changeset 7996:62bafa13e5bd

Merge
author asaha
date Mon, 17 Nov 2014 10:12:49 -0800
parents 8b73df8a7f17 0a1fe04693dd
children 70371a63e6c9
files
diffstat 19 files changed, 381 insertions(+), 85 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/com/sun/java/swing/SwingUtilities3.java	Fri Aug 15 12:46:02 2014 -0700
+++ b/src/share/classes/com/sun/java/swing/SwingUtilities3.java	Mon Nov 17 10:12:49 2014 -0800
@@ -27,6 +27,8 @@
 
 import sun.awt.EventQueueDelegate;
 import sun.awt.AppContext;
+import sun.awt.SunToolkit;
+
 import java.util.Collections;
 import java.util.Map;
 import java.util.WeakHashMap;
@@ -117,8 +119,8 @@
     public static RepaintManager getDelegateRepaintManager(Component
                                                             component) {
         RepaintManager delegate = null;
-        if (Boolean.TRUE == AppContext.getAppContext().get(
-                                               DELEGATE_REPAINT_MANAGER_KEY)) {
+        if (Boolean.TRUE == SunToolkit.targetToAppContext(component)
+                                      .get(DELEGATE_REPAINT_MANAGER_KEY)) {
             while (delegate == null && component != null) {
                 while (component != null
                          && ! (component instanceof JComponent)) {
--- a/src/share/classes/java/awt/Component.java	Fri Aug 15 12:46:02 2014 -0700
+++ b/src/share/classes/java/awt/Component.java	Mon Nov 17 10:12:49 2014 -0800
@@ -3394,7 +3394,7 @@
                 (width > 0) && (height > 0)) {
                 PaintEvent e = new PaintEvent(this, PaintEvent.UPDATE,
                                               new Rectangle(x, y, width, height));
-                Toolkit.getEventQueue().postEvent(e);
+                SunToolkit.postEvent(SunToolkit.targetToAppContext(this), e);
             }
         }
     }
--- a/src/share/classes/javax/swing/JComponent.java	Fri Aug 15 12:46:02 2014 -0700
+++ b/src/share/classes/javax/swing/JComponent.java	Mon Nov 17 10:12:49 2014 -0800
@@ -63,6 +63,7 @@
 import static javax.swing.ClientPropertyKey.*;
 import javax.accessibility.*;
 
+import sun.awt.SunToolkit;
 import sun.swing.SwingUtilities2;
 import sun.swing.UIClientPropertyKey;
 
@@ -4801,7 +4802,8 @@
      * @see RepaintManager#addDirtyRegion
      */
     public void repaint(long tm, int x, int y, int width, int height) {
-        RepaintManager.currentManager(this).addDirtyRegion(this, x, y, width, height);
+        RepaintManager.currentManager(SunToolkit.targetToAppContext(this))
+                      .addDirtyRegion(this, x, y, width, height);
     }
 
 
@@ -4856,7 +4858,7 @@
             // which was causing some people grief.
             return;
         }
-        if (SwingUtilities.isEventDispatchThread()) {
+        if (SunToolkit.isDispatchThreadForAppContext(this)) {
             invalidate();
             RepaintManager.currentManager(this).addInvalidComponent(this);
         }
@@ -4878,7 +4880,7 @@
                     revalidate();
                 }
             };
-            SwingUtilities.invokeLater(callRevalidate);
+            SunToolkit.executeOnEventHandlerThread(this, callRevalidate);
         }
     }
 
--- a/src/share/classes/sun/security/ssl/Handshaker.java	Fri Aug 15 12:46:02 2014 -0700
+++ b/src/share/classes/sun/security/ssl/Handshaker.java	Mon Nov 17 10:12:49 2014 -0800
@@ -467,7 +467,9 @@
 
         if (activeProtocols.collection().isEmpty() ||
                 activeProtocols.max.v == ProtocolVersion.NONE.v) {
-            throw new SSLHandshakeException("No appropriate protocol");
+            throw new SSLHandshakeException(
+                    "No appropriate protocol (protocol is disabled or " +
+                    "cipher suites are inappropriate)");
         }
 
         if (activeCipherSuites == null) {
@@ -636,14 +638,24 @@
     ProtocolList getActiveProtocols() {
         if (activeProtocols == null) {
             ArrayList<ProtocolVersion> protocols = new ArrayList<>(4);
+            EnumSet<CryptoPrimitive> cryptoPrimitives =
+                EnumSet.<CryptoPrimitive>of(CryptoPrimitive.KEY_AGREEMENT);
             for (ProtocolVersion protocol : enabledProtocols.collection()) {
+                if (!algorithmConstraints.permits(
+                        cryptoPrimitives, protocol.name, null)) {
+                    if (debug != null && Debug.isOn("verbose")) {
+                        System.out.println(
+                            "Ignoring disabled protocol: " + protocol);
+                    }
+
+                    continue;
+                }
                 boolean found = false;
                 for (CipherSuite suite : enabledCipherSuites.collection()) {
                     if (suite.isAvailable() && suite.obsoleted > protocol.v &&
                                                suite.supported <= protocol.v) {
                         if (algorithmConstraints.permits(
-                                EnumSet.of(CryptoPrimitive.KEY_AGREEMENT),
-                                suite.name, null)) {
+                                cryptoPrimitives, suite.name, null)) {
                             protocols.add(protocol);
                             found = true;
                             break;
--- a/src/share/classes/sun/security/ssl/ProtocolVersion.java	Fri Aug 15 12:46:02 2014 -0700
+++ b/src/share/classes/sun/security/ssl/ProtocolVersion.java	Mon Nov 17 10:12:49 2014 -0800
@@ -25,6 +25,9 @@
 
 package sun.security.ssl;
 
+import java.util.*;
+import java.security.CryptoPrimitive;
+
 /**
  * Type safe enum for an SSL/TLS protocol version. Instances are obtained
  * using the static factory methods or by referencing the static members
@@ -86,6 +89,11 @@
     // Default version for hello messages (SSLv2Hello)
     final static ProtocolVersion DEFAULT_HELLO = FIPS ? TLS10 : SSL30;
 
+    // Available protocols
+    //
+    // Including all supported protocols except the disabled ones.
+    final static Set<ProtocolVersion> availableProtocols;
+
     // version in 16 bit MSB format as it appears in records and
     // messages, i.e. 0x0301 for TLS 1.0
     public final int v;
@@ -96,6 +104,25 @@
     // name used in JSSE (e.g. TLSv1 for TLS 1.0)
     final String name;
 
+    // Initialize the available protocols.
+    static {
+        Set<ProtocolVersion> protocols = new HashSet<>(5);
+
+        ProtocolVersion[] pvs = new ProtocolVersion[] {
+                SSL20Hello, SSL30, TLS10, TLS11, TLS12};
+        EnumSet<CryptoPrimitive> cryptoPrimitives =
+            EnumSet.<CryptoPrimitive>of(CryptoPrimitive.KEY_AGREEMENT);
+        for (ProtocolVersion p : pvs) {
+            if (SSLAlgorithmConstraints.DEFAULT_SSL_ONLY.permits(
+                    cryptoPrimitives, p.name, null)) {
+                protocols.add(p);
+            }
+        }
+
+        availableProtocols =
+                Collections.<ProtocolVersion>unmodifiableSet(protocols);
+    }
+
     // private
     private ProtocolVersion(int v, String name) {
         this.v = v;
--- a/src/share/classes/sun/security/ssl/SSLAlgorithmConstraints.java	Fri Aug 15 12:46:02 2014 -0700
+++ b/src/share/classes/sun/security/ssl/SSLAlgorithmConstraints.java	Mon Nov 17 10:12:49 2014 -0800
@@ -55,6 +55,14 @@
 
     private boolean enabledX509DisabledAlgConstraints = true;
 
+    // the default algorithm constraints
+    final static AlgorithmConstraints DEFAULT =
+                        new SSLAlgorithmConstraints(null);
+
+    // the default SSL only algorithm constraints
+    final static AlgorithmConstraints DEFAULT_SSL_ONLY =
+                        new SSLAlgorithmConstraints((SSLSocket)null, false);
+
     SSLAlgorithmConstraints(AlgorithmConstraints algorithmConstraints) {
         userAlgConstraints = algorithmConstraints;
     }
--- a/src/share/classes/sun/security/ssl/SSLContextImpl.java	Fri Aug 15 12:46:02 2014 -0700
+++ b/src/share/classes/sun/security/ssl/SSLContextImpl.java	Mon Nov 17 10:12:49 2014 -0800
@@ -51,10 +51,6 @@
     private X509TrustManager trustManager;
     private SecureRandom secureRandom;
 
-    // The default algrithm constraints
-    private AlgorithmConstraints defaultAlgorithmConstraints =
-                                 new SSLAlgorithmConstraints(null);
-
     // supported and default protocols
     private ProtocolList defaultServerProtocolList;
     private ProtocolList defaultClientProtocolList;
@@ -342,7 +338,7 @@
                 if (suite.isAvailable() &&
                         suite.obsoleted > protocols.min.v &&
                         suite.supported <= protocols.max.v) {
-                    if (defaultAlgorithmConstraints.permits(
+                    if (SSLAlgorithmConstraints.DEFAULT.permits(
                             EnumSet.of(CryptoPrimitive.KEY_AGREEMENT),
                             suite.name, null)) {
                         suites.add(suite);
@@ -384,6 +380,22 @@
         }
     }
 
+    static String[] getAvailableProtocols(
+            ProtocolVersion[] protocolCandidates) {
+
+        List<String> availableProtocols = Collections.<String>emptyList();
+        if (protocolCandidates != null && protocolCandidates.length != 0) {
+            availableProtocols = new ArrayList<>(protocolCandidates.length);
+            for (ProtocolVersion p : protocolCandidates) {
+                if (ProtocolVersion.availableProtocols.contains(p)) {
+                    availableProtocols.add(p.name);
+                }
+            }
+        }
+
+        return availableProtocols.toArray(new String[0]);
+    }
+
     /*
      * The SSLContext implementation for TLS/SSL algorithm
      *
@@ -423,28 +435,35 @@
      */
     private static class ConservativeSSLContext extends SSLContextImpl {
         // parameters
-        private static SSLParameters defaultServerSSLParams;
-        private static SSLParameters defaultClientSSLParams;
-        private static SSLParameters supportedSSLParams;
+        private static final SSLParameters defaultServerSSLParams;
+        private static final SSLParameters defaultClientSSLParams;
+        private static final SSLParameters supportedSSLParams;
 
         static {
+            // supported SSL parameters
+            supportedSSLParams = new SSLParameters();
+
+            // candidates for available protocols
+            ProtocolVersion[] serverCandidates;
+            ProtocolVersion[] clientCandidates;
+
             if (SunJSSE.isFIPS()) {
-                supportedSSLParams = new SSLParameters();
                 supportedSSLParams.setProtocols(new String[] {
                     ProtocolVersion.TLS10.name,
                     ProtocolVersion.TLS11.name,
                     ProtocolVersion.TLS12.name
                 });
 
-                defaultServerSSLParams = supportedSSLParams;
+                serverCandidates = new ProtocolVersion[] {
+                    ProtocolVersion.TLS10,
+                    ProtocolVersion.TLS11,
+                    ProtocolVersion.TLS12
+                };
 
-                defaultClientSSLParams = new SSLParameters();
-                defaultClientSSLParams.setProtocols(new String[] {
-                    ProtocolVersion.TLS10.name
-                });
-
+                clientCandidates = new ProtocolVersion[] {
+                    ProtocolVersion.TLS10
+                };
             } else {
-                supportedSSLParams = new SSLParameters();
                 supportedSSLParams.setProtocols(new String[] {
                     ProtocolVersion.SSL20Hello.name,
                     ProtocolVersion.SSL30.name,
@@ -453,14 +472,27 @@
                     ProtocolVersion.TLS12.name
                 });
 
-                defaultServerSSLParams = supportedSSLParams;
+                serverCandidates = new ProtocolVersion[] {
+                    ProtocolVersion.SSL20Hello,
+                    ProtocolVersion.SSL30,
+                    ProtocolVersion.TLS10,
+                    ProtocolVersion.TLS11,
+                    ProtocolVersion.TLS12
+                };
 
-                defaultClientSSLParams = new SSLParameters();
-                defaultClientSSLParams.setProtocols(new String[] {
-                    ProtocolVersion.SSL30.name,
-                    ProtocolVersion.TLS10.name
-                });
+                clientCandidates = new ProtocolVersion[] {
+                    ProtocolVersion.SSL30,
+                    ProtocolVersion.TLS10
+                };
             }
+
+            defaultClientSSLParams = new SSLParameters();
+            defaultClientSSLParams.setProtocols(
+                getAvailableProtocols(clientCandidates));
+
+            defaultServerSSLParams = new SSLParameters();
+            defaultServerSSLParams.setProtocols(
+                getAvailableProtocols(serverCandidates));
         }
 
         SSLParameters getDefaultServerSSLParams() {
@@ -651,29 +683,36 @@
      */
     public static final class TLS11Context extends SSLContextImpl {
         // parameters
-        private static SSLParameters defaultServerSSLParams;
-        private static SSLParameters defaultClientSSLParams;
-        private static SSLParameters supportedSSLParams;
+        private static final SSLParameters defaultServerSSLParams;
+        private static final SSLParameters defaultClientSSLParams;
+        private static final SSLParameters supportedSSLParams;
 
         static {
+            // supported SSL parameters
+            supportedSSLParams = new SSLParameters();
+
+            // candidates for available protocols
+            ProtocolVersion[] serverCandidates;
+            ProtocolVersion[] clientCandidates;
+
             if (SunJSSE.isFIPS()) {
-                supportedSSLParams = new SSLParameters();
                 supportedSSLParams.setProtocols(new String[] {
                     ProtocolVersion.TLS10.name,
                     ProtocolVersion.TLS11.name,
                     ProtocolVersion.TLS12.name
                 });
 
-                defaultServerSSLParams = supportedSSLParams;
+                serverCandidates = new ProtocolVersion[] {
+                    ProtocolVersion.TLS10,
+                    ProtocolVersion.TLS11,
+                    ProtocolVersion.TLS12
+                };
 
-                defaultClientSSLParams = new SSLParameters();
-                defaultClientSSLParams.setProtocols(new String[] {
-                    ProtocolVersion.TLS10.name,
-                    ProtocolVersion.TLS11.name
-                });
-
+                clientCandidates = new ProtocolVersion[] {
+                    ProtocolVersion.TLS10,
+                    ProtocolVersion.TLS11
+                };
             } else {
-                supportedSSLParams = new SSLParameters();
                 supportedSSLParams.setProtocols(new String[] {
                     ProtocolVersion.SSL20Hello.name,
                     ProtocolVersion.SSL30.name,
@@ -682,15 +721,28 @@
                     ProtocolVersion.TLS12.name
                 });
 
-                defaultServerSSLParams = supportedSSLParams;
+                serverCandidates = new ProtocolVersion[] {
+                    ProtocolVersion.SSL20Hello,
+                    ProtocolVersion.SSL30,
+                    ProtocolVersion.TLS10,
+                    ProtocolVersion.TLS11,
+                    ProtocolVersion.TLS12
+                };
 
-                defaultClientSSLParams = new SSLParameters();
-                defaultClientSSLParams.setProtocols(new String[] {
-                    ProtocolVersion.SSL30.name,
-                    ProtocolVersion.TLS10.name,
-                    ProtocolVersion.TLS11.name
-                });
+                clientCandidates = new ProtocolVersion[] {
+                    ProtocolVersion.SSL30,
+                    ProtocolVersion.TLS10,
+                    ProtocolVersion.TLS11
+                };
             }
+
+            defaultClientSSLParams = new SSLParameters();
+            defaultClientSSLParams.setProtocols(
+                getAvailableProtocols(clientCandidates));
+
+            defaultServerSSLParams = new SSLParameters();
+            defaultServerSSLParams.setProtocols(
+                getAvailableProtocols(serverCandidates));
         }
 
         SSLParameters getDefaultServerSSLParams() {
@@ -713,30 +765,37 @@
      */
     public static final class TLS12Context extends SSLContextImpl {
         // parameters
-        private static SSLParameters defaultServerSSLParams;
-        private static SSLParameters defaultClientSSLParams;
-        private static SSLParameters supportedSSLParams;
+        private static final SSLParameters defaultServerSSLParams;
+        private static final SSLParameters defaultClientSSLParams;
+        private static final SSLParameters supportedSSLParams;
 
         static {
+            // supported SSL parameters
+            supportedSSLParams = new SSLParameters();
+
+            // candidates for available protocols
+            ProtocolVersion[] serverCandidates;
+            ProtocolVersion[] clientCandidates;
+
             if (SunJSSE.isFIPS()) {
-                supportedSSLParams = new SSLParameters();
                 supportedSSLParams.setProtocols(new String[] {
                     ProtocolVersion.TLS10.name,
                     ProtocolVersion.TLS11.name,
                     ProtocolVersion.TLS12.name
                 });
 
-                defaultServerSSLParams = supportedSSLParams;
+                serverCandidates = new ProtocolVersion[] {
+                    ProtocolVersion.TLS10,
+                    ProtocolVersion.TLS11,
+                    ProtocolVersion.TLS12
+                };
 
-                defaultClientSSLParams = new SSLParameters();
-                defaultClientSSLParams.setProtocols(new String[] {
-                    ProtocolVersion.TLS10.name,
-                    ProtocolVersion.TLS11.name,
-                    ProtocolVersion.TLS12.name
-                });
-
+                clientCandidates = new ProtocolVersion[] {
+                    ProtocolVersion.TLS10,
+                    ProtocolVersion.TLS11,
+                    ProtocolVersion.TLS12
+                };
             } else {
-                supportedSSLParams = new SSLParameters();
                 supportedSSLParams.setProtocols(new String[] {
                     ProtocolVersion.SSL20Hello.name,
                     ProtocolVersion.SSL30.name,
@@ -745,16 +804,29 @@
                     ProtocolVersion.TLS12.name
                 });
 
-                defaultServerSSLParams = supportedSSLParams;
+                serverCandidates = new ProtocolVersion[] {
+                    ProtocolVersion.SSL20Hello,
+                    ProtocolVersion.SSL30,
+                    ProtocolVersion.TLS10,
+                    ProtocolVersion.TLS11,
+                    ProtocolVersion.TLS12
+                };
 
-                defaultClientSSLParams = new SSLParameters();
-                defaultClientSSLParams.setProtocols(new String[] {
-                    ProtocolVersion.SSL30.name,
-                    ProtocolVersion.TLS10.name,
-                    ProtocolVersion.TLS11.name,
-                    ProtocolVersion.TLS12.name
-                });
+                clientCandidates = new ProtocolVersion[] {
+                    ProtocolVersion.SSL30,
+                    ProtocolVersion.TLS10,
+                    ProtocolVersion.TLS11,
+                    ProtocolVersion.TLS12
+                };
             }
+
+            defaultClientSSLParams = new SSLParameters();
+            defaultClientSSLParams.setProtocols(
+                getAvailableProtocols(clientCandidates));
+
+            defaultServerSSLParams = new SSLParameters();
+            defaultServerSSLParams.setProtocols(
+                getAvailableProtocols(serverCandidates));
         }
 
         SSLParameters getDefaultServerSSLParams() {
--- a/src/share/lib/security/java.security-linux	Fri Aug 15 12:46:02 2014 -0700
+++ b/src/share/lib/security/java.security-linux	Mon Nov 17 10:12:49 2014 -0800
@@ -412,8 +412,12 @@
 #
 # In some environments, certain algorithms or key lengths may be undesirable
 # when using SSL/TLS.  This section describes the mechanism for disabling
-# algorithms during SSL/TLS security parameters negotiation, including cipher
-# suites selection, peer authentication and key exchange mechanisms.
+# algorithms during SSL/TLS security parameters negotiation, including
+# protocol version negotiation, cipher suites selection, peer authentication
+# and key exchange mechanisms.
+#
+# Disabled algorithms will not be negotiated for SSL/TLS connections, even
+# if they are enabled explicitly in an application.
 #
 # For PKI-based peer authentication and key exchange mechanisms, this list
 # of disabled algorithms will also be checked during certification path
@@ -428,4 +432,5 @@
 # It is not guaranteed to be examined and used by other implementations.
 #
 # Example:
-#   jdk.tls.disabledAlgorithms=MD5, SHA1, DSA, RSA keySize < 2048
+#   jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
+jdk.tls.disabledAlgorithms=SSLv3
--- a/src/share/lib/security/java.security-macosx	Fri Aug 15 12:46:02 2014 -0700
+++ b/src/share/lib/security/java.security-macosx	Mon Nov 17 10:12:49 2014 -0800
@@ -417,8 +417,12 @@
 #
 # In some environments, certain algorithms or key lengths may be undesirable
 # when using SSL/TLS.  This section describes the mechanism for disabling
-# algorithms during SSL/TLS security parameters negotiation, including cipher
-# suites selection, peer authentication and key exchange mechanisms.
+# algorithms during SSL/TLS security parameters negotiation, including
+# protocol version negotiation, cipher suites selection, peer authentication
+# and key exchange mechanisms.
+#
+# Disabled algorithms will not be negotiated for SSL/TLS connections, even
+# if they are enabled explicitly in an application.
 #
 # For PKI-based peer authentication and key exchange mechanisms, this list
 # of disabled algorithms will also be checked during certification path
@@ -433,4 +437,5 @@
 # It is not guaranteed to be examined and used by other implementations.
 #
 # Example:
-#   jdk.tls.disabledAlgorithms=MD5, SHA1, DSA, RSA keySize < 2048
+#   jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
+jdk.tls.disabledAlgorithms=SSLv3
--- a/src/share/lib/security/java.security-solaris	Fri Aug 15 12:46:02 2014 -0700
+++ b/src/share/lib/security/java.security-solaris	Mon Nov 17 10:12:49 2014 -0800
@@ -416,8 +416,12 @@
 #
 # In some environments, certain algorithms or key lengths may be undesirable
 # when using SSL/TLS.  This section describes the mechanism for disabling
-# algorithms during SSL/TLS security parameters negotiation, including cipher
-# suites selection, peer authentication and key exchange mechanisms.
+# algorithms during SSL/TLS security parameters negotiation, including
+# protocol version negotiation, cipher suites selection, peer authentication
+# and key exchange mechanisms.
+#
+# Disabled algorithms will not be negotiated for SSL/TLS connections, even
+# if they are enabled explicitly in an application.
 #
 # For PKI-based peer authentication and key exchange mechanisms, this list
 # of disabled algorithms will also be checked during certification path
@@ -432,4 +436,5 @@
 # It is not guaranteed to be examined and used by other implementations.
 #
 # Example:
-#   jdk.tls.disabledAlgorithms=MD5, SHA1, DSA, RSA keySize < 2048
+#   jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
+jdk.tls.disabledAlgorithms=SSLv3
--- a/src/share/lib/security/java.security-windows	Fri Aug 15 12:46:02 2014 -0700
+++ b/src/share/lib/security/java.security-windows	Mon Nov 17 10:12:49 2014 -0800
@@ -417,8 +417,12 @@
 #
 # In some environments, certain algorithms or key lengths may be undesirable
 # when using SSL/TLS.  This section describes the mechanism for disabling
-# algorithms during SSL/TLS security parameters negotiation, including cipher
-# suites selection, peer authentication and key exchange mechanisms.
+# algorithms during SSL/TLS security parameters negotiation, including
+# protocol version negotiation, cipher suites selection, peer authentication
+# and key exchange mechanisms.
+#
+# Disabled algorithms will not be negotiated for SSL/TLS connections, even
+# if they are enabled explicitly in an application.
 #
 # For PKI-based peer authentication and key exchange mechanisms, this list
 # of disabled algorithms will also be checked during certification path
@@ -433,4 +437,5 @@
 # It is not guaranteed to be examined and used by other implementations.
 #
 # Example:
-#   jdk.tls.disabledAlgorithms=MD5, SHA1, DSA, RSA keySize < 2048
+#   jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
+jdk.tls.disabledAlgorithms=SSLv3
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/javax/swing/JComponent/8043610/bug8043610.java	Mon Nov 17 10:12:49 2014 -0800
@@ -0,0 +1,122 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+
+/*
+  @test
+  @bug 8043610
+  @summary Tests that JComponent invalidate, revalidate and repaint methods could
+           be called from any thread
+  @author Petr Pchelko
+*/
+
+import sun.awt.SunToolkit;
+
+import javax.swing.*;
+import java.awt.*;
+import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.atomic.AtomicReference;
+
+public class bug8043610 {
+    private static volatile JFrame frame;
+    private static volatile JComponent component;
+
+    public static void main(String[] args) throws Exception {
+        ThreadGroup stubTG = new ThreadGroup(getRootThreadGroup(), "Stub Thread Group");
+        ThreadGroup swingTG = new ThreadGroup(getRootThreadGroup(), "SwingTG");
+        try {
+            Thread stubThread = new Thread(stubTG, new Runnable() {
+                @Override
+                public void run() {
+                    SunToolkit.createNewAppContext();
+                }
+            });
+            stubThread.start();
+            stubThread.join();
+
+            final CountDownLatch startSwingLatch = new CountDownLatch(1);
+            new Thread(swingTG, new Runnable() {
+                @Override
+                public void run() {
+                    SunToolkit.createNewAppContext();
+                    SwingUtilities.invokeLater(new Runnable() {
+                        @Override
+                        public void run() {
+                            frame = new JFrame();
+                            component = new JLabel("Test Text");
+                            frame.add(component);
+                            frame.setBounds(100, 100, 100, 100);
+                            frame.setVisible(true);
+                            startSwingLatch.countDown();
+                        }
+                    });
+                }
+            }).start();
+            startSwingLatch.await();
+
+            final AtomicReference<Exception> caughtException = new AtomicReference<>();
+            Thread checkThread = new Thread(getRootThreadGroup(), new Runnable() {
+                @Override
+                public void run() {
+                    try {
+                        component.invalidate();
+                        component.revalidate();
+                        component.repaint(new Rectangle(0, 0, 0, 0));
+                    } catch (Exception e) {
+                        caughtException.set(e);
+                    }
+                }
+            });
+            checkThread.start();
+            checkThread.join();
+
+            if (caughtException.get() != null) {
+                throw new RuntimeException("Failed. Caught exception!", caughtException.get());
+            }
+        } finally {
+            new Thread(swingTG, new Runnable() {
+                @Override
+                public void run() {
+                    SwingUtilities.invokeLater(new Runnable() {
+                        @Override
+                        public void run() {
+                            if (frame != null) {
+                                frame.dispose();
+                            }
+                        }
+                    });
+                }
+            }).start();
+        }
+    }
+
+    private static ThreadGroup getRootThreadGroup() {
+        ThreadGroup currentTG = Thread.currentThread().getThreadGroup();
+        ThreadGroup parentTG = currentTG.getParent();
+        while (parentTG != null) {
+            currentTG = parentTG;
+            parentTG = currentTG.getParent();
+        }
+        return currentTG;
+    }
+}
--- a/test/sun/security/ec/TestEC.java	Fri Aug 15 12:46:02 2014 -0700
+++ b/test/sun/security/ec/TestEC.java	Mon Nov 17 10:12:49 2014 -0800
@@ -30,7 +30,7 @@
  * @library ../pkcs11/sslecc
  * @library ../../../java/security/testlibrary
  * @compile -XDignore.symbol.file TestEC.java
- * @run main TestEC
+ * @run main/othervm TestEC
  */
 
 import java.security.Provider;
@@ -53,6 +53,10 @@
 public class TestEC {
 
     public static void main(String[] args) throws Exception {
+        // reset the security property to make sure that the algorithms
+        // and keys used in this test are not disabled.
+        Security.setProperty("jdk.tls.disabledAlgorithms", "");
+
         ProvidersSnapshot snapshot = ProvidersSnapshot.create();
         try {
             main0(args);
--- a/test/sun/security/pkcs11/sslecc/ClientJSSEServerJSSE.java	Fri Aug 15 12:46:02 2014 -0700
+++ b/test/sun/security/pkcs11/sslecc/ClientJSSEServerJSSE.java	Mon Nov 17 10:12:49 2014 -0800
@@ -28,6 +28,7 @@
  * @author Andreas Sterbenz
  * @library ..
  * @library ../../../../java/security/testlibrary
+ * @run main/othervm ClientJSSEServerJSSE
  */
 
 import java.security.*;
@@ -37,6 +38,10 @@
     private static String[] cmdArgs;
 
     public static void main(String[] args) throws Exception {
+        // reset the security property to make sure that the algorithms
+        // and keys used in this test are not disabled.
+        Security.setProperty("jdk.tls.disabledAlgorithms", "");
+
         cmdArgs = args;
         main(new ClientJSSEServerJSSE());
     }
--- a/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/ProtocolVersion/HttpsProtocols.java	Fri Aug 15 12:46:02 2014 -0700
+++ b/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/ProtocolVersion/HttpsProtocols.java	Mon Nov 17 10:12:49 2014 -0800
@@ -32,6 +32,7 @@
 import java.io.*;
 import java.net.*;
 import javax.net.ssl.*;
+import java.security.Security;
 
 public class HttpsProtocols implements HostnameVerifier {
 
@@ -177,6 +178,10 @@
     volatile Exception clientException = null;
 
     public static void main(String[] args) throws Exception {
+        // reset the security property to make sure that the algorithms
+        // and keys used in this test are not disabled.
+        Security.setProperty("jdk.tls.disabledAlgorithms", "");
+
         String keyFilename =
             System.getProperty("test.src", "./") + "/" + pathToStores +
                 "/" + keyStoreFile;
--- a/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/SSLEngineImpl/DelegatedTaskWrongException.java	Fri Aug 15 12:46:02 2014 -0700
+++ b/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/SSLEngineImpl/DelegatedTaskWrongException.java	Mon Nov 17 10:12:49 2014 -0800
@@ -25,7 +25,7 @@
  * @test
  * @bug 4969459
  * @summary Delegated tasks are not reflecting the subclasses of SSLException
- *
+ * @run main/othervm DelegatedTaskWrongException
  */
 
 import javax.net.ssl.*;
@@ -110,6 +110,9 @@
     }
 
     public static void main(String args[]) throws Exception {
+        // reset the security property to make sure that the algorithms
+        // and keys used in this test are not disabled.
+        Security.setProperty("jdk.tls.disabledAlgorithms", "");
 
         DelegatedTaskWrongException test;
 
--- a/test/sun/security/ssl/javax/net/ssl/NewAPIs/testEnabledProtocols.java	Fri Aug 15 12:46:02 2014 -0700
+++ b/test/sun/security/ssl/javax/net/ssl/NewAPIs/testEnabledProtocols.java	Mon Nov 17 10:12:49 2014 -0800
@@ -122,6 +122,10 @@
     volatile Exception clientException = null;
 
     public static void main(String[] args) throws Exception {
+        // reset the security property to make sure that the algorithms
+        // and keys used in this test are not disabled.
+        Security.setProperty("jdk.tls.disabledAlgorithms", "");
+
         String keyFilename =
             System.getProperty("test.src", "./") + "/" + pathToStores +
                 "/" + keyStoreFile;
--- a/test/sun/security/ssl/sanity/interop/CipherTest.java	Fri Aug 15 12:46:02 2014 -0700
+++ b/test/sun/security/ssl/sanity/interop/CipherTest.java	Mon Nov 17 10:12:49 2014 -0800
@@ -394,6 +394,10 @@
 
     public static void main(PeerFactory peerFactory, String[] args)
             throws Exception {
+        // reset the security property to make sure that the algorithms
+        // and keys used in this test are not disabled.
+        Security.setProperty("jdk.tls.disabledAlgorithms", "");
+
         long time = System.currentTimeMillis();
         String relPath;
         if ((args != null) && (args.length > 0) && args[0].equals("sh")) {
--- a/test/sun/security/ssl/sanity/interop/ClientJSSEServerJSSE.java	Fri Aug 15 12:46:02 2014 -0700
+++ b/test/sun/security/ssl/sanity/interop/ClientJSSEServerJSSE.java	Mon Nov 17 10:12:49 2014 -0800
@@ -29,9 +29,15 @@
  * @run main/othervm/timeout=300 ClientJSSEServerJSSE
  */
 
+import java.security.Security;
+
 public class ClientJSSEServerJSSE {
 
     public static void main(String[] args) throws Exception {
+        // reset the security property to make sure that the algorithms
+        // and keys used in this test are not disabled.
+        Security.setProperty("jdk.tls.disabledAlgorithms", "");
+
         CipherTest.main(new JSSEFactory(), args);
     }