRC) +GENDATA_JAVA_SECURITY_SRC := $(JDK_TOPDIR)/src/java.base/share/conf/security/java.security +GENDATA_JAVA_SECURITY := $(JDK_OUTPUTDIR)/lib/security/java.security + +# RESTRICTED_PKGS_SRC is optionally set in custom extension for this makefile + +$(GENDATA_JAVA_SECURITY): $(BUILD_TOOLS) $(GENDATA_JAVA_SECURITY_SRC) $(RESTRICTED_PKGS_SRC) + $(ECHO) "Generating java.security" $(MKDIR) -p $(@D) - $(TOOL_ADDTORESTRICTEDPKGS) $(PROPS_SRC) $@.tmp `$(CAT) $(RESTRICTED_PKGS_SRC) | $(TR) "\n" " "` - $(MV) $@.tmp $@ - -else - - $(PROPS_DST): $(PROPS_SRC) - $(call install-file) - -endif - -GENDATA += $(PROPS_DST) + $(TOOL_MAKEJAVASECURITY) $(GENDATA_JAVA_SECURITY_SRC) $@ $(OPENJDK_TARGET_OS) \ + $(RESTRICTED_PKGS_SRC) || exit 1 + +GENDATA += $(GENDATA_JAVA_SECURITY) ##########################################################################################
--- a/jdk/make/gensrc/GensrcLocaleDataMetaInfo.gmk Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/make/gensrc/GensrcLocaleDataMetaInfo.gmk Thu Aug 28 14:54:07 2014 -0700 @@ -1,5 +1,5 @@ # -# Copyright (c) 2011, 2013, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2011, 2014, Oracle and/or its affiliates. All rights reserved. # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. # # This code is free software; you can redistribute it and/or modify it @@ -34,7 +34,8 @@ -name "TimeZoneNames_*.java" -o -name "TimeZoneNames_*.properties" -o \ -name "LocaleNames_*.java" -o -name "LocaleNames_*.properties" -o \ -name "CurrencyNames_*.java" -o -name "CurrencyNames_*.properties" -o \ - -name "CalendarData_*.java" -o -name "CalendarData_*.properties") + -name "CalendarData_*.java" -o -name "CalendarData_*.properties" -o \ + -name "BreakIteratorInfo_*.java" -o -name "BreakIteratorRules_*.java") # Then translate the locale files into for example: FormatData_sv LOCALE_RESOURCES := $(sort $(subst .properties,,$(subst .java,,$(notdir $(LOCALE_FILES))))) @@ -86,6 +87,12 @@ #sun.text.resources.CollationData $(eval $(call CaptureLocale,CollationData)) +#sun.text.resources.BreakIteratorInfo +$(eval $(call CaptureLocale,BreakIteratorInfo)) + +#sun.text.resources.BreakIteratorRules +$(eval $(call CaptureLocale,BreakIteratorRules)) + #sun.util.resources.TimeZoneNames $(eval $(call CaptureLocale,TimeZoneNames))
--- a/jdk/make/lib/Awt2dLibraries.gmk Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/make/lib/Awt2dLibraries.gmk Thu Aug 28 14:54:07 2014 -0700 @@ -973,7 +973,6 @@ # ifeq ($(OPENJDK_TARGET_OS), macosx) - LIBSPLASHSCREEN_CFLAGS += -F/System/Library/Frameworks/JavaVM.framework/Frameworks LIBSPLASHSCREEN_CFLAGS += -DWITH_MACOSX LIBSPLASHSCREEN_CFLAGS += -I$(JDK_TOPDIR)/src/java.desktop/macosx/native/libosxapp
--- a/jdk/make/src/classes/build/tools/addtorestrictedpkgs/AddToRestrictedPkgs.java Thu Aug 21 14:16:26 2014 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,105 +0,0 @@ -/* - * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Oracle designates this - * particular file as subject to the "Classpath" exception as provided - * by Oracle in the LICENSE file that accompanied this code. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -package build.tools.addtorestrictedpkgs; - -import java.io.*; - -/** - * Adds additional packages to the package.access and package.definition - * security properties. - */ -public class AddToRestrictedPkgs { - - private static final String PKG_ACC = "package.access"; - private static final String PKG_DEF = "package.definition"; - private static final int PKG_ACC_INDENT = 15; - private static final int PKG_DEF_INDENT = 19; - - public static void main(String[] args) throws Exception { - - if (args.length < 3) { - System.err.println("Usage: java AddToRestrictedPkgs " + - "[input java.security file name] " + - "[output java.security file name] " + - "[packages ...]"); - System.exit(1); - } - - try (FileReader fr = new FileReader(args[0]); - BufferedReader br = new BufferedReader(fr); - FileWriter fw = new FileWriter(args[1]); - BufferedWriter bw = new BufferedWriter(fw)) - { - // parse the file line-by-line, looking for pkg access properties - String line = br.readLine(); - while (line != null) { - if (line.startsWith(PKG_ACC)) { - writePackages(br, bw, line, PKG_ACC_INDENT, args); - } else if (line.startsWith(PKG_DEF)) { - writePackages(br, bw, line, PKG_DEF_INDENT, args); - } else { - writeLine(bw, line); - } - line = br.readLine(); - } - bw.flush(); - } - } - - private static void writePackages(BufferedReader br, BufferedWriter bw, - String line, int numSpaces, - String[] args) throws IOException { - // parse property until EOL, not including line breaks - while (line.endsWith("\\")) { - writeLine(bw, line); - line = br.readLine(); - } - // append comma and line-break to last package - writeLine(bw, line + ",\\"); - // add new packages, one per line - for (int i = 2; i < args.length - 1; i++) { - indent(bw, numSpaces); - writeLine(bw, args[i] + ",\\"); - } - indent(bw, numSpaces); - writeLine(bw, args[args.length - 1]); - } - - private static void writeLine(BufferedWriter bw, String line) - throws IOException - { - bw.write(line); - bw.newLine(); - } - - private static void indent(BufferedWriter bw, int numSpaces) - throws IOException - { - for (int i = 0; i < numSpaces; i++) { - bw.append(' '); - } - } -}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/make/src/classes/build/tools/makejavasecurity/MakeJavaSecurity.java Thu Aug 28 14:54:07 2014 -0700 @@ -0,0 +1,168 @@ +/* + * Copyright (c) 2013, 2014, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +package build.tools.makejavasecurity; + +import java.io.*; +import java.nio.file.Files; +import java.nio.file.Paths; +import java.util.*; + +/** + * Builds the java.security file, including + * + * 1. Adds additional packages to the package.access and + * package.definition security properties. + * 2. Filter out platform-unrelated parts + * + * In order to easily maintain platform-related entries, every item + * (including the last line) in package.access and package.definition + * MUST end with ',\'. A blank line MUST exist after the last line. + */ +public class MakeJavaSecurity { + + private static final String PKG_ACC = "package.access"; + private static final String PKG_DEF = "package.definition"; + private static final int PKG_ACC_INDENT = 15; + private static final int PKG_DEF_INDENT = 19; + + public static void main(String[] args) throws Exception { + + if (args.length < 3) { + System.err.println("Usage: java MakeJavaSecurity " + + "[input java.security file name] " + + "[output java.security file name] " + + "[openjdk target os] " + + "[more restricted packages file name?]"); + System.exit(1); + } + + // more restricted packages + List<String> extraLines; + if (args.length == 4) { + extraLines = Files.readAllLines(Paths.get(args[3])); + } else { + extraLines = Collections.emptyList(); + } + + List<String> lines = new ArrayList<>(); + + // read raw java.security and add more restricted packages + try (FileReader fr = new FileReader(args[0]); + BufferedReader br = new BufferedReader(fr)) { + // looking for pkg access properties + String line = br.readLine(); + while (line != null) { + if (line.startsWith(PKG_ACC)) { + addPackages(br, lines, line, PKG_ACC_INDENT, extraLines); + } else if (line.startsWith(PKG_DEF)) { + addPackages(br, lines, line, PKG_DEF_INDENT, extraLines); + } else { + lines.add(line); + } + line = br.readLine(); + } + } + + // Filter out platform-unrelated ones. We only support + // #ifdef, #ifndef, and #endif. + int mode = 0; // 0: out of block, 1: in match, 2: in non-match + Iterator<String> iter = lines.iterator(); + while (iter.hasNext()) { + String line = iter.next(); + if (line.startsWith("#endif")) { + mode = 0; + iter.remove(); + } else if (line.startsWith("#ifdef ")) { + mode = line.endsWith(args[2])?1:2; + iter.remove(); + } else if (line.startsWith("#ifndef ")) { + mode = line.endsWith(args[2])?2:1; + iter.remove(); + } else { + if (mode == 2) iter.remove(); + } + } + + // Update .tbd to .1, .2, etc. + Map<String,Integer> count = new HashMap<>(); + for (int i=0; i<lines.size(); i++) { + String line = lines.get(i); + int index = line.indexOf(".tbd"); + if (index >= 0) { + String prefix = line.substring(0, index); + int n = count.getOrDefault(prefix, 1); + count.put(prefix, n+1); + lines.set(i, prefix + "." + n + line.substring(index+4)); + } + } + + // Clean up the last line of PKG_ACC and PKG_DEF blocks. + // Not really necessary since a blank line follows. + boolean inBlock = false; + for (int i=0; i<lines.size(); i++) { + String line = lines.get(i); + if (line.startsWith(PKG_ACC) || line.startsWith(PKG_DEF)) { + inBlock = true; + } + if (inBlock) { + if (line.isEmpty()) { + String lastLine = lines.get(i-1); + lines.set(i-1, lastLine.substring(0, lastLine.length()-2)); + inBlock = false; + } + } + } + + Files.write(Paths.get(args[1]), lines); + } + + private static void addPackages(BufferedReader br, List<String> lines, + String line, int numSpaces, + List<String> args) throws IOException { + // parse property until EOL, not including line breaks + boolean first = true; + while (!line.isEmpty()) { + if (!line.startsWith("#")) { + if (!line.endsWith(",\\") || + (!first && line.contains("="))) { + throw new IOException("Invalid line: " + line); + } + } + lines.add(line); + line = br.readLine(); + first = false; + } + // add new packages, one per line + for (String arg: args) { + if (arg.startsWith("#")) { + lines.add(arg); + } else { + lines.add(String.format("%"+numSpaces+"s", "") + arg + ",\\"); + } + } + lines.add(line); + } +}
--- a/jdk/src/demo/share/jfc/Font2DTest/resources/TextResources.properties Thu Aug 21 14:16:26 2014 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,1 +0,0 @@ -string=This is Java 2D! (Default)
--- a/jdk/src/demo/share/jfc/Font2DTest/resources/TextResources_de.properties Thu Aug 21 14:16:26 2014 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,1 +0,0 @@ -string=This is Java 2D! (German) \u00f6 \u00df \u00dc
--- a/jdk/src/demo/share/jfc/Font2DTest/resources/TextResources_en.properties Thu Aug 21 14:16:26 2014 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,1 +0,0 @@ -string=This is Java 2D! (English) A B C
--- a/jdk/src/demo/share/jfc/Font2DTest/resources/TextResources_en_GB.properties Thu Aug 21 14:16:26 2014 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,1 +0,0 @@ -string=This is Java 2D! (English in Great Britain) \u0075 \u006b Z
--- a/jdk/src/demo/share/jfc/Font2DTest/resources/TextResources_ja.properties Thu Aug 21 14:16:26 2014 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,1 +0,0 @@ -string=Java 2D\u3067\u3059\u3002(\u30C7\u30D5\u30A9\u30EB\u30C8)
--- a/jdk/src/demo/share/jfc/Font2DTest/resources/TextResources_ko.properties Thu Aug 21 14:16:26 2014 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,1 +0,0 @@ -string=This is Java 2D! (Korean)
--- a/jdk/src/demo/share/jfc/Font2DTest/resources/TextResources_zh_CN.properties Thu Aug 21 14:16:26 2014 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,1 +0,0 @@ -string=\u8FD9\u662F Java 2D! (\u9ED8\u8BA4\u503C)
--- a/jdk/src/demo/share/jfc/Font2DTest/resources/resource.data Thu Aug 21 14:16:26 2014 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,5 +0,0 @@ -en US -en GB -ko KO -ab KO -de DE
--- a/jdk/src/java.base/share/classes/java/lang/Class.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/share/classes/java/lang/Class.java Thu Aug 28 14:54:07 2014 -0700 @@ -1322,7 +1322,7 @@ // (for anonymous classes): 1 or more digits. // Since getSimpleBinaryName() will strip the binary name of - // the immediatly enclosing class, we are now looking at a + // the immediately enclosing class, we are now looking at a // string that matches the regular expression "\$[0-9]*" // followed by a simple name (considering the simple of an // anonymous class to be the empty string).
--- a/jdk/src/java.base/share/classes/java/lang/ClassLoader.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/share/classes/java/lang/ClassLoader.java Thu Aug 28 14:54:07 2014 -0700 @@ -205,7 +205,7 @@ } /** - * Registers the given class loader type as parallel capabale. + * Registers the given class loader type as parallel capable. * Returns {@code true} is successfully registered; {@code false} if * loader's super class is not registered. */ @@ -832,7 +832,7 @@ { int len = b.remaining(); - // Use byte[] if not a direct ByteBufer: + // Use byte[] if not a direct ByteBuffer: if (!b.isDirect()) { if (b.hasArray()) { return defineClass(name, b.array(),
--- a/jdk/src/java.base/share/classes/java/lang/StringCoding.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/share/classes/java/lang/StringCoding.java Thu Aug 28 14:54:07 2014 -0700 @@ -196,19 +196,19 @@ static char[] decode(Charset cs, byte[] ba, int off, int len) { // (1)We never cache the "external" cs, the only benefit of creating // an additional StringDe/Encoder object to wrap it is to share the - // de/encode() method. These SD/E objects are short-lifed, the young-gen - // gc should be able to take care of them well. But the best approash + // de/encode() method. These SD/E objects are short-lived, the young-gen + // gc should be able to take care of them well. But the best approach // is still not to generate them if not really necessary. // (2)The defensive copy of the input byte/char[] has a big performance // impact, as well as the outgoing result byte/char[]. Need to do the // optimization check of (sm==null && classLoader0==null) for both. // (3)getClass().getClassLoader0() is expensive // (4)There might be a timing gap in isTrusted setting. getClassLoader0() - // is only chcked (and then isTrusted gets set) when (SM==null). It is + // is only checked (and then isTrusted gets set) when (SM==null). It is // possible that the SM==null for now but then SM is NOT null later // when safeTrim() is invoked...the "safe" way to do is to redundant // check (... && (isTrusted || SM == null || getClassLoader0())) in trim - // but it then can be argued that the SM is null when the opertaion + // but it then can be argued that the SM is null when the operation // is started... CharsetDecoder cd = cs.newDecoder(); int en = scale(len, cd.maxCharsPerByte());
--- a/jdk/src/java.base/share/classes/java/lang/System.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/share/classes/java/lang/System.java Thu Aug 28 14:54:07 2014 -0700 @@ -1193,7 +1193,7 @@ // Setup Java signal handlers for HUP, TERM, and INT (where available). Terminator.setup(); - // Initialize any miscellenous operating system settings that need to be + // Initialize any miscellaneous operating system settings that need to be // set for the class libraries. Currently this is no-op everywhere except // for Windows where the process-wide error mode is set before the java.io // classes are used.
--- a/jdk/src/java.base/share/classes/java/lang/Throwable.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/share/classes/java/lang/Throwable.java Thu Aug 28 14:54:07 2014 -0700 @@ -139,7 +139,7 @@ * {@linkplain #setStackTrace(StackTraceElement[]) Setting the * stack trace} to a one-element array containing this sentinel * value indicates future attempts to set the stack trace will be - * ignored. The sentinal is equal to the result of calling:<br> + * ignored. The sentinel is equal to the result of calling:<br> * {@code new StackTraceElement("", "", null, Integer.MIN_VALUE)} */ public static final StackTraceElement STACK_TRACE_ELEMENT_SENTINEL =
--- a/jdk/src/java.base/share/classes/java/lang/invoke/InnerClassLambdaMetafactory.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/share/classes/java/lang/invoke/InnerClassLambdaMetafactory.java Thu Aug 28 14:54:07 2014 -0700 @@ -98,7 +98,7 @@ private final String implMethodClassName; // Name of type containing implementation "CC" private final String implMethodName; // Name of implementation method "impl" private final String implMethodDesc; // Type descriptor for implementation methods "(I)Ljava/lang/String;" - private final Class<?> implMethodReturnClass; // class for implementaion method return type "Ljava/lang/String;" + private final Class<?> implMethodReturnClass; // class for implementation method return type "Ljava/lang/String;" private final MethodType constructorType; // Generated class constructor type "(CC)void" private final ClassWriter cw; // ASM class writer private final String[] argNames; // Generated names for the constructor arguments
--- a/jdk/src/java.base/share/classes/java/lang/invoke/InvokerBytecodeGenerator.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/share/classes/java/lang/invoke/InvokerBytecodeGenerator.java Thu Aug 28 14:54:07 2014 -0700 @@ -209,7 +209,7 @@ throw new InternalError("observed CP placeholder twice: " + cpPlaceholder); } // insert placeholder in CP and remember the patch - int index = cw.newConst((Object) cpPlaceholder); // TODO check if aready in the constant pool + int index = cw.newConst((Object) cpPlaceholder); // TODO check if already in the constant pool cpPatches.put(cpPlaceholder, new CpPatch(index, cpPlaceholder, arg)); return cpPlaceholder; }
--- a/jdk/src/java.base/share/classes/java/lang/invoke/Invokers.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/share/classes/java/lang/invoke/Invokers.java Thu Aug 28 14:54:07 2014 -0700 @@ -37,7 +37,7 @@ * @author jrose */ class Invokers { - // exact type (sans leading taget MH) for the outgoing call + // exact type (sans leading target MH) for the outgoing call private final MethodType targetType; // FIXME: Get rid of the invokers that are not useful.
--- a/jdk/src/java.base/share/classes/java/lang/invoke/MemberName.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/share/classes/java/lang/invoke/MemberName.java Thu Aug 28 14:54:07 2014 -0700 @@ -59,7 +59,7 @@ * and properly use the named member. * <p> * When resolved, a member name's internal implementation may include references to JVM metadata. - * This representation is stateless and only decriptive. + * This representation is stateless and only descriptive. * It provides no private information and no capability to use the member. * <p> * By contrast, a {@linkplain java.lang.reflect.Method} contains fuller information
--- a/jdk/src/java.base/share/classes/java/lang/invoke/MethodHandle.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/share/classes/java/lang/invoke/MethodHandle.java Thu Aug 28 14:54:07 2014 -0700 @@ -679,7 +679,7 @@ * This method provides the crucial behavioral difference between * {@link #invokeExact invokeExact} and plain, inexact {@link #invoke invoke}. * The two methods - * perform the same steps when the caller's type descriptor exactly m atches + * perform the same steps when the caller's type descriptor exactly matches * the callee's, but when the types differ, plain {@link #invoke invoke} * also calls {@code asType} (or some internal equivalent) in order * to match up the caller's and callee's types.
--- a/jdk/src/java.base/share/classes/java/lang/invoke/MethodHandleImpl.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/share/classes/java/lang/invoke/MethodHandleImpl.java Thu Aug 28 14:54:07 2014 -0700 @@ -621,7 +621,7 @@ } /** - * The LambaForm shape for catchException combinator is the following: + * The LambdaForm shape for catchException combinator is the following: * <blockquote><pre>{@code * guardWithCatch=Lambda(a0:L,a1:L,a2:L)=>{ * t3:L=BoundMethodHandle$Species_LLLLL.argL0(a0:L); @@ -702,7 +702,7 @@ MethodType type = target.type(); LambdaForm form = makeGuardWithCatchForm(type.basicType()); - // Prepare auxiliary method handles used during LambdaForm interpreation. + // Prepare auxiliary method handles used during LambdaForm interpretation. // Box arguments and wrap them into Object[]: ValueConversions.array(). MethodType varargsType = type.changeReturnType(Object[].class); MethodHandle collectArgs = ValueConversions.varargsArray(type.parameterCount())
--- a/jdk/src/java.base/share/classes/java/lang/invoke/MethodHandleNatives.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/share/classes/java/lang/invoke/MethodHandleNatives.java Thu Aug 28 14:54:07 2014 -0700 @@ -509,7 +509,7 @@ /** * Is this method a caller-sensitive method? - * I.e., does it call Reflection.getCallerClass or a similer method + * I.e., does it call Reflection.getCallerClass or a similar method * to ask about the identity of its caller? */ static boolean isCallerSensitive(MemberName mem) {
--- a/jdk/src/java.base/share/classes/java/lang/reflect/AccessibleObject.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/share/classes/java/lang/reflect/AccessibleObject.java Thu Aug 28 14:54:07 2014 -0700 @@ -78,7 +78,7 @@ * object is a {@link Constructor} object for the class {@link * java.lang.Class}). In the event of such a SecurityException, the * accessibility of objects is set to {@code flag} for array elements - * upto (and excluding) the element for which the exception occurred; the + * up to (and excluding) the element for which the exception occurred; the * accessibility of elements beyond (and including) the element for which * the exception occurred is unchanged. *
--- a/jdk/src/java.base/share/classes/java/lang/reflect/Constructor.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/share/classes/java/lang/reflect/Constructor.java Thu Aug 28 14:54:07 2014 -0700 @@ -544,15 +544,33 @@ */ @Override public AnnotatedType getAnnotatedReceiverType() { - if (getDeclaringClass().getEnclosingClass() == null) - return super.getAnnotatedReceiverType(); + Class<?> thisDeclClass = getDeclaringClass(); + Class<?> enclosingClass = thisDeclClass.getEnclosingClass(); + + if (enclosingClass == null) { + // A Constructor for a top-level class + return null; + } + Class<?> outerDeclaringClass = thisDeclClass.getDeclaringClass(); + if (outerDeclaringClass == null) { + // A constructor for a local or anonymous class + return null; + } + + // Either static nested or inner class + if (Modifier.isStatic(thisDeclClass.getModifiers())) { + // static nested + return null; + } + + // A Constructor for an inner class return TypeAnnotationParser.buildAnnotatedType(getTypeAnnotationBytes0(), sun.misc.SharedSecrets.getJavaLangAccess(). - getConstantPool(getDeclaringClass()), + getConstantPool(thisDeclClass), this, - getDeclaringClass(), - getDeclaringClass().getEnclosingClass(), + thisDeclClass, + enclosingClass, TypeAnnotation.TypeAnnotationTarget.METHOD_RECEIVER); } }
--- a/jdk/src/java.base/share/classes/java/lang/reflect/Executable.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/share/classes/java/lang/reflect/Executable.java Thu Aug 28 14:54:07 2014 -0700 @@ -585,21 +585,24 @@ /** * Returns an {@code AnnotatedType} object that represents the use of a * type to specify the receiver type of the method/constructor represented - * by this Executable object. The receiver type of a method/constructor is - * available only if the method/constructor has a <em>receiver - * parameter</em> (JLS 8.4.1). + * by this {@code Executable} object. * - * If this {@code Executable} object represents a constructor or instance - * method that does not have a receiver parameter, or has a receiver - * parameter with no annotations on its type, then the return value is an - * {@code AnnotatedType} object representing an element with no + * The receiver type of a method/constructor is available only if the + * method/constructor has a receiver parameter (JLS 8.4.1). If this {@code + * Executable} object <em>represents an instance method or represents a + * constructor of an inner member class</em>, and the + * method/constructor <em>either</em> has no receiver parameter or has a + * receiver parameter with no annotations on its type, then the return + * value is an {@code AnnotatedType} object representing an element with no * annotations. * - * If this {@code Executable} object represents a static method, then the - * return value is null. + * If this {@code Executable} object represents a static method or + * represents a constructor of a top level, static member, local, or + * anoymous class, then the return value is null. * * @return an object representing the receiver type of the method or - * constructor represented by this {@code Executable} + * constructor represented by this {@code Executable} or {@code null} if + * this {@code Executable} can not have a receiver parameter */ public AnnotatedType getAnnotatedReceiverType() { if (Modifier.isStatic(this.getModifiers()))
--- a/jdk/src/java.base/share/classes/java/lang/reflect/Parameter.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/share/classes/java/lang/reflect/Parameter.java Thu Aug 28 14:54:07 2014 -0700 @@ -173,7 +173,7 @@ * a name. */ public String getName() { - // Note: empty strings as paramete names are now outlawed. + // Note: empty strings as parameter names are now outlawed. // The .equals("") is for compatibility with current JVM // behavior. It may be removed at some point. if(name == null || name.equals(""))
--- a/jdk/src/java.base/share/classes/java/security/SecureRandom.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/share/classes/java/security/SecureRandom.java Thu Aug 28 14:54:07 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -39,15 +39,16 @@ * * <p>A cryptographically strong random number * minimally complies with the statistical random number generator tests - * specified in <a href="http://csrc.nist.gov/cryptval/140-2.htm"> + * specified in + * <a href="http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf"> * <i>FIPS 140-2, Security Requirements for Cryptographic Modules</i></a>, * section 4.9.1. * Additionally, SecureRandom must produce non-deterministic output. * Therefore any seed material passed to a SecureRandom object must be * unpredictable, and all SecureRandom output sequences must be * cryptographically strong, as described in - * <a href="http://www.ietf.org/rfc/rfc1750.txt"> - * <i>RFC 1750: Randomness Recommendations for Security</i></a>. + * <a href="http://tools.ietf.org/html/rfc4086"> + * <i>RFC 4086: Randomness Requirements for Security</i></a>. * * <p>A caller obtains a SecureRandom instance via the * no-argument constructor or one of the {@code getInstance} methods:
--- a/jdk/src/java.base/share/classes/java/time/Duration.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/share/classes/java/time/Duration.java Thu Aug 28 14:54:07 2014 -0700 @@ -388,19 +388,21 @@ Matcher matcher = PATTERN.matcher(text); if (matcher.matches()) { // check for letter T but no time sections - if ("T".equals(matcher.group(3)) == false) { - boolean negate = "-".equals(matcher.group(1)); - String dayMatch = matcher.group(2); - String hourMatch = matcher.group(4); - String minuteMatch = matcher.group(5); - String secondMatch = matcher.group(6); - String fractionMatch = matcher.group(7); - if (dayMatch != null || hourMatch != null || minuteMatch != null || secondMatch != null) { - long daysAsSecs = parseNumber(text, dayMatch, SECONDS_PER_DAY, "days"); - long hoursAsSecs = parseNumber(text, hourMatch, SECONDS_PER_HOUR, "hours"); - long minsAsSecs = parseNumber(text, minuteMatch, SECONDS_PER_MINUTE, "minutes"); - long seconds = parseNumber(text, secondMatch, 1, "seconds"); - int nanos = parseFraction(text, fractionMatch, seconds < 0 ? -1 : 1); + if (!charMatch(text, matcher.start(3), matcher.end(3), 'T')) { + boolean negate = charMatch(text, matcher.start(1), matcher.end(1), '-'); + + int dayStart = matcher.start(2), dayEnd = matcher.end(2); + int hourStart = matcher.start(4), hourEnd = matcher.end(4); + int minuteStart = matcher.start(5), minuteEnd = matcher.end(5); + int secondStart = matcher.start(6), secondEnd = matcher.end(6); + int fractionStart = matcher.start(7), fractionEnd = matcher.end(7); + + if (dayStart >= 0 || hourStart >= 0 || minuteStart >= 0 || secondStart >= 0) { + long daysAsSecs = parseNumber(text, dayStart, dayEnd, SECONDS_PER_DAY, "days"); + long hoursAsSecs = parseNumber(text, hourStart, hourEnd, SECONDS_PER_HOUR, "hours"); + long minsAsSecs = parseNumber(text, minuteStart, minuteEnd, SECONDS_PER_MINUTE, "minutes"); + long seconds = parseNumber(text, secondStart, secondEnd, 1, "seconds"); + int nanos = parseFraction(text, fractionStart, fractionEnd, seconds < 0 ? -1 : 1); try { return create(negate, daysAsSecs, hoursAsSecs, minsAsSecs, seconds, nanos); } catch (ArithmeticException ex) { @@ -412,27 +414,37 @@ throw new DateTimeParseException("Text cannot be parsed to a Duration", text, 0); } - private static long parseNumber(CharSequence text, String parsed, int multiplier, String errorText) { + private static boolean charMatch(CharSequence text, int start, int end, char c) { + return (start >= 0 && end == start + 1 && text.charAt(start) == c); + } + + private static long parseNumber(CharSequence text, int start, int end, int multiplier, String errorText) { // regex limits to [-+]?[0-9]+ - if (parsed == null) { + if (start < 0 || end < 0) { return 0; } try { - long val = Long.parseLong(parsed); + long val = Long.parseLong(text, 10, start, end); return Math.multiplyExact(val, multiplier); } catch (NumberFormatException | ArithmeticException ex) { throw (DateTimeParseException) new DateTimeParseException("Text cannot be parsed to a Duration: " + errorText, text, 0).initCause(ex); } } - private static int parseFraction(CharSequence text, String parsed, int negate) { + private static int parseFraction(CharSequence text, int start, int end, int negate) { // regex limits to [0-9]{0,9} - if (parsed == null || parsed.length() == 0) { + if (start < 0 || end < 0 || end - start == 0) { return 0; } try { - parsed = (parsed + "000000000").substring(0, 9); - return Integer.parseInt(parsed) * negate; + int fraction = Integer.parseInt(text, 10, start, end); + + // for number strings smaller than 9 digits, interpret as if there + // were trailing zeros + for (int i = end - start; i < 9; i++) { + fraction *= 10; + } + return fraction * negate; } catch (NumberFormatException | ArithmeticException ex) { throw (DateTimeParseException) new DateTimeParseException("Text cannot be parsed to a Duration: fraction", text, 0).initCause(ex); }
--- a/jdk/src/java.base/share/classes/java/time/Period.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/share/classes/java/time/Period.java Thu Aug 28 14:54:07 2014 -0700 @@ -329,17 +329,17 @@ Objects.requireNonNull(text, "text"); Matcher matcher = PATTERN.matcher(text); if (matcher.matches()) { - int negate = ("-".equals(matcher.group(1)) ? -1 : 1); - String yearMatch = matcher.group(2); - String monthMatch = matcher.group(3); - String weekMatch = matcher.group(4); - String dayMatch = matcher.group(5); - if (yearMatch != null || monthMatch != null || dayMatch != null || weekMatch != null) { + int negate = (charMatch(text, matcher.start(1), matcher.end(1), '-') ? -1 : 1); + int yearStart = matcher.start(2), yearEnd = matcher.end(2); + int monthStart = matcher.start(3), monthEnd = matcher.end(3); + int weekStart = matcher.start(4), weekEnd = matcher.end(4); + int dayStart = matcher.start(5), dayEnd = matcher.end(5); + if (yearStart >= 0 || monthStart >= 0 || weekStart >= 0 || dayStart >= 0) { try { - int years = parseNumber(text, yearMatch, negate); - int months = parseNumber(text, monthMatch, negate); - int weeks = parseNumber(text, weekMatch, negate); - int days = parseNumber(text, dayMatch, negate); + int years = parseNumber(text, yearStart, yearEnd, negate); + int months = parseNumber(text, monthStart, monthEnd, negate); + int weeks = parseNumber(text, weekStart, weekEnd, negate); + int days = parseNumber(text, dayStart, dayEnd, negate); days = Math.addExact(days, Math.multiplyExact(weeks, 7)); return create(years, months, days); } catch (NumberFormatException ex) { @@ -350,11 +350,15 @@ throw new DateTimeParseException("Text cannot be parsed to a Period", text, 0); } - private static int parseNumber(CharSequence text, String str, int negate) { - if (str == null) { + private static boolean charMatch(CharSequence text, int start, int end, char c) { + return (start >= 0 && end == start + 1 && text.charAt(start) == c); + } + + private static int parseNumber(CharSequence text, int start, int end, int negate) { + if (start < 0 || end < 0) { return 0; } - int val = Integer.parseInt(str); + int val = Integer.parseInt(text, 10, start, end); try { return Math.multiplyExact(val, negate); } catch (ArithmeticException ex) {
--- a/jdk/src/java.base/share/classes/java/util/JapaneseImperialCalendar.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/share/classes/java/util/JapaneseImperialCalendar.java Thu Aug 28 14:54:07 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -38,20 +38,20 @@ import sun.util.calendar.ZoneInfo; /** - * <code>JapaneseImperialCalendar</code> implements a Japanese + * {@code JapaneseImperialCalendar} implements a Japanese * calendar system in which the imperial era-based year numbering is * supported from the Meiji era. The following are the eras supported * by this calendar system. - * <pre><tt> + * <pre>{@code * ERA value Era name Since (in Gregorian) * ------------------------------------------------------ * 0 N/A N/A - * 1 Meiji 1868-01-01 midnight local time - * 2 Taisho 1912-07-30 midnight local time - * 3 Showa 1926-12-25 midnight local time - * 4 Heisei 1989-01-08 midnight local time + * 1 Meiji 1868-01-01T00:00:00 local time + * 2 Taisho 1912-07-30T00:00:00 local time + * 3 Showa 1926-12-25T00:00:00 local time + * 4 Heisei 1989-01-08T00:00:00 local time * ------------------------------------------------------ - * </tt></pre> + * }</pre> * * <p><code>ERA</code> value 0 specifies the years before Meiji and * the Gregorian year values are used. Unlike {@link @@ -63,6 +63,31 @@ * with time differences for applying the era transitions. This * calendar implementation assumes local time for all transitions. * + * <p>A new era can be specified using property + * jdk.calendar.japanese.supplemental.era. The new era is added to the + * predefined eras. The syntax of the property is as follows. + * <p><pre> + * {@code name=<name>,abbr=<abbr>,since=<time['u']>} + * </pre> + * where + * <dl> + * <dt>{@code <name>:}<dd>the full name of the new era (non-ASCII characters allowed) + * <dt>{@code <abbr>:}<dd>the abbreviation of the new era (non-ASCII characters allowed) + * <dt>{@code <time['u']>:}<dd>the start time of the new era represented by + * milliseconds from 1970-01-01T00:00:00 local time or UTC if {@code 'u'} is + * appended to the milliseconds value. (ASCII digits only) + * </dl> + * + * <p>If the given era is invalid, such as the since value before the + * beginning of the last predefined era, the given era will be + * ignored. + * + * <p>The following is an example of the property usage. + * <p><pre> + * java -Djdk.calendar.japanese.supplemental.era="name=NewEra,abbr=N,since=253374307200000" + * </pre> + * The property specifies an era change to NewEra at 9999-02-11T00:00:00 local time. + * * @author Masayoshi Okutsu * @since 1.6 */ @@ -102,7 +127,6 @@ public static final int HEISEI = 4; private static final int EPOCH_OFFSET = 719163; // Fixed date of January 1, 1970 (Gregorian) - private static final int EPOCH_YEAR = 1970; // Useful millisecond constants. Although ONE_DAY and ONE_WEEK can fit // into ints, they must be longs in order to prevent arithmetic overflow @@ -111,7 +135,6 @@ private static final int ONE_MINUTE = 60*ONE_SECOND; private static final int ONE_HOUR = 60*ONE_MINUTE; private static final long ONE_DAY = 24*ONE_HOUR; - private static final long ONE_WEEK = 7*ONE_DAY; // Reference to the sun.util.calendar.LocalGregorianCalendar instance (singleton). private static final LocalGregorianCalendar jcal @@ -217,6 +240,7 @@ }; // Proclaim serialization compatibility with JDK 1.6 + @SuppressWarnings("FieldNameHidesFieldInSuperclass") private static final long serialVersionUID = -3364572813905467929L; static { @@ -340,6 +364,7 @@ * <code>false</code> otherwise. * @see Calendar#compareTo(Calendar) */ + @Override public boolean equals(Object obj) { return obj instanceof JapaneseImperialCalendar && super.equals(obj); @@ -349,6 +374,7 @@ * Generates the hash code for this * <code>JapaneseImperialCalendar</code> object. */ + @Override public int hashCode() { return super.hashCode() ^ jdate.hashCode(); } @@ -381,6 +407,7 @@ * or if any calendar fields have out-of-range values in * non-lenient mode. */ + @Override public void add(int field, int amount) { // If amount == 0, do nothing even the given field is out of // range. This is tested by JCK. @@ -509,6 +536,7 @@ } } + @Override public void roll(int field, boolean up) { roll(field, up ? +1 : -1); } @@ -533,6 +561,7 @@ * @see #add(int,int) * @see #set(int,int) */ + @Override public void roll(int field, int amount) { // If amount == 0, do nothing even the given field is out of // range. This is tested by JCK.
--- a/jdk/src/java.base/share/classes/java/util/StringJoiner.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/share/classes/java/util/StringJoiner.java Thu Aug 28 14:54:07 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2013, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -24,6 +24,9 @@ */ package java.util; +import sun.misc.JavaLangAccess; +import sun.misc.SharedSecrets; + /** * {@code StringJoiner} is used to construct a sequence of characters separated * by a delimiter and optionally starting with a supplied prefix @@ -67,22 +70,24 @@ private final String delimiter; private final String suffix; - /* - * StringBuilder value -- at any time, the characters constructed from the - * prefix, the added element separated by the delimiter, but without the - * suffix, so that we can more easily add elements without having to jigger - * the suffix each time. - */ - private StringBuilder value; + /** Contains all the string components added so far. */ + private String[] elts; + + /** The number of string components added so far. */ + private int size; - /* - * By default, the string consisting of prefix+suffix, returned by - * toString(), or properties of value, when no elements have yet been added, - * i.e. when it is empty. This may be overridden by the user to be some - * other value including the empty String. + /** Total length in chars so far, excluding prefix and suffix. */ + private int len; + + /** + * When overriden by the user to be non-null via {@link setEmptyValue}, the + * string returned by toString() when no elements have yet been added. + * When null, prefix + suffix is used as the empty value. */ private String emptyValue; + private static final JavaLangAccess jla = SharedSecrets.getJavaLangAccess(); + /** * Constructs a {@code StringJoiner} with no characters in it, with no * {@code prefix} or {@code suffix}, and a copy of the supplied @@ -125,7 +130,6 @@ this.prefix = prefix.toString(); this.delimiter = delimiter.toString(); this.suffix = suffix.toString(); - this.emptyValue = this.prefix + this.suffix; } /** @@ -148,29 +152,44 @@ return this; } + private static int getChars(String s, char[] chars, int start) { + int len = s.length(); + s.getChars(0, len, chars, start); + return len; + } + /** * Returns the current value, consisting of the {@code prefix}, the values * added so far separated by the {@code delimiter}, and the {@code suffix}, * unless no elements have been added in which case, the - * {@code prefix + suffix} or the {@code emptyValue} characters are returned + * {@code prefix + suffix} or the {@code emptyValue} characters are returned. * * @return the string representation of this {@code StringJoiner} */ @Override public String toString() { - if (value == null) { + final String[] elts = this.elts; + if (elts == null && emptyValue != null) { return emptyValue; - } else { - if (suffix.equals("")) { - return value.toString(); - } else { - int initialLength = value.length(); - String result = value.append(suffix).toString(); - // reset value to pre-append initialLength - value.setLength(initialLength); - return result; + } + final int size = this.size; + final int addLen = prefix.length() + suffix.length(); + if (addLen == 0) { + compactElts(); + return size == 0 ? "" : elts[0]; + } + final String delimiter = this.delimiter; + final char[] chars = new char[len + addLen]; + int k = getChars(prefix, chars, 0); + if (size > 0) { + k += getChars(elts[0], chars, k); + for (int i = 1; i < size; i++) { + k += getChars(delimiter, chars, k); + k += getChars(elts[i], chars, k); } } + k += getChars(suffix, chars, k); + return jla.newStringUnsafe(chars); } /** @@ -182,7 +201,16 @@ * @return a reference to this {@code StringJoiner} */ public StringJoiner add(CharSequence newElement) { - prepareBuilder().append(newElement); + final String elt = String.valueOf(newElement); + if (elts == null) { + elts = new String[8]; + } else { + if (size == elts.length) + elts = Arrays.copyOf(elts, 2 * size); + len += delimiter.length(); + } + len += elt.length(); + elts[size++] = elt; return this; } @@ -207,24 +235,25 @@ */ public StringJoiner merge(StringJoiner other) { Objects.requireNonNull(other); - if (other.value != null) { - final int length = other.value.length(); - // lock the length so that we can seize the data to be appended - // before initiate copying to avoid interference, especially when - // merge 'this' - StringBuilder builder = prepareBuilder(); - builder.append(other.value, other.prefix.length(), length); + if (other.elts == null) { + return this; } - return this; + other.compactElts(); + return add(other.elts[0]); } - private StringBuilder prepareBuilder() { - if (value != null) { - value.append(delimiter); - } else { - value = new StringBuilder().append(prefix); + private void compactElts() { + if (size > 1) { + final char[] chars = new char[len]; + int i = 1, k = getChars(elts[0], chars, 0); + do { + k += getChars(delimiter, chars, k); + k += getChars(elts[i], chars, k); + elts[i] = null; + } while (++i < size); + size = 1; + elts[0] = jla.newStringUnsafe(chars); } - return value; } /** @@ -238,10 +267,7 @@ * @return the length of the current value of {@code StringJoiner} */ public int length() { - // Remember that we never actually append the suffix unless we return - // the full (present) value or some sub-string or length of it, so that - // we can add on more if we need to. - return (value != null ? value.length() + suffix.length() : - emptyValue.length()); + return (size == 0 && emptyValue != null) ? emptyValue.length() : + len + prefix.length() + suffix.length(); } }
--- a/jdk/src/java.base/share/classes/javax/security/auth/Subject.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/share/classes/javax/security/auth/Subject.java Thu Aug 28 14:54:07 2014 -0700 @@ -182,21 +182,20 @@ * {@code AuthPermission("modifyPublicCredentials")}. * To modify the private credential Set, the caller must have * {@code AuthPermission("modifyPrivateCredentials")}. - * <p> * * @param readOnly true if the {@code Subject} is to be read-only, - * and false otherwise. <p> + * and false otherwise. * * @param principals the {@code Set} of Principals - * to be associated with this {@code Subject}. <p> + * to be associated with this {@code Subject}. * * @param pubCredentials the {@code Set} of public credentials - * to be associated with this {@code Subject}. <p> + * to be associated with this {@code Subject}. * * @param privCredentials the {@code Set} of private credentials * to be associated with this {@code Subject}. * - * @exception NullPointerException if the specified + * @throws NullPointerException if the specified * {@code principals}, {@code pubCredentials}, * or {@code privCredentials} are {@code null}, * or a null value exists within any of these three @@ -233,10 +232,11 @@ * Also, once a {@code Subject} is read-only, * it can not be reset to being writable again. * - * <p> - * - * @exception SecurityException if the caller does not have permission - * to set this {@code Subject} to be read-only. + * @throws SecurityException if a security manager is installed and the + * caller does not have an + * {@link AuthPermission#AuthPermission(String) + * AuthPermission("setReadOnly")} permission to set this + * {@code Subject} to be read-only. */ public void setReadOnly() { java.lang.SecurityManager sm = System.getSecurityManager(); @@ -250,8 +250,6 @@ /** * Query whether this {@code Subject} is read-only. * - * <p> - * * @return true if this {@code Subject} is read-only, false otherwise. */ public boolean isReadOnly() { @@ -267,8 +265,6 @@ * In this situation, the most recent {@code Subject} associated * with the {@code AccessControlContext} is returned. * - * <p> - * * @param acc the {@code AccessControlContext} from which to retrieve * the {@code Subject}. * @@ -277,10 +273,13 @@ * if no {@code Subject} is associated * with the provided {@code AccessControlContext}. * - * @exception SecurityException if the caller does not have permission - * to get the {@code Subject}. <p> + * @throws SecurityException if a security manager is installed and the + * caller does not have an + * {@link AuthPermission#AuthPermission(String) + * AuthPermission("getSubject")} permission to get the + * {@code Subject}. * - * @exception NullPointerException if the provided + * @throws NullPointerException if the provided * {@code AccessControlContext} is {@code null}. */ public static Subject getSubject(final AccessControlContext acc) { @@ -321,26 +320,27 @@ * passing it the provided {@code PrivilegedAction}, * as well as the newly constructed {@code AccessControlContext}. * - * <p> - * * @param subject the {@code Subject} that the specified * {@code action} will run as. This parameter - * may be {@code null}. <p> + * may be {@code null}. * * @param <T> the type of the value returned by the PrivilegedAction's * {@code run} method. * * @param action the code to be run as the specified - * {@code Subject}. <p> + * {@code Subject}. * * @return the value returned by the PrivilegedAction's * {@code run} method. * - * @exception NullPointerException if the {@code PrivilegedAction} - * is {@code null}. <p> + * @throws NullPointerException if the {@code PrivilegedAction} + * is {@code null}. * - * @exception SecurityException if the caller does not have permission - * to invoke this method. + * @throws SecurityException if a security manager is installed and the + * caller does not have an + * {@link AuthPermission#AuthPermission(String) + * AuthPermission("doAs")} permission to invoke this + * method. */ public static <T> T doAs(final Subject subject, final java.security.PrivilegedAction<T> action) { @@ -377,31 +377,32 @@ * passing it the provided {@code PrivilegedExceptionAction}, * as well as the newly constructed {@code AccessControlContext}. * - * <p> - * * @param subject the {@code Subject} that the specified * {@code action} will run as. This parameter - * may be {@code null}. <p> + * may be {@code null}. * * @param <T> the type of the value returned by the * PrivilegedExceptionAction's {@code run} method. * * @param action the code to be run as the specified - * {@code Subject}. <p> + * {@code Subject}. * * @return the value returned by the * PrivilegedExceptionAction's {@code run} method. * - * @exception PrivilegedActionException if the + * @throws PrivilegedActionException if the * {@code PrivilegedExceptionAction.run} - * method throws a checked exception. <p> + * method throws a checked exception. * - * @exception NullPointerException if the specified + * @throws NullPointerException if the specified * {@code PrivilegedExceptionAction} is - * {@code null}. <p> + * {@code null}. * - * @exception SecurityException if the caller does not have permission - * to invoke this method. + * @throws SecurityException if a security manager is installed and the + * caller does not have an + * {@link AuthPermission#AuthPermission(String) + * AuthPermission("doAs")} permission to invoke this + * method. */ public static <T> T doAs(final Subject subject, final java.security.PrivilegedExceptionAction<T> action) @@ -435,29 +436,30 @@ * this method instantiates a new {@code AccessControlContext} * with an empty collection of ProtectionDomains. * - * <p> - * * @param subject the {@code Subject} that the specified * {@code action} will run as. This parameter - * may be {@code null}. <p> + * may be {@code null}. * * @param <T> the type of the value returned by the PrivilegedAction's * {@code run} method. * * @param action the code to be run as the specified - * {@code Subject}. <p> + * {@code Subject}. * * @param acc the {@code AccessControlContext} to be tied to the - * specified <i>subject</i> and <i>action</i>. <p> + * specified <i>subject</i> and <i>action</i>. * * @return the value returned by the PrivilegedAction's * {@code run} method. * - * @exception NullPointerException if the {@code PrivilegedAction} - * is {@code null}. <p> + * @throws NullPointerException if the {@code PrivilegedAction} + * is {@code null}. * - * @exception SecurityException if the caller does not have permission - * to invoke this method. + * @throws SecurityException if a security manager is installed and the + * caller does not have a + * {@link AuthPermission#AuthPermission(String) + * AuthPermission("doAsPrivileged")} permission to invoke + * this method. */ public static <T> T doAsPrivileged(final Subject subject, final java.security.PrivilegedAction<T> action, @@ -495,34 +497,35 @@ * this method instantiates a new {@code AccessControlContext} * with an empty collection of ProtectionDomains. * - * <p> - * * @param subject the {@code Subject} that the specified * {@code action} will run as. This parameter - * may be {@code null}. <p> + * may be {@code null}. * * @param <T> the type of the value returned by the * PrivilegedExceptionAction's {@code run} method. * * @param action the code to be run as the specified - * {@code Subject}. <p> + * {@code Subject}. * * @param acc the {@code AccessControlContext} to be tied to the - * specified <i>subject</i> and <i>action</i>. <p> + * specified <i>subject</i> and <i>action</i>. * * @return the value returned by the * PrivilegedExceptionAction's {@code run} method. * - * @exception PrivilegedActionException if the + * @throws PrivilegedActionException if the * {@code PrivilegedExceptionAction.run} - * method throws a checked exception. <p> + * method throws a checked exception. * - * @exception NullPointerException if the specified + * @throws NullPointerException if the specified * {@code PrivilegedExceptionAction} is - * {@code null}. <p> + * {@code null}. * - * @exception SecurityException if the caller does not have permission - * to invoke this method. + * @throws SecurityException if a security manager is installed and the + * caller does not have a + * {@link AuthPermission#AuthPermission(String) + * AuthPermission("doAsPrivileged")} permission to invoke + * this method. */ public static <T> T doAsPrivileged(final Subject subject, final java.security.PrivilegedExceptionAction<T> action, @@ -577,9 +580,12 @@ * to the returned {@code Set} affects the internal * {@code Principal} {@code Set} as well. * - * <p> + * <p> If a security manager is installed, the caller must have a + * {@link AuthPermission#AuthPermission(String) + * AuthPermission("modifyPrincipals")} permission to modify + * the returned set, or a {@code SecurityException} will be thrown. * - * @return The {@code Set} of Principals associated with this + * @return the {@code Set} of Principals associated with this * {@code Subject}. */ public Set<Principal> getPrincipals() { @@ -600,8 +606,6 @@ * Modifications to the returned {@code Set} * will not affect the internal {@code Principal} {@code Set}. * - * <p> - * * @param <T> the type of the class modeled by {@code c} * * @param c the returned {@code Set} of Principals will all be @@ -610,8 +614,8 @@ * @return a {@code Set} of Principals that are instances of the * specified {@code Class}. * - * @exception NullPointerException if the specified {@code Class} - * is {@code null}. + * @throws NullPointerException if the specified {@code Class} + * is {@code null}. */ public <T extends Principal> Set<T> getPrincipals(Class<T> c) { @@ -632,9 +636,12 @@ * to the returned {@code Set} affects the internal public * Credential {@code Set} as well. * - * <p> + * <p> If a security manager is installed, the caller must have a + * {@link AuthPermission#AuthPermission(String) + * AuthPermission("modifyPublicCredentials")} permission to modify + * the returned set, or a {@code SecurityException} will be thrown. * - * @return A {@code Set} of public credentials held by this + * @return a {@code Set} of public credentials held by this * {@code Subject}. */ public Set<Object> getPublicCredentials() { @@ -653,20 +660,18 @@ * to the returned {@code Set} affects the internal private * Credential {@code Set} as well. * - * <p> A caller requires permissions to access the Credentials - * in the returned {@code Set}, or to modify the - * {@code Set} itself. A {@code SecurityException} - * is thrown if the caller does not have the proper permissions. + * <p> If a security manager is installed, the caller must have a + * {@link AuthPermission#AuthPermission(String) + * AuthPermission("modifyPrivateCredentials")} permission to modify + * the returned set, or a {@code SecurityException} will be thrown. * * <p> While iterating through the {@code Set}, - * a {@code SecurityException} is thrown - * if the caller does not have permission to access a - * particular Credential. The {@code Iterator} - * is nevertheless advanced to next element in the {@code Set}. + * a {@code SecurityException} is thrown if a security manager is installed + * and the caller does not have a {@link PrivateCredentialPermission} + * to access a particular Credential. The {@code Iterator} + * is nevertheless advanced to the next element in the {@code Set}. * - * <p> - * - * @return A {@code Set} of private credentials held by this + * @return a {@code Set} of private credentials held by this * {@code Subject}. */ public Set<Object> getPrivateCredentials() { @@ -695,8 +700,6 @@ * Modifications to the returned {@code Set} * will not affect the internal public Credential {@code Set}. * - * <p> - * * @param <T> the type of the class modeled by {@code c} * * @param c the returned {@code Set} of public credentials will all be @@ -705,7 +708,7 @@ * @return a {@code Set} of public credentials that are instances * of the specified {@code Class}. * - * @exception NullPointerException if the specified {@code Class} + * @throws NullPointerException if the specified {@code Class} * is {@code null}. */ public <T> Set<T> getPublicCredentials(Class<T> c) { @@ -723,9 +726,9 @@ * {@code Subject} that are instances or subclasses of the specified * {@code Class}. * - * <p> The caller must have permission to access all of the - * requested Credentials, or a {@code SecurityException} - * will be thrown. + * <p> If a security manager is installed, the caller must have a + * {@link PrivateCredentialPermission} to access all of the requested + * Credentials, or a {@code SecurityException} will be thrown. * * <p> The returned {@code Set} is not backed by this Subject's * internal private Credential {@code Set}. A new @@ -733,8 +736,6 @@ * Modifications to the returned {@code Set} * will not affect the internal private Credential {@code Set}. * - * <p> - * * @param <T> the type of the class modeled by {@code c} * * @param c the returned {@code Set} of private credentials will all be @@ -743,7 +744,7 @@ * @return a {@code Set} of private credentials that are instances * of the specified {@code Class}. * - * @exception NullPointerException if the specified {@code Class} + * @throws NullPointerException if the specified {@code Class} * is {@code null}. */ public <T> Set<T> getPrivateCredentials(Class<T> c) { @@ -772,19 +773,18 @@ * equal if their {@code Principal} and {@code Credential} * Sets are equal. * - * <p> - * * @param o Object to be compared for equality with this * {@code Subject}. * * @return true if the specified Object is equal to this * {@code Subject}. * - * @exception SecurityException if the caller does not have permission - * to access the private credentials for this {@code Subject}, - * or if the caller does not have permission to access the - * private credentials for the provided {@code Subject}. + * @throws SecurityException if a security manager is installed and the + * caller does not have a {@link PrivateCredentialPermission} + * permission to access the private credentials for this + * {@code Subject} or the provided {@code Subject}. */ + @Override public boolean equals(Object o) { if (o == null) { @@ -834,10 +834,9 @@ /** * Return the String representation of this {@code Subject}. * - * <p> - * * @return the String representation of this {@code Subject}. */ + @Override public String toString() { return toString(true); } @@ -895,13 +894,13 @@ /** * Returns a hashcode for this {@code Subject}. * - * <p> - * * @return a hashcode for this {@code Subject}. * - * @exception SecurityException if the caller does not have permission - * to access this Subject's private credentials. + * @throws SecurityException if a security manager is installed and the + * caller does not have a {@link PrivateCredentialPermission} + * permission to access this Subject's private credentials. */ + @Override public int hashCode() { /** @@ -996,7 +995,7 @@ * * @param coll A {@code Collection} to be tested for null references * - * @exception NullPointerException if the specified collection is either + * @throws NullPointerException if the specified collection is either * {@code null} or contains a {@code null} element */ private static void collectionNullClean(Collection<?> coll) { @@ -1546,7 +1545,7 @@ } } - static class AuthPermissionHolder { + static final class AuthPermissionHolder { static final AuthPermission DO_AS_PERMISSION = new AuthPermission("doAs");
--- a/jdk/src/java.base/share/classes/sun/util/calendar/Era.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/share/classes/sun/util/calendar/Era.java Thu Aug 28 14:54:07 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2005, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -41,20 +41,15 @@ * <code>CalendarDate</code>. * * <p>The following era names are defined in this release. - * <!-- TODO: use HTML table --> - * <pre><tt> + * <pre>{@code * Calendar system Era name Since (in Gregorian) * ----------------------------------------------------------------------- - * Japanese calendar Meiji 1868-01-01 midnight local time - * Taisho 1912-07-30 midnight local time - * Showa 1926-12-26 midnight local time - * Heisei 1989-01-08 midnight local time - * Julian calendar BeforeCommonEra -292275055-05-16T16:47:04.192Z - * CommonEra 0000-12-30 midnight local time - * Taiwanese calendar MinGuo 1911-01-01 midnight local time - * Thai Buddhist calendar BuddhistEra -543-01-01 midnight local time + * Japanese calendar Meiji 1868-01-01T00:00:00 local time + * Taisho 1912-07-30T00:00:00 local time + * Showa 1926-12-25T00:00:00 local time + * Heisei 1989-01-08T00:00:00 local time * ----------------------------------------------------------------------- - * </tt></pre> + * }</pre> * * @author Masayoshi Okutsu * @since 1.5
--- a/jdk/src/java.base/share/classes/sun/util/calendar/LocalGregorianCalendar.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/share/classes/sun/util/calendar/LocalGregorianCalendar.java Thu Aug 28 14:54:07 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,11 +25,7 @@ package sun.util.calendar; -import java.io.IOException; -import java.util.ArrayList; -import java.util.List; -import java.util.Properties; -import java.util.StringTokenizer; +import java.security.AccessController; import java.util.TimeZone; /** @@ -39,6 +35,28 @@ */ public class LocalGregorianCalendar extends BaseCalendar { + private static final Era[] JAPANESE_ERAS = { + new Era("Meiji", "M", -3218832000000L, true), + new Era("Taisho", "T", -1812153600000L, true), + new Era("Showa", "S", -1357603200000L, true), + new Era("Heisei", "H", 600220800000L, true), + }; + + private static boolean isValidEra(Era newEra, Era[] eras) { + Era last = eras[eras.length - 1]; + if (last.getSinceDate().getYear() >= newEra.getSinceDate().getYear()) { + return false; + } + // The new era name should be unique. Its abbr may not. + String newName = newEra.getName(); + for (Era era : eras) { + if (era.getName().equals(newName)) { + return false; + } + } + return true; + } + private String name; private Era[] eras; @@ -118,58 +136,70 @@ } static LocalGregorianCalendar getLocalGregorianCalendar(String name) { - Properties calendarProps; - try { - calendarProps = CalendarSystem.getCalendarProperties(); - } catch (IOException | IllegalArgumentException e) { - throw new InternalError(e); - } - // Parse calendar.*.eras - String props = calendarProps.getProperty("calendar." + name + ".eras"); - if (props == null) { + // Only the Japanese calendar is supported. + if (!"japanese".equals(name)) { return null; } - List<Era> eras = new ArrayList<>(); - StringTokenizer eraTokens = new StringTokenizer(props, ";"); - while (eraTokens.hasMoreTokens()) { - String items = eraTokens.nextToken().trim(); - StringTokenizer itemTokens = new StringTokenizer(items, ","); - String eraName = null; - boolean localTime = true; - long since = 0; - String abbr = null; + + // Append an era to the predefined eras if it's given by the property. + String prop = AccessController.doPrivileged( + new sun.security.action.GetPropertyAction("jdk.calendar.japanese.supplemental.era")); + if (prop != null) { + Era era = parseEraEntry(prop); + if (era != null) { + if (isValidEra(era, JAPANESE_ERAS)) { + int length = JAPANESE_ERAS.length; + Era[] eras = new Era[length + 1]; + System.arraycopy(JAPANESE_ERAS, 0, eras, 0, length); + eras[length] = era; + return new LocalGregorianCalendar(name, eras); + } + } + } + return new LocalGregorianCalendar(name, JAPANESE_ERAS); + } - while (itemTokens.hasMoreTokens()) { - String item = itemTokens.nextToken(); - int index = item.indexOf('='); - // it must be in the key=value form. - if (index == -1) { + private static Era parseEraEntry(String entry) { + String[] keyValuePairs = entry.split(","); + String eraName = null; + boolean localTime = true; + long since = 0; + String abbr = null; + + for (String item : keyValuePairs) { + String[] keyvalue = item.split("="); + if (keyvalue.length != 2) { + return null; + } + String key = keyvalue[0].trim(); + String value = keyvalue[1].trim(); + switch (key) { + case "name": + eraName = value; + break; + case "since": + if (value.endsWith("u")) { + localTime = false; + value = value.substring(0, value.length() - 1); + } + try { + since = Long.parseLong(value); + } catch (NumberFormatException e) { return null; } - String key = item.substring(0, index); - String value = item.substring(index + 1); - if ("name".equals(key)) { - eraName = value; - } else if ("since".equals(key)) { - if (value.endsWith("u")) { - localTime = false; - since = Long.parseLong(value.substring(0, value.length() - 1)); - } else { - since = Long.parseLong(value); - } - } else if ("abbr".equals(key)) { - abbr = value; - } else { - throw new RuntimeException("Unknown key word: " + key); - } + break; + case "abbr": + abbr = value; + break; + default: + return null; } - Era era = new Era(eraName, abbr, since, localTime); - eras.add(era); } - Era[] eraArray = new Era[eras.size()]; - eras.toArray(eraArray); - - return new LocalGregorianCalendar(name, eraArray); + if (eraName == null || eraName.isEmpty() + || abbr == null || abbr.isEmpty()) { + return null; + } + return new Era(eraName, abbr, since, localTime); } private LocalGregorianCalendar(String name, Era[] eras) { @@ -262,9 +292,8 @@ } private boolean validateEra(Era era) { - // Validate the era - for (int i = 0; i < eras.length; i++) { - if (era == eras[i]) { + for (Era era1 : eras) { + if (era == era1) { return true; } } @@ -333,6 +362,7 @@ } if (i >= 0) { ldate.setLocalEra(era); + @SuppressWarnings("null") int y = ldate.getNormalizedYear() - era.getSinceDate().getYear() + 1; ldate.setLocalYear(y); } else {
--- a/jdk/src/java.base/share/classes/sun/util/cldr/CLDRLocaleProviderAdapter.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/share/classes/sun/util/cldr/CLDRLocaleProviderAdapter.java Thu Aug 28 14:54:07 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -30,6 +30,7 @@ import java.security.PrivilegedAction; import java.text.spi.BreakIteratorProvider; import java.text.spi.CollatorProvider; +import java.util.Collections; import java.util.HashSet; import java.util.Locale; import java.util.ResourceBundle; @@ -102,6 +103,9 @@ @Override protected Set<String> createLanguageTagSet(String category) { ResourceBundle rb = ResourceBundle.getBundle("sun.util.cldr.CLDRLocaleDataMetaInfo", Locale.ROOT); + if (rb.containsKey(category)) { + return Collections.emptySet(); + } String supportedLocaleString = rb.getString(category); Set<String> tagset = new HashSet<>(); StringTokenizer tokens = new StringTokenizer(supportedLocaleString);
--- a/jdk/src/java.base/share/classes/sun/util/locale/provider/JRELocaleProviderAdapter.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/share/classes/sun/util/locale/provider/JRELocaleProviderAdapter.java Thu Aug 28 14:54:07 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -34,6 +34,7 @@ import java.text.spi.DateFormatSymbolsProvider; import java.text.spi.DecimalFormatSymbolsProvider; import java.text.spi.NumberFormatProvider; +import java.util.Collections; import java.util.HashSet; import java.util.Locale; import java.util.Set; @@ -356,6 +357,9 @@ protected Set<String> createLanguageTagSet(String category) { String supportedLocaleString = LocaleDataMetaInfo.getSupportedLocaleString(category); + if (supportedLocaleString == null) { + return Collections.emptySet(); + } Set<String> tagset = new HashSet<>(); StringTokenizer tokens = new StringTokenizer(supportedLocaleString); while (tokens.hasMoreTokens()) {
--- a/jdk/src/java.base/share/classes/sun/util/locale/provider/LocaleDataMetaInfo-XLocales.java.template Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/share/classes/sun/util/locale/provider/LocaleDataMetaInfo-XLocales.java.template Thu Aug 28 14:54:07 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -57,6 +57,12 @@ resourceNameToLocales.put("CollationData", " #CollationData_ENLocales# | #CollationData_NonENLocales# "); + resourceNameToLocales.put("BreakIteratorInfo", + " #BreakIteratorInfo_ENLocales# | #BreakIteratorInfo_NonENLocales# "); + + resourceNameToLocales.put("BreakIteratorRules", + " #BreakIteratorRules_ENLocales# | #BreakIteratorRules_NonENLocales# "); + resourceNameToLocales.put("TimeZoneNames", " #TimeZoneNames_ENLocales# | #TimeZoneNames_NonENLocales# ");
--- a/jdk/src/java.base/share/classes/sun/util/locale/provider/LocaleProviderAdapter.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/share/classes/sun/util/locale/provider/LocaleProviderAdapter.java Thu Aug 28 14:54:07 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -295,7 +295,7 @@ * A utility method for implementing the default LocaleServiceProvider.isSupportedLocale * for the JRE, CLDR, and FALLBACK adapters. */ - static boolean isSupportedLocale(Locale locale, LocaleProviderAdapter.Type type, Set<String> langtags) { + public static boolean isSupportedLocale(Locale locale, LocaleProviderAdapter.Type type, Set<String> langtags) { assert type == Type.JRE || type == Type.CLDR || type == Type.FALLBACK; if (Locale.ROOT.equals(locale)) { return true;
--- a/jdk/src/java.base/share/classes/sun/util/resources/LocaleData.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/share/classes/sun/util/resources/LocaleData.java Thu Aug 28 14:54:07 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -48,8 +48,11 @@ import java.util.Locale; import java.util.MissingResourceException; import java.util.ResourceBundle; +import java.util.Set; +import sun.util.locale.provider.JRELocaleProviderAdapter; import sun.util.locale.provider.LocaleDataMetaInfo; import sun.util.locale.provider.LocaleProviderAdapter; +import static sun.util.locale.provider.LocaleProviderAdapter.Type.CLDR; import static sun.util.locale.provider.LocaleProviderAdapter.Type.JRE; /** @@ -204,35 +207,23 @@ @Override public List<Locale> getCandidateLocales(String baseName, Locale locale) { List<Locale> candidates = super.getCandidateLocales(baseName, locale); - /* Get the locale string list from LocaleDataMetaInfo class. */ - String localeString = LocaleDataMetaInfo.getSupportedLocaleString(baseName); - - if (localeString != null && localeString.length() != 0) { - for (Iterator<Locale> l = candidates.iterator(); l.hasNext();) { - Locale loc = l.next(); - String lstr; - if (loc.getScript().length() > 0) { - lstr = loc.toLanguageTag().replace('-', '_'); - } else { - lstr = loc.toString(); - int idx = lstr.indexOf("_#"); - if (idx >= 0) { - lstr = lstr.substring(0, idx); - } - } - /* Every locale string in the locale string list returned from - the above getSupportedLocaleString is enclosed - within two white spaces so that we could check some locale - such as "en". - */ - if (lstr.length() != 0 && localeString.indexOf(" " + lstr + " ") == -1) { - l.remove(); + // Weed out Locales which are known to have no resource bundles + int lastDot = baseName.lastIndexOf('.'); + String category = (lastDot >= 0) ? baseName.substring(lastDot + 1) : baseName; + LocaleProviderAdapter.Type type = baseName.contains(DOTCLDR) ? CLDR : JRE; + LocaleProviderAdapter adapter = LocaleProviderAdapter.forType(type); + Set<String> langtags = ((JRELocaleProviderAdapter)adapter).getLanguageTagSet(category); + if (!langtags.isEmpty()) { + for (Iterator<Locale> itr = candidates.iterator(); itr.hasNext();) { + if (!LocaleProviderAdapter.isSupportedLocale(itr.next(), type, langtags)) { + itr.remove(); } } } + // Force fallback to Locale.ENGLISH for CLDR time zone names support if (locale.getLanguage() != "en" - && baseName.contains(CLDR) && baseName.endsWith("TimeZoneNames")) { + && type == CLDR && category.equals("TimeZoneNames")) { candidates.add(candidates.size() - 1, Locale.ENGLISH); } return candidates; @@ -254,7 +245,7 @@ return null; } - private static final String CLDR = ".cldr"; + private static final String DOTCLDR = ".cldr"; /** * Changes baseName to its per-language package name and @@ -275,8 +266,8 @@ assert JRE.getUtilResourcesPackage().length() == JRE.getTextResourcesPackage().length(); int index = JRE.getUtilResourcesPackage().length(); - if (baseName.indexOf(CLDR, index) > 0) { - index += CLDR.length(); + if (baseName.indexOf(DOTCLDR, index) > 0) { + index += DOTCLDR.length(); } newBaseName = baseName.substring(0, index + 1) + lang + baseName.substring(index);
--- a/jdk/src/java.base/share/conf/calendars.properties Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/share/conf/calendars.properties Thu Aug 28 14:54:07 2014 -0700 @@ -1,4 +1,4 @@ -# Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved. # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. # # This code is free software; you can redistribute it and/or modify it @@ -23,37 +23,6 @@ # # -# Japanese imperial calendar -# -# Meiji since 1868-01-01 00:00:00 local time (Gregorian) -# Taisho since 1912-07-30 00:00:00 local time (Gregorian) -# Showa since 1926-12-25 00:00:00 local time (Gregorian) -# Heisei since 1989-01-08 00:00:00 local time (Gregorian) -calendar.japanese.type: LocalGregorianCalendar -calendar.japanese.eras: \ - name=Meiji,abbr=M,since=-3218832000000; \ - name=Taisho,abbr=T,since=-1812153600000; \ - name=Showa,abbr=S,since=-1357603200000; \ - name=Heisei,abbr=H,since=600220800000 - -# -# Taiwanese calendar -# Minguo since 1911-01-01 00:00:00 local time (Gregorian) -calendar.taiwanese.type: LocalGregorianCalendar -calendar.taiwanese.eras: \ - name=MinGuo,since=-1830384000000 - -# -# Thai Buddhist calendar -# Buddhist Era since -542-01-01 00:00:00 local time (Gregorian) -calendar.thai-buddhist.type: LocalGregorianCalendar -calendar.thai-buddhist.eras: \ - name=BuddhistEra,abbr=B.E.,since=-79302585600000 -calendar.thai-buddhist.year-boundary: \ - day1=4-1,since=-79302585600000; \ - day1=1-1,since=-915148800000 - -# # Hijrah calendars # calendar.hijrah.Hijrah-umalqura: hijrah-config-umalqura.properties
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/src/java.base/share/conf/security/java.security Thu Aug 28 14:54:07 2014 -0700 @@ -0,0 +1,517 @@ +# +# This is the "master security properties file". +# +# An alternate java.security properties file may be specified +# from the command line via the system property +# +# -Djava.security.properties=<URL> +# +# This properties file appends to the master security properties file. +# If both properties files specify values for the same key, the value +# from the command-line properties file is selected, as it is the last +# one loaded. +# +# Also, if you specify +# +# -Djava.security.properties==<URL> (2 equals), +# +# then that properties file completely overrides the master security +# properties file. +# +# To disable the ability to specify an additional properties file from +# the command line, set the key security.overridePropertiesFile +# to false in the master security properties file. It is set to true +# by default. + +# In this file, various security properties are set for use by +# java.security classes. This is where users can statically register +# Cryptography Package Providers ("providers" for short). The term +# "provider" refers to a package or set of packages that supply a +# concrete implementation of a subset of the cryptography aspects of +# the Java Security API. A provider may, for example, implement one or +# more digital signature algorithms or message digest algorithms. +# +# Each provider must implement a subclass of the Provider class. +# To register a provider in this master security properties file, +# specify the Provider subclass name and priority in the format +# +# security.provider.<n>=<className> +# +# This declares a provider, and specifies its preference +# order n. The preference order is the order in which providers are +# searched for requested algorithms (when no specific provider is +# requested). The order is 1-based; 1 is the most preferred, followed +# by 2, and so on. +# +# <className> must specify the subclass of the Provider class whose +# constructor sets the values of various properties that are required +# for the Java Security API to look up the algorithms or other +# facilities implemented by the provider. +# +# There must be at least one provider specification in java.security. +# There is a default provider that comes standard with the JDK. It +# is called the "SUN" provider, and its Provider subclass +# named Sun appears in the sun.security.provider package. Thus, the +# "SUN" provider is registered via the following: +# +# security.provider.1=sun.security.provider.Sun +# +# (The number 1 is used for the default provider.) +# +# Note: Providers can be dynamically registered instead by calls to +# either the addProvider or insertProviderAt method in the Security +# class. + +# +# List of providers and their preference orders (see above): +# +#ifdef solaris +security.provider.tbd=com.oracle.security.ucrypto.UcryptoProvider ${java.home}/lib/security/ucrypto-solaris.cfg +security.provider.tbd=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/sunpkcs11-solaris.cfg +#endif +security.provider.tbd=sun.security.provider.Sun +security.provider.tbd=sun.security.rsa.SunRsaSign +security.provider.tbd=sun.security.ec.SunEC +security.provider.tbd=com.sun.net.ssl.internal.ssl.Provider +security.provider.tbd=com.sun.crypto.provider.SunJCE +security.provider.tbd=sun.security.jgss.SunProvider +security.provider.tbd=com.sun.security.sasl.Provider +security.provider.tbd=org.jcp.xml.dsig.internal.dom.XMLDSigRI +security.provider.tbd=sun.security.smartcardio.SunPCSC +#ifdef windows +security.provider.tbd=sun.security.mscapi.SunMSCAPI +#endif +#ifdef macosx +security.provider.tbd=apple.security.AppleProvider +#endif + +# +# Sun Provider SecureRandom seed source. +# +# Select the primary source of seed data for the "SHA1PRNG" and +# "NativePRNG" SecureRandom implementations in the "Sun" provider. +# (Other SecureRandom implementations might also use this property.) +# +# On Unix-like systems (for example, Solaris/Linux/MacOS), the +# "NativePRNG" and "SHA1PRNG" implementations obtains seed data from +# special device files such as file:/dev/random. +# +# On Windows systems, specifying the URLs "file:/dev/random" or +# "file:/dev/urandom" will enable the native Microsoft CryptoAPI seeding +# mechanism for SHA1PRNG. +# +# By default, an attempt is made to use the entropy gathering device +# specified by the "securerandom.source" Security property. If an +# exception occurs while accessing the specified URL: +# +# SHA1PRNG: +# the traditional system/thread activity algorithm will be used. +# +# NativePRNG: +# a default value of /dev/random will be used. If neither +# are available, the implementation will be disabled. +# "file" is the only currently supported protocol type. +# +# The entropy gathering device can also be specified with the System +# property "java.security.egd". For example: +# +# % java -Djava.security.egd=file:/dev/random MainClass +# +# Specifying this System property will override the +# "securerandom.source" Security property. +# +# In addition, if "file:/dev/random" or "file:/dev/urandom" is +# specified, the "NativePRNG" implementation will be more preferred than +# SHA1PRNG in the Sun provider. +# +securerandom.source=file:/dev/random + +# +# A list of known strong SecureRandom implementations. +# +# To help guide applications in selecting a suitable strong +# java.security.SecureRandom implementation, Java distributions should +# indicate a list of known strong implementations using the property. +# +# This is a comma-separated list of algorithm and/or algorithm:provider +# entries. +# +#ifdef windows +securerandom.strongAlgorithms=Windows-PRNG:SunMSCAPI,SHA1PRNG:SUN +#endif +#ifndef windows +securerandom.strongAlgorithms=NativePRNGBlocking:SUN +#endif + +# +# Class to instantiate as the javax.security.auth.login.Configuration +# provider. +# +login.configuration.provider=sun.security.provider.ConfigFile + +# +# Default login configuration file +# +#login.config.url.1=file:${user.home}/.java.login.config + +# +# Class to instantiate as the system Policy. This is the name of the class +# that will be used as the Policy object. +# +policy.provider=sun.security.provider.PolicyFile + +# The default is to have a single system-wide policy file, +# and a policy file in the user's home directory. +policy.url.1=file:${java.home}/lib/security/java.policy +policy.url.2=file:${user.home}/.java.policy + +# whether or not we expand properties in the policy file +# if this is set to false, properties (${...}) will not be expanded in policy +# files. +policy.expandProperties=true + +# whether or not we allow an extra policy to be passed on the command line +# with -Djava.security.policy=somefile. Comment out this line to disable +# this feature. +policy.allowSystemProperty=true + +# whether or not we look into the IdentityScope for trusted Identities +# when encountering a 1.1 signed JAR file. If the identity is found +# and is trusted, we grant it AllPermission. +policy.ignoreIdentityScope=false + +# +# Default keystore type. +# +keystore.type=jks + +# +# List of comma-separated packages that start with or equal this string +# will cause a security exception to be thrown when +# passed to checkPackageAccess unless the +# corresponding RuntimePermission ("accessClassInPackage."+package) has +# been granted. +package.access=sun.,\ + com.sun.xml.internal.,\ + com.sun.imageio.,\ + com.sun.istack.internal.,\ + com.sun.jmx.,\ + com.sun.media.sound.,\ + com.sun.naming.internal.,\ + com.sun.proxy.,\ + com.sun.corba.se.,\ + com.sun.org.apache.bcel.internal.,\ + com.sun.org.apache.regexp.internal.,\ + com.sun.org.apache.xerces.internal.,\ + com.sun.org.apache.xpath.internal.,\ + com.sun.org.apache.xalan.internal.extensions.,\ + com.sun.org.apache.xalan.internal.lib.,\ + com.sun.org.apache.xalan.internal.res.,\ + com.sun.org.apache.xalan.internal.templates.,\ + com.sun.org.apache.xalan.internal.utils.,\ + com.sun.org.apache.xalan.internal.xslt.,\ + com.sun.org.apache.xalan.internal.xsltc.cmdline.,\ + com.sun.org.apache.xalan.internal.xsltc.compiler.,\ + com.sun.org.apache.xalan.internal.xsltc.trax.,\ + com.sun.org.apache.xalan.internal.xsltc.util.,\ + com.sun.org.apache.xml.internal.res.,\ + com.sun.org.apache.xml.internal.security.,\ + com.sun.org.apache.xml.internal.serializer.utils.,\ + com.sun.org.apache.xml.internal.utils.,\ + com.sun.org.glassfish.,\ + com.oracle.xmlns.internal.,\ + com.oracle.webservices.internal.,\ + org.jcp.xml.dsig.internal.,\ + jdk.internal.,\ + jdk.nashorn.internal.,\ + jdk.nashorn.tools.,\ + com.sun.activation.registries.,\ +#ifdef macosx + apple.,\ +#endif + +# +# List of comma-separated packages that start with or equal this string +# will cause a security exception to be thrown when +# passed to checkPackageDefinition unless the +# corresponding RuntimePermission ("defineClassInPackage."+package) has +# been granted. +# +# by default, none of the class loaders supplied with the JDK call +# checkPackageDefinition. +# +package.definition=sun.,\ + com.sun.xml.internal.,\ + com.sun.imageio.,\ + com.sun.istack.internal.,\ + com.sun.jmx.,\ + com.sun.media.sound.,\ + com.sun.naming.internal.,\ + com.sun.proxy.,\ + com.sun.corba.se.,\ + com.sun.org.apache.bcel.internal.,\ + com.sun.org.apache.regexp.internal.,\ + com.sun.org.apache.xerces.internal.,\ + com.sun.org.apache.xpath.internal.,\ + com.sun.org.apache.xalan.internal.extensions.,\ + com.sun.org.apache.xalan.internal.lib.,\ + com.sun.org.apache.xalan.internal.res.,\ + com.sun.org.apache.xalan.internal.templates.,\ + com.sun.org.apache.xalan.internal.utils.,\ + com.sun.org.apache.xalan.internal.xslt.,\ + com.sun.org.apache.xalan.internal.xsltc.cmdline.,\ + com.sun.org.apache.xalan.internal.xsltc.compiler.,\ + com.sun.org.apache.xalan.internal.xsltc.trax.,\ + com.sun.org.apache.xalan.internal.xsltc.util.,\ + com.sun.org.apache.xml.internal.res.,\ + com.sun.org.apache.xml.internal.security.,\ + com.sun.org.apache.xml.internal.serializer.utils.,\ + com.sun.org.apache.xml.internal.utils.,\ + com.sun.org.glassfish.,\ + com.oracle.xmlns.internal.,\ + com.oracle.webservices.internal.,\ + org.jcp.xml.dsig.internal.,\ + jdk.internal.,\ + jdk.nashorn.internal.,\ + jdk.nashorn.tools.,\ + com.sun.activation.registries.,\ +#ifdef macosx + apple.,\ +#endif + +# +# Determines whether this properties file can be appended to +# or overridden on the command line via -Djava.security.properties +# +security.overridePropertiesFile=true + +# +# Determines the default key and trust manager factory algorithms for +# the javax.net.ssl package. +# +ssl.KeyManagerFactory.algorithm=SunX509 +ssl.TrustManagerFactory.algorithm=PKIX + +# +# The Java-level namelookup cache policy for successful lookups: +# +# any negative value: caching forever +# any positive value: the number of seconds to cache an address for +# zero: do not cache +# +# default value is forever (FOREVER). For security reasons, this +# caching is made forever when a security manager is set. When a security +# manager is not set, the default behavior in this implementation +# is to cache for 30 seconds. +# +# NOTE: setting this to anything other than the default value can have +# serious security implications. Do not set it unless +# you are sure you are not exposed to DNS spoofing attack. +# +#networkaddress.cache.ttl=-1 + +# The Java-level namelookup cache policy for failed lookups: +# +# any negative value: cache forever +# any positive value: the number of seconds to cache negative lookup results +# zero: do not cache +# +# In some Microsoft Windows networking environments that employ +# the WINS name service in addition to DNS, name service lookups +# that fail may take a noticeably long time to return (approx. 5 seconds). +# For this reason the default caching policy is to maintain these +# results for 10 seconds. +# +# +networkaddress.cache.negative.ttl=10 + +# +# Properties to configure OCSP for certificate revocation checking +# + +# Enable OCSP +# +# By default, OCSP is not used for certificate revocation checking. +# This property enables the use of OCSP when set to the value "true". +# +# NOTE: SocketPermission is required to connect to an OCSP responder. +# +# Example, +# ocsp.enable=true + +# +# Location of the OCSP responder +# +# By default, the location of the OCSP responder is determined implicitly +# from the certificate being validated. This property explicitly specifies +# the location of the OCSP responder. The property is used when the +# Authority Information Access extension (defined in RFC 3280) is absent +# from the certificate or when it requires overriding. +# +# Example, +# ocsp.responderURL=http://ocsp.example.net:80 + +# +# Subject name of the OCSP responder's certificate +# +# By default, the certificate of the OCSP responder is that of the issuer +# of the certificate being validated. This property identifies the certificate +# of the OCSP responder when the default does not apply. Its value is a string +# distinguished name (defined in RFC 2253) which identifies a certificate in +# the set of certificates supplied during cert path validation. In cases where +# the subject name alone is not sufficient to uniquely identify the certificate +# then both the "ocsp.responderCertIssuerName" and +# "ocsp.responderCertSerialNumber" properties must be used instead. When this +# property is set then those two properties are ignored. +# +# Example, +# ocsp.responderCertSubjectName="CN=OCSP Responder, O=XYZ Corp" + +# +# Issuer name of the OCSP responder's certificate +# +# By default, the certificate of the OCSP responder is that of the issuer +# of the certificate being validated. This property identifies the certificate +# of the OCSP responder when the default does not apply. Its value is a string +# distinguished name (defined in RFC 2253) which identifies a certificate in +# the set of certificates supplied during cert path validation. When this +# property is set then the "ocsp.responderCertSerialNumber" property must also +# be set. When the "ocsp.responderCertSubjectName" property is set then this +# property is ignored. +# +# Example, +# ocsp.responderCertIssuerName="CN=Enterprise CA, O=XYZ Corp" + +# +# Serial number of the OCSP responder's certificate +# +# By default, the certificate of the OCSP responder is that of the issuer +# of the certificate being validated. This property identifies the certificate +# of the OCSP responder when the default does not apply. Its value is a string +# of hexadecimal digits (colon or space separators may be present) which +# identifies a certificate in the set of certificates supplied during cert path +# validation. When this property is set then the "ocsp.responderCertIssuerName" +# property must also be set. When the "ocsp.responderCertSubjectName" property +# is set then this property is ignored. +# +# Example, +# ocsp.responderCertSerialNumber=2A:FF:00 + +# +# Policy for failed Kerberos KDC lookups: +# +# When a KDC is unavailable (network error, service failure, etc), it is +# put inside a blacklist and accessed less often for future requests. The +# value (case-insensitive) for this policy can be: +# +# tryLast +# KDCs in the blacklist are always tried after those not on the list. +# +# tryLess[:max_retries,timeout] +# KDCs in the blacklist are still tried by their order in the configuration, +# but with smaller max_retries and timeout values. max_retries and timeout +# are optional numerical parameters (default 1 and 5000, which means once +# and 5 seconds). Please notes that if any of the values defined here is +# more than what is defined in krb5.conf, it will be ignored. +# +# Whenever a KDC is detected as available, it is removed from the blacklist. +# The blacklist is reset when krb5.conf is reloaded. You can add +# refreshKrb5Config=true to a JAAS configuration file so that krb5.conf is +# reloaded whenever a JAAS authentication is attempted. +# +# Example, +# krb5.kdc.bad.policy = tryLast +# krb5.kdc.bad.policy = tryLess:2,2000 +krb5.kdc.bad.policy = tryLast + +# Algorithm restrictions for certification path (CertPath) processing +# +# In some environments, certain algorithms or key lengths may be undesirable +# for certification path building and validation. For example, "MD2" is +# generally no longer considered to be a secure hash algorithm. This section +# describes the mechanism for disabling algorithms based on algorithm name +# and/or key length. This includes algorithms used in certificates, as well +# as revocation information such as CRLs and signed OCSP Responses. +# +# The syntax of the disabled algorithm string is described as this Java +# BNF-style: +# DisabledAlgorithms: +# " DisabledAlgorithm { , DisabledAlgorithm } " +# +# DisabledAlgorithm: +# AlgorithmName [Constraint] +# +# AlgorithmName: +# (see below) +# +# Constraint: +# KeySizeConstraint +# +# KeySizeConstraint: +# keySize Operator DecimalInteger +# +# Operator: +# <= | < | == | != | >= | > +# +# DecimalInteger: +# DecimalDigits +# +# DecimalDigits: +# DecimalDigit {DecimalDigit} +# +# DecimalDigit: one of +# 1 2 3 4 5 6 7 8 9 0 +# +# The "AlgorithmName" is the standard algorithm name of the disabled +# algorithm. See "Java Cryptography Architecture Standard Algorithm Name +# Documentation" for information about Standard Algorithm Names. Matching +# is performed using a case-insensitive sub-element matching rule. (For +# example, in "SHA1withECDSA" the sub-elements are "SHA1" for hashing and +# "ECDSA" for signatures.) If the assertion "AlgorithmName" is a +# sub-element of the certificate algorithm name, the algorithm will be +# rejected during certification path building and validation. For example, +# the assertion algorithm name "DSA" will disable all certificate algorithms +# that rely on DSA, such as NONEwithDSA, SHA1withDSA. However, the assertion +# will not disable algorithms related to "ECDSA". +# +# A "Constraint" provides further guidance for the algorithm being specified. +# The "KeySizeConstraint" requires a key of a valid size range if the +# "AlgorithmName" is of a key algorithm. The "DecimalInteger" indicates the +# key size specified in number of bits. For example, "RSA keySize <= 1024" +# indicates that any RSA key with key size less than or equal to 1024 bits +# should be disabled, and "RSA keySize < 1024, RSA keySize > 2048" indicates +# that any RSA key with key size less than 1024 or greater than 2048 should +# be disabled. Note that the "KeySizeConstraint" only makes sense to key +# algorithms. +# +# Note: This property is currently used by Oracle's PKIX implementation. It +# is not guaranteed to be examined and used by other implementations. +# +# Example: +# jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048 +# +# +jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024 + +# Algorithm restrictions for Secure Socket Layer/Transport Layer Security +# (SSL/TLS) processing +# +# In some environments, certain algorithms or key lengths may be undesirable +# when using SSL/TLS. This section describes the mechanism for disabling +# algorithms during SSL/TLS security parameters negotiation, including cipher +# suites selection, peer authentication and key exchange mechanisms. +# +# For PKI-based peer authentication and key exchange mechanisms, this list +# of disabled algorithms will also be checked during certification path +# building and validation, including algorithms used in certificates, as +# well as revocation information such as CRLs and signed OCSP Responses. +# This is in addition to the jdk.certpath.disabledAlgorithms property above. +# +# See the specification of "jdk.certpath.disabledAlgorithms" for the +# syntax of the disabled algorithm string. +# +# Note: This property is currently used by Oracle's JSSE implementation. +# It is not guaranteed to be examined and used by other implementations. +# +# Example: +# jdk.tls.disabledAlgorithms=MD5, SHA1, DSA, RSA keySize < 2048
--- a/jdk/src/java.base/share/conf/security/java.security-aix Thu Aug 21 14:16:26 2014 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,496 +0,0 @@ -# -# This is the "master security properties file". -# -# An alternate java.security properties file may be specified -# from the command line via the system property -# -# -Djava.security.properties=<URL> -# -# This properties file appends to the master security properties file. -# If both properties files specify values for the same key, the value -# from the command-line properties file is selected, as it is the last -# one loaded. -# -# Also, if you specify -# -# -Djava.security.properties==<URL> (2 equals), -# -# then that properties file completely overrides the master security -# properties file. -# -# To disable the ability to specify an additional properties file from -# the command line, set the key security.overridePropertiesFile -# to false in the master security properties file. It is set to true -# by default. - -# In this file, various security properties are set for use by -# java.security classes. This is where users can statically register -# Cryptography Package Providers ("providers" for short). The term -# "provider" refers to a package or set of packages that supply a -# concrete implementation of a subset of the cryptography aspects of -# the Java Security API. A provider may, for example, implement one or -# more digital signature algorithms or message digest algorithms. -# -# Each provider must implement a subclass of the Provider class. -# To register a provider in this master security properties file, -# specify the Provider subclass name and priority in the format -# -# security.provider.<n>=<className> -# -# This declares a provider, and specifies its preference -# order n. The preference order is the order in which providers are -# searched for requested algorithms (when no specific provider is -# requested). The order is 1-based; 1 is the most preferred, followed -# by 2, and so on. -# -# <className> must specify the subclass of the Provider class whose -# constructor sets the values of various properties that are required -# for the Java Security API to look up the algorithms or other -# facilities implemented by the provider. -# -# There must be at least one provider specification in java.security. -# There is a default provider that comes standard with the JDK. It -# is called the "SUN" provider, and its Provider subclass -# named Sun appears in the sun.security.provider package. Thus, the -# "SUN" provider is registered via the following: -# -# security.provider.1=sun.security.provider.Sun -# -# (The number 1 is used for the default provider.) -# -# Note: Providers can be dynamically registered instead by calls to -# either the addProvider or insertProviderAt method in the Security -# class. - -# -# List of providers and their preference orders (see above): -# -security.provider.1=sun.security.provider.Sun -security.provider.2=sun.security.rsa.SunRsaSign -security.provider.3=sun.security.ec.SunEC -security.provider.4=com.sun.net.ssl.internal.ssl.Provider -security.provider.5=com.sun.crypto.provider.SunJCE -security.provider.6=sun.security.jgss.SunProvider -security.provider.7=com.sun.security.sasl.Provider -security.provider.8=org.jcp.xml.dsig.internal.dom.XMLDSigRI -security.provider.9=sun.security.smartcardio.SunPCSC - -# -# Sun Provider SecureRandom seed source. -# -# Select the primary source of seed data for the "SHA1PRNG" and -# "NativePRNG" SecureRandom implementations in the "Sun" provider. -# (Other SecureRandom implementations might also use this property.) -# -# On Unix-like systems (for example, Solaris/Linux/MacOS), the -# "NativePRNG" and "SHA1PRNG" implementations obtains seed data from -# special device files such as file:/dev/random. -# -# On Windows systems, specifying the URLs "file:/dev/random" or -# "file:/dev/urandom" will enable the native Microsoft CryptoAPI seeding -# mechanism for SHA1PRNG. -# -# By default, an attempt is made to use the entropy gathering device -# specified by the "securerandom.source" Security property. If an -# exception occurs while accessing the specified URL: -# -# SHA1PRNG: -# the traditional system/thread activity algorithm will be used. -# -# NativePRNG: -# a default value of /dev/random will be used. If neither -# are available, the implementation will be disabled. -# "file" is the only currently supported protocol type. -# -# The entropy gathering device can also be specified with the System -# property "java.security.egd". For example: -# -# % java -Djava.security.egd=file:/dev/random MainClass -# -# Specifying this System property will override the -# "securerandom.source" Security property. -# -# In addition, if "file:/dev/random" or "file:/dev/urandom" is -# specified, the "NativePRNG" implementation will be more preferred than -# SHA1PRNG in the Sun provider. -# -securerandom.source=file:/dev/random - -# -# A list of known strong SecureRandom implementations. -# -# To help guide applications in selecting a suitable strong -# java.security.SecureRandom implementation, Java distributions should -# indicate a list of known strong implementations using the property. -# -# This is a comma-separated list of algorithm and/or algorithm:provider -# entries. -# -securerandom.strongAlgorithms=NativePRNGBlocking:SUN - -# -# Class to instantiate as the javax.security.auth.login.Configuration -# provider. -# -login.configuration.provider=sun.security.provider.ConfigFile - -# -# Default login configuration file -# -#login.config.url.1=file:${user.home}/.java.login.config - -# -# Class to instantiate as the system Policy. This is the name of the class -# that will be used as the Policy object. -# -policy.provider=sun.security.provider.PolicyFile - -# The default is to have a single system-wide policy file, -# and a policy file in the user's home directory. -policy.url.1=file:${java.home}/lib/security/java.policy -policy.url.2=file:${user.home}/.java.policy - -# whether or not we expand properties in the policy file -# if this is set to false, properties (${...}) will not be expanded in policy -# files. -policy.expandProperties=true - -# whether or not we allow an extra policy to be passed on the command line -# with -Djava.security.policy=somefile. Comment out this line to disable -# this feature. -policy.allowSystemProperty=true - -# whether or not we look into the IdentityScope for trusted Identities -# when encountering a 1.1 signed JAR file. If the identity is found -# and is trusted, we grant it AllPermission. -policy.ignoreIdentityScope=false - -# -# Default keystore type. -# -keystore.type=jks - -# -# List of comma-separated packages that start with or equal this string -# will cause a security exception to be thrown when -# passed to checkPackageAccess unless the -# corresponding RuntimePermission ("accessClassInPackage."+package) has -# been granted. -package.access=sun.,\ - com.sun.xml.internal.,\ - com.sun.imageio.,\ - com.sun.istack.internal.,\ - com.sun.jmx.,\ - com.sun.media.sound.,\ - com.sun.naming.internal.,\ - com.sun.proxy.,\ - com.sun.corba.se.,\ - com.sun.org.apache.bcel.internal.,\ - com.sun.org.apache.regexp.internal.,\ - com.sun.org.apache.xerces.internal.,\ - com.sun.org.apache.xpath.internal.,\ - com.sun.org.apache.xalan.internal.extensions.,\ - com.sun.org.apache.xalan.internal.lib.,\ - com.sun.org.apache.xalan.internal.res.,\ - com.sun.org.apache.xalan.internal.templates.,\ - com.sun.org.apache.xalan.internal.utils.,\ - com.sun.org.apache.xalan.internal.xslt.,\ - com.sun.org.apache.xalan.internal.xsltc.cmdline.,\ - com.sun.org.apache.xalan.internal.xsltc.compiler.,\ - com.sun.org.apache.xalan.internal.xsltc.trax.,\ - com.sun.org.apache.xalan.internal.xsltc.util.,\ - com.sun.org.apache.xml.internal.res.,\ - com.sun.org.apache.xml.internal.security.,\ - com.sun.org.apache.xml.internal.serializer.utils.,\ - com.sun.org.apache.xml.internal.utils.,\ - com.sun.org.glassfish.,\ - com.oracle.xmlns.internal.,\ - com.oracle.webservices.internal.,\ - org.jcp.xml.dsig.internal.,\ - jdk.internal.,\ - jdk.nashorn.internal.,\ - jdk.nashorn.tools. - - -# -# List of comma-separated packages that start with or equal this string -# will cause a security exception to be thrown when -# passed to checkPackageDefinition unless the -# corresponding RuntimePermission ("defineClassInPackage."+package) has -# been granted. -# -# by default, none of the class loaders supplied with the JDK call -# checkPackageDefinition. -# -package.definition=sun.,\ - com.sun.xml.internal.,\ - com.sun.imageio.,\ - com.sun.istack.internal.,\ - com.sun.jmx.,\ - com.sun.media.sound.,\ - com.sun.naming.internal.,\ - com.sun.proxy.,\ - com.sun.corba.se.,\ - com.sun.org.apache.bcel.internal.,\ - com.sun.org.apache.regexp.internal.,\ - com.sun.org.apache.xerces.internal.,\ - com.sun.org.apache.xpath.internal.,\ - com.sun.org.apache.xalan.internal.extensions.,\ - com.sun.org.apache.xalan.internal.lib.,\ - com.sun.org.apache.xalan.internal.res.,\ - com.sun.org.apache.xalan.internal.templates.,\ - com.sun.org.apache.xalan.internal.utils.,\ - com.sun.org.apache.xalan.internal.xslt.,\ - com.sun.org.apache.xalan.internal.xsltc.cmdline.,\ - com.sun.org.apache.xalan.internal.xsltc.compiler.,\ - com.sun.org.apache.xalan.internal.xsltc.trax.,\ - com.sun.org.apache.xalan.internal.xsltc.util.,\ - com.sun.org.apache.xml.internal.res.,\ - com.sun.org.apache.xml.internal.security.,\ - com.sun.org.apache.xml.internal.serializer.utils.,\ - com.sun.org.apache.xml.internal.utils.,\ - com.sun.org.glassfish.,\ - com.oracle.xmlns.internal.,\ - com.oracle.webservices.internal.,\ - org.jcp.xml.dsig.internal.,\ - jdk.internal.,\ - jdk.nashorn.internal.,\ - jdk.nashorn.tools. - - -# -# Determines whether this properties file can be appended to -# or overridden on the command line via -Djava.security.properties -# -security.overridePropertiesFile=true - -# -# Determines the default key and trust manager factory algorithms for -# the javax.net.ssl package. -# -ssl.KeyManagerFactory.algorithm=SunX509 -ssl.TrustManagerFactory.algorithm=PKIX - -# -# The Java-level namelookup cache policy for successful lookups: -# -# any negative value: caching forever -# any positive value: the number of seconds to cache an address for -# zero: do not cache -# -# default value is forever (FOREVER). For security reasons, this -# caching is made forever when a security manager is set. When a security -# manager is not set, the default behavior in this implementation -# is to cache for 30 seconds. -# -# NOTE: setting this to anything other than the default value can have -# serious security implications. Do not set it unless -# you are sure you are not exposed to DNS spoofing attack. -# -#networkaddress.cache.ttl=-1 - -# The Java-level namelookup cache policy for failed lookups: -# -# any negative value: cache forever -# any positive value: the number of seconds to cache negative lookup results -# zero: do not cache -# -# In some Microsoft Windows networking environments that employ -# the WINS name service in addition to DNS, name service lookups -# that fail may take a noticeably long time to return (approx. 5 seconds). -# For this reason the default caching policy is to maintain these -# results for 10 seconds. -# -# -networkaddress.cache.negative.ttl=10 - -# -# Properties to configure OCSP for certificate revocation checking -# - -# Enable OCSP -# -# By default, OCSP is not used for certificate revocation checking. -# This property enables the use of OCSP when set to the value "true". -# -# NOTE: SocketPermission is required to connect to an OCSP responder. -# -# Example, -# ocsp.enable=true - -# -# Location of the OCSP responder -# -# By default, the location of the OCSP responder is determined implicitly -# from the certificate being validated. This property explicitly specifies -# the location of the OCSP responder. The property is used when the -# Authority Information Access extension (defined in RFC 3280) is absent -# from the certificate or when it requires overriding. -# -# Example, -# ocsp.responderURL=http://ocsp.example.net:80 - -# -# Subject name of the OCSP responder's certificate -# -# By default, the certificate of the OCSP responder is that of the issuer -# of the certificate being validated. This property identifies the certificate -# of the OCSP responder when the default does not apply. Its value is a string -# distinguished name (defined in RFC 2253) which identifies a certificate in -# the set of certificates supplied during cert path validation. In cases where -# the subject name alone is not sufficient to uniquely identify the certificate -# then both the "ocsp.responderCertIssuerName" and -# "ocsp.responderCertSerialNumber" properties must be used instead. When this -# property is set then those two properties are ignored. -# -# Example, -# ocsp.responderCertSubjectName="CN=OCSP Responder, O=XYZ Corp" - -# -# Issuer name of the OCSP responder's certificate -# -# By default, the certificate of the OCSP responder is that of the issuer -# of the certificate being validated. This property identifies the certificate -# of the OCSP responder when the default does not apply. Its value is a string -# distinguished name (defined in RFC 2253) which identifies a certificate in -# the set of certificates supplied during cert path validation. When this -# property is set then the "ocsp.responderCertSerialNumber" property must also -# be set. When the "ocsp.responderCertSubjectName" property is set then this -# property is ignored. -# -# Example, -# ocsp.responderCertIssuerName="CN=Enterprise CA, O=XYZ Corp" - -# -# Serial number of the OCSP responder's certificate -# -# By default, the certificate of the OCSP responder is that of the issuer -# of the certificate being validated. This property identifies the certificate -# of the OCSP responder when the default does not apply. Its value is a string -# of hexadecimal digits (colon or space separators may be present) which -# identifies a certificate in the set of certificates supplied during cert path -# validation. When this property is set then the "ocsp.responderCertIssuerName" -# property must also be set. When the "ocsp.responderCertSubjectName" property -# is set then this property is ignored. -# -# Example, -# ocsp.responderCertSerialNumber=2A:FF:00 - -# -# Policy for failed Kerberos KDC lookups: -# -# When a KDC is unavailable (network error, service failure, etc), it is -# put inside a blacklist and accessed less often for future requests. The -# value (case-insensitive) for this policy can be: -# -# tryLast -# KDCs in the blacklist are always tried after those not on the list. -# -# tryLess[:max_retries,timeout] -# KDCs in the blacklist are still tried by their order in the configuration, -# but with smaller max_retries and timeout values. max_retries and timeout -# are optional numerical parameters (default 1 and 5000, which means once -# and 5 seconds). Please notes that if any of the values defined here is -# more than what is defined in krb5.conf, it will be ignored. -# -# Whenever a KDC is detected as available, it is removed from the blacklist. -# The blacklist is reset when krb5.conf is reloaded. You can add -# refreshKrb5Config=true to a JAAS configuration file so that krb5.conf is -# reloaded whenever a JAAS authentication is attempted. -# -# Example, -# krb5.kdc.bad.policy = tryLast -# krb5.kdc.bad.policy = tryLess:2,2000 -krb5.kdc.bad.policy = tryLast - -# Algorithm restrictions for certification path (CertPath) processing -# -# In some environments, certain algorithms or key lengths may be undesirable -# for certification path building and validation. For example, "MD2" is -# generally no longer considered to be a secure hash algorithm. This section -# describes the mechanism for disabling algorithms based on algorithm name -# and/or key length. This includes algorithms used in certificates, as well -# as revocation information such as CRLs and signed OCSP Responses. -# -# The syntax of the disabled algorithm string is described as this Java -# BNF-style: -# DisabledAlgorithms: -# " DisabledAlgorithm { , DisabledAlgorithm } " -# -# DisabledAlgorithm: -# AlgorithmName [Constraint] -# -# AlgorithmName: -# (see below) -# -# Constraint: -# KeySizeConstraint -# -# KeySizeConstraint: -# keySize Operator DecimalInteger -# -# Operator: -# <= | < | == | != | >= | > -# -# DecimalInteger: -# DecimalDigits -# -# DecimalDigits: -# DecimalDigit {DecimalDigit} -# -# DecimalDigit: one of -# 1 2 3 4 5 6 7 8 9 0 -# -# The "AlgorithmName" is the standard algorithm name of the disabled -# algorithm. See "Java Cryptography Architecture Standard Algorithm Name -# Documentation" for information about Standard Algorithm Names. Matching -# is performed using a case-insensitive sub-element matching rule. (For -# example, in "SHA1withECDSA" the sub-elements are "SHA1" for hashing and -# "ECDSA" for signatures.) If the assertion "AlgorithmName" is a -# sub-element of the certificate algorithm name, the algorithm will be -# rejected during certification path building and validation. For example, -# the assertion algorithm name "DSA" will disable all certificate algorithms -# that rely on DSA, such as NONEwithDSA, SHA1withDSA. However, the assertion -# will not disable algorithms related to "ECDSA". -# -# A "Constraint" provides further guidance for the algorithm being specified. -# The "KeySizeConstraint" requires a key of a valid size range if the -# "AlgorithmName" is of a key algorithm. The "DecimalInteger" indicates the -# key size specified in number of bits. For example, "RSA keySize <= 1024" -# indicates that any RSA key with key size less than or equal to 1024 bits -# should be disabled, and "RSA keySize < 1024, RSA keySize > 2048" indicates -# that any RSA key with key size less than 1024 or greater than 2048 should -# be disabled. Note that the "KeySizeConstraint" only makes sense to key -# algorithms. -# -# Note: This property is currently used by Oracle's PKIX implementation. It -# is not guaranteed to be examined and used by other implementations. -# -# Example: -# jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048 -# -# -jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024 - -# Algorithm restrictions for Secure Socket Layer/Transport Layer Security -# (SSL/TLS) processing -# -# In some environments, certain algorithms or key lengths may be undesirable -# when using SSL/TLS. This section describes the mechanism for disabling -# algorithms during SSL/TLS security parameters negotiation, including cipher -# suites selection, peer authentication and key exchange mechanisms. -# -# For PKI-based peer authentication and key exchange mechanisms, this list -# of disabled algorithms will also be checked during certification path -# building and validation, including algorithms used in certificates, as -# well as revocation information such as CRLs and signed OCSP Responses. -# This is in addition to the jdk.certpath.disabledAlgorithms property above. -# -# See the specification of "jdk.certpath.disabledAlgorithms" for the -# syntax of the disabled algorithm string. -# -# Note: This property is currently used by Oracle's JSSE implementation. -# It is not guaranteed to be examined and used by other implementations. -# -# Example: -# jdk.tls.disabledAlgorithms=MD5, SHA1, DSA, RSA keySize < 2048
--- a/jdk/src/java.base/share/conf/security/java.security-linux Thu Aug 21 14:16:26 2014 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,496 +0,0 @@ -# -# This is the "master security properties file". -# -# An alternate java.security properties file may be specified -# from the command line via the system property -# -# -Djava.security.properties=<URL> -# -# This properties file appends to the master security properties file. -# If both properties files specify values for the same key, the value -# from the command-line properties file is selected, as it is the last -# one loaded. -# -# Also, if you specify -# -# -Djava.security.properties==<URL> (2 equals), -# -# then that properties file completely overrides the master security -# properties file. -# -# To disable the ability to specify an additional properties file from -# the command line, set the key security.overridePropertiesFile -# to false in the master security properties file. It is set to true -# by default. - -# In this file, various security properties are set for use by -# java.security classes. This is where users can statically register -# Cryptography Package Providers ("providers" for short). The term -# "provider" refers to a package or set of packages that supply a -# concrete implementation of a subset of the cryptography aspects of -# the Java Security API. A provider may, for example, implement one or -# more digital signature algorithms or message digest algorithms. -# -# Each provider must implement a subclass of the Provider class. -# To register a provider in this master security properties file, -# specify the Provider subclass name and priority in the format -# -# security.provider.<n>=<className> -# -# This declares a provider, and specifies its preference -# order n. The preference order is the order in which providers are -# searched for requested algorithms (when no specific provider is -# requested). The order is 1-based; 1 is the most preferred, followed -# by 2, and so on. -# -# <className> must specify the subclass of the Provider class whose -# constructor sets the values of various properties that are required -# for the Java Security API to look up the algorithms or other -# facilities implemented by the provider. -# -# There must be at least one provider specification in java.security. -# There is a default provider that comes standard with the JDK. It -# is called the "SUN" provider, and its Provider subclass -# named Sun appears in the sun.security.provider package. Thus, the -# "SUN" provider is registered via the following: -# -# security.provider.1=sun.security.provider.Sun -# -# (The number 1 is used for the default provider.) -# -# Note: Providers can be dynamically registered instead by calls to -# either the addProvider or insertProviderAt method in the Security -# class. - -# -# List of providers and their preference orders (see above): -# -security.provider.1=sun.security.provider.Sun -security.provider.2=sun.security.rsa.SunRsaSign -security.provider.3=sun.security.ec.SunEC -security.provider.4=com.sun.net.ssl.internal.ssl.Provider -security.provider.5=com.sun.crypto.provider.SunJCE -security.provider.6=sun.security.jgss.SunProvider -security.provider.7=com.sun.security.sasl.Provider -security.provider.8=org.jcp.xml.dsig.internal.dom.XMLDSigRI -security.provider.9=sun.security.smartcardio.SunPCSC - -# -# Sun Provider SecureRandom seed source. -# -# Select the primary source of seed data for the "SHA1PRNG" and -# "NativePRNG" SecureRandom implementations in the "Sun" provider. -# (Other SecureRandom implementations might also use this property.) -# -# On Unix-like systems (for example, Solaris/Linux/MacOS), the -# "NativePRNG" and "SHA1PRNG" implementations obtains seed data from -# special device files such as file:/dev/random. -# -# On Windows systems, specifying the URLs "file:/dev/random" or -# "file:/dev/urandom" will enable the native Microsoft CryptoAPI seeding -# mechanism for SHA1PRNG. -# -# By default, an attempt is made to use the entropy gathering device -# specified by the "securerandom.source" Security property. If an -# exception occurs while accessing the specified URL: -# -# SHA1PRNG: -# the traditional system/thread activity algorithm will be used. -# -# NativePRNG: -# a default value of /dev/random will be used. If neither -# are available, the implementation will be disabled. -# "file" is the only currently supported protocol type. -# -# The entropy gathering device can also be specified with the System -# property "java.security.egd". For example: -# -# % java -Djava.security.egd=file:/dev/random MainClass -# -# Specifying this System property will override the -# "securerandom.source" Security property. -# -# In addition, if "file:/dev/random" or "file:/dev/urandom" is -# specified, the "NativePRNG" implementation will be more preferred than -# SHA1PRNG in the Sun provider. -# -securerandom.source=file:/dev/random - -# -# A list of known strong SecureRandom implementations. -# -# To help guide applications in selecting a suitable strong -# java.security.SecureRandom implementation, Java distributions should -# indicate a list of known strong implementations using the property. -# -# This is a comma-separated list of algorithm and/or algorithm:provider -# entries. -# -securerandom.strongAlgorithms=NativePRNGBlocking:SUN - -# -# Class to instantiate as the javax.security.auth.login.Configuration -# provider. -# -login.configuration.provider=sun.security.provider.ConfigFile - -# -# Default login configuration file -# -#login.config.url.1=file:${user.home}/.java.login.config - -# -# Class to instantiate as the system Policy. This is the name of the class -# that will be used as the Policy object. -# -policy.provider=sun.security.provider.PolicyFile - -# The default is to have a single system-wide policy file, -# and a policy file in the user's home directory. -policy.url.1=file:${java.home}/lib/security/java.policy -policy.url.2=file:${user.home}/.java.policy - -# whether or not we expand properties in the policy file -# if this is set to false, properties (${...}) will not be expanded in policy -# files. -policy.expandProperties=true - -# whether or not we allow an extra policy to be passed on the command line -# with -Djava.security.policy=somefile. Comment out this line to disable -# this feature. -policy.allowSystemProperty=true - -# whether or not we look into the IdentityScope for trusted Identities -# when encountering a 1.1 signed JAR file. If the identity is found -# and is trusted, we grant it AllPermission. -policy.ignoreIdentityScope=false - -# -# Default keystore type. -# -keystore.type=jks - -# -# List of comma-separated packages that start with or equal this string -# will cause a security exception to be thrown when -# passed to checkPackageAccess unless the -# corresponding RuntimePermission ("accessClassInPackage."+package) has -# been granted. -package.access=sun.,\ - com.sun.xml.internal.,\ - com.sun.imageio.,\ - com.sun.istack.internal.,\ - com.sun.jmx.,\ - com.sun.media.sound.,\ - com.sun.naming.internal.,\ - com.sun.proxy.,\ - com.sun.corba.se.,\ - com.sun.org.apache.bcel.internal.,\ - com.sun.org.apache.regexp.internal.,\ - com.sun.org.apache.xerces.internal.,\ - com.sun.org.apache.xpath.internal.,\ - com.sun.org.apache.xalan.internal.extensions.,\ - com.sun.org.apache.xalan.internal.lib.,\ - com.sun.org.apache.xalan.internal.res.,\ - com.sun.org.apache.xalan.internal.templates.,\ - com.sun.org.apache.xalan.internal.utils.,\ - com.sun.org.apache.xalan.internal.xslt.,\ - com.sun.org.apache.xalan.internal.xsltc.cmdline.,\ - com.sun.org.apache.xalan.internal.xsltc.compiler.,\ - com.sun.org.apache.xalan.internal.xsltc.trax.,\ - com.sun.org.apache.xalan.internal.xsltc.util.,\ - com.sun.org.apache.xml.internal.res.,\ - com.sun.org.apache.xml.internal.security.,\ - com.sun.org.apache.xml.internal.serializer.utils.,\ - com.sun.org.apache.xml.internal.utils.,\ - com.sun.org.glassfish.,\ - com.oracle.xmlns.internal.,\ - com.oracle.webservices.internal.,\ - org.jcp.xml.dsig.internal.,\ - jdk.internal.,\ - jdk.nashorn.internal.,\ - jdk.nashorn.tools.,\ - com.sun.activation.registries. - -# -# List of comma-separated packages that start with or equal this string -# will cause a security exception to be thrown when -# passed to checkPackageDefinition unless the -# corresponding RuntimePermission ("defineClassInPackage."+package) has -# been granted. -# -# by default, none of the class loaders supplied with the JDK call -# checkPackageDefinition. -# -package.definition=sun.,\ - com.sun.xml.internal.,\ - com.sun.imageio.,\ - com.sun.istack.internal.,\ - com.sun.jmx.,\ - com.sun.media.sound.,\ - com.sun.naming.internal.,\ - com.sun.proxy.,\ - com.sun.corba.se.,\ - com.sun.org.apache.bcel.internal.,\ - com.sun.org.apache.regexp.internal.,\ - com.sun.org.apache.xerces.internal.,\ - com.sun.org.apache.xpath.internal.,\ - com.sun.org.apache.xalan.internal.extensions.,\ - com.sun.org.apache.xalan.internal.lib.,\ - com.sun.org.apache.xalan.internal.res.,\ - com.sun.org.apache.xalan.internal.templates.,\ - com.sun.org.apache.xalan.internal.utils.,\ - com.sun.org.apache.xalan.internal.xslt.,\ - com.sun.org.apache.xalan.internal.xsltc.cmdline.,\ - com.sun.org.apache.xalan.internal.xsltc.compiler.,\ - com.sun.org.apache.xalan.internal.xsltc.trax.,\ - com.sun.org.apache.xalan.internal.xsltc.util.,\ - com.sun.org.apache.xml.internal.res.,\ - com.sun.org.apache.xml.internal.security.,\ - com.sun.org.apache.xml.internal.serializer.utils.,\ - com.sun.org.apache.xml.internal.utils.,\ - com.sun.org.glassfish.,\ - com.oracle.xmlns.internal.,\ - com.oracle.webservices.internal.,\ - org.jcp.xml.dsig.internal.,\ - jdk.internal.,\ - jdk.nashorn.internal.,\ - jdk.nashorn.tools.,\ - com.sun.activation.registries. - -# -# Determines whether this properties file can be appended to -# or overridden on the command line via -Djava.security.properties -# -security.overridePropertiesFile=true - -# -# Determines the default key and trust manager factory algorithms for -# the javax.net.ssl package. -# -ssl.KeyManagerFactory.algorithm=SunX509 -ssl.TrustManagerFactory.algorithm=PKIX - -# -# The Java-level namelookup cache policy for successful lookups: -# -# any negative value: caching forever -# any positive value: the number of seconds to cache an address for -# zero: do not cache -# -# default value is forever (FOREVER). For security reasons, this -# caching is made forever when a security manager is set. When a security -# manager is not set, the default behavior in this implementation -# is to cache for 30 seconds. -# -# NOTE: setting this to anything other than the default value can have -# serious security implications. Do not set it unless -# you are sure you are not exposed to DNS spoofing attack. -# -#networkaddress.cache.ttl=-1 - -# The Java-level namelookup cache policy for failed lookups: -# -# any negative value: cache forever -# any positive value: the number of seconds to cache negative lookup results -# zero: do not cache -# -# In some Microsoft Windows networking environments that employ -# the WINS name service in addition to DNS, name service lookups -# that fail may take a noticeably long time to return (approx. 5 seconds). -# For this reason the default caching policy is to maintain these -# results for 10 seconds. -# -# -networkaddress.cache.negative.ttl=10 - -# -# Properties to configure OCSP for certificate revocation checking -# - -# Enable OCSP -# -# By default, OCSP is not used for certificate revocation checking. -# This property enables the use of OCSP when set to the value "true". -# -# NOTE: SocketPermission is required to connect to an OCSP responder. -# -# Example, -# ocsp.enable=true - -# -# Location of the OCSP responder -# -# By default, the location of the OCSP responder is determined implicitly -# from the certificate being validated. This property explicitly specifies -# the location of the OCSP responder. The property is used when the -# Authority Information Access extension (defined in RFC 3280) is absent -# from the certificate or when it requires overriding. -# -# Example, -# ocsp.responderURL=http://ocsp.example.net:80 - -# -# Subject name of the OCSP responder's certificate -# -# By default, the certificate of the OCSP responder is that of the issuer -# of the certificate being validated. This property identifies the certificate -# of the OCSP responder when the default does not apply. Its value is a string -# distinguished name (defined in RFC 2253) which identifies a certificate in -# the set of certificates supplied during cert path validation. In cases where -# the subject name alone is not sufficient to uniquely identify the certificate -# then both the "ocsp.responderCertIssuerName" and -# "ocsp.responderCertSerialNumber" properties must be used instead. When this -# property is set then those two properties are ignored. -# -# Example, -# ocsp.responderCertSubjectName="CN=OCSP Responder, O=XYZ Corp" - -# -# Issuer name of the OCSP responder's certificate -# -# By default, the certificate of the OCSP responder is that of the issuer -# of the certificate being validated. This property identifies the certificate -# of the OCSP responder when the default does not apply. Its value is a string -# distinguished name (defined in RFC 2253) which identifies a certificate in -# the set of certificates supplied during cert path validation. When this -# property is set then the "ocsp.responderCertSerialNumber" property must also -# be set. When the "ocsp.responderCertSubjectName" property is set then this -# property is ignored. -# -# Example, -# ocsp.responderCertIssuerName="CN=Enterprise CA, O=XYZ Corp" - -# -# Serial number of the OCSP responder's certificate -# -# By default, the certificate of the OCSP responder is that of the issuer -# of the certificate being validated. This property identifies the certificate -# of the OCSP responder when the default does not apply. Its value is a string -# of hexadecimal digits (colon or space separators may be present) which -# identifies a certificate in the set of certificates supplied during cert path -# validation. When this property is set then the "ocsp.responderCertIssuerName" -# property must also be set. When the "ocsp.responderCertSubjectName" property -# is set then this property is ignored. -# -# Example, -# ocsp.responderCertSerialNumber=2A:FF:00 - -# -# Policy for failed Kerberos KDC lookups: -# -# When a KDC is unavailable (network error, service failure, etc), it is -# put inside a blacklist and accessed less often for future requests. The -# value (case-insensitive) for this policy can be: -# -# tryLast -# KDCs in the blacklist are always tried after those not on the list. -# -# tryLess[:max_retries,timeout] -# KDCs in the blacklist are still tried by their order in the configuration, -# but with smaller max_retries and timeout values. max_retries and timeout -# are optional numerical parameters (default 1 and 5000, which means once -# and 5 seconds). Please notes that if any of the values defined here is -# more than what is defined in krb5.conf, it will be ignored. -# -# Whenever a KDC is detected as available, it is removed from the blacklist. -# The blacklist is reset when krb5.conf is reloaded. You can add -# refreshKrb5Config=true to a JAAS configuration file so that krb5.conf is -# reloaded whenever a JAAS authentication is attempted. -# -# Example, -# krb5.kdc.bad.policy = tryLast -# krb5.kdc.bad.policy = tryLess:2,2000 -krb5.kdc.bad.policy = tryLast - -# Algorithm restrictions for certification path (CertPath) processing -# -# In some environments, certain algorithms or key lengths may be undesirable -# for certification path building and validation. For example, "MD2" is -# generally no longer considered to be a secure hash algorithm. This section -# describes the mechanism for disabling algorithms based on algorithm name -# and/or key length. This includes algorithms used in certificates, as well -# as revocation information such as CRLs and signed OCSP Responses. -# -# The syntax of the disabled algorithm string is described as this Java -# BNF-style: -# DisabledAlgorithms: -# " DisabledAlgorithm { , DisabledAlgorithm } " -# -# DisabledAlgorithm: -# AlgorithmName [Constraint] -# -# AlgorithmName: -# (see below) -# -# Constraint: -# KeySizeConstraint -# -# KeySizeConstraint: -# keySize Operator DecimalInteger -# -# Operator: -# <= | < | == | != | >= | > -# -# DecimalInteger: -# DecimalDigits -# -# DecimalDigits: -# DecimalDigit {DecimalDigit} -# -# DecimalDigit: one of -# 1 2 3 4 5 6 7 8 9 0 -# -# The "AlgorithmName" is the standard algorithm name of the disabled -# algorithm. See "Java Cryptography Architecture Standard Algorithm Name -# Documentation" for information about Standard Algorithm Names. Matching -# is performed using a case-insensitive sub-element matching rule. (For -# example, in "SHA1withECDSA" the sub-elements are "SHA1" for hashing and -# "ECDSA" for signatures.) If the assertion "AlgorithmName" is a -# sub-element of the certificate algorithm name, the algorithm will be -# rejected during certification path building and validation. For example, -# the assertion algorithm name "DSA" will disable all certificate algorithms -# that rely on DSA, such as NONEwithDSA, SHA1withDSA. However, the assertion -# will not disable algorithms related to "ECDSA". -# -# A "Constraint" provides further guidance for the algorithm being specified. -# The "KeySizeConstraint" requires a key of a valid size range if the -# "AlgorithmName" is of a key algorithm. The "DecimalInteger" indicates the -# key size specified in number of bits. For example, "RSA keySize <= 1024" -# indicates that any RSA key with key size less than or equal to 1024 bits -# should be disabled, and "RSA keySize < 1024, RSA keySize > 2048" indicates -# that any RSA key with key size less than 1024 or greater than 2048 should -# be disabled. Note that the "KeySizeConstraint" only makes sense to key -# algorithms. -# -# Note: This property is currently used by Oracle's PKIX implementation. It -# is not guaranteed to be examined and used by other implementations. -# -# Example: -# jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048 -# -# -jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024 - -# Algorithm restrictions for Secure Socket Layer/Transport Layer Security -# (SSL/TLS) processing -# -# In some environments, certain algorithms or key lengths may be undesirable -# when using SSL/TLS. This section describes the mechanism for disabling -# algorithms during SSL/TLS security parameters negotiation, including cipher -# suites selection, peer authentication and key exchange mechanisms. -# -# For PKI-based peer authentication and key exchange mechanisms, this list -# of disabled algorithms will also be checked during certification path -# building and validation, including algorithms used in certificates, as -# well as revocation information such as CRLs and signed OCSP Responses. -# This is in addition to the jdk.certpath.disabledAlgorithms property above. -# -# See the specification of "jdk.certpath.disabledAlgorithms" for the -# syntax of the disabled algorithm string. -# -# Note: This property is currently used by Oracle's JSSE implementation. -# It is not guaranteed to be examined and used by other implementations. -# -# Example: -# jdk.tls.disabledAlgorithms=MD5, SHA1, DSA, RSA keySize < 2048
--- a/jdk/src/java.base/share/conf/security/java.security-macosx Thu Aug 21 14:16:26 2014 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,499 +0,0 @@ -# -# This is the "master security properties file". -# -# An alternate java.security properties file may be specified -# from the command line via the system property -# -# -Djava.security.properties=<URL> -# -# This properties file appends to the master security properties file. -# If both properties files specify values for the same key, the value -# from the command-line properties file is selected, as it is the last -# one loaded. -# -# Also, if you specify -# -# -Djava.security.properties==<URL> (2 equals), -# -# then that properties file completely overrides the master security -# properties file. -# -# To disable the ability to specify an additional properties file from -# the command line, set the key security.overridePropertiesFile -# to false in the master security properties file. It is set to true -# by default. - -# In this file, various security properties are set for use by -# java.security classes. This is where users can statically register -# Cryptography Package Providers ("providers" for short). The term -# "provider" refers to a package or set of packages that supply a -# concrete implementation of a subset of the cryptography aspects of -# the Java Security API. A provider may, for example, implement one or -# more digital signature algorithms or message digest algorithms. -# -# Each provider must implement a subclass of the Provider class. -# To register a provider in this master security properties file, -# specify the Provider subclass name and priority in the format -# -# security.provider.<n>=<className> -# -# This declares a provider, and specifies its preference -# order n. The preference order is the order in which providers are -# searched for requested algorithms (when no specific provider is -# requested). The order is 1-based; 1 is the most preferred, followed -# by 2, and so on. -# -# <className> must specify the subclass of the Provider class whose -# constructor sets the values of various properties that are required -# for the Java Security API to look up the algorithms or other -# facilities implemented by the provider. -# -# There must be at least one provider specification in java.security. -# There is a default provider that comes standard with the JDK. It -# is called the "SUN" provider, and its Provider subclass -# named Sun appears in the sun.security.provider package. Thus, the -# "SUN" provider is registered via the following: -# -# security.provider.1=sun.security.provider.Sun -# -# (The number 1 is used for the default provider.) -# -# Note: Providers can be dynamically registered instead by calls to -# either the addProvider or insertProviderAt method in the Security -# class. - -# -# List of providers and their preference orders (see above): -# -security.provider.1=sun.security.provider.Sun -security.provider.2=sun.security.rsa.SunRsaSign -security.provider.3=sun.security.ec.SunEC -security.provider.4=com.sun.net.ssl.internal.ssl.Provider -security.provider.5=com.sun.crypto.provider.SunJCE -security.provider.6=sun.security.jgss.SunProvider -security.provider.7=com.sun.security.sasl.Provider -security.provider.8=org.jcp.xml.dsig.internal.dom.XMLDSigRI -security.provider.9=sun.security.smartcardio.SunPCSC -security.provider.10=apple.security.AppleProvider - -# -# Sun Provider SecureRandom seed source. -# -# Select the primary source of seed data for the "SHA1PRNG" and -# "NativePRNG" SecureRandom implementations in the "Sun" provider. -# (Other SecureRandom implementations might also use this property.) -# -# On Unix-like systems (for example, Solaris/Linux/MacOS), the -# "NativePRNG" and "SHA1PRNG" implementations obtains seed data from -# special device files such as file:/dev/random. -# -# On Windows systems, specifying the URLs "file:/dev/random" or -# "file:/dev/urandom" will enable the native Microsoft CryptoAPI seeding -# mechanism for SHA1PRNG. -# -# By default, an attempt is made to use the entropy gathering device -# specified by the "securerandom.source" Security property. If an -# exception occurs while accessing the specified URL: -# -# SHA1PRNG: -# the traditional system/thread activity algorithm will be used. -# -# NativePRNG: -# a default value of /dev/random will be used. If neither -# are available, the implementation will be disabled. -# "file" is the only currently supported protocol type. -# -# The entropy gathering device can also be specified with the System -# property "java.security.egd". For example: -# -# % java -Djava.security.egd=file:/dev/random MainClass -# -# Specifying this System property will override the -# "securerandom.source" Security property. -# -# In addition, if "file:/dev/random" or "file:/dev/urandom" is -# specified, the "NativePRNG" implementation will be more preferred than -# SHA1PRNG in the Sun provider. -# -securerandom.source=file:/dev/random - -# -# A list of known strong SecureRandom implementations. -# -# To help guide applications in selecting a suitable strong -# java.security.SecureRandom implementation, Java distributions should -# indicate a list of known strong implementations using the property. -# -# This is a comma-separated list of algorithm and/or algorithm:provider -# entries. -# -securerandom.strongAlgorithms=NativePRNGBlocking:SUN - -# -# Class to instantiate as the javax.security.auth.login.Configuration -# provider. -# -login.configuration.provider=sun.security.provider.ConfigFile - -# -# Default login configuration file -# -#login.config.url.1=file:${user.home}/.java.login.config - -# -# Class to instantiate as the system Policy. This is the name of the class -# that will be used as the Policy object. -# -policy.provider=sun.security.provider.PolicyFile - -# The default is to have a single system-wide policy file, -# and a policy file in the user's home directory. -policy.url.1=file:${java.home}/lib/security/java.policy -policy.url.2=file:${user.home}/.java.policy - -# whether or not we expand properties in the policy file -# if this is set to false, properties (${...}) will not be expanded in policy -# files. -policy.expandProperties=true - -# whether or not we allow an extra policy to be passed on the command line -# with -Djava.security.policy=somefile. Comment out this line to disable -# this feature. -policy.allowSystemProperty=true - -# whether or not we look into the IdentityScope for trusted Identities -# when encountering a 1.1 signed JAR file. If the identity is found -# and is trusted, we grant it AllPermission. -policy.ignoreIdentityScope=false - -# -# Default keystore type. -# -keystore.type=jks - -# -# List of comma-separated packages that start with or equal this string -# will cause a security exception to be thrown when -# passed to checkPackageAccess unless the -# corresponding RuntimePermission ("accessClassInPackage."+package) has -# been granted. -package.access=sun.,\ - com.sun.xml.internal.,\ - com.sun.imageio.,\ - com.sun.istack.internal.,\ - com.sun.jmx.,\ - com.sun.media.sound.,\ - com.sun.naming.internal.,\ - com.sun.proxy.,\ - com.sun.corba.se.,\ - com.sun.org.apache.bcel.internal.,\ - com.sun.org.apache.regexp.internal.,\ - com.sun.org.apache.xerces.internal.,\ - com.sun.org.apache.xpath.internal.,\ - com.sun.org.apache.xalan.internal.extensions.,\ - com.sun.org.apache.xalan.internal.lib.,\ - com.sun.org.apache.xalan.internal.res.,\ - com.sun.org.apache.xalan.internal.templates.,\ - com.sun.org.apache.xalan.internal.utils.,\ - com.sun.org.apache.xalan.internal.xslt.,\ - com.sun.org.apache.xalan.internal.xsltc.cmdline.,\ - com.sun.org.apache.xalan.internal.xsltc.compiler.,\ - com.sun.org.apache.xalan.internal.xsltc.trax.,\ - com.sun.org.apache.xalan.internal.xsltc.util.,\ - com.sun.org.apache.xml.internal.res.,\ - com.sun.org.apache.xml.internal.security.,\ - com.sun.org.apache.xml.internal.serializer.utils.,\ - com.sun.org.apache.xml.internal.utils.,\ - com.sun.org.glassfish.,\ - com.oracle.xmlns.internal.,\ - com.oracle.webservices.internal.,\ - org.jcp.xml.dsig.internal.,\ - jdk.internal.,\ - jdk.nashorn.internal.,\ - jdk.nashorn.tools.,\ - com.sun.activation.registries.,\ - apple. - -# -# List of comma-separated packages that start with or equal this string -# will cause a security exception to be thrown when -# passed to checkPackageDefinition unless the -# corresponding RuntimePermission ("defineClassInPackage."+package) has -# been granted. -# -# by default, none of the class loaders supplied with the JDK call -# checkPackageDefinition. -# -package.definition=sun.,\ - com.sun.xml.internal.,\ - com.sun.imageio.,\ - com.sun.istack.internal.,\ - com.sun.jmx.,\ - com.sun.media.sound.,\ - com.sun.naming.internal.,\ - com.sun.proxy.,\ - com.sun.corba.se.,\ - com.sun.org.apache.bcel.internal.,\ - com.sun.org.apache.regexp.internal.,\ - com.sun.org.apache.xerces.internal.,\ - com.sun.org.apache.xpath.internal.,\ - com.sun.org.apache.xalan.internal.extensions.,\ - com.sun.org.apache.xalan.internal.lib.,\ - com.sun.org.apache.xalan.internal.res.,\ - com.sun.org.apache.xalan.internal.templates.,\ - com.sun.org.apache.xalan.internal.utils.,\ - com.sun.org.apache.xalan.internal.xslt.,\ - com.sun.org.apache.xalan.internal.xsltc.cmdline.,\ - com.sun.org.apache.xalan.internal.xsltc.compiler.,\ - com.sun.org.apache.xalan.internal.xsltc.trax.,\ - com.sun.org.apache.xalan.internal.xsltc.util.,\ - com.sun.org.apache.xml.internal.res.,\ - com.sun.org.apache.xml.internal.security.,\ - com.sun.org.apache.xml.internal.serializer.utils.,\ - com.sun.org.apache.xml.internal.utils.,\ - com.sun.org.glassfish.,\ - com.oracle.xmlns.internal.,\ - com.oracle.webservices.internal.,\ - org.jcp.xml.dsig.internal.,\ - jdk.internal.,\ - jdk.nashorn.internal.,\ - jdk.nashorn.tools.,\ - com.sun.activation.registries.,\ - apple. - -# -# Determines whether this properties file can be appended to -# or overridden on the command line via -Djava.security.properties -# -security.overridePropertiesFile=true - -# -# Determines the default key and trust manager factory algorithms for -# the javax.net.ssl package. -# -ssl.KeyManagerFactory.algorithm=SunX509 -ssl.TrustManagerFactory.algorithm=PKIX - -# -# The Java-level namelookup cache policy for successful lookups: -# -# any negative value: caching forever -# any positive value: the number of seconds to cache an address for -# zero: do not cache -# -# default value is forever (FOREVER). For security reasons, this -# caching is made forever when a security manager is set. When a security -# manager is not set, the default behavior in this implementation -# is to cache for 30 seconds. -# -# NOTE: setting this to anything other than the default value can have -# serious security implications. Do not set it unless -# you are sure you are not exposed to DNS spoofing attack. -# -#networkaddress.cache.ttl=-1 - -# The Java-level namelookup cache policy for failed lookups: -# -# any negative value: cache forever -# any positive value: the number of seconds to cache negative lookup results -# zero: do not cache -# -# In some Microsoft Windows networking environments that employ -# the WINS name service in addition to DNS, name service lookups -# that fail may take a noticeably long time to return (approx. 5 seconds). -# For this reason the default caching policy is to maintain these -# results for 10 seconds. -# -# -networkaddress.cache.negative.ttl=10 - -# -# Properties to configure OCSP for certificate revocation checking -# - -# Enable OCSP -# -# By default, OCSP is not used for certificate revocation checking. -# This property enables the use of OCSP when set to the value "true". -# -# NOTE: SocketPermission is required to connect to an OCSP responder. -# -# Example, -# ocsp.enable=true - -# -# Location of the OCSP responder -# -# By default, the location of the OCSP responder is determined implicitly -# from the certificate being validated. This property explicitly specifies -# the location of the OCSP responder. The property is used when the -# Authority Information Access extension (defined in RFC 3280) is absent -# from the certificate or when it requires overriding. -# -# Example, -# ocsp.responderURL=http://ocsp.example.net:80 - -# -# Subject name of the OCSP responder's certificate -# -# By default, the certificate of the OCSP responder is that of the issuer -# of the certificate being validated. This property identifies the certificate -# of the OCSP responder when the default does not apply. Its value is a string -# distinguished name (defined in RFC 2253) which identifies a certificate in -# the set of certificates supplied during cert path validation. In cases where -# the subject name alone is not sufficient to uniquely identify the certificate -# then both the "ocsp.responderCertIssuerName" and -# "ocsp.responderCertSerialNumber" properties must be used instead. When this -# property is set then those two properties are ignored. -# -# Example, -# ocsp.responderCertSubjectName="CN=OCSP Responder, O=XYZ Corp" - -# -# Issuer name of the OCSP responder's certificate -# -# By default, the certificate of the OCSP responder is that of the issuer -# of the certificate being validated. This property identifies the certificate -# of the OCSP responder when the default does not apply. Its value is a string -# distinguished name (defined in RFC 2253) which identifies a certificate in -# the set of certificates supplied during cert path validation. When this -# property is set then the "ocsp.responderCertSerialNumber" property must also -# be set. When the "ocsp.responderCertSubjectName" property is set then this -# property is ignored. -# -# Example, -# ocsp.responderCertIssuerName="CN=Enterprise CA, O=XYZ Corp" - -# -# Serial number of the OCSP responder's certificate -# -# By default, the certificate of the OCSP responder is that of the issuer -# of the certificate being validated. This property identifies the certificate -# of the OCSP responder when the default does not apply. Its value is a string -# of hexadecimal digits (colon or space separators may be present) which -# identifies a certificate in the set of certificates supplied during cert path -# validation. When this property is set then the "ocsp.responderCertIssuerName" -# property must also be set. When the "ocsp.responderCertSubjectName" property -# is set then this property is ignored. -# -# Example, -# ocsp.responderCertSerialNumber=2A:FF:00 - -# -# Policy for failed Kerberos KDC lookups: -# -# When a KDC is unavailable (network error, service failure, etc), it is -# put inside a blacklist and accessed less often for future requests. The -# value (case-insensitive) for this policy can be: -# -# tryLast -# KDCs in the blacklist are always tried after those not on the list. -# -# tryLess[:max_retries,timeout] -# KDCs in the blacklist are still tried by their order in the configuration, -# but with smaller max_retries and timeout values. max_retries and timeout -# are optional numerical parameters (default 1 and 5000, which means once -# and 5 seconds). Please notes that if any of the values defined here is -# more than what is defined in krb5.conf, it will be ignored. -# -# Whenever a KDC is detected as available, it is removed from the blacklist. -# The blacklist is reset when krb5.conf is reloaded. You can add -# refreshKrb5Config=true to a JAAS configuration file so that krb5.conf is -# reloaded whenever a JAAS authentication is attempted. -# -# Example, -# krb5.kdc.bad.policy = tryLast -# krb5.kdc.bad.policy = tryLess:2,2000 -krb5.kdc.bad.policy = tryLast - -# Algorithm restrictions for certification path (CertPath) processing -# -# In some environments, certain algorithms or key lengths may be undesirable -# for certification path building and validation. For example, "MD2" is -# generally no longer considered to be a secure hash algorithm. This section -# describes the mechanism for disabling algorithms based on algorithm name -# and/or key length. This includes algorithms used in certificates, as well -# as revocation information such as CRLs and signed OCSP Responses. -# -# The syntax of the disabled algorithm string is described as this Java -# BNF-style: -# DisabledAlgorithms: -# " DisabledAlgorithm { , DisabledAlgorithm } " -# -# DisabledAlgorithm: -# AlgorithmName [Constraint] -# -# AlgorithmName: -# (see below) -# -# Constraint: -# KeySizeConstraint -# -# KeySizeConstraint: -# keySize Operator DecimalInteger -# -# Operator: -# <= | < | == | != | >= | > -# -# DecimalInteger: -# DecimalDigits -# -# DecimalDigits: -# DecimalDigit {DecimalDigit} -# -# DecimalDigit: one of -# 1 2 3 4 5 6 7 8 9 0 -# -# The "AlgorithmName" is the standard algorithm name of the disabled -# algorithm. See "Java Cryptography Architecture Standard Algorithm Name -# Documentation" for information about Standard Algorithm Names. Matching -# is performed using a case-insensitive sub-element matching rule. (For -# example, in "SHA1withECDSA" the sub-elements are "SHA1" for hashing and -# "ECDSA" for signatures.) If the assertion "AlgorithmName" is a -# sub-element of the certificate algorithm name, the algorithm will be -# rejected during certification path building and validation. For example, -# the assertion algorithm name "DSA" will disable all certificate algorithms -# that rely on DSA, such as NONEwithDSA, SHA1withDSA. However, the assertion -# will not disable algorithms related to "ECDSA". -# -# A "Constraint" provides further guidance for the algorithm being specified. -# The "KeySizeConstraint" requires a key of a valid size range if the -# "AlgorithmName" is of a key algorithm. The "DecimalInteger" indicates the -# key size specified in number of bits. For example, "RSA keySize <= 1024" -# indicates that any RSA key with key size less than or equal to 1024 bits -# should be disabled, and "RSA keySize < 1024, RSA keySize > 2048" indicates -# that any RSA key with key size less than 1024 or greater than 2048 should -# be disabled. Note that the "KeySizeConstraint" only makes sense to key -# algorithms. -# -# Note: This property is currently used by Oracle's PKIX implementation. It -# is not guaranteed to be examined and used by other implementations. -# -# Example: -# jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048 -# -# -jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024 - -# Algorithm restrictions for Secure Socket Layer/Transport Layer Security -# (SSL/TLS) processing -# -# In some environments, certain algorithms or key lengths may be undesirable -# when using SSL/TLS. This section describes the mechanism for disabling -# algorithms during SSL/TLS security parameters negotiation, including cipher -# suites selection, peer authentication and key exchange mechanisms. -# -# For PKI-based peer authentication and key exchange mechanisms, this list -# of disabled algorithms will also be checked during certification path -# building and validation, including algorithms used in certificates, as -# well as revocation information such as CRLs and signed OCSP Responses. -# This is in addition to the jdk.certpath.disabledAlgorithms property above. -# -# See the specification of "jdk.certpath.disabledAlgorithms" for the -# syntax of the disabled algorithm string. -# -# Note: This property is currently used by Oracle's JSSE implementation. -# It is not guaranteed to be examined and used by other implementations. -# -# Example: -# jdk.tls.disabledAlgorithms=MD5, SHA1, DSA, RSA keySize < 2048
--- a/jdk/src/java.base/share/conf/security/java.security-solaris Thu Aug 21 14:16:26 2014 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,498 +0,0 @@ -# -# This is the "master security properties file". -# -# An alternate java.security properties file may be specified -# from the command line via the system property -# -# -Djava.security.properties=<URL> -# -# This properties file appends to the master security properties file. -# If both properties files specify values for the same key, the value -# from the command-line properties file is selected, as it is the last -# one loaded. -# -# Also, if you specify -# -# -Djava.security.properties==<URL> (2 equals), -# -# then that properties file completely overrides the master security -# properties file. -# -# To disable the ability to specify an additional properties file from -# the command line, set the key security.overridePropertiesFile -# to false in the master security properties file. It is set to true -# by default. - -# In this file, various security properties are set for use by -# java.security classes. This is where users can statically register -# Cryptography Package Providers ("providers" for short). The term -# "provider" refers to a package or set of packages that supply a -# concrete implementation of a subset of the cryptography aspects of -# the Java Security API. A provider may, for example, implement one or -# more digital signature algorithms or message digest algorithms. -# -# Each provider must implement a subclass of the Provider class. -# To register a provider in this master security properties file, -# specify the Provider subclass name and priority in the format -# -# security.provider.<n>=<className> -# -# This declares a provider, and specifies its preference -# order n. The preference order is the order in which providers are -# searched for requested algorithms (when no specific provider is -# requested). The order is 1-based; 1 is the most preferred, followed -# by 2, and so on. -# -# <className> must specify the subclass of the Provider class whose -# constructor sets the values of various properties that are required -# for the Java Security API to look up the algorithms or other -# facilities implemented by the provider. -# -# There must be at least one provider specification in java.security. -# There is a default provider that comes standard with the JDK. It -# is called the "SUN" provider, and its Provider subclass -# named Sun appears in the sun.security.provider package. Thus, the -# "SUN" provider is registered via the following: -# -# security.provider.1=sun.security.provider.Sun -# -# (The number 1 is used for the default provider.) -# -# Note: Providers can be dynamically registered instead by calls to -# either the addProvider or insertProviderAt method in the Security -# class. - -# -# List of providers and their preference orders (see above): -# -security.provider.1=com.oracle.security.ucrypto.UcryptoProvider ${java.home}/lib/security/ucrypto-solaris.cfg -security.provider.2=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/sunpkcs11-solaris.cfg -security.provider.3=sun.security.provider.Sun -security.provider.4=sun.security.rsa.SunRsaSign -security.provider.5=sun.security.ec.SunEC -security.provider.6=com.sun.net.ssl.internal.ssl.Provider -security.provider.7=com.sun.crypto.provider.SunJCE -security.provider.8=sun.security.jgss.SunProvider -security.provider.9=com.sun.security.sasl.Provider -security.provider.10=org.jcp.xml.dsig.internal.dom.XMLDSigRI -security.provider.11=sun.security.smartcardio.SunPCSC - -# -# Sun Provider SecureRandom seed source. -# -# Select the primary source of seed data for the "SHA1PRNG" and -# "NativePRNG" SecureRandom implementations in the "Sun" provider. -# (Other SecureRandom implementations might also use this property.) -# -# On Unix-like systems (for example, Solaris/Linux/MacOS), the -# "NativePRNG" and "SHA1PRNG" implementations obtains seed data from -# special device files such as file:/dev/random. -# -# On Windows systems, specifying the URLs "file:/dev/random" or -# "file:/dev/urandom" will enable the native Microsoft CryptoAPI seeding -# mechanism for SHA1PRNG. -# -# By default, an attempt is made to use the entropy gathering device -# specified by the "securerandom.source" Security property. If an -# exception occurs while accessing the specified URL: -# -# SHA1PRNG: -# the traditional system/thread activity algorithm will be used. -# -# NativePRNG: -# a default value of /dev/random will be used. If neither -# are available, the implementation will be disabled. -# "file" is the only currently supported protocol type. -# -# The entropy gathering device can also be specified with the System -# property "java.security.egd". For example: -# -# % java -Djava.security.egd=file:/dev/random MainClass -# -# Specifying this System property will override the -# "securerandom.source" Security property. -# -# In addition, if "file:/dev/random" or "file:/dev/urandom" is -# specified, the "NativePRNG" implementation will be more preferred than -# SHA1PRNG in the Sun provider. -# -securerandom.source=file:/dev/random - -# -# A list of known strong SecureRandom implementations. -# -# To help guide applications in selecting a suitable strong -# java.security.SecureRandom implementation, Java distributions should -# indicate a list of known strong implementations using the property. -# -# This is a comma-separated list of algorithm and/or algorithm:provider -# entries. -# -securerandom.strongAlgorithms=NativePRNGBlocking:SUN - -# -# Class to instantiate as the javax.security.auth.login.Configuration -# provider. -# -login.configuration.provider=sun.security.provider.ConfigFile - -# -# Default login configuration file -# -#login.config.url.1=file:${user.home}/.java.login.config - -# -# Class to instantiate as the system Policy. This is the name of the class -# that will be used as the Policy object. -# -policy.provider=sun.security.provider.PolicyFile - -# The default is to have a single system-wide policy file, -# and a policy file in the user's home directory. -policy.url.1=file:${java.home}/lib/security/java.policy -policy.url.2=file:${user.home}/.java.policy - -# whether or not we expand properties in the policy file -# if this is set to false, properties (${...}) will not be expanded in policy -# files. -policy.expandProperties=true - -# whether or not we allow an extra policy to be passed on the command line -# with -Djava.security.policy=somefile. Comment out this line to disable -# this feature. -policy.allowSystemProperty=true - -# whether or not we look into the IdentityScope for trusted Identities -# when encountering a 1.1 signed JAR file. If the identity is found -# and is trusted, we grant it AllPermission. -policy.ignoreIdentityScope=false - -# -# Default keystore type. -# -keystore.type=jks - -# -# List of comma-separated packages that start with or equal this string -# will cause a security exception to be thrown when -# passed to checkPackageAccess unless the -# corresponding RuntimePermission ("accessClassInPackage."+package) has -# been granted. -package.access=sun.,\ - com.sun.xml.internal.,\ - com.sun.imageio.,\ - com.sun.istack.internal.,\ - com.sun.jmx.,\ - com.sun.media.sound.,\ - com.sun.naming.internal.,\ - com.sun.proxy.,\ - com.sun.corba.se.,\ - com.sun.org.apache.bcel.internal.,\ - com.sun.org.apache.regexp.internal.,\ - com.sun.org.apache.xerces.internal.,\ - com.sun.org.apache.xpath.internal.,\ - com.sun.org.apache.xalan.internal.extensions.,\ - com.sun.org.apache.xalan.internal.lib.,\ - com.sun.org.apache.xalan.internal.res.,\ - com.sun.org.apache.xalan.internal.templates.,\ - com.sun.org.apache.xalan.internal.utils.,\ - com.sun.org.apache.xalan.internal.xslt.,\ - com.sun.org.apache.xalan.internal.xsltc.cmdline.,\ - com.sun.org.apache.xalan.internal.xsltc.compiler.,\ - com.sun.org.apache.xalan.internal.xsltc.trax.,\ - com.sun.org.apache.xalan.internal.xsltc.util.,\ - com.sun.org.apache.xml.internal.res.,\ - com.sun.org.apache.xml.internal.security.,\ - com.sun.org.apache.xml.internal.serializer.utils.,\ - com.sun.org.apache.xml.internal.utils.,\ - com.sun.org.glassfish.,\ - com.oracle.xmlns.internal.,\ - com.oracle.webservices.internal.,\ - org.jcp.xml.dsig.internal.,\ - jdk.internal.,\ - jdk.nashorn.internal.,\ - jdk.nashorn.tools.,\ - com.sun.activation.registries. - -# -# List of comma-separated packages that start with or equal this string -# will cause a security exception to be thrown when -# passed to checkPackageDefinition unless the -# corresponding RuntimePermission ("defineClassInPackage."+package) has -# been granted. -# -# by default, none of the class loaders supplied with the JDK call -# checkPackageDefinition. -# -package.definition=sun.,\ - com.sun.xml.internal.,\ - com.sun.imageio.,\ - com.sun.istack.internal.,\ - com.sun.jmx.,\ - com.sun.media.sound.,\ - com.sun.naming.internal.,\ - com.sun.proxy.,\ - com.sun.corba.se.,\ - com.sun.org.apache.bcel.internal.,\ - com.sun.org.apache.regexp.internal.,\ - com.sun.org.apache.xerces.internal.,\ - com.sun.org.apache.xpath.internal.,\ - com.sun.org.apache.xalan.internal.extensions.,\ - com.sun.org.apache.xalan.internal.lib.,\ - com.sun.org.apache.xalan.internal.res.,\ - com.sun.org.apache.xalan.internal.templates.,\ - com.sun.org.apache.xalan.internal.utils.,\ - com.sun.org.apache.xalan.internal.xslt.,\ - com.sun.org.apache.xalan.internal.xsltc.cmdline.,\ - com.sun.org.apache.xalan.internal.xsltc.compiler.,\ - com.sun.org.apache.xalan.internal.xsltc.trax.,\ - com.sun.org.apache.xalan.internal.xsltc.util.,\ - com.sun.org.apache.xml.internal.res.,\ - com.sun.org.apache.xml.internal.security.,\ - com.sun.org.apache.xml.internal.serializer.utils.,\ - com.sun.org.apache.xml.internal.utils.,\ - com.sun.org.glassfish.,\ - com.oracle.xmlns.internal.,\ - com.oracle.webservices.internal.,\ - org.jcp.xml.dsig.internal.,\ - jdk.internal.,\ - jdk.nashorn.internal.,\ - jdk.nashorn.tools.,\ - com.sun.activation.registries. - -# -# Determines whether this properties file can be appended to -# or overridden on the command line via -Djava.security.properties -# -security.overridePropertiesFile=true - -# -# Determines the default key and trust manager factory algorithms for -# the javax.net.ssl package. -# -ssl.KeyManagerFactory.algorithm=SunX509 -ssl.TrustManagerFactory.algorithm=PKIX - -# -# The Java-level namelookup cache policy for successful lookups: -# -# any negative value: caching forever -# any positive value: the number of seconds to cache an address for -# zero: do not cache -# -# default value is forever (FOREVER). For security reasons, this -# caching is made forever when a security manager is set. When a security -# manager is not set, the default behavior in this implementation -# is to cache for 30 seconds. -# -# NOTE: setting this to anything other than the default value can have -# serious security implications. Do not set it unless -# you are sure you are not exposed to DNS spoofing attack. -# -#networkaddress.cache.ttl=-1 - -# The Java-level namelookup cache policy for failed lookups: -# -# any negative value: cache forever -# any positive value: the number of seconds to cache negative lookup results -# zero: do not cache -# -# In some Microsoft Windows networking environments that employ -# the WINS name service in addition to DNS, name service lookups -# that fail may take a noticeably long time to return (approx. 5 seconds). -# For this reason the default caching policy is to maintain these -# results for 10 seconds. -# -# -networkaddress.cache.negative.ttl=10 - -# -# Properties to configure OCSP for certificate revocation checking -# - -# Enable OCSP -# -# By default, OCSP is not used for certificate revocation checking. -# This property enables the use of OCSP when set to the value "true". -# -# NOTE: SocketPermission is required to connect to an OCSP responder. -# -# Example, -# ocsp.enable=true - -# -# Location of the OCSP responder -# -# By default, the location of the OCSP responder is determined implicitly -# from the certificate being validated. This property explicitly specifies -# the location of the OCSP responder. The property is used when the -# Authority Information Access extension (defined in RFC 3280) is absent -# from the certificate or when it requires overriding. -# -# Example, -# ocsp.responderURL=http://ocsp.example.net:80 - -# -# Subject name of the OCSP responder's certificate -# -# By default, the certificate of the OCSP responder is that of the issuer -# of the certificate being validated. This property identifies the certificate -# of the OCSP responder when the default does not apply. Its value is a string -# distinguished name (defined in RFC 2253) which identifies a certificate in -# the set of certificates supplied during cert path validation. In cases where -# the subject name alone is not sufficient to uniquely identify the certificate -# then both the "ocsp.responderCertIssuerName" and -# "ocsp.responderCertSerialNumber" properties must be used instead. When this -# property is set then those two properties are ignored. -# -# Example, -# ocsp.responderCertSubjectName="CN=OCSP Responder, O=XYZ Corp" - -# -# Issuer name of the OCSP responder's certificate -# -# By default, the certificate of the OCSP responder is that of the issuer -# of the certificate being validated. This property identifies the certificate -# of the OCSP responder when the default does not apply. Its value is a string -# distinguished name (defined in RFC 2253) which identifies a certificate in -# the set of certificates supplied during cert path validation. When this -# property is set then the "ocsp.responderCertSerialNumber" property must also -# be set. When the "ocsp.responderCertSubjectName" property is set then this -# property is ignored. -# -# Example, -# ocsp.responderCertIssuerName="CN=Enterprise CA, O=XYZ Corp" - -# -# Serial number of the OCSP responder's certificate -# -# By default, the certificate of the OCSP responder is that of the issuer -# of the certificate being validated. This property identifies the certificate -# of the OCSP responder when the default does not apply. Its value is a string -# of hexadecimal digits (colon or space separators may be present) which -# identifies a certificate in the set of certificates supplied during cert path -# validation. When this property is set then the "ocsp.responderCertIssuerName" -# property must also be set. When the "ocsp.responderCertSubjectName" property -# is set then this property is ignored. -# -# Example, -# ocsp.responderCertSerialNumber=2A:FF:00 - -# -# Policy for failed Kerberos KDC lookups: -# -# When a KDC is unavailable (network error, service failure, etc), it is -# put inside a blacklist and accessed less often for future requests. The -# value (case-insensitive) for this policy can be: -# -# tryLast -# KDCs in the blacklist are always tried after those not on the list. -# -# tryLess[:max_retries,timeout] -# KDCs in the blacklist are still tried by their order in the configuration, -# but with smaller max_retries and timeout values. max_retries and timeout -# are optional numerical parameters (default 1 and 5000, which means once -# and 5 seconds). Please notes that if any of the values defined here is -# more than what is defined in krb5.conf, it will be ignored. -# -# Whenever a KDC is detected as available, it is removed from the blacklist. -# The blacklist is reset when krb5.conf is reloaded. You can add -# refreshKrb5Config=true to a JAAS configuration file so that krb5.conf is -# reloaded whenever a JAAS authentication is attempted. -# -# Example, -# krb5.kdc.bad.policy = tryLast -# krb5.kdc.bad.policy = tryLess:2,2000 -krb5.kdc.bad.policy = tryLast - -# Algorithm restrictions for certification path (CertPath) processing -# -# In some environments, certain algorithms or key lengths may be undesirable -# for certification path building and validation. For example, "MD2" is -# generally no longer considered to be a secure hash algorithm. This section -# describes the mechanism for disabling algorithms based on algorithm name -# and/or key length. This includes algorithms used in certificates, as well -# as revocation information such as CRLs and signed OCSP Responses. -# -# The syntax of the disabled algorithm string is described as this Java -# BNF-style: -# DisabledAlgorithms: -# " DisabledAlgorithm { , DisabledAlgorithm } " -# -# DisabledAlgorithm: -# AlgorithmName [Constraint] -# -# AlgorithmName: -# (see below) -# -# Constraint: -# KeySizeConstraint -# -# KeySizeConstraint: -# keySize Operator DecimalInteger -# -# Operator: -# <= | < | == | != | >= | > -# -# DecimalInteger: -# DecimalDigits -# -# DecimalDigits: -# DecimalDigit {DecimalDigit} -# -# DecimalDigit: one of -# 1 2 3 4 5 6 7 8 9 0 -# -# The "AlgorithmName" is the standard algorithm name of the disabled -# algorithm. See "Java Cryptography Architecture Standard Algorithm Name -# Documentation" for information about Standard Algorithm Names. Matching -# is performed using a case-insensitive sub-element matching rule. (For -# example, in "SHA1withECDSA" the sub-elements are "SHA1" for hashing and -# "ECDSA" for signatures.) If the assertion "AlgorithmName" is a -# sub-element of the certificate algorithm name, the algorithm will be -# rejected during certification path building and validation. For example, -# the assertion algorithm name "DSA" will disable all certificate algorithms -# that rely on DSA, such as NONEwithDSA, SHA1withDSA. However, the assertion -# will not disable algorithms related to "ECDSA". -# -# A "Constraint" provides further guidance for the algorithm being specified. -# The "KeySizeConstraint" requires a key of a valid size range if the -# "AlgorithmName" is of a key algorithm. The "DecimalInteger" indicates the -# key size specified in number of bits. For example, "RSA keySize <= 1024" -# indicates that any RSA key with key size less than or equal to 1024 bits -# should be disabled, and "RSA keySize < 1024, RSA keySize > 2048" indicates -# that any RSA key with key size less than 1024 or greater than 2048 should -# be disabled. Note that the "KeySizeConstraint" only makes sense to key -# algorithms. -# -# Note: This property is currently used by Oracle's PKIX implementation. It -# is not guaranteed to be examined and used by other implementations. -# -# Example: -# jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048 -# -# -jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024 - -# Algorithm restrictions for Secure Socket Layer/Transport Layer Security -# (SSL/TLS) processing -# -# In some environments, certain algorithms or key lengths may be undesirable -# when using SSL/TLS. This section describes the mechanism for disabling -# algorithms during SSL/TLS security parameters negotiation, including cipher -# suites selection, peer authentication and key exchange mechanisms. -# -# For PKI-based peer authentication and key exchange mechanisms, this list -# of disabled algorithms will also be checked during certification path -# building and validation, including algorithms used in certificates, as -# well as revocation information such as CRLs and signed OCSP Responses. -# This is in addition to the jdk.certpath.disabledAlgorithms property above. -# -# See the specification of "jdk.certpath.disabledAlgorithms" for the -# syntax of the disabled algorithm string. -# -# Note: This property is currently used by Oracle's JSSE implementation. -# It is not guaranteed to be examined and used by other implementations. -# -# Example: -# jdk.tls.disabledAlgorithms=MD5, SHA1, DSA, RSA keySize < 2048
--- a/jdk/src/java.base/share/conf/security/java.security-windows Thu Aug 21 14:16:26 2014 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,499 +0,0 @@ -# -# This is the "master security properties file". -# -# An alternate java.security properties file may be specified -# from the command line via the system property -# -# -Djava.security.properties=<URL> -# -# This properties file appends to the master security properties file. -# If both properties files specify values for the same key, the value -# from the command-line properties file is selected, as it is the last -# one loaded. -# -# Also, if you specify -# -# -Djava.security.properties==<URL> (2 equals), -# -# then that properties file completely overrides the master security -# properties file. -# -# To disable the ability to specify an additional properties file from -# the command line, set the key security.overridePropertiesFile -# to false in the master security properties file. It is set to true -# by default. - -# In this file, various security properties are set for use by -# java.security classes. This is where users can statically register -# Cryptography Package Providers ("providers" for short). The term -# "provider" refers to a package or set of packages that supply a -# concrete implementation of a subset of the cryptography aspects of -# the Java Security API. A provider may, for example, implement one or -# more digital signature algorithms or message digest algorithms. -# -# Each provider must implement a subclass of the Provider class. -# To register a provider in this master security properties file, -# specify the Provider subclass name and priority in the format -# -# security.provider.<n>=<className> -# -# This declares a provider, and specifies its preference -# order n. The preference order is the order in which providers are -# searched for requested algorithms (when no specific provider is -# requested). The order is 1-based; 1 is the most preferred, followed -# by 2, and so on. -# -# <className> must specify the subclass of the Provider class whose -# constructor sets the values of various properties that are required -# for the Java Security API to look up the algorithms or other -# facilities implemented by the provider. -# -# There must be at least one provider specification in java.security. -# There is a default provider that comes standard with the JDK. It -# is called the "SUN" provider, and its Provider subclass -# named Sun appears in the sun.security.provider package. Thus, the -# "SUN" provider is registered via the following: -# -# security.provider.1=sun.security.provider.Sun -# -# (The number 1 is used for the default provider.) -# -# Note: Providers can be dynamically registered instead by calls to -# either the addProvider or insertProviderAt method in the Security -# class. - -# -# List of providers and their preference orders (see above): -# -security.provider.1=sun.security.provider.Sun -security.provider.2=sun.security.rsa.SunRsaSign -security.provider.3=sun.security.ec.SunEC -security.provider.4=com.sun.net.ssl.internal.ssl.Provider -security.provider.5=com.sun.crypto.provider.SunJCE -security.provider.6=sun.security.jgss.SunProvider -security.provider.7=com.sun.security.sasl.Provider -security.provider.8=org.jcp.xml.dsig.internal.dom.XMLDSigRI -security.provider.9=sun.security.smartcardio.SunPCSC -security.provider.10=sun.security.mscapi.SunMSCAPI - -# -# Sun Provider SecureRandom seed source. -# -# Select the primary source of seed data for the "SHA1PRNG" and -# "NativePRNG" SecureRandom implementations in the "Sun" provider. -# (Other SecureRandom implementations might also use this property.) -# -# On Unix-like systems (for example, Solaris/Linux/MacOS), the -# "NativePRNG" and "SHA1PRNG" implementations obtains seed data from -# special device files such as file:/dev/random. -# -# On Windows systems, specifying the URLs "file:/dev/random" or -# "file:/dev/urandom" will enable the native Microsoft CryptoAPI seeding -# mechanism for SHA1PRNG. -# -# By default, an attempt is made to use the entropy gathering device -# specified by the "securerandom.source" Security property. If an -# exception occurs while accessing the specified URL: -# -# SHA1PRNG: -# the traditional system/thread activity algorithm will be used. -# -# NativePRNG: -# a default value of /dev/random will be used. If neither -# are available, the implementation will be disabled. -# "file" is the only currently supported protocol type. -# -# The entropy gathering device can also be specified with the System -# property "java.security.egd". For example: -# -# % java -Djava.security.egd=file:/dev/random MainClass -# -# Specifying this System property will override the -# "securerandom.source" Security property. -# -# In addition, if "file:/dev/random" or "file:/dev/urandom" is -# specified, the "NativePRNG" implementation will be more preferred than -# SHA1PRNG in the Sun provider. -# -securerandom.source=file:/dev/random - -# -# A list of known strong SecureRandom implementations. -# -# To help guide applications in selecting a suitable strong -# java.security.SecureRandom implementation, Java distributions should -# indicate a list of known strong implementations using the property. -# -# This is a comma-separated list of algorithm and/or algorithm:provider -# entries. -# -securerandom.strongAlgorithms=Windows-PRNG:SunMSCAPI,SHA1PRNG:SUN - -# -# Class to instantiate as the javax.security.auth.login.Configuration -# provider. -# -login.configuration.provider=sun.security.provider.ConfigFile - -# -# Default login configuration file -# -#login.config.url.1=file:${user.home}/.java.login.config - -# -# Class to instantiate as the system Policy. This is the name of the class -# that will be used as the Policy object. -# -policy.provider=sun.security.provider.PolicyFile - -# The default is to have a single system-wide policy file, -# and a policy file in the user's home directory. -policy.url.1=file:${java.home}/lib/security/java.policy -policy.url.2=file:${user.home}/.java.policy - -# whether or not we expand properties in the policy file -# if this is set to false, properties (${...}) will not be expanded in policy -# files. -policy.expandProperties=true - -# whether or not we allow an extra policy to be passed on the command line -# with -Djava.security.policy=somefile. Comment out this line to disable -# this feature. -policy.allowSystemProperty=true - -# whether or not we look into the IdentityScope for trusted Identities -# when encountering a 1.1 signed JAR file. If the identity is found -# and is trusted, we grant it AllPermission. -policy.ignoreIdentityScope=false - -# -# Default keystore type. -# -keystore.type=jks - -# -# List of comma-separated packages that start with or equal this string -# will cause a security exception to be thrown when -# passed to checkPackageAccess unless the -# corresponding RuntimePermission ("accessClassInPackage."+package) has -# been granted. -package.access=sun.,\ - com.sun.xml.internal.,\ - com.sun.imageio.,\ - com.sun.istack.internal.,\ - com.sun.jmx.,\ - com.sun.media.sound.,\ - com.sun.naming.internal.,\ - com.sun.proxy.,\ - com.sun.corba.se.,\ - com.sun.org.apache.bcel.internal.,\ - com.sun.org.apache.regexp.internal.,\ - com.sun.org.apache.xerces.internal.,\ - com.sun.org.apache.xpath.internal.,\ - com.sun.org.apache.xalan.internal.extensions.,\ - com.sun.org.apache.xalan.internal.lib.,\ - com.sun.org.apache.xalan.internal.res.,\ - com.sun.org.apache.xalan.internal.templates.,\ - com.sun.org.apache.xalan.internal.utils.,\ - com.sun.org.apache.xalan.internal.xslt.,\ - com.sun.org.apache.xalan.internal.xsltc.cmdline.,\ - com.sun.org.apache.xalan.internal.xsltc.compiler.,\ - com.sun.org.apache.xalan.internal.xsltc.trax.,\ - com.sun.org.apache.xalan.internal.xsltc.util.,\ - com.sun.org.apache.xml.internal.res.,\ - com.sun.org.apache.xml.internal.security.,\ - com.sun.org.apache.xml.internal.serializer.utils.,\ - com.sun.org.apache.xml.internal.utils.,\ - com.sun.org.glassfish.,\ - com.oracle.xmlns.internal.,\ - com.oracle.webservices.internal.,\ - org.jcp.xml.dsig.internal.,\ - jdk.internal.,\ - jdk.nashorn.internal.,\ - jdk.nashorn.tools.,\ - com.sun.activation.registries.,\ - com.sun.java.accessibility. - -# -# List of comma-separated packages that start with or equal this string -# will cause a security exception to be thrown when -# passed to checkPackageDefinition unless the -# corresponding RuntimePermission ("defineClassInPackage."+package) has -# been granted. -# -# by default, none of the class loaders supplied with the JDK call -# checkPackageDefinition. -# -package.definition=sun.,\ - com.sun.xml.internal.,\ - com.sun.imageio.,\ - com.sun.istack.internal.,\ - com.sun.jmx.,\ - com.sun.media.sound.,\ - com.sun.naming.internal.,\ - com.sun.proxy.,\ - com.sun.corba.se.,\ - com.sun.org.apache.bcel.internal.,\ - com.sun.org.apache.regexp.internal.,\ - com.sun.org.apache.xerces.internal.,\ - com.sun.org.apache.xpath.internal.,\ - com.sun.org.apache.xalan.internal.extensions.,\ - com.sun.org.apache.xalan.internal.lib.,\ - com.sun.org.apache.xalan.internal.res.,\ - com.sun.org.apache.xalan.internal.templates.,\ - com.sun.org.apache.xalan.internal.utils.,\ - com.sun.org.apache.xalan.internal.xslt.,\ - com.sun.org.apache.xalan.internal.xsltc.cmdline.,\ - com.sun.org.apache.xalan.internal.xsltc.compiler.,\ - com.sun.org.apache.xalan.internal.xsltc.trax.,\ - com.sun.org.apache.xalan.internal.xsltc.util.,\ - com.sun.org.apache.xml.internal.res.,\ - com.sun.org.apache.xml.internal.security.,\ - com.sun.org.apache.xml.internal.serializer.utils.,\ - com.sun.org.apache.xml.internal.utils.,\ - com.sun.org.glassfish.,\ - com.oracle.xmlns.internal.,\ - com.oracle.webservices.internal.,\ - org.jcp.xml.dsig.internal.,\ - jdk.internal.,\ - jdk.nashorn.internal.,\ - jdk.nashorn.tools.,\ - com.sun.activation.registries.,\ - com.sun.java.accessibility. - -# -# Determines whether this properties file can be appended to -# or overridden on the command line via -Djava.security.properties -# -security.overridePropertiesFile=true - -# -# Determines the default key and trust manager factory algorithms for -# the javax.net.ssl package. -# -ssl.KeyManagerFactory.algorithm=SunX509 -ssl.TrustManagerFactory.algorithm=PKIX - -# -# The Java-level namelookup cache policy for successful lookups: -# -# any negative value: caching forever -# any positive value: the number of seconds to cache an address for -# zero: do not cache -# -# default value is forever (FOREVER). For security reasons, this -# caching is made forever when a security manager is set. When a security -# manager is not set, the default behavior in this implementation -# is to cache for 30 seconds. -# -# NOTE: setting this to anything other than the default value can have -# serious security implications. Do not set it unless -# you are sure you are not exposed to DNS spoofing attack. -# -#networkaddress.cache.ttl=-1 - -# The Java-level namelookup cache policy for failed lookups: -# -# any negative value: cache forever -# any positive value: the number of seconds to cache negative lookup results -# zero: do not cache -# -# In some Microsoft Windows networking environments that employ -# the WINS name service in addition to DNS, name service lookups -# that fail may take a noticeably long time to return (approx. 5 seconds). -# For this reason the default caching policy is to maintain these -# results for 10 seconds. -# -# -networkaddress.cache.negative.ttl=10 - -# -# Properties to configure OCSP for certificate revocation checking -# - -# Enable OCSP -# -# By default, OCSP is not used for certificate revocation checking. -# This property enables the use of OCSP when set to the value "true". -# -# NOTE: SocketPermission is required to connect to an OCSP responder. -# -# Example, -# ocsp.enable=true - -# -# Location of the OCSP responder -# -# By default, the location of the OCSP responder is determined implicitly -# from the certificate being validated. This property explicitly specifies -# the location of the OCSP responder. The property is used when the -# Authority Information Access extension (defined in RFC 3280) is absent -# from the certificate or when it requires overriding. -# -# Example, -# ocsp.responderURL=http://ocsp.example.net:80 - -# -# Subject name of the OCSP responder's certificate -# -# By default, the certificate of the OCSP responder is that of the issuer -# of the certificate being validated. This property identifies the certificate -# of the OCSP responder when the default does not apply. Its value is a string -# distinguished name (defined in RFC 2253) which identifies a certificate in -# the set of certificates supplied during cert path validation. In cases where -# the subject name alone is not sufficient to uniquely identify the certificate -# then both the "ocsp.responderCertIssuerName" and -# "ocsp.responderCertSerialNumber" properties must be used instead. When this -# property is set then those two properties are ignored. -# -# Example, -# ocsp.responderCertSubjectName="CN=OCSP Responder, O=XYZ Corp" - -# -# Issuer name of the OCSP responder's certificate -# -# By default, the certificate of the OCSP responder is that of the issuer -# of the certificate being validated. This property identifies the certificate -# of the OCSP responder when the default does not apply. Its value is a string -# distinguished name (defined in RFC 2253) which identifies a certificate in -# the set of certificates supplied during cert path validation. When this -# property is set then the "ocsp.responderCertSerialNumber" property must also -# be set. When the "ocsp.responderCertSubjectName" property is set then this -# property is ignored. -# -# Example, -# ocsp.responderCertIssuerName="CN=Enterprise CA, O=XYZ Corp" - -# -# Serial number of the OCSP responder's certificate -# -# By default, the certificate of the OCSP responder is that of the issuer -# of the certificate being validated. This property identifies the certificate -# of the OCSP responder when the default does not apply. Its value is a string -# of hexadecimal digits (colon or space separators may be present) which -# identifies a certificate in the set of certificates supplied during cert path -# validation. When this property is set then the "ocsp.responderCertIssuerName" -# property must also be set. When the "ocsp.responderCertSubjectName" property -# is set then this property is ignored. -# -# Example, -# ocsp.responderCertSerialNumber=2A:FF:00 - -# -# Policy for failed Kerberos KDC lookups: -# -# When a KDC is unavailable (network error, service failure, etc), it is -# put inside a blacklist and accessed less often for future requests. The -# value (case-insensitive) for this policy can be: -# -# tryLast -# KDCs in the blacklist are always tried after those not on the list. -# -# tryLess[:max_retries,timeout] -# KDCs in the blacklist are still tried by their order in the configuration, -# but with smaller max_retries and timeout values. max_retries and timeout -# are optional numerical parameters (default 1 and 5000, which means once -# and 5 seconds). Please notes that if any of the values defined here is -# more than what is defined in krb5.conf, it will be ignored. -# -# Whenever a KDC is detected as available, it is removed from the blacklist. -# The blacklist is reset when krb5.conf is reloaded. You can add -# refreshKrb5Config=true to a JAAS configuration file so that krb5.conf is -# reloaded whenever a JAAS authentication is attempted. -# -# Example, -# krb5.kdc.bad.policy = tryLast -# krb5.kdc.bad.policy = tryLess:2,2000 -krb5.kdc.bad.policy = tryLast - -# Algorithm restrictions for certification path (CertPath) processing -# -# In some environments, certain algorithms or key lengths may be undesirable -# for certification path building and validation. For example, "MD2" is -# generally no longer considered to be a secure hash algorithm. This section -# describes the mechanism for disabling algorithms based on algorithm name -# and/or key length. This includes algorithms used in certificates, as well -# as revocation information such as CRLs and signed OCSP Responses. -# -# The syntax of the disabled algorithm string is described as this Java -# BNF-style: -# DisabledAlgorithms: -# " DisabledAlgorithm { , DisabledAlgorithm } " -# -# DisabledAlgorithm: -# AlgorithmName [Constraint] -# -# AlgorithmName: -# (see below) -# -# Constraint: -# KeySizeConstraint -# -# KeySizeConstraint: -# keySize Operator DecimalInteger -# -# Operator: -# <= | < | == | != | >= | > -# -# DecimalInteger: -# DecimalDigits -# -# DecimalDigits: -# DecimalDigit {DecimalDigit} -# -# DecimalDigit: one of -# 1 2 3 4 5 6 7 8 9 0 -# -# The "AlgorithmName" is the standard algorithm name of the disabled -# algorithm. See "Java Cryptography Architecture Standard Algorithm Name -# Documentation" for information about Standard Algorithm Names. Matching -# is performed using a case-insensitive sub-element matching rule. (For -# example, in "SHA1withECDSA" the sub-elements are "SHA1" for hashing and -# "ECDSA" for signatures.) If the assertion "AlgorithmName" is a -# sub-element of the certificate algorithm name, the algorithm will be -# rejected during certification path building and validation. For example, -# the assertion algorithm name "DSA" will disable all certificate algorithms -# that rely on DSA, such as NONEwithDSA, SHA1withDSA. However, the assertion -# will not disable algorithms related to "ECDSA". -# -# A "Constraint" provides further guidance for the algorithm being specified. -# The "KeySizeConstraint" requires a key of a valid size range if the -# "AlgorithmName" is of a key algorithm. The "DecimalInteger" indicates the -# key size specified in number of bits. For example, "RSA keySize <= 1024" -# indicates that any RSA key with key size less than or equal to 1024 bits -# should be disabled, and "RSA keySize < 1024, RSA keySize > 2048" indicates -# that any RSA key with key size less than 1024 or greater than 2048 should -# be disabled. Note that the "KeySizeConstraint" only makes sense to key -# algorithms. -# -# Note: This property is currently used by Oracle's PKIX implementation. It -# is not guaranteed to be examined and used by other implementations. -# -# Example: -# jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048 -# -# -jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024 - -# Algorithm restrictions for Secure Socket Layer/Transport Layer Security -# (SSL/TLS) processing -# -# In some environments, certain algorithms or key lengths may be undesirable -# when using SSL/TLS. This section describes the mechanism for disabling -# algorithms during SSL/TLS security parameters negotiation, including cipher -# suites selection, peer authentication and key exchange mechanisms. -# -# For PKI-based peer authentication and key exchange mechanisms, this list -# of disabled algorithms will also be checked during certification path -# building and validation, including algorithms used in certificates, as -# well as revocation information such as CRLs and signed OCSP Responses. -# This is in addition to the jdk.certpath.disabledAlgorithms property above. -# -# See the specification of "jdk.certpath.disabledAlgorithms" for the -# syntax of the disabled algorithm string. -# -# Note: This property is currently used by Oracle's JSSE implementation. -# It is not guaranteed to be examined and used by other implementations. -# -# Example: -# jdk.tls.disabledAlgorithms=MD5, SHA1, DSA, RSA keySize < 2048
--- a/jdk/src/java.base/unix/native/libjava/UNIXProcess_md.c Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.base/unix/native/libjava/UNIXProcess_md.c Thu Aug 28 14:54:07 2014 -0700 @@ -599,9 +599,9 @@ */ assert(prog != NULL && argBlock != NULL); if ((phelperpath = getBytes(env, helperpath)) == NULL) goto Catch; - if ((pprog = getBytes(env, prog)) == NULL) goto Catch; - if ((pargBlock = getBytes(env, argBlock)) == NULL) goto Catch; - if ((c->argv = NEW(const char *, argc + 3)) == NULL) goto Catch; + if ((pprog = getBytes(env, prog)) == NULL) goto Catch; + if ((pargBlock = getBytes(env, argBlock)) == NULL) goto Catch; + if ((c->argv = NEW(const char *, argc + 3)) == NULL) goto Catch; c->argv[0] = pprog; c->argc = argc + 2; initVectorFromBlock(c->argv+1, pargBlock, argc); @@ -690,10 +690,11 @@ closeSafely(childenv[0]); closeSafely(childenv[1]); - releaseBytes(env, prog, pprog); - releaseBytes(env, argBlock, pargBlock); - releaseBytes(env, envBlock, penvBlock); - releaseBytes(env, dir, c->pdir); + releaseBytes(env, helperpath, phelperpath); + releaseBytes(env, prog, pprog); + releaseBytes(env, argBlock, pargBlock); + releaseBytes(env, envBlock, penvBlock); + releaseBytes(env, dir, c->pdir); free(c->argv); free(c->envv);
--- a/jdk/src/java.desktop/macosx/classes/apple/laf/JRSUIControl.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/macosx/classes/apple/laf/JRSUIControl.java Thu Aug 28 14:54:07 2014 -0700 @@ -114,7 +114,7 @@ changes.putAll(other.changes); } - protected synchronized final void finalize() throws Throwable { + protected synchronized void finalize() throws Throwable { if (cfDictionaryPtr == 0) return; disposeCFDictionary(cfDictionaryPtr); cfDictionaryPtr = 0;
--- a/jdk/src/java.desktop/macosx/classes/com/apple/laf/AquaInternalFrameUI.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/macosx/classes/com/apple/laf/AquaInternalFrameUI.java Thu Aug 28 14:54:07 2014 -0700 @@ -938,7 +938,11 @@ final Point pt = new Point(); final Component c = getComponentToForwardTo(e, pt); if (c == null) return; - c.dispatchEvent(new MouseWheelEvent(c, e.getID(), e.getWhen(), e.getModifiers(), pt.x, pt.y, e.getClickCount(), e.isPopupTrigger(), e.getScrollType(), e.getScrollAmount(), e.getWheelRotation())); + c.dispatchEvent(new MouseWheelEvent(c, e.getID(), e.getWhen(), + e.getModifiers(), pt.x, pt.y, e.getXOnScreen(), e.getYOnScreen(), + e.getClickCount(), e.isPopupTrigger(), e.getScrollType(), + e.getScrollAmount(), e.getWheelRotation(), + e.getPreciseWheelRotation())); } public void componentResized(final ComponentEvent e) {
--- a/jdk/src/java.desktop/macosx/classes/com/apple/laf/AquaTabbedPaneCopyFromBasicUI.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/macosx/classes/com/apple/laf/AquaTabbedPaneCopyFromBasicUI.java Thu Aug 28 14:54:07 2014 -0700 @@ -3307,7 +3307,7 @@ pane.repaint(); } else if (name == "indexForTitle") { calculatedBaseline = false; - updateHtmlViews((Integer) e.getNewValue()); + updateHtmlViews((Integer) e.getNewValue(), false); } else if (name == "tabLayoutPolicy") { AquaTabbedPaneCopyFromBasicUI.this.uninstallUI(pane); AquaTabbedPaneCopyFromBasicUI.this.installUI(pane); @@ -3345,7 +3345,7 @@ calculatedBaseline = false; } else if (name == "indexForNullComponent") { isRunsDirty = true; - updateHtmlViews((Integer) e.getNewValue()); + updateHtmlViews((Integer) e.getNewValue(), true); } else if (name == "font") { calculatedBaseline = false; } @@ -3464,10 +3464,10 @@ return; } isRunsDirty = true; - updateHtmlViews(tp.indexOfComponent(child)); + updateHtmlViews(tp.indexOfComponent(child), true); } - private void updateHtmlViews(int index) { + private void updateHtmlViews(int index, boolean inserted) { final String title = tabPane.getTitleAt(index); final boolean isHTML = BasicHTML.isHTMLString(title); if (isHTML) { @@ -3475,16 +3475,24 @@ htmlViews = createHTMLVector(); } else { // Vector already exists final View v = BasicHTML.createHTMLView(tabPane, title); - htmlViews.insertElementAt(v, index); + setHtmlView(v, inserted, index); } } else { // Not HTML if (htmlViews != null) { // Add placeholder - htmlViews.insertElementAt(null, index); + setHtmlView(null, inserted, index); } // else nada! } updateMnemonics(); } + private void setHtmlView(View v, boolean inserted, int index) { + if (inserted || index >= htmlViews.size()) { + htmlViews.insertElementAt(v, index); + } else { + htmlViews.setElementAt(v, index); + } + } + public void componentRemoved(final ContainerEvent e) { final JTabbedPane tp = (JTabbedPane)e.getContainer(); final Component child = e.getChild();
--- a/jdk/src/java.desktop/macosx/classes/sun/font/CFontManager.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/macosx/classes/sun/font/CFontManager.java Thu Aug 28 14:54:07 2014 -0700 @@ -43,7 +43,7 @@ import sun.awt.util.ThreadGroupUtils; import sun.lwawt.macosx.*; -public class CFontManager extends SunFontManager { +public final class CFontManager extends SunFontManager { private FontConfigManager fcManager = null; private static Hashtable<String, Font2D> genericFonts = new Hashtable<String, Font2D>(); @@ -61,20 +61,14 @@ return new CFontConfiguration(this, preferLocaleFonts, preferPropFonts); } - private static String[] defaultPlatformFont = null; - /* * Returns an array of two strings. The first element is the * name of the font. The second element is the file name. */ @Override - public synchronized String[] getDefaultPlatformFont() { - if (defaultPlatformFont == null) { - defaultPlatformFont = new String[2]; - defaultPlatformFont[0] = "Lucida Grande"; - defaultPlatformFont[1] = "/System/Library/Fonts/LucidaGrande.ttc"; - } - return defaultPlatformFont; + protected String[] getDefaultPlatformFont() { + return new String[]{"Lucida Grande", + "/System/Library/Fonts/LucidaGrande.ttc"}; } // This is a way to register any kind of Font2D, not just files and composites.
--- a/jdk/src/java.desktop/macosx/classes/sun/lwawt/LWComponentPeer.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/macosx/classes/sun/lwawt/LWComponentPeer.java Thu Aug 28 14:54:07 2014 -0700 @@ -1233,11 +1233,13 @@ delegate, me.getID(), me.getWhen(), me.getModifiers(), me.getX(), me.getY(), + me.getXOnScreen(), me.getYOnScreen(), me.getClickCount(), me.isPopupTrigger(), me.getScrollType(), me.getScrollAmount(), - me.getWheelRotation()); + me.getWheelRotation(), + me.getPreciseWheelRotation()); } else if (e instanceof MouseEvent) { MouseEvent me = (MouseEvent) e;
--- a/jdk/src/java.desktop/macosx/classes/sun/lwawt/LWWindowPeer.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/macosx/classes/sun/lwawt/LWWindowPeer.java Thu Aug 28 14:54:07 2014 -0700 @@ -105,6 +105,8 @@ private final SecurityWarningWindow warningWindow; + private volatile boolean targetFocusable; + /** * Current modal blocker or null. * @@ -240,13 +242,12 @@ if (!visible && warningWindow != null) { warningWindow.setVisible(false, false); } - + updateFocusableWindowState(); super.setVisibleImpl(visible); // TODO: update graphicsConfig, see 4868278 platformWindow.setVisible(visible); if (isSimpleWindow()) { KeyboardFocusManagerPeer kfmPeer = LWKeyboardFocusManagerPeer.getInstance(); - if (visible) { if (!getTarget().isAutoRequestFocus()) { return; @@ -397,6 +398,7 @@ @Override public void updateFocusableWindowState() { + targetFocusable = getTarget().isFocusableWindow(); platformWindow.updateFocusableWindowState(); } @@ -1220,13 +1222,13 @@ } private boolean isFocusableWindow() { - boolean focusable = getTarget().isFocusableWindow(); + boolean focusable = targetFocusable; if (isSimpleWindow()) { LWWindowPeer ownerPeer = getOwnerFrameDialog(this); if (ownerPeer == null) { return false; } - return focusable && ownerPeer.getTarget().isFocusableWindow(); + return focusable && ownerPeer.targetFocusable; } return focusable; }
--- a/jdk/src/java.desktop/macosx/classes/sun/lwawt/macosx/CEmbeddedFrame.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/macosx/classes/sun/lwawt/macosx/CEmbeddedFrame.java Thu Aug 28 14:54:07 2014 -0700 @@ -38,7 +38,8 @@ private CPlatformResponder responder; private static final Object classLock = new Object(); - private static volatile CEmbeddedFrame focusedWindow; + private static volatile CEmbeddedFrame globalFocusedWindow; + private CEmbeddedFrame browserWindowFocusedApplet; private boolean parentWindowActive = true; public CEmbeddedFrame() { @@ -111,10 +112,10 @@ synchronized (classLock) { // In some cases an applet may not receive the focus lost event // from the parent window (see 8012330) - focusedWindow = (focused) ? this - : ((focusedWindow == this) ? null : focusedWindow); + globalFocusedWindow = (focused) ? this + : ((globalFocusedWindow == this) ? null : globalFocusedWindow); } - if (focusedWindow == this) { + if (globalFocusedWindow == this) { // see bug 8010925 // we can't put this to handleWindowFocusEvent because // it won't be invoced if focuse is moved to a html element @@ -145,9 +146,23 @@ // non-focused applet. This method can be called from different threads. public void handleWindowFocusEvent(boolean parentWindowActive) { this.parentWindowActive = parentWindowActive; + // If several applets are running in different browser's windows, it is necessary to + // detect the switching between the parent windows and update globalFocusedWindow accordingly. + synchronized (classLock) { + if (!parentWindowActive) { + this.browserWindowFocusedApplet = globalFocusedWindow; + } + if (parentWindowActive && globalFocusedWindow != this && isParentWindowChanged()) { + // It looks like we have switched to another browser window, let's restore focus to + // the previously focused applet in this window. If no applets were focused in the + // window, we will set focus to the first applet in the window. + globalFocusedWindow = (this.browserWindowFocusedApplet != null) ? this.browserWindowFocusedApplet + : this; + } + } // ignore focus "lost" native request as it may mistakenly // deactivate active window (see 8001161) - if (focusedWindow == this && parentWindowActive) { + if (globalFocusedWindow == this && parentWindowActive) { responder.handleWindowFocusEvent(parentWindowActive, null); } } @@ -155,4 +170,10 @@ public boolean isParentWindowActive() { return parentWindowActive; } + + private boolean isParentWindowChanged() { + // If globalFocusedWindow is located at inactive parent window or null, we have swithed to + // another window. + return globalFocusedWindow != null ? !globalFocusedWindow.isParentWindowActive() : true; + } }
--- a/jdk/src/java.desktop/macosx/classes/sun/lwawt/macosx/NSPrintInfo.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/macosx/classes/sun/lwawt/macosx/NSPrintInfo.java Thu Aug 28 14:54:07 2014 -0700 @@ -54,11 +54,11 @@ return "" + fNSPrintInfo; } - public final Class<? extends Attribute> getCategory() { + public Class<? extends Attribute> getCategory() { return NSPrintInfo.class; } - public final String getName() { + public String getName() { return "nsPrintInfo"; } }
--- a/jdk/src/java.desktop/macosx/native/libawt_lwawt/sun/awt/JavaComponentAccessibility.m Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/macosx/native/libawt_lwawt/sun/awt/JavaComponentAccessibility.m Thu Aug 28 14:54:07 2014 -0700 @@ -1108,7 +1108,10 @@ JNIEnv *env = [ThreadUtilities getJNIEnv]; id value = nil; + NSWindow* hostWindow = [[self->fView window] retain]; jobject focused = JNFCallStaticObjectMethod(env, jm_getFocusOwner, fComponent); // AWT_THREADING Safe (AWTRunLoop) + [hostWindow release]; + if (focused != NULL) { if (JNFIsInstanceOf(env, focused, &sjc_Accessible)) { value = [JavaComponentAccessibility createWithAccessible:focused withEnv:env withView:fView];
--- a/jdk/src/java.desktop/share/classes/com/sun/media/sound/FFT.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/share/classes/com/sun/media/sound/FFT.java Thu Aug 28 14:54:07 2014 -0700 @@ -68,7 +68,7 @@ calc(fftFrameSize, data, sign, w); } - private final static double[] computeTwiddleFactors(int fftFrameSize, + private static double[] computeTwiddleFactors(int fftFrameSize, int sign) { int imax = (int) (Math.log(fftFrameSize) / Math.log(2.)); @@ -122,7 +122,7 @@ return warray; } - private final static void calc(int fftFrameSize, double[] data, int sign, + private static void calc(int fftFrameSize, double[] data, int sign, double[] w) { final int fftFrameSize2 = fftFrameSize << 1; @@ -139,7 +139,7 @@ } - private final static void calcF2E(int fftFrameSize, double[] data, int i, + private static void calcF2E(int fftFrameSize, double[] data, int i, int nstep, double[] w) { int jmax = nstep; for (int n = 0; n < jmax; n += 2) { @@ -163,7 +163,7 @@ // Perform Factor-4 Decomposition with 3 * complex operators and 8 +/- // complex operators - private final static void calcF4F(int fftFrameSize, double[] data, int i, + private static void calcF4F(int fftFrameSize, double[] data, int i, int nstep, double[] w) { final int fftFrameSize2 = fftFrameSize << 1; // 2*fftFrameSize; // Factor-4 Decomposition @@ -331,7 +331,7 @@ // Perform Factor-4 Decomposition with 3 * complex operators and 8 +/- // complex operators - private final static void calcF4I(int fftFrameSize, double[] data, int i, + private static void calcF4I(int fftFrameSize, double[] data, int i, int nstep, double[] w) { final int fftFrameSize2 = fftFrameSize << 1; // 2*fftFrameSize; // Factor-4 Decomposition @@ -499,7 +499,7 @@ // Perform Factor-4 Decomposition with 3 * complex operators and 8 +/- // complex operators - private final static void calcF4FE(int fftFrameSize, double[] data, int i, + private static void calcF4FE(int fftFrameSize, double[] data, int i, int nstep, double[] w) { final int fftFrameSize2 = fftFrameSize << 1; // 2*fftFrameSize; // Factor-4 Decomposition @@ -593,7 +593,7 @@ // Perform Factor-4 Decomposition with 3 * complex operators and 8 +/- // complex operators - private final static void calcF4IE(int fftFrameSize, double[] data, int i, + private static void calcF4IE(int fftFrameSize, double[] data, int i, int nstep, double[] w) { final int fftFrameSize2 = fftFrameSize << 1; // 2*fftFrameSize; // Factor-4 Decomposition @@ -685,7 +685,7 @@ } - private final void bitreversal(double[] data) { + private void bitreversal(double[] data) { if (fftFrameSize < 4) return;
--- a/jdk/src/java.desktop/share/classes/com/sun/media/sound/JDK13Services.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/share/classes/com/sun/media/sound/JDK13Services.java Thu Aug 28 14:54:07 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,6 +25,8 @@ package com.sun.media.sound; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.ArrayList; import java.util.Collections; import java.util.List; @@ -176,11 +178,11 @@ && !Sequencer.class.equals(typeClass)) { return null; } - String value; - String propertyName = typeClass.getName(); - value = JSSecurityManager.getProperty(propertyName); + String name = typeClass.getName(); + String value = AccessController.doPrivileged( + (PrivilegedAction<String>) () -> System.getProperty(name)); if (value == null) { - value = getProperties().getProperty(propertyName); + value = getProperties().getProperty(name); } if ("".equals(value)) { value = null;
--- a/jdk/src/java.desktop/share/classes/com/sun/media/sound/JSSecurityManager.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/share/classes/com/sun/media/sound/JSSecurityManager.java Thu Aug 28 14:54:07 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -73,33 +73,6 @@ } } - static String getProperty(final String propertyName) { - String propertyValue; - if (hasSecurityManager()) { - if(Printer.debug) Printer.debug("using JDK 1.2 security to get property"); - try{ - PrivilegedAction<String> action = new PrivilegedAction<String>() { - public String run() { - try { - return System.getProperty(propertyName); - } catch (Throwable t) { - return null; - } - } - }; - propertyValue = AccessController.doPrivileged(action); - } catch( Exception e ) { - if(Printer.debug) Printer.debug("not using JDK 1.2 security to get properties"); - propertyValue = System.getProperty(propertyName); - } - } else { - if(Printer.debug) Printer.debug("not using JDK 1.2 security to get properties"); - propertyValue = System.getProperty(propertyName); - } - return propertyValue; - } - - /** Load properties from a file. This method tries to load properties from the filename give into the passed properties object.
--- a/jdk/src/java.desktop/share/classes/com/sun/media/sound/Platform.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/share/classes/com/sun/media/sound/Platform.java Thu Aug 28 14:54:07 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -74,17 +74,6 @@ // intel is little-endian. sparc is big-endian. private static boolean bigEndian; - // this is the value of the "java.home" system property. i am looking it up here - // for use when trying to load the soundbank, just so - // that all the privileged code is localized in this file.... - private static String javahome; - - // this is the value of the "java.class.path" system property - private static String classpath; - - - - static { if(Printer.trace)Printer.trace(">> Platform.java: static"); @@ -129,26 +118,6 @@ return signed8; } - - /** - * Obtain javahome. - * $$kk: 04.16.99: this is *bad*!! - */ - static String getJavahome() { - - return javahome; - } - - /** - * Obtain classpath. - * $$jb: 04.21.99: this is *bad* too!! - */ - static String getClasspath() { - - return classpath; - } - - // PRIVATE METHODS /** @@ -157,21 +126,13 @@ private static void loadLibraries() { if(Printer.trace)Printer.trace(">>Platform.loadLibraries"); - try { - // load the main library - AccessController.doPrivileged(new PrivilegedAction<Void>() { - @Override - public Void run() { - System.loadLibrary(libNameMain); - return null; - } - }); - // just for the heck of it... - loadedLibs |= LIB_MAIN; - } catch (SecurityException e) { - if(Printer.err)Printer.err("Security exception loading main native library. JavaSound requires access to these resources."); - throw(e); - } + // load the main library + AccessController.doPrivileged((PrivilegedAction<Void>) () -> { + System.loadLibrary(libNameMain); + return null; + }); + // just for the heck of it... + loadedLibs |= LIB_MAIN; // now try to load extra libs. They are defined at compile time in the Makefile // with the define EXTRA_SOUND_JNI_LIBS @@ -181,12 +142,9 @@ while (st.hasMoreTokens()) { final String lib = st.nextToken(); try { - AccessController.doPrivileged(new PrivilegedAction<Void>() { - @Override - public Void run() { - System.loadLibrary(lib); - return null; - } + AccessController.doPrivileged((PrivilegedAction<Void>) () -> { + System.loadLibrary(lib); + return null; }); if (lib.equals(libNameALSA)) { @@ -239,7 +197,5 @@ // $$fb 2002-03-06: implement check for endianness in native. Facilitates porting ! bigEndian = nIsBigEndian(); signed8 = nIsSigned8(); // Solaris on Sparc: signed, all others unsigned - javahome = JSSecurityManager.getProperty("java.home"); - classpath = JSSecurityManager.getProperty("java.class.path"); } }
--- a/jdk/src/java.desktop/share/classes/com/sun/media/sound/RIFFReader.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/share/classes/com/sun/media/sound/RIFFReader.java Thu Aug 28 14:54:07 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2007, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2007, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -39,21 +39,20 @@ private long filepointer = 0; private final String fourcc; private String riff_type = null; - private long ckSize = 0; + private long ckSize = Integer.MAX_VALUE; private InputStream stream; - private long avail; + private long avail = Integer.MAX_VALUE; private RIFFReader lastiterator = null; public RIFFReader(InputStream stream) throws IOException { - if (stream instanceof RIFFReader) - root = ((RIFFReader)stream).root; - else + if (stream instanceof RIFFReader) { + root = ((RIFFReader) stream).root; + } else { root = this; + } this.stream = stream; - avail = Integer.MAX_VALUE; - ckSize = Integer.MAX_VALUE; // Check for RIFF null paddings, int b; @@ -76,10 +75,12 @@ readFully(fourcc, 1, 3); this.fourcc = new String(fourcc, "ascii"); ckSize = readUnsignedInt(); - - avail = this.ckSize; + avail = ckSize; if (getFormat().equals("RIFF") || getFormat().equals("LIST")) { + if (avail > Integer.MAX_VALUE) { + throw new RIFFInvalidDataException("Chunk size too big"); + } byte[] format = new byte[4]; readFully(format); this.riff_type = new String(format, "ascii"); @@ -118,19 +119,23 @@ } public int read() throws IOException { - if (avail == 0) + if (avail == 0) { return -1; + } int b = stream.read(); - if (b == -1) + if (b == -1) { + avail = 0; return -1; + } avail--; filepointer++; return b; } public int read(byte[] b, int offset, int len) throws IOException { - if (avail == 0) + if (avail == 0) { return -1; + } if (len > avail) { int rlen = stream.read(b, offset, (int)avail); if (rlen != -1) @@ -139,19 +144,21 @@ return rlen; } else { int ret = stream.read(b, offset, len); - if (ret == -1) + if (ret == -1) { + avail = 0; return -1; + } avail -= ret; filepointer += ret; return ret; } } - public final void readFully(byte b[]) throws IOException { + public void readFully(byte b[]) throws IOException { readFully(b, 0, b.length); } - public final void readFully(byte b[], int off, int len) throws IOException { + public void readFully(byte b[], int off, int len) throws IOException { if (len < 0) throw new IndexOutOfBoundsException(); while (len > 0) { @@ -165,7 +172,7 @@ } } - public final long skipBytes(long n) throws IOException { + public long skipBytes(long n) throws IOException { if (n < 0) return 0; long skipped = 0; @@ -191,8 +198,10 @@ return len; } else { long ret = stream.skip(n); - if (ret == -1) + if (ret == -1) { + avail = 0; return -1; + } avail -= ret; filepointer += ret; return ret; @@ -210,8 +219,13 @@ } // Read ASCII chars from stream - public String readString(int len) throws IOException { - byte[] buff = new byte[len]; + public String readString(final int len) throws IOException { + final byte[] buff; + try { + buff = new byte[len]; + } catch (final OutOfMemoryError oom) { + throw new IOException("Length too big", oom); + } readFully(buff); for (int i = 0; i < buff.length; i++) { if (buff[i] == 0) {
--- a/jdk/src/java.desktop/share/classes/com/sun/media/sound/SF2Soundbank.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/share/classes/com/sun/media/sound/SF2Soundbank.java Thu Aug 28 14:54:07 2014 -0700 @@ -276,6 +276,9 @@ count--; } + if (presets_bagNdx.isEmpty()) { + throw new RIFFInvalidDataException(); + } int offset = presets_bagNdx.get(0); // Offset should be 0 (but just case) for (int i = 0; i < offset; i++) { @@ -360,6 +363,9 @@ count--; } + if (instruments_bagNdx.isEmpty()) { + throw new RIFFInvalidDataException(); + } int offset = instruments_bagNdx.get(0); // Offset should be 0 (but just case) for (int i = 0; i < offset; i++) { @@ -401,6 +407,9 @@ modulator.amount = chunk.readShort(); modulator.amountSourceOperator = chunk.readUnsignedShort(); modulator.transportOperator = chunk.readUnsignedShort(); + if (i < 0 || i >= instruments_splits_gen.size()) { + throw new RIFFInvalidDataException(); + } SF2LayerRegion split = instruments_splits_gen.get(i); if (split != null) split.modulators.add(modulator); @@ -424,7 +433,8 @@ sample.name = chunk.readString(20); long start = chunk.readUnsignedInt(); long end = chunk.readUnsignedInt(); - sample.data = sampleData.subbuffer(start * 2, end * 2, true); + if (sampleData != null) + sample.data = sampleData.subbuffer(start * 2, end * 2, true); if (sampleData24 != null) sample.data24 = sampleData24.subbuffer(start, end, true); /* @@ -462,6 +472,9 @@ int sampleid = split.generators.get( SF2LayerRegion.GENERATOR_SAMPLEID); split.generators.remove(SF2LayerRegion.GENERATOR_SAMPLEID); + if (sampleid < 0 || sampleid >= samples.size()) { + throw new RIFFInvalidDataException(); + } split.sample = samples.get(sampleid); } else { globalsplit = split; @@ -488,6 +501,9 @@ int instrumentid = split.generators.get( SF2InstrumentRegion.GENERATOR_INSTRUMENT); split.generators.remove(SF2LayerRegion.GENERATOR_INSTRUMENT); + if (instrumentid < 0 || instrumentid >= layers.size()) { + throw new RIFFInvalidDataException(); + } split.layer = layers.get(instrumentid); } else { globalsplit = split;
--- a/jdk/src/java.desktop/share/classes/com/sun/media/sound/SoftMidiAudioFileReader.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/share/classes/com/sun/media/sound/SoftMidiAudioFileReader.java Thu Aug 28 14:54:07 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2007, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2007, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -22,6 +22,7 @@ * or visit www.oracle.com if you need additional information or have any * questions. */ + package com.sun.media.sound; import java.io.File; @@ -39,14 +40,14 @@ import javax.sound.midi.Sequence; import javax.sound.midi.Track; import javax.sound.sampled.AudioFileFormat; +import javax.sound.sampled.AudioFileFormat.Type; import javax.sound.sampled.AudioFormat; import javax.sound.sampled.AudioInputStream; import javax.sound.sampled.UnsupportedAudioFileException; -import javax.sound.sampled.AudioFileFormat.Type; import javax.sound.sampled.spi.AudioFileReader; /** - * MIDI File Audio Renderer/Reader + * MIDI File Audio Renderer/Reader. * * @author Karl Helgason */ @@ -109,6 +110,9 @@ if (divtype == Sequence.PPQ) { if (((MetaMessage) msg).getType() == 0x51) { byte[] data = ((MetaMessage) msg).getData(); + if (data.length < 3) { + throw new UnsupportedAudioFileException(); + } mpq = ((data[0] & 0xff) << 16) | ((data[1] & 0xff) << 8) | (data[2] & 0xff); }
--- a/jdk/src/java.desktop/share/classes/com/sun/media/sound/SoftSynthesizer.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/share/classes/com/sun/media/sound/SoftSynthesizer.java Thu Aug 28 14:54:07 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2008, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2008, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -28,6 +28,7 @@ import java.io.BufferedInputStream; import java.io.File; import java.io.FileInputStream; +import java.io.FileNotFoundException; import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; @@ -732,31 +733,28 @@ * Save generated soundbank to disk for faster future use. */ OutputStream out = AccessController - .doPrivileged(new PrivilegedAction<OutputStream>() { - public OutputStream run() { - try { - File userhome = new File(System - .getProperty("user.home"), - ".gervill"); - if (!userhome.exists()) - userhome.mkdirs(); - File emg_soundbank_file = new File( - userhome, "soundbank-emg.sf2"); - if (emg_soundbank_file.exists()) - return null; - return new FileOutputStream( - emg_soundbank_file); - } catch (IOException e) { - } catch (SecurityException e) { + .doPrivileged((PrivilegedAction<OutputStream>) () -> { + try { + File userhome = new File(System + .getProperty("user.home"), ".gervill"); + if (!userhome.exists()) { + userhome.mkdirs(); } - return null; + File emg_soundbank_file = new File( + userhome, "soundbank-emg.sf2"); + if (emg_soundbank_file.exists()) { + return null; + } + return new FileOutputStream(emg_soundbank_file); + } catch (final FileNotFoundException ignored) { } + return null; }); if (out != null) { try { ((SF2Soundbank) defaultSoundBank).save(out); out.close(); - } catch (IOException e) { + } catch (final IOException ignored) { } } } @@ -846,26 +844,24 @@ private Properties getStoredProperties() { return AccessController - .doPrivileged(new PrivilegedAction<Properties>() { - public Properties run() { - Properties p = new Properties(); - String notePath = "/com/sun/media/sound/softsynthesizer"; - try { - Preferences prefroot = Preferences.userRoot(); - if (prefroot.nodeExists(notePath)) { - Preferences prefs = prefroot.node(notePath); - String[] prefs_keys = prefs.keys(); - for (String prefs_key : prefs_keys) { - String val = prefs.get(prefs_key, null); - if (val != null) - p.setProperty(prefs_key, val); + .doPrivileged((PrivilegedAction<Properties>) () -> { + Properties p = new Properties(); + String notePath = "/com/sun/media/sound/softsynthesizer"; + try { + Preferences prefroot = Preferences.userRoot(); + if (prefroot.nodeExists(notePath)) { + Preferences prefs = prefroot.node(notePath); + String[] prefs_keys = prefs.keys(); + for (String prefs_key : prefs_keys) { + String val = prefs.get(prefs_key, null); + if (val != null) { + p.setProperty(prefs_key, val); } } - } catch (BackingStoreException e) { - } catch (SecurityException e) { } - return p; + } catch (final BackingStoreException ignored) { } + return p; }); } @@ -1044,7 +1040,6 @@ return; } synchronized (control_mutex) { - Throwable causeException = null; try { if (line != null) { // can throw IllegalArgumentException @@ -1117,24 +1112,17 @@ weakstream.sourceDataLine = sourceDataLine; } - } catch (LineUnavailableException e) { - causeException = e; - } catch (IllegalArgumentException e) { - causeException = e; - } catch (SecurityException e) { - causeException = e; - } - - if (causeException != null) { - if (isOpen()) + } catch (final LineUnavailableException | SecurityException + | IllegalArgumentException e) { + if (isOpen()) { close(); + } // am: need MidiUnavailableException(Throwable) ctor! MidiUnavailableException ex = new MidiUnavailableException( "Can not open line"); - ex.initCause(causeException); + ex.initCause(e); throw ex; } - } }
--- a/jdk/src/java.desktop/share/classes/com/sun/media/sound/StandardMidiFileReader.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/share/classes/com/sun/media/sound/StandardMidiFileReader.java Thu Aug 28 14:54:07 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,27 +25,25 @@ package com.sun.media.sound; +import java.io.BufferedInputStream; import java.io.DataInputStream; +import java.io.EOFException; import java.io.File; import java.io.FileInputStream; +import java.io.IOException; import java.io.InputStream; -import java.io.IOException; -import java.io.EOFException; -import java.io.BufferedInputStream; import java.net.URL; -import javax.sound.midi.MidiFileFormat; import javax.sound.midi.InvalidMidiDataException; import javax.sound.midi.MetaMessage; import javax.sound.midi.MidiEvent; +import javax.sound.midi.MidiFileFormat; import javax.sound.midi.MidiMessage; import javax.sound.midi.Sequence; import javax.sound.midi.SysexMessage; import javax.sound.midi.Track; import javax.sound.midi.spi.MidiFileReader; - - /** * MIDI file reader. * @@ -53,19 +51,23 @@ * @author Jan Borgersen * @author Florian Bomers */ - public final class StandardMidiFileReader extends MidiFileReader { private static final int MThd_MAGIC = 0x4d546864; // 'MThd' private static final int bisBufferSize = 1024; // buffer size in buffered input streams - public MidiFileFormat getMidiFileFormat(InputStream stream) throws InvalidMidiDataException, IOException { + public MidiFileFormat getMidiFileFormat(InputStream stream) + throws InvalidMidiDataException, IOException { return getMidiFileFormatFromStream(stream, MidiFileFormat.UNKNOWN_LENGTH, null); } - // $$fb 2002-04-17: part of fix for 4635286: MidiSystem.getMidiFileFormat() returns format having invalid length - private MidiFileFormat getMidiFileFormatFromStream(InputStream stream, int fileLength, SMFParser smfParser) throws InvalidMidiDataException, IOException { + // $$fb 2002-04-17: part of fix for 4635286: MidiSystem.getMidiFileFormat() + // returns format having invalid length + private MidiFileFormat getMidiFileFormatFromStream(InputStream stream, + int fileLength, + SMFParser smfParser) + throws InvalidMidiDataException, IOException{ int maxReadLength = 16; int duration = MidiFileFormat.UNKNOWN_LENGTH; DataInputStream dis; @@ -230,7 +232,7 @@ //============================================================================================================= /** - * State variables during parsing of a MIDI file + * State variables during parsing of a MIDI file. */ final class SMFParser { private static final int MTrk_MAGIC = 0x4d54726b; // 'MTrk' @@ -297,7 +299,11 @@ } } // now read track in a byte array - trackData = new byte[trackLength]; + try { + trackData = new byte[trackLength]; + } catch (final OutOfMemoryError oom) { + throw new IOException("Track length too big", oom); + } try { // $$fb 2003-08-20: fix for 4910986: MIDI file parser breaks up on http connection stream.readFully(trackData); @@ -386,8 +392,13 @@ // meta int metaType = readUnsigned(); int metaLength = (int) readVarInt(); + final byte[] metaData; + try { + metaData = new byte[metaLength]; + } catch (final OutOfMemoryError oom) { + throw new IOException("Meta length too big", oom); + } - byte[] metaData = new byte[metaLength]; read(metaData); MetaMessage metaMessage = new MetaMessage(); @@ -413,5 +424,4 @@ throw new EOFException("invalid MIDI file"); } } - }
--- a/jdk/src/java.desktop/share/classes/java/awt/datatransfer/Clipboard.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/share/classes/java/awt/datatransfer/Clipboard.java Thu Aug 28 14:54:07 2014 -0700 @@ -25,7 +25,7 @@ package java.awt.datatransfer; -import java.awt.EventQueue; +import sun.datatransfer.DataFlavorUtil; import java.util.Objects; import java.util.Set; @@ -130,7 +130,8 @@ this.contents = contents; if (oldOwner != null && oldOwner != owner) { - EventQueue.invokeLater(() -> oldOwner.lostOwnership(Clipboard.this, oldContents)); + DataFlavorUtil.getDesktopService().invokeOnEventThread(() -> + oldOwner.lostOwnership(Clipboard.this, oldContents)); } fireFlavorsChanged(); } @@ -324,7 +325,7 @@ return; } flavorListeners.forEach(listener -> - EventQueue.invokeLater(() -> + DataFlavorUtil.getDesktopService().invokeOnEventThread(() -> listener.flavorsChanged(new FlavorEvent(Clipboard.this)))); }
--- a/jdk/src/java.desktop/share/classes/java/awt/datatransfer/DataFlavor.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/share/classes/java/awt/datatransfer/DataFlavor.java Thu Aug 28 14:54:07 2014 -0700 @@ -25,7 +25,7 @@ package java.awt.datatransfer; -import sun.awt.datatransfer.DataTransferer; +import sun.datatransfer.DataFlavorUtil; import sun.reflect.misc.ReflectUtil; import java.io.ByteArrayInputStream; @@ -44,7 +44,6 @@ import java.nio.CharBuffer; import java.util.Arrays; import java.util.Collections; -import java.util.Comparator; import java.util.Objects; import static sun.security.util.SecurityConstants.GET_CLASSLOADER_PERMISSION; @@ -582,12 +581,12 @@ } else { params += representationClass.getName(); } - if (DataTransferer.isFlavorCharsetTextType(this) && + if (DataFlavorUtil.isFlavorCharsetTextType(this) && (isRepresentationClassInputStream() || isRepresentationClassByteBuffer() || byte[].class.equals(representationClass))) { - params += ";charset=" + DataTransferer.getTextCharset(this); + params += ";charset=" + DataFlavorUtil.getTextCharset(this); } return params; } @@ -609,13 +608,8 @@ * @since 1.3 */ public static final DataFlavor getTextPlainUnicodeFlavor() { - String encoding = null; - DataTransferer transferer = DataTransferer.getInstance(); - if (transferer != null) { - encoding = transferer.getDefaultUnicodeEncoding(); - } return new DataFlavor( - "text/plain;charset="+encoding + "text/plain;charset=" + DataFlavorUtil.getDesktopService().getDefaultUnicodeEncoding() +";class=java.io.InputStream", "Plain Text"); } @@ -741,12 +735,8 @@ return null; } - if (textFlavorComparator == null) { - textFlavorComparator = new TextFlavorComparator(); - } - DataFlavor bestFlavor = Collections.max(Arrays.asList(availableFlavors), - textFlavorComparator); + DataFlavorUtil.getTextFlavorComparator()); if (!bestFlavor.isFlavorTextType()) { return null; @@ -755,46 +745,6 @@ return bestFlavor; } - private static Comparator<DataFlavor> textFlavorComparator; - - static class TextFlavorComparator - extends DataTransferer.DataFlavorComparator { - - /** - * Compares two <code>DataFlavor</code> objects. Returns a negative - * integer, zero, or a positive integer as the first - * <code>DataFlavor</code> is worse than, equal to, or better than the - * second. - * <p> - * <code>DataFlavor</code>s are ordered according to the rules outlined - * for <code>selectBestTextFlavor</code>. - * - * @param flavor1 the first <code>DataFlavor</code> to be compared - * @param flavor2 the second <code>DataFlavor</code> to be compared - * @return a negative integer, zero, or a positive integer as the first - * argument is worse, equal to, or better than the second - * @throws ClassCastException if either of the arguments is not an - * instance of <code>DataFlavor</code> - * @throws NullPointerException if either of the arguments is - * <code>null</code> - * - * @see #selectBestTextFlavor - */ - public int compare(DataFlavor flavor1, DataFlavor flavor2) { - if (flavor1.isFlavorTextType()) { - if (flavor2.isFlavorTextType()) { - return super.compare(flavor1, flavor2); - } else { - return 1; - } - } else if (flavor2.isFlavorTextType()) { - return -1; - } else { - return 0; - } - } - } - /** * Gets a Reader for a text flavor, decoded, if necessary, for the expected * charset (encoding). The supported representation classes are @@ -1015,13 +965,13 @@ } if ("text".equals(getPrimaryType())) { - if (DataTransferer.doesSubtypeSupportCharset(this) + if (DataFlavorUtil.doesSubtypeSupportCharset(this) && representationClass != null && !isStandardTextRepresentationClass()) { String thisCharset = - DataTransferer.canonicalName(this.getParameter("charset")); + DataFlavorUtil.canonicalName(this.getParameter("charset")); String thatCharset = - DataTransferer.canonicalName(that.getParameter("charset")); + DataFlavorUtil.canonicalName(that.getParameter("charset")); if (!Objects.equals(thisCharset, thatCharset)) { return false; } @@ -1088,10 +1038,10 @@ // subTypes is '*', regardless of the other subType. if ("text".equals(primaryType)) { - if (DataTransferer.doesSubtypeSupportCharset(this) + if (DataFlavorUtil.doesSubtypeSupportCharset(this) && representationClass != null && !isStandardTextRepresentationClass()) { - String charset = DataTransferer.canonicalName(getParameter("charset")); + String charset = DataFlavorUtil.canonicalName(getParameter("charset")); if (charset != null) { total += charset.hashCode(); } @@ -1280,9 +1230,8 @@ * Returns true if the representation class is <code>Remote</code>. * @return true if the representation class is <code>Remote</code> */ - public boolean isRepresentationClassRemote() { - return DataTransferer.isRemote(representationClass); + return DataFlavorUtil.RMI.isRemote(representationClass); } /** @@ -1356,8 +1305,8 @@ * @since 1.4 */ public boolean isFlavorTextType() { - return (DataTransferer.isFlavorCharsetTextType(this) || - DataTransferer.isFlavorNoncharsetTextType(this)); + return (DataFlavorUtil.isFlavorCharsetTextType(this) || + DataFlavorUtil.isFlavorNoncharsetTextType(this)); } /**
--- a/jdk/src/java.desktop/share/classes/java/awt/datatransfer/SystemFlavorMap.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/share/classes/java/awt/datatransfer/SystemFlavorMap.java Thu Aug 28 14:54:07 2014 -0700 @@ -25,22 +25,15 @@ package java.awt.datatransfer; -import java.awt.Toolkit; - -import java.io.BufferedInputStream; -import java.io.InputStream; -import java.lang.ref.SoftReference; +import sun.datatransfer.DataFlavorUtil; +import sun.datatransfer.DesktopDatatransferService; import java.io.BufferedReader; -import java.io.File; +import java.io.IOException; +import java.io.InputStream; import java.io.InputStreamReader; -import java.io.IOException; - -import java.net.URL; -import java.net.MalformedURLException; - +import java.lang.ref.SoftReference; import java.util.ArrayList; -import java.util.Arrays; import java.util.Collections; import java.util.HashMap; import java.util.HashSet; @@ -48,12 +41,8 @@ import java.util.List; import java.util.Map; import java.util.Objects; -import java.util.Properties; import java.util.Set; -import sun.awt.AppContext; -import sun.awt.datatransfer.DataTransferer; - /** * The SystemFlavorMap is a configurable map between "natives" (Strings), which * correspond to platform-specific data formats, and "flavors" (DataFlavors), @@ -74,13 +63,6 @@ private static final Object FLAVOR_MAP_KEY = new Object(); /** - * Copied from java.util.Properties. - */ - private static final String keyValueSeparators = "=: \t\r\n\f"; - private static final String strictKeyValueSeparators = "=:"; - private static final String whiteSpaceChars = " \t\r\n\f"; - - /** * The list of valid, decoded text flavor representation classes, in order * from best to worst. */ @@ -198,16 +180,11 @@ /** * Returns the default FlavorMap for this thread's ClassLoader. + * * @return the default FlavorMap for this thread's ClassLoader */ public static FlavorMap getDefaultFlavorMap() { - AppContext context = AppContext.getAppContext(); - FlavorMap fm = (FlavorMap) context.get(FLAVOR_MAP_KEY); - if (fm == null) { - fm = new SystemFlavorMap(); - context.put(FLAVOR_MAP_KEY, fm); - } - return fm; + return DataFlavorUtil.getDesktopService().getFlavorMap(SystemFlavorMap::new); } private SystemFlavorMap() { @@ -223,7 +200,7 @@ } isMapInitialized = true; - InputStream is = SystemFlavorMap.class.getResourceAsStream("/sun/awt/datatransfer/flavormap.properties"); + InputStream is = SystemFlavorMap.class.getResourceAsStream("/sun/datatransfer/resources/flavormap.properties"); if (is == null) { throw new InternalError("Default flavor mapping not found"); } @@ -238,22 +215,25 @@ line = line.substring(0, line.length() - 1) + reader.readLine().trim(); } int delimiterPosition = line.indexOf('='); - String key = line.substring(0, delimiterPosition).replace("\\ ", " "); + String key = line.substring(0, delimiterPosition).replaceAll("\\ ", " "); String[] values = line.substring(delimiterPosition + 1, line.length()).split(","); for (String value : values) { try { + value = loadConvert(value); MimeType mime = new MimeType(value); if ("text".equals(mime.getPrimaryType())) { String charset = mime.getParameter("charset"); - if (DataTransferer.doesSubtypeSupportCharset(mime.getSubType(), charset)) + if (DataFlavorUtil.doesSubtypeSupportCharset(mime.getSubType(), charset)) { // We need to store the charset and eoln // parameters, if any, so that the // DataTransferer will have this information // for conversion into the native format. - DataTransferer transferer = DataTransferer.getInstance(); - if (transferer != null) { - transferer.registerTextFlavorProperties(key, charset, + DesktopDatatransferService desktopService = + DataFlavorUtil.getDesktopService(); + if (desktopService.isDesktopPresent()) { + desktopService.registerTextFlavorProperties( + key, charset, mime.getParameter("eoln"), mime.getParameter("terminators")); } @@ -305,6 +285,63 @@ } } + // Copied from java.util.Properties + private static String loadConvert(String theString) { + char aChar; + int len = theString.length(); + StringBuilder outBuffer = new StringBuilder(len); + + for (int x = 0; x < len; ) { + aChar = theString.charAt(x++); + if (aChar == '\\') { + aChar = theString.charAt(x++); + if (aChar == 'u') { + // Read the xxxx + int value = 0; + for (int i = 0; i < 4; i++) { + aChar = theString.charAt(x++); + switch (aChar) { + case '0': case '1': case '2': case '3': case '4': + case '5': case '6': case '7': case '8': case '9': { + value = (value << 4) + aChar - '0'; + break; + } + case 'a': case 'b': case 'c': + case 'd': case 'e': case 'f': { + value = (value << 4) + 10 + aChar - 'a'; + break; + } + case 'A': case 'B': case 'C': + case 'D': case 'E': case 'F': { + value = (value << 4) + 10 + aChar - 'A'; + break; + } + default: { + throw new IllegalArgumentException( + "Malformed \\uxxxx encoding."); + } + } + } + outBuffer.append((char)value); + } else { + if (aChar == 't') { + aChar = '\t'; + } else if (aChar == 'r') { + aChar = '\r'; + } else if (aChar == 'n') { + aChar = '\n'; + } else if (aChar == 'f') { + aChar = '\f'; + } + outBuffer.append(aChar); + } + } else { + outBuffer.append(aChar); + } + } + return outBuffer.toString(); + } + /** * Stores the listed object under the specified hash key in map. Unlike a * standard map, the listed object will not replace any object already at @@ -332,10 +369,10 @@ LinkedHashSet<DataFlavor> flavors = getNativeToFlavor().get(nat); if (nat != null && !disabledMappingGenerationKeys.contains(nat)) { - DataTransferer transferer = DataTransferer.getInstance(); - if (transferer != null) { + DesktopDatatransferService desktopService = DataFlavorUtil.getDesktopService(); + if (desktopService.isDesktopPresent()) { LinkedHashSet<DataFlavor> platformFlavors = - transferer.getPlatformMappingsForNative(nat); + desktopService.getPlatformMappingsForNative(nat); if (!platformFlavors.isEmpty()) { if (flavors != null) { // Prepending the platform-specific mappings ensures @@ -395,10 +432,10 @@ LinkedHashSet<String> natives = getFlavorToNative().get(flav); if (flav != null && !disabledMappingGenerationKeys.contains(flav)) { - DataTransferer transferer = DataTransferer.getInstance(); - if (transferer != null) { + DesktopDatatransferService desktopService = DataFlavorUtil.getDesktopService(); + if (desktopService.isDesktopPresent()) { LinkedHashSet<String> platformNatives = - transferer.getPlatformMappingsForFlavor(flav); + desktopService.getPlatformMappingsForFlavor(flav); if (!platformNatives.isEmpty()) { if (natives != null) { // Prepend the platform-specific mappings to ensure @@ -474,7 +511,7 @@ // In this case we shouldn't synthesize a native for this flavor, // since its mappings were explicitly specified. retval = flavorToNativeLookup(flav, false); - } else if (DataTransferer.isFlavorCharsetTextType(flav)) { + } else if (DataFlavorUtil.isFlavorCharsetTextType(flav)) { retval = new LinkedHashSet<>(0); // For text/* flavors, flavor-to-native mappings specified in @@ -502,7 +539,7 @@ // addUnencodedNativeForFlavor(), so they have lower priority. retval.addAll(flavorToNativeLookup(flav, false)); } - } else if (DataTransferer.isFlavorNoncharsetTextType(flav)) { + } else if (DataFlavorUtil.isFlavorNoncharsetTextType(flav)) { retval = getTextTypeToNative().get(flav.mimeType.getBaseType()); if (retval == null || retval.isEmpty()) { @@ -602,7 +639,7 @@ // on load from flavormap.properties. } - if (DataTransferer.doesSubtypeSupportCharset(subType, null)) { + if (DataFlavorUtil.doesSubtypeSupportCharset(subType, null)) { if (TEXT_PLAIN_BASE_TYPE.equals(baseType)) { returnValue.add(DataFlavor.stringFlavor); @@ -624,7 +661,7 @@ } } - for (String charset : DataTransferer.standardEncodings()) { + for (String charset : DataFlavorUtil.standardEncodings()) { for (String encodedTextClass : ENCODED_TEXT_CLASSES) { final String mimeType =
--- a/jdk/src/java.desktop/share/classes/java/awt/font/TextLayout.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/share/classes/java/awt/font/TextLayout.java Thu Aug 28 14:54:07 2014 -0700 @@ -1811,7 +1811,7 @@ * should be logical or visual counterparts. They are not * checked for validity. */ - private final TextHitInfo getStrongHit(TextHitInfo hit1, TextHitInfo hit2) { + private TextHitInfo getStrongHit(TextHitInfo hit1, TextHitInfo hit2) { // right now we're using the following rule for strong hits: // A hit on a character with a lower level
--- a/jdk/src/java.desktop/share/classes/java/beans/PropertyChangeSupport.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/share/classes/java/beans/PropertyChangeSupport.java Thu Aug 28 14:54:07 2014 -0700 @@ -544,7 +544,7 @@ /** * {@inheritDoc} */ - public final PropertyChangeListener extract(PropertyChangeListener listener) { + public PropertyChangeListener extract(PropertyChangeListener listener) { while (listener instanceof PropertyChangeListenerProxy) { listener = ((PropertyChangeListenerProxy) listener).getListener(); }
--- a/jdk/src/java.desktop/share/classes/java/beans/VetoableChangeSupport.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/share/classes/java/beans/VetoableChangeSupport.java Thu Aug 28 14:54:07 2014 -0700 @@ -533,7 +533,7 @@ /** * {@inheritDoc} */ - public final VetoableChangeListener extract(VetoableChangeListener listener) { + public VetoableChangeListener extract(VetoableChangeListener listener) { while (listener instanceof VetoableChangeListenerProxy) { listener = ((VetoableChangeListenerProxy) listener).getListener(); }
--- a/jdk/src/java.desktop/share/classes/javax/sound/midi/ControllerEventListener.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/share/classes/javax/sound/midi/ControllerEventListener.java Thu Aug 28 14:54:07 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2002, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -27,38 +27,35 @@ import java.util.EventListener; - /** - * The <code>ControllerEventListener</code> interface should be implemented - * by classes whose instances need to be notified when a <code>Sequencer</code> - * has processed a requested type of MIDI control-change event. - * To register a <code>ControllerEventListener</code> object to receive such - * notifications, invoke the + * The {@code ControllerEventListener} interface should be implemented by + * classes whose instances need to be notified when a {@link Sequencer} has + * processed a requested type of MIDI control-change event. To register a + * {@code ControllerEventListener} object to receive such notifications, invoke + * the * {@link Sequencer#addControllerEventListener(ControllerEventListener, int[]) - * addControllerEventListener} method of <code>Sequencer</code>, - * specifying the types of MIDI controllers about which you are interested in - * getting control-change notifications. - * - * @see MidiChannel#controlChange(int, int) + * addControllerEventListener} method of {@code Sequencer}, specifying the types + * of MIDI controllers about which you are interested in getting control-change + * notifications. * * @author Kara Kytle + * @see MidiChannel#controlChange(int, int) */ public interface ControllerEventListener extends EventListener { /** - * Invoked when a <code>Sequencer</code> has encountered and processed - * a control-change event of interest to this listener. The event passed - * in is a <code>ShortMessage</code> whose first data byte indicates - * the controller number and whose second data byte is the value to which - * the controller was set. + * Invoked when a {@link Sequencer} has encountered and processed a + * control-change event of interest to this listener. The event passed in is + * a {@code ShortMessage} whose first data byte indicates the controller + * number and whose second data byte is the value to which the controller + * was set. * - * @param event the control-change event that the sequencer encountered in - * the sequence it is processing - * + * @param event the control-change event that the sequencer encountered in + * the sequence it is processing * @see Sequencer#addControllerEventListener(ControllerEventListener, int[]) * @see MidiChannel#controlChange(int, int) * @see ShortMessage#getData1 * @see ShortMessage#getData2 */ - public void controlChange(ShortMessage event); + void controlChange(ShortMessage event); }
--- a/jdk/src/java.desktop/share/classes/javax/sound/midi/Instrument.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/share/classes/javax/sound/midi/Instrument.java Thu Aug 28 14:54:07 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2004, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,49 +25,41 @@ package javax.sound.midi; -import java.net.URL; - - - /** - * An instrument is a sound-synthesis algorithm with certain parameter - * settings, usually designed to emulate a specific real-world - * musical instrument or to achieve a specific sort of sound effect. - * Instruments are typically stored in collections called soundbanks. - * Before the instrument can be used to play notes, it must first be loaded - * onto a synthesizer, and then it must be selected for use on - * one or more channels, via a program-change command. MIDI notes - * that are subsequently received on those channels will be played using + * An instrument is a sound-synthesis algorithm with certain parameter settings, + * usually designed to emulate a specific real-world musical instrument or to + * achieve a specific sort of sound effect. Instruments are typically stored in + * collections called soundbanks. Before the instrument can be used to play + * notes, it must first be loaded onto a synthesizer, and then it must be + * selected for use on one or more channels, via a program-change command. MIDI + * notes that are subsequently received on those channels will be played using * the sound of the selected instrument. * + * @author Kara Kytle * @see Soundbank * @see Soundbank#getInstruments * @see Patch * @see Synthesizer#loadInstrument(Instrument) * @see MidiChannel#programChange(int, int) - * @author Kara Kytle */ - public abstract class Instrument extends SoundbankResource { - /** - * Instrument patch + * Instrument patch. */ private final Patch patch; - /** - * Constructs a new MIDI instrument from the specified <code>Patch</code>. - * When a subsequent request is made to load the - * instrument, the sound bank will search its contents for this instrument's <code>Patch</code>, - * and the instrument will be loaded into the synthesizer at the - * bank and program location indicated by the <code>Patch</code> object. - * @param soundbank sound bank containing the instrument - * @param patch the patch of this instrument - * @param name the name of this instrument - * @param dataClass the class used to represent the sample's data. + * Constructs a new MIDI instrument from the specified {@code Patch}. When a + * subsequent request is made to load the instrument, the sound bank will + * search its contents for this instrument's {@code Patch}, and the + * instrument will be loaded into the synthesizer at the bank and program + * location indicated by the {@code Patch} object. * + * @param soundbank sound bank containing the instrument + * @param patch the patch of this instrument + * @param name the name of this instrument + * @param dataClass the class used to represent the sample's data * @see Synthesizer#loadInstrument(Instrument) */ protected Instrument(Soundbank soundbank, Patch patch, String name, Class<?> dataClass) { @@ -76,10 +68,10 @@ this.patch = patch; } - /** - * Obtains the <code>Patch</code> object that indicates the bank and program + * Obtains the {@code Patch} object that indicates the bank and program * numbers where this instrument is to be stored in the synthesizer. + * * @return this instrument's patch */ public Patch getPatch() {
--- a/jdk/src/java.desktop/share/classes/javax/sound/midi/InvalidMidiDataException.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/share/classes/javax/sound/midi/InvalidMidiDataException.java Thu Aug 28 14:54:07 2014 -0700 @@ -25,25 +25,25 @@ package javax.sound.midi; - /** - * An <code>InvalidMidiDataException</code> indicates that inappropriate MIDI - * data was encountered. This often means that the data is invalid in and of - * itself, from the perspective of the MIDI specification. An example would - * be an undefined status byte. However, the exception might simply - * mean that the data was invalid in the context it was used, or that - * the object to which the data was given was unable to parse or use it. - * For example, a file reader might not be able to parse a Type 2 MIDI file, even - * though that format is defined in the MIDI specification. + * An {@code InvalidMidiDataException} indicates that inappropriate MIDI data + * was encountered. This often means that the data is invalid in and of itself, + * from the perspective of the MIDI specification. An example would be an + * undefined status byte. However, the exception might simply mean that the data + * was invalid in the context it was used, or that the object to which the data + * was given was unable to parse or use it. For example, a file reader might not + * be able to parse a Type 2 MIDI file, even though that format is defined in + * the MIDI specification. * * @author Kara Kytle */ public class InvalidMidiDataException extends Exception { + private static final long serialVersionUID = 2780771756789932067L; /** - * Constructs an <code>InvalidMidiDataException</code> with - * <code>null</code> for its error detail message. + * Constructs an {@code InvalidMidiDataException} with {@code null} for its + * error detail message. */ public InvalidMidiDataException() { @@ -51,10 +51,10 @@ } /** - * Constructs an <code>InvalidMidiDataException</code> with the - * specified detail message. + * Constructs an {@code InvalidMidiDataException} with the specified detail + * message. * - * @param message the string to display as an error detail message + * @param message the string to display as an error detail message */ public InvalidMidiDataException(String message) {
--- a/jdk/src/java.desktop/share/classes/javax/sound/midi/MetaEventListener.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/share/classes/javax/sound/midi/MetaEventListener.java Thu Aug 28 14:54:07 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2002, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -27,24 +27,23 @@ import java.util.EventListener; - /** - * The <code>MetaEventListener</code> interface should be implemented - * by classes whose instances need to be notified when a <code>{@link Sequencer}</code> - * has processed a <code>{@link MetaMessage}</code>. - * To register a <code>MetaEventListener</code> object to receive such - * notifications, pass it as the argument to the - * <code>{@link Sequencer#addMetaEventListener(MetaEventListener) addMetaEventListener}</code> - * method of <code>Sequencer</code>. + * The {@code MetaEventListener} interface should be implemented by classes + * whose instances need to be notified when a {@link Sequencer} has processed a + * {@link MetaMessage}. To register a {@code MetaEventListener} object to + * receive such notifications, pass it as the argument to the + * {@link Sequencer#addMetaEventListener(MetaEventListener) + * addMetaEventListener} method of {@code Sequencer}. * * @author Kara Kytle */ public interface MetaEventListener extends EventListener { /** - * Invoked when a <code>{@link Sequencer}</code> has encountered and processed - * a <code>MetaMessage</code> in the <code>{@link Sequence}</code> it is processing. - * @param meta the meta-message that the sequencer encountered + * Invoked when a {@link Sequencer} has encountered and processed a + * {@code MetaMessage} in the {@code Sequence} it is processing. + * + * @param meta the meta-message that the sequencer encountered */ - public void meta(MetaMessage meta); + void meta(MetaMessage meta); }
--- a/jdk/src/java.desktop/share/classes/javax/sound/midi/MetaMessage.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/share/classes/javax/sound/midi/MetaMessage.java Thu Aug 28 14:54:07 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,65 +25,54 @@ package javax.sound.midi; - /** - * A <code>MetaMessage</code> is a <code>{@link MidiMessage}</code> that is not meaningful to synthesizers, but - * that can be stored in a MIDI file and interpreted by a sequencer program. - * (See the discussion in the <code>MidiMessage</code> - * class description.) The Standard MIDI Files specification defines - * various types of meta-events, such as sequence number, lyric, cue point, - * and set tempo. There are also meta-events - * for such information as lyrics, copyrights, tempo indications, time and key - * signatures, markers, etc. For more information, see the Standard MIDI Files 1.0 - * specification, which is part of the Complete MIDI 1.0 Detailed Specification - * published by the MIDI Manufacturer's Association + * A {@code MetaMessage} is a {@link MidiMessage} that is not meaningful to + * synthesizers, but that can be stored in a MIDI file and interpreted by a + * sequencer program. (See the discussion in the {@code MidiMessage} class + * description.) The Standard MIDI Files specification defines various types of + * meta-events, such as sequence number, lyric, cue point, and set tempo. There + * are also meta-events for such information as lyrics, copyrights, tempo + * indications, time and key signatures, markers, etc. For more information, see + * the Standard MIDI Files 1.0 specification, which is part of the Complete MIDI + * 1.0 Detailed Specification published by the MIDI Manufacturer's Association * (<a href = http://www.midi.org>http://www.midi.org</a>). - * * <p> - * When data is being transported using MIDI wire protocol, - * a <code>{@link ShortMessage}</code> with the status value <code>0xFF</code> represents - * a system reset message. In MIDI files, this same status value denotes a <code>MetaMessage</code>. - * The types of meta-message are distinguished from each other by the first byte - * that follows the status byte <code>0xFF</code>. The subsequent bytes are data - * bytes. As with system exclusive messages, there are an arbitrary number of - * data bytes, depending on the type of <code>MetaMessage</code>. - * - * @see MetaEventListener + * When data is being transported using MIDI wire protocol, a + * {@link ShortMessage} with the status value {@code 0xFF} represents a system + * reset message. In MIDI files, this same status value denotes a + * {@code MetaMessage}. The types of meta-message are distinguished from each + * other by the first byte that follows the status byte {@code 0xFF}. The + * subsequent bytes are data bytes. As with system exclusive messages, there are + * an arbitrary number of data bytes, depending on the type of + * {@code MetaMessage}. * * @author David Rivas * @author Kara Kytle + * @see MetaEventListener */ - public class MetaMessage extends MidiMessage { - - // Status byte defines - /** - * Status byte for <code>MetaMessage</code> (0xFF, or 255), which is used - * in MIDI files. It has the same value as SYSTEM_RESET, which - * is used in the real-time "MIDI wire" protocol. + * Status byte for {@code MetaMessage} (0xFF, or 255), which is used in MIDI + * files. It has the same value as SYSTEM_RESET, which is used in the + * real-time "MIDI wire" protocol. + * * @see MidiMessage#getStatus */ public static final int META = 0xFF; // 255 - // Instance variables - /** - * The length of the actual message in the data array. - * This is used to determine how many bytes of the data array - * is the message, and how many are the status byte, the - * type byte, and the variable-length-int describing the - * length of the message. + * The length of the actual message in the data array. This is used to + * determine how many bytes of the data array is the message, and how many + * are the status byte, the type byte, and the variable-length-int + * describing the length of the message. */ private int dataLength = 0; - /** - * Constructs a new <code>MetaMessage</code>. The contents of - * the message are not set here; use - * {@link #setMessage(int, byte[], int) setMessage} - * to set them subsequently. + * Constructs a new {@code MetaMessage}. The contents of the message are not + * set here; use {@link #setMessage(int, byte[], int) setMessage} to set + * them subsequently. */ public MetaMessage() { // Default meta message data: just the META status byte value @@ -91,17 +80,17 @@ } /** - * Constructs a new {@code MetaMessage} and sets the message parameters. - * The contents of the message can be changed by using - * the {@code setMessage} method. + * Constructs a new {@code MetaMessage} and sets the message parameters. The + * contents of the message can be changed by using the {@code setMessage} + * method. * - * @param type meta-message type (must be less than 128) - * @param data the data bytes in the MIDI message - * @param length an amount of bytes in the {@code data} byte array; - * it should be non-negative and less than or equal to - * {@code data.length} - * @throws InvalidMidiDataException if the parameter values do not specify - * a valid MIDI meta message + * @param type meta-message type (must be less than 128) + * @param data the data bytes in the MIDI message + * @param length an amount of bytes in the {@code data} byte array; it + * should be non-negative and less than or equal to + * {@code data.length} + * @throws InvalidMidiDataException if the parameter values do not specify a + * valid MIDI meta message * @see #setMessage(int, byte[], int) * @see #getType() * @see #getData() @@ -113,12 +102,11 @@ setMessage(type, data, length); // can throw InvalidMidiDataException } - /** - * Constructs a new <code>MetaMessage</code>. - * @param data an array of bytes containing the complete message. - * The message data may be changed using the <code>setMessage</code> - * method. + * Constructs a new {@code MetaMessage}. + * + * @param data an array of bytes containing the complete message. The + * message data may be changed using the {@code setMessage} method. * @see #setMessage */ protected MetaMessage(byte[] data) { @@ -133,24 +121,24 @@ } } - /** - * Sets the message parameters for a <code>MetaMessage</code>. - * Since only one status byte value, <code>0xFF</code>, is allowed for meta-messages, - * it does not need to be specified here. Calls to <code>{@link MidiMessage#getStatus getStatus}</code> return - * <code>0xFF</code> for all meta-messages. + * Sets the message parameters for a {@code MetaMessage}. Since only one + * status byte value, {@code 0xFF}, is allowed for meta-messages, it does + * not need to be specified here. Calls to + * {@link MidiMessage#getStatus getStatus} return {@code 0xFF} for all + * meta-messages. * <p> - * The <code>type</code> argument should be a valid value for the byte that - * follows the status byte in the <code>MetaMessage</code>. The <code>data</code> argument - * should contain all the subsequent bytes of the <code>MetaMessage</code>. In other words, - * the byte that specifies the type of <code>MetaMessage</code> is not considered a data byte. + * The {@code type} argument should be a valid value for the byte that + * follows the status byte in the {@code MetaMessage}. The {@code data} + * argument should contain all the subsequent bytes of the + * {@code MetaMessage}. In other words, the byte that specifies the type of + * {@code MetaMessage} is not considered a data byte. * - * @param type meta-message type (must be less than 128) - * @param data the data bytes in the MIDI message - * @param length the number of bytes in the <code>data</code> - * byte array - * @throws InvalidMidiDataException if the - * parameter values do not specify a valid MIDI meta message + * @param type meta-message type (must be less than 128) + * @param data the data bytes in the MIDI message + * @param length the number of bytes in the {@code data} byte array + * @throws InvalidMidiDataException if the parameter values do not specify a + * valid MIDI meta message */ public void setMessage(int type, byte[] data, int length) throws InvalidMidiDataException { @@ -172,10 +160,10 @@ } } - /** - * Obtains the type of the <code>MetaMessage</code>. - * @return an integer representing the <code>MetaMessage</code> type + * Obtains the type of the {@code MetaMessage}. + * + * @return an integer representing the {@code MetaMessage} type */ public int getType() { if (length>=2) { @@ -184,16 +172,15 @@ return 0; } - - /** - * Obtains a copy of the data for the meta message. The returned - * array of bytes does not include the status byte or the message - * length data. The length of the data for the meta message is - * the length of the array. Note that the length of the entire - * message includes the status byte and the meta message type - * byte, and therefore may be longer than the returned array. - * @return array containing the meta message data. + * Obtains a copy of the data for the meta message. The returned array of + * bytes does not include the status byte or the message length data. The + * length of the data for the meta message is the length of the array. Note + * that the length of the entire message includes the status byte and the + * meta message type byte, and therefore may be longer than the returned + * array. + * + * @return array containing the meta message data * @see MidiMessage#getLength */ public byte[] getData() { @@ -202,10 +189,10 @@ return returnedArray; } - /** - * Creates a new object of the same class and with the same contents - * as this object. + * Creates a new object of the same class and with the same contents as this + * object. + * * @return a clone of this instance */ public Object clone() { @@ -240,5 +227,4 @@ } data[off] = (byte) (value & mask); } - }
--- a/jdk/src/java.desktop/share/classes/javax/sound/midi/MidiChannel.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/share/classes/javax/sound/midi/MidiChannel.java Thu Aug 28 14:54:07 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2004, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,513 +25,450 @@ package javax.sound.midi; - /** - * A <code>MidiChannel</code> object represents a single MIDI channel. - * Generally, each <code>MidiChannel</code> method processes a like-named MIDI - * "channel voice" or "channel mode" message as defined by the MIDI specification. However, - * <code>MidiChannel</code> adds some "get" methods that retrieve the value - * most recently set by one of the standard MIDI channel messages. Similarly, - * methods for per-channel solo and mute have been added. + * A {@code MidiChannel} object represents a single MIDI channel. Generally, + * each {@code MidiChannel} method processes a like-named MIDI "channel voice" + * or "channel mode" message as defined by the MIDI specification. However, + * {@code MidiChannel} adds some "get" methods that retrieve the value most + * recently set by one of the standard MIDI channel messages. Similarly, methods + * for per-channel solo and mute have been added. * <p> - * A <code>{@link Synthesizer}</code> object has a collection - * of <code>MidiChannels</code>, usually one for each of the 16 channels - * prescribed by the MIDI 1.0 specification. The <code>Synthesizer</code> - * generates sound when its <code>MidiChannels</code> receive - * <code>noteOn</code> messages. + * A {@link Synthesizer} object has a collection of {@code MidiChannels}, + * usually one for each of the 16 channels prescribed by the MIDI 1.0 + * specification. The {@code Synthesizer} generates sound when its + * {@code MidiChannels} receive {@code noteOn} messages. * <p> * See the MIDI 1.0 Specification for more information about the prescribed - * behavior of the MIDI channel messages, which are not exhaustively - * documented here. The specification is titled <code>MIDI Reference: - * The Complete MIDI 1.0 Detailed Specification</code>, and is published by - * the MIDI Manufacturer's Association (<a href = http://www.midi.org> - * http://www.midi.org</a>). + * behavior of the MIDI channel messages, which are not exhaustively documented + * here. The specification is titled + * {@code MIDI Reference: The Complete MIDI 1.0 Detailed Specification}, and is + * published by the MIDI Manufacturer's Association + * (<a href = http://www.midi.org>http://www.midi.org</a>). * <p> * MIDI was originally a protocol for reporting the gestures of a keyboard - * musician. This genesis is visible in the <code>MidiChannel</code> API, which + * musician. This genesis is visible in the {@code MidiChannel} API, which * preserves such MIDI concepts as key number, key velocity, and key pressure. * It should be understood that the MIDI data does not necessarily originate * with a keyboard player (the source could be a different kind of musician, or - * software). Some devices might generate constant values for velocity - * and pressure, regardless of how the note was performed. - * Also, the MIDI specification often leaves it up to the - * synthesizer to use the data in the way the implementor sees fit. For - * example, velocity data need not always be mapped to volume and/or brightness. - * - * @see Synthesizer#getChannels + * software). Some devices might generate constant values for velocity and + * pressure, regardless of how the note was performed. Also, the MIDI + * specification often leaves it up to the synthesizer to use the data in the + * way the implementor sees fit. For example, velocity data need not always be + * mapped to volume and/or brightness. * * @author David Rivas * @author Kara Kytle + * @see Synthesizer#getChannels */ - public interface MidiChannel { /** - * Starts the specified note sounding. The key-down velocity - * usually controls the note's volume and/or brightness. - * If <code>velocity</code> is zero, this method instead acts like - * {@link #noteOff(int)}, terminating the note. + * Starts the specified note sounding. The key-down velocity usually + * controls the note's volume and/or brightness. If {@code velocity} is + * zero, this method instead acts like {@link #noteOff(int)}, terminating + * the note. * - * @param noteNumber the MIDI note number, from 0 to 127 (60 = Middle C) - * @param velocity the speed with which the key was depressed - * + * @param noteNumber the MIDI note number, from 0 to 127 (60 = Middle C) + * @param velocity the speed with which the key was depressed * @see #noteOff(int, int) */ - public void noteOn(int noteNumber, int velocity); + void noteOn(int noteNumber, int velocity); /** - * Turns the specified note off. The key-up velocity, if not ignored, can - * be used to affect how quickly the note decays. - * In any case, the note might not die away instantaneously; its decay - * rate is determined by the internals of the <code>Instrument</code>. - * If the Hold Pedal (a controller; see - * {@link #controlChange(int, int) controlChange}) - * is down, the effect of this method is deferred until the pedal is - * released. + * Turns the specified note off. The key-up velocity, if not ignored, can be + * used to affect how quickly the note decays. In any case, the note might + * not die away instantaneously; its decay rate is determined by the + * internals of the {@code Instrument}. If the Hold Pedal (a controller; see + * {@link #controlChange(int, int) controlChange}) is down, the effect of + * this method is deferred until the pedal is released. * - * - * @param noteNumber the MIDI note number, from 0 to 127 (60 = Middle C) - * @param velocity the speed with which the key was released - * + * @param noteNumber the MIDI note number, from 0 to 127 (60 = Middle C) + * @param velocity the speed with which the key was released * @see #noteOff(int) * @see #noteOn * @see #allNotesOff * @see #allSoundOff */ - public void noteOff(int noteNumber, int velocity); + void noteOff(int noteNumber, int velocity); /** * Turns the specified note off. * - * @param noteNumber the MIDI note number, from 0 to 127 (60 = Middle C) - * + * @param noteNumber the MIDI note number, from 0 to 127 (60 = Middle C) * @see #noteOff(int, int) */ - public void noteOff(int noteNumber); + void noteOff(int noteNumber); /** - * Reacts to a change in the specified note's key pressure. - * Polyphonic key pressure - * allows a keyboard player to press multiple keys simultaneously, each - * with a different amount of pressure. The pressure, if not ignored, - * is typically used to vary such features as the volume, brightness, - * or vibrato of the note. + * Reacts to a change in the specified note's key pressure. Polyphonic key + * pressure allows a keyboard player to press multiple keys simultaneously, + * each with a different amount of pressure. The pressure, if not ignored, + * is typically used to vary such features as the volume, brightness, or + * vibrato of the note. + * <p> + * It is possible that the underlying synthesizer does not support this MIDI + * message. In order to verify that {@code setPolyPressure} was successful, + * use {@code getPolyPressure}. * - * It is possible that the underlying synthesizer - * does not support this MIDI message. In order - * to verify that <code>setPolyPressure</code> - * was successful, use <code>getPolyPressure</code>. - * - * @param noteNumber the MIDI note number, from 0 to 127 (60 = Middle C) - * @param pressure value for the specified key, from 0 to 127 (127 = - * maximum pressure) - * + * @param noteNumber the MIDI note number, from 0 to 127 (60 = Middle C) + * @param pressure value for the specified key, from 0 to 127 + * (127 = maximum pressure) * @see #getPolyPressure(int) */ - public void setPolyPressure(int noteNumber, int pressure); + void setPolyPressure(int noteNumber, int pressure); /** * Obtains the pressure with which the specified key is being depressed. - * - * @param noteNumber the MIDI note number, from 0 to 127 (60 = Middle C) + * <p> + * If the device does not support setting poly pressure, this method always + * returns 0. Calling {@code setPolyPressure} will have no effect then. * - * If the device does not support setting poly pressure, - * this method always returns 0. Calling - * <code>setPolyPressure</code> will have no effect then. - * + * @param noteNumber the MIDI note number, from 0 to 127 (60 = Middle C) * @return the amount of pressure for that note, from 0 to 127 - * (127 = maximum pressure) - * + * (127 = maximum pressure) * @see #setPolyPressure(int, int) */ - public int getPolyPressure(int noteNumber); + int getPolyPressure(int noteNumber); /** - * Reacts to a change in the keyboard pressure. Channel - * pressure indicates how hard the keyboard player is depressing - * the entire keyboard. This can be the maximum or - * average of the per-key pressure-sensor values, as set by - * <code>setPolyPressure</code>. More commonly, it is a measurement of - * a single sensor on a device that doesn't implement polyphonic key - * pressure. Pressure can be used to control various aspects of the sound, - * as described under {@link #setPolyPressure(int, int) setPolyPressure}. + * Reacts to a change in the keyboard pressure. Channel pressure indicates + * how hard the keyboard player is depressing the entire keyboard. This can + * be the maximum or average of the per-key pressure-sensor values, as set + * by {@code setPolyPressure}. More commonly, it is a measurement of a + * single sensor on a device that doesn't implement polyphonic key pressure. + * Pressure can be used to control various aspects of the sound, as + * described under {@link #setPolyPressure(int, int) setPolyPressure}. + * <p> + * It is possible that the underlying synthesizer does not support this MIDI + * message. In order to verify that {@code setChannelPressure} was + * successful, use {@code getChannelPressure}. * - * It is possible that the underlying synthesizer - * does not support this MIDI message. In order - * to verify that <code>setChannelPressure</code> - * was successful, use <code>getChannelPressure</code>. - * - * @param pressure the pressure with which the keyboard is being depressed, - * from 0 to 127 (127 = maximum pressure) + * @param pressure the pressure with which the keyboard is being depressed, + * from 0 to 127 (127 = maximum pressure) * @see #setPolyPressure(int, int) * @see #getChannelPressure */ - public void setChannelPressure(int pressure); + void setChannelPressure(int pressure); /** * Obtains the channel's keyboard pressure. - * If the device does not support setting channel pressure, - * this method always returns 0. Calling - * <code>setChannelPressure</code> will have no effect then. + * <p> + * If the device does not support setting channel pressure, this method + * always returns 0. Calling {@code setChannelPressure} will have no effect + * then. * - * @return the amount of pressure for that note, - * from 0 to 127 (127 = maximum pressure) - * + * @return the amount of pressure for that note, from 0 to 127 + * (127 = maximum pressure) * @see #setChannelPressure(int) */ - public int getChannelPressure(); + int getChannelPressure(); /** - * Reacts to a change in the specified controller's value. A controller - * is some control other than a keyboard key, such as a - * switch, slider, pedal, wheel, or breath-pressure sensor. - * The MIDI 1.0 Specification provides standard numbers for typical - * controllers on MIDI devices, and describes the intended effect - * for some of the controllers. - * The way in which an - * <code>Instrument</code> reacts to a controller change may be - * specific to the <code>Instrument</code>. + * Reacts to a change in the specified controller's value. A controller is + * some control other than a keyboard key, such as a switch, slider, pedal, + * wheel, or breath-pressure sensor. The MIDI 1.0 Specification provides + * standard numbers for typical controllers on MIDI devices, and describes + * the intended effect for some of the controllers. The way in which an + * {@code Instrument} reacts to a controller change may be specific to the + * {@code Instrument}. * <p> - * The MIDI 1.0 Specification defines both 7-bit controllers - * and 14-bit controllers. Continuous controllers, such - * as wheels and sliders, typically have 14 bits (two MIDI bytes), - * while discrete controllers, such as switches, typically have 7 bits - * (one MIDI byte). Refer to the specification to see the - * expected resolution for each type of control. + * The MIDI 1.0 Specification defines both 7-bit controllers and 14-bit + * controllers. Continuous controllers, such as wheels and sliders, + * typically have 14 bits (two MIDI bytes), while discrete controllers, such + * as switches, typically have 7 bits (one MIDI byte). Refer to the + * specification to see the expected resolution for each type of control. * <p> - * Controllers 64 through 95 (0x40 - 0x5F) allow 7-bit precision. - * The value of a 7-bit controller is set completely by the - * <code>value</code> argument. An additional set of controllers - * provide 14-bit precision by using two controller numbers, one - * for the most significant 7 bits and another for the least significant - * 7 bits. Controller numbers 0 through 31 (0x00 - 0x1F) control the - * most significant 7 bits of 14-bit controllers; controller numbers - * 32 through 63 (0x20 - 0x3F) control the least significant 7 bits of - * these controllers. For example, controller number 7 (0x07) controls - * the upper 7 bits of the channel volume controller, and controller - * number 39 (0x27) controls the lower 7 bits. - * The value of a 14-bit controller is determined - * by the interaction of the two halves. When the most significant 7 bits - * of a controller are set (using controller numbers 0 through 31), the - * lower 7 bits are automatically set to 0. The corresponding controller - * number for the lower 7 bits may then be used to further modulate the - * controller value. + * Controllers 64 through 95 (0x40 - 0x5F) allow 7-bit precision. The value + * of a 7-bit controller is set completely by the {@code value} argument. An + * additional set of controllers provide 14-bit precision by using two + * controller numbers, one for the most significant 7 bits and another for + * the least significant 7 bits. Controller numbers 0 through 31 + * (0x00 - 0x1F) control the most significant 7 bits of 14-bit controllers; + * controller numbers 32 through 63 (0x20 - 0x3F) control the least + * significant 7 bits of these controllers. For example, controller number 7 + * (0x07) controls the upper 7 bits of the channel volume controller, and + * controller number 39 (0x27) controls the lower 7 bits. The value of a + * 14-bit controller is determined by the interaction of the two halves. + * When the most significant 7 bits of a controller are set (using + * controller numbers 0 through 31), the lower 7 bits are automatically set + * to 0. The corresponding controller number for the lower 7 bits may then + * be used to further modulate the controller value. + * <p> + * It is possible that the underlying synthesizer does not support a + * specific controller message. In order to verify that a call to + * {@code controlChange} was successful, use {@code getController}. * - * It is possible that the underlying synthesizer - * does not support a specific controller message. In order - * to verify that a call to <code>controlChange</code> - * was successful, use <code>getController</code>. - * - * @param controller the controller number (0 to 127; see the MIDI - * 1.0 Specification for the interpretation) - * @param value the value to which the specified controller is changed (0 to 127) - * + * @param controller the controller number (0 to 127; see the MIDI 1.0 + * Specification for the interpretation) + * @param value the value to which the specified controller is changed + * (0 to 127) * @see #getController(int) */ - public void controlChange(int controller, int value); + void controlChange(int controller, int value); /** - * Obtains the current value of the specified controller. The return - * value is represented with 7 bits. For 14-bit controllers, the MSB and - * LSB controller value needs to be obtained separately. For example, - * the 14-bit value of the volume controller can be calculated by - * multiplying the value of controller 7 (0x07, channel volume MSB) - * with 128 and adding the - * value of controller 39 (0x27, channel volume LSB). + * Obtains the current value of the specified controller. The return value + * is represented with 7 bits. For 14-bit controllers, the MSB and LSB + * controller value needs to be obtained separately. For example, the 14-bit + * value of the volume controller can be calculated by multiplying the value + * of controller 7 (0x07, channel volume MSB) with 128 and adding the value + * of controller 39 (0x27, channel volume LSB). + * <p> + * If the device does not support setting a specific controller, this method + * returns 0 for that controller. Calling {@code controlChange} will have no + * effect then. * - * If the device does not support setting a specific controller, - * this method returns 0 for that controller. - * Calling <code>controlChange</code> will have no effect then. - * - * @param controller the number of the controller whose value is desired. - * The allowed range is 0-127; see the MIDI - * 1.0 Specification for the interpretation. - * + * @param controller the number of the controller whose value is desired. + * The allowed range is 0-127; see the MIDI 1.0 Specification for + * the interpretation. * @return the current value of the specified controller (0 to 127) - * * @see #controlChange(int, int) */ - public int getController(int controller); + int getController(int controller); /** - * Changes a program (patch). This selects a specific - * instrument from the currently selected bank of instruments. + * Changes a program (patch). This selects a specific instrument from the + * currently selected bank of instruments. * <p> - * The MIDI specification does not - * dictate whether notes that are already sounding should switch - * to the new instrument (timbre) or continue with their original timbre - * until terminated by a note-off. + * The MIDI specification does not dictate whether notes that are already + * sounding should switch to the new instrument (timbre) or continue with + * their original timbre until terminated by a note-off. * <p> - * The program number is zero-based (expressed from 0 to 127). - * Note that MIDI hardware displays and literature about MIDI - * typically use the range 1 to 128 instead. + * The program number is zero-based (expressed from 0 to 127). Note that + * MIDI hardware displays and literature about MIDI typically use the range + * 1 to 128 instead. + * <p> + * It is possible that the underlying synthesizer does not support a + * specific program. In order to verify that a call to {@code programChange} + * was successful, use {@code getProgram}. * - * It is possible that the underlying synthesizer - * does not support a specific program. In order - * to verify that a call to <code>programChange</code> - * was successful, use <code>getProgram</code>. - * - * @param program the program number to switch to (0 to 127) - * + * @param program the program number to switch to (0 to 127) * @see #programChange(int, int) * @see #getProgram() */ - public void programChange(int program); + void programChange(int program); /** * Changes the program using bank and program (patch) numbers. - * - * It is possible that the underlying synthesizer - * does not support a specific bank, or program. In order - * to verify that a call to <code>programChange</code> - * was successful, use <code>getProgram</code> and - * <code>getController</code>. - * Since banks are changed by way of control changes, - * you can verify the current bank with the following - * statement: + * <p> + * It is possible that the underlying synthesizer does not support a + * specific bank, or program. In order to verify that a call to + * {@code programChange} was successful, use {@code getProgram} and + * {@code getController}. Since banks are changed by way of control changes, + * you can verify the current bank with the following statement: * <pre> - * int bank = (getController(0) * 128) - * + getController(32); + * int bank = (getController(0) * 128) + getController(32); * </pre> * - * @param bank the bank number to switch to (0 to 16383) - * @param program the program (patch) to use in the specified bank (0 to 127) + * @param bank the bank number to switch to (0 to 16383) + * @param program the program (patch) to use in the specified bank + * (0 to 127) * @see #programChange(int) * @see #getProgram() */ - public void programChange(int bank, int program); + void programChange(int bank, int program); /** * Obtains the current program number for this channel. + * * @return the program number of the currently selected patch * @see Patch#getProgram * @see Synthesizer#loadInstrument * @see #programChange(int) */ - public int getProgram(); + int getProgram(); /** - * Changes the pitch offset for all notes on this channel. - * This affects all currently sounding notes as well as subsequent ones. - * (For pitch bend to cease, the value needs to be reset to the - * center position.) - * <p> The MIDI specification - * stipulates that pitch bend be a 14-bit value, where zero - * is maximum downward bend, 16383 is maximum upward bend, and - * 8192 is the center (no pitch bend). The actual - * amount of pitch change is not specified; it can be changed by - * a pitch-bend sensitivity setting. However, the General MIDI - * specification says that the default range should be two semitones - * up and down from center. + * Changes the pitch offset for all notes on this channel. This affects all + * currently sounding notes as well as subsequent ones. (For pitch bend to + * cease, the value needs to be reset to the center position.) + * <p> + * The MIDI specification stipulates that pitch bend be a 14-bit value, + * where zero is maximum downward bend, 16383 is maximum upward bend, and + * 8192 is the center (no pitch bend). The actual amount of pitch change is + * not specified; it can be changed by a pitch-bend sensitivity setting. + * However, the General MIDI specification says that the default range + * should be two semitones up and down from center. + * <p> + * It is possible that the underlying synthesizer does not support this MIDI + * message. In order to verify that {@code setPitchBend} was successful, use + * {@code getPitchBend}. * - * It is possible that the underlying synthesizer - * does not support this MIDI message. In order - * to verify that <code>setPitchBend</code> - * was successful, use <code>getPitchBend</code>. - * - * @param bend the amount of pitch change, as a nonnegative 14-bit value - * (8192 = no bend) - * + * @param bend the amount of pitch change, as a nonnegative 14-bit value + * (8192 = no bend) * @see #getPitchBend */ - public void setPitchBend(int bend); + void setPitchBend(int bend); /** - * Obtains the upward or downward pitch offset for this channel. - * If the device does not support setting pitch bend, - * this method always returns 8192. Calling - * <code>setPitchBend</code> will have no effect then. + * Obtains the upward or downward pitch offset for this channel. If the + * device does not support setting pitch bend, this method always returns + * 8192. Calling {@code setPitchBend} will have no effect then. * * @return bend amount, as a nonnegative 14-bit value (8192 = no bend) - * * @see #setPitchBend(int) */ - public int getPitchBend(); + int getPitchBend(); /** * Resets all the implemented controllers to their default values. * * @see #controlChange(int, int) */ - public void resetAllControllers(); + void resetAllControllers(); /** - * Turns off all notes that are currently sounding on this channel. - * The notes might not die away instantaneously; their decay - * rate is determined by the internals of the <code>Instrument</code>. - * If the Hold Pedal controller (see - * {@link #controlChange(int, int) controlChange}) - * is down, the effect of this method is deferred until the pedal is - * released. + * Turns off all notes that are currently sounding on this channel. The + * notes might not die away instantaneously; their decay rate is determined + * by the internals of the {@code Instrument}. If the Hold Pedal controller + * (see {@link #controlChange(int, int) controlChange}) is down, the effect + * of this method is deferred until the pedal is released. * * @see #allSoundOff * @see #noteOff(int) */ - public void allNotesOff(); + void allNotesOff(); /** * Immediately turns off all sounding notes on this channel, ignoring the * state of the Hold Pedal and the internal decay rate of the current - * <code>Instrument</code>. + * {@code Instrument}. * * @see #allNotesOff */ - public void allSoundOff(); + void allSoundOff(); /** - * Turns local control on or off. The default is for local control - * to be on. The "on" setting means that if a device is capable - * of both synthesizing sound and transmitting MIDI messages, - * it will synthesize sound in response to the note-on and - * note-off messages that it itself transmits. It will also respond - * to messages received from other transmitting devices. - * The "off" setting means that the synthesizer will ignore its - * own transmitted MIDI messages, but not those received from other devices. + * Turns local control on or off. The default is for local control to be on. + * The "on" setting means that if a device is capable of both synthesizing + * sound and transmitting MIDI messages, it will synthesize sound in + * response to the note-on and note-off messages that it itself transmits. + * It will also respond to messages received from other transmitting + * devices. The "off" setting means that the synthesizer will ignore its own + * transmitted MIDI messages, but not those received from other devices. + * <p> + * It is possible that the underlying synthesizer does not support local + * control. In order to verify that a call to {@code localControl} was + * successful, check the return value. * - * It is possible that the underlying synthesizer - * does not support local control. In order - * to verify that a call to <code>localControl</code> - * was successful, check the return value. - * - * @param on <code>true</code> to turn local control on, <code>false</code> - * to turn local control off - * @return the new local-control value, or false - * if local control is not supported - * + * @param on {@code true} to turn local control on, {@code false} to turn + * local control off + * @return the new local-control value, or false if local control is not + * supported */ - public boolean localControl(boolean on); + boolean localControl(boolean on); /** - * Turns mono mode on or off. In mono mode, the channel synthesizes - * only one note at a time. In poly mode (identical to mono mode off), - * the channel can synthesize multiple notes simultaneously. - * The default is mono off (poly mode on). + * Turns mono mode on or off. In mono mode, the channel synthesizes only one + * note at a time. In poly mode (identical to mono mode off), the channel + * can synthesize multiple notes simultaneously. The default is mono off + * (poly mode on). * <p> - * "Mono" is short for the word "monophonic," which in this context - * is opposed to the word "polyphonic" and refers to a single synthesizer - * voice per MIDI channel. It - * has nothing to do with how many audio channels there might be - * (as in "monophonic" versus "stereophonic" recordings). + * "Mono" is short for the word "monophonic," which in this context is + * opposed to the word "polyphonic" and refers to a single synthesizer voice + * per MIDI channel. It has nothing to do with how many audio channels there + * might be (as in "monophonic" versus "stereophonic" recordings). + * <p> + * It is possible that the underlying synthesizer does not support mono + * mode. In order to verify that a call to {@code setMono} was successful, + * use {@code getMono}. * - * It is possible that the underlying synthesizer - * does not support mono mode. In order - * to verify that a call to <code>setMono</code> - * was successful, use <code>getMono</code>. - * - * @param on <code>true</code> to turn mono mode on, <code>false</code> to - * turn it off (which means turning poly mode on). - * + * @param on {@code true} to turn mono mode on, {@code false} to turn it + * off (which means turning poly mode on) * @see #getMono * @see VoiceStatus */ - public void setMono(boolean on); + void setMono(boolean on); /** - * Obtains the current mono/poly mode. - * Synthesizers that do not allow changing mono/poly mode - * will always return the same value, regardless - * of calls to <code>setMono</code>. - * @return <code>true</code> if mono mode is on, otherwise - * <code>false</code> (meaning poly mode is on). + * Obtains the current mono/poly mode. Synthesizers that do not allow + * changing mono/poly mode will always return the same value, regardless of + * calls to {@code setMono}. * + * @return {@code true} if mono mode is on, otherwise {@code false} (meaning + * poly mode is on) * @see #setMono(boolean) */ - public boolean getMono(); + boolean getMono(); /** - * Turns omni mode on or off. In omni mode, the channel responds - * to messages sent on all channels. When omni is off, the channel - * responds only to messages sent on its channel number. - * The default is omni off. + * Turns omni mode on or off. In omni mode, the channel responds to messages + * sent on all channels. When omni is off, the channel responds only to + * messages sent on its channel number. The default is omni off. + * <p> + * It is possible that the underlying synthesizer does not support omni + * mode. In order to verify that {@code setOmni} was successful, use + * {@code getOmni}. * - * It is possible that the underlying synthesizer - * does not support omni mode. In order - * to verify that <code>setOmni</code> - * was successful, use <code>getOmni</code>. - * - * @param on <code>true</code> to turn omni mode on, <code>false</code> to - * turn it off. - * + * @param on {@code true} to turn omni mode on, {@code false} to turn it + * off * @see #getOmni * @see VoiceStatus */ - public void setOmni(boolean on); + void setOmni(boolean on); /** - * Obtains the current omni mode. - * Synthesizers that do not allow changing the omni mode - * will always return the same value, regardless - * of calls to <code>setOmni</code>. - * @return <code>true</code> if omni mode is on, otherwise - * <code>false</code> (meaning omni mode is off). + * Obtains the current omni mode. Synthesizers that do not allow changing + * the omni mode will always return the same value, regardless of calls to + * {@code setOmni}. * + * @return {@code true} if omni mode is on, otherwise {@code false} (meaning + * omni mode is off) * @see #setOmni(boolean) */ - public boolean getOmni(); + boolean getOmni(); /** - * Sets the mute state for this channel. A value of - * <code>true</code> means the channel is to be muted, <code>false</code> - * means the channel can sound (if other channels are not soloed). + * Sets the mute state for this channel. A value of {@code true} means the + * channel is to be muted, {@code false} means the channel can sound (if + * other channels are not soloed). * <p> - * Unlike {@link #allSoundOff()}, this method - * applies to only a specific channel, not to all channels. Further, it - * silences not only currently sounding notes, but also subsequently - * received notes. + * Unlike {@link #allSoundOff()}, this method applies to only a specific + * channel, not to all channels. Further, it silences not only currently + * sounding notes, but also subsequently received notes. + * <p> + * It is possible that the underlying synthesizer does not support muting + * channels. In order to verify that a call to {@code setMute} was + * successful, use {@code getMute}. * - * It is possible that the underlying synthesizer - * does not support muting channels. In order - * to verify that a call to <code>setMute</code> - * was successful, use <code>getMute</code>. - * - * @param mute the new mute state - * + * @param mute the new mute state * @see #getMute * @see #setSolo(boolean) */ - public void setMute(boolean mute); + void setMute(boolean mute); /** - * Obtains the current mute state for this channel. - * If the underlying synthesizer does not support - * muting this channel, this method always returns - * <code>false</code>. + * Obtains the current mute state for this channel. If the underlying + * synthesizer does not support muting this channel, this method always + * returns {@code false}. * - * @return <code>true</code> the channel is muted, - * or <code>false</code> if not - * + * @return {@code true} the channel is muted, or {@code false} if not * @see #setMute(boolean) */ - public boolean getMute(); + boolean getMute(); /** - * Sets the solo state for this channel. - * If <code>solo</code> is <code>true</code> only this channel - * and other soloed channels will sound. If <code>solo</code> - * is <code>false</code> then only other soloed channels will - * sound, unless no channels are soloed, in which case all - * unmuted channels will sound. + * Sets the solo state for this channel. If {@code solo} is {@code true} + * only this channel and other soloed channels will sound. If {@code solo} + * is {@code false} then only other soloed channels will sound, unless no + * channels are soloed, in which case all unmuted channels will sound. + * <p> + * It is possible that the underlying synthesizer does not support solo + * channels. In order to verify that a call to {@code setSolo} was + * successful, use {@code getSolo}. * - * It is possible that the underlying synthesizer - * does not support solo channels. In order - * to verify that a call to <code>setSolo</code> - * was successful, use <code>getSolo</code>. - * - * @param soloState new solo state for the channel + * @param soloState new solo state for the channel * @see #getSolo() */ - public void setSolo(boolean soloState); + void setSolo(boolean soloState); /** - * Obtains the current solo state for this channel. - * If the underlying synthesizer does not support - * solo on this channel, this method always returns - * <code>false</code>. + * Obtains the current solo state for this channel. If the underlying + * synthesizer does not support solo on this channel, this method always + * returns {@code false}. * - * @return <code>true</code> the channel is solo, - * or <code>false</code> if not - * + * @return {@code true} the channel is solo, or {@code false} if not * @see #setSolo(boolean) */ - public boolean getSolo(); + boolean getSolo(); }
--- a/jdk/src/java.desktop/share/classes/javax/sound/midi/MidiDevice.java Thu Aug 21 14:16:26 2014 -0700 +++ b/jdk/src/java.desktop/share/classes/javax/sound/midi/MidiDevice.java Thu Aug 28 14:54:07 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -27,64 +27,52 @@ import java.util.List; - /** - * <code>MidiDevice</code> is the base interface for all MIDI devices. - * Common devices include synthesizers, sequencers, MIDI input ports, and MIDI - * output ports. - * - * <p>A <code>MidiDevice</code> can be a transmitter or a receiver of - * MIDI events, or both. Therefore, it can provide {@link Transmitter} - * or {@link Receiver} instances (or both). Typically, MIDI IN ports - * provide transmitters, MIDI OUT ports and synthesizers provide - * receivers. A Sequencer typically provides transmitters for playback - * and receivers for recording. - * - * <p>A <code>MidiDevice</code> can be opened and closed explicitly as - * well as implicitly. Explicit opening is accomplished by calling - * {@link #open}, explicit closing is done by calling {@link - * #close} on the <code>MidiDevice</code> instance. - * If an application opens a <code>MidiDevice</code> - * explicitly, it has to close it explicitly to free system resources - * and enable the application to exit cleanly. Implicit opening is - * done by calling {@link javax.sound.midi.MidiSystem#getReceiver - * MidiSystem.getReceiver} and {@link - * javax.sound.midi.MidiSystem#getTransmitter - * MidiSystem.getTransmitter}. The <code>MidiDevice</code> used by - * <code>MidiSystem.getReceiver</code> and - * <code>MidiSystem.getTransmitter</code> is implementation-dependant - * unless the properties <code>javax.sound.midi.Receiver</code> - * and <code>javax.sound.midi.Transmitter</code> are used (see the - * description of properties to select default providers in - * {@link javax.sound.midi.MidiSystem}). A <code>MidiDevice</code> - * that was opened implicitly, is closed implicitly by closing the - * <code>Receiver</code> or <code>Transmitter</code> that resulted in - * opening it. If more than one implicitly opening - * <code>Receiver</code> or <code>Transmitter</code> were obtained by - * the application, the device is closed after the last - * <code>Receiver</code> or <code>Transmitter</code> has been - * closed. On the other hand, calling <code>getReceiver</code> or - * <code>getTransmitter</code> on the device instance directly does - * not open the device implicitly. Closing these - * <code>Transmitter</code>s and <code>Receiver</code>s does not close - * the device implicitly. To use a device with <code>Receiver</code>s - * or <code>Transmitter</code>s obtained this way, the device has to - * be opened and closed explicitly. - * - * <p>If implicit and explicit opening and closing are mixed on the - * same <code>MidiDevice</code> instance, the following rules apply: +/** + * {@code MidiDevice} is the base interface for all MIDI devices. Common devices + * include synthesizers, sequencers, MIDI input ports, and MIDI output ports. + * <p> + * A {@code MidiDevice} can be a transmitter or a receiver of MIDI events, or + * both. Therefore, it can provide {@link Transmitter} or {@link Receiver} + * instances (or both). Typically, MIDI IN ports provide transmitters, MIDI OUT + * ports and synthesizers provide receivers. A Sequencer typically provides + * transmitters for playback and receivers for recording. + * <p> + * A {@code MidiDevice} can be opened and closed explicitly as well as + * implicitly. Explicit opening is accomplished by calling {@link #open}, + * explicit closing is done by calling {@link #close} on the {@code MidiDevice} + * instance. If an application opens a {@code MidiDevice} explicitly, it has to + * close it explicitly to free system resources and enable the application to + * exit cleanly. Implicit opening is done by calling + * {@link MidiSystem#getReceiver} and {@link MidiSystem#getTransmitter}. The + * {@code MidiDevice} used by {@code MidiSystem.getReceiver} and + * {@code MidiSystem.getTransmitter} is implementation-dependant unless the + * properties {@code javax.sound.midi.Receiver} and + * {@code javax.sound.midi.Transmitter} are used (see the description of + * properties to select default providers in {@link MidiSystem}). A + * {@code MidiDevice} that was opened implicitly, is closed implicitly by + * closing the {@code Receiver} or {@code Transmitter} that resulted in opening + * it. If more than one implicitly opening {@code Receiver} or + * {@code Transmitter} were obtained by the application, the device is closed + * after the last {@code Receiver} or {@code Transmitter} has been closed. On + * the other hand, calling {@code getReceiver} or {@code getTransmitter} on the + * device instance directly does not open the device implicitly. Closing these + * {@code Transmitter}s and {@code Receiver}s does not close the device + * implicitly. To use a device with {@code Receiver}s or {@code Transmitter}s + * obtained this way, the device has to be opened and closed explicitly. + * <p> + * If implicit and explicit opening and closing are mixed on the same + * {@code MidiDevice} instance, the following rules apply: * * <ul> - * <li>After an explicit open (either before or after implicit - * opens), the device will not be closed by implicit closing. The only - * way to close an explicitly opened device is an explicit close.</li> - * - * <li>An explicit close always closes the device, even if it also has - * been opened implicitly. A subsequent implicit close has no further - * effect.</li> + * <li>After an explicit open (either before or after implicit opens), the + * device will not be closed by implicit closing. The only way to close an + * explicitly opened device is an explicit close.</li> + * <li>An explicit close always closes the device, even if it also has been + * opened implicitly. A subsequent implicit close has no further effect.</li> * </ul> * - * To detect if a MidiDevice represents a hardware MIDI port, the - * following programming technique can be used: + * To detect if a MidiDevice represents a hardware MIDI port, the following + * programming technique can be used: * * <pre>{@code * MidiDevice device = ...; @@ -95,193 +83,171 @@ * }</pre> * * <p> - * A <code>MidiDevice</code> includes a <code>{@link MidiDevice.Info}</code> object - * to provide manufacturer information and so on. + * A {@code MidiDevice} includes a {@link Info} object to provide manufacturer + * information and so on. * + * @author Kara Kytle + * @author Florian Bomers * @see Synthesizer * @see Sequencer * @see Receiver * @see Transmitter - * - * @author Kara Kytle - * @author Florian Bomers */ - public interface MidiDevice extends AutoCloseable { - /** * Obtains information about the device, including its Java class and - * <code>Strings</code> containing its name, vendor, and description. + * {@code Strings} containing its name, vendor, and description. * * @return device info */ - public Info getDeviceInfo(); - + Info getDeviceInfo(); /** - * Opens the device, indicating that it should now acquire any - * system resources it requires and become operational. - * - * <p>An application opening a device explicitly with this call - * has to close the device by calling {@link #close}. This is - * necessary to release system resources and allow applications to - * exit cleanly. - * + * Opens the device, indicating that it should now acquire any system + * resources it requires and become operational. + * <p> + * An application opening a device explicitly with this call has to close + * the device by calling {@link #close}. This is necessary to release system + * resources and allow applications to exit cleanly. * <p> - * Note that some devices, once closed, cannot be reopened. Attempts - * to reopen such a device will always result in a MidiUnavailableException. + * Note that some devices, once closed, cannot be reopened. Attempts to + * reopen such a device will always result in a MidiUnavailableException. * - * @throws MidiUnavailableException thrown if the device cannot be - * opened due to resource restrictions. - * @throws SecurityException thrown if the device cannot be - * opened due to security restrictions. - * + * @throws MidiUnavailableException thrown if the device cannot be opened + * due to resource restrictions + * @throws SecurityException thrown if the device cannot be opened due to + * security restrictions * @see #close * @see #isOpen */ - public void open() throws MidiUnavailableException; - + void open() throws MidiUnavailableException; /** - * Closes the device, indicating that the device should now release - * any system resources it is using. - * - * <p>All <code>Receiver</code> and <code>Transmitter</code> instances - * open from this device are closed. This includes instances retrieved - * via <code>MidiSystem</code>. + * Closes the device, indicating that the device should now release any + * system resources it is using. + * <p> + * All {@code Receiver} and {@code Transmitter} instances open from this + * device are closed. This includes instances retrieved via + * {@code MidiSystem}. * * @see #open * @see #isOpen */ - public void close(); - + void close(); /** * Reports whether the device is open. * - * @return <code>true</code> if the device is open, otherwise - * <code>false</code> + * @return {@code true} if the device is open, otherwise {@code false} * @see #open * @see #close */ - public boolean isOpen(); - + boolean isOpen(); /** - * Obtains the current time-stamp of the device, in microseconds. - * If a device supports time-stamps, it should start counting at - * 0 when the device is opened and continue incrementing its - * time-stamp in microseconds until the device is closed. - * If it does not support time-stamps, it should always return - * -1. - * @return the current time-stamp of the device in microseconds, - * or -1 if time-stamping is not supported by the device. + * Obtains the current time-stamp of the device, in microseconds. If a + * device supports time-stamps, it should start counting at 0 when the + * device is opened and continue incrementing its time-stamp in microseconds + * until the device is closed. If it does not support time-stamps, it should + * always return -1. + * + * @return the current time-stamp of the device in microseconds, or -1 if + * time-stamping is not supported by the device */ - public long getMicrosecondPosition(); - + long getMicrosecondPosition(); /** - * Obtains the maximum number of MIDI IN connections available on this - * MIDI device for receiving MIDI data. - * @return maximum number of MIDI IN connections, - * or -1 if an unlimited number of connections is available. + * Obtains the maximum number of MIDI IN connections available on this MIDI + * device for receiving MIDI data. + * + * @return maximum number of MIDI IN connections, or -1 if an unlimited + * number of connections is available */ - public int getMaxReceivers(); - + int getMaxReceivers(); /** - * Obtains the maximum number of MIDI OUT connections available on this - * MIDI device for transmitting MIDI data. - * @return maximum number of MIDI OUT connections, - * or -1 if an unlimited number of connections is available. + * Obtains the maximum number of MIDI OUT connections available on this MIDI + * device for transmitting MIDI data. + * + * @return maximum number of MIDI OUT connections, or -1 if an unlimited + * number of connections is available */ - public int getMaxTransmitters(); - + int getMaxTransmitters(); /** - * Obtains a MIDI IN receiver through which the MIDI device may receive - * MIDI data. The returned receiver must be closed when the application - * has finished using it. - * - * <p>Usually the returned receiver implements - * the {@code MidiDeviceReceiver} interface. + * Obtains a MIDI IN receiver through which the MIDI device may receive MIDI + * data. The returned receiver must be closed when the application has + * finished using it. + * <p> + * Usually the returned receiver implements the {@code MidiDeviceReceiver} + * interface. + * <p> + * Obtaining a {@code Receiver} with this method does not open the device. + * To be able to use the device, it has to be opened explicitly by calling + * {@link #open}. Also, closing the {@code Receiver} does not close the + * device. It has to be closed explicitly by calling {@link #close}. * - * <p>Obtaining a <code>Receiver</code> with this method does not - * open the device. To be able to use the device, it has to be - * opened explicitly by calling {@link #open}. Also, closing the - * <code>Receiver</code> does not close the device. It has to be - * closed explicitly by calling {@link #close}. - * - * @return a receiver for the device. + * @return a receiver for the device * @throws MidiUnavailableException thrown if a receiver is not available - * due to resource restrictions + * due to resource restrictions * @see Receiver#close() */ - public Receiver getReceiver() throws MidiUnavailableException; - + Receiver getReceiver() throws MidiUnavailableException; /** - * Returns all currently active, non-closed receivers - * connected with this MidiDevice. - * A receiver can be removed - * from the device by closing it. - * - * <p>Usually the returned receivers implement - * the {@code MidiDeviceReceiver} interface. + * Returns all currently active, non-closed receivers connected with this + * MidiDevice. A receiver can be removed from the device by closing it. + * <p> + * Usually the returned receivers implement the {@code MidiDeviceReceiver} + * interface. * * @return an unmodifiable list of the open receivers * @since 1.5 */ List<Receiver> getReceivers(); - /** * Obtains a MIDI OUT connection from which the MIDI device will transmit - * MIDI data The returned transmitter must be closed when the application + * MIDI data. The returned transmitter must be closed when the application * has finished using it. - * - * <p>Usually the returned transmitter implements - * the {@code MidiDeviceTransmitter} interface. + * <p> + * Usually the returned transmitter implements the + * {@code MidiDeviceTransmitter} interface. + * <p> + * Obtaining a {@code Transmitter} with this method does not open the + * device. To be able to use the device, it has to be opened explicitly by + * calling {@link #open}. Also, closing the {@code Transmitter} does not + * close the device. It has to be closed explicitly by calling + * {@link #close}. * - * <p>Obtaining a <code>Transmitter</code> with this method does not - * open the device. To be able to use the device, it has to be - * opened explicitly by calling {@link #open}. Also, closing the - * <code>Transmitter</code> does not close the device. It has to be - * closed explicitly by calling {@link #close}. - * - * @return a MIDI OUT transmitter for the device. + * @return a MIDI OUT transmitter for the device * @throws MidiUnavailableException thrown if a transmitter is not available - * due to resource restrictions + * due to resource restrictions * @see Transmitter#close() */ - public Transmitter getTransmitter() throws MidiUnavailableException; - + Transmitter getTransmitter() throws MidiUnavailableException; /** - * Returns all currently active, non-closed transmitters - * connected with this MidiDevice. - * A transmitter can be removed - * from the device by closing it. - * - * <p>Usually the returned transmitters implement - * the {@code MidiDeviceTransmitter} interface. + * Returns all currently active, non-closed transmitters connected with this + * MidiDevice. A transmitter can be removed from the device by closing it. + * <p> + * Usually the returned transmitters implement the + * {@code MidiDeviceTransmitter} interface. * * @return an unmodifiable list of the open transmitters * @since 1.5 */ List<Transmitter> getTransmitters(); - - /** - * A <code>MidiDevice.Info</code> object contains assorted - * data about a <code>{@link MidiDevice}</code>, including its - * name, the company who created it, and descriptive text. + * A {@code MidiDevice.Info} object contains assorted data about a + * {@link MidiDevice}, including its name, the company who created it, and + * descriptive text. * * @see MidiDevice#getDeviceInfo */ - public static class Info { + class Info { /** * The device's name. @@ -303,16 +269,16 @@ */ private String version; - /** * Constructs a device info object. * - * @param name the name of the device - * @param vendor the name of the company who provides the device - * @param description a description of the device - * @param version version information for the device + * @param name the name of the device + * @param vendor the name of the company who provides the device + * @param description a description of the device + * @param version version information for the device */ - protected Info(String