changeset 25991:e48157b42439

Merge
author chegar
date Mon, 18 Aug 2014 10:59:36 +0100
parents d06a6d3c66c0 76e62811f63b
children e9b05e933ddd
files jdk/make/Tools.gmk jdk/make/gendata/Gendata-java.base.gmk jdk/make/src/classes/build/tools/addtorestrictedpkgs/AddToRestrictedPkgs.java jdk/src/java.base/share/classes/java/lang/Class.java jdk/src/java.base/share/classes/java/lang/ClassLoader.java jdk/src/java.base/share/classes/java/lang/StringCoding.java jdk/src/java.base/share/classes/java/lang/System.java jdk/src/java.base/share/classes/java/lang/Throwable.java jdk/src/java.base/share/classes/java/lang/invoke/InnerClassLambdaMetafactory.java jdk/src/java.base/share/classes/java/lang/invoke/InvokerBytecodeGenerator.java jdk/src/java.base/share/classes/java/lang/invoke/Invokers.java jdk/src/java.base/share/classes/java/lang/invoke/MemberName.java jdk/src/java.base/share/classes/java/lang/invoke/MethodHandle.java jdk/src/java.base/share/classes/java/lang/invoke/MethodHandleImpl.java jdk/src/java.base/share/classes/java/lang/invoke/MethodHandleNatives.java jdk/src/java.base/share/classes/java/lang/reflect/AccessibleObject.java jdk/src/java.base/share/classes/java/lang/reflect/Constructor.java jdk/src/java.base/share/classes/java/lang/reflect/Executable.java jdk/src/java.base/share/classes/java/lang/reflect/Parameter.java jdk/src/java.base/share/classes/java/security/SecureRandom.java jdk/src/java.base/share/classes/java/time/Duration.java jdk/src/java.base/share/classes/java/time/Period.java jdk/src/java.base/share/classes/java/util/JapaneseImperialCalendar.java jdk/src/java.base/share/classes/java/util/StringJoiner.java jdk/src/java.base/share/classes/sun/util/calendar/Era.java jdk/src/java.base/share/classes/sun/util/calendar/LocalGregorianCalendar.java jdk/src/java.base/share/conf/calendars.properties jdk/src/java.base/share/conf/security/java.security jdk/src/java.base/share/conf/security/java.security-aix jdk/src/java.base/share/conf/security/java.security-linux jdk/src/java.base/share/conf/security/java.security-macosx jdk/src/java.base/share/conf/security/java.security-solaris jdk/src/java.base/share/conf/security/java.security-windows jdk/src/java.base/unix/native/libjava/UNIXProcess_md.c jdk/src/java.prefs/macosx/native/libprefs/MacOSXPreferencesFile.m jdk/src/java.smartcardio/share/classes/sun/security/smartcardio/CardImpl.java jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/BaseRowSet.java jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/CachedRowSet.java jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/FilteredRowSet.java jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/JoinRowSet.java jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/Predicate.java jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/RowSetMetaDataImpl.java jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/RowSetProvider.java jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/RowSetWarning.java jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/WebRowSet.java jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/package.html jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/serial/SerialArray.java jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/serial/SerialBlob.java jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/serial/SerialClob.java jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/serial/SerialDatalink.java jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/serial/SerialRef.java jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/serial/package.html jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/spi/SyncFactory.java jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/spi/SyncProvider.java jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/spi/package.html jdk/src/java.sql/share/classes/java/sql/Array.java jdk/src/java.sql/share/classes/java/sql/BatchUpdateException.java jdk/src/java.sql/share/classes/java/sql/CallableStatement.java jdk/src/java.sql/share/classes/java/sql/Connection.java jdk/src/java.sql/share/classes/java/sql/DatabaseMetaData.java jdk/src/java.sql/share/classes/java/sql/NClob.java jdk/src/java.sql/share/classes/java/sql/PreparedStatement.java jdk/src/java.sql/share/classes/java/sql/SQLException.java jdk/src/java.sql/share/classes/java/sql/SQLPermission.java jdk/src/java.sql/share/classes/java/sql/SQLXML.java jdk/src/java.sql/share/classes/java/sql/Timestamp.java jdk/src/java.sql/share/classes/java/sql/Types.java jdk/src/java.sql/share/classes/javax/sql/RowSet.java jdk/test/sun/tools/jps/jps-Defaults.sh jdk/test/sun/tools/jps/jps-V_2.sh jdk/test/sun/tools/jps/jps-V_Output2.awk jdk/test/sun/tools/jps/jps-Vm_2.sh jdk/test/sun/tools/jps/jps-Vm_Output2.awk jdk/test/sun/tools/jps/jps-Vvm.sh jdk/test/sun/tools/jps/jps-Vvm_Output1.awk jdk/test/sun/tools/jps/jps-Vvml.sh jdk/test/sun/tools/jps/jps-Vvml_2.sh jdk/test/sun/tools/jps/jps-Vvml_Output1.awk jdk/test/sun/tools/jps/jps-Vvml_Output2.awk jdk/test/sun/tools/jps/jps-help.sh jdk/test/sun/tools/jps/jps-l_1.sh jdk/test/sun/tools/jps/jps-l_2.sh jdk/test/sun/tools/jps/jps-l_Output1.awk jdk/test/sun/tools/jps/jps-l_Output2.awk jdk/test/sun/tools/jps/jps-lm.sh jdk/test/sun/tools/jps/jps-lm_Output1.awk jdk/test/sun/tools/jps/jps-m.sh jdk/test/sun/tools/jps/jps-m_2.sh jdk/test/sun/tools/jps/jps-m_Output1.awk jdk/test/sun/tools/jps/jps-m_Output2.awk jdk/test/sun/tools/jps/jps-q.sh jdk/test/sun/tools/jps/jps-q_Output1.awk jdk/test/sun/tools/jps/jps-v_1.sh jdk/test/sun/tools/jps/jps-v_Output1.awk jdk/test/sun/tools/jps/jps-vm_1.sh jdk/test/sun/tools/jps/jps-vm_Output1.awk jdk/test/sun/tools/jps/jps_Output1.awk jdk/test/sun/tools/jps/vmflags
diffstat 128 files changed, 3889 insertions(+), 4524 deletions(-) [+]
line wrap: on
line diff
--- a/jdk/make/Tools.gmk	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/make/Tools.gmk	Mon Aug 18 10:59:36 2014 +0100
@@ -101,6 +101,9 @@
 TOOL_BLACKLISTED_CERTS = $(JAVA_SMALL) -cp $(JDK_OUTPUTDIR)/btclasses \
     build.tools.blacklistedcertsconverter.BlacklistedCertsConverter
 
+TOOL_MAKEJAVASECURITY = $(JAVA_SMALL) -cp $(JDK_OUTPUTDIR)/btclasses \
+    build.tools.makejavasecurity.MakeJavaSecurity
+
 
 # TODO: There are references to the jdwpgen.jar in jdk/make/netbeans/jdwpgen/build.xml
 # and nbproject/project.properties in the same dir. Needs to be looked at.
@@ -136,9 +139,6 @@
     -cp "$(JDK_OUTPUTDIR)/btclasses$(PATH_SEP)$(JDK_OUTPUTDIR)" \
     build.tools.module.GenerateModulesXml
 
-TOOL_ADDTORESTRICTEDPKGS = $(JAVA_SMALL) -cp $(JDK_OUTPUTDIR)/btclasses \
-    build.tools.addtorestrictedpkgs.AddToRestrictedPkgs
-
 ##########################################################################################
 
 # Tools needed on solaris because OBJCOPY is broken.
--- a/jdk/make/gendata/Gendata-java.base.gmk	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/make/gendata/Gendata-java.base.gmk	Mon Aug 18 10:59:36 2014 +0100
@@ -62,25 +62,18 @@
 
 ##########################################################################################
 
-PROPS_SRC := $(JDK_TOPDIR)/src/java.base/share/conf/security/java.security-$(OPENJDK_TARGET_OS)
-PROPS_DST := $(JDK_OUTPUTDIR)/lib/security/java.security
-
-# Optionally set this variable to a file to add extra restricted packages.
-ifneq ($(RESTRICTED_PKGS_SRC), )
-
-  $(PROPS_DST): $(PROPS_SRC) $(RESTRICTED_PKGS_SRC)
+GENDATA_JAVA_SECURITY_SRC := $(JDK_TOPDIR)/src/java.base/share/conf/security/java.security
+GENDATA_JAVA_SECURITY := $(JDK_OUTPUTDIR)/lib/security/java.security
+ 
+# RESTRICTED_PKGS_SRC is optionally set in custom extension for this makefile
+ 
+$(GENDATA_JAVA_SECURITY): $(BUILD_TOOLS) $(GENDATA_JAVA_SECURITY_SRC) $(RESTRICTED_PKGS_SRC)
+	$(ECHO) "Generating java.security"
 	$(MKDIR) -p $(@D)
-	$(TOOL_ADDTORESTRICTEDPKGS) $(PROPS_SRC) $@.tmp `$(CAT) $(RESTRICTED_PKGS_SRC) | $(TR) "\n" " "`
-	$(MV) $@.tmp $@
-
-else
-
-  $(PROPS_DST): $(PROPS_SRC)
-	$(call install-file)
-
-endif
-
-GENDATA += $(PROPS_DST)
+	$(TOOL_MAKEJAVASECURITY) $(GENDATA_JAVA_SECURITY_SRC) $@ $(OPENJDK_TARGET_OS) \
+		$(RESTRICTED_PKGS_SRC) || exit 1
+ 
+GENDATA += $(GENDATA_JAVA_SECURITY)
 
 ##########################################################################################
 
--- a/jdk/make/src/classes/build/tools/addtorestrictedpkgs/AddToRestrictedPkgs.java	Wed Jul 05 19:56:33 2017 +0200
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,105 +0,0 @@
-/*
- * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-package build.tools.addtorestrictedpkgs;
-
-import java.io.*;
-
-/**
- * Adds additional packages to the package.access and package.definition
- * security properties.
- */
-public class AddToRestrictedPkgs {
-
-    private static final String PKG_ACC = "package.access";
-    private static final String PKG_DEF = "package.definition";
-    private static final int PKG_ACC_INDENT = 15;
-    private static final int PKG_DEF_INDENT = 19;
-
-    public static void main(String[] args) throws Exception {
-
-        if (args.length < 3) {
-            System.err.println("Usage: java AddToRestrictedPkgs " +
-                               "[input java.security file name] " +
-                               "[output java.security file name] " +
-                               "[packages ...]");
-            System.exit(1);
-        }
-
-        try (FileReader fr = new FileReader(args[0]);
-             BufferedReader br = new BufferedReader(fr);
-             FileWriter fw = new FileWriter(args[1]);
-             BufferedWriter bw = new BufferedWriter(fw))
-        {
-            // parse the file line-by-line, looking for pkg access properties
-            String line = br.readLine();
-            while (line != null) {
-                if (line.startsWith(PKG_ACC)) {
-                    writePackages(br, bw, line, PKG_ACC_INDENT, args);
-                } else if (line.startsWith(PKG_DEF)) {
-                    writePackages(br, bw, line, PKG_DEF_INDENT, args);
-                } else {
-                    writeLine(bw, line);
-                }
-                line = br.readLine();
-            }
-            bw.flush();
-        }
-    }
-
-    private static void writePackages(BufferedReader br, BufferedWriter bw,
-                                      String line, int numSpaces,
-                                      String[] args) throws IOException {
-        // parse property until EOL, not including line breaks
-        while (line.endsWith("\\")) {
-            writeLine(bw, line);
-            line = br.readLine();
-        }
-        // append comma and line-break to last package
-        writeLine(bw, line + ",\\");
-        // add new packages, one per line
-        for (int i = 2; i < args.length - 1; i++) {
-            indent(bw, numSpaces);
-            writeLine(bw, args[i] + ",\\");
-        }
-        indent(bw, numSpaces);
-        writeLine(bw, args[args.length - 1]);
-    }
-
-    private static void writeLine(BufferedWriter bw, String line)
-        throws IOException
-    {
-        bw.write(line);
-        bw.newLine();
-    }
-
-    private static void indent(BufferedWriter bw, int numSpaces)
-        throws IOException
-    {
-        for (int i = 0; i < numSpaces; i++) {
-            bw.append(' ');
-        }
-    }
-}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/make/src/classes/build/tools/makejavasecurity/MakeJavaSecurity.java	Mon Aug 18 10:59:36 2014 +0100
@@ -0,0 +1,168 @@
+/*
+ * Copyright (c) 2013, 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package build.tools.makejavasecurity;
+
+import java.io.*;
+import java.nio.file.Files;
+import java.nio.file.Paths;
+import java.util.*;
+
+/**
+ * Builds the java.security file, including
+ *
+ * 1. Adds additional packages to the package.access and
+ *    package.definition security properties.
+ * 2. Filter out platform-unrelated parts
+ *
+ * In order to easily maintain platform-related entries, every item
+ * (including the last line) in package.access and package.definition
+ * MUST end with ',\'. A blank line MUST exist after the last line.
+ */
+public class MakeJavaSecurity {
+
+    private static final String PKG_ACC = "package.access";
+    private static final String PKG_DEF = "package.definition";
+    private static final int PKG_ACC_INDENT = 15;
+    private static final int PKG_DEF_INDENT = 19;
+
+    public static void main(String[] args) throws Exception {
+
+        if (args.length < 3) {
+            System.err.println("Usage: java MakeJavaSecurity " +
+                               "[input java.security file name] " +
+                               "[output java.security file name] " +
+                               "[openjdk target os] " +
+                               "[more restricted packages file name?]");
+            System.exit(1);
+        }
+
+        // more restricted packages
+        List<String> extraLines;
+        if (args.length == 4) {
+            extraLines = Files.readAllLines(Paths.get(args[3]));
+        } else {
+            extraLines = Collections.emptyList();
+        }
+
+        List<String> lines = new ArrayList<>();
+
+        // read raw java.security and add more restricted packages
+        try (FileReader fr = new FileReader(args[0]);
+                BufferedReader br = new BufferedReader(fr)) {
+            // looking for pkg access properties
+            String line = br.readLine();
+            while (line != null) {
+                if (line.startsWith(PKG_ACC)) {
+                    addPackages(br, lines, line, PKG_ACC_INDENT, extraLines);
+                } else if (line.startsWith(PKG_DEF)) {
+                    addPackages(br, lines, line, PKG_DEF_INDENT, extraLines);
+                } else {
+                    lines.add(line);
+                }
+                line = br.readLine();
+            }
+        }
+
+        // Filter out platform-unrelated ones. We only support
+        // #ifdef, #ifndef, and #endif.
+        int mode = 0;   // 0: out of block, 1: in match, 2: in non-match
+        Iterator<String> iter = lines.iterator();
+        while (iter.hasNext()) {
+            String line = iter.next();
+            if (line.startsWith("#endif")) {
+                mode = 0;
+                iter.remove();
+            } else if (line.startsWith("#ifdef ")) {
+                mode = line.endsWith(args[2])?1:2;
+                iter.remove();
+            } else if (line.startsWith("#ifndef ")) {
+                mode = line.endsWith(args[2])?2:1;
+                iter.remove();
+            } else {
+                if (mode == 2) iter.remove();
+            }
+        }
+
+        // Update .tbd to .1, .2, etc.
+        Map<String,Integer> count = new HashMap<>();
+        for (int i=0; i<lines.size(); i++) {
+            String line = lines.get(i);
+            int index = line.indexOf(".tbd");
+            if (index >= 0) {
+                String prefix = line.substring(0, index);
+                int n = count.getOrDefault(prefix, 1);
+                count.put(prefix, n+1);
+                lines.set(i, prefix + "." + n + line.substring(index+4));
+            }
+        }
+
+        // Clean up the last line of PKG_ACC and PKG_DEF blocks.
+        // Not really necessary since a blank line follows.
+        boolean inBlock = false;
+        for (int i=0; i<lines.size(); i++) {
+            String line = lines.get(i);
+            if (line.startsWith(PKG_ACC) || line.startsWith(PKG_DEF)) {
+                inBlock = true;
+            }
+            if (inBlock) {
+                if (line.isEmpty()) {
+                    String lastLine = lines.get(i-1);
+                    lines.set(i-1, lastLine.substring(0, lastLine.length()-2));
+                    inBlock = false;
+                }
+            }
+        }
+
+        Files.write(Paths.get(args[1]), lines);
+    }
+
+    private static void addPackages(BufferedReader br, List<String> lines,
+                                    String line, int numSpaces,
+                                    List<String> args) throws IOException {
+        // parse property until EOL, not including line breaks
+        boolean first = true;
+        while (!line.isEmpty()) {
+            if (!line.startsWith("#")) {
+                if (!line.endsWith(",\\") ||
+                        (!first && line.contains("="))) {
+                    throw new IOException("Invalid line: " + line);
+                }
+            }
+            lines.add(line);
+            line = br.readLine();
+            first = false;
+        }
+        // add new packages, one per line
+        for (String arg: args) {
+            if (arg.startsWith("#")) {
+                lines.add(arg);
+            } else {
+                lines.add(String.format("%"+numSpaces+"s", "") + arg + ",\\");
+            }
+        }
+        lines.add(line);
+    }
+}
--- a/jdk/src/java.base/share/classes/java/lang/Class.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.base/share/classes/java/lang/Class.java	Mon Aug 18 10:59:36 2014 +0100
@@ -1322,7 +1322,7 @@
         // (for anonymous classes): 1 or more digits.
 
         // Since getSimpleBinaryName() will strip the binary name of
-        // the immediatly enclosing class, we are now looking at a
+        // the immediately enclosing class, we are now looking at a
         // string that matches the regular expression "\$[0-9]*"
         // followed by a simple name (considering the simple of an
         // anonymous class to be the empty string).
--- a/jdk/src/java.base/share/classes/java/lang/ClassLoader.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.base/share/classes/java/lang/ClassLoader.java	Mon Aug 18 10:59:36 2014 +0100
@@ -205,7 +205,7 @@
         }
 
         /**
-         * Registers the given class loader type as parallel capabale.
+         * Registers the given class loader type as parallel capable.
          * Returns {@code true} is successfully registered; {@code false} if
          * loader's super class is not registered.
          */
@@ -832,7 +832,7 @@
     {
         int len = b.remaining();
 
-        // Use byte[] if not a direct ByteBufer:
+        // Use byte[] if not a direct ByteBuffer:
         if (!b.isDirect()) {
             if (b.hasArray()) {
                 return defineClass(name, b.array(),
--- a/jdk/src/java.base/share/classes/java/lang/StringCoding.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.base/share/classes/java/lang/StringCoding.java	Mon Aug 18 10:59:36 2014 +0100
@@ -196,19 +196,19 @@
     static char[] decode(Charset cs, byte[] ba, int off, int len) {
         // (1)We never cache the "external" cs, the only benefit of creating
         // an additional StringDe/Encoder object to wrap it is to share the
-        // de/encode() method. These SD/E objects are short-lifed, the young-gen
-        // gc should be able to take care of them well. But the best approash
+        // de/encode() method. These SD/E objects are short-lived, the young-gen
+        // gc should be able to take care of them well. But the best approach
         // is still not to generate them if not really necessary.
         // (2)The defensive copy of the input byte/char[] has a big performance
         // impact, as well as the outgoing result byte/char[]. Need to do the
         // optimization check of (sm==null && classLoader0==null) for both.
         // (3)getClass().getClassLoader0() is expensive
         // (4)There might be a timing gap in isTrusted setting. getClassLoader0()
-        // is only chcked (and then isTrusted gets set) when (SM==null). It is
+        // is only checked (and then isTrusted gets set) when (SM==null). It is
         // possible that the SM==null for now but then SM is NOT null later
         // when safeTrim() is invoked...the "safe" way to do is to redundant
         // check (... && (isTrusted || SM == null || getClassLoader0())) in trim
-        // but it then can be argued that the SM is null when the opertaion
+        // but it then can be argued that the SM is null when the operation
         // is started...
         CharsetDecoder cd = cs.newDecoder();
         int en = scale(len, cd.maxCharsPerByte());
--- a/jdk/src/java.base/share/classes/java/lang/System.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.base/share/classes/java/lang/System.java	Mon Aug 18 10:59:36 2014 +0100
@@ -1193,7 +1193,7 @@
         // Setup Java signal handlers for HUP, TERM, and INT (where available).
         Terminator.setup();
 
-        // Initialize any miscellenous operating system settings that need to be
+        // Initialize any miscellaneous operating system settings that need to be
         // set for the class libraries. Currently this is no-op everywhere except
         // for Windows where the process-wide error mode is set before the java.io
         // classes are used.
--- a/jdk/src/java.base/share/classes/java/lang/Throwable.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.base/share/classes/java/lang/Throwable.java	Mon Aug 18 10:59:36 2014 +0100
@@ -139,7 +139,7 @@
          * {@linkplain #setStackTrace(StackTraceElement[]) Setting the
          * stack trace} to a one-element array containing this sentinel
          * value indicates future attempts to set the stack trace will be
-         * ignored.  The sentinal is equal to the result of calling:<br>
+         * ignored.  The sentinel is equal to the result of calling:<br>
          * {@code new StackTraceElement("", "", null, Integer.MIN_VALUE)}
          */
         public static final StackTraceElement STACK_TRACE_ELEMENT_SENTINEL =
--- a/jdk/src/java.base/share/classes/java/lang/invoke/InnerClassLambdaMetafactory.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.base/share/classes/java/lang/invoke/InnerClassLambdaMetafactory.java	Mon Aug 18 10:59:36 2014 +0100
@@ -98,7 +98,7 @@
     private final String implMethodClassName;        // Name of type containing implementation "CC"
     private final String implMethodName;             // Name of implementation method "impl"
     private final String implMethodDesc;             // Type descriptor for implementation methods "(I)Ljava/lang/String;"
-    private final Class<?> implMethodReturnClass;    // class for implementaion method return type "Ljava/lang/String;"
+    private final Class<?> implMethodReturnClass;    // class for implementation method return type "Ljava/lang/String;"
     private final MethodType constructorType;        // Generated class constructor type "(CC)void"
     private final ClassWriter cw;                    // ASM class writer
     private final String[] argNames;                 // Generated names for the constructor arguments
--- a/jdk/src/java.base/share/classes/java/lang/invoke/InvokerBytecodeGenerator.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.base/share/classes/java/lang/invoke/InvokerBytecodeGenerator.java	Mon Aug 18 10:59:36 2014 +0100
@@ -209,7 +209,7 @@
             throw new InternalError("observed CP placeholder twice: " + cpPlaceholder);
         }
         // insert placeholder in CP and remember the patch
-        int index = cw.newConst((Object) cpPlaceholder);  // TODO check if aready in the constant pool
+        int index = cw.newConst((Object) cpPlaceholder);  // TODO check if already in the constant pool
         cpPatches.put(cpPlaceholder, new CpPatch(index, cpPlaceholder, arg));
         return cpPlaceholder;
     }
--- a/jdk/src/java.base/share/classes/java/lang/invoke/Invokers.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.base/share/classes/java/lang/invoke/Invokers.java	Mon Aug 18 10:59:36 2014 +0100
@@ -37,7 +37,7 @@
  * @author jrose
  */
 class Invokers {
-    // exact type (sans leading taget MH) for the outgoing call
+    // exact type (sans leading target MH) for the outgoing call
     private final MethodType targetType;
 
     // FIXME: Get rid of the invokers that are not useful.
--- a/jdk/src/java.base/share/classes/java/lang/invoke/MemberName.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.base/share/classes/java/lang/invoke/MemberName.java	Mon Aug 18 10:59:36 2014 +0100
@@ -59,7 +59,7 @@
  * and properly use the named member.
  * <p>
  * When resolved, a member name's internal implementation may include references to JVM metadata.
- * This representation is stateless and only decriptive.
+ * This representation is stateless and only descriptive.
  * It provides no private information and no capability to use the member.
  * <p>
  * By contrast, a {@linkplain java.lang.reflect.Method} contains fuller information
--- a/jdk/src/java.base/share/classes/java/lang/invoke/MethodHandle.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.base/share/classes/java/lang/invoke/MethodHandle.java	Mon Aug 18 10:59:36 2014 +0100
@@ -679,7 +679,7 @@
      * This method provides the crucial behavioral difference between
      * {@link #invokeExact invokeExact} and plain, inexact {@link #invoke invoke}.
      * The two methods
-     * perform the same steps when the caller's type descriptor exactly m atches
+     * perform the same steps when the caller's type descriptor exactly matches
      * the callee's, but when the types differ, plain {@link #invoke invoke}
      * also calls {@code asType} (or some internal equivalent) in order
      * to match up the caller's and callee's types.
--- a/jdk/src/java.base/share/classes/java/lang/invoke/MethodHandleImpl.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.base/share/classes/java/lang/invoke/MethodHandleImpl.java	Mon Aug 18 10:59:36 2014 +0100
@@ -621,7 +621,7 @@
     }
 
     /**
-     * The LambaForm shape for catchException combinator is the following:
+     * The LambdaForm shape for catchException combinator is the following:
      * <blockquote><pre>{@code
      *  guardWithCatch=Lambda(a0:L,a1:L,a2:L)=>{
      *    t3:L=BoundMethodHandle$Species_LLLLL.argL0(a0:L);
@@ -702,7 +702,7 @@
         MethodType type = target.type();
         LambdaForm form = makeGuardWithCatchForm(type.basicType());
 
-        // Prepare auxiliary method handles used during LambdaForm interpreation.
+        // Prepare auxiliary method handles used during LambdaForm interpretation.
         // Box arguments and wrap them into Object[]: ValueConversions.array().
         MethodType varargsType = type.changeReturnType(Object[].class);
         MethodHandle collectArgs = ValueConversions.varargsArray(type.parameterCount())
--- a/jdk/src/java.base/share/classes/java/lang/invoke/MethodHandleNatives.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.base/share/classes/java/lang/invoke/MethodHandleNatives.java	Mon Aug 18 10:59:36 2014 +0100
@@ -509,7 +509,7 @@
 
     /**
      * Is this method a caller-sensitive method?
-     * I.e., does it call Reflection.getCallerClass or a similer method
+     * I.e., does it call Reflection.getCallerClass or a similar method
      * to ask about the identity of its caller?
      */
     static boolean isCallerSensitive(MemberName mem) {
--- a/jdk/src/java.base/share/classes/java/lang/reflect/AccessibleObject.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.base/share/classes/java/lang/reflect/AccessibleObject.java	Mon Aug 18 10:59:36 2014 +0100
@@ -78,7 +78,7 @@
      * object is a {@link Constructor} object for the class {@link
      * java.lang.Class}).  In the event of such a SecurityException, the
      * accessibility of objects is set to {@code flag} for array elements
-     * upto (and excluding) the element for which the exception occurred; the
+     * up to (and excluding) the element for which the exception occurred; the
      * accessibility of elements beyond (and including) the element for which
      * the exception occurred is unchanged.
      *
--- a/jdk/src/java.base/share/classes/java/lang/reflect/Constructor.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.base/share/classes/java/lang/reflect/Constructor.java	Mon Aug 18 10:59:36 2014 +0100
@@ -544,15 +544,33 @@
      */
     @Override
     public AnnotatedType getAnnotatedReceiverType() {
-        if (getDeclaringClass().getEnclosingClass() == null)
-            return super.getAnnotatedReceiverType();
+        Class<?> thisDeclClass = getDeclaringClass();
+        Class<?> enclosingClass = thisDeclClass.getEnclosingClass();
 
+        if (enclosingClass == null) {
+            // A Constructor for a top-level class
+            return null;
+        }
+
+        Class<?> outerDeclaringClass = thisDeclClass.getDeclaringClass();
+        if (outerDeclaringClass == null) {
+            // A constructor for a local or anonymous class
+            return null;
+        }
+
+        // Either static nested or inner class
+        if (Modifier.isStatic(thisDeclClass.getModifiers())) {
+            // static nested
+            return null;
+        }
+
+        // A Constructor for an inner class
         return TypeAnnotationParser.buildAnnotatedType(getTypeAnnotationBytes0(),
                 sun.misc.SharedSecrets.getJavaLangAccess().
-                        getConstantPool(getDeclaringClass()),
+                    getConstantPool(thisDeclClass),
                 this,
-                getDeclaringClass(),
-                getDeclaringClass().getEnclosingClass(),
+                thisDeclClass,
+                enclosingClass,
                 TypeAnnotation.TypeAnnotationTarget.METHOD_RECEIVER);
     }
 }
--- a/jdk/src/java.base/share/classes/java/lang/reflect/Executable.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.base/share/classes/java/lang/reflect/Executable.java	Mon Aug 18 10:59:36 2014 +0100
@@ -585,21 +585,24 @@
     /**
      * Returns an {@code AnnotatedType} object that represents the use of a
      * type to specify the receiver type of the method/constructor represented
-     * by this Executable object. The receiver type of a method/constructor is
-     * available only if the method/constructor has a <em>receiver
-     * parameter</em> (JLS 8.4.1).
+     * by this {@code Executable} object.
      *
-     * If this {@code Executable} object represents a constructor or instance
-     * method that does not have a receiver parameter, or has a receiver
-     * parameter with no annotations on its type, then the return value is an
-     * {@code AnnotatedType} object representing an element with no
+     * The receiver type of a method/constructor is available only if the
+     * method/constructor has a receiver parameter (JLS 8.4.1). If this {@code
+     * Executable} object <em>represents an instance method or represents a
+     * constructor of an inner member class</em>, and the
+     * method/constructor <em>either</em> has no receiver parameter or has a
+     * receiver parameter with no annotations on its type, then the return
+     * value is an {@code AnnotatedType} object representing an element with no
      * annotations.
      *
-     * If this {@code Executable} object represents a static method, then the
-     * return value is null.
+     * If this {@code Executable} object represents a static method or
+     * represents a constructor of a top level, static member, local, or
+     * anoymous class, then the return value is null.
      *
      * @return an object representing the receiver type of the method or
-     * constructor represented by this {@code Executable}
+     * constructor represented by this {@code Executable} or {@code null} if
+     * this {@code Executable} can not have a receiver parameter
      */
     public AnnotatedType getAnnotatedReceiverType() {
         if (Modifier.isStatic(this.getModifiers()))
--- a/jdk/src/java.base/share/classes/java/lang/reflect/Parameter.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.base/share/classes/java/lang/reflect/Parameter.java	Mon Aug 18 10:59:36 2014 +0100
@@ -173,7 +173,7 @@
      *         a name.
      */
     public String getName() {
-        // Note: empty strings as paramete names are now outlawed.
+        // Note: empty strings as parameter names are now outlawed.
         // The .equals("") is for compatibility with current JVM
         // behavior.  It may be removed at some point.
         if(name == null || name.equals(""))
--- a/jdk/src/java.base/share/classes/java/security/SecureRandom.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.base/share/classes/java/security/SecureRandom.java	Mon Aug 18 10:59:36 2014 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -39,15 +39,16 @@
  *
  * <p>A cryptographically strong random number
  * minimally complies with the statistical random number generator tests
- * specified in <a href="http://csrc.nist.gov/cryptval/140-2.htm">
+ * specified in
+ * <a href="http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf">
  * <i>FIPS 140-2, Security Requirements for Cryptographic Modules</i></a>,
  * section 4.9.1.
  * Additionally, SecureRandom must produce non-deterministic output.
  * Therefore any seed material passed to a SecureRandom object must be
  * unpredictable, and all SecureRandom output sequences must be
  * cryptographically strong, as described in
- * <a href="http://www.ietf.org/rfc/rfc1750.txt">
- * <i>RFC 1750: Randomness Recommendations for Security</i></a>.
+ * <a href="http://tools.ietf.org/html/rfc4086">
+ * <i>RFC 4086: Randomness Requirements for Security</i></a>.
  *
  * <p>A caller obtains a SecureRandom instance via the
  * no-argument constructor or one of the {@code getInstance} methods:
--- a/jdk/src/java.base/share/classes/java/time/Duration.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.base/share/classes/java/time/Duration.java	Mon Aug 18 10:59:36 2014 +0100
@@ -388,19 +388,21 @@
         Matcher matcher = PATTERN.matcher(text);
         if (matcher.matches()) {
             // check for letter T but no time sections
-            if ("T".equals(matcher.group(3)) == false) {
-                boolean negate = "-".equals(matcher.group(1));
-                String dayMatch = matcher.group(2);
-                String hourMatch = matcher.group(4);
-                String minuteMatch = matcher.group(5);
-                String secondMatch = matcher.group(6);
-                String fractionMatch = matcher.group(7);
-                if (dayMatch != null || hourMatch != null || minuteMatch != null || secondMatch != null) {
-                    long daysAsSecs = parseNumber(text, dayMatch, SECONDS_PER_DAY, "days");
-                    long hoursAsSecs = parseNumber(text, hourMatch, SECONDS_PER_HOUR, "hours");
-                    long minsAsSecs = parseNumber(text, minuteMatch, SECONDS_PER_MINUTE, "minutes");
-                    long seconds = parseNumber(text, secondMatch, 1, "seconds");
-                    int nanos = parseFraction(text,  fractionMatch, seconds < 0 ? -1 : 1);
+            if (!charMatch(text, matcher.start(3), matcher.end(3), 'T')) {
+                boolean negate = charMatch(text, matcher.start(1), matcher.end(1), '-');
+
+                int dayStart = matcher.start(2), dayEnd = matcher.end(2);
+                int hourStart = matcher.start(4), hourEnd = matcher.end(4);
+                int minuteStart = matcher.start(5), minuteEnd = matcher.end(5);
+                int secondStart = matcher.start(6), secondEnd = matcher.end(6);
+                int fractionStart = matcher.start(7), fractionEnd = matcher.end(7);
+
+                if (dayStart >= 0 || hourStart >= 0 || minuteStart >= 0 || secondStart >= 0) {
+                    long daysAsSecs = parseNumber(text, dayStart, dayEnd, SECONDS_PER_DAY, "days");
+                    long hoursAsSecs = parseNumber(text, hourStart, hourEnd, SECONDS_PER_HOUR, "hours");
+                    long minsAsSecs = parseNumber(text, minuteStart, minuteEnd, SECONDS_PER_MINUTE, "minutes");
+                    long seconds = parseNumber(text, secondStart, secondEnd, 1, "seconds");
+                    int nanos = parseFraction(text, fractionStart, fractionEnd, seconds < 0 ? -1 : 1);
                     try {
                         return create(negate, daysAsSecs, hoursAsSecs, minsAsSecs, seconds, nanos);
                     } catch (ArithmeticException ex) {
@@ -412,27 +414,37 @@
         throw new DateTimeParseException("Text cannot be parsed to a Duration", text, 0);
     }
 
-    private static long parseNumber(CharSequence text, String parsed, int multiplier, String errorText) {
+    private static boolean charMatch(CharSequence text, int start, int end, char c) {
+        return (start >= 0 && end == start + 1 && text.charAt(start) == c);
+    }
+
+    private static long parseNumber(CharSequence text, int start, int end, int multiplier, String errorText) {
         // regex limits to [-+]?[0-9]+
-        if (parsed == null) {
+        if (start < 0 || end < 0) {
             return 0;
         }
         try {
-            long val = Long.parseLong(parsed);
+            long val = Long.parseLong(text, 10, start, end);
             return Math.multiplyExact(val, multiplier);
         } catch (NumberFormatException | ArithmeticException ex) {
             throw (DateTimeParseException) new DateTimeParseException("Text cannot be parsed to a Duration: " + errorText, text, 0).initCause(ex);
         }
     }
 
-    private static int parseFraction(CharSequence text, String parsed, int negate) {
+    private static int parseFraction(CharSequence text, int start, int end, int negate) {
         // regex limits to [0-9]{0,9}
-        if (parsed == null || parsed.length() == 0) {
+        if (start < 0 || end < 0 || end - start == 0) {
             return 0;
         }
         try {
-            parsed = (parsed + "000000000").substring(0, 9);
-            return Integer.parseInt(parsed) * negate;
+            int fraction = Integer.parseInt(text, 10, start, end);
+
+            // for number strings smaller than 9 digits, interpret as if there
+            // were trailing zeros
+            for (int i = end - start; i < 9; i++) {
+                fraction *= 10;
+            }
+            return fraction * negate;
         } catch (NumberFormatException | ArithmeticException ex) {
             throw (DateTimeParseException) new DateTimeParseException("Text cannot be parsed to a Duration: fraction", text, 0).initCause(ex);
         }
--- a/jdk/src/java.base/share/classes/java/time/Period.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.base/share/classes/java/time/Period.java	Mon Aug 18 10:59:36 2014 +0100
@@ -329,17 +329,17 @@
         Objects.requireNonNull(text, "text");
         Matcher matcher = PATTERN.matcher(text);
         if (matcher.matches()) {
-            int negate = ("-".equals(matcher.group(1)) ? -1 : 1);
-            String yearMatch = matcher.group(2);
-            String monthMatch = matcher.group(3);
-            String weekMatch = matcher.group(4);
-            String dayMatch = matcher.group(5);
-            if (yearMatch != null || monthMatch != null || dayMatch != null || weekMatch != null) {
+            int negate = (charMatch(text, matcher.start(1), matcher.end(1), '-') ? -1 : 1);
+            int yearStart = matcher.start(2), yearEnd = matcher.end(2);
+            int monthStart = matcher.start(3), monthEnd = matcher.end(3);
+            int weekStart = matcher.start(4), weekEnd = matcher.end(4);
+            int dayStart = matcher.start(5), dayEnd = matcher.end(5);
+            if (yearStart >= 0 || monthStart >= 0 || weekStart >= 0 || dayStart >= 0) {
                 try {
-                    int years = parseNumber(text, yearMatch, negate);
-                    int months = parseNumber(text, monthMatch, negate);
-                    int weeks = parseNumber(text, weekMatch, negate);
-                    int days = parseNumber(text, dayMatch, negate);
+                    int years = parseNumber(text, yearStart, yearEnd, negate);
+                    int months = parseNumber(text, monthStart, monthEnd, negate);
+                    int weeks = parseNumber(text, weekStart, weekEnd, negate);
+                    int days = parseNumber(text, dayStart, dayEnd, negate);
                     days = Math.addExact(days, Math.multiplyExact(weeks, 7));
                     return create(years, months, days);
                 } catch (NumberFormatException ex) {
@@ -350,11 +350,15 @@
         throw new DateTimeParseException("Text cannot be parsed to a Period", text, 0);
     }
 
-    private static int parseNumber(CharSequence text, String str, int negate) {
-        if (str == null) {
+    private static boolean charMatch(CharSequence text, int start, int end, char c) {
+        return (start >= 0 && end == start + 1 && text.charAt(start) == c);
+    }
+
+    private static int parseNumber(CharSequence text, int start, int end, int negate) {
+        if (start < 0 || end < 0) {
             return 0;
         }
-        int val = Integer.parseInt(str);
+        int val = Integer.parseInt(text, 10, start, end);
         try {
             return Math.multiplyExact(val, negate);
         } catch (ArithmeticException ex) {
--- a/jdk/src/java.base/share/classes/java/util/JapaneseImperialCalendar.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.base/share/classes/java/util/JapaneseImperialCalendar.java	Mon Aug 18 10:59:36 2014 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -38,20 +38,20 @@
 import sun.util.calendar.ZoneInfo;
 
 /**
- * <code>JapaneseImperialCalendar</code> implements a Japanese
+ * {@code JapaneseImperialCalendar} implements a Japanese
  * calendar system in which the imperial era-based year numbering is
  * supported from the Meiji era. The following are the eras supported
  * by this calendar system.
- * <pre><tt>
+ * <pre>{@code
  * ERA value   Era name    Since (in Gregorian)
  * ------------------------------------------------------
  *     0       N/A         N/A
- *     1       Meiji       1868-01-01 midnight local time
- *     2       Taisho      1912-07-30 midnight local time
- *     3       Showa       1926-12-25 midnight local time
- *     4       Heisei      1989-01-08 midnight local time
+ *     1       Meiji       1868-01-01T00:00:00 local time
+ *     2       Taisho      1912-07-30T00:00:00 local time
+ *     3       Showa       1926-12-25T00:00:00 local time
+ *     4       Heisei      1989-01-08T00:00:00 local time
  * ------------------------------------------------------
- * </tt></pre>
+ * }</pre>
  *
  * <p><code>ERA</code> value 0 specifies the years before Meiji and
  * the Gregorian year values are used. Unlike {@link
@@ -63,6 +63,31 @@
  * with time differences for applying the era transitions. This
  * calendar implementation assumes local time for all transitions.
  *
+ * <p>A new era can be specified using property
+ * jdk.calendar.japanese.supplemental.era. The new era is added to the
+ * predefined eras. The syntax of the property is as follows.
+ * <p><pre>
+ *   {@code name=<name>,abbr=<abbr>,since=<time['u']>}
+ * </pre>
+ * where
+ * <dl>
+ * <dt>{@code <name>:}<dd>the full name of the new era (non-ASCII characters allowed)
+ * <dt>{@code <abbr>:}<dd>the abbreviation of the new era (non-ASCII characters allowed)
+ * <dt>{@code <time['u']>:}<dd>the start time of the new era represented by
+ * milliseconds from 1970-01-01T00:00:00 local time or UTC if {@code 'u'} is
+ * appended to the milliseconds value. (ASCII digits only)
+ * </dl>
+ *
+ * <p>If the given era is invalid, such as the since value before the
+ * beginning of the last predefined era, the given era will be
+ * ignored.
+ *
+ * <p>The following is an example of the property usage.
+ * <p><pre>
+ *   java -Djdk.calendar.japanese.supplemental.era="name=NewEra,abbr=N,since=253374307200000"
+ * </pre>
+ * The property specifies an era change to NewEra at 9999-02-11T00:00:00 local time.
+ *
  * @author Masayoshi Okutsu
  * @since 1.6
  */
@@ -102,7 +127,6 @@
     public static final int HEISEI = 4;
 
     private static final int EPOCH_OFFSET   = 719163; // Fixed date of January 1, 1970 (Gregorian)
-    private static final int EPOCH_YEAR     = 1970;
 
     // Useful millisecond constants.  Although ONE_DAY and ONE_WEEK can fit
     // into ints, they must be longs in order to prevent arithmetic overflow
@@ -111,7 +135,6 @@
     private static final int  ONE_MINUTE = 60*ONE_SECOND;
     private static final int  ONE_HOUR   = 60*ONE_MINUTE;
     private static final long ONE_DAY    = 24*ONE_HOUR;
-    private static final long ONE_WEEK   = 7*ONE_DAY;
 
     // Reference to the sun.util.calendar.LocalGregorianCalendar instance (singleton).
     private static final LocalGregorianCalendar jcal
@@ -217,6 +240,7 @@
     };
 
     // Proclaim serialization compatibility with JDK 1.6
+    @SuppressWarnings("FieldNameHidesFieldInSuperclass")
     private static final long serialVersionUID = -3364572813905467929L;
 
     static {
@@ -340,6 +364,7 @@
      * <code>false</code> otherwise.
      * @see Calendar#compareTo(Calendar)
      */
+    @Override
     public boolean equals(Object obj) {
         return obj instanceof JapaneseImperialCalendar &&
             super.equals(obj);
@@ -349,6 +374,7 @@
      * Generates the hash code for this
      * <code>JapaneseImperialCalendar</code> object.
      */
+    @Override
     public int hashCode() {
         return super.hashCode() ^ jdate.hashCode();
     }
@@ -381,6 +407,7 @@
      * or if any calendar fields have out-of-range values in
      * non-lenient mode.
      */
+    @Override
     public void add(int field, int amount) {
         // If amount == 0, do nothing even the given field is out of
         // range. This is tested by JCK.
@@ -509,6 +536,7 @@
         }
     }
 
+    @Override
     public void roll(int field, boolean up) {
         roll(field, up ? +1 : -1);
     }
@@ -533,6 +561,7 @@
      * @see #add(int,int)
      * @see #set(int,int)
      */
+    @Override
     public void roll(int field, int amount) {
         // If amount == 0, do nothing even the given field is out of
         // range. This is tested by JCK.
--- a/jdk/src/java.base/share/classes/java/util/StringJoiner.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.base/share/classes/java/util/StringJoiner.java	Mon Aug 18 10:59:36 2014 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2013, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -24,6 +24,9 @@
  */
 package java.util;
 
+import sun.misc.JavaLangAccess;
+import sun.misc.SharedSecrets;
+
 /**
  * {@code StringJoiner} is used to construct a sequence of characters separated
  * by a delimiter and optionally starting with a supplied prefix
@@ -67,22 +70,24 @@
     private final String delimiter;
     private final String suffix;
 
-    /*
-     * StringBuilder value -- at any time, the characters constructed from the
-     * prefix, the added element separated by the delimiter, but without the
-     * suffix, so that we can more easily add elements without having to jigger
-     * the suffix each time.
-     */
-    private StringBuilder value;
+    /** Contains all the string components added so far. */
+    private String[] elts;
 
-    /*
-     * By default, the string consisting of prefix+suffix, returned by
-     * toString(), or properties of value, when no elements have yet been added,
-     * i.e. when it is empty.  This may be overridden by the user to be some
-     * other value including the empty String.
+    /** The number of string components added so far. */
+    private int size;
+
+    /** Total length in chars so far, excluding prefix and suffix. */
+    private int len;
+
+    /**
+     * When overriden by the user to be non-null via {@link setEmptyValue}, the
+     * string returned by toString() when no elements have yet been added.
+     * When null, prefix + suffix is used as the empty value.
      */
     private String emptyValue;
 
+    private static final JavaLangAccess jla = SharedSecrets.getJavaLangAccess();
+
     /**
      * Constructs a {@code StringJoiner} with no characters in it, with no
      * {@code prefix} or {@code suffix}, and a copy of the supplied
@@ -125,7 +130,6 @@
         this.prefix = prefix.toString();
         this.delimiter = delimiter.toString();
         this.suffix = suffix.toString();
-        this.emptyValue = this.prefix + this.suffix;
     }
 
     /**
@@ -148,29 +152,44 @@
         return this;
     }
 
+    private static int getChars(String s, char[] chars, int start) {
+        int len = s.length();
+        s.getChars(0, len, chars, start);
+        return len;
+    }
+
     /**
      * Returns the current value, consisting of the {@code prefix}, the values
      * added so far separated by the {@code delimiter}, and the {@code suffix},
      * unless no elements have been added in which case, the
-     * {@code prefix + suffix} or the {@code emptyValue} characters are returned
+     * {@code prefix + suffix} or the {@code emptyValue} characters are returned.
      *
      * @return the string representation of this {@code StringJoiner}
      */
     @Override
     public String toString() {
-        if (value == null) {
+        final String[] elts = this.elts;
+        if (elts == null && emptyValue != null) {
             return emptyValue;
-        } else {
-            if (suffix.equals("")) {
-                return value.toString();
-            } else {
-                int initialLength = value.length();
-                String result = value.append(suffix).toString();
-                // reset value to pre-append initialLength
-                value.setLength(initialLength);
-                return result;
+        }
+        final int size = this.size;
+        final int addLen = prefix.length() + suffix.length();
+        if (addLen == 0) {
+            compactElts();
+            return size == 0 ? "" : elts[0];
+        }
+        final String delimiter = this.delimiter;
+        final char[] chars = new char[len + addLen];
+        int k = getChars(prefix, chars, 0);
+        if (size > 0) {
+            k += getChars(elts[0], chars, k);
+            for (int i = 1; i < size; i++) {
+                k += getChars(delimiter, chars, k);
+                k += getChars(elts[i], chars, k);
             }
         }
+        k += getChars(suffix, chars, k);
+        return jla.newStringUnsafe(chars);
     }
 
     /**
@@ -182,7 +201,16 @@
      * @return a reference to this {@code StringJoiner}
      */
     public StringJoiner add(CharSequence newElement) {
-        prepareBuilder().append(newElement);
+        final String elt = String.valueOf(newElement);
+        if (elts == null) {
+            elts = new String[8];
+        } else {
+            if (size == elts.length)
+                elts = Arrays.copyOf(elts, 2 * size);
+            len += delimiter.length();
+        }
+        len += elt.length();
+        elts[size++] = elt;
         return this;
     }
 
@@ -207,24 +235,25 @@
      */
     public StringJoiner merge(StringJoiner other) {
         Objects.requireNonNull(other);
-        if (other.value != null) {
-            final int length = other.value.length();
-            // lock the length so that we can seize the data to be appended
-            // before initiate copying to avoid interference, especially when
-            // merge 'this'
-            StringBuilder builder = prepareBuilder();
-            builder.append(other.value, other.prefix.length(), length);
+        if (other.elts == null) {
+            return this;
         }
-        return this;
+        other.compactElts();
+        return add(other.elts[0]);
     }
 
-    private StringBuilder prepareBuilder() {
-        if (value != null) {
-            value.append(delimiter);
-        } else {
-            value = new StringBuilder().append(prefix);
+    private void compactElts() {
+        if (size > 1) {
+            final char[] chars = new char[len];
+            int i = 1, k = getChars(elts[0], chars, 0);
+            do {
+                k += getChars(delimiter, chars, k);
+                k += getChars(elts[i], chars, k);
+                elts[i] = null;
+            } while (++i < size);
+            size = 1;
+            elts[0] = jla.newStringUnsafe(chars);
         }
-        return value;
     }
 
     /**
@@ -238,10 +267,7 @@
      * @return the length of the current value of {@code StringJoiner}
      */
     public int length() {
-        // Remember that we never actually append the suffix unless we return
-        // the full (present) value or some sub-string or length of it, so that
-        // we can add on more if we need to.
-        return (value != null ? value.length() + suffix.length() :
-                emptyValue.length());
+        return (size == 0 && emptyValue != null) ? emptyValue.length() :
+            len + prefix.length() + suffix.length();
     }
 }
--- a/jdk/src/java.base/share/classes/sun/util/calendar/Era.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.base/share/classes/sun/util/calendar/Era.java	Mon Aug 18 10:59:36 2014 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2005, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -41,20 +41,15 @@
  * <code>CalendarDate</code>.
  *
  * <p>The following era names are defined in this release.
- * <!-- TODO: use HTML table -->
- * <pre><tt>
+ * <pre>{@code
  *   Calendar system         Era name         Since (in Gregorian)
  *   -----------------------------------------------------------------------
- *   Japanese calendar       Meiji            1868-01-01 midnight local time
- *                           Taisho           1912-07-30 midnight local time
- *                           Showa            1926-12-26 midnight local time
- *                           Heisei           1989-01-08 midnight local time
- *   Julian calendar         BeforeCommonEra  -292275055-05-16T16:47:04.192Z
- *                           CommonEra        0000-12-30 midnight local time
- *   Taiwanese calendar      MinGuo           1911-01-01 midnight local time
- *   Thai Buddhist calendar  BuddhistEra      -543-01-01 midnight local time
+ *   Japanese calendar       Meiji            1868-01-01T00:00:00 local time
+ *                           Taisho           1912-07-30T00:00:00 local time
+ *                           Showa            1926-12-25T00:00:00 local time
+ *                           Heisei           1989-01-08T00:00:00 local time
  *   -----------------------------------------------------------------------
- * </tt></pre>
+ * }</pre>
  *
  * @author Masayoshi Okutsu
  * @since 1.5
--- a/jdk/src/java.base/share/classes/sun/util/calendar/LocalGregorianCalendar.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.base/share/classes/sun/util/calendar/LocalGregorianCalendar.java	Mon Aug 18 10:59:36 2014 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -25,11 +25,7 @@
 
 package sun.util.calendar;
 
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Properties;
-import java.util.StringTokenizer;
+import java.security.AccessController;
 import java.util.TimeZone;
 
 /**
@@ -39,6 +35,28 @@
  */
 
 public class LocalGregorianCalendar extends BaseCalendar {
+    private static final Era[] JAPANESE_ERAS = {
+        new Era("Meiji",  "M", -3218832000000L, true),
+        new Era("Taisho", "T", -1812153600000L, true),
+        new Era("Showa",  "S", -1357603200000L, true),
+        new Era("Heisei", "H",   600220800000L, true),
+    };
+
+    private static boolean isValidEra(Era newEra, Era[] eras) {
+        Era last = eras[eras.length - 1];
+        if (last.getSinceDate().getYear() >= newEra.getSinceDate().getYear()) {
+            return false;
+        }
+        // The new era name should be unique. Its abbr may not.
+        String newName = newEra.getName();
+        for (Era era : eras) {
+            if (era.getName().equals(newName)) {
+                return false;
+            }
+        }
+        return true;
+    }
+
     private String name;
     private Era[] eras;
 
@@ -118,58 +136,70 @@
     }
 
     static LocalGregorianCalendar getLocalGregorianCalendar(String name) {
-        Properties calendarProps;
-        try {
-            calendarProps = CalendarSystem.getCalendarProperties();
-        } catch (IOException | IllegalArgumentException e) {
-            throw new InternalError(e);
-        }
-        // Parse calendar.*.eras
-        String props = calendarProps.getProperty("calendar." + name + ".eras");
-        if (props == null) {
+        // Only the Japanese calendar is supported.
+        if (!"japanese".equals(name)) {
             return null;
         }
-        List<Era> eras = new ArrayList<>();
-        StringTokenizer eraTokens = new StringTokenizer(props, ";");
-        while (eraTokens.hasMoreTokens()) {
-            String items = eraTokens.nextToken().trim();
-            StringTokenizer itemTokens = new StringTokenizer(items, ",");
-            String eraName = null;
-            boolean localTime = true;
-            long since = 0;
-            String abbr = null;
 
-            while (itemTokens.hasMoreTokens()) {
-                String item = itemTokens.nextToken();
-                int index = item.indexOf('=');
-                // it must be in the key=value form.
-                if (index == -1) {
+        // Append an era to the predefined eras if it's given by the property.
+        String prop = AccessController.doPrivileged(
+                new sun.security.action.GetPropertyAction("jdk.calendar.japanese.supplemental.era"));
+        if (prop != null) {
+            Era era = parseEraEntry(prop);
+            if (era != null) {
+                if (isValidEra(era, JAPANESE_ERAS)) {
+                    int length = JAPANESE_ERAS.length;
+                    Era[] eras = new Era[length + 1];
+                    System.arraycopy(JAPANESE_ERAS, 0, eras, 0, length);
+                    eras[length] = era;
+                    return new LocalGregorianCalendar(name, eras);
+                }
+            }
+        }
+        return new LocalGregorianCalendar(name, JAPANESE_ERAS);
+    }
+
+    private static Era parseEraEntry(String entry) {
+        String[] keyValuePairs = entry.split(",");
+        String eraName = null;
+        boolean localTime = true;
+        long since = 0;
+        String abbr = null;
+
+        for (String item : keyValuePairs) {
+            String[] keyvalue = item.split("=");
+            if (keyvalue.length != 2) {
+                return null;
+            }
+            String key = keyvalue[0].trim();
+            String value = keyvalue[1].trim();
+            switch (key) {
+            case "name":
+                eraName = value;
+                break;
+            case "since":
+                if (value.endsWith("u")) {
+                    localTime = false;
+                    value = value.substring(0, value.length() - 1);
+                }
+                try {
+                    since = Long.parseLong(value);
+                } catch (NumberFormatException e) {
                     return null;
                 }
-                String key = item.substring(0, index);
-                String value = item.substring(index + 1);
-                if ("name".equals(key)) {
-                    eraName = value;
-                } else if ("since".equals(key)) {
-                    if (value.endsWith("u")) {
-                        localTime = false;
-                        since = Long.parseLong(value.substring(0, value.length() - 1));
-                    } else {
-                        since = Long.parseLong(value);
-                    }
-                } else if ("abbr".equals(key)) {
-                    abbr = value;
-                } else {
-                    throw new RuntimeException("Unknown key word: " + key);
-                }
+                break;
+            case "abbr":
+                abbr = value;
+                break;
+            default:
+                return null;
             }
-            Era era = new Era(eraName, abbr, since, localTime);
-            eras.add(era);
         }
-        Era[] eraArray = new Era[eras.size()];
-        eras.toArray(eraArray);
-
-        return new LocalGregorianCalendar(name, eraArray);
+        if (eraName == null || eraName.isEmpty()
+                || abbr == null || abbr.isEmpty()) {
+            return null;
+        }
+        return new Era(eraName, abbr, since, localTime);
     }
 
     private LocalGregorianCalendar(String name, Era[] eras) {
@@ -262,9 +292,8 @@
     }
 
     private boolean validateEra(Era era) {
-        // Validate the era
-        for (int i = 0; i < eras.length; i++) {
-            if (era == eras[i]) {
+        for (Era era1 : eras) {
+            if (era == era1) {
                 return true;
             }
         }
@@ -333,6 +362,7 @@
         }
         if (i >= 0) {
             ldate.setLocalEra(era);
+            @SuppressWarnings("null")
             int y = ldate.getNormalizedYear() - era.getSinceDate().getYear() + 1;
             ldate.setLocalYear(y);
         } else {
--- a/jdk/src/java.base/share/conf/calendars.properties	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.base/share/conf/calendars.properties	Mon Aug 18 10:59:36 2014 +0100
@@ -1,4 +1,4 @@
-# Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
@@ -23,37 +23,6 @@
 #
 
 #
-# Japanese imperial calendar
-#
-#   Meiji  since 1868-01-01 00:00:00 local time (Gregorian)
-#   Taisho since 1912-07-30 00:00:00 local time (Gregorian)
-#   Showa  since 1926-12-25 00:00:00 local time (Gregorian)
-#   Heisei since 1989-01-08 00:00:00 local time (Gregorian)
-calendar.japanese.type: LocalGregorianCalendar
-calendar.japanese.eras: \
-	name=Meiji,abbr=M,since=-3218832000000;  \
-	name=Taisho,abbr=T,since=-1812153600000; \
-	name=Showa,abbr=S,since=-1357603200000;  \
-	name=Heisei,abbr=H,since=600220800000
-
-#
-# Taiwanese calendar
-#   Minguo since 1911-01-01 00:00:00 local time (Gregorian)
-calendar.taiwanese.type: LocalGregorianCalendar
-calendar.taiwanese.eras: \
-	name=MinGuo,since=-1830384000000
-
-#
-# Thai Buddhist calendar
-#   Buddhist Era since -542-01-01 00:00:00 local time (Gregorian)
-calendar.thai-buddhist.type: LocalGregorianCalendar
-calendar.thai-buddhist.eras: \
-	name=BuddhistEra,abbr=B.E.,since=-79302585600000
-calendar.thai-buddhist.year-boundary: \
-	day1=4-1,since=-79302585600000; \
-	day1=1-1,since=-915148800000
-
-#
 # Hijrah calendars
 #
 calendar.hijrah.Hijrah-umalqura: hijrah-config-umalqura.properties
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/java.base/share/conf/security/java.security	Mon Aug 18 10:59:36 2014 +0100
@@ -0,0 +1,517 @@
+#
+# This is the "master security properties file".
+#
+# An alternate java.security properties file may be specified
+# from the command line via the system property
+#
+#    -Djava.security.properties=<URL>
+#
+# This properties file appends to the master security properties file.
+# If both properties files specify values for the same key, the value
+# from the command-line properties file is selected, as it is the last
+# one loaded.
+#
+# Also, if you specify
+#
+#    -Djava.security.properties==<URL> (2 equals),
+#
+# then that properties file completely overrides the master security
+# properties file.
+#
+# To disable the ability to specify an additional properties file from
+# the command line, set the key security.overridePropertiesFile
+# to false in the master security properties file. It is set to true
+# by default.
+
+# In this file, various security properties are set for use by
+# java.security classes. This is where users can statically register
+# Cryptography Package Providers ("providers" for short). The term
+# "provider" refers to a package or set of packages that supply a
+# concrete implementation of a subset of the cryptography aspects of
+# the Java Security API. A provider may, for example, implement one or
+# more digital signature algorithms or message digest algorithms.
+#
+# Each provider must implement a subclass of the Provider class.
+# To register a provider in this master security properties file,
+# specify the Provider subclass name and priority in the format
+#
+#    security.provider.<n>=<className>
+#
+# This declares a provider, and specifies its preference
+# order n. The preference order is the order in which providers are
+# searched for requested algorithms (when no specific provider is
+# requested). The order is 1-based; 1 is the most preferred, followed
+# by 2, and so on.
+#
+# <className> must specify the subclass of the Provider class whose
+# constructor sets the values of various properties that are required
+# for the Java Security API to look up the algorithms or other
+# facilities implemented by the provider.
+#
+# There must be at least one provider specification in java.security.
+# There is a default provider that comes standard with the JDK. It
+# is called the "SUN" provider, and its Provider subclass
+# named Sun appears in the sun.security.provider package. Thus, the
+# "SUN" provider is registered via the following:
+#
+#    security.provider.1=sun.security.provider.Sun
+#
+# (The number 1 is used for the default provider.)
+#
+# Note: Providers can be dynamically registered instead by calls to
+# either the addProvider or insertProviderAt method in the Security
+# class.
+
+#
+# List of providers and their preference orders (see above):
+#
+#ifdef solaris
+security.provider.tbd=com.oracle.security.ucrypto.UcryptoProvider ${java.home}/lib/security/ucrypto-solaris.cfg
+security.provider.tbd=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/sunpkcs11-solaris.cfg
+#endif
+security.provider.tbd=sun.security.provider.Sun
+security.provider.tbd=sun.security.rsa.SunRsaSign
+security.provider.tbd=sun.security.ec.SunEC
+security.provider.tbd=com.sun.net.ssl.internal.ssl.Provider
+security.provider.tbd=com.sun.crypto.provider.SunJCE
+security.provider.tbd=sun.security.jgss.SunProvider
+security.provider.tbd=com.sun.security.sasl.Provider
+security.provider.tbd=org.jcp.xml.dsig.internal.dom.XMLDSigRI
+security.provider.tbd=sun.security.smartcardio.SunPCSC
+#ifdef windows
+security.provider.tbd=sun.security.mscapi.SunMSCAPI
+#endif
+#ifdef macosx
+security.provider.tbd=apple.security.AppleProvider
+#endif
+
+#
+# Sun Provider SecureRandom seed source.
+#
+# Select the primary source of seed data for the "SHA1PRNG" and
+# "NativePRNG" SecureRandom implementations in the "Sun" provider.
+# (Other SecureRandom implementations might also use this property.)
+#
+# On Unix-like systems (for example, Solaris/Linux/MacOS), the
+# "NativePRNG" and "SHA1PRNG" implementations obtains seed data from
+# special device files such as file:/dev/random.
+#
+# On Windows systems, specifying the URLs "file:/dev/random" or
+# "file:/dev/urandom" will enable the native Microsoft CryptoAPI seeding
+# mechanism for SHA1PRNG.
+#
+# By default, an attempt is made to use the entropy gathering device
+# specified by the "securerandom.source" Security property.  If an
+# exception occurs while accessing the specified URL:
+#
+#     SHA1PRNG:
+#         the traditional system/thread activity algorithm will be used.
+#
+#     NativePRNG:
+#         a default value of /dev/random will be used.  If neither
+#         are available, the implementation will be disabled.
+#         "file" is the only currently supported protocol type.
+#
+# The entropy gathering device can also be specified with the System
+# property "java.security.egd". For example:
+#
+#   % java -Djava.security.egd=file:/dev/random MainClass
+#
+# Specifying this System property will override the
+# "securerandom.source" Security property.
+#
+# In addition, if "file:/dev/random" or "file:/dev/urandom" is
+# specified, the "NativePRNG" implementation will be more preferred than
+# SHA1PRNG in the Sun provider.
+#
+securerandom.source=file:/dev/random
+
+#
+# A list of known strong SecureRandom implementations.
+#
+# To help guide applications in selecting a suitable strong
+# java.security.SecureRandom implementation, Java distributions should
+# indicate a list of known strong implementations using the property.
+#
+# This is a comma-separated list of algorithm and/or algorithm:provider
+# entries.
+#
+#ifdef windows
+securerandom.strongAlgorithms=Windows-PRNG:SunMSCAPI,SHA1PRNG:SUN
+#endif
+#ifndef windows
+securerandom.strongAlgorithms=NativePRNGBlocking:SUN
+#endif
+
+#
+# Class to instantiate as the javax.security.auth.login.Configuration
+# provider.
+#
+login.configuration.provider=sun.security.provider.ConfigFile
+
+#
+# Default login configuration file
+#
+#login.config.url.1=file:${user.home}/.java.login.config
+
+#
+# Class to instantiate as the system Policy. This is the name of the class
+# that will be used as the Policy object.
+#
+policy.provider=sun.security.provider.PolicyFile
+
+# The default is to have a single system-wide policy file,
+# and a policy file in the user's home directory.
+policy.url.1=file:${java.home}/lib/security/java.policy
+policy.url.2=file:${user.home}/.java.policy
+
+# whether or not we expand properties in the policy file
+# if this is set to false, properties (${...}) will not be expanded in policy
+# files.
+policy.expandProperties=true
+
+# whether or not we allow an extra policy to be passed on the command line
+# with -Djava.security.policy=somefile. Comment out this line to disable
+# this feature.
+policy.allowSystemProperty=true
+
+# whether or not we look into the IdentityScope for trusted Identities
+# when encountering a 1.1 signed JAR file. If the identity is found
+# and is trusted, we grant it AllPermission.
+policy.ignoreIdentityScope=false
+
+#
+# Default keystore type.
+#
+keystore.type=jks
+
+#
+# List of comma-separated packages that start with or equal this string
+# will cause a security exception to be thrown when
+# passed to checkPackageAccess unless the
+# corresponding RuntimePermission ("accessClassInPackage."+package) has
+# been granted.
+package.access=sun.,\
+               com.sun.xml.internal.,\
+               com.sun.imageio.,\
+               com.sun.istack.internal.,\
+               com.sun.jmx.,\
+               com.sun.media.sound.,\
+               com.sun.naming.internal.,\
+               com.sun.proxy.,\
+               com.sun.corba.se.,\
+               com.sun.org.apache.bcel.internal.,\
+               com.sun.org.apache.regexp.internal.,\
+               com.sun.org.apache.xerces.internal.,\
+               com.sun.org.apache.xpath.internal.,\
+               com.sun.org.apache.xalan.internal.extensions.,\
+               com.sun.org.apache.xalan.internal.lib.,\
+               com.sun.org.apache.xalan.internal.res.,\
+               com.sun.org.apache.xalan.internal.templates.,\
+               com.sun.org.apache.xalan.internal.utils.,\
+               com.sun.org.apache.xalan.internal.xslt.,\
+               com.sun.org.apache.xalan.internal.xsltc.cmdline.,\
+               com.sun.org.apache.xalan.internal.xsltc.compiler.,\
+               com.sun.org.apache.xalan.internal.xsltc.trax.,\
+               com.sun.org.apache.xalan.internal.xsltc.util.,\
+               com.sun.org.apache.xml.internal.res.,\
+               com.sun.org.apache.xml.internal.security.,\
+               com.sun.org.apache.xml.internal.serializer.utils.,\
+               com.sun.org.apache.xml.internal.utils.,\
+               com.sun.org.glassfish.,\
+               com.oracle.xmlns.internal.,\
+               com.oracle.webservices.internal.,\
+               org.jcp.xml.dsig.internal.,\
+               jdk.internal.,\
+               jdk.nashorn.internal.,\
+               jdk.nashorn.tools.,\
+               com.sun.activation.registries.,\
+#ifdef macosx
+               apple.,\
+#endif
+
+#
+# List of comma-separated packages that start with or equal this string
+# will cause a security exception to be thrown when
+# passed to checkPackageDefinition unless the
+# corresponding RuntimePermission ("defineClassInPackage."+package) has
+# been granted.
+#
+# by default, none of the class loaders supplied with the JDK call
+# checkPackageDefinition.
+#
+package.definition=sun.,\
+                   com.sun.xml.internal.,\
+                   com.sun.imageio.,\
+                   com.sun.istack.internal.,\
+                   com.sun.jmx.,\
+                   com.sun.media.sound.,\
+                   com.sun.naming.internal.,\
+                   com.sun.proxy.,\
+                   com.sun.corba.se.,\
+                   com.sun.org.apache.bcel.internal.,\
+                   com.sun.org.apache.regexp.internal.,\
+                   com.sun.org.apache.xerces.internal.,\
+                   com.sun.org.apache.xpath.internal.,\
+                   com.sun.org.apache.xalan.internal.extensions.,\
+                   com.sun.org.apache.xalan.internal.lib.,\
+                   com.sun.org.apache.xalan.internal.res.,\
+                   com.sun.org.apache.xalan.internal.templates.,\
+                   com.sun.org.apache.xalan.internal.utils.,\
+                   com.sun.org.apache.xalan.internal.xslt.,\
+                   com.sun.org.apache.xalan.internal.xsltc.cmdline.,\
+                   com.sun.org.apache.xalan.internal.xsltc.compiler.,\
+                   com.sun.org.apache.xalan.internal.xsltc.trax.,\
+                   com.sun.org.apache.xalan.internal.xsltc.util.,\
+                   com.sun.org.apache.xml.internal.res.,\
+                   com.sun.org.apache.xml.internal.security.,\
+                   com.sun.org.apache.xml.internal.serializer.utils.,\
+                   com.sun.org.apache.xml.internal.utils.,\
+                   com.sun.org.glassfish.,\
+                   com.oracle.xmlns.internal.,\
+                   com.oracle.webservices.internal.,\
+                   org.jcp.xml.dsig.internal.,\
+                   jdk.internal.,\
+                   jdk.nashorn.internal.,\
+                   jdk.nashorn.tools.,\
+                   com.sun.activation.registries.,\
+#ifdef macosx
+                   apple.,\
+#endif
+
+#
+# Determines whether this properties file can be appended to
+# or overridden on the command line via -Djava.security.properties
+#
+security.overridePropertiesFile=true
+
+#
+# Determines the default key and trust manager factory algorithms for
+# the javax.net.ssl package.
+#
+ssl.KeyManagerFactory.algorithm=SunX509
+ssl.TrustManagerFactory.algorithm=PKIX
+
+#
+# The Java-level namelookup cache policy for successful lookups:
+#
+# any negative value: caching forever
+# any positive value: the number of seconds to cache an address for
+# zero: do not cache
+#
+# default value is forever (FOREVER). For security reasons, this
+# caching is made forever when a security manager is set. When a security
+# manager is not set, the default behavior in this implementation
+# is to cache for 30 seconds.
+#
+# NOTE: setting this to anything other than the default value can have
+#       serious security implications. Do not set it unless
+#       you are sure you are not exposed to DNS spoofing attack.
+#
+#networkaddress.cache.ttl=-1
+
+# The Java-level namelookup cache policy for failed lookups:
+#
+# any negative value: cache forever
+# any positive value: the number of seconds to cache negative lookup results
+# zero: do not cache
+#
+# In some Microsoft Windows networking environments that employ
+# the WINS name service in addition to DNS, name service lookups
+# that fail may take a noticeably long time to return (approx. 5 seconds).
+# For this reason the default caching policy is to maintain these
+# results for 10 seconds.
+#
+#
+networkaddress.cache.negative.ttl=10
+
+#
+# Properties to configure OCSP for certificate revocation checking
+#
+
+# Enable OCSP
+#
+# By default, OCSP is not used for certificate revocation checking.
+# This property enables the use of OCSP when set to the value "true".
+#
+# NOTE: SocketPermission is required to connect to an OCSP responder.
+#
+# Example,
+#   ocsp.enable=true
+
+#
+# Location of the OCSP responder
+#
+# By default, the location of the OCSP responder is determined implicitly
+# from the certificate being validated. This property explicitly specifies
+# the location of the OCSP responder. The property is used when the
+# Authority Information Access extension (defined in RFC 3280) is absent
+# from the certificate or when it requires overriding.
+#
+# Example,
+#   ocsp.responderURL=http://ocsp.example.net:80
+
+#
+# Subject name of the OCSP responder's certificate
+#
+# By default, the certificate of the OCSP responder is that of the issuer
+# of the certificate being validated. This property identifies the certificate
+# of the OCSP responder when the default does not apply. Its value is a string
+# distinguished name (defined in RFC 2253) which identifies a certificate in
+# the set of certificates supplied during cert path validation. In cases where
+# the subject name alone is not sufficient to uniquely identify the certificate
+# then both the "ocsp.responderCertIssuerName" and
+# "ocsp.responderCertSerialNumber" properties must be used instead. When this
+# property is set then those two properties are ignored.
+#
+# Example,
+#   ocsp.responderCertSubjectName="CN=OCSP Responder, O=XYZ Corp"
+
+#
+# Issuer name of the OCSP responder's certificate
+#
+# By default, the certificate of the OCSP responder is that of the issuer
+# of the certificate being validated. This property identifies the certificate
+# of the OCSP responder when the default does not apply. Its value is a string
+# distinguished name (defined in RFC 2253) which identifies a certificate in
+# the set of certificates supplied during cert path validation. When this
+# property is set then the "ocsp.responderCertSerialNumber" property must also
+# be set. When the "ocsp.responderCertSubjectName" property is set then this
+# property is ignored.
+#
+# Example,
+#   ocsp.responderCertIssuerName="CN=Enterprise CA, O=XYZ Corp"
+
+#
+# Serial number of the OCSP responder's certificate
+#
+# By default, the certificate of the OCSP responder is that of the issuer
+# of the certificate being validated. This property identifies the certificate
+# of the OCSP responder when the default does not apply. Its value is a string
+# of hexadecimal digits (colon or space separators may be present) which
+# identifies a certificate in the set of certificates supplied during cert path
+# validation. When this property is set then the "ocsp.responderCertIssuerName"
+# property must also be set. When the "ocsp.responderCertSubjectName" property
+# is set then this property is ignored.
+#
+# Example,
+#   ocsp.responderCertSerialNumber=2A:FF:00
+
+#
+# Policy for failed Kerberos KDC lookups:
+#
+# When a KDC is unavailable (network error, service failure, etc), it is
+# put inside a blacklist and accessed less often for future requests. The
+# value (case-insensitive) for this policy can be:
+#
+# tryLast
+#    KDCs in the blacklist are always tried after those not on the list.
+#
+# tryLess[:max_retries,timeout]
+#    KDCs in the blacklist are still tried by their order in the configuration,
+#    but with smaller max_retries and timeout values. max_retries and timeout
+#    are optional numerical parameters (default 1 and 5000, which means once
+#    and 5 seconds). Please notes that if any of the values defined here is
+#    more than what is defined in krb5.conf, it will be ignored.
+#
+# Whenever a KDC is detected as available, it is removed from the blacklist.
+# The blacklist is reset when krb5.conf is reloaded. You can add
+# refreshKrb5Config=true to a JAAS configuration file so that krb5.conf is
+# reloaded whenever a JAAS authentication is attempted.
+#
+# Example,
+#   krb5.kdc.bad.policy = tryLast
+#   krb5.kdc.bad.policy = tryLess:2,2000
+krb5.kdc.bad.policy = tryLast
+
+# Algorithm restrictions for certification path (CertPath) processing
+#
+# In some environments, certain algorithms or key lengths may be undesirable
+# for certification path building and validation.  For example, "MD2" is
+# generally no longer considered to be a secure hash algorithm.  This section
+# describes the mechanism for disabling algorithms based on algorithm name
+# and/or key length.  This includes algorithms used in certificates, as well
+# as revocation information such as CRLs and signed OCSP Responses.
+#
+# The syntax of the disabled algorithm string is described as this Java
+# BNF-style:
+#   DisabledAlgorithms:
+#       " DisabledAlgorithm { , DisabledAlgorithm } "
+#
+#   DisabledAlgorithm:
+#       AlgorithmName [Constraint]
+#
+#   AlgorithmName:
+#       (see below)
+#
+#   Constraint:
+#       KeySizeConstraint
+#
+#   KeySizeConstraint:
+#       keySize Operator DecimalInteger
+#
+#   Operator:
+#       <= | < | == | != | >= | >
+#
+#   DecimalInteger:
+#       DecimalDigits
+#
+#   DecimalDigits:
+#       DecimalDigit {DecimalDigit}
+#
+#   DecimalDigit: one of
+#       1 2 3 4 5 6 7 8 9 0
+#
+# The "AlgorithmName" is the standard algorithm name of the disabled
+# algorithm. See "Java Cryptography Architecture Standard Algorithm Name
+# Documentation" for information about Standard Algorithm Names.  Matching
+# is performed using a case-insensitive sub-element matching rule.  (For
+# example, in "SHA1withECDSA" the sub-elements are "SHA1" for hashing and
+# "ECDSA" for signatures.)  If the assertion "AlgorithmName" is a
+# sub-element of the certificate algorithm name, the algorithm will be
+# rejected during certification path building and validation.  For example,
+# the assertion algorithm name "DSA" will disable all certificate algorithms
+# that rely on DSA, such as NONEwithDSA, SHA1withDSA.  However, the assertion
+# will not disable algorithms related to "ECDSA".
+#
+# A "Constraint" provides further guidance for the algorithm being specified.
+# The "KeySizeConstraint" requires a key of a valid size range if the
+# "AlgorithmName" is of a key algorithm.  The "DecimalInteger" indicates the
+# key size specified in number of bits.  For example, "RSA keySize <= 1024"
+# indicates that any RSA key with key size less than or equal to 1024 bits
+# should be disabled, and "RSA keySize < 1024, RSA keySize > 2048" indicates
+# that any RSA key with key size less than 1024 or greater than 2048 should
+# be disabled. Note that the "KeySizeConstraint" only makes sense to key
+# algorithms.
+#
+# Note: This property is currently used by Oracle's PKIX implementation. It
+# is not guaranteed to be examined and used by other implementations.
+#
+# Example:
+#   jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
+#
+#
+jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024
+
+# Algorithm restrictions for Secure Socket Layer/Transport Layer Security
+# (SSL/TLS) processing
+#
+# In some environments, certain algorithms or key lengths may be undesirable
+# when using SSL/TLS.  This section describes the mechanism for disabling
+# algorithms during SSL/TLS security parameters negotiation, including cipher
+# suites selection, peer authentication and key exchange mechanisms.
+#
+# For PKI-based peer authentication and key exchange mechanisms, this list
+# of disabled algorithms will also be checked during certification path
+# building and validation, including algorithms used in certificates, as
+# well as revocation information such as CRLs and signed OCSP Responses.
+# This is in addition to the jdk.certpath.disabledAlgorithms property above.
+#
+# See the specification of "jdk.certpath.disabledAlgorithms" for the
+# syntax of the disabled algorithm string.
+#
+# Note: This property is currently used by Oracle's JSSE implementation.
+# It is not guaranteed to be examined and used by other implementations.
+#
+# Example:
+#   jdk.tls.disabledAlgorithms=MD5, SHA1, DSA, RSA keySize < 2048
--- a/jdk/src/java.base/share/conf/security/java.security-aix	Wed Jul 05 19:56:33 2017 +0200
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,496 +0,0 @@
-#
-# This is the "master security properties file".
-#
-# An alternate java.security properties file may be specified
-# from the command line via the system property
-#
-#    -Djava.security.properties=<URL>
-#
-# This properties file appends to the master security properties file.
-# If both properties files specify values for the same key, the value
-# from the command-line properties file is selected, as it is the last
-# one loaded.
-#
-# Also, if you specify
-#
-#    -Djava.security.properties==<URL> (2 equals),
-#
-# then that properties file completely overrides the master security
-# properties file.
-#
-# To disable the ability to specify an additional properties file from
-# the command line, set the key security.overridePropertiesFile
-# to false in the master security properties file. It is set to true
-# by default.
-
-# In this file, various security properties are set for use by
-# java.security classes. This is where users can statically register
-# Cryptography Package Providers ("providers" for short). The term
-# "provider" refers to a package or set of packages that supply a
-# concrete implementation of a subset of the cryptography aspects of
-# the Java Security API. A provider may, for example, implement one or
-# more digital signature algorithms or message digest algorithms.
-#
-# Each provider must implement a subclass of the Provider class.
-# To register a provider in this master security properties file,
-# specify the Provider subclass name and priority in the format
-#
-#    security.provider.<n>=<className>
-#
-# This declares a provider, and specifies its preference
-# order n. The preference order is the order in which providers are
-# searched for requested algorithms (when no specific provider is
-# requested). The order is 1-based; 1 is the most preferred, followed
-# by 2, and so on.
-#
-# <className> must specify the subclass of the Provider class whose
-# constructor sets the values of various properties that are required
-# for the Java Security API to look up the algorithms or other
-# facilities implemented by the provider.
-#
-# There must be at least one provider specification in java.security.
-# There is a default provider that comes standard with the JDK. It
-# is called the "SUN" provider, and its Provider subclass
-# named Sun appears in the sun.security.provider package. Thus, the
-# "SUN" provider is registered via the following:
-#
-#    security.provider.1=sun.security.provider.Sun
-#
-# (The number 1 is used for the default provider.)
-#
-# Note: Providers can be dynamically registered instead by calls to
-# either the addProvider or insertProviderAt method in the Security
-# class.
-
-#
-# List of providers and their preference orders (see above):
-#
-security.provider.1=sun.security.provider.Sun
-security.provider.2=sun.security.rsa.SunRsaSign
-security.provider.3=sun.security.ec.SunEC
-security.provider.4=com.sun.net.ssl.internal.ssl.Provider
-security.provider.5=com.sun.crypto.provider.SunJCE
-security.provider.6=sun.security.jgss.SunProvider
-security.provider.7=com.sun.security.sasl.Provider
-security.provider.8=org.jcp.xml.dsig.internal.dom.XMLDSigRI
-security.provider.9=sun.security.smartcardio.SunPCSC
-
-#
-# Sun Provider SecureRandom seed source.
-#
-# Select the primary source of seed data for the "SHA1PRNG" and
-# "NativePRNG" SecureRandom implementations in the "Sun" provider.
-# (Other SecureRandom implementations might also use this property.)
-#
-# On Unix-like systems (for example, Solaris/Linux/MacOS), the
-# "NativePRNG" and "SHA1PRNG" implementations obtains seed data from
-# special device files such as file:/dev/random.
-#
-# On Windows systems, specifying the URLs "file:/dev/random" or
-# "file:/dev/urandom" will enable the native Microsoft CryptoAPI seeding
-# mechanism for SHA1PRNG.
-#
-# By default, an attempt is made to use the entropy gathering device
-# specified by the "securerandom.source" Security property.  If an
-# exception occurs while accessing the specified URL:
-#
-#     SHA1PRNG:
-#         the traditional system/thread activity algorithm will be used.
-#
-#     NativePRNG:
-#         a default value of /dev/random will be used.  If neither
-#         are available, the implementation will be disabled.
-#         "file" is the only currently supported protocol type.
-#
-# The entropy gathering device can also be specified with the System
-# property "java.security.egd". For example:
-#
-#   % java -Djava.security.egd=file:/dev/random MainClass
-#
-# Specifying this System property will override the
-# "securerandom.source" Security property.
-#
-# In addition, if "file:/dev/random" or "file:/dev/urandom" is
-# specified, the "NativePRNG" implementation will be more preferred than
-# SHA1PRNG in the Sun provider.
-#
-securerandom.source=file:/dev/random
-
-#
-# A list of known strong SecureRandom implementations.
-#
-# To help guide applications in selecting a suitable strong
-# java.security.SecureRandom implementation, Java distributions should
-# indicate a list of known strong implementations using the property.
-#
-# This is a comma-separated list of algorithm and/or algorithm:provider
-# entries.
-#
-securerandom.strongAlgorithms=NativePRNGBlocking:SUN
-
-#
-# Class to instantiate as the javax.security.auth.login.Configuration
-# provider.
-#
-login.configuration.provider=sun.security.provider.ConfigFile
-
-#
-# Default login configuration file
-#
-#login.config.url.1=file:${user.home}/.java.login.config
-
-#
-# Class to instantiate as the system Policy. This is the name of the class
-# that will be used as the Policy object.
-#
-policy.provider=sun.security.provider.PolicyFile
-
-# The default is to have a single system-wide policy file,
-# and a policy file in the user's home directory.
-policy.url.1=file:${java.home}/lib/security/java.policy
-policy.url.2=file:${user.home}/.java.policy
-
-# whether or not we expand properties in the policy file
-# if this is set to false, properties (${...}) will not be expanded in policy
-# files.
-policy.expandProperties=true
-
-# whether or not we allow an extra policy to be passed on the command line
-# with -Djava.security.policy=somefile. Comment out this line to disable
-# this feature.
-policy.allowSystemProperty=true
-
-# whether or not we look into the IdentityScope for trusted Identities
-# when encountering a 1.1 signed JAR file. If the identity is found
-# and is trusted, we grant it AllPermission.
-policy.ignoreIdentityScope=false
-
-#
-# Default keystore type.
-#
-keystore.type=jks
-
-#
-# List of comma-separated packages that start with or equal this string
-# will cause a security exception to be thrown when
-# passed to checkPackageAccess unless the
-# corresponding RuntimePermission ("accessClassInPackage."+package) has
-# been granted.
-package.access=sun.,\
-               com.sun.xml.internal.,\
-               com.sun.imageio.,\
-               com.sun.istack.internal.,\
-               com.sun.jmx.,\
-               com.sun.media.sound.,\
-               com.sun.naming.internal.,\
-               com.sun.proxy.,\
-               com.sun.corba.se.,\
-               com.sun.org.apache.bcel.internal.,\
-               com.sun.org.apache.regexp.internal.,\
-               com.sun.org.apache.xerces.internal.,\
-               com.sun.org.apache.xpath.internal.,\
-               com.sun.org.apache.xalan.internal.extensions.,\
-               com.sun.org.apache.xalan.internal.lib.,\
-               com.sun.org.apache.xalan.internal.res.,\
-               com.sun.org.apache.xalan.internal.templates.,\
-               com.sun.org.apache.xalan.internal.utils.,\
-               com.sun.org.apache.xalan.internal.xslt.,\
-               com.sun.org.apache.xalan.internal.xsltc.cmdline.,\
-               com.sun.org.apache.xalan.internal.xsltc.compiler.,\
-               com.sun.org.apache.xalan.internal.xsltc.trax.,\
-               com.sun.org.apache.xalan.internal.xsltc.util.,\
-               com.sun.org.apache.xml.internal.res.,\
-               com.sun.org.apache.xml.internal.security.,\
-               com.sun.org.apache.xml.internal.serializer.utils.,\
-               com.sun.org.apache.xml.internal.utils.,\
-               com.sun.org.glassfish.,\
-               com.oracle.xmlns.internal.,\
-               com.oracle.webservices.internal.,\
-               org.jcp.xml.dsig.internal.,\
-               jdk.internal.,\
-               jdk.nashorn.internal.,\
-               jdk.nashorn.tools.
-
-
-#
-# List of comma-separated packages that start with or equal this string
-# will cause a security exception to be thrown when
-# passed to checkPackageDefinition unless the
-# corresponding RuntimePermission ("defineClassInPackage."+package) has
-# been granted.
-#
-# by default, none of the class loaders supplied with the JDK call
-# checkPackageDefinition.
-#
-package.definition=sun.,\
-                   com.sun.xml.internal.,\
-                   com.sun.imageio.,\
-                   com.sun.istack.internal.,\
-                   com.sun.jmx.,\
-                   com.sun.media.sound.,\
-                   com.sun.naming.internal.,\
-                   com.sun.proxy.,\
-                   com.sun.corba.se.,\
-                   com.sun.org.apache.bcel.internal.,\
-                   com.sun.org.apache.regexp.internal.,\
-                   com.sun.org.apache.xerces.internal.,\
-                   com.sun.org.apache.xpath.internal.,\
-                   com.sun.org.apache.xalan.internal.extensions.,\
-                   com.sun.org.apache.xalan.internal.lib.,\
-                   com.sun.org.apache.xalan.internal.res.,\
-                   com.sun.org.apache.xalan.internal.templates.,\
-                   com.sun.org.apache.xalan.internal.utils.,\
-                   com.sun.org.apache.xalan.internal.xslt.,\
-                   com.sun.org.apache.xalan.internal.xsltc.cmdline.,\
-                   com.sun.org.apache.xalan.internal.xsltc.compiler.,\
-                   com.sun.org.apache.xalan.internal.xsltc.trax.,\
-                   com.sun.org.apache.xalan.internal.xsltc.util.,\
-                   com.sun.org.apache.xml.internal.res.,\
-                   com.sun.org.apache.xml.internal.security.,\
-                   com.sun.org.apache.xml.internal.serializer.utils.,\
-                   com.sun.org.apache.xml.internal.utils.,\
-                   com.sun.org.glassfish.,\
-                   com.oracle.xmlns.internal.,\
-                   com.oracle.webservices.internal.,\
-                   org.jcp.xml.dsig.internal.,\
-                   jdk.internal.,\
-                   jdk.nashorn.internal.,\
-                   jdk.nashorn.tools.
-
-
-#
-# Determines whether this properties file can be appended to
-# or overridden on the command line via -Djava.security.properties
-#
-security.overridePropertiesFile=true
-
-#
-# Determines the default key and trust manager factory algorithms for
-# the javax.net.ssl package.
-#
-ssl.KeyManagerFactory.algorithm=SunX509
-ssl.TrustManagerFactory.algorithm=PKIX
-
-#
-# The Java-level namelookup cache policy for successful lookups:
-#
-# any negative value: caching forever
-# any positive value: the number of seconds to cache an address for
-# zero: do not cache
-#
-# default value is forever (FOREVER). For security reasons, this
-# caching is made forever when a security manager is set. When a security
-# manager is not set, the default behavior in this implementation
-# is to cache for 30 seconds.
-#
-# NOTE: setting this to anything other than the default value can have
-#       serious security implications. Do not set it unless
-#       you are sure you are not exposed to DNS spoofing attack.
-#
-#networkaddress.cache.ttl=-1
-
-# The Java-level namelookup cache policy for failed lookups:
-#
-# any negative value: cache forever
-# any positive value: the number of seconds to cache negative lookup results
-# zero: do not cache
-#
-# In some Microsoft Windows networking environments that employ
-# the WINS name service in addition to DNS, name service lookups
-# that fail may take a noticeably long time to return (approx. 5 seconds).
-# For this reason the default caching policy is to maintain these
-# results for 10 seconds.
-#
-#
-networkaddress.cache.negative.ttl=10
-
-#
-# Properties to configure OCSP for certificate revocation checking
-#
-
-# Enable OCSP
-#
-# By default, OCSP is not used for certificate revocation checking.
-# This property enables the use of OCSP when set to the value "true".
-#
-# NOTE: SocketPermission is required to connect to an OCSP responder.
-#
-# Example,
-#   ocsp.enable=true
-
-#
-# Location of the OCSP responder
-#
-# By default, the location of the OCSP responder is determined implicitly
-# from the certificate being validated. This property explicitly specifies
-# the location of the OCSP responder. The property is used when the
-# Authority Information Access extension (defined in RFC 3280) is absent
-# from the certificate or when it requires overriding.
-#
-# Example,
-#   ocsp.responderURL=http://ocsp.example.net:80
-
-#
-# Subject name of the OCSP responder's certificate
-#
-# By default, the certificate of the OCSP responder is that of the issuer
-# of the certificate being validated. This property identifies the certificate
-# of the OCSP responder when the default does not apply. Its value is a string
-# distinguished name (defined in RFC 2253) which identifies a certificate in
-# the set of certificates supplied during cert path validation. In cases where
-# the subject name alone is not sufficient to uniquely identify the certificate
-# then both the "ocsp.responderCertIssuerName" and
-# "ocsp.responderCertSerialNumber" properties must be used instead. When this
-# property is set then those two properties are ignored.
-#
-# Example,
-#   ocsp.responderCertSubjectName="CN=OCSP Responder, O=XYZ Corp"
-
-#
-# Issuer name of the OCSP responder's certificate
-#
-# By default, the certificate of the OCSP responder is that of the issuer
-# of the certificate being validated. This property identifies the certificate
-# of the OCSP responder when the default does not apply. Its value is a string
-# distinguished name (defined in RFC 2253) which identifies a certificate in
-# the set of certificates supplied during cert path validation. When this
-# property is set then the "ocsp.responderCertSerialNumber" property must also
-# be set. When the "ocsp.responderCertSubjectName" property is set then this
-# property is ignored.
-#
-# Example,
-#   ocsp.responderCertIssuerName="CN=Enterprise CA, O=XYZ Corp"
-
-#
-# Serial number of the OCSP responder's certificate
-#
-# By default, the certificate of the OCSP responder is that of the issuer
-# of the certificate being validated. This property identifies the certificate
-# of the OCSP responder when the default does not apply. Its value is a string
-# of hexadecimal digits (colon or space separators may be present) which
-# identifies a certificate in the set of certificates supplied during cert path
-# validation. When this property is set then the "ocsp.responderCertIssuerName"
-# property must also be set. When the "ocsp.responderCertSubjectName" property
-# is set then this property is ignored.
-#
-# Example,
-#   ocsp.responderCertSerialNumber=2A:FF:00
-
-#
-# Policy for failed Kerberos KDC lookups:
-#
-# When a KDC is unavailable (network error, service failure, etc), it is
-# put inside a blacklist and accessed less often for future requests. The
-# value (case-insensitive) for this policy can be:
-#
-# tryLast
-#    KDCs in the blacklist are always tried after those not on the list.
-#
-# tryLess[:max_retries,timeout]
-#    KDCs in the blacklist are still tried by their order in the configuration,
-#    but with smaller max_retries and timeout values. max_retries and timeout
-#    are optional numerical parameters (default 1 and 5000, which means once
-#    and 5 seconds). Please notes that if any of the values defined here is
-#    more than what is defined in krb5.conf, it will be ignored.
-#
-# Whenever a KDC is detected as available, it is removed from the blacklist.
-# The blacklist is reset when krb5.conf is reloaded. You can add
-# refreshKrb5Config=true to a JAAS configuration file so that krb5.conf is
-# reloaded whenever a JAAS authentication is attempted.
-#
-# Example,
-#   krb5.kdc.bad.policy = tryLast
-#   krb5.kdc.bad.policy = tryLess:2,2000
-krb5.kdc.bad.policy = tryLast
-
-# Algorithm restrictions for certification path (CertPath) processing
-#
-# In some environments, certain algorithms or key lengths may be undesirable
-# for certification path building and validation.  For example, "MD2" is
-# generally no longer considered to be a secure hash algorithm.  This section
-# describes the mechanism for disabling algorithms based on algorithm name
-# and/or key length.  This includes algorithms used in certificates, as well
-# as revocation information such as CRLs and signed OCSP Responses.
-#
-# The syntax of the disabled algorithm string is described as this Java
-# BNF-style:
-#   DisabledAlgorithms:
-#       " DisabledAlgorithm { , DisabledAlgorithm } "
-#
-#   DisabledAlgorithm:
-#       AlgorithmName [Constraint]
-#
-#   AlgorithmName:
-#       (see below)
-#
-#   Constraint:
-#       KeySizeConstraint
-#
-#   KeySizeConstraint:
-#       keySize Operator DecimalInteger
-#
-#   Operator:
-#       <= | < | == | != | >= | >
-#
-#   DecimalInteger:
-#       DecimalDigits
-#
-#   DecimalDigits:
-#       DecimalDigit {DecimalDigit}
-#
-#   DecimalDigit: one of
-#       1 2 3 4 5 6 7 8 9 0
-#
-# The "AlgorithmName" is the standard algorithm name of the disabled
-# algorithm. See "Java Cryptography Architecture Standard Algorithm Name
-# Documentation" for information about Standard Algorithm Names.  Matching
-# is performed using a case-insensitive sub-element matching rule.  (For
-# example, in "SHA1withECDSA" the sub-elements are "SHA1" for hashing and
-# "ECDSA" for signatures.)  If the assertion "AlgorithmName" is a
-# sub-element of the certificate algorithm name, the algorithm will be
-# rejected during certification path building and validation.  For example,
-# the assertion algorithm name "DSA" will disable all certificate algorithms
-# that rely on DSA, such as NONEwithDSA, SHA1withDSA.  However, the assertion
-# will not disable algorithms related to "ECDSA".
-#
-# A "Constraint" provides further guidance for the algorithm being specified.
-# The "KeySizeConstraint" requires a key of a valid size range if the
-# "AlgorithmName" is of a key algorithm.  The "DecimalInteger" indicates the
-# key size specified in number of bits.  For example, "RSA keySize <= 1024"
-# indicates that any RSA key with key size less than or equal to 1024 bits
-# should be disabled, and "RSA keySize < 1024, RSA keySize > 2048" indicates
-# that any RSA key with key size less than 1024 or greater than 2048 should
-# be disabled. Note that the "KeySizeConstraint" only makes sense to key
-# algorithms.
-#
-# Note: This property is currently used by Oracle's PKIX implementation. It
-# is not guaranteed to be examined and used by other implementations.
-#
-# Example:
-#   jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
-#
-#
-jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024
-
-# Algorithm restrictions for Secure Socket Layer/Transport Layer Security
-# (SSL/TLS) processing
-#
-# In some environments, certain algorithms or key lengths may be undesirable
-# when using SSL/TLS.  This section describes the mechanism for disabling
-# algorithms during SSL/TLS security parameters negotiation, including cipher
-# suites selection, peer authentication and key exchange mechanisms.
-#
-# For PKI-based peer authentication and key exchange mechanisms, this list
-# of disabled algorithms will also be checked during certification path
-# building and validation, including algorithms used in certificates, as
-# well as revocation information such as CRLs and signed OCSP Responses.
-# This is in addition to the jdk.certpath.disabledAlgorithms property above.
-#
-# See the specification of "jdk.certpath.disabledAlgorithms" for the
-# syntax of the disabled algorithm string.
-#
-# Note: This property is currently used by Oracle's JSSE implementation.
-# It is not guaranteed to be examined and used by other implementations.
-#
-# Example:
-#   jdk.tls.disabledAlgorithms=MD5, SHA1, DSA, RSA keySize < 2048
--- a/jdk/src/java.base/share/conf/security/java.security-linux	Wed Jul 05 19:56:33 2017 +0200
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,496 +0,0 @@
-#
-# This is the "master security properties file".
-#
-# An alternate java.security properties file may be specified
-# from the command line via the system property
-#
-#    -Djava.security.properties=<URL>
-#
-# This properties file appends to the master security properties file.
-# If both properties files specify values for the same key, the value
-# from the command-line properties file is selected, as it is the last
-# one loaded.
-#
-# Also, if you specify
-#
-#    -Djava.security.properties==<URL> (2 equals),
-#
-# then that properties file completely overrides the master security
-# properties file.
-#
-# To disable the ability to specify an additional properties file from
-# the command line, set the key security.overridePropertiesFile
-# to false in the master security properties file. It is set to true
-# by default.
-
-# In this file, various security properties are set for use by
-# java.security classes. This is where users can statically register
-# Cryptography Package Providers ("providers" for short). The term
-# "provider" refers to a package or set of packages that supply a
-# concrete implementation of a subset of the cryptography aspects of
-# the Java Security API. A provider may, for example, implement one or
-# more digital signature algorithms or message digest algorithms.
-#
-# Each provider must implement a subclass of the Provider class.
-# To register a provider in this master security properties file,
-# specify the Provider subclass name and priority in the format
-#
-#    security.provider.<n>=<className>
-#
-# This declares a provider, and specifies its preference
-# order n. The preference order is the order in which providers are
-# searched for requested algorithms (when no specific provider is
-# requested). The order is 1-based; 1 is the most preferred, followed
-# by 2, and so on.
-#
-# <className> must specify the subclass of the Provider class whose
-# constructor sets the values of various properties that are required
-# for the Java Security API to look up the algorithms or other
-# facilities implemented by the provider.
-#
-# There must be at least one provider specification in java.security.
-# There is a default provider that comes standard with the JDK. It
-# is called the "SUN" provider, and its Provider subclass
-# named Sun appears in the sun.security.provider package. Thus, the
-# "SUN" provider is registered via the following:
-#
-#    security.provider.1=sun.security.provider.Sun
-#
-# (The number 1 is used for the default provider.)
-#
-# Note: Providers can be dynamically registered instead by calls to
-# either the addProvider or insertProviderAt method in the Security
-# class.
-
-#
-# List of providers and their preference orders (see above):
-#
-security.provider.1=sun.security.provider.Sun
-security.provider.2=sun.security.rsa.SunRsaSign
-security.provider.3=sun.security.ec.SunEC
-security.provider.4=com.sun.net.ssl.internal.ssl.Provider
-security.provider.5=com.sun.crypto.provider.SunJCE
-security.provider.6=sun.security.jgss.SunProvider
-security.provider.7=com.sun.security.sasl.Provider
-security.provider.8=org.jcp.xml.dsig.internal.dom.XMLDSigRI
-security.provider.9=sun.security.smartcardio.SunPCSC
-
-#
-# Sun Provider SecureRandom seed source.
-#
-# Select the primary source of seed data for the "SHA1PRNG" and
-# "NativePRNG" SecureRandom implementations in the "Sun" provider.
-# (Other SecureRandom implementations might also use this property.)
-#
-# On Unix-like systems (for example, Solaris/Linux/MacOS), the
-# "NativePRNG" and "SHA1PRNG" implementations obtains seed data from
-# special device files such as file:/dev/random.
-#
-# On Windows systems, specifying the URLs "file:/dev/random" or
-# "file:/dev/urandom" will enable the native Microsoft CryptoAPI seeding
-# mechanism for SHA1PRNG.
-#
-# By default, an attempt is made to use the entropy gathering device
-# specified by the "securerandom.source" Security property.  If an
-# exception occurs while accessing the specified URL:
-#
-#     SHA1PRNG:
-#         the traditional system/thread activity algorithm will be used.
-#
-#     NativePRNG:
-#         a default value of /dev/random will be used.  If neither
-#         are available, the implementation will be disabled.
-#         "file" is the only currently supported protocol type.
-#
-# The entropy gathering device can also be specified with the System
-# property "java.security.egd". For example:
-#
-#   % java -Djava.security.egd=file:/dev/random MainClass
-#
-# Specifying this System property will override the
-# "securerandom.source" Security property.
-#
-# In addition, if "file:/dev/random" or "file:/dev/urandom" is
-# specified, the "NativePRNG" implementation will be more preferred than
-# SHA1PRNG in the Sun provider.
-#
-securerandom.source=file:/dev/random
-
-#
-# A list of known strong SecureRandom implementations.
-#
-# To help guide applications in selecting a suitable strong
-# java.security.SecureRandom implementation, Java distributions should
-# indicate a list of known strong implementations using the property.
-#
-# This is a comma-separated list of algorithm and/or algorithm:provider
-# entries.
-#
-securerandom.strongAlgorithms=NativePRNGBlocking:SUN
-
-#
-# Class to instantiate as the javax.security.auth.login.Configuration
-# provider.
-#
-login.configuration.provider=sun.security.provider.ConfigFile
-
-#
-# Default login configuration file
-#
-#login.config.url.1=file:${user.home}/.java.login.config
-
-#
-# Class to instantiate as the system Policy. This is the name of the class
-# that will be used as the Policy object.
-#
-policy.provider=sun.security.provider.PolicyFile
-
-# The default is to have a single system-wide policy file,
-# and a policy file in the user's home directory.
-policy.url.1=file:${java.home}/lib/security/java.policy
-policy.url.2=file:${user.home}/.java.policy
-
-# whether or not we expand properties in the policy file
-# if this is set to false, properties (${...}) will not be expanded in policy
-# files.
-policy.expandProperties=true
-
-# whether or not we allow an extra policy to be passed on the command line
-# with -Djava.security.policy=somefile. Comment out this line to disable
-# this feature.
-policy.allowSystemProperty=true
-
-# whether or not we look into the IdentityScope for trusted Identities
-# when encountering a 1.1 signed JAR file. If the identity is found
-# and is trusted, we grant it AllPermission.
-policy.ignoreIdentityScope=false
-
-#
-# Default keystore type.
-#
-keystore.type=jks
-
-#
-# List of comma-separated packages that start with or equal this string
-# will cause a security exception to be thrown when
-# passed to checkPackageAccess unless the
-# corresponding RuntimePermission ("accessClassInPackage."+package) has
-# been granted.
-package.access=sun.,\
-               com.sun.xml.internal.,\
-               com.sun.imageio.,\
-               com.sun.istack.internal.,\
-               com.sun.jmx.,\
-               com.sun.media.sound.,\
-               com.sun.naming.internal.,\
-               com.sun.proxy.,\
-               com.sun.corba.se.,\
-               com.sun.org.apache.bcel.internal.,\
-               com.sun.org.apache.regexp.internal.,\
-               com.sun.org.apache.xerces.internal.,\
-               com.sun.org.apache.xpath.internal.,\
-               com.sun.org.apache.xalan.internal.extensions.,\
-               com.sun.org.apache.xalan.internal.lib.,\
-               com.sun.org.apache.xalan.internal.res.,\
-               com.sun.org.apache.xalan.internal.templates.,\
-               com.sun.org.apache.xalan.internal.utils.,\
-               com.sun.org.apache.xalan.internal.xslt.,\
-               com.sun.org.apache.xalan.internal.xsltc.cmdline.,\
-               com.sun.org.apache.xalan.internal.xsltc.compiler.,\
-               com.sun.org.apache.xalan.internal.xsltc.trax.,\
-               com.sun.org.apache.xalan.internal.xsltc.util.,\
-               com.sun.org.apache.xml.internal.res.,\
-               com.sun.org.apache.xml.internal.security.,\
-               com.sun.org.apache.xml.internal.serializer.utils.,\
-               com.sun.org.apache.xml.internal.utils.,\
-               com.sun.org.glassfish.,\
-               com.oracle.xmlns.internal.,\
-               com.oracle.webservices.internal.,\
-               org.jcp.xml.dsig.internal.,\
-               jdk.internal.,\
-               jdk.nashorn.internal.,\
-               jdk.nashorn.tools.,\
-               com.sun.activation.registries.
-
-#
-# List of comma-separated packages that start with or equal this string
-# will cause a security exception to be thrown when
-# passed to checkPackageDefinition unless the
-# corresponding RuntimePermission ("defineClassInPackage."+package) has
-# been granted.
-#
-# by default, none of the class loaders supplied with the JDK call
-# checkPackageDefinition.
-#
-package.definition=sun.,\
-                   com.sun.xml.internal.,\
-                   com.sun.imageio.,\
-                   com.sun.istack.internal.,\
-                   com.sun.jmx.,\
-                   com.sun.media.sound.,\
-                   com.sun.naming.internal.,\
-                   com.sun.proxy.,\
-                   com.sun.corba.se.,\
-                   com.sun.org.apache.bcel.internal.,\
-                   com.sun.org.apache.regexp.internal.,\
-                   com.sun.org.apache.xerces.internal.,\
-                   com.sun.org.apache.xpath.internal.,\
-                   com.sun.org.apache.xalan.internal.extensions.,\
-                   com.sun.org.apache.xalan.internal.lib.,\
-                   com.sun.org.apache.xalan.internal.res.,\
-                   com.sun.org.apache.xalan.internal.templates.,\
-                   com.sun.org.apache.xalan.internal.utils.,\
-                   com.sun.org.apache.xalan.internal.xslt.,\
-                   com.sun.org.apache.xalan.internal.xsltc.cmdline.,\
-                   com.sun.org.apache.xalan.internal.xsltc.compiler.,\
-                   com.sun.org.apache.xalan.internal.xsltc.trax.,\
-                   com.sun.org.apache.xalan.internal.xsltc.util.,\
-                   com.sun.org.apache.xml.internal.res.,\
-                   com.sun.org.apache.xml.internal.security.,\
-                   com.sun.org.apache.xml.internal.serializer.utils.,\
-                   com.sun.org.apache.xml.internal.utils.,\
-                   com.sun.org.glassfish.,\
-                   com.oracle.xmlns.internal.,\
-                   com.oracle.webservices.internal.,\
-                   org.jcp.xml.dsig.internal.,\
-                   jdk.internal.,\
-                   jdk.nashorn.internal.,\
-                   jdk.nashorn.tools.,\
-                   com.sun.activation.registries.
-
-#
-# Determines whether this properties file can be appended to
-# or overridden on the command line via -Djava.security.properties
-#
-security.overridePropertiesFile=true
-
-#
-# Determines the default key and trust manager factory algorithms for
-# the javax.net.ssl package.
-#
-ssl.KeyManagerFactory.algorithm=SunX509
-ssl.TrustManagerFactory.algorithm=PKIX
-
-#
-# The Java-level namelookup cache policy for successful lookups:
-#
-# any negative value: caching forever
-# any positive value: the number of seconds to cache an address for
-# zero: do not cache
-#
-# default value is forever (FOREVER). For security reasons, this
-# caching is made forever when a security manager is set. When a security
-# manager is not set, the default behavior in this implementation
-# is to cache for 30 seconds.
-#
-# NOTE: setting this to anything other than the default value can have
-#       serious security implications. Do not set it unless
-#       you are sure you are not exposed to DNS spoofing attack.
-#
-#networkaddress.cache.ttl=-1
-
-# The Java-level namelookup cache policy for failed lookups:
-#
-# any negative value: cache forever
-# any positive value: the number of seconds to cache negative lookup results
-# zero: do not cache
-#
-# In some Microsoft Windows networking environments that employ
-# the WINS name service in addition to DNS, name service lookups
-# that fail may take a noticeably long time to return (approx. 5 seconds).
-# For this reason the default caching policy is to maintain these
-# results for 10 seconds.
-#
-#
-networkaddress.cache.negative.ttl=10
-
-#
-# Properties to configure OCSP for certificate revocation checking
-#
-
-# Enable OCSP
-#
-# By default, OCSP is not used for certificate revocation checking.
-# This property enables the use of OCSP when set to the value "true".
-#
-# NOTE: SocketPermission is required to connect to an OCSP responder.
-#
-# Example,
-#   ocsp.enable=true
-
-#
-# Location of the OCSP responder
-#
-# By default, the location of the OCSP responder is determined implicitly
-# from the certificate being validated. This property explicitly specifies
-# the location of the OCSP responder. The property is used when the
-# Authority Information Access extension (defined in RFC 3280) is absent
-# from the certificate or when it requires overriding.
-#
-# Example,
-#   ocsp.responderURL=http://ocsp.example.net:80
-
-#
-# Subject name of the OCSP responder's certificate
-#
-# By default, the certificate of the OCSP responder is that of the issuer
-# of the certificate being validated. This property identifies the certificate
-# of the OCSP responder when the default does not apply. Its value is a string
-# distinguished name (defined in RFC 2253) which identifies a certificate in
-# the set of certificates supplied during cert path validation. In cases where
-# the subject name alone is not sufficient to uniquely identify the certificate
-# then both the "ocsp.responderCertIssuerName" and
-# "ocsp.responderCertSerialNumber" properties must be used instead. When this
-# property is set then those two properties are ignored.
-#
-# Example,
-#   ocsp.responderCertSubjectName="CN=OCSP Responder, O=XYZ Corp"
-
-#
-# Issuer name of the OCSP responder's certificate
-#
-# By default, the certificate of the OCSP responder is that of the issuer
-# of the certificate being validated. This property identifies the certificate
-# of the OCSP responder when the default does not apply. Its value is a string
-# distinguished name (defined in RFC 2253) which identifies a certificate in
-# the set of certificates supplied during cert path validation. When this
-# property is set then the "ocsp.responderCertSerialNumber" property must also
-# be set. When the "ocsp.responderCertSubjectName" property is set then this
-# property is ignored.
-#
-# Example,
-#   ocsp.responderCertIssuerName="CN=Enterprise CA, O=XYZ Corp"
-
-#
-# Serial number of the OCSP responder's certificate
-#
-# By default, the certificate of the OCSP responder is that of the issuer
-# of the certificate being validated. This property identifies the certificate
-# of the OCSP responder when the default does not apply. Its value is a string
-# of hexadecimal digits (colon or space separators may be present) which
-# identifies a certificate in the set of certificates supplied during cert path
-# validation. When this property is set then the "ocsp.responderCertIssuerName"
-# property must also be set. When the "ocsp.responderCertSubjectName" property
-# is set then this property is ignored.
-#
-# Example,
-#   ocsp.responderCertSerialNumber=2A:FF:00
-
-#
-# Policy for failed Kerberos KDC lookups:
-#
-# When a KDC is unavailable (network error, service failure, etc), it is
-# put inside a blacklist and accessed less often for future requests. The
-# value (case-insensitive) for this policy can be:
-#
-# tryLast
-#    KDCs in the blacklist are always tried after those not on the list.
-#
-# tryLess[:max_retries,timeout]
-#    KDCs in the blacklist are still tried by their order in the configuration,
-#    but with smaller max_retries and timeout values. max_retries and timeout
-#    are optional numerical parameters (default 1 and 5000, which means once
-#    and 5 seconds). Please notes that if any of the values defined here is
-#    more than what is defined in krb5.conf, it will be ignored.
-#
-# Whenever a KDC is detected as available, it is removed from the blacklist.
-# The blacklist is reset when krb5.conf is reloaded. You can add
-# refreshKrb5Config=true to a JAAS configuration file so that krb5.conf is
-# reloaded whenever a JAAS authentication is attempted.
-#
-# Example,
-#   krb5.kdc.bad.policy = tryLast
-#   krb5.kdc.bad.policy = tryLess:2,2000
-krb5.kdc.bad.policy = tryLast
-
-# Algorithm restrictions for certification path (CertPath) processing
-#
-# In some environments, certain algorithms or key lengths may be undesirable
-# for certification path building and validation.  For example, "MD2" is
-# generally no longer considered to be a secure hash algorithm.  This section
-# describes the mechanism for disabling algorithms based on algorithm name
-# and/or key length.  This includes algorithms used in certificates, as well
-# as revocation information such as CRLs and signed OCSP Responses.
-#
-# The syntax of the disabled algorithm string is described as this Java
-# BNF-style:
-#   DisabledAlgorithms:
-#       " DisabledAlgorithm { , DisabledAlgorithm } "
-#
-#   DisabledAlgorithm:
-#       AlgorithmName [Constraint]
-#
-#   AlgorithmName:
-#       (see below)
-#
-#   Constraint:
-#       KeySizeConstraint
-#
-#   KeySizeConstraint:
-#       keySize Operator DecimalInteger
-#
-#   Operator:
-#       <= | < | == | != | >= | >
-#
-#   DecimalInteger:
-#       DecimalDigits
-#
-#   DecimalDigits:
-#       DecimalDigit {DecimalDigit}
-#
-#   DecimalDigit: one of
-#       1 2 3 4 5 6 7 8 9 0
-#
-# The "AlgorithmName" is the standard algorithm name of the disabled
-# algorithm. See "Java Cryptography Architecture Standard Algorithm Name
-# Documentation" for information about Standard Algorithm Names.  Matching
-# is performed using a case-insensitive sub-element matching rule.  (For
-# example, in "SHA1withECDSA" the sub-elements are "SHA1" for hashing and
-# "ECDSA" for signatures.)  If the assertion "AlgorithmName" is a
-# sub-element of the certificate algorithm name, the algorithm will be
-# rejected during certification path building and validation.  For example,
-# the assertion algorithm name "DSA" will disable all certificate algorithms
-# that rely on DSA, such as NONEwithDSA, SHA1withDSA.  However, the assertion
-# will not disable algorithms related to "ECDSA".
-#
-# A "Constraint" provides further guidance for the algorithm being specified.
-# The "KeySizeConstraint" requires a key of a valid size range if the
-# "AlgorithmName" is of a key algorithm.  The "DecimalInteger" indicates the
-# key size specified in number of bits.  For example, "RSA keySize <= 1024"
-# indicates that any RSA key with key size less than or equal to 1024 bits
-# should be disabled, and "RSA keySize < 1024, RSA keySize > 2048" indicates
-# that any RSA key with key size less than 1024 or greater than 2048 should
-# be disabled. Note that the "KeySizeConstraint" only makes sense to key
-# algorithms.
-#
-# Note: This property is currently used by Oracle's PKIX implementation. It
-# is not guaranteed to be examined and used by other implementations.
-#
-# Example:
-#   jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
-#
-#
-jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024
-
-# Algorithm restrictions for Secure Socket Layer/Transport Layer Security
-# (SSL/TLS) processing
-#
-# In some environments, certain algorithms or key lengths may be undesirable
-# when using SSL/TLS.  This section describes the mechanism for disabling
-# algorithms during SSL/TLS security parameters negotiation, including cipher
-# suites selection, peer authentication and key exchange mechanisms.
-#
-# For PKI-based peer authentication and key exchange mechanisms, this list
-# of disabled algorithms will also be checked during certification path
-# building and validation, including algorithms used in certificates, as
-# well as revocation information such as CRLs and signed OCSP Responses.
-# This is in addition to the jdk.certpath.disabledAlgorithms property above.
-#
-# See the specification of "jdk.certpath.disabledAlgorithms" for the
-# syntax of the disabled algorithm string.
-#
-# Note: This property is currently used by Oracle's JSSE implementation.
-# It is not guaranteed to be examined and used by other implementations.
-#
-# Example:
-#   jdk.tls.disabledAlgorithms=MD5, SHA1, DSA, RSA keySize < 2048
--- a/jdk/src/java.base/share/conf/security/java.security-macosx	Wed Jul 05 19:56:33 2017 +0200
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,499 +0,0 @@
-#
-# This is the "master security properties file".
-#
-# An alternate java.security properties file may be specified
-# from the command line via the system property
-#
-#    -Djava.security.properties=<URL>
-#
-# This properties file appends to the master security properties file.
-# If both properties files specify values for the same key, the value
-# from the command-line properties file is selected, as it is the last
-# one loaded.
-#
-# Also, if you specify
-#
-#    -Djava.security.properties==<URL> (2 equals),
-#
-# then that properties file completely overrides the master security
-# properties file.
-#
-# To disable the ability to specify an additional properties file from
-# the command line, set the key security.overridePropertiesFile
-# to false in the master security properties file. It is set to true
-# by default.
-
-# In this file, various security properties are set for use by
-# java.security classes. This is where users can statically register
-# Cryptography Package Providers ("providers" for short). The term
-# "provider" refers to a package or set of packages that supply a
-# concrete implementation of a subset of the cryptography aspects of
-# the Java Security API. A provider may, for example, implement one or
-# more digital signature algorithms or message digest algorithms.
-#
-# Each provider must implement a subclass of the Provider class.
-# To register a provider in this master security properties file,
-# specify the Provider subclass name and priority in the format
-#
-#    security.provider.<n>=<className>
-#
-# This declares a provider, and specifies its preference
-# order n. The preference order is the order in which providers are
-# searched for requested algorithms (when no specific provider is
-# requested). The order is 1-based; 1 is the most preferred, followed
-# by 2, and so on.
-#
-# <className> must specify the subclass of the Provider class whose
-# constructor sets the values of various properties that are required
-# for the Java Security API to look up the algorithms or other
-# facilities implemented by the provider.
-#
-# There must be at least one provider specification in java.security.
-# There is a default provider that comes standard with the JDK. It
-# is called the "SUN" provider, and its Provider subclass
-# named Sun appears in the sun.security.provider package. Thus, the
-# "SUN" provider is registered via the following:
-#
-#    security.provider.1=sun.security.provider.Sun
-#
-# (The number 1 is used for the default provider.)
-#
-# Note: Providers can be dynamically registered instead by calls to
-# either the addProvider or insertProviderAt method in the Security
-# class.
-
-#
-# List of providers and their preference orders (see above):
-#
-security.provider.1=sun.security.provider.Sun
-security.provider.2=sun.security.rsa.SunRsaSign
-security.provider.3=sun.security.ec.SunEC
-security.provider.4=com.sun.net.ssl.internal.ssl.Provider
-security.provider.5=com.sun.crypto.provider.SunJCE
-security.provider.6=sun.security.jgss.SunProvider
-security.provider.7=com.sun.security.sasl.Provider
-security.provider.8=org.jcp.xml.dsig.internal.dom.XMLDSigRI
-security.provider.9=sun.security.smartcardio.SunPCSC
-security.provider.10=apple.security.AppleProvider
-
-#
-# Sun Provider SecureRandom seed source.
-#
-# Select the primary source of seed data for the "SHA1PRNG" and
-# "NativePRNG" SecureRandom implementations in the "Sun" provider.
-# (Other SecureRandom implementations might also use this property.)
-#
-# On Unix-like systems (for example, Solaris/Linux/MacOS), the
-# "NativePRNG" and "SHA1PRNG" implementations obtains seed data from
-# special device files such as file:/dev/random.
-#
-# On Windows systems, specifying the URLs "file:/dev/random" or
-# "file:/dev/urandom" will enable the native Microsoft CryptoAPI seeding
-# mechanism for SHA1PRNG.
-#
-# By default, an attempt is made to use the entropy gathering device
-# specified by the "securerandom.source" Security property.  If an
-# exception occurs while accessing the specified URL:
-#
-#     SHA1PRNG:
-#         the traditional system/thread activity algorithm will be used.
-#
-#     NativePRNG:
-#         a default value of /dev/random will be used.  If neither
-#         are available, the implementation will be disabled.
-#         "file" is the only currently supported protocol type.
-#
-# The entropy gathering device can also be specified with the System
-# property "java.security.egd". For example:
-#
-#   % java -Djava.security.egd=file:/dev/random MainClass
-#
-# Specifying this System property will override the
-# "securerandom.source" Security property.
-#
-# In addition, if "file:/dev/random" or "file:/dev/urandom" is
-# specified, the "NativePRNG" implementation will be more preferred than
-# SHA1PRNG in the Sun provider.
-#
-securerandom.source=file:/dev/random
-
-#
-# A list of known strong SecureRandom implementations.
-#
-# To help guide applications in selecting a suitable strong
-# java.security.SecureRandom implementation, Java distributions should
-# indicate a list of known strong implementations using the property.
-#
-# This is a comma-separated list of algorithm and/or algorithm:provider
-# entries.
-#
-securerandom.strongAlgorithms=NativePRNGBlocking:SUN
-
-#
-# Class to instantiate as the javax.security.auth.login.Configuration
-# provider.
-#
-login.configuration.provider=sun.security.provider.ConfigFile
-
-#
-# Default login configuration file
-#
-#login.config.url.1=file:${user.home}/.java.login.config
-
-#
-# Class to instantiate as the system Policy. This is the name of the class
-# that will be used as the Policy object.
-#
-policy.provider=sun.security.provider.PolicyFile
-
-# The default is to have a single system-wide policy file,
-# and a policy file in the user's home directory.
-policy.url.1=file:${java.home}/lib/security/java.policy
-policy.url.2=file:${user.home}/.java.policy
-
-# whether or not we expand properties in the policy file
-# if this is set to false, properties (${...}) will not be expanded in policy
-# files.
-policy.expandProperties=true
-
-# whether or not we allow an extra policy to be passed on the command line
-# with -Djava.security.policy=somefile. Comment out this line to disable
-# this feature.
-policy.allowSystemProperty=true
-
-# whether or not we look into the IdentityScope for trusted Identities
-# when encountering a 1.1 signed JAR file. If the identity is found
-# and is trusted, we grant it AllPermission.
-policy.ignoreIdentityScope=false
-
-#
-# Default keystore type.
-#
-keystore.type=jks
-
-#
-# List of comma-separated packages that start with or equal this string
-# will cause a security exception to be thrown when
-# passed to checkPackageAccess unless the
-# corresponding RuntimePermission ("accessClassInPackage."+package) has
-# been granted.
-package.access=sun.,\
-               com.sun.xml.internal.,\
-               com.sun.imageio.,\
-               com.sun.istack.internal.,\
-               com.sun.jmx.,\
-               com.sun.media.sound.,\
-               com.sun.naming.internal.,\
-               com.sun.proxy.,\
-               com.sun.corba.se.,\
-               com.sun.org.apache.bcel.internal.,\
-               com.sun.org.apache.regexp.internal.,\
-               com.sun.org.apache.xerces.internal.,\
-               com.sun.org.apache.xpath.internal.,\
-               com.sun.org.apache.xalan.internal.extensions.,\
-               com.sun.org.apache.xalan.internal.lib.,\
-               com.sun.org.apache.xalan.internal.res.,\
-               com.sun.org.apache.xalan.internal.templates.,\
-               com.sun.org.apache.xalan.internal.utils.,\
-               com.sun.org.apache.xalan.internal.xslt.,\
-               com.sun.org.apache.xalan.internal.xsltc.cmdline.,\
-               com.sun.org.apache.xalan.internal.xsltc.compiler.,\
-               com.sun.org.apache.xalan.internal.xsltc.trax.,\
-               com.sun.org.apache.xalan.internal.xsltc.util.,\
-               com.sun.org.apache.xml.internal.res.,\
-               com.sun.org.apache.xml.internal.security.,\
-               com.sun.org.apache.xml.internal.serializer.utils.,\
-               com.sun.org.apache.xml.internal.utils.,\
-               com.sun.org.glassfish.,\
-               com.oracle.xmlns.internal.,\
-               com.oracle.webservices.internal.,\
-               org.jcp.xml.dsig.internal.,\
-               jdk.internal.,\
-               jdk.nashorn.internal.,\
-               jdk.nashorn.tools.,\
-               com.sun.activation.registries.,\
-               apple.
-
-#
-# List of comma-separated packages that start with or equal this string
-# will cause a security exception to be thrown when
-# passed to checkPackageDefinition unless the
-# corresponding RuntimePermission ("defineClassInPackage."+package) has
-# been granted.
-#
-# by default, none of the class loaders supplied with the JDK call
-# checkPackageDefinition.
-#
-package.definition=sun.,\
-                   com.sun.xml.internal.,\
-                   com.sun.imageio.,\
-                   com.sun.istack.internal.,\
-                   com.sun.jmx.,\
-                   com.sun.media.sound.,\
-                   com.sun.naming.internal.,\
-                   com.sun.proxy.,\
-                   com.sun.corba.se.,\
-                   com.sun.org.apache.bcel.internal.,\
-                   com.sun.org.apache.regexp.internal.,\
-                   com.sun.org.apache.xerces.internal.,\
-                   com.sun.org.apache.xpath.internal.,\
-                   com.sun.org.apache.xalan.internal.extensions.,\
-                   com.sun.org.apache.xalan.internal.lib.,\
-                   com.sun.org.apache.xalan.internal.res.,\
-                   com.sun.org.apache.xalan.internal.templates.,\
-                   com.sun.org.apache.xalan.internal.utils.,\
-                   com.sun.org.apache.xalan.internal.xslt.,\
-                   com.sun.org.apache.xalan.internal.xsltc.cmdline.,\
-                   com.sun.org.apache.xalan.internal.xsltc.compiler.,\
-                   com.sun.org.apache.xalan.internal.xsltc.trax.,\
-                   com.sun.org.apache.xalan.internal.xsltc.util.,\
-                   com.sun.org.apache.xml.internal.res.,\
-                   com.sun.org.apache.xml.internal.security.,\
-                   com.sun.org.apache.xml.internal.serializer.utils.,\
-                   com.sun.org.apache.xml.internal.utils.,\
-                   com.sun.org.glassfish.,\
-                   com.oracle.xmlns.internal.,\
-                   com.oracle.webservices.internal.,\
-                   org.jcp.xml.dsig.internal.,\
-                   jdk.internal.,\
-                   jdk.nashorn.internal.,\
-                   jdk.nashorn.tools.,\
-                   com.sun.activation.registries.,\
-                   apple.
-
-#
-# Determines whether this properties file can be appended to
-# or overridden on the command line via -Djava.security.properties
-#
-security.overridePropertiesFile=true
-
-#
-# Determines the default key and trust manager factory algorithms for
-# the javax.net.ssl package.
-#
-ssl.KeyManagerFactory.algorithm=SunX509
-ssl.TrustManagerFactory.algorithm=PKIX
-
-#
-# The Java-level namelookup cache policy for successful lookups:
-#
-# any negative value: caching forever
-# any positive value: the number of seconds to cache an address for
-# zero: do not cache
-#
-# default value is forever (FOREVER). For security reasons, this
-# caching is made forever when a security manager is set. When a security
-# manager is not set, the default behavior in this implementation
-# is to cache for 30 seconds.
-#
-# NOTE: setting this to anything other than the default value can have
-#       serious security implications. Do not set it unless
-#       you are sure you are not exposed to DNS spoofing attack.
-#
-#networkaddress.cache.ttl=-1
-
-# The Java-level namelookup cache policy for failed lookups:
-#
-# any negative value: cache forever
-# any positive value: the number of seconds to cache negative lookup results
-# zero: do not cache
-#
-# In some Microsoft Windows networking environments that employ
-# the WINS name service in addition to DNS, name service lookups
-# that fail may take a noticeably long time to return (approx. 5 seconds).
-# For this reason the default caching policy is to maintain these
-# results for 10 seconds.
-#
-#
-networkaddress.cache.negative.ttl=10
-
-#
-# Properties to configure OCSP for certificate revocation checking
-#
-
-# Enable OCSP
-#
-# By default, OCSP is not used for certificate revocation checking.
-# This property enables the use of OCSP when set to the value "true".
-#
-# NOTE: SocketPermission is required to connect to an OCSP responder.
-#
-# Example,
-#   ocsp.enable=true
-
-#
-# Location of the OCSP responder
-#
-# By default, the location of the OCSP responder is determined implicitly
-# from the certificate being validated. This property explicitly specifies
-# the location of the OCSP responder. The property is used when the
-# Authority Information Access extension (defined in RFC 3280) is absent
-# from the certificate or when it requires overriding.
-#
-# Example,
-#   ocsp.responderURL=http://ocsp.example.net:80
-
-#
-# Subject name of the OCSP responder's certificate
-#
-# By default, the certificate of the OCSP responder is that of the issuer
-# of the certificate being validated. This property identifies the certificate
-# of the OCSP responder when the default does not apply. Its value is a string
-# distinguished name (defined in RFC 2253) which identifies a certificate in
-# the set of certificates supplied during cert path validation. In cases where
-# the subject name alone is not sufficient to uniquely identify the certificate
-# then both the "ocsp.responderCertIssuerName" and
-# "ocsp.responderCertSerialNumber" properties must be used instead. When this
-# property is set then those two properties are ignored.
-#
-# Example,
-#   ocsp.responderCertSubjectName="CN=OCSP Responder, O=XYZ Corp"
-
-#
-# Issuer name of the OCSP responder's certificate
-#
-# By default, the certificate of the OCSP responder is that of the issuer
-# of the certificate being validated. This property identifies the certificate
-# of the OCSP responder when the default does not apply. Its value is a string
-# distinguished name (defined in RFC 2253) which identifies a certificate in
-# the set of certificates supplied during cert path validation. When this
-# property is set then the "ocsp.responderCertSerialNumber" property must also
-# be set. When the "ocsp.responderCertSubjectName" property is set then this
-# property is ignored.
-#
-# Example,
-#   ocsp.responderCertIssuerName="CN=Enterprise CA, O=XYZ Corp"
-
-#
-# Serial number of the OCSP responder's certificate
-#
-# By default, the certificate of the OCSP responder is that of the issuer
-# of the certificate being validated. This property identifies the certificate
-# of the OCSP responder when the default does not apply. Its value is a string
-# of hexadecimal digits (colon or space separators may be present) which
-# identifies a certificate in the set of certificates supplied during cert path
-# validation. When this property is set then the "ocsp.responderCertIssuerName"
-# property must also be set. When the "ocsp.responderCertSubjectName" property
-# is set then this property is ignored.
-#
-# Example,
-#   ocsp.responderCertSerialNumber=2A:FF:00
-
-#
-# Policy for failed Kerberos KDC lookups:
-#
-# When a KDC is unavailable (network error, service failure, etc), it is
-# put inside a blacklist and accessed less often for future requests. The
-# value (case-insensitive) for this policy can be:
-#
-# tryLast
-#    KDCs in the blacklist are always tried after those not on the list.
-#
-# tryLess[:max_retries,timeout]
-#    KDCs in the blacklist are still tried by their order in the configuration,
-#    but with smaller max_retries and timeout values. max_retries and timeout
-#    are optional numerical parameters (default 1 and 5000, which means once
-#    and 5 seconds). Please notes that if any of the values defined here is
-#    more than what is defined in krb5.conf, it will be ignored.
-#
-# Whenever a KDC is detected as available, it is removed from the blacklist.
-# The blacklist is reset when krb5.conf is reloaded. You can add
-# refreshKrb5Config=true to a JAAS configuration file so that krb5.conf is
-# reloaded whenever a JAAS authentication is attempted.
-#
-# Example,
-#   krb5.kdc.bad.policy = tryLast
-#   krb5.kdc.bad.policy = tryLess:2,2000
-krb5.kdc.bad.policy = tryLast
-
-# Algorithm restrictions for certification path (CertPath) processing
-#
-# In some environments, certain algorithms or key lengths may be undesirable
-# for certification path building and validation.  For example, "MD2" is
-# generally no longer considered to be a secure hash algorithm.  This section
-# describes the mechanism for disabling algorithms based on algorithm name
-# and/or key length.  This includes algorithms used in certificates, as well
-# as revocation information such as CRLs and signed OCSP Responses.
-#
-# The syntax of the disabled algorithm string is described as this Java
-# BNF-style:
-#   DisabledAlgorithms:
-#       " DisabledAlgorithm { , DisabledAlgorithm } "
-#
-#   DisabledAlgorithm:
-#       AlgorithmName [Constraint]
-#
-#   AlgorithmName:
-#       (see below)
-#
-#   Constraint:
-#       KeySizeConstraint
-#
-#   KeySizeConstraint:
-#       keySize Operator DecimalInteger
-#
-#   Operator:
-#       <= | < | == | != | >= | >
-#
-#   DecimalInteger:
-#       DecimalDigits
-#
-#   DecimalDigits:
-#       DecimalDigit {DecimalDigit}
-#
-#   DecimalDigit: one of
-#       1 2 3 4 5 6 7 8 9 0
-#
-# The "AlgorithmName" is the standard algorithm name of the disabled
-# algorithm. See "Java Cryptography Architecture Standard Algorithm Name
-# Documentation" for information about Standard Algorithm Names.  Matching
-# is performed using a case-insensitive sub-element matching rule.  (For
-# example, in "SHA1withECDSA" the sub-elements are "SHA1" for hashing and
-# "ECDSA" for signatures.)  If the assertion "AlgorithmName" is a
-# sub-element of the certificate algorithm name, the algorithm will be
-# rejected during certification path building and validation.  For example,
-# the assertion algorithm name "DSA" will disable all certificate algorithms
-# that rely on DSA, such as NONEwithDSA, SHA1withDSA.  However, the assertion
-# will not disable algorithms related to "ECDSA".
-#
-# A "Constraint" provides further guidance for the algorithm being specified.
-# The "KeySizeConstraint" requires a key of a valid size range if the
-# "AlgorithmName" is of a key algorithm.  The "DecimalInteger" indicates the
-# key size specified in number of bits.  For example, "RSA keySize <= 1024"
-# indicates that any RSA key with key size less than or equal to 1024 bits
-# should be disabled, and "RSA keySize < 1024, RSA keySize > 2048" indicates
-# that any RSA key with key size less than 1024 or greater than 2048 should
-# be disabled. Note that the "KeySizeConstraint" only makes sense to key
-# algorithms.
-#
-# Note: This property is currently used by Oracle's PKIX implementation. It
-# is not guaranteed to be examined and used by other implementations.
-#
-# Example:
-#   jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
-#
-#
-jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024
-
-# Algorithm restrictions for Secure Socket Layer/Transport Layer Security
-# (SSL/TLS) processing
-#
-# In some environments, certain algorithms or key lengths may be undesirable
-# when using SSL/TLS.  This section describes the mechanism for disabling
-# algorithms during SSL/TLS security parameters negotiation, including cipher
-# suites selection, peer authentication and key exchange mechanisms.
-#
-# For PKI-based peer authentication and key exchange mechanisms, this list
-# of disabled algorithms will also be checked during certification path
-# building and validation, including algorithms used in certificates, as
-# well as revocation information such as CRLs and signed OCSP Responses.
-# This is in addition to the jdk.certpath.disabledAlgorithms property above.
-#
-# See the specification of "jdk.certpath.disabledAlgorithms" for the
-# syntax of the disabled algorithm string.
-#
-# Note: This property is currently used by Oracle's JSSE implementation.
-# It is not guaranteed to be examined and used by other implementations.
-#
-# Example:
-#   jdk.tls.disabledAlgorithms=MD5, SHA1, DSA, RSA keySize < 2048
--- a/jdk/src/java.base/share/conf/security/java.security-solaris	Wed Jul 05 19:56:33 2017 +0200
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,498 +0,0 @@
-#
-# This is the "master security properties file".
-#
-# An alternate java.security properties file may be specified
-# from the command line via the system property
-#
-#    -Djava.security.properties=<URL>
-#
-# This properties file appends to the master security properties file.
-# If both properties files specify values for the same key, the value
-# from the command-line properties file is selected, as it is the last
-# one loaded.
-#
-# Also, if you specify
-#
-#    -Djava.security.properties==<URL> (2 equals),
-#
-# then that properties file completely overrides the master security
-# properties file.
-#
-# To disable the ability to specify an additional properties file from
-# the command line, set the key security.overridePropertiesFile
-# to false in the master security properties file. It is set to true
-# by default.
-
-# In this file, various security properties are set for use by
-# java.security classes. This is where users can statically register
-# Cryptography Package Providers ("providers" for short). The term
-# "provider" refers to a package or set of packages that supply a
-# concrete implementation of a subset of the cryptography aspects of
-# the Java Security API. A provider may, for example, implement one or
-# more digital signature algorithms or message digest algorithms.
-#
-# Each provider must implement a subclass of the Provider class.
-# To register a provider in this master security properties file,
-# specify the Provider subclass name and priority in the format
-#
-#    security.provider.<n>=<className>
-#
-# This declares a provider, and specifies its preference
-# order n. The preference order is the order in which providers are
-# searched for requested algorithms (when no specific provider is
-# requested). The order is 1-based; 1 is the most preferred, followed
-# by 2, and so on.
-#
-# <className> must specify the subclass of the Provider class whose
-# constructor sets the values of various properties that are required
-# for the Java Security API to look up the algorithms or other
-# facilities implemented by the provider.
-#
-# There must be at least one provider specification in java.security.
-# There is a default provider that comes standard with the JDK. It
-# is called the "SUN" provider, and its Provider subclass
-# named Sun appears in the sun.security.provider package. Thus, the
-# "SUN" provider is registered via the following:
-#
-#    security.provider.1=sun.security.provider.Sun
-#
-# (The number 1 is used for the default provider.)
-#
-# Note: Providers can be dynamically registered instead by calls to
-# either the addProvider or insertProviderAt method in the Security
-# class.
-
-#
-# List of providers and their preference orders (see above):
-#
-security.provider.1=com.oracle.security.ucrypto.UcryptoProvider ${java.home}/lib/security/ucrypto-solaris.cfg
-security.provider.2=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/sunpkcs11-solaris.cfg
-security.provider.3=sun.security.provider.Sun
-security.provider.4=sun.security.rsa.SunRsaSign
-security.provider.5=sun.security.ec.SunEC
-security.provider.6=com.sun.net.ssl.internal.ssl.Provider
-security.provider.7=com.sun.crypto.provider.SunJCE
-security.provider.8=sun.security.jgss.SunProvider
-security.provider.9=com.sun.security.sasl.Provider
-security.provider.10=org.jcp.xml.dsig.internal.dom.XMLDSigRI
-security.provider.11=sun.security.smartcardio.SunPCSC
-
-#
-# Sun Provider SecureRandom seed source.
-#
-# Select the primary source of seed data for the "SHA1PRNG" and
-# "NativePRNG" SecureRandom implementations in the "Sun" provider.
-# (Other SecureRandom implementations might also use this property.)
-#
-# On Unix-like systems (for example, Solaris/Linux/MacOS), the
-# "NativePRNG" and "SHA1PRNG" implementations obtains seed data from
-# special device files such as file:/dev/random.
-#
-# On Windows systems, specifying the URLs "file:/dev/random" or
-# "file:/dev/urandom" will enable the native Microsoft CryptoAPI seeding
-# mechanism for SHA1PRNG.
-#
-# By default, an attempt is made to use the entropy gathering device
-# specified by the "securerandom.source" Security property.  If an
-# exception occurs while accessing the specified URL:
-#
-#     SHA1PRNG:
-#         the traditional system/thread activity algorithm will be used.
-#
-#     NativePRNG:
-#         a default value of /dev/random will be used.  If neither
-#         are available, the implementation will be disabled.
-#         "file" is the only currently supported protocol type.
-#
-# The entropy gathering device can also be specified with the System
-# property "java.security.egd". For example:
-#
-#   % java -Djava.security.egd=file:/dev/random MainClass
-#
-# Specifying this System property will override the
-# "securerandom.source" Security property.
-#
-# In addition, if "file:/dev/random" or "file:/dev/urandom" is
-# specified, the "NativePRNG" implementation will be more preferred than
-# SHA1PRNG in the Sun provider.
-#
-securerandom.source=file:/dev/random
-
-#
-# A list of known strong SecureRandom implementations.
-#
-# To help guide applications in selecting a suitable strong
-# java.security.SecureRandom implementation, Java distributions should
-# indicate a list of known strong implementations using the property.
-#
-# This is a comma-separated list of algorithm and/or algorithm:provider
-# entries.
-#
-securerandom.strongAlgorithms=NativePRNGBlocking:SUN
-
-#
-# Class to instantiate as the javax.security.auth.login.Configuration
-# provider.
-#
-login.configuration.provider=sun.security.provider.ConfigFile
-
-#
-# Default login configuration file
-#
-#login.config.url.1=file:${user.home}/.java.login.config
-
-#
-# Class to instantiate as the system Policy. This is the name of the class
-# that will be used as the Policy object.
-#
-policy.provider=sun.security.provider.PolicyFile
-
-# The default is to have a single system-wide policy file,
-# and a policy file in the user's home directory.
-policy.url.1=file:${java.home}/lib/security/java.policy
-policy.url.2=file:${user.home}/.java.policy
-
-# whether or not we expand properties in the policy file
-# if this is set to false, properties (${...}) will not be expanded in policy
-# files.
-policy.expandProperties=true
-
-# whether or not we allow an extra policy to be passed on the command line
-# with -Djava.security.policy=somefile. Comment out this line to disable
-# this feature.
-policy.allowSystemProperty=true
-
-# whether or not we look into the IdentityScope for trusted Identities
-# when encountering a 1.1 signed JAR file. If the identity is found
-# and is trusted, we grant it AllPermission.
-policy.ignoreIdentityScope=false
-
-#
-# Default keystore type.
-#
-keystore.type=jks
-
-#
-# List of comma-separated packages that start with or equal this string
-# will cause a security exception to be thrown when
-# passed to checkPackageAccess unless the
-# corresponding RuntimePermission ("accessClassInPackage."+package) has
-# been granted.
-package.access=sun.,\
-               com.sun.xml.internal.,\
-               com.sun.imageio.,\
-               com.sun.istack.internal.,\
-               com.sun.jmx.,\
-               com.sun.media.sound.,\
-               com.sun.naming.internal.,\
-               com.sun.proxy.,\
-               com.sun.corba.se.,\
-               com.sun.org.apache.bcel.internal.,\
-               com.sun.org.apache.regexp.internal.,\
-               com.sun.org.apache.xerces.internal.,\
-               com.sun.org.apache.xpath.internal.,\
-               com.sun.org.apache.xalan.internal.extensions.,\
-               com.sun.org.apache.xalan.internal.lib.,\
-               com.sun.org.apache.xalan.internal.res.,\
-               com.sun.org.apache.xalan.internal.templates.,\
-               com.sun.org.apache.xalan.internal.utils.,\
-               com.sun.org.apache.xalan.internal.xslt.,\
-               com.sun.org.apache.xalan.internal.xsltc.cmdline.,\
-               com.sun.org.apache.xalan.internal.xsltc.compiler.,\
-               com.sun.org.apache.xalan.internal.xsltc.trax.,\
-               com.sun.org.apache.xalan.internal.xsltc.util.,\
-               com.sun.org.apache.xml.internal.res.,\
-               com.sun.org.apache.xml.internal.security.,\
-               com.sun.org.apache.xml.internal.serializer.utils.,\
-               com.sun.org.apache.xml.internal.utils.,\
-               com.sun.org.glassfish.,\
-               com.oracle.xmlns.internal.,\
-               com.oracle.webservices.internal.,\
-               org.jcp.xml.dsig.internal.,\
-               jdk.internal.,\
-               jdk.nashorn.internal.,\
-               jdk.nashorn.tools.,\
-               com.sun.activation.registries.
-
-#
-# List of comma-separated packages that start with or equal this string
-# will cause a security exception to be thrown when
-# passed to checkPackageDefinition unless the
-# corresponding RuntimePermission ("defineClassInPackage."+package) has
-# been granted.
-#
-# by default, none of the class loaders supplied with the JDK call
-# checkPackageDefinition.
-#
-package.definition=sun.,\
-                   com.sun.xml.internal.,\
-                   com.sun.imageio.,\
-                   com.sun.istack.internal.,\
-                   com.sun.jmx.,\
-                   com.sun.media.sound.,\
-                   com.sun.naming.internal.,\
-                   com.sun.proxy.,\
-                   com.sun.corba.se.,\
-                   com.sun.org.apache.bcel.internal.,\
-                   com.sun.org.apache.regexp.internal.,\
-                   com.sun.org.apache.xerces.internal.,\
-                   com.sun.org.apache.xpath.internal.,\
-                   com.sun.org.apache.xalan.internal.extensions.,\
-                   com.sun.org.apache.xalan.internal.lib.,\
-                   com.sun.org.apache.xalan.internal.res.,\
-                   com.sun.org.apache.xalan.internal.templates.,\
-                   com.sun.org.apache.xalan.internal.utils.,\
-                   com.sun.org.apache.xalan.internal.xslt.,\
-                   com.sun.org.apache.xalan.internal.xsltc.cmdline.,\
-                   com.sun.org.apache.xalan.internal.xsltc.compiler.,\
-                   com.sun.org.apache.xalan.internal.xsltc.trax.,\
-                   com.sun.org.apache.xalan.internal.xsltc.util.,\
-                   com.sun.org.apache.xml.internal.res.,\
-                   com.sun.org.apache.xml.internal.security.,\
-                   com.sun.org.apache.xml.internal.serializer.utils.,\
-                   com.sun.org.apache.xml.internal.utils.,\
-                   com.sun.org.glassfish.,\
-                   com.oracle.xmlns.internal.,\
-                   com.oracle.webservices.internal.,\
-                   org.jcp.xml.dsig.internal.,\
-                   jdk.internal.,\
-                   jdk.nashorn.internal.,\
-                   jdk.nashorn.tools.,\
-                   com.sun.activation.registries.
-
-#
-# Determines whether this properties file can be appended to
-# or overridden on the command line via -Djava.security.properties
-#
-security.overridePropertiesFile=true
-
-#
-# Determines the default key and trust manager factory algorithms for
-# the javax.net.ssl package.
-#
-ssl.KeyManagerFactory.algorithm=SunX509
-ssl.TrustManagerFactory.algorithm=PKIX
-
-#
-# The Java-level namelookup cache policy for successful lookups:
-#
-# any negative value: caching forever
-# any positive value: the number of seconds to cache an address for
-# zero: do not cache
-#
-# default value is forever (FOREVER). For security reasons, this
-# caching is made forever when a security manager is set. When a security
-# manager is not set, the default behavior in this implementation
-# is to cache for 30 seconds.
-#
-# NOTE: setting this to anything other than the default value can have
-#       serious security implications. Do not set it unless
-#       you are sure you are not exposed to DNS spoofing attack.
-#
-#networkaddress.cache.ttl=-1
-
-# The Java-level namelookup cache policy for failed lookups:
-#
-# any negative value: cache forever
-# any positive value: the number of seconds to cache negative lookup results
-# zero: do not cache
-#
-# In some Microsoft Windows networking environments that employ
-# the WINS name service in addition to DNS, name service lookups
-# that fail may take a noticeably long time to return (approx. 5 seconds).
-# For this reason the default caching policy is to maintain these
-# results for 10 seconds.
-#
-#
-networkaddress.cache.negative.ttl=10
-
-#
-# Properties to configure OCSP for certificate revocation checking
-#
-
-# Enable OCSP
-#
-# By default, OCSP is not used for certificate revocation checking.
-# This property enables the use of OCSP when set to the value "true".
-#
-# NOTE: SocketPermission is required to connect to an OCSP responder.
-#
-# Example,
-#   ocsp.enable=true
-
-#
-# Location of the OCSP responder
-#
-# By default, the location of the OCSP responder is determined implicitly
-# from the certificate being validated. This property explicitly specifies
-# the location of the OCSP responder. The property is used when the
-# Authority Information Access extension (defined in RFC 3280) is absent
-# from the certificate or when it requires overriding.
-#
-# Example,
-#   ocsp.responderURL=http://ocsp.example.net:80
-
-#
-# Subject name of the OCSP responder's certificate
-#
-# By default, the certificate of the OCSP responder is that of the issuer
-# of the certificate being validated. This property identifies the certificate
-# of the OCSP responder when the default does not apply. Its value is a string
-# distinguished name (defined in RFC 2253) which identifies a certificate in
-# the set of certificates supplied during cert path validation. In cases where
-# the subject name alone is not sufficient to uniquely identify the certificate
-# then both the "ocsp.responderCertIssuerName" and
-# "ocsp.responderCertSerialNumber" properties must be used instead. When this
-# property is set then those two properties are ignored.
-#
-# Example,
-#   ocsp.responderCertSubjectName="CN=OCSP Responder, O=XYZ Corp"
-
-#
-# Issuer name of the OCSP responder's certificate
-#
-# By default, the certificate of the OCSP responder is that of the issuer
-# of the certificate being validated. This property identifies the certificate
-# of the OCSP responder when the default does not apply. Its value is a string
-# distinguished name (defined in RFC 2253) which identifies a certificate in
-# the set of certificates supplied during cert path validation. When this
-# property is set then the "ocsp.responderCertSerialNumber" property must also
-# be set. When the "ocsp.responderCertSubjectName" property is set then this
-# property is ignored.
-#
-# Example,
-#   ocsp.responderCertIssuerName="CN=Enterprise CA, O=XYZ Corp"
-
-#
-# Serial number of the OCSP responder's certificate
-#
-# By default, the certificate of the OCSP responder is that of the issuer
-# of the certificate being validated. This property identifies the certificate
-# of the OCSP responder when the default does not apply. Its value is a string
-# of hexadecimal digits (colon or space separators may be present) which
-# identifies a certificate in the set of certificates supplied during cert path
-# validation. When this property is set then the "ocsp.responderCertIssuerName"
-# property must also be set. When the "ocsp.responderCertSubjectName" property
-# is set then this property is ignored.
-#
-# Example,
-#   ocsp.responderCertSerialNumber=2A:FF:00
-
-#
-# Policy for failed Kerberos KDC lookups:
-#
-# When a KDC is unavailable (network error, service failure, etc), it is
-# put inside a blacklist and accessed less often for future requests. The
-# value (case-insensitive) for this policy can be:
-#
-# tryLast
-#    KDCs in the blacklist are always tried after those not on the list.
-#
-# tryLess[:max_retries,timeout]
-#    KDCs in the blacklist are still tried by their order in the configuration,
-#    but with smaller max_retries and timeout values. max_retries and timeout
-#    are optional numerical parameters (default 1 and 5000, which means once
-#    and 5 seconds). Please notes that if any of the values defined here is
-#    more than what is defined in krb5.conf, it will be ignored.
-#
-# Whenever a KDC is detected as available, it is removed from the blacklist.
-# The blacklist is reset when krb5.conf is reloaded. You can add
-# refreshKrb5Config=true to a JAAS configuration file so that krb5.conf is
-# reloaded whenever a JAAS authentication is attempted.
-#
-# Example,
-#   krb5.kdc.bad.policy = tryLast
-#   krb5.kdc.bad.policy = tryLess:2,2000
-krb5.kdc.bad.policy = tryLast
-
-# Algorithm restrictions for certification path (CertPath) processing
-#
-# In some environments, certain algorithms or key lengths may be undesirable
-# for certification path building and validation.  For example, "MD2" is
-# generally no longer considered to be a secure hash algorithm.  This section
-# describes the mechanism for disabling algorithms based on algorithm name
-# and/or key length.  This includes algorithms used in certificates, as well
-# as revocation information such as CRLs and signed OCSP Responses.
-#
-# The syntax of the disabled algorithm string is described as this Java
-# BNF-style:
-#   DisabledAlgorithms:
-#       " DisabledAlgorithm { , DisabledAlgorithm } "
-#
-#   DisabledAlgorithm:
-#       AlgorithmName [Constraint]
-#
-#   AlgorithmName:
-#       (see below)
-#
-#   Constraint:
-#       KeySizeConstraint
-#
-#   KeySizeConstraint:
-#       keySize Operator DecimalInteger
-#
-#   Operator:
-#       <= | < | == | != | >= | >
-#
-#   DecimalInteger:
-#       DecimalDigits
-#
-#   DecimalDigits:
-#       DecimalDigit {DecimalDigit}
-#
-#   DecimalDigit: one of
-#       1 2 3 4 5 6 7 8 9 0
-#
-# The "AlgorithmName" is the standard algorithm name of the disabled
-# algorithm. See "Java Cryptography Architecture Standard Algorithm Name
-# Documentation" for information about Standard Algorithm Names.  Matching
-# is performed using a case-insensitive sub-element matching rule.  (For
-# example, in "SHA1withECDSA" the sub-elements are "SHA1" for hashing and
-# "ECDSA" for signatures.)  If the assertion "AlgorithmName" is a
-# sub-element of the certificate algorithm name, the algorithm will be
-# rejected during certification path building and validation.  For example,
-# the assertion algorithm name "DSA" will disable all certificate algorithms
-# that rely on DSA, such as NONEwithDSA, SHA1withDSA.  However, the assertion
-# will not disable algorithms related to "ECDSA".
-#
-# A "Constraint" provides further guidance for the algorithm being specified.
-# The "KeySizeConstraint" requires a key of a valid size range if the
-# "AlgorithmName" is of a key algorithm.  The "DecimalInteger" indicates the
-# key size specified in number of bits.  For example, "RSA keySize <= 1024"
-# indicates that any RSA key with key size less than or equal to 1024 bits
-# should be disabled, and "RSA keySize < 1024, RSA keySize > 2048" indicates
-# that any RSA key with key size less than 1024 or greater than 2048 should
-# be disabled. Note that the "KeySizeConstraint" only makes sense to key
-# algorithms.
-#
-# Note: This property is currently used by Oracle's PKIX implementation. It
-# is not guaranteed to be examined and used by other implementations.
-#
-# Example:
-#   jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
-#
-#
-jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024
-
-# Algorithm restrictions for Secure Socket Layer/Transport Layer Security
-# (SSL/TLS) processing
-#
-# In some environments, certain algorithms or key lengths may be undesirable
-# when using SSL/TLS.  This section describes the mechanism for disabling
-# algorithms during SSL/TLS security parameters negotiation, including cipher
-# suites selection, peer authentication and key exchange mechanisms.
-#
-# For PKI-based peer authentication and key exchange mechanisms, this list
-# of disabled algorithms will also be checked during certification path
-# building and validation, including algorithms used in certificates, as
-# well as revocation information such as CRLs and signed OCSP Responses.
-# This is in addition to the jdk.certpath.disabledAlgorithms property above.
-#
-# See the specification of "jdk.certpath.disabledAlgorithms" for the
-# syntax of the disabled algorithm string.
-#
-# Note: This property is currently used by Oracle's JSSE implementation.
-# It is not guaranteed to be examined and used by other implementations.
-#
-# Example:
-#   jdk.tls.disabledAlgorithms=MD5, SHA1, DSA, RSA keySize < 2048
--- a/jdk/src/java.base/share/conf/security/java.security-windows	Wed Jul 05 19:56:33 2017 +0200
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,499 +0,0 @@
-#
-# This is the "master security properties file".
-#
-# An alternate java.security properties file may be specified
-# from the command line via the system property
-#
-#    -Djava.security.properties=<URL>
-#
-# This properties file appends to the master security properties file.
-# If both properties files specify values for the same key, the value
-# from the command-line properties file is selected, as it is the last
-# one loaded.
-#
-# Also, if you specify
-#
-#    -Djava.security.properties==<URL> (2 equals),
-#
-# then that properties file completely overrides the master security
-# properties file.
-#
-# To disable the ability to specify an additional properties file from
-# the command line, set the key security.overridePropertiesFile
-# to false in the master security properties file. It is set to true
-# by default.
-
-# In this file, various security properties are set for use by
-# java.security classes. This is where users can statically register
-# Cryptography Package Providers ("providers" for short). The term
-# "provider" refers to a package or set of packages that supply a
-# concrete implementation of a subset of the cryptography aspects of
-# the Java Security API. A provider may, for example, implement one or
-# more digital signature algorithms or message digest algorithms.
-#
-# Each provider must implement a subclass of the Provider class.
-# To register a provider in this master security properties file,
-# specify the Provider subclass name and priority in the format
-#
-#    security.provider.<n>=<className>
-#
-# This declares a provider, and specifies its preference
-# order n. The preference order is the order in which providers are
-# searched for requested algorithms (when no specific provider is
-# requested). The order is 1-based; 1 is the most preferred, followed
-# by 2, and so on.
-#
-# <className> must specify the subclass of the Provider class whose
-# constructor sets the values of various properties that are required
-# for the Java Security API to look up the algorithms or other
-# facilities implemented by the provider.
-#
-# There must be at least one provider specification in java.security.
-# There is a default provider that comes standard with the JDK. It
-# is called the "SUN" provider, and its Provider subclass
-# named Sun appears in the sun.security.provider package. Thus, the
-# "SUN" provider is registered via the following:
-#
-#    security.provider.1=sun.security.provider.Sun
-#
-# (The number 1 is used for the default provider.)
-#
-# Note: Providers can be dynamically registered instead by calls to
-# either the addProvider or insertProviderAt method in the Security
-# class.
-
-#
-# List of providers and their preference orders (see above):
-#
-security.provider.1=sun.security.provider.Sun
-security.provider.2=sun.security.rsa.SunRsaSign
-security.provider.3=sun.security.ec.SunEC
-security.provider.4=com.sun.net.ssl.internal.ssl.Provider
-security.provider.5=com.sun.crypto.provider.SunJCE
-security.provider.6=sun.security.jgss.SunProvider
-security.provider.7=com.sun.security.sasl.Provider
-security.provider.8=org.jcp.xml.dsig.internal.dom.XMLDSigRI
-security.provider.9=sun.security.smartcardio.SunPCSC
-security.provider.10=sun.security.mscapi.SunMSCAPI
-
-#
-# Sun Provider SecureRandom seed source.
-#
-# Select the primary source of seed data for the "SHA1PRNG" and
-# "NativePRNG" SecureRandom implementations in the "Sun" provider.
-# (Other SecureRandom implementations might also use this property.)
-#
-# On Unix-like systems (for example, Solaris/Linux/MacOS), the
-# "NativePRNG" and "SHA1PRNG" implementations obtains seed data from
-# special device files such as file:/dev/random.
-#
-# On Windows systems, specifying the URLs "file:/dev/random" or
-# "file:/dev/urandom" will enable the native Microsoft CryptoAPI seeding
-# mechanism for SHA1PRNG.
-#
-# By default, an attempt is made to use the entropy gathering device
-# specified by the "securerandom.source" Security property.  If an
-# exception occurs while accessing the specified URL:
-#
-#     SHA1PRNG:
-#         the traditional system/thread activity algorithm will be used.
-#
-#     NativePRNG:
-#         a default value of /dev/random will be used.  If neither
-#         are available, the implementation will be disabled.
-#         "file" is the only currently supported protocol type.
-#
-# The entropy gathering device can also be specified with the System
-# property "java.security.egd". For example:
-#
-#   % java -Djava.security.egd=file:/dev/random MainClass
-#
-# Specifying this System property will override the
-# "securerandom.source" Security property.
-#
-# In addition, if "file:/dev/random" or "file:/dev/urandom" is
-# specified, the "NativePRNG" implementation will be more preferred than
-# SHA1PRNG in the Sun provider.
-#
-securerandom.source=file:/dev/random
-
-#
-# A list of known strong SecureRandom implementations.
-#
-# To help guide applications in selecting a suitable strong
-# java.security.SecureRandom implementation, Java distributions should
-# indicate a list of known strong implementations using the property.
-#
-# This is a comma-separated list of algorithm and/or algorithm:provider
-# entries.
-#
-securerandom.strongAlgorithms=Windows-PRNG:SunMSCAPI,SHA1PRNG:SUN
-
-#
-# Class to instantiate as the javax.security.auth.login.Configuration
-# provider.
-#
-login.configuration.provider=sun.security.provider.ConfigFile
-
-#
-# Default login configuration file
-#
-#login.config.url.1=file:${user.home}/.java.login.config
-
-#
-# Class to instantiate as the system Policy. This is the name of the class
-# that will be used as the Policy object.
-#
-policy.provider=sun.security.provider.PolicyFile
-
-# The default is to have a single system-wide policy file,
-# and a policy file in the user's home directory.
-policy.url.1=file:${java.home}/lib/security/java.policy
-policy.url.2=file:${user.home}/.java.policy
-
-# whether or not we expand properties in the policy file
-# if this is set to false, properties (${...}) will not be expanded in policy
-# files.
-policy.expandProperties=true
-
-# whether or not we allow an extra policy to be passed on the command line
-# with -Djava.security.policy=somefile. Comment out this line to disable
-# this feature.
-policy.allowSystemProperty=true
-
-# whether or not we look into the IdentityScope for trusted Identities
-# when encountering a 1.1 signed JAR file. If the identity is found
-# and is trusted, we grant it AllPermission.
-policy.ignoreIdentityScope=false
-
-#
-# Default keystore type.
-#
-keystore.type=jks
-
-#
-# List of comma-separated packages that start with or equal this string
-# will cause a security exception to be thrown when
-# passed to checkPackageAccess unless the
-# corresponding RuntimePermission ("accessClassInPackage."+package) has
-# been granted.
-package.access=sun.,\
-               com.sun.xml.internal.,\
-               com.sun.imageio.,\
-               com.sun.istack.internal.,\
-               com.sun.jmx.,\
-               com.sun.media.sound.,\
-               com.sun.naming.internal.,\
-               com.sun.proxy.,\
-               com.sun.corba.se.,\
-               com.sun.org.apache.bcel.internal.,\
-               com.sun.org.apache.regexp.internal.,\
-               com.sun.org.apache.xerces.internal.,\
-               com.sun.org.apache.xpath.internal.,\
-               com.sun.org.apache.xalan.internal.extensions.,\
-               com.sun.org.apache.xalan.internal.lib.,\
-               com.sun.org.apache.xalan.internal.res.,\
-               com.sun.org.apache.xalan.internal.templates.,\
-               com.sun.org.apache.xalan.internal.utils.,\
-               com.sun.org.apache.xalan.internal.xslt.,\
-               com.sun.org.apache.xalan.internal.xsltc.cmdline.,\
-               com.sun.org.apache.xalan.internal.xsltc.compiler.,\
-               com.sun.org.apache.xalan.internal.xsltc.trax.,\
-               com.sun.org.apache.xalan.internal.xsltc.util.,\
-               com.sun.org.apache.xml.internal.res.,\
-               com.sun.org.apache.xml.internal.security.,\
-               com.sun.org.apache.xml.internal.serializer.utils.,\
-               com.sun.org.apache.xml.internal.utils.,\
-               com.sun.org.glassfish.,\
-               com.oracle.xmlns.internal.,\
-               com.oracle.webservices.internal.,\
-               org.jcp.xml.dsig.internal.,\
-               jdk.internal.,\
-               jdk.nashorn.internal.,\
-               jdk.nashorn.tools.,\
-               com.sun.activation.registries.,\
-               com.sun.java.accessibility.
-
-#
-# List of comma-separated packages that start with or equal this string
-# will cause a security exception to be thrown when
-# passed to checkPackageDefinition unless the
-# corresponding RuntimePermission ("defineClassInPackage."+package) has
-# been granted.
-#
-# by default, none of the class loaders supplied with the JDK call
-# checkPackageDefinition.
-#
-package.definition=sun.,\
-                   com.sun.xml.internal.,\
-                   com.sun.imageio.,\
-                   com.sun.istack.internal.,\
-                   com.sun.jmx.,\
-                   com.sun.media.sound.,\
-                   com.sun.naming.internal.,\
-                   com.sun.proxy.,\
-                   com.sun.corba.se.,\
-                   com.sun.org.apache.bcel.internal.,\
-                   com.sun.org.apache.regexp.internal.,\
-                   com.sun.org.apache.xerces.internal.,\
-                   com.sun.org.apache.xpath.internal.,\
-                   com.sun.org.apache.xalan.internal.extensions.,\
-                   com.sun.org.apache.xalan.internal.lib.,\
-                   com.sun.org.apache.xalan.internal.res.,\
-                   com.sun.org.apache.xalan.internal.templates.,\
-                   com.sun.org.apache.xalan.internal.utils.,\
-                   com.sun.org.apache.xalan.internal.xslt.,\
-                   com.sun.org.apache.xalan.internal.xsltc.cmdline.,\
-                   com.sun.org.apache.xalan.internal.xsltc.compiler.,\
-                   com.sun.org.apache.xalan.internal.xsltc.trax.,\
-                   com.sun.org.apache.xalan.internal.xsltc.util.,\
-                   com.sun.org.apache.xml.internal.res.,\
-                   com.sun.org.apache.xml.internal.security.,\
-                   com.sun.org.apache.xml.internal.serializer.utils.,\
-                   com.sun.org.apache.xml.internal.utils.,\
-                   com.sun.org.glassfish.,\
-                   com.oracle.xmlns.internal.,\
-                   com.oracle.webservices.internal.,\
-                   org.jcp.xml.dsig.internal.,\
-                   jdk.internal.,\
-                   jdk.nashorn.internal.,\
-                   jdk.nashorn.tools.,\
-                   com.sun.activation.registries.,\
-                   com.sun.java.accessibility.
-
-#
-# Determines whether this properties file can be appended to
-# or overridden on the command line via -Djava.security.properties
-#
-security.overridePropertiesFile=true
-
-#
-# Determines the default key and trust manager factory algorithms for
-# the javax.net.ssl package.
-#
-ssl.KeyManagerFactory.algorithm=SunX509
-ssl.TrustManagerFactory.algorithm=PKIX
-
-#
-# The Java-level namelookup cache policy for successful lookups:
-#
-# any negative value: caching forever
-# any positive value: the number of seconds to cache an address for
-# zero: do not cache
-#
-# default value is forever (FOREVER). For security reasons, this
-# caching is made forever when a security manager is set. When a security
-# manager is not set, the default behavior in this implementation
-# is to cache for 30 seconds.
-#
-# NOTE: setting this to anything other than the default value can have
-#       serious security implications. Do not set it unless
-#       you are sure you are not exposed to DNS spoofing attack.
-#
-#networkaddress.cache.ttl=-1
-
-# The Java-level namelookup cache policy for failed lookups:
-#
-# any negative value: cache forever
-# any positive value: the number of seconds to cache negative lookup results
-# zero: do not cache
-#
-# In some Microsoft Windows networking environments that employ
-# the WINS name service in addition to DNS, name service lookups
-# that fail may take a noticeably long time to return (approx. 5 seconds).
-# For this reason the default caching policy is to maintain these
-# results for 10 seconds.
-#
-#
-networkaddress.cache.negative.ttl=10
-
-#
-# Properties to configure OCSP for certificate revocation checking
-#
-
-# Enable OCSP
-#
-# By default, OCSP is not used for certificate revocation checking.
-# This property enables the use of OCSP when set to the value "true".
-#
-# NOTE: SocketPermission is required to connect to an OCSP responder.
-#
-# Example,
-#   ocsp.enable=true
-
-#
-# Location of the OCSP responder
-#
-# By default, the location of the OCSP responder is determined implicitly
-# from the certificate being validated. This property explicitly specifies
-# the location of the OCSP responder. The property is used when the
-# Authority Information Access extension (defined in RFC 3280) is absent
-# from the certificate or when it requires overriding.
-#
-# Example,
-#   ocsp.responderURL=http://ocsp.example.net:80
-
-#
-# Subject name of the OCSP responder's certificate
-#
-# By default, the certificate of the OCSP responder is that of the issuer
-# of the certificate being validated. This property identifies the certificate
-# of the OCSP responder when the default does not apply. Its value is a string
-# distinguished name (defined in RFC 2253) which identifies a certificate in
-# the set of certificates supplied during cert path validation. In cases where
-# the subject name alone is not sufficient to uniquely identify the certificate
-# then both the "ocsp.responderCertIssuerName" and
-# "ocsp.responderCertSerialNumber" properties must be used instead. When this
-# property is set then those two properties are ignored.
-#
-# Example,
-#   ocsp.responderCertSubjectName="CN=OCSP Responder, O=XYZ Corp"
-
-#
-# Issuer name of the OCSP responder's certificate
-#
-# By default, the certificate of the OCSP responder is that of the issuer
-# of the certificate being validated. This property identifies the certificate
-# of the OCSP responder when the default does not apply. Its value is a string
-# distinguished name (defined in RFC 2253) which identifies a certificate in
-# the set of certificates supplied during cert path validation. When this
-# property is set then the "ocsp.responderCertSerialNumber" property must also
-# be set. When the "ocsp.responderCertSubjectName" property is set then this
-# property is ignored.
-#
-# Example,
-#   ocsp.responderCertIssuerName="CN=Enterprise CA, O=XYZ Corp"
-
-#
-# Serial number of the OCSP responder's certificate
-#
-# By default, the certificate of the OCSP responder is that of the issuer
-# of the certificate being validated. This property identifies the certificate
-# of the OCSP responder when the default does not apply. Its value is a string
-# of hexadecimal digits (colon or space separators may be present) which
-# identifies a certificate in the set of certificates supplied during cert path
-# validation. When this property is set then the "ocsp.responderCertIssuerName"
-# property must also be set. When the "ocsp.responderCertSubjectName" property
-# is set then this property is ignored.
-#
-# Example,
-#   ocsp.responderCertSerialNumber=2A:FF:00
-
-#
-# Policy for failed Kerberos KDC lookups:
-#
-# When a KDC is unavailable (network error, service failure, etc), it is
-# put inside a blacklist and accessed less often for future requests. The
-# value (case-insensitive) for this policy can be:
-#
-# tryLast
-#    KDCs in the blacklist are always tried after those not on the list.
-#
-# tryLess[:max_retries,timeout]
-#    KDCs in the blacklist are still tried by their order in the configuration,
-#    but with smaller max_retries and timeout values. max_retries and timeout
-#    are optional numerical parameters (default 1 and 5000, which means once
-#    and 5 seconds). Please notes that if any of the values defined here is
-#    more than what is defined in krb5.conf, it will be ignored.
-#
-# Whenever a KDC is detected as available, it is removed from the blacklist.
-# The blacklist is reset when krb5.conf is reloaded. You can add
-# refreshKrb5Config=true to a JAAS configuration file so that krb5.conf is
-# reloaded whenever a JAAS authentication is attempted.
-#
-# Example,
-#   krb5.kdc.bad.policy = tryLast
-#   krb5.kdc.bad.policy = tryLess:2,2000
-krb5.kdc.bad.policy = tryLast
-
-# Algorithm restrictions for certification path (CertPath) processing
-#
-# In some environments, certain algorithms or key lengths may be undesirable
-# for certification path building and validation.  For example, "MD2" is
-# generally no longer considered to be a secure hash algorithm.  This section
-# describes the mechanism for disabling algorithms based on algorithm name
-# and/or key length.  This includes algorithms used in certificates, as well
-# as revocation information such as CRLs and signed OCSP Responses.
-#
-# The syntax of the disabled algorithm string is described as this Java
-# BNF-style:
-#   DisabledAlgorithms:
-#       " DisabledAlgorithm { , DisabledAlgorithm } "
-#
-#   DisabledAlgorithm:
-#       AlgorithmName [Constraint]
-#
-#   AlgorithmName:
-#       (see below)
-#
-#   Constraint:
-#       KeySizeConstraint
-#
-#   KeySizeConstraint:
-#       keySize Operator DecimalInteger
-#
-#   Operator:
-#       <= | < | == | != | >= | >
-#
-#   DecimalInteger:
-#       DecimalDigits
-#
-#   DecimalDigits:
-#       DecimalDigit {DecimalDigit}
-#
-#   DecimalDigit: one of
-#       1 2 3 4 5 6 7 8 9 0
-#
-# The "AlgorithmName" is the standard algorithm name of the disabled
-# algorithm. See "Java Cryptography Architecture Standard Algorithm Name
-# Documentation" for information about Standard Algorithm Names.  Matching
-# is performed using a case-insensitive sub-element matching rule.  (For
-# example, in "SHA1withECDSA" the sub-elements are "SHA1" for hashing and
-# "ECDSA" for signatures.)  If the assertion "AlgorithmName" is a
-# sub-element of the certificate algorithm name, the algorithm will be
-# rejected during certification path building and validation.  For example,
-# the assertion algorithm name "DSA" will disable all certificate algorithms
-# that rely on DSA, such as NONEwithDSA, SHA1withDSA.  However, the assertion
-# will not disable algorithms related to "ECDSA".
-#
-# A "Constraint" provides further guidance for the algorithm being specified.
-# The "KeySizeConstraint" requires a key of a valid size range if the
-# "AlgorithmName" is of a key algorithm.  The "DecimalInteger" indicates the
-# key size specified in number of bits.  For example, "RSA keySize <= 1024"
-# indicates that any RSA key with key size less than or equal to 1024 bits
-# should be disabled, and "RSA keySize < 1024, RSA keySize > 2048" indicates
-# that any RSA key with key size less than 1024 or greater than 2048 should
-# be disabled. Note that the "KeySizeConstraint" only makes sense to key
-# algorithms.
-#
-# Note: This property is currently used by Oracle's PKIX implementation. It
-# is not guaranteed to be examined and used by other implementations.
-#
-# Example:
-#   jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
-#
-#
-jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024
-
-# Algorithm restrictions for Secure Socket Layer/Transport Layer Security
-# (SSL/TLS) processing
-#
-# In some environments, certain algorithms or key lengths may be undesirable
-# when using SSL/TLS.  This section describes the mechanism for disabling
-# algorithms during SSL/TLS security parameters negotiation, including cipher
-# suites selection, peer authentication and key exchange mechanisms.
-#
-# For PKI-based peer authentication and key exchange mechanisms, this list
-# of disabled algorithms will also be checked during certification path
-# building and validation, including algorithms used in certificates, as
-# well as revocation information such as CRLs and signed OCSP Responses.
-# This is in addition to the jdk.certpath.disabledAlgorithms property above.
-#
-# See the specification of "jdk.certpath.disabledAlgorithms" for the
-# syntax of the disabled algorithm string.
-#
-# Note: This property is currently used by Oracle's JSSE implementation.
-# It is not guaranteed to be examined and used by other implementations.
-#
-# Example:
-#   jdk.tls.disabledAlgorithms=MD5, SHA1, DSA, RSA keySize < 2048
--- a/jdk/src/java.base/unix/native/libjava/UNIXProcess_md.c	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.base/unix/native/libjava/UNIXProcess_md.c	Mon Aug 18 10:59:36 2014 +0100
@@ -599,9 +599,9 @@
      */
     assert(prog != NULL && argBlock != NULL);
     if ((phelperpath = getBytes(env, helperpath))   == NULL) goto Catch;
-    if ((pprog     = getBytes(env, prog))       == NULL) goto Catch;
-    if ((pargBlock = getBytes(env, argBlock))   == NULL) goto Catch;
-    if ((c->argv = NEW(const char *, argc + 3)) == NULL) goto Catch;
+    if ((pprog       = getBytes(env, prog))         == NULL) goto Catch;
+    if ((pargBlock   = getBytes(env, argBlock))     == NULL) goto Catch;
+    if ((c->argv     = NEW(const char *, argc + 3)) == NULL) goto Catch;
     c->argv[0] = pprog;
     c->argc = argc + 2;
     initVectorFromBlock(c->argv+1, pargBlock, argc);
@@ -690,10 +690,11 @@
     closeSafely(childenv[0]);
     closeSafely(childenv[1]);
 
-    releaseBytes(env, prog,     pprog);
-    releaseBytes(env, argBlock, pargBlock);
-    releaseBytes(env, envBlock, penvBlock);
-    releaseBytes(env, dir,      c->pdir);
+    releaseBytes(env, helperpath, phelperpath);
+    releaseBytes(env, prog,       pprog);
+    releaseBytes(env, argBlock,   pargBlock);
+    releaseBytes(env, envBlock,   penvBlock);
+    releaseBytes(env, dir,        c->pdir);
 
     free(c->argv);
     free(c->envv);
--- a/jdk/src/java.prefs/macosx/native/libprefs/MacOSXPreferencesFile.m	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.prefs/macosx/native/libprefs/MacOSXPreferencesFile.m	Mon Aug 18 10:59:36 2014 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2011, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -71,6 +71,8 @@
     static jclass exceptionClass = NULL;
     jclass c;
 
+    (*env)->ExceptionClear(env);  // If an exception is pending, clear it before
+                                  // calling FindClass() and/or ThrowNew().
     if (exceptionClass) {
         c = exceptionClass;
     } else {
@@ -534,8 +536,13 @@
 (JNIEnv *env, jobject klass, jobject jpath,
  jobject jname, jlong juser, jlong jhost)
 {
-    CFStringRef path = toCF(env, jpath);
-    CFStringRef name = toCF(env, jname);
+    CFStringRef path = NULL;
+    CFStringRef name = NULL;
+
+    path = toCF(env, jpath);
+    if (path != NULL) {
+        name = toCF(env, jname);
+    }
     CFStringRef user = (CFStringRef)jlong_to_ptr(juser);
     CFStringRef host = (CFStringRef)jlong_to_ptr(jhost);
     CFDictionaryRef node = NULL;
@@ -579,8 +586,13 @@
 (JNIEnv *env, jobject klass, jobject jpath,
  jobject jname, jlong juser, jlong jhost)
 {
-    CFStringRef path = toCF(env, jpath);
-    CFStringRef name = toCF(env, jname);
+    CFStringRef path = NULL;
+    CFStringRef name = NULL;
+
+    path = toCF(env, jpath);
+    if (path != NULL) {
+        name = toCF(env, jname);
+    }
     CFStringRef user = (CFStringRef)jlong_to_ptr(juser);
     CFStringRef host = (CFStringRef)jlong_to_ptr(jhost);
     CFStringRef parentName;
@@ -647,9 +659,17 @@
  jobject jname, jlong juser, jlong jhost)
 {
     // like addNode, but can put a three-level-deep dict into the root file
-    CFStringRef path = toCF(env, jpath);
-    CFStringRef child = toCF(env, jchild);
-    CFStringRef name = toCF(env, jname);
+    CFStringRef path = NULL;
+    CFStringRef child = NULL;
+    CFStringRef name = NULL;
+
+    path = toCF(env, jpath);
+    if (path != NULL) {
+        child = toCF(env, jchild);
+    }
+    if (child != NULL) {
+        name = toCF(env, jname);
+    }
     CFStringRef user = (CFStringRef)jlong_to_ptr(juser);
     CFStringRef host = (CFStringRef)jlong_to_ptr(jhost);
     CFMutableDictionaryRef parent;
@@ -693,9 +713,17 @@
 (JNIEnv *env, jobject klass, jobject jpath, jobject jchild,
  jobject jname, jlong juser, jlong jhost)
 {
-    CFStringRef path = toCF(env, jpath);
-    CFStringRef child = toCF(env, jchild);
-    CFStringRef name = toCF(env, jname);
+    CFStringRef path = NULL;
+    CFStringRef child = NULL;
+    CFStringRef name = NULL;
+
+    path = toCF(env, jpath);
+    if (path != NULL) {
+        child = toCF(env, jchild);
+    }
+    if (child != NULL) {
+        name = toCF(env, jname);
+    }
     CFStringRef user = (CFStringRef)jlong_to_ptr(juser);
     CFStringRef host = (CFStringRef)jlong_to_ptr(jhost);
     CFDictionaryRef constParent;
@@ -734,10 +762,21 @@
 (JNIEnv *env, jobject klass, jobject jpath, jobject jkey, jobject jvalue,
  jobject jname, jlong juser, jlong jhost)
 {
-    CFStringRef path = toCF(env, jpath);
-    CFStringRef key = toCF(env, jkey);
-    CFStringRef value = toCF(env, jvalue);
-    CFStringRef name = toCF(env, jname);
+    CFStringRef path = NULL;
+    CFStringRef key = NULL;
+    CFStringRef value = NULL;
+    CFStringRef name = NULL;
+
+    path = toCF(env, jpath);
+    if (path != NULL) {
+        key = toCF(env, jkey);
+    }
+    if (key != NULL) {
+        value = toCF(env, jvalue);
+    }
+    if (value != NULL) {
+        name = toCF(env, jname);
+    }
     CFStringRef user = (CFStringRef)jlong_to_ptr(juser);
     CFStringRef host = (CFStringRef)jlong_to_ptr(jhost);
     CFMutableDictionaryRef node = NULL;
@@ -771,9 +810,17 @@
 (JNIEnv *env, jobject klass, jobject jpath, jobject jkey,
  jobject jname, jlong juser, jlong jhost)
 {
-    CFStringRef path = toCF(env, jpath);
-    CFStringRef key = toCF(env, jkey);
-    CFStringRef name = toCF(env, jname);
+    CFStringRef path = NULL;
+    CFStringRef key = NULL;
+    CFStringRef name = NULL;
+
+    path = toCF(env, jpath);
+    if (path != NULL) {
+        key = toCF(env, jkey);
+    }
+    if (key != NULL) {
+        name = toCF(env, jname);
+    }
     CFStringRef user = (CFStringRef)jlong_to_ptr(juser);
     CFStringRef host = (CFStringRef)jlong_to_ptr(jhost);
     CFDictionaryRef constNode;
@@ -812,9 +859,17 @@
 (JNIEnv *env, jobject klass, jobject jpath, jobject jkey,
  jobject jname, jlong juser, jlong jhost)
 {
-    CFStringRef path = toCF(env, jpath);
-    CFStringRef key = toCF(env, jkey);
-    CFStringRef name = toCF(env, jname);
+    CFStringRef path = NULL;
+    CFStringRef key = NULL;
+    CFStringRef name = NULL;
+
+    path = toCF(env, jpath);
+    if (path != NULL) {
+        key = toCF(env, jkey);
+    }
+    if (key != NULL) {
+        name = toCF(env, jname);
+    }
     CFStringRef user = (CFStringRef)jlong_to_ptr(juser);
     CFStringRef host = (CFStringRef)jlong_to_ptr(jhost);
     CFPropertyListRef value;
@@ -914,8 +969,13 @@
                                 jobject jname, jlong juser, jlong jhost,
                                 Boolean allowSlash)
 {
-    CFStringRef path = toCF(env, jpath);
-    CFStringRef name = toCF(env, jname);
+    CFStringRef path = NULL;
+    CFStringRef name = NULL;
+
+    path = toCF(env, jpath);
+    if (path != NULL) {
+        name = toCF(env, jname);
+    }
     CFStringRef user = (CFStringRef)jlong_to_ptr(juser);
     CFStringRef host = (CFStringRef)jlong_to_ptr(jhost);
     CFDictionaryRef node;
--- a/jdk/src/java.smartcardio/share/classes/sun/security/smartcardio/CardImpl.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.smartcardio/share/classes/sun/security/smartcardio/CardImpl.java	Mon Aug 18 10:59:36 2014 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -26,9 +26,9 @@
 package sun.security.smartcardio;
 
 import java.nio.ByteBuffer;
-
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 import javax.smartcardio.*;
-
 import static sun.security.smartcardio.PCSC.*;
 
 /**
@@ -62,6 +62,15 @@
     // thread holding exclusive access to the card, or null
     private volatile Thread exclusiveThread;
 
+    // used for platform specific logic
+    private static final boolean isWindows;
+
+    static {
+        final String osName = AccessController.doPrivileged(
+            (PrivilegedAction<String>) () -> System.getProperty("os.name"));
+        isWindows = osName.startsWith("Windows");
+    }
+
     CardImpl(TerminalImpl terminal, String protocol) throws PCSCException {
         this.terminal = terminal;
         int sharingMode = SCARD_SHARE_SHARED;
@@ -74,7 +83,12 @@
             connectProtocol = SCARD_PROTOCOL_T1;
         } else if (protocol.equalsIgnoreCase("direct")) {
             // testing
-            connectProtocol = 0;
+
+            // MSDN states that the preferred protocol can be zero, but doesn't
+            //     specify whether other values are allowed.
+            // pcsc-lite implementation expects the preferred protocol to be non zero.
+            connectProtocol = isWindows ? 0 : SCARD_PROTOCOL_RAW;
+
             sharingMode = SCARD_SHARE_DIRECT;
         } else {
             throw new IllegalArgumentException("Unsupported protocol " + protocol);
--- a/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/BaseRowSet.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/BaseRowSet.java	Mon Aug 18 10:59:36 2014 +0100
@@ -368,7 +368,7 @@
      * <code>DriverManager.getConnection</code> when the
      * <code>DriverManager</code> is used to get a connection.
      * <P>
-     * The JDBC URL identifies the driver to be used to make the conndection.
+     * The JDBC URL identifies the driver to be used to make the connection.
      * This URL can be found in the documentation supplied by the driver
      * vendor.
      * @serial
@@ -562,7 +562,7 @@
     * <code>null</code>, this method silently discards the <code>null</code>
     * value and does not add a null reference to the set of listeners.
     * <p>
-    * <b>Note</b>: if the listener is already set, and the new <code>RowSetListerner</code>
+    * <b>Note</b>: if the listener is already set, and the new <code>RowSetListener</code>
     * instance is added to the set of listeners already registered to receive
     * event notifications from this <code>RowSet</code>.
     *
@@ -767,7 +767,7 @@
      * the connection is created using a JDBC technology-enabled driver
      * ("JDBC driver") and the <code>DriverManager</code>.
      * The correct JDBC URL for the specific driver to be used can be found
-     * in the driver documentation.  Although there are guidelines for for how
+     * in the driver documentation.  Although there are guidelines for how
      * a JDBC URL is formed,
      * a driver vendor can specify any <code>String</code> object except
      * one with a length of <code>0</code> (an empty string).
@@ -1093,7 +1093,7 @@
                 "Connection.TRANSACTION_NONE or " +
                 "Connection.TRANSACTION_READ_UNCOMMITTED or " +
                 "Connection.TRANSACTION_READ_COMMITTED or " +
-                "Connection.RRANSACTION_REPEATABLE_READ or " +
+                "Connection.TRANSACTION_REPEATABLE_READ or " +
                 "Connection.TRANSACTION_SERIALIZABLE");
             }
         this.isolation = level;
@@ -3193,7 +3193,7 @@
     } //end getParams
 
 
- /**
+   /**
     * Sets the designated parameter to SQL <code>NULL</code>.
     *
     * <P><B>Note:</B> You must specify the parameter's SQL type.
@@ -3210,8 +3210,7 @@
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
- /**
+   /**
     * Sets the designated parameter to SQL <code>NULL</code>.
     * This version of the method <code>setNull</code> should
     * be used for user-defined types and REF type parameters.  Examples
@@ -3248,9 +3247,7 @@
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
-
- /**
+   /**
     * Sets the designated parameter to the given Java <code>boolean</code> value.
     * The driver converts this
     * to an SQL <code>BIT</code> or <code>BOOLEAN</code> value when it sends it to the database.
@@ -3268,9 +3265,7 @@
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
-
- /**
+   /**
     * Sets the designated parameter to the given Java <code>byte</code> value.
     * The driver converts this
     * to an SQL <code>TINYINT</code> value when it sends it to the database.
@@ -3288,9 +3283,7 @@
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
-
- /**
+   /**
     * Sets the designated parameter to the given Java <code>short</code> value.
     * The driver converts this
     * to an SQL <code>SMALLINT</code> value when it sends it to the database.
@@ -3308,8 +3301,7 @@
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
- /**
+   /**
     * Sets the designated parameter to the given Java <code>int</code> value.
     * The driver converts this
     * to an SQL <code>INTEGER</code> value when it sends it to the database.
@@ -3328,7 +3320,7 @@
    }
 
 
- /**
+   /**
     * Sets the designated parameter to the given Java <code>long</code> value.
     * The driver converts this
     * to an SQL <code>BIGINT</code> value when it sends it to the database.
@@ -3346,8 +3338,7 @@
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
- /**
+   /**
     * Sets the designated parameter to the given Java <code>float</code> value.
     * The driver converts this
     * to an SQL <code>FLOAT</code> value when it sends it to the database.
@@ -3365,8 +3356,7 @@
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
- /**
+   /**
     * Sets the designated parameter to the given Java <code>double</code> value.
     * The driver converts this
     * to an SQL <code>DOUBLE</code> value when it sends it to the database.
@@ -3384,9 +3374,7 @@
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
-
- /**
+   /**
     * Sets the designated parameter to the given
     * <code>java.math.BigDecimal</code> value.
     * The driver converts this to an SQL <code>NUMERIC</code> value when
@@ -3405,9 +3393,7 @@
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
-
- /**
+   /**
     * Sets the designated parameter to the given Java <code>String</code> value.
     * The driver converts this
     * to an SQL <code>VARCHAR</code> or <code>LONGVARCHAR</code> value
@@ -3428,9 +3414,7 @@
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
-
- /**
+   /**
     * Sets the designated parameter to the given Java array of bytes.
     * The driver converts this to an SQL <code>VARBINARY</code> or
     * <code>LONGVARBINARY</code> (depending on the argument's size relative
@@ -3450,9 +3434,7 @@
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
-
- /**
+   /**
     * Sets the designated parameter to the given <code>java.sql.Timestamp</code> value.
     * The driver
     * converts this to an SQL <code>TIMESTAMP</code> value when it sends it to the
@@ -3472,9 +3454,7 @@
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
-
- /**
+   /**
     * Sets the designated parameter to the given input stream, which will have
     * the specified number of bytes.
     * When a very large ASCII value is input to a <code>LONGVARCHAR</code>
@@ -3501,8 +3481,7 @@
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
- /**
+   /**
     * Sets the designated parameter to the given input stream, which will have
     * the specified number of bytes.
     * When a very large binary value is input to a <code>LONGVARBINARY</code>
@@ -3528,8 +3507,7 @@
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
-  /**
+   /**
     * Sets the designated parameter to the given <code>Reader</code>
     * object, which is the given number of characters long.
     * When a very large UNICODE value is input to a <code>LONGVARCHAR</code>
@@ -3558,7 +3536,6 @@
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
   /**
    * Sets the designated parameter to the given input stream.
    * When a very large ASCII value is input to a <code>LONGVARCHAR</code>
@@ -3586,8 +3563,7 @@
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
- /**
+   /**
     * Sets the designated parameter to the given input stream.
     * When a very large binary value is input to a <code>LONGVARBINARY</code>
     * parameter, it may be more practical to send it via a
@@ -3613,9 +3589,7 @@
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
-
- /**
+   /**
     * Sets the designated parameter to the given <code>Reader</code>
     * object.
     * When a very large UNICODE value is input to a <code>LONGVARCHAR</code>
@@ -3644,7 +3618,6 @@
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
  /**
   * Sets the designated parameter in this <code>RowSet</code> object's command
   * to a <code>Reader</code> object. The
@@ -3672,9 +3645,7 @@
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
-
- /**
+   /**
     * Sets the value of the designated parameter with the given object. The second
     * argument must be an object type; for integral values, the
     * <code>java.lang</code> equivalent objects should be used.
@@ -3692,7 +3663,7 @@
     * or <code>Array</code>, the driver should pass it to the database as a
     * value of the corresponding SQL type.
     * <P>
-    * Note that this method may be used to pass datatabase-
+    * Note that this method may be used to pass database-
     * specific abstract data types.
     *
     * @param parameterName the name of the parameter
@@ -3720,9 +3691,7 @@
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
-
- /**
+   /**
     * Sets the value of the designated parameter with the given object.
     * This method is like the method <code>setObject</code>
     * above, except that it assumes a scale of zero.
@@ -3748,8 +3717,7 @@
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
- /**
+  /**
    * Sets the value of the designated parameter with the given object.
    * The second parameter must be of type <code>Object</code>; therefore, the
    * <code>java.lang</code> equivalent objects should be used for built-in types.
@@ -3759,7 +3727,7 @@
    * will be converted to the corresponding SQL type before being
    * sent to the database.
    *
-   * <p>Note that this method may be used to pass datatabase-
+   * <p>Note that this method may be used to pass database-
    * specific abstract data types, by using a driver-specific Java
    * type.
    *
@@ -3789,10 +3757,9 @@
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
-
- /**
-    * Sets the designated parameter to a <code>InputStream</code> object.  The inputstream must contain  the number
+   /**
+    * Sets the designated parameter to a <code>InputStream</code> object.
+    * The <code>InputStream</code> must contain  the number
     * of characters specified by length otherwise a <code>SQLException</code> will be
     * generated when the <code>PreparedStatement</code> is executed.
     * This method differs from the <code>setBinaryStream (int, InputStream, int)</code>
@@ -3809,8 +3776,8 @@
     * this method is called on a closed <code>PreparedStatement</code>,
     * if parameterIndex does not correspond
     * to a parameter marker in the SQL statement,  if the length specified
-    * is less than zero or if the number of bytes in the inputstream does not match
-    * the specified length.
+    * is less than zero or if the number of bytes in the
+    * <code>InputStream</code> does not match the specified length.
     * @throws SQLFeatureNotSupportedException  if the JDBC driver does not support this method
     *
     * @since 1.6
@@ -3820,8 +3787,7 @@
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
- /**
+   /**
     * Sets the designated parameter to a <code>InputStream</code> object.
     * This method differs from the <code>setBinaryStream (int, InputStream)</code>
     * method because it informs the driver that the parameter value should be
@@ -3848,11 +3814,11 @@
     public void setBlob(int parameterIndex, InputStream inputStream)
        throws SQLException{
         throw new SQLFeatureNotSupportedException("Feature not supported");
-   }
+    }
 
-
- /**
-    * Sets the designated parameter to a <code>InputStream</code> object.  The <code>inputstream</code> must contain  the number
+    /**
+     * Sets the designated parameter to a <code>InputStream</code> object.
+     * The <code>Inputstream</code> must contain  the number
      * of characters specified by length, otherwise a <code>SQLException</code> will be
      * generated when the <code>CallableStatement</code> is executed.
      * This method differs from the <code>setBinaryStream (int, InputStream, int)</code>
@@ -3869,7 +3835,7 @@
      * @param length the number of bytes in the parameter data.
      * @throws SQLException  if parameterIndex does not correspond
      * to a parameter marker in the SQL statement,  or if the length specified
-     * is less than zero; if the number of bytes in the inputstream does not match
+     * is less than zero; if the number of bytes in the <code>InputStream</code> does not match
      * the specified length; if a database access error occurs or
      * this method is called on a closed <code>CallableStatement</code>
      * @exception SQLFeatureNotSupportedException if the JDBC driver does not support
@@ -3882,8 +3848,7 @@
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
- /**
+   /**
     * Sets the designated parameter to the given <code>java.sql.Blob</code> object.
     * The driver converts this to an SQL <code>BLOB</code> value when it
     * sends it to the database.
@@ -3900,8 +3865,7 @@
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
- /**
+   /**
     * Sets the designated parameter to a <code>InputStream</code> object.
     * This method differs from the <code>setBinaryStream (int, InputStream)</code>
     * method because it informs the driver that the parameter value should be
@@ -3925,35 +3889,34 @@
     public void setBlob(String parameterName, InputStream inputStream)
        throws SQLException{
         throw new SQLFeatureNotSupportedException("Feature not supported");
-   }
+    }
 
-
- /**
-   * Sets the designated parameter to a <code>Reader</code> object.  The reader must contain  the number
-   * of characters specified by length otherwise a <code>SQLException</code> will be
-   * generated when the <code>PreparedStatement</code> is executed.
-   *This method differs from the <code>setCharacterStream (int, Reader, int)</code> method
-   * because it informs the driver that the parameter value should be sent to
-   * the server as a <code>CLOB</code>.  When the <code>setCharacterStream</code> method is used, the
-   * driver may have to do extra work to determine whether the parameter
-   * data should be sent to the server as a <code>LONGVARCHAR</code> or a <code>CLOB</code>
-   * @param parameterIndex index of the first parameter is 1, the second is 2, ...
-   * @param reader An object that contains the data to set the parameter value to.
-   * @param length the number of characters in the parameter data.
-   * @throws SQLException if a database access error occurs, this method is called on
-   * a closed <code>PreparedStatement</code>, if parameterIndex does not correspond to a parameter
-   * marker in the SQL statement, or if the length specified is less than zero.
-   *
-   * @throws SQLFeatureNotSupportedException  if the JDBC driver does not support this method
-   * @since 1.6
-   */
+   /**
+    * Sets the designated parameter to a <code>Reader</code> object.
+    * The reader must contain  the number
+    * of characters specified by length otherwise a <code>SQLException</code> will be
+    * generated when the <code>PreparedStatement</code> is executed.
+    * This method differs from the <code>setCharacterStream (int, Reader, int)</code> method
+    * because it informs the driver that the parameter value should be sent to
+    * the server as a <code>CLOB</code>.  When the <code>setCharacterStream</code> method is used, the
+    * driver may have to do extra work to determine whether the parameter
+    * data should be sent to the server as a <code>LONGVARCHAR</code> or a <code>CLOB</code>
+    * @param parameterIndex index of the first parameter is 1, the second is 2, ...
+    * @param reader An object that contains the data to set the parameter value to.
+    * @param length the number of characters in the parameter data.
+    * @throws SQLException if a database access error occurs, this method is called on
+    * a closed <code>PreparedStatement</code>, if parameterIndex does not correspond to a parameter
+    * marker in the SQL statement, or if the length specified is less than zero.
+    *
+    * @throws SQLFeatureNotSupportedException  if the JDBC driver does not support this method
+    * @since 1.6
+    */
    public void setClob(int parameterIndex, Reader reader, long length)
      throws SQLException{
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
-/**
+  /**
    * Sets the designated parameter to a <code>Reader</code> object.
    * This method differs from the <code>setCharacterStream (int, Reader)</code> method
    * because it informs the driver that the parameter value should be sent to
@@ -3979,35 +3942,34 @@
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
- /**
-    * Sets the designated parameter to a <code>Reader</code> object.  The <code>reader</code> must contain  the number
-               * of characters specified by length otherwise a <code>SQLException</code> will be
-               * generated when the <code>CallableStatement</code> is executed.
-              * This method differs from the <code>setCharacterStream (int, Reader, int)</code> method
-              * because it informs the driver that the parameter value should be sent to
-              * the server as a <code>CLOB</code>.  When the <code>setCharacterStream</code> method is used, the
-              * driver may have to do extra work to determine whether the parameter
-              * data should be send to the server as a <code>LONGVARCHAR</code> or a <code>CLOB</code>
-              * @param parameterName the name of the parameter to be set
-              * @param reader An object that contains the data to set the parameter value to.
-              * @param length the number of characters in the parameter data.
-              * @throws SQLException if parameterIndex does not correspond to a parameter
-              * marker in the SQL statement; if the length specified is less than zero;
-              * a database access error occurs or
-              * this method is called on a closed <code>CallableStatement</code>
-              * @exception SQLFeatureNotSupportedException if the JDBC driver does not support
-              * this method
-              *
-              * @since 1.6
-              */
-              public void setClob(String parameterName, Reader reader, long length)
-      throws SQLException{
-        throw new SQLFeatureNotSupportedException("Feature not supported");
+   /**
+    * Sets the designated parameter to a <code>Reader</code> object.
+    * The <code>reader</code> must contain  the number
+    * of characters specified by length otherwise a <code>SQLException</code> will be
+    * generated when the <code>CallableStatement</code> is executed.
+    * This method differs from the <code>setCharacterStream (int, Reader, int)</code> method
+    * because it informs the driver that the parameter value should be sent to
+    * the server as a <code>CLOB</code>.  When the <code>setCharacterStream</code> method is used, the
+    * driver may have to do extra work to determine whether the parameter
+    * data should be send to the server as a <code>LONGVARCHAR</code> or a <code>CLOB</code>
+    * @param parameterName the name of the parameter to be set
+    * @param reader An object that contains the data to set the parameter value to.
+    * @param length the number of characters in the parameter data.
+    * @throws SQLException if parameterIndex does not correspond to a parameter
+    * marker in the SQL statement; if the length specified is less than zero;
+    * a database access error occurs or
+    * this method is called on a closed <code>CallableStatement</code>
+    * @exception SQLFeatureNotSupportedException if the JDBC driver does not support
+    * this method
+    *
+    * @since 1.6
+    */
+   public void setClob(String parameterName, Reader reader, long length)
+      throws SQLException {
+       throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
-  /**
+   /**
     * Sets the designated parameter to the given <code>java.sql.Clob</code> object.
     * The driver converts this to an SQL <code>CLOB</code> value when it
     * sends it to the database.
@@ -4020,12 +3982,11 @@
     * this method
     * @since 1.6
     */
-   public void setClob (String parameterName, Clob x) throws SQLException{
-        throw new SQLFeatureNotSupportedException("Feature not supported");
+   public void setClob (String parameterName, Clob x) throws SQLException {
+       throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
- /**
+   /**
     * Sets the designated parameter to a <code>Reader</code> object.
     * This method differs from the <code>setCharacterStream (int, Reader)</code> method
     * because it informs the driver that the parameter value should be sent to
@@ -4045,13 +4006,11 @@
     * @throws SQLFeatureNotSupportedException  if the JDBC driver does not support this method
     * @since 1.6
     */
-    public void setClob(String parameterName, Reader reader)
-      throws SQLException{
+    public void setClob(String parameterName, Reader reader) throws SQLException {
         throw new SQLFeatureNotSupportedException("Feature not supported");
-   }
+    }
 
-
- /**
+   /**
     * Sets the designated parameter to the given <code>java.sql.Date</code> value
     * using the default time zone of the virtual machine that is running
     * the application.
@@ -4068,12 +4027,11 @@
     * @since 1.4
     */
    public void setDate(String parameterName, java.sql.Date x)
-       throws SQLException{
-        throw new SQLFeatureNotSupportedException("Feature not supported");
+           throws SQLException {
+       throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
- /**
+   /**
     * Sets the designated parameter to the given <code>java.sql.Date</code> value,
     * using the given <code>Calendar</code> object.  The driver uses
     * the <code>Calendar</code> object to construct an SQL <code>DATE</code> value,
@@ -4095,12 +4053,11 @@
     * @since 1.4
     */
    public void setDate(String parameterName, java.sql.Date x, Calendar cal)
-       throws SQLException{
+           throws SQLException {
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
- /**
+   /**
     * Sets the designated parameter to the given <code>java.sql.Time</code> value.
     * The driver converts this
     * to an SQL <code>TIME</code> value when it sends it to the database.
@@ -4115,12 +4072,11 @@
     * @since 1.4
     */
    public void setTime(String parameterName, java.sql.Time x)
-       throws SQLException{
+           throws SQLException {
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
- /**
+   /**
     * Sets the designated parameter to the given <code>java.sql.Time</code> value,
     * using the given <code>Calendar</code> object.  The driver uses
     * the <code>Calendar</code> object to construct an SQL <code>TIME</code> value,
@@ -4142,12 +4098,11 @@
     * @since 1.4
     */
    public void setTime(String parameterName, java.sql.Time x, Calendar cal)
-       throws SQLException{
+           throws SQLException {
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
- /**
+   /**
     * Sets the designated parameter to the given <code>java.sql.Timestamp</code> value,
     * using the given <code>Calendar</code> object.  The driver uses
     * the <code>Calendar</code> object to construct an SQL <code>TIMESTAMP</code> value,
@@ -4169,366 +4124,347 @@
     * @since 1.4
     */
    public void setTimestamp(String parameterName, java.sql.Timestamp x, Calendar cal)
-       throws SQLException{
+           throws SQLException {
         throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
-
- /**
-  * Sets the designated parameter to the given <code>java.sql.SQLXML</code> object. The driver converts this to an
-  * SQL <code>XML</code> value when it sends it to the database.
-  * @param parameterIndex index of the first parameter is 1, the second is 2, ...
-  * @param xmlObject a <code>SQLXML</code> object that maps an SQL <code>XML</code> value
-  * @throws SQLException if a database access error occurs, this method
-  *  is called on a closed result set,
-  * the <code>java.xml.transform.Result</code>,
-  *  <code>Writer</code> or <code>OutputStream</code> has not been closed
-  * for the <code>SQLXML</code> object  or
-  *  if there is an error processing the XML value.  The <code>getCause</code> method
-  *  of the exception may provide a more detailed exception, for example, if the
-  *  stream does not contain valid XML.
-  * @throws SQLFeatureNotSupportedException if the JDBC driver does not
-  * support this method
-  * @since 1.6
-  */
- public void setSQLXML(int parameterIndex, SQLXML xmlObject) throws SQLException{
-     throw new SQLFeatureNotSupportedException("Feature not supported");
- }
-
-
- /**
-  * Sets the designated parameter to the given <code>java.sql.SQLXML</code> object. The driver converts this to an
-  * <code>SQL XML</code> value when it sends it to the database.
-  * @param parameterName the name of the parameter
-  * @param xmlObject a <code>SQLXML</code> object that maps an <code>SQL XML</code> value
-  * @throws SQLException if a database access error occurs, this method
-  *  is called on a closed result set,
-  * the <code>java.xml.transform.Result</code>,
-  *  <code>Writer</code> or <code>OutputStream</code> has not been closed
-  * for the <code>SQLXML</code> object  or
-  *  if there is an error processing the XML value.  The <code>getCause</code> method
-  *  of the exception may provide a more detailed exception, for example, if the
-  *  stream does not contain valid XML.
-  * @throws SQLFeatureNotSupportedException if the JDBC driver does not
-  * support this method
-  * @since 1.6
-  */
- public void setSQLXML(String parameterName, SQLXML xmlObject) throws SQLException{
-     throw new SQLFeatureNotSupportedException("Feature not supported");
- }
-
-
- /**
-  * Sets the designated parameter to the given <code>java.sql.RowId</code> object. The
-  * driver converts this to a SQL <code>ROWID</code> value when it sends it
-  * to the database
-  *
-  * @param parameterIndex the first parameter is 1, the second is 2, ...
-  * @param x the parameter value
-  * @throws SQLException if a database access error occurs
-  * @throws SQLFeatureNotSupportedException if the JDBC driver does not
-  * support this method
-  *
-  * @since 1.6
-  */
- public void setRowId(int parameterIndex, RowId x) throws SQLException{
-     throw new SQLFeatureNotSupportedException("Feature not supported");
- }
-
-
- /**
-  * Sets the designated parameter to the given <code>java.sql.RowId</code> object. The
-  * driver converts this to a SQL <code>ROWID</code> when it sends it to the
-  * database.
-  *
-  * @param parameterName the name of the parameter
-  * @param x the parameter value
-  * @throws SQLException if a database access error occurs
-  * @throws SQLFeatureNotSupportedException if the JDBC driver does not
-  * support this method
-  * @since 1.6
-  */
- public void setRowId(String parameterName, RowId x) throws SQLException{
-     throw new SQLFeatureNotSupportedException("Feature not supported");
- }
-
- /**
-  * Sets the designated parameter to the given <code>String</code> object.
-  * The driver converts this to a SQL <code>NCHAR</code> or
-  * <code>NVARCHAR</code> or <code>LONGNVARCHAR</code> value
-  * (depending on the argument's
-  * size relative to the driver's limits on <code>NVARCHAR</code> values)
-  * when it sends it to the database.
-  *
-  * @param parameterIndex of the first parameter is 1, the second is 2, ...
-  * @param value the parameter value
-  * @throws SQLException if the driver does not support national
-  *         character sets;  if the driver can detect that a data conversion
-  *  error could occur ; or if a database access error occurs
-  * @throws SQLFeatureNotSupportedException if the JDBC driver does not
-  * support this method
-  * @since 1.6
-  */
- public void setNString(int parameterIndex, String value) throws SQLException{
-     throw new SQLFeatureNotSupportedException("Feature not supported");
- }
-
-
- /**
-  * Sets the designated parameter to the given <code>String</code> object.
-  * The driver converts this to a SQL <code>NCHAR</code> or
-  * <code>NVARCHAR</code> or <code>LONGNVARCHAR</code>
-  * @param parameterName the name of the column to be set
-  * @param value the parameter value
-  * @throws SQLException if the driver does not support national
-  *         character sets;  if the driver can detect that a data conversion
-  *  error could occur; or if a database access error occurs
-  * @throws SQLFeatureNotSupportedException if the JDBC driver does not
-  * support this method
-  * @since 1.6
-  */
- public void setNString(String parameterName, String value)
-         throws SQLException{
-     throw new SQLFeatureNotSupportedException("Feature not supported");
- }
-
-
- /**
-  * Sets the designated parameter to a <code>Reader</code> object. The
-  * <code>Reader</code> reads the data till end-of-file is reached. The
-  * driver does the necessary conversion from Java character format to
-  * the national character set in the database.
-  * @param parameterIndex of the first parameter is 1, the second is 2, ...
-  * @param value the parameter value
-  * @param length the number of characters in the parameter data.
-  * @throws SQLException if the driver does not support national
-  *         character sets;  if the driver can detect that a data conversion
-  *  error could occur ; or if a database access error occurs
-  * @throws SQLFeatureNotSupportedException if the JDBC driver does not
-  * support this method
-  * @since 1.6
-  */
- public void setNCharacterStream(int parameterIndex, Reader value, long length) throws SQLException{
-     throw new SQLFeatureNotSupportedException("Feature not supported");
- }
-
-
- /**
-  * Sets the designated parameter to a <code>Reader</code> object. The
-  * <code>Reader</code> reads the data till end-of-file is reached. The
-  * driver does the necessary conversion from Java character format to
-  * the national character set in the database.
-  * @param parameterName the name of the column to be set
-  * @param value the parameter value
-  * @param length the number of characters in the parameter data.
-  * @throws SQLException if the driver does not support national
-  *         character sets;  if the driver can detect that a data conversion
-  *  error could occur; or if a database access error occurs
-  * @throws SQLFeatureNotSupportedException  if the JDBC driver does not
-  * support this method
-  * @since 1.6
-  */
- public void setNCharacterStream(String parameterName, Reader value, long length)
-         throws SQLException{
-     throw new SQLFeatureNotSupportedException("Feature not supported");
- }
-
-
- /**
-  * Sets the designated parameter to a <code>Reader</code> object. The
-  * <code>Reader</code> reads the data till end-of-file is reached. The
-  * driver does the necessary conversion from Java character format to
-  * the national character set in the database.
-
-  * <P><B>Note:</B> This stream object can either be a standard
-  * Java stream object or your own subclass that implements the
-  * standard interface.
-  * <P><B>Note:</B> Consult your JDBC driver documentation to determine if
-  * it might be more efficient to use a version of
-  * <code>setNCharacterStream</code> which takes a length parameter.
-  *
-  * @param parameterName the name of the parameter
-  * @param value the parameter value
-  * @throws SQLException if the driver does not support national
-  *         character sets;  if the driver can detect that a data conversion
-  *  error could occur ; if a database access error occurs; or
-  * this method is called on a closed <code>CallableStatement</code>
-  * @throws SQLFeatureNotSupportedException  if the JDBC driver does not support this method
-  * @since 1.6
-  */
-  public void setNCharacterStream(String parameterName, Reader value) throws SQLException{
-        throw new SQLFeatureNotSupportedException("Feature not supported");
+   /**
+    * Sets the designated parameter to the given <code>java.sql.SQLXML</code> object. The driver converts this to an
+    * SQL <code>XML</code> value when it sends it to the database.
+    * @param parameterIndex index of the first parameter is 1, the second is 2, ...
+    * @param xmlObject a <code>SQLXML</code> object that maps an SQL <code>XML</code> value
+    * @throws SQLException if a database access error occurs, this method
+    *  is called on a closed result set,
+    * the <code>java.xml.transform.Result</code>,
+    *  <code>Writer</code> or <code>OutputStream</code> has not been closed
+    * for the <code>SQLXML</code> object  or
+    *  if there is an error processing the XML value.  The <code>getCause</code> method
+    *  of the exception may provide a more detailed exception, for example, if the
+    *  stream does not contain valid XML.
+    * @throws SQLFeatureNotSupportedException if the JDBC driver does not
+    * support this method
+    * @since 1.6
+    */
+   public void setSQLXML(int parameterIndex, SQLXML xmlObject) throws SQLException {
+       throw new SQLFeatureNotSupportedException("Feature not supported");
    }
 
+   /**
+    * Sets the designated parameter to the given <code>java.sql.SQLXML</code> object. The driver converts this to an
+    * <code>SQL XML</code> value when it sends it to the database.
+    * @param parameterName the name of the parameter
+    * @param xmlObject a <code>SQLXML</code> object that maps an <code>SQL XML</code> value
+    * @throws SQLException if a database access error occurs, this method
+    *  is called on a closed result set,
+    * the <code>java.xml.transform.Result</code>,
+    *  <code>Writer</code> or <code>OutputStream</code> has not been closed
+    * for the <code>SQLXML</code> object  or
+    *  if there is an error processing the XML value.  The <code>getCause</code> method
+    *  of the exception may provide a more detailed exception, for example, if the
+    *  stream does not contain valid XML.
+    * @throws SQLFeatureNotSupportedException if the JDBC driver does not
+    * support this method
+    * @since 1.6
+    */
+   public void setSQLXML(String parameterName, SQLXML xmlObject) throws SQLException {
+       throw new SQLFeatureNotSupportedException("Feature not supported");
+   }
+
+   /**
+   * Sets the designated parameter to the given <code>java.sql.RowId</code> object. The
+   * driver converts this to a SQL <code>ROWID</code> value when it sends it
+   * to the database
+   *
+   * @param parameterIndex the first parameter is 1, the second is 2, ...
+   * @param x the parameter value
+   * @throws SQLException if a database access error occurs
+   * @throws SQLFeatureNotSupportedException if the JDBC driver does not
+   * support this method
+   *
+   * @since 1.6
+   */
+  public void setRowId(int parameterIndex, RowId x) throws SQLException {
+      throw new SQLFeatureNotSupportedException("Feature not supported");
+  }
 
   /**
-   * Sets the designated parameter to a <code>java.sql.NClob</code> object. The object
-   * implements the <code>java.sql.NClob</code> interface. This <code>NClob</code>
-   * object maps to a SQL <code>NCLOB</code>.
+   * Sets the designated parameter to the given <code>java.sql.RowId</code> object. The
+   * driver converts this to a SQL <code>ROWID</code> when it sends it to the
+   * database.
+   *
+   * @param parameterName the name of the parameter
+   * @param x the parameter value
+   * @throws SQLException if a database access error occurs
+   * @throws SQLFeatureNotSupportedException if the JDBC driver does not
+   * support this method
+   * @since 1.6
+   */
+  public void setRowId(String parameterName, RowId x) throws SQLException {
+      throw new SQLFeatureNotSupportedException("Feature not supported");
+  }
+
+  /**
+   * Sets the designated parameter to the given <code>String</code> object.
+   * The driver converts this to a SQL <code>NCHAR</code> or
+   * <code>NVARCHAR</code> or <code>LONGNVARCHAR</code> value
+   * (depending on the argument's
+   * size relative to the driver's limits on <code>NVARCHAR</code> values)
+   * when it sends it to the database.
+   *
+   * @param parameterIndex of the first parameter is 1, the second is 2, ...
+   * @param value the parameter value
+   * @throws SQLException if the driver does not support national
+   * character sets;  if the driver can detect that a data conversion
+   * error could occur ; or if a database access error occurs
+   * @throws SQLFeatureNotSupportedException if the JDBC driver does not
+   * support this method
+   * @since 1.6
+   */
+  public void setNString(int parameterIndex, String value) throws SQLException {
+      throw new SQLFeatureNotSupportedException("Feature not supported");
+  }
+
+  /**
+   * Sets the designated parameter to the given <code>String</code> object.
+   * The driver converts this to a SQL <code>NCHAR</code> or
+   * <code>NVARCHAR</code> or <code>LONGNVARCHAR</code>
    * @param parameterName the name of the column to be set
    * @param value the parameter value
    * @throws SQLException if the driver does not support national
+   * character sets;  if the driver can detect that a data conversion
+   * error could occur; or if a database access error occurs
+   * @throws SQLFeatureNotSupportedException if the JDBC driver does not
+   * support this method
+   * @since 1.6
+   */
+  public void setNString(String parameterName, String value) throws SQLException {
+     throw new SQLFeatureNotSupportedException("Feature not supported");
+  }
+
+  /**
+   * Sets the designated parameter to a <code>Reader</code> object. The
+   * <code>Reader</code> reads the data till end-of-file is reached. The
+   * driver does the necessary conversion from Java character format to
+   * the national character set in the database.
+   * @param parameterIndex of the first parameter is 1, the second is 2, ...
+   * @param value the parameter value
+   * @param length the number of characters in the parameter data.
+   * @throws SQLException if the driver does not support national
+   *         character sets;  if the driver can detect that a data conversion
+   *  error could occur ; or if a database access error occurs
+   * @throws SQLFeatureNotSupportedException if the JDBC driver does not
+   * support this method
+   * @since 1.6
+   */
+  public void setNCharacterStream(int parameterIndex, Reader value, long length)
+          throws SQLException {
+      throw new SQLFeatureNotSupportedException("Feature not supported");
+  }
+
+  /**
+   * Sets the designated parameter to a <code>Reader</code> object. The
+   * <code>Reader</code> reads the data till end-of-file is reached. The
+   * driver does the necessary conversion from Java character format to
+   * the national character set in the database.
+   * @param parameterName the name of the column to be set
+   * @param value the parameter value
+   * @param length the number of characters in the parameter data.
+   * @throws SQLException if the driver does not support national
    *         character sets;  if the driver can detect that a data conversion
    *  error could occur; or if a database access error occurs
    * @throws SQLFeatureNotSupportedException  if the JDBC driver does not
    * support this method
    * @since 1.6
    */
-  public void setNClob(String parameterName, NClob value) throws SQLException{
-        throw new SQLFeatureNotSupportedException("Feature not supported");
+  public void setNCharacterStream(String parameterName, Reader value, long length)
+          throws SQLException {
+      throw new SQLFeatureNotSupportedException("Feature not supported");
   }
 
-
   /**
-   * Sets the designated parameter to a <code>Reader</code> object.  The <code>reader</code> must contain
-   * the number
-   * of characters specified by length otherwise a <code>SQLException</code> will be
-   * generated when the <code>CallableStatement</code> is executed.
-   * This method differs from the <code>setCharacterStream (int, Reader, int)</code> method
-   * because it informs the driver that the parameter value should be sent to
-   * the server as a <code>NCLOB</code>.  When the <code>setCharacterStream</code> method is used, the
-   * driver may have to do extra work to determine whether the parameter
-   * data should be send to the server as a <code>LONGNVARCHAR</code> or a <code>NCLOB</code>
-   *
-   * @param parameterName the name of the parameter to be set
-   * @param reader An object that contains the data to set the parameter value to.
-   * @param length the number of characters in the parameter data.
-   * @throws SQLException if parameterIndex does not correspond to a parameter
-   * marker in the SQL statement; if the length specified is less than zero;
-   * if the driver does not support national
-   *         character sets;  if the driver can detect that a data conversion
-   *  error could occur; if a database access error occurs or
-   * this method is called on a closed <code>CallableStatement</code>
-   * @exception SQLFeatureNotSupportedException if the JDBC driver does not support
-   * this method
-   * @since 1.6
-   */
-  public void setNClob(String parameterName, Reader reader, long length)
-           throws SQLException{
-       throw new SQLFeatureNotSupportedException("Feature not supported");
-  }
-
-
-  /**
-   * Sets the designated parameter to a <code>Reader</code> object.
-   * This method differs from the <code>setCharacterStream (int, Reader)</code> method
-   * because it informs the driver that the parameter value should be sent to
-   * the server as a <code>NCLOB</code>.  When the <code>setCharacterStream</code> method is used, the
-   * driver may have to do extra work to determine whether the parameter
-   * data should be send to the server as a <code>LONGNVARCHAR</code> or a <code>NCLOB</code>
+   * Sets the designated parameter to a <code>Reader</code> object. The
+   * <code>Reader</code> reads the data till end-of-file is reached. The
+   * driver does the necessary conversion from Java character format to
+   * the national character set in the database.
+   * <P><B>Note:</B> This stream object can either be a standard
+   * Java stream object or your own subclass that implements the
+   * standard interface.
    * <P><B>Note:</B> Consult your JDBC driver documentation to determine if
    * it might be more efficient to use a version of
-   * <code>setNClob</code> which takes a length parameter.
+   * <code>setNCharacterStream</code> which takes a length parameter.
    *
    * @param parameterName the name of the parameter
-   * @param reader An object that contains the data to set the parameter value to.
-   * @throws SQLException if the driver does not support national character sets;
-   * if the driver can detect that a data conversion
-   *  error could occur;  if a database access error occurs or
-   * this method is called on a closed <code>CallableStatement</code>
-   * @throws SQLFeatureNotSupportedException  if the JDBC driver does not support this method
-   *
-   * @since 1.6
-   */
-  public void setNClob(String parameterName, Reader reader)
-    throws SQLException{
-        throw new SQLFeatureNotSupportedException("Feature not supported");
-  }
-
-
-  /**
-   * Sets the designated parameter to a <code>Reader</code> object.  The reader must contain  the number
-   * of characters specified by length otherwise a <code>SQLException</code> will be
-   * generated when the <code>PreparedStatement</code> is executed.
-   * This method differs from the <code>setCharacterStream (int, Reader, int)</code> method
-   * because it informs the driver that the parameter value should be sent to
-   * the server as a <code>NCLOB</code>.  When the <code>setCharacterStream</code> method is used, the
-   * driver may have to do extra work to determine whether the parameter
-   * data should be sent to the server as a <code>LONGNVARCHAR</code> or a <code>NCLOB</code>
-   * @param parameterIndex index of the first parameter is 1, the second is 2, ...
-   * @param reader An object that contains the data to set the parameter value to.
-   * @param length the number of characters in the parameter data.
-   * @throws SQLException if parameterIndex does not correspond to a parameter
-   * marker in the SQL statement; if the length specified is less than zero;
-   * if the driver does not support national character sets;
-   * if the driver can detect that a data conversion
-   *  error could occur;  if a database access error occurs or
-   * this method is called on a closed <code>PreparedStatement</code>
-   * @throws SQLFeatureNotSupportedException  if the JDBC driver does not
-   * support this method
-   *
-   * @since 1.6
-   */
-  public void setNClob(int parameterIndex, Reader reader, long length)
-       throws SQLException{
-        throw new SQLFeatureNotSupportedException("Feature not supported");
-  }
-
-
-  /**
-   * Sets the designated parameter to a <code>java.sql.NClob</code> object. The driver converts this oa
-   * SQL <code>NCLOB</code> value when it sends it to the database.
-   * @param parameterIndex of the first parameter is 1, the second is 2, ...
    * @param value the parameter value
    * @throws SQLException if the driver does not support national
    *         character sets;  if the driver can detect that a data conversion
-   *  error could occur ; or if a database access error occurs
-   * @throws SQLFeatureNotSupportedException  if the JDBC driver does not
-   * support this method
+   *  error could occur ; if a database access error occurs; or
+   * this method is called on a closed <code>CallableStatement</code>
+   * @throws SQLFeatureNotSupportedException  if the JDBC driver does not support this method
    * @since 1.6
    */
- public void setNClob(int parameterIndex, NClob value) throws SQLException{
+  public void setNCharacterStream(String parameterName, Reader value)
+          throws SQLException {
+      throw new SQLFeatureNotSupportedException("Feature not supported");
+   }
+
+   /**
+    * Sets the designated parameter to a <code>java.sql.NClob</code> object. The object
+    * implements the <code>java.sql.NClob</code> interface. This <code>NClob</code>
+    * object maps to a SQL <code>NCLOB</code>.
+    * @param parameterName the name of the column to be set
+    * @param value the parameter value
+    * @throws SQLException if the driver does not support national
+    *         character sets;  if the driver can detect that a data conversion
+    *  error could occur; or if a database access error occurs
+    * @throws SQLFeatureNotSupportedException  if the JDBC driver does not
+    * support this method
+    * @since 1.6
+    */
+   public void setNClob(String parameterName, NClob value) throws SQLException {
+       throw new SQLFeatureNotSupportedException("Feature not supported");
+   }
+
+   /**
+    * Sets the designated parameter to a <code>Reader</code> object.  The <code>reader</code> must contain
+    * the number
+    * of characters specified by length otherwise a <code>SQLException</code> will be
+    * generated when the <code>CallableStatement</code> is executed.
+    * This method differs from the <code>setCharacterStream (int, Reader, int)</code> method
+    * because it informs the driver that the parameter value should be sent to
+    * the server as a <code>NCLOB</code>.  When the <code>setCharacterStream</code> method is used, the
+    * driver may have to do extra work to determine whether the parameter
+    * data should be send to the server as a <code>LONGNVARCHAR</code> or a <code>NCLOB</code>
+    *
+    * @param parameterName the name of the parameter to be set
+    * @param reader An object that contains the data to set the parameter value to.
+    * @param length the number of characters in the parameter data.
+    * @throws SQLException if parameterIndex does not correspond to a parameter
+    * marker in the SQL statement; if the length specified is less than zero;
+    * if the driver does not support national
+    *         character sets;  if the driver can detect that a data conversion
+    *  error could occur; if a database access error occurs or
+    * this method is called on a closed <code>CallableStatement</code>
+    * @exception SQLFeatureNotSupportedException if the JDBC driver does not support
+    * this method
+    * @since 1.6
+    */
+   public void setNClob(String parameterName, Reader reader, long length)
+           throws SQLException {
+       throw new SQLFeatureNotSupportedException("Feature not supported");
+   }
+
+   /**
+    * Sets the designated parameter to a <code>Reader</code> object.
+    * This method differs from the <code>setCharacterStream (int, Reader)</code> method
+    * because it informs the driver that the parameter value should be sent to
+    * the server as a <code>NCLOB</code>.  When the <code>setCharacterStream</code> method is used, the
+    * driver may have to do extra work to determine whether the parameter
+    * data should be send to the server as a <code>LONGNVARCHAR</code> or a <code>NCLOB</code>
+    * <P><B>Note:</B> Consult your JDBC driver documentation to determine if
+    * it might be more efficient to use a version of
+    * <code>setNClob</code> which takes a length parameter.
+    *
+    * @param parameterName the name of the parameter
+    * @param reader An object that contains the data to set the parameter value to.
+    * @throws SQLException if the driver does not support national character sets;
+    * if the driver can detect that a data conversion
+    *  error could occur;  if a database access error occurs or
+    * this method is called on a closed <code>CallableStatement</code>
+    * @throws SQLFeatureNotSupportedException  if the JDBC driver does not support this method
+    *
+    * @since 1.6
+    */
+   public void setNClob(String parameterName, Reader reader) throws SQLException {
+       throw new SQLFeatureNotSupportedException("Feature not supported");
+   }
+
+   /**
+    * Sets the designated parameter to a <code>Reader</code> object.  The reader must contain  the number
+    * of characters specified by length otherwise a <code>SQLException</code> will be
+    * generated when the <code>PreparedStatement</code> is executed.
+    * This method differs from the <code>setCharacterStream (int, Reader, int)</code> method
+    * because it informs the driver that the parameter value should be sent to
+    * the server as a <code>NCLOB</code>.  When the <code>setCharacterStream</code> method is used, the
+    * driver may have to do extra work to determine whether the parameter
+    * data should be sent to the server as a <code>LONGNVARCHAR</code> or a <code>NCLOB</code>
+    * @param parameterIndex index of the first parameter is 1, the second is 2, ...
+    * @param reader An object that contains the data to set the parameter value to.
+    * @param length the number of characters in the parameter data.
+    * @throws SQLException if parameterIndex does not correspond to a parameter
+    * marker in the SQL statement; if the length specified is less than zero;
+    * if the driver does not support national character sets;
+    * if the driver can detect that a data conversion
+    *  error could occur;  if a database access error occurs or
+    * this method is called on a closed <code>PreparedStatement</code>
+    * @throws SQLFeatureNotSupportedException  if the JDBC driver does not
+    * support this method
+    *
+    * @since 1.6
+    */
+   public void setNClob(int parameterIndex, Reader reader, long length)
+           throws SQLException {
+       throw new SQLFeatureNotSupportedException("Feature not supported");
+   }
+
+   /**
+    * Sets the designated parameter to a <code>java.sql.NClob</code> object. The driver converts this oa
+    * SQL <code>NCLOB</code> value when it sends it to the database.
+    * @param parameterIndex of the first parameter is 1, the second is 2, ...
+    * @param value the parameter value
+    * @throws SQLException if the driver does not support national
+    *         character sets;  if the driver can detect that a data conversion
+    *  error could occur ; or if a database access error occurs
+    * @throws SQLFeatureNotSupportedException  if the JDBC driver does not
+    * support this method
+    * @since 1.6
+    */
+   public void setNClob(int parameterIndex, NClob value) throws SQLException {
         throw new SQLFeatureNotSupportedException("Feature not supported");
- }
+   }
 
+   /**
+    * Sets the designated parameter to a <code>Reader</code> object.
+    * This method differs from the <code>setCharacterStream (int, Reader)</code> method
+    * because it informs the driver that the parameter value should be sent to
+    * the server as a <code>NCLOB</code>.  When the <code>setCharacterStream</code> method is used, the
+    * driver may have to do extra work to determine whether the parameter
+    * data should be sent to the server as a <code>LONGNVARCHAR</code> or a <code>NCLOB</code>
+    * <P><B>Note:</B> Consult your JDBC driver documentation to determine if
+    * it might be more efficient to use a version of
+    * <code>setNClob</code> which takes a length parameter.
+    *
+    * @param parameterIndex index of the first parameter is 1, the second is 2, ...
+    * @param reader An object that contains the data to set the parameter value to.
+    * @throws SQLException if parameterIndex does not correspond to a parameter
+    * marker in the SQL statement;
+    * if the driver does not support national character sets;
+    * if the driver can detect that a data conversion
+    *  error could occur;  if a database access error occurs or
+    * this method is called on a closed <code>PreparedStatement</code>
+    * @throws SQLFeatureNotSupportedException  if the JDBC driver does not support this method
+    *
+    * @since 1.6
+    */
+   public void setNClob(int parameterIndex, Reader reader)throws SQLException {
+       throw new SQLFeatureNotSupportedException("Feature not supported");
+   }
 
- /**
-  * Sets the designated parameter to a <code>Reader</code> object.
-  * This method differs from the <code>setCharacterStream (int, Reader)</code> method
-  * because it informs the driver that the parameter value should be sent to
-  * the server as a <code>NCLOB</code>.  When the <code>setCharacterStream</code> method is used, the
-  * driver may have to do extra work to determine whether the parameter
-  * data should be sent to the server as a <code>LONGNVARCHAR</code> or a <code>NCLOB</code>
-  * <P><B>Note:</B> Consult your JDBC driver documentation to determine if
-  * it might be more efficient to use a version of
-  * <code>setNClob</code> which takes a length parameter.
-  *
-  * @param parameterIndex index of the first parameter is 1, the second is 2, ...
-  * @param reader An object that contains the data to set the parameter value to.
-  * @throws SQLException if parameterIndex does not correspond to a parameter
-  * marker in the SQL statement;
-  * if the driver does not support national character sets;
-  * if the driver can detect that a data conversion
-  *  error could occur;  if a database access error occurs or
-  * this method is called on a closed <code>PreparedStatement</code>
-  * @throws SQLFeatureNotSupportedException  if the JDBC driver does not support this method
-  *
-  * @since 1.6
-  */
-  public void setNClob(int parameterIndex, Reader reader)
-    throws SQLException{
-        throw new SQLFeatureNotSupportedException("Feature not supported");
-  }
+   /**
+    * Sets the designated parameter to the given <code>java.net.URL</code> value.
+    * The driver converts this to an SQL <code>DATALINK</code> value
+    * when it sends it to the database.
+    *
+    * @param parameterIndex the first parameter is 1, the second is 2, ...
+    * @param x the <code>java.net.URL</code> object to be set
+    * @exception SQLException if a database access error occurs or
+    * this method is called on a closed <code>PreparedStatement</code>
+    * @throws SQLFeatureNotSupportedException  if the JDBC driver does not support this method
+    * @since 1.4
+    */
+   public void setURL(int parameterIndex, java.net.URL x) throws SQLException {
+       throw new SQLFeatureNotSupportedException("Feature not supported");
+   }
 
+   static final long serialVersionUID = 4886719666485113312L;
 
-  /**
-   * Sets the designated parameter to the given <code>java.net.URL</code> value.
-   * The driver converts this to an SQL <code>DATALINK</code> value
-   * when it sends it to the database.
-   *
-   * @param parameterIndex the first parameter is 1, the second is 2, ...
-   * @param x the <code>java.net.URL</code> object to be set
-   * @exception SQLException if a database access error occurs or
-   * this method is called on a closed <code>PreparedStatement</code>
-   * @throws SQLFeatureNotSupportedException  if the JDBC driver does not support this method
-   * @since 1.4
-   */
-  public void setURL(int parameterIndex, java.net.URL x) throws SQLException{
-        throw new SQLFeatureNotSupportedException("Feature not supported");
-  }
-
-
-
-  static final long serialVersionUID = 4886719666485113312L;
-
-} //end class
+} //end class
\ No newline at end of file
--- a/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/CachedRowSet.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/CachedRowSet.java	Mon Aug 18 10:59:36 2014 +0100
@@ -286,7 +286,7 @@
  * <code>setSyncProvider</code>.
  * <P>
  * In order to use the optimistic concurrency control routine, the
- * <code>RIOptismisticProvider</code> maintains both its current
+ * <code>RIOptimisticProvider</code> maintains both its current
  * value and its original value (the value it had immediately preceding the
  * current value). Note that if no changes have been made to the data in a
  * <code>RowSet</code> object, its current values and its original values are the same,
@@ -351,7 +351,7 @@
  * <code>CachedRowSet</code> object can be used to augment the
  * capabilities of a JDBC technology-enabled driver (hereafter called a
  * "JDBC driver") when the DBMS does not provide full support for scrolling and
- * updating. To achieve the effect of making a non-scrollble and read-only
+ * updating. To achieve the effect of making a non-scrollable and read-only
  * <code>ResultSet</code> object scrollable and updatable, a programmer
  * simply needs to create a <code>CachedRowSet</code> object populated
  * with that <code>ResultSet</code> object's data.  This is demonstrated
@@ -732,7 +732,7 @@
     * Note: The <code>acceptChanges()</code> method will determine if the
     * <code>COMMIT_ON_ACCEPT_CHANGES</code> is set to true or not. If it is set
     * to true, all updates in the synchronization are committed to the data
-    * source. Otherwise, the application <b>must</b> explicity call the
+    * source. Otherwise, the application <b>must</b> explicitly call the
     * <code>commit()</code> or <code>rollback()</code> methods as appropriate.
     *
     * @throws SyncProviderException if the underlying
@@ -801,7 +801,7 @@
     * Note: The <code>acceptChanges()</code> method will determine if the
     * <code>COMMIT_ON_ACCEPT_CHANGES</code> is set to true or not. If it is set
     * to true, all updates in the synchronization are committed to the data
-    * source. Otherwise, the application <b>must</b> explicity call the
+    * source. Otherwise, the application <b>must</b> explicitly call the
     * <code>commit</code> or <code>rollback</code> methods as appropriate.
     *
     * @param con a standard JDBC <code>Connection</code> object
@@ -850,7 +850,7 @@
     * associated updates are fully cleared, thus preventing 'dirty' reads by
     * other components that hold a reference to this <code>RowSet</code> object.
     * In addition, the contents cannot be released
-    * until all all components reading this <code>CachedRowSet</code> object
+    * until all components reading this <code>CachedRowSet</code> object
     * have completed their reads. This <code>CachedRowSet</code> object
     * should be returned to normal behavior after firing the
     * <code>rowSetChanged</code> event.
@@ -934,7 +934,7 @@
     * effect until further modification to the rowset data has occurred.
     *
     * @throws SQLException if the cursor is before the first row or after the last
-    *     row in in this <code>CachedRowSet</code> object
+    *     row in this <code>CachedRowSet</code> object
     * @see #undoDelete
     * @see #undoInsert
     * @see java.sql.ResultSet#cancelRowUpdates
@@ -1071,7 +1071,7 @@
     * <code>CachedRowSet</code> object. Internally, this method is used by a rowset
     * to trigger read or write actions between the rowset
     * and the data source. For example, a rowset may need to get a handle
-    * on the the rowset reader (<code>RowSetReader</code> object) from the
+    * on the rowset reader (<code>RowSetReader</code> object) from the
     * <code>SyncProvider</code> to allow the rowset to be populated.
     * <pre>
     *     RowSetReader rowsetReader = null;
@@ -1096,7 +1096,7 @@
     * it currently has set.
     *
     * @return the <code>SyncProvider</code> object that was set when the rowset
-    *      was instantiated, or if none was was set, the default provider
+    *      was instantiated, or if none was set, the default provider
     * @throws SQLException if an error occurs while returning the
     * <code>SyncProvider</code> object
     * @see #setSyncProvider
--- a/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/FilteredRowSet.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/FilteredRowSet.java	Mon Aug 18 10:59:36 2014 +0100
@@ -108,7 +108,7 @@
  * The <code>FilteredRowSet</code> range criterion can be modified by applying
  * a new <code>Predicate</code> object to the <code>FilteredRowSet</code>
  * instance at any time. This is  possible if no additional references to the
- * <code>FilteredRowSet</code> object are detected. A new filter has has an
+ * <code>FilteredRowSet</code> object are detected. A new filter has an
  * immediate effect on criterion enforcement within the
  * <code>FilteredRowSet</code> object, and all subsequent views and updates will be
  * subject to similar enforcement.
--- a/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/JoinRowSet.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/JoinRowSet.java	Mon Aug 18 10:59:36 2014 +0100
@@ -111,7 +111,7 @@
  * and they do not have to store the exact same data type as long as the data types
  * can be compared.
  * <P>
- * A match column can be be set in two ways:
+ * A match column can be set in two ways:
  * <ul>
  *  <li>By calling the <code>Joinable</code> method <code>setMatchColumn</code><br>
  *  This is the only method that can set the match column before a <code>RowSet</code>
@@ -527,7 +527,7 @@
     public static int RIGHT_OUTER_JOIN = 3;
 
     /**
-     * An ANSI-style <code>JOIN</code> providing a a full JOIN. Specifies that all
+     * An ANSI-style <code>JOIN</code> providing a full JOIN. Specifies that all
      * rows from either table be returned regardless of matching
      * records on the other table.
      */
--- a/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/Predicate.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/Predicate.java	Mon Aug 18 10:59:36 2014 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -102,7 +102,7 @@
  */
 
  // <h3>3.0 FilteredRowSet Internals</h3>
- // internalNext, Frist, Last. Discuss guidelines on how to approach this
+ // internalNext, First, Last. Discuss guidelines on how to approach this
  // and cite examples in reference implementations.
 public interface Predicate {
     /**
--- a/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/RowSetMetaDataImpl.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/RowSetMetaDataImpl.java	Mon Aug 18 10:59:36 2014 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -607,7 +607,7 @@
     }
 
     /**
-     * Retrieves the the suggested column title for the designated
+     * Retrieves the suggested column title for the designated
      * column for use in printouts and displays.
      *
      * @param columnIndex the first column is 1, the second is 2, and so on;
@@ -1073,7 +1073,7 @@
         public int colType;
 
         /**
-         * The field that holds the the type name used by this particular data source
+         * The field that holds the type name used by this particular data source
          * for the value stored in this column.
          *
          * @serial
@@ -1081,7 +1081,7 @@
         public String colTypeName;
 
         /**
-         * The field that holds the updatablity boolean per column of a RowSet
+         * The field that holds the updatability boolean per column of a RowSet
          *
          * @serial
          */
--- a/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/RowSetProvider.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/RowSetProvider.java	Mon Aug 18 10:59:36 2014 +0100
@@ -97,7 +97,7 @@
      * The {@link ServiceLoader} API. The {@code ServiceLoader} API will look
      * for a class name in the file
      * {@code META-INF/services/javax.sql.rowset.RowSetFactory}
-     * in jars available to the runtime. For example, to have the the RowSetFactory
+     * in jars available to the runtime. For example, to have the RowSetFactory
      * implementation {@code com.sun.rowset.RowSetFactoryImpl } loaded, the
      * entry in {@code META-INF/services/javax.sql.rowset.RowSetFactory} would be:
      *  <ul>
--- a/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/RowSetWarning.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/RowSetWarning.java	Mon Aug 18 10:59:36 2014 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -111,7 +111,7 @@
      * @param reason a <code>String</code> giving a description of the
      *        warning;
      * @param SQLState an XOPEN code identifying the warning; if a non standard
-     *        XPOEN <i>SQLState</i> is supplied, no exception is thrown.
+     *        XOPEN <i>SQLState</i> is supplied, no exception is thrown.
      * @param vendorCode a database vendor-specific warning code
      */
     public RowSetWarning(java.lang.String reason, java.lang.String SQLState, int vendorCode) {
--- a/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/WebRowSet.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/WebRowSet.java	Mon Aug 18 10:59:36 2014 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -52,7 +52,7 @@
  * of the {@code WebRowSet} interface to ensure interoperability. In addition,
  * the {@code WebRowSet} schema uses specific SQL/XML Schema annotations,
  * thus ensuring greater cross
- * platform inter-operability. This is an effort currently under way at the ISO
+ * platform interoperability. This is an effort currently under way at the ISO
  * organization. The SQL/XML definition is available at the following URI:
  * <ul>
  * <li>
@@ -109,7 +109,7 @@
  *      <max-rows>0</max-rows>
  *      <query-timeout>0</query-timeout>
  *      <read-only>false</read-only>
- *      <rowset-type>TRANSACTION_READ_UNCOMMITED</rowset-type>
+ *      <rowset-type>TRANSACTION_READ_UNCOMMITTED</rowset-type>
  *      <show-deleted>false</show-deleted>
  *      <table-name/>
  *      <url>jdbc:thin:oracle</url>
--- a/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/package.html	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/package.html	Mon Aug 18 10:59:36 2014 +0100
@@ -156,7 +156,7 @@
 <li><b>3.2 Role of the <code>BaseRowSet</code> Class</b>
 <p>
 A compliant JDBC <code>RowSet</code> implementation <b>must</b> implement one or more 
-standard interfaces specified in this package and and <b>may</b> extend the 
+standard interfaces specified in this package and <b>may</b> extend the 
 <a href="BaseRowSet.html"><code>BaseRowSet</code></a> abstract class. For example, a 
 <code>CachedRowSet</code> implementation must implement the <code>CachedRowSet</code>
 interface and extend the <code>BaseRowSet</code> abstract class. The
--- a/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/serial/SerialArray.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/serial/SerialArray.java	Mon Aug 18 10:59:36 2014 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -202,7 +202,7 @@
   }
 
     /**
-     * This method frees the {@code SeriableArray} object and releases the
+     * This method frees the {@code SerialArray} object and releases the
      * resources that it holds. The object is invalid once the {@code free}
      * method is called. <p> If {@code free} is called multiple times, the
      * subsequent calls to {@code free} are treated as a no-op. </P>
@@ -313,7 +313,6 @@
         return dst;
     }
 
- //[if an error occurstype map used??]
     /**
      * Returns a new array that is a copy of this <code>SerialArray</code>
      * object, using the given type map for the custom
--- a/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/serial/SerialBlob.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/serial/SerialBlob.java	Mon Aug 18 10:59:36 2014 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -475,7 +475,7 @@
 
 
     /**
-     * This method frees the {@code SeriableBlob} object and releases the
+     * This method frees the {@code SerialBlob} object and releases the
      * resources that it holds. The object is invalid once the {@code free}
      * method is called. <p> If {@code free} is called multiple times, the
      * subsequent calls to {@code free} are treated as a no-op. </P>
@@ -578,7 +578,7 @@
         fields.put("len", len);
         fields.put("origLen", origLen);
         // Note: this check to see if it is an instance of Serializable
-        // is for backwards compatibiity
+        // is for backwards compatibility
         fields.put("blob", blob instanceof Serializable ? blob : null);
         s.writeFields();
     }
--- a/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/serial/SerialClob.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/serial/SerialClob.java	Mon Aug 18 10:59:36 2014 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -565,7 +565,7 @@
     }
 
     /**
-     * This method frees the {@code SeriableClob} object and releases the
+     * This method frees the {@code SerialClob} object and releases the
      * resources that it holds.
      * The object is invalid once the {@code free} method is called.
      * <p>
@@ -670,7 +670,7 @@
         fields.put("len", len);
         fields.put("origLen", origLen);
         // Note: this check to see if it is an instance of Serializable
-        // is for backwards compatibiity
+        // is for backwards compatibility
         fields.put("clob", clob instanceof Serializable ? clob : null);
         s.writeFields();
     }
--- a/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/serial/SerialDatalink.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/serial/SerialDatalink.java	Mon Aug 18 10:59:36 2014 +0100
@@ -61,7 +61,7 @@
 
     /**
      * The SQL type of the elements in this <code>SerialDatalink</code>
-     * object.  The type is expressed as one of the contants from the
+     * object.  The type is expressed as one of the constants from the
      * class <code>java.sql.Types</code>.
      * @serial
      */
--- a/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/serial/SerialRef.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/serial/SerialRef.java	Mon Aug 18 10:59:36 2014 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -243,7 +243,7 @@
         fields.put("baseTypeName", baseTypeName);
         fields.put("object", object);
         // Note: this check to see if it is an instance of Serializable
-        // is for backwards compatibiity
+        // is for backwards compatibility
         fields.put("reference", reference instanceof Serializable ? reference : null);
         s.writeFields();
     }
--- a/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/serial/package.html	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/serial/package.html	Mon Aug 18 10:59:36 2014 +0100
@@ -87,7 +87,7 @@
 <h3>5.0 SerialDatalink</h3>
 A serializable mapping in the Java programming language of an SQL DATALINK
 value. A DATALINK value references a file outside of the underlying data source
-that the the originating data source manages. <br>
+that the originating data source manages. <br>
 <br>
 <code>RowSet</code> implementations can use the method <tt>RowSet.getURL() </tt>to retrieve
 a <code>java.net.URL</code> object, which can be used to manipulate the external data.
@@ -141,7 +141,7 @@
   The <tt>SQLInputImpl</tt> class provides a set of reader methods
  analogous to the <tt>ResultSet</tt> getter methods. These methods make it
  possible to read the values in an <tt>SQLInputImpl</tt> object. The method
-<code>wasNull</code> is used to determine whether the the last value read was SQL NULL.
+<code>wasNull</code> is used to determine whether the last value read was SQL NULL.
  <br>
   <br>
   When a constructor or getter method that takes a <code>Map</code> object is called, 
--- a/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/spi/SyncFactory.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/spi/SyncFactory.java	Mon Aug 18 10:59:36 2014 +0100
@@ -259,7 +259,7 @@
     private static Hashtable<String, SyncProvider> implementations;
 
     /**
-     * Adds the the given synchronization provider to the factory register. Guidelines
+     * Adds the given synchronization provider to the factory register. Guidelines
      * are provided in the <code>SyncProvider</code> specification for the
      * required naming conventions for <code>SyncProvider</code>
      * implementations.
@@ -462,7 +462,7 @@
 
     /**
      * Internal handler for all standard property parsing. Parses standard
-     * ROWSET properties and stores lazy references into the the internal registry.
+     * ROWSET properties and stores lazy references into the internal registry.
      */
     private static void parseProperties(Properties p) {
 
--- a/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/spi/SyncProvider.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/spi/SyncProvider.java	Mon Aug 18 10:59:36 2014 +0100
@@ -173,7 +173,7 @@
  * are used as return values or parameters for <code>SyncProvider</code> methods.
  * <code>SyncProvider</code> objects may be implemented to perform synchronization
  * between a <code>RowSet</code> object and its underlying data source with varying
- * degrees of of care. The first group of constants indicate how synchronization
+ * degrees of care. The first group of constants indicate how synchronization
  * is handled. For example, <code>GRADE_NONE</code> indicates that a
  * <code>SyncProvider</code> object will not take any care to see what data is
  * valid and will simply write the <code>RowSet</code> data to the data source.
--- a/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/spi/package.html	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql.rowset/share/classes/javax/sql/rowset/spi/package.html	Mon Aug 18 10:59:36 2014 +0100
@@ -122,7 +122,7 @@
      <a href="http://www.syncml.org">http://www.syncml.org</a>
 </PRE>
 <P>
-For the the next level up, the
+For the next level up, the
 writer checks to see if there are any conflicts, and if there are, 
 it does not write anything to the data source.  The problem with this concurrency
 level is that if another party has modified the corresponding data in the data source 
--- a/jdk/src/java.sql/share/classes/java/sql/Array.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql/share/classes/java/sql/Array.java	Mon Aug 18 10:59:36 2014 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -181,7 +181,7 @@
   Object getArray(long index, int count) throws SQLException;
 
   /**
-   * Retreives a slice of the SQL <code>ARRAY</code> value
+   * Retrieves a slice of the SQL <code>ARRAY</code> value
    * designated by this <code>Array</code> object, beginning with the specified
    * <code>index</code> and containing up to <code>count</code>
    * successive elements of the SQL array.
--- a/jdk/src/java.sql/share/classes/java/sql/BatchUpdateException.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql/share/classes/java/sql/BatchUpdateException.java	Mon Aug 18 10:59:36 2014 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -479,14 +479,14 @@
    * to BatchUpdateException:
    * <ul>
    * <li>Add field longUpdateCounts</li>
-   * <li>Add Constructorr which takes long[] for update counts</li>
+   * <li>Add Constructor which takes long[] for update counts</li>
    * <li>Add getLargeUpdateCounts method</li>
    * </ul>
    * When any of the constructors are called, the int[] and long[] updateCount
    * fields are populated by copying the one array to each other.
    *
    * As the JDBC driver passes in the updateCounts, there has always been the
-   * possiblity for overflow and BatchUpdateException does not need to account
+   * possibility for overflow and BatchUpdateException does not need to account
    * for that, it simply copies the arrays.
    *
    * JDBC drivers should always use the constructor that specifies long[] and
--- a/jdk/src/java.sql/share/classes/java/sql/CallableStatement.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql/share/classes/java/sql/CallableStatement.java	Mon Aug 18 10:59:36 2014 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -1145,7 +1145,7 @@
      * Java <code>Object</code> types to SQL types.  The given argument
      * will be converted to the corresponding SQL type before being
      * sent to the database.
-     * <p>Note that this method may be used to pass datatabase-
+     * <p>Note that this method may be used to pass database-
      * specific abstract data types, by using a driver-specific Java
      * type.
      *
@@ -1882,7 +1882,8 @@
        throws SQLException;
 
     /**
-     * Sets the designated parameter to a <code>InputStream</code> object.  The <code>inputstream</code> must contain  the number
+     * Sets the designated parameter to a {@code InputStream} object.
+     * The <code>Inputstream</code> must contain the number
      * of characters specified by length, otherwise a <code>SQLException</code> will be
      * generated when the <code>CallableStatement</code> is executed.
      * This method differs from the <code>setBinaryStream (int, InputStream, int)</code>
@@ -1899,8 +1900,8 @@
      * @param length the number of bytes in the parameter data.
      * @throws SQLException  if parameterName does not correspond to a named
      * parameter; if the length specified
-     * is less than zero; if the number of bytes in the inputstream does not match
-     * the specified length; if a database access error occurs or
+     * is less than zero; if the number of bytes in the {@code InputStream}
+     * does not match the specified length; if a database access error occurs or
      * this method is called on a closed <code>CallableStatement</code>
      * @exception SQLFeatureNotSupportedException if the JDBC driver does not support
      * this method
@@ -2378,7 +2379,7 @@
        throws SQLException;
 
     /**
-     * Sets the designated parameter to a <code>InputStream</code> object.
+     * Sets the designated parameter to a {@code InputStream} object.
      * This method differs from the <code>setBinaryStream (int, InputStream)</code>
      * method because it informs the driver that the parameter value should be
      * sent to the server as a <code>BLOB</code>.  When the <code>setBinaryStream</code> method is used,
@@ -2430,7 +2431,7 @@
 
 
     /**
-     *<p>Returns an object representing the value of OUT parameter
+     * Returns an object representing the value of OUT parameter
      * {@code parameterIndex} and will convert from the
      * SQL type of the parameter to the requested Java data type, if the
      * conversion is supported. If the conversion is not
@@ -2459,7 +2460,7 @@
 
 
     /**
-     *<p>Returns an object representing the value of OUT parameter
+     * Returns an object representing the value of OUT parameter
      * {@code parameterName} and will convert from the
      * SQL type of the parameter to the requested Java data type, if the
      * conversion is supported. If the conversion is not
@@ -2490,7 +2491,7 @@
      //------------------------- JDBC 4.2 -----------------------------------
 
      /**
-     * <p>Sets the value of the designated parameter with the given object.
+     * Sets the value of the designated parameter with the given object.
      *
      * If the second argument is an {@code InputStream} then the stream
      * must contain the number of bytes specified by scaleOrLength.
--- a/jdk/src/java.sql/share/classes/java/sql/Connection.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql/share/classes/java/sql/Connection.java	Mon Aug 18 10:59:36 2014 +0100
@@ -274,7 +274,7 @@
      * <code>close</code> method.  If the <code>close</code> method is called
      * and there is an active transaction, the results are implementation-defined.
      *
-     * @exception SQLException SQLException if a database access error occurs
+     * @exception SQLException if a database access error occurs
      */
     void close() throws SQLException;
 
@@ -335,7 +335,7 @@
      *
      * @return <code>true</code> if this <code>Connection</code> object
      *         is read-only; <code>false</code> otherwise
-     * @exception SQLException SQLException if a database access error occurs
+     * @exception SQLException if a database access error occurs
      * or this method is called on a closed connection
      */
     boolean isReadOnly() throws SQLException;
@@ -492,7 +492,7 @@
      * returns <code>null</code> until a new warning is
      * reported for this <code>Connection</code> object.
      *
-     * @exception SQLException SQLException if a database access error occurs
+     * @exception SQLException if a database access error occurs
      * or this method is called on a closed connection
      */
     void clearWarnings() throws SQLException;
@@ -632,7 +632,7 @@
      * this <code>Connection</code> object.  The type map will be used for the
      * custom mapping of SQL structured types and distinct types.
      * <p>
-     * You must set the the values for the <code>TypeMap</code> prior to
+     * You must set the values for the <code>TypeMap</code> prior to
      * callng <code>setMap</code> as a JDBC driver may create an internal copy
      * of the <code>TypeMap</code>:
      *
@@ -662,7 +662,7 @@
      * Changes the default holdability of <code>ResultSet</code> objects
      * created using this <code>Connection</code> object to the given
      * holdability.  The default holdability of <code>ResultSet</code> objects
-     * can be be determined by invoking
+     * can be determined by invoking
      * {@link DatabaseMetaData#getResultSetHoldability}.
      *
      * @param holdability a <code>ResultSet</code> holdability constant; one of
--- a/jdk/src/java.sql/share/classes/java/sql/DatabaseMetaData.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql/share/classes/java/sql/DatabaseMetaData.java	Mon Aug 18 10:59:36 2014 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -1216,7 +1216,7 @@
      * <code>PROCEDURE_CAT</code>, <code>PROCEDURE_SCHEM</code>,
      * <code>PROCEDURE_NAME</code> and <code>SPECIFIC_ NAME</code>.
      *
-     * <P>Each procedure description has the the following columns:
+     * <P>Each procedure description has the following columns:
      *  <OL>
      *  <LI><B>PROCEDURE_CAT</B> String {@code =>} procedure catalog (may be <code>null</code>)
      *  <LI><B>PROCEDURE_SCHEM</B> String {@code =>} procedure schema (may be <code>null</code>)
@@ -1487,7 +1487,7 @@
      *  <LI><B>TABLE_TYPE</B> String {@code =>} table type.  Typical types are "TABLE",
      *                  "VIEW", "SYSTEM TABLE", "GLOBAL TEMPORARY",
      *                  "LOCAL TEMPORARY", "ALIAS", "SYNONYM".
-     *  <LI><B>REMARKS</B> String {@code =>} explanatory comment on the table
+     *  <LI><B>REMARKS</B> String {@code =>} explanatory comment on the table (may be {@code null})
      *  <LI><B>TYPE_CAT</B> String {@code =>} the types catalog (may be <code>null</code>)
      *  <LI><B>TYPE_SCHEM</B> String {@code =>} the types schema (may be <code>null</code>)
      *  <LI><B>TYPE_NAME</B> String {@code =>} type name (may be <code>null</code>)
@@ -1710,7 +1710,7 @@
      *  <LI><B>GRANTOR</B> String {@code =>} grantor of access (may be <code>null</code>)
      *  <LI><B>GRANTEE</B> String {@code =>} grantee of access
      *  <LI><B>PRIVILEGE</B> String {@code =>} name of access (SELECT,
-     *      INSERT, UPDATE, REFRENCES, ...)
+     *      INSERT, UPDATE, REFERENCES, ...)
      *  <LI><B>IS_GRANTABLE</B> String {@code =>} "YES" if grantee is permitted
      *      to grant to others; "NO" if not; <code>null</code> if unknown
      *  </OL>
@@ -1755,7 +1755,7 @@
      *  <LI><B>GRANTOR</B> String {@code =>} grantor of access (may be <code>null</code>)
      *  <LI><B>GRANTEE</B> String {@code =>} grantee of access
      *  <LI><B>PRIVILEGE</B> String {@code =>} name of access (SELECT,
-     *      INSERT, UPDATE, REFRENCES, ...)
+     *      INSERT, UPDATE, REFERENCES, ...)
      *  <LI><B>IS_GRANTABLE</B> String {@code =>} "YES" if grantee is permitted
      *      to grant to others; "NO" if not; <code>null</code> if unknown
      *  </OL>
@@ -2509,7 +2509,7 @@
      *  <LI><B>TYPE</B> short {@code =>} index type:
      *      <UL>
      *      <LI> tableIndexStatistic - this identifies table statistics that are
-     *           returned in conjuction with a table's index descriptions
+     *           returned in conjunction with a table's index descriptions
      *      <LI> tableIndexClustered - this is a clustered index
      *      <LI> tableIndexHashed - this is a hashed index
      *      <LI> tableIndexOther - this is some other style of index
@@ -2524,7 +2524,7 @@
      *  <LI><B>CARDINALITY</B> long {@code =>} When TYPE is tableIndexStatistic, then
      *      this is the number of rows in the table; otherwise, it is the
      *      number of unique values in the index.
-     *  <LI><B>PAGES</B> long {@code =>} When TYPE is  tableIndexStatisic then
+     *  <LI><B>PAGES</B> long {@code =>} When TYPE is  tableIndexStatistic then
      *      this is the number of pages used for the table, otherwise it
      *      is the number of pages used for the current index.
      *  <LI><B>FILTER_CONDITION</B> String {@code =>} Filter condition, if any.
@@ -2858,7 +2858,7 @@
      * @return <code>true</code> if a <code>CallableStatement</code> object
      *         can return multiple <code>ResultSet</code> objects
      *         simultaneously; <code>false</code> otherwise
-     * @exception SQLException if a datanase access error occurs
+     * @exception SQLException if a database access error occurs
      * @since 1.4
      */
     boolean supportsMultipleOpenResults() throws SQLException;
@@ -3302,7 +3302,7 @@
      * <code>FUNCTION_NAME</code> and
      * <code>SPECIFIC_ NAME</code>.
      *
-     * <P>Each function description has the the following columns:
+     * <P>Each function description has the following columns:
      *  <OL>
      *  <LI><B>FUNCTION_CAT</B> String {@code =>} function catalog (may be <code>null</code>)
      *  <LI><B>FUNCTION_SCHEM</B> String {@code =>} function schema (may be <code>null</code>)
--- a/jdk/src/java.sql/share/classes/java/sql/NClob.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql/share/classes/java/sql/NClob.java	Mon Aug 18 10:59:36 2014 +0100
@@ -25,8 +25,6 @@
 
 package java.sql;
 
-import java.sql.Clob;
-
 /**
  * The mapping in the Java&trade; programming language
  * for the SQL <code>NCLOB</code> type.
@@ -34,7 +32,7 @@
  * that stores a Character Large Object using the National Character Set
  *  as a column value in a row of  a database table.
  * <P>The <code>NClob</code> interface extends the <code>Clob</code> interface
- * which provides provides methods for getting the
+ * which provides methods for getting the
  * length of an SQL <code>NCLOB</code> value,
  * for materializing a <code>NCLOB</code> value on the client, and for
  * searching for a substring or <code>NCLOB</code> object within a
--- a/jdk/src/java.sql/share/classes/java/sql/PreparedStatement.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql/share/classes/java/sql/PreparedStatement.java	Mon Aug 18 10:59:36 2014 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -415,7 +415,7 @@
      * will be converted to the corresponding SQL type before being
      * sent to the database.
      *
-     * <p>Note that this method may be used to pass datatabase-
+     * <p>Note that this method may be used to pass database-
      * specific abstract data types, by using a driver-specific Java
      * type.
      *
@@ -838,7 +838,8 @@
        throws SQLException;
 
     /**
-     * Sets the designated parameter to a <code>InputStream</code> object.  The inputstream must contain  the number
+     * Sets the designated parameter to a <code>InputStream</code> object.
+     * The {@code Inputstream} must contain  the number
      * of characters specified by length otherwise a <code>SQLException</code> will be
      * generated when the <code>PreparedStatement</code> is executed.
      * This method differs from the <code>setBinaryStream (int, InputStream, int)</code>
@@ -854,8 +855,8 @@
      * @throws SQLException if parameterIndex does not correspond to a parameter
      * marker in the SQL statement; if a database access error occurs;
      * this method is called on a closed <code>PreparedStatement</code>;
-     *  if the length specified
-     * is less than zero or if the number of bytes in the inputstream does not match
+     * if the length specified
+     * is less than zero or if the number of bytes in the {@code InputStream} does not match
      * the specified length.
      * @throws SQLFeatureNotSupportedException  if the JDBC driver does not support this method
      *
--- a/jdk/src/java.sql/share/classes/java/sql/SQLException.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql/share/classes/java/sql/SQLException.java	Mon Aug 18 10:59:36 2014 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -36,7 +36,7 @@
  * <P>Each <code>SQLException</code> provides several kinds of information:
  * <UL>
  *   <LI> a string describing the error.  This is used as the Java Exception
- *       message, available via the method <code>getMesasge</code>.
+ *       message, available via the method <code>getMessage</code>.
  *   <LI> a "SQLstate" string, which follows either the XOPEN SQLstate conventions
  *        or the SQL:2003 conventions.
  *       The values of the SQLState string are described in the appropriate spec.
--- a/jdk/src/java.sql/share/classes/java/sql/SQLPermission.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql/share/classes/java/sql/SQLPermission.java	Mon Aug 18 10:59:36 2014 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -37,7 +37,7 @@
  * <code>DriverManager.setLogStream</code> (deprecated) method,
  * {@code SyncFactory.setJNDIContext} method,
  * {@code SyncFactory.setLogger} method,
- * {@code Connection.setNetworktimeout} method,
+ * {@code Connection.setNetworkTimeout} method,
  * or the <code>Connection.abort</code> method.
  * If there is no <code>SQLPermission</code> object, these methods
  * throw a <code>java.lang.SecurityException</code> as a runtime exception.
--- a/jdk/src/java.sql/share/classes/java/sql/SQLXML.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql/share/classes/java/sql/SQLXML.java	Mon Aug 18 10:59:36 2014 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -174,7 +174,7 @@
  * reading APIs are called: getBinaryStream(), getCharacterStream(), getSource(), and getString().
  * Implementations may also change the state to not writable when this occurs.
  * <p>
- * The state moves from writable to not writeable once free() or any of the
+ * The state moves from writable to not writable once free() or any of the
  * writing APIs are called: setBinaryStream(), setCharacterStream(), setResult(), and setString().
  * Implementations may also change the state to not readable when this occurs.
  *
@@ -192,7 +192,7 @@
 {
   /**
    * This method closes this object and releases the resources that it held.
-   * The SQL XML object becomes invalid and neither readable or writeable
+   * The SQL XML object becomes invalid and neither readable or writable
    * when this method is called.
    *
    * After <code>free</code> has been called, any attempt to invoke a
@@ -231,7 +231,7 @@
    * The behavior of this method is the same as ResultSet.updateBinaryStream()
    * when the designated column of the ResultSet has a type java.sql.Types of SQLXML.
    * <p>
-   * The SQL XML object becomes not writeable when this method is called and
+   * The SQL XML object becomes not writable when this method is called and
    * may also become not readable depending on implementation.
    *
    * @return a stream to which data can be written.
@@ -277,7 +277,7 @@
    * The behavior of this method is the same as ResultSet.updateCharacterStream()
    * when the designated column of the ResultSet has a type java.sql.Types of SQLXML.
    * <p>
-   * The SQL XML object becomes not writeable when this method is called and
+   * The SQL XML object becomes not writable when this method is called and
    * may also become not readable depending on implementation.
    *
    * @return a stream to which data can be written.
@@ -325,7 +325,7 @@
    * The behavior of this method is the same as ResultSet.updateString()
    * when the designated column of the ResultSet has a type java.sql.Types of SQLXML.
    * <p>
-   * The SQL XML object becomes not writeable when this method is called and
+   * The SQL XML object becomes not writable when this method is called and
    * may also become not readable depending on implementation.
    *
    * @param value the XML value
@@ -387,7 +387,7 @@
    * <p>
    * The systemID of the Result is implementation dependent.
    * <p>
-   * The SQL XML object becomes not writeable when this method is called and
+   * The SQL XML object becomes not writable when this method is called and
    * may also become not readable depending on implementation.
    * <p>
    * Note that SAX is a callback architecture and the returned
--- a/jdk/src/java.sql/share/classes/java/sql/Timestamp.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql/share/classes/java/sql/Timestamp.java	Mon Aug 18 10:59:36 2014 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -590,7 +590,7 @@
      *  the provided instant
      * @exception NullPointerException if {@code instant} is null.
      * @exception IllegalArgumentException if the instant is too large to
-     *  represent as a {@code Timesamp}
+     *  represent as a {@code Timestamp}
      * @since 1.8
      */
     public static Timestamp from(Instant instant) {
--- a/jdk/src/java.sql/share/classes/java/sql/Types.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql/share/classes/java/sql/Types.java	Mon Aug 18 10:59:36 2014 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -243,7 +243,7 @@
         public final static int REF                 = 2006;
 
     /**
-     * The constant in the Java programming language, somtimes referred to
+     * The constant in the Java programming language, sometimes referred to
      * as a type code, that identifies the generic SQL type <code>DATALINK</code>.
      *
      * @since 1.4
@@ -251,7 +251,7 @@
     public final static int DATALINK = 70;
 
     /**
-     * The constant in the Java programming language, somtimes referred to
+     * The constant in the Java programming language, sometimes referred to
      * as a type code, that identifies the generic SQL type <code>BOOLEAN</code>.
      *
      * @since 1.4
--- a/jdk/src/java.sql/share/classes/javax/sql/RowSet.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/src/java.sql/share/classes/javax/sql/RowSet.java	Mon Aug 18 10:59:36 2014 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -66,9 +66,9 @@
  * changes to its data while it is disconnected and then send the changes back
  * to the original source of the data, but it must reestablish a connection to do so.
  * <P>
- * A disconnected rowset may have a reader (a <code>RowSetReader</code> object)
+ * A disconnected rowset may have a {@code Reader} (a <code>RowSetReader</code> object)
  * and a writer (a <code>RowSetWriter</code> object) associated with it.
- * The reader may be implemented in many different ways to populate a rowset
+ * The {@code Reader} may be implemented in many different ways to populate a rowset
  * with data, including getting data from a non-relational data source. The
  * writer can also be implemented in many different ways to propagate changes
  * made to the rowset's data back to the underlying data source.
@@ -727,7 +727,7 @@
 
   /**
    * Sets the designated parameter in this <code>RowSet</code> object's command
-   * to the given <code>java.math.BigDeciaml</code> value.
+   * to the given {@code java.math.BigDecimal} value.
    * The driver converts this to
    * an SQL <code>NUMERIC</code> value before sending it to the database.
    *
@@ -974,7 +974,7 @@
    * standard interface.
    *
    * @param parameterIndex the first parameter is 1, the second is 2, ...
-   * @param reader the <code>Reader</code> object that contains the UNICODE data
+   * @param reader the {@code Reader} object that contains the UNICODE data
    *        to be set
    * @param length the number of characters in the stream
    * @exception SQLException if a database access error occurs
@@ -984,7 +984,7 @@
                           int length) throws SQLException;
 
   /**
-     * Sets the designated parameter to the given <code>Reader</code>
+     * Sets the designated parameter to the given {@code Reader}
      * object, which is the given number of characters long.
      * When a very large UNICODE value is input to a <code>LONGVARCHAR</code>
      * parameter, it may be more practical to send it via a
@@ -1112,7 +1112,7 @@
 
   /**
    * Sets the designated parameter in this <code>RowSet</code> object's command
-   * to the given <code>Reader</code>
+   * to the given {@code Reader}
    * object.
    * When a very large UNICODE value is input to a <code>LONGVARCHAR</code>
    * parameter, it may be more practical to send it via a
@@ -1139,7 +1139,7 @@
                           java.io.Reader reader) throws SQLException;
 
   /**
-     * Sets the designated parameter to the given <code>Reader</code>
+     * Sets the designated parameter to the given {@code Reader}
      * object.
      * When a very large UNICODE value is input to a <code>LONGVARCHAR</code>
      * parameter, it may be more practical to send it via a
@@ -1167,8 +1167,8 @@
 
   /**
    * Sets the designated parameter in this <code>RowSet</code> object's command
-   * to a <code>Reader</code> object. The
-   * <code>Reader</code> reads the data till end-of-file is reached. The
+   * to a {@code Reader} object. The
+   * {@code Reader} reads the data till end-of-file is reached. The
    * driver does the necessary conversion from Java character format to
    * the national character set in the database.
 
@@ -1200,7 +1200,8 @@
    *
    * If the second argument is an <code>InputStream</code> then the stream must contain
    * the number of bytes specified by scaleOrLength.  If the second argument is a
-   * <code>Reader</code> then the reader must contain the number of characters specified    * by scaleOrLength. If these conditions are not true the driver will generate a
+   * {@code Reader} then the {@code Reader} must contain the number of characters specified
+   * by scaleOrLength. If these conditions are not true the driver will generate a
    * <code>SQLException</code> when the prepared statement is executed.
    *
    * <p>The given Java object will be converted to the targetSqlType
@@ -1216,7 +1217,7 @@
    * value of the corresponding SQL type.
    *
    *
-   * <p>Note that this method may be used to pass datatabase-specific
+   * <p>Note that this method may be used to pass database-specific
    * abstract data types.
    *
    * @param parameterIndex the first parameter is 1, the second is 2, ...
@@ -1227,9 +1228,9 @@
    * @param scaleOrLength for <code>java.sql.Types.DECIMAL</code>
    *          or <code>java.sql.Types.NUMERIC types</code>,
    *          this is the number of digits after the decimal point. For
-   *          Java Object types <code>InputStream</code> and <code>Reader</code>,
+   *          Java Object types <code>InputStream</code> and {@code Reader},
    *          this is the length
-   *          of the data in the stream or reader.  For all other types,
+   *          of the data in the stream or {@code Reader}.  For all other types,
    *          this value will be ignored.
    * @exception SQLException if a database access error occurs
    * @see java.sql.Types
@@ -1255,7 +1256,7 @@
      * or <code>Array</code>, the driver should pass it to the database as a
      * value of the corresponding SQL type.
      * <P>
-     * Note that this method may be used to pass datatabase-
+     * Note that this method may be used to pass database-
      * specific abstract data types.
      *
      * @param parameterName the name of the parameter
@@ -1335,7 +1336,7 @@
      * will be converted to the corresponding SQL type before being
      * sent to the database.
      *
-     * <p>Note that this method may be used to pass datatabase-
+     * <p>Note that this method may be used to pass database-
      * specific abstract data types, by using a driver-specific Java
      * type.
      *
@@ -1373,7 +1374,7 @@
    * given Java object to its standard SQL mapping before sending it
    * to the database.
    *
-   * <p>Note that this method may be used to pass datatabase-specific
+   * <p>Note that this method may be used to pass database-specific
    * abstract data types by using a driver-specific Java type.
    *
    * If the object is of a class implementing <code>SQLData</code>,
@@ -1420,7 +1421,8 @@
   void setBlob (int i, Blob x) throws SQLException;
 
   /**
-     * Sets the designated parameter to a <code>InputStream</code> object.  The inputstream must contain  the number
+     * Sets the designated parameter to a <code>InputStream</code> object.
+     * The <code>InputStream</code> must contain  the number
      * of characters specified by length otherwise a <code>SQLException</code> will be
      * generated when the <code>PreparedStatement</code> is executed.
      * This method differs from the <code>setBinaryStream (int, InputStream, int)</code>
@@ -1437,7 +1439,7 @@
      * this method is called on a closed <code>PreparedStatement</code>,
      * if parameterIndex does not correspond
      * to a parameter marker in the SQL statement,  if the length specified
-     * is less than zero or if the number of bytes in the inputstream does not match
+     * is less than zero or if the number of bytes in the <code>InputStream</code> does not match
      * the specified length.
      * @throws SQLFeatureNotSupportedException  if the JDBC driver does not support this method
      *
@@ -1474,7 +1476,8 @@
         throws SQLException;
 
   /**
-     * Sets the designated parameter to a <code>InputStream</code> object.  The <code>inputstream</code> must contain  the number
+     * Sets the designated parameter to a <code>InputStream</code> object.
+     * The "{@code InputStream} must contain  the number
      * of characters specified by length, otherwise a <code>SQLException</code> will be
      * generated when the <code>CallableStatement</code> is executed.
      * This method differs from the <code>setBinaryStream (int, InputStream, int)</code>
@@ -1491,7 +1494,7 @@
      * @param length the number of bytes in the parameter data.
      * @throws SQLException  if parameterIndex does not correspond
      * to a parameter marker in the SQL statement,  or if the length specified
-     * is less than zero; if the number of bytes in the inputstream does not match
+     * is less than zero; if the number of bytes in the <code>InputStream</code> does not match
      * the specified length; if a database access error occurs or
      * this method is called on a closed <code>CallableStatement</code>
      * @exception SQLFeatureNotSupportedException if the JDBC driver does not support
@@ -1554,7 +1557,8 @@
   void setClob (int i, Clob x) throws SQLException;
 
   /**
-     * Sets the designated parameter to a <code>Reader</code> object.  The reader must contain  the number
+     * Sets the designated parameter to a {@code Reader} object.
+     * The {@code Reader} must contain  the number
      * of characters specified by length otherwise a <code>SQLException</code> will be
      * generated when the <code>PreparedStatement</code> is executed.
      *This method differs from the <code>setCharacterStream (int, Reader, int)</code> method
@@ -1576,7 +1580,7 @@
        throws SQLException;
 
   /**
-     * Sets the designated parameter to a <code>Reader</code> object.
+     * Sets the designated parameter to a {@code Reader} object.
      * This method differs from the <code>setCharacterStream (int, Reader)</code> method
      * because it informs the driver that the parameter value should be sent to
      * the server as a <code>CLOB</code>.  When the <code>setCharacterStream</code> method is used, the
@@ -1600,7 +1604,8 @@
        throws SQLException;
 
   /**
-     * Sets the designated parameter to a <code>Reader</code> object.  The <code>reader</code> must contain  the number
+     * Sets the designated parameter to a {@code Reader} object.  The
+     * {@code Reader} must contain  the number
      * of characters specified by length otherwise a <code>SQLException</code> will be
      * generated when the <code>CallableStatement</code> is executed.
      * This method differs from the <code>setCharacterStream (int, Reader, int)</code> method
@@ -1639,7 +1644,7 @@
     void setClob (String parameterName, Clob x) throws SQLException;
 
   /**
-     * Sets the designated parameter to a <code>Reader</code> object.
+     * Sets the designated parameter to a {@code Reader} object.
      * This method differs from the <code>setCharacterStream (int, Reader)</code> method
      * because it informs the driver that the parameter value should be sent to
      * the server as a <code>CLOB</code>.  When the <code>setCharacterStream</code> method is used, the
@@ -1859,10 +1864,10 @@
    * outstanding updates, they are ignored.
    * <P>
    * If this <code>RowSet</code> object does not maintain a continuous connection
-   * with its source of data, it may use a reader (a <code>RowSetReader</code>
-   * object) to fill itself with data.  In this case, a reader will have been
+   * with its source of data, it may use a {@code Reader} (a <code>RowSetReader</code>
+   * object) to fill itself with data.  In this case, a {@code Reader} will have been
    * registered with this <code>RowSet</code> object, and the method
-   * <code>execute</code> will call on the reader's <code>readData</code>
+   * <code>execute</code> will call on the {@code Reader}'s <code>readData</code>
    * method as part of its implementation.
    *
    * @exception SQLException if a database access error occurs or any of the
@@ -1987,8 +1992,8 @@
             throws SQLException;
 
     /**
-     * Sets the designated parameter to a <code>Reader</code> object. The
-     * <code>Reader</code> reads the data till end-of-file is reached. The
+     * Sets the designated parameter to a {@code Reader} object. The
+     * {@code Reader} reads the data till end-of-file is reached. The
      * driver does the necessary conversion from Java character format to
      * the national character set in the database.
      * @param parameterIndex of the first parameter is 1, the second is 2, ...
@@ -2002,8 +2007,8 @@
      void setNCharacterStream(int parameterIndex, Reader value, long length) throws SQLException;
 
     /**
-     * Sets the designated parameter to a <code>Reader</code> object. The
-     * <code>Reader</code> reads the data till end-of-file is reached. The
+     * Sets the designated parameter to a {@code Reader} object. The
+     * {@code Reader} reads the data till end-of-file is reached. The
      * driver does the necessary conversion from Java character format to
      * the national character set in the database.
      * @param parameterName the name of the column to be set
@@ -2018,8 +2023,8 @@
             throws SQLException;
 
     /**
-     * Sets the designated parameter to a <code>Reader</code> object. The
-     * <code>Reader</code> reads the data till end-of-file is reached. The
+     * Sets the designated parameter to a {@code Reader} object. The
+     * {@code Reader} reads the data till end-of-file is reached. The
      * driver does the necessary conversion from Java character format to
      * the national character set in the database.
 
@@ -2055,7 +2060,8 @@
     void setNClob(String parameterName, NClob value) throws SQLException;
 
     /**
-     * Sets the designated parameter to a <code>Reader</code> object.  The <code>reader</code> must contain  the number
+     * Sets the designated parameter to a {@code Reader} object.
+     * The {@code Reader} must contain  the number
      * of characters specified by length otherwise a <code>SQLException</code> will be
      * generated when the <code>CallableStatement</code> is executed.
      * This method differs from the <code>setCharacterStream (int, Reader, int)</code> method
@@ -2081,7 +2087,7 @@
        throws SQLException;
 
     /**
-     * Sets the designated parameter to a <code>Reader</code> object.
+     * Sets the designated parameter to a {@code Reader} object.
      * This method differs from the <code>setCharacterStream (int, Reader)</code> method
      * because it informs the driver that the parameter value should be sent to
      * the server as a <code>NCLOB</code>.  When the <code>setCharacterStream</code> method is used, the
@@ -2105,7 +2111,8 @@
        throws SQLException;
 
     /**
-     * Sets the designated parameter to a <code>Reader</code> object.  The reader must contain  the number
+     * Sets the designated parameter to a {@code Reader} object.
+     * The {@code Reader} must contain  the number
      * of characters specified by length otherwise a <code>SQLException</code> will be
      * generated when the <code>PreparedStatement</code> is executed.
      * This method differs from the <code>setCharacterStream (int, Reader, int)</code> method
@@ -2142,7 +2149,7 @@
      void setNClob(int parameterIndex, NClob value) throws SQLException;
 
     /**
-     * Sets the designated parameter to a <code>Reader</code> object.
+     * Sets the designated parameter to a {@code Reader} object.
      * This method differs from the <code>setCharacterStream (int, Reader)</code> method
      * because it informs the driver that the parameter value should be sent to
      * the server as a <code>NCLOB</code>.  When the <code>setCharacterStream</code> method is used, the
--- a/jdk/test/ProblemList.txt	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/test/ProblemList.txt	Mon Aug 18 10:59:36 2014 +0100
@@ -217,6 +217,9 @@
 java/security/KeyPairGenerator/SolarisShortDSA.java             solaris-all
 sun/security/tools/keytool/standard.sh                          solaris-all
 
+# 8049312
+com/sun/crypto/provider/Cipher/AES/CICO.java			generic-all
+
 ############################################################################
 
 # jdk_sound
@@ -257,7 +260,7 @@
 # 8031555
 com/sun/jdi/JdbMethodExitTest.sh                                generic-all
 
-# 8041934
+# 8043571
 com/sun/jdi/RepStep.java                                        generic-all
 
 # 8044419
@@ -284,13 +287,15 @@
 # 8033104
 sun/jvmstat/monitor/MonitoredVm/CR6672135.java			generic-all
 
-# 8041989
-sun/tools/jstatd/TestJstatdDefaults.java                        generic-all
-
-# 8037285
-sun/tools/jstatd/TestJstatdServer.java                          generic-all
+# 8027668
+sun/tools/jstatd/TestJstatdDefaults.java                generic-all
+sun/tools/jstatd/TestJstatdServer.java                  generic-all
+sun/tools/jstatd/TestJstatdPort.java                    generic-all
 
 # 8046355
 sun/tools/jstatd/TestJstatdExternalRegistry.java                generic-all
 
+# 6456333
+sun/tools/jps/TestJpsJarRelative.java				generic-all
+
 ############################################################################
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/com/sun/crypto/provider/Cipher/AES/CICO.java	Mon Aug 18 10:59:36 2014 +0100
@@ -0,0 +1,186 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.spec.AlgorithmParameterSpec;
+import java.util.Random;
+import javax.crypto.Cipher;
+import javax.crypto.CipherInputStream;
+import javax.crypto.CipherOutputStream;
+import javax.crypto.KeyGenerator;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.IvParameterSpec;
+
+/**
+ * @test
+ * @bug 8043836
+ * @summary Test AES ciphers with different modes and padding schemes (ECB mode
+ *          doesn't use IV). The test tries 3 different read methods of
+ *          CipherInputStream.
+ */
+public class CICO {
+    private static final String ALGORITHM = "aEs";
+    private static final String[] MODES = { "PCBC", "ECb", "cbC", "cFB",
+        "cFB24", "cFB32", "Cfb40", "CFB72", "OfB", "OfB20", "OfB48",
+        "OfB56", "OFB64", "OFB112", "CFB112", "pCbC" };
+    private static final String[] PADDING = { "noPadding", "pkcs5padding" };
+    private static final String PROVIDER = "SunJCE";
+    private static final int NREADS = 3;
+    private static final int KEY_LENGTH = 128;
+
+    private final byte[] plainText = new byte[1600000];
+
+
+    public static void main(String argv[]) throws Exception {
+        CICO test = new CICO();
+        for (String mode : MODES) {
+            for (String pad : PADDING) {
+                for (int m = 0; m < NREADS; m++) {
+                    test.runTest(ALGORITHM, mode, pad, m);
+                }
+            }
+        }
+    }
+
+    public void runTest(String algo, String mo, String pad, int whichRead) throws Exception {
+        Cipher ci1 = null;
+        Cipher ci2 = null;
+        byte[] iv = null;
+        AlgorithmParameterSpec aps = null;
+        SecretKey key = null;
+
+        try {
+            // Do initialization
+            Random rdm = new Random();
+            rdm.nextBytes(plainText);
+            KeyGenerator kg = KeyGenerator.getInstance(algo, PROVIDER);
+            if (!kg.getAlgorithm().equals(algo)) {
+                throw new RuntimeException("Unexpected algorithm <"
+                        + kg.getAlgorithm() + ">, expected value is <" + algo
+                        + ">");
+            }
+
+            kg.init(KEY_LENGTH);
+            key = kg.generateKey();
+
+            ci1 = Cipher.getInstance(algo + "/" + mo + "/" + pad, PROVIDER);
+
+            if (mo.equalsIgnoreCase("ECB")) {
+                ci1.init(Cipher.ENCRYPT_MODE, key);
+            } else {
+                ci1.init(Cipher.ENCRYPT_MODE, key, aps);
+            }
+
+            if (!mo.equalsIgnoreCase("ECB")) {
+                iv = ci1.getIV();
+                aps = new IvParameterSpec(iv);
+            } else {
+                aps = null;
+            }
+
+            ci2 = Cipher.getInstance(algo + "/" + mo + "/" + pad, PROVIDER);
+            if (mo.equalsIgnoreCase("ECB")) {
+                ci2.init(Cipher.DECRYPT_MODE, key);
+            } else {
+                ci2.init(Cipher.DECRYPT_MODE, key, aps);
+            }
+
+            ByteArrayInputStream baInput = new ByteArrayInputStream(plainText);
+            ByteArrayOutputStream baOutput = new ByteArrayOutputStream();
+            try (CipherInputStream ciInput = new CipherInputStream(baInput, ci1);
+                    CipherOutputStream ciOutput = new CipherOutputStream(
+                            baOutput, ci2)) {
+                // According to specification, CipherInputStream does not support the
+                // mark and reset methods
+                if (ciInput.markSupported()) {
+                    throw new RuntimeException(
+                            "CipherInputStream unexpectedly supports the mark and reset methods");
+                }
+
+                // Read from the input and write to the output using 2 types
+                // of buffering : byte[] and int
+                switch (whichRead) {
+                case 0:
+                    int buffer0 = ciInput.read();
+                    while (buffer0 != -1) {
+                        ciOutput.write(buffer0);
+                        buffer0 = ciInput.read();
+                    }
+                    break;
+                case 1:
+                    byte[] buffer1 = new byte[20];
+                    int len1 = ciInput.read(buffer1);
+                    while (len1 != -1) {
+                        ciOutput.write(buffer1, 0, len1);
+                        len1 = ciInput.read(buffer1);
+                    }
+                    break;
+                case NREADS - 1:
+                    byte[] buffer2 = new byte[ci1
+                                              .getOutputSize(plainText.length)];
+                    int offset2 = 0;
+                    int len2 = 0;
+                    while (len2 != -1) {
+                        len2 = ciInput.read(buffer2, offset2, buffer2.length
+                                - offset2);
+                        offset2 += len2;
+                    }
+                    ciOutput.write(buffer2, 0, buffer2.length);
+                    break;
+                }
+            }
+
+            // Get the output
+            byte[] recoveredText = new byte[baOutput.size()];
+            recoveredText = baOutput.toByteArray();
+            if (!java.util.Arrays.equals(plainText, recoveredText)) {
+                throw new RuntimeException(
+                        "Original text is not equal with recovered text, with "
+                                + algo + "/" + mo + "/" + pad + "/" + whichRead);
+            }
+
+            // Compare input and output
+
+        } catch (NoSuchAlgorithmException e) {
+            //OFB20 is for negative testing
+            if (!mo.equalsIgnoreCase("OFB20")) {
+                System.out.println("Unexpected NoSuchAlgorithmException with "
+                        + algo + "/" + mo + "/" + pad + "/" + whichRead);
+                throw new RuntimeException("Test failed!");
+            }
+        } catch (IOException | NoSuchProviderException | NoSuchPaddingException
+                | InvalidKeyException | InvalidAlgorithmParameterException e) {
+            System.out.println("Unexpected Exception with "
+                    + algo + "/" + mo + "/" + pad + "/" + whichRead);
+            System.out.println("Test failed!");
+            throw e;
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/com/sun/crypto/provider/Cipher/AES/CTR.java	Mon Aug 18 10:59:36 2014 +0100
@@ -0,0 +1,145 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.spec.AlgorithmParameterSpec;
+import java.util.Arrays;
+import java.util.Random;
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.KeyGenerator;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.SecretKey;
+import javax.crypto.ShortBufferException;
+import javax.crypto.spec.IvParameterSpec;
+
+
+/**
+ * @test
+ * @bug 8043836
+ * @summary Test AES ciphers with 4 different modes with NoPadding. Check if
+ *          data before encryption and after decryption is the same.
+ */
+
+public class CTR {
+
+    private static final String ALGORITHM = "AES";
+
+    private static final String PROVIDER = "SunJCE";
+
+    private static final String[] MODES = {"CTR","CFB24","OFB32","GCM"};
+
+    private static final String PADDING = "NoPadding";
+
+
+    private static final int KEY_LENGTH = 128;
+
+    public static void main(String argv[]) throws Exception {
+        CTR test = new CTR();
+        for (String mode : MODES) {
+            test.runTest(ALGORITHM, mode, PADDING);
+        }
+    }
+
+
+    public void runTest(String algo, String mo, String pad) throws Exception {
+        Cipher ci = null;
+        byte[] iv = null;
+        AlgorithmParameterSpec aps = null;
+        SecretKey key = null;
+
+        try {
+            Random rdm = new Random();
+            byte[] plainText;
+
+            ci = Cipher.getInstance(algo + "/" + mo + "/" + pad, PROVIDER);
+            KeyGenerator kg = KeyGenerator.getInstance(algo, PROVIDER);
+            kg.init(KEY_LENGTH);
+            key = kg.generateKey();
+
+            for (int i = 0; i < 15; i++) {
+                plainText = new byte[1600 + i + 1];
+                rdm.nextBytes(plainText);
+
+                if (!mo.equalsIgnoreCase("GCM")) {
+                    ci.init(Cipher.ENCRYPT_MODE, key, aps);
+                } else {
+                    ci.init(Cipher.ENCRYPT_MODE, key);
+                }
+
+                byte[] cipherText = new byte[ci.getOutputSize(plainText.length)];
+                int offset = ci.update(plainText, 0, plainText.length,
+                        cipherText, 0);
+
+                ci.doFinal(cipherText, offset);
+
+                if (!mo.equalsIgnoreCase("ECB")) {
+                    iv = ci.getIV();
+                    aps = new IvParameterSpec(iv);
+                } else {
+                    aps = null;
+                }
+
+                if (!mo.equalsIgnoreCase("GCM")) {
+                    ci.init(Cipher.DECRYPT_MODE, key, aps);
+                } else {
+                    ci.init(Cipher.DECRYPT_MODE, key, ci.getParameters());
+                }
+
+                byte[] recoveredText = new byte[ci.getOutputSize(cipherText.length)];
+                int len = ci.doFinal(cipherText, 0, cipherText.length,
+                        recoveredText);
+                byte[] tmp = new byte[len];
+
+                for (int j = 0; j < len; j++) {
+                    tmp[j] = recoveredText[j];
+                }
+                Arrays.toString(plainText);
+                if (!java.util.Arrays.equals(plainText, tmp)) {
+                    System.out.println("Original: ");
+                    dumpBytes(plainText);
+                    System.out.println("Recovered: ");
+                    dumpBytes(tmp);
+                    throw new RuntimeException("Original text is not equal with recovered text, with mode:" + mo);
+                }
+            }
+        } catch (NoSuchAlgorithmException | NoSuchProviderException | NoSuchPaddingException
+                | InvalidKeyException | InvalidAlgorithmParameterException
+                | ShortBufferException | IllegalBlockSizeException
+                | BadPaddingException e) {
+            System.out.println("Test failed!");
+            throw e;
+        }
+    }
+
+    private void dumpBytes(byte[] bytes){
+        for (byte b : bytes){
+            System.out.print(Integer.toHexString(b));
+        }
+        System.out.println();
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/com/sun/crypto/provider/Cipher/AES/Padding.java	Mon Aug 18 10:59:36 2014 +0100
@@ -0,0 +1,151 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.spec.AlgorithmParameterSpec;
+import java.util.Random;
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.KeyGenerator;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.SecretKey;
+import javax.crypto.ShortBufferException;
+import javax.crypto.spec.IvParameterSpec;
+
+/**
+ * @test
+ * @bug 8043836
+ * @summary Test AES ciphers with different modes and padding schemes (ECB mode
+ *          doesn't use IV). The test tries 3 different read methods of
+ *          CipherInputStream.
+ */
+public class Padding {
+
+    private static final String ALGORITHM = "AES";
+    private static final String PROVIDER = "SunJCE";
+    private static final String[] MODES = { "ECb", "CbC", "PCBC", "OFB",
+        "OFB150", "cFB", "CFB7", "cFB8", "cFB16", "cFB24", "cFB32",
+        "Cfb40", "cfB48", "cfB56", "cfB64", "cfB72", "cfB80", "cfB88",
+        "cfB96", "cfb104", "cfB112", "cfB120", "OFB8", "OFB16", "OFB24",
+        "OFB32", "OFB40", "OFB48", "OFB56", "OFB64", "OFB72", "OFB80",
+        "OFB88", "OFB96", "OFB104", "OFB112", "OFB120", "GCM" };
+    private static final String PADDING = "PKCS5Padding";
+    private static final int KEY_LENGTH = 128;
+
+    public static void main(String argv[]) throws Exception {
+        Padding test = new Padding();
+        for (String mode : MODES) {
+            test.runTest(ALGORITHM, mode, PADDING);
+        }
+    }
+
+    public void runTest(String algo, String mo, String pad) throws Exception {
+        Cipher ci = null;
+        byte[] iv = null;
+        AlgorithmParameterSpec aps = null;
+        SecretKey key = null;
+        try {
+            Random rdm = new Random();
+            byte[] plainText;
+
+            ci = Cipher.getInstance(algo + "/" + mo + "/" + pad, PROVIDER);
+            KeyGenerator kg = KeyGenerator.getInstance(algo, PROVIDER);
+            kg.init(KEY_LENGTH);
+            key = kg.generateKey();
+
+            for (int i = 0; i < 15; i++) {
+                plainText = new byte[1600 + i + 1];
+                rdm.nextBytes(plainText);
+
+                if (!mo.equalsIgnoreCase("GCM")) {
+                    ci.init(Cipher.ENCRYPT_MODE, key, aps);
+                } else {
+                    ci.init(Cipher.ENCRYPT_MODE, key);
+                }
+
+                byte[] cipherText = new byte[ci.getOutputSize(plainText.length)];
+                int offset = ci.update(plainText, 0, plainText.length,
+                        cipherText, 0);
+                ci.doFinal(cipherText, offset);
+
+                if (!mo.equalsIgnoreCase("ECB")) {
+                    iv = ci.getIV();
+                    aps = new IvParameterSpec(iv);
+                } else {
+                    aps = null;
+                }
+
+                if (!mo.equalsIgnoreCase("GCM")) {
+                    ci.init(Cipher.DECRYPT_MODE, key, aps);
+                } else {
+                    ci.init(Cipher.DECRYPT_MODE, key, ci.getParameters());
+                }
+
+                byte[] recoveredText = new byte[ci.getOutputSize(cipherText.length)];
+                int len = ci.doFinal(cipherText, 0, cipherText.length,
+                        recoveredText);
+                byte[] tmp = new byte[len];
+
+                for (int j = 0; j < len; j++) {
+                    tmp[j] = recoveredText[j];
+                }
+
+                if (!java.util.Arrays.equals(plainText, tmp)) {
+                    System.out.println("Original: ");
+                    dumpBytes(plainText);
+                    System.out.println("Recovered: ");
+                    dumpBytes(tmp);
+                    throw new RuntimeException(
+                            "Original text is not equal with recovered text, with mode:"
+                                    + mo);
+                }
+            }
+        } catch (NoSuchAlgorithmException e) {
+            //CFB7 and OFB150 are for negative testing
+            if (!mo.equalsIgnoreCase("CFB7") && !mo.equalsIgnoreCase("OFB150")) {
+                System.out
+                .println("Unexpected NoSuchAlgorithmException with mode: "
+                        + mo);
+                throw new RuntimeException("Test failed!");
+            }
+        } catch ( NoSuchProviderException | NoSuchPaddingException
+                | InvalidKeyException | InvalidAlgorithmParameterException
+                | ShortBufferException | IllegalBlockSizeException
+                | BadPaddingException e) {
+            System.out.println("Test failed!");
+            throw e;
+        }
+    }
+
+    private void dumpBytes(byte[] bytes) {
+        for (byte b : bytes) {
+            System.out.print(Integer.toHexString(b));
+        }
+
+        System.out.println();
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/com/sun/crypto/provider/Cipher/AES/TestAESCipher.java	Mon Aug 18 10:59:36 2014 +0100
@@ -0,0 +1,156 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.spec.AlgorithmParameterSpec;
+import java.util.Random;
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.KeyGenerator;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.SecretKey;
+import javax.crypto.ShortBufferException;
+import javax.crypto.spec.IvParameterSpec;
+
+/**
+ * @test
+ * @bug 8043836
+ * @summary Test AES ciphers with different modes and padding schemes (ECB mode
+ *          doesn't use IV).
+ * @author Liwen Wang
+ * @author Parag Salvi
+ */
+public class TestAESCipher {
+
+    private static final String ALGORITHM = "AES";
+    private static final String PROVIDER = "SunJCE";
+    private static final String[] MODES = { "ECb", "CbC", "CTR", "PCBC", "OFB",
+        "OFB150", "cFB", "CFB7", "cFB8", "cFB16", "cFB24", "cFB32",
+        "Cfb40", "cfB48", "cfB56", "cfB64", "cfB72", "cfB80", "cfB88",
+        "cfB96", "cfb104", "cfB112", "cfB120", "OFB8", "OFB16", "OFB24",
+        "OFB32", "OFB40", "OFB48", "OFB56", "OFB64", "OFB72", "OFB80",
+        "OFB88", "OFB96", "OFB104", "OFB112", "OFB120", "GCM" };
+    private static final String[] PADDING = { "NoPadding", "PKCS5Padding" };
+    private static final int KEY_LENGTH = 128;
+
+    public static void main(String argv[]) throws Exception {
+        TestAESCipher test = new TestAESCipher();
+        for (String mode : MODES) {
+            int padKinds = 1;
+            if (mode.equalsIgnoreCase("ECB") || mode.equalsIgnoreCase("PCBC")
+                    || mode.equalsIgnoreCase("CBC")) {
+                padKinds = PADDING.length;
+            }
+
+            for (int k = 0; k < padKinds; k++) {
+                test.runTest(ALGORITHM, mode, PADDING[k]);
+            }
+        }
+    }
+
+    public void runTest(String algo, String mo, String pad) throws Exception {
+        Cipher ci = null;
+        byte[] iv = null;
+        AlgorithmParameterSpec aps = null;
+        SecretKey key = null;
+        try {
+            // Initialization
+            Random rdm = new Random();
+            byte[] plainText = new byte[128];
+            rdm.nextBytes(plainText);
+
+            ci = Cipher.getInstance(algo + "/" + mo + "/" + pad, PROVIDER);
+            KeyGenerator kg = KeyGenerator.getInstance(algo, PROVIDER);
+            kg.init(KEY_LENGTH);
+            key = kg.generateKey();
+
+            // encrypt
+            if (!mo.equalsIgnoreCase("GCM")) {
+                ci.init(Cipher.ENCRYPT_MODE, key, aps);
+            } else {
+                ci.init(Cipher.ENCRYPT_MODE, key);
+            }
+
+            byte[] cipherText = new byte[ci.getOutputSize(plainText.length)];
+            int offset = ci.update(plainText, 0, plainText.length, cipherText,
+                    0);
+            ci.doFinal(cipherText, offset);
+
+            if (!mo.equalsIgnoreCase("ECB")) {
+                iv = ci.getIV();
+                aps = new IvParameterSpec(iv);
+            } else {
+                aps = null;
+            }
+
+            if (!mo.equalsIgnoreCase("GCM")) {
+                ci.init(Cipher.DECRYPT_MODE, key, aps);
+            } else {
+                ci.init(Cipher.DECRYPT_MODE, key, ci.getParameters());
+            }
+
+            byte[] recoveredText = new byte[ci.getOutputSize(cipherText.length)];
+            int len = ci.doFinal(cipherText, 0, cipherText.length,
+                    recoveredText);
+            byte[] tmp = new byte[len];
+            System.arraycopy(recoveredText, 0, tmp, 0, len);
+
+            // Comparison
+            if (!java.util.Arrays.equals(plainText, tmp)) {
+                System.out.println("Original: ");
+                dumpBytes(plainText);
+                System.out.println("Recovered: ");
+                dumpBytes(tmp);
+                throw new RuntimeException(
+                        "Original text is not equal with recovered text, with mode:"
+                                + mo);
+            }
+
+        } catch (NoSuchAlgorithmException e) {
+            //CFB7 and OFB150 are for negative testing
+            if (!mo.equalsIgnoreCase("CFB7") && !mo.equalsIgnoreCase("OFB150")) {
+                System.out.println("Unexpected NoSuchAlgorithmException with mode: "
+                        + mo);
+                throw new RuntimeException("Test failed!");
+            }
+        }  catch ( NoSuchProviderException | NoSuchPaddingException
+                | InvalidKeyException | InvalidAlgorithmParameterException
+                | ShortBufferException | IllegalBlockSizeException
+                | BadPaddingException e) {
+            System.out.println("Test failed!");
+            throw e;
+        }
+    }
+
+    private void dumpBytes(byte[] bytes) {
+        for (byte b : bytes) {
+            System.out.print(Integer.toHexString(b));
+        }
+
+        System.out.println();
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/com/sun/crypto/provider/Cipher/AES/TestNonexpanding.java	Mon Aug 18 10:59:36 2014 +0100
@@ -0,0 +1,115 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.spec.InvalidParameterSpecException;
+import java.util.Random;
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.KeyGenerator;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.SecretKey;
+import javax.crypto.ShortBufferException;
+import javax.crypto.spec.GCMParameterSpec;
+
+/**
+ * @test
+ * @bug 8043836
+ * @summary Test AES encryption with no padding. Expect the original data length
+ *          is the same as the encrypted data.
+ */
+public class TestNonexpanding {
+
+    private static final String ALGORITHM = "AES";
+    private static final String PROVIDER = "SunJCE";
+    private static final String[] MODES = { "ECb", "CbC", "OFB", "OFB150",
+        "cFB", "CFB7", "cFB8", "cFB16", "cFB24", "cFB32", "Cfb40", "cfB48",
+        "cfB56", "cfB64", "cfB72", "cfB80", "cfB88", "cfB96", "cfb104",
+        "cfB112", "cfB120", "GCM" };
+    private static final String PADDING = "NoPadding";
+    private static final int KEY_LENGTH = 128;
+
+    public static void main(String argv[]) throws Exception {
+        TestNonexpanding test = new TestNonexpanding();
+        for (String mode : MODES) {
+            test.runTest(ALGORITHM, mode, PADDING);
+        }
+    }
+
+    public void runTest(String algo, String mo, String pad) throws Exception {
+        Cipher ci = null;
+        SecretKey key = null;
+        try {
+            // Initialization
+            Random rdm = new Random();
+            byte[] plainText = new byte[128];
+            rdm.nextBytes(plainText);
+
+            ci = Cipher.getInstance(algo + "/" + mo + "/" + pad, PROVIDER);
+
+            KeyGenerator kg = KeyGenerator.getInstance(algo, PROVIDER);
+            kg.init(KEY_LENGTH);
+            key = kg.generateKey();
+
+            // encrypt
+            ci.init(Cipher.ENCRYPT_MODE, key);
+            byte[] cipherText = new byte[ci.getOutputSize(plainText.length)];
+            int offset = ci.update(plainText, 0, plainText.length, cipherText,
+                    0);
+            ci.doFinal(cipherText, offset);
+
+            // Comparison
+            if (!(plainText.length == cipherText.length)) {
+                // The result of encryption in GCM is a combination of an
+                // authentication tag and cipher text.
+                if (mo.equalsIgnoreCase("GCM")) {
+                    GCMParameterSpec spec = ci.getParameters().getParameterSpec(GCMParameterSpec.class);
+                    int cipherTextLength = cipherText.length - spec.getTLen()
+                            / 8;
+                    if (plainText.length == cipherTextLength) {
+                        return;
+                    }
+                }
+                System.out.println("Original length: " + plainText.length);
+                System.out.println("Cipher text length: " + cipherText.length);
+                throw new RuntimeException("Test failed!");
+            }
+        } catch (NoSuchAlgorithmException e) {
+            //CFB7 and OFB150 are for negative testing
+            if (!mo.equalsIgnoreCase("CFB7") && !mo.equalsIgnoreCase("OFB150")) {
+                System.out.println("Unexpected NoSuchAlgorithmException with mode: "
+                        + mo);
+                throw new RuntimeException("Test failed!");
+            }
+        } catch ( NoSuchProviderException | NoSuchPaddingException
+                | InvalidKeyException | InvalidParameterSpecException
+                | ShortBufferException | IllegalBlockSizeException
+                | BadPaddingException e) {
+            System.out.println("Test failed!");
+            throw e;
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/com/sun/crypto/provider/Cipher/AES/TestSameBuffer.java	Mon Aug 18 10:59:36 2014 +0100
@@ -0,0 +1,138 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.spec.AlgorithmParameterSpec;
+import java.util.Random;
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.KeyGenerator;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.SecretKey;
+import javax.crypto.ShortBufferException;
+import javax.crypto.spec.IvParameterSpec;
+
+/**
+ * @test
+ * @bug 8043836
+ * @summary Test AES ciphers with different modes and padding schemes (ECB mode
+ *          doesn't use IV). The test tries 3 different read methods of
+ *          CipherInputStream.
+ */
+public class TestSameBuffer {
+
+    private static final String ALGORITHM = "Rijndael";
+    private static final String PROVIDER = "SunJCE";
+    private static final String[] MODES = { "ECb", "CbC", "OFB", "CFB150",
+        "cFB", "CFB7", " cFB8", "cFB16", "cFB24", "cFB32", "Cfb40",
+        "cfB48", " cfB56", "cfB64", "cfB72", "cfB80", "cfB88", "cfB96",
+        "cfb104", "cfB112", "cfB120" };
+    private static final String PADDING = "NoPadding";
+    private static final int KEY_LENGTH = 128;
+
+    public static void main(String argv[]) throws Exception {
+        TestSameBuffer test = new TestSameBuffer();
+        for (String mode : MODES) {
+            test.runTest(ALGORITHM, mode, PADDING);
+        }
+    }
+
+    public void runTest(String algo, String mo, String pad) throws Exception {
+        Cipher ci = null;
+        byte[] iv = null;
+        AlgorithmParameterSpec aps = null;
+        SecretKey key = null;
+        try {
+            // Initialization
+            Random rdm = new Random();
+            byte[] plainText = new byte[128];
+            rdm.nextBytes(plainText);
+
+            // keep the plain text
+            byte[] tmpText = new byte[plainText.length];
+            for (int i = 0; i < plainText.length; i++) {
+                tmpText[i] = plainText[i];
+            }
+
+            ci = Cipher.getInstance(algo + "/" + mo + "/" + pad, PROVIDER);
+
+            KeyGenerator kg = KeyGenerator.getInstance(algo, PROVIDER);
+            kg.init(KEY_LENGTH);
+            key = kg.generateKey();
+
+            // encrypt
+            ci.init(Cipher.ENCRYPT_MODE, key);
+            int offset = ci
+                    .update(plainText, 0, plainText.length, plainText, 0);
+            ci.doFinal(plainText, offset);
+
+            if (!mo.equalsIgnoreCase("ECB")) {
+                iv = ci.getIV();
+                aps = new IvParameterSpec(iv);
+            } else {
+                aps = null;
+            }
+
+            ci.init(Cipher.DECRYPT_MODE, key, aps);
+            byte[] recoveredText = new byte[ci.getOutputSize(plainText.length)];
+            ci.doFinal(plainText, 0, plainText.length, recoveredText);
+
+            // Comparison
+            if (!java.util.Arrays.equals(tmpText, recoveredText)) {
+                System.out.println("Original: ");
+                dumpBytes(plainText);
+                System.out.println("Recovered: ");
+                dumpBytes(recoveredText);
+                throw new RuntimeException(
+                        "Original text is not equal with recovered text, with mode:"
+                                + mo);
+            }
+
+        } catch (NoSuchAlgorithmException e) {
+            //CFB7 and CFB150 are for negative testing
+            if (!mo.equalsIgnoreCase("CFB7") && !mo.equalsIgnoreCase("CFB150")) {
+                System.out.println("Unexpected NoSuchAlgorithmException with mode: "
+                        + mo);
+                throw new RuntimeException("Test failed!");
+            }
+        }  catch (NoSuchProviderException | NoSuchPaddingException
+                | InvalidKeyException | InvalidAlgorithmParameterException
+                | ShortBufferException | IllegalBlockSizeException
+                | BadPaddingException e) {
+            System.out.println("Test failed!");
+            throw e;
+        }
+    }
+
+    private void dumpBytes(byte[] bytes) {
+        for (byte b : bytes) {
+            System.out.print(Integer.toHexString(b));
+        }
+
+        System.out.println();
+    }
+}
--- a/jdk/test/com/sun/tools/attach/StartManagementAgent.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/test/com/sun/tools/attach/StartManagementAgent.java	Mon Aug 18 10:59:36 2014 +0100
@@ -40,7 +40,7 @@
  * @test
  * @summary Test for VirtualMachine.startManagementAgent and VirtualMachine.startLocalManagementAgent
  * @library /lib/testlibrary
- * @run build Application jdk.testlibrary.*
+ * @run build Application SimpleProvider jdk.testlibrary.*
  * @run main StartManagementAgent
  */
 
--- a/jdk/test/java/lang/Long/ParsingTest.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/test/java/lang/Long/ParsingTest.java	Mon Aug 18 10:59:36 2014 +0100
@@ -128,10 +128,10 @@
     }
 
     private static void checkNumberFormatException(String val, int radix, int start) {
-        int n = 0;
+        long n = 0;
         try {
-            n = Integer.parseInt(val, radix, start);
-            System.err.println("parseInt(" + val + ", " + radix + ", " + start +
+            n = Long.parseLong(val, radix, start);
+            System.err.println("parseLong(" + val + ", " + radix + ", " + start +
                     ") incorrectly returned " + n);
             throw new RuntimeException();
         } catch (NumberFormatException nfe) {
@@ -143,7 +143,7 @@
         long n = 0;
         try {
             n = Long.parseLong(val, radix, start, end);
-            System.err.println("parseInt(" + val + ", " + radix + ", " + start + ", " + end +
+            System.err.println("parseLong(" + val + ", " + radix + ", " + start + ", " + end +
                     ") incorrectly returned " + n);
             throw new RuntimeException();
         } catch (NumberFormatException nfe) {
@@ -152,10 +152,10 @@
     }
 
     private static void checkIndexOutOfBoundsException(String val, int radix, int start) {
-        int n = 0;
+        long n = 0;
         try {
-            n = Integer.parseInt(val, radix, start);
-            System.err.println("parseInt(" + val + ", " + radix + ", " + start +
+            n = Long.parseLong(val, radix, start);
+            System.err.println("parseLong(" + val + ", " + radix + ", " + start +
                     ") incorrectly returned " + n);
             throw new RuntimeException();
         } catch (IndexOutOfBoundsException ioob) {
@@ -167,7 +167,7 @@
         long n = 0;
         try {
             n = Long.parseLong(val, radix, start, end);
-            System.err.println("parseInt(" + val + ", " + radix + ", " + start + ", " + end +
+            System.err.println("parseLong(" + val + ", " + radix + ", " + start + ", " + end +
                     ") incorrectly returned " + n);
             throw new RuntimeException();
         } catch (IndexOutOfBoundsException ioob) {
@@ -179,7 +179,7 @@
         long n = 0;
         try {
             n = Long.parseLong(null, 10, start, end);
-            System.err.println("parseInt(null, " + radix + ", " + start + ", " + end +
+            System.err.println("parseLong(null, " + radix + ", " + start + ", " + end +
                     ") incorrectly returned " + n);
             throw new RuntimeException();
         } catch (NullPointerException npe) {
--- a/jdk/test/java/lang/SecurityManager/CheckPackageAccess.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/test/java/lang/SecurityManager/CheckPackageAccess.java	Mon Aug 18 10:59:36 2014 +0100
@@ -92,8 +92,6 @@
         String osName = System.getProperty("os.name");
         if (osName.contains("OS X")) {
             pkgs.add("apple.");  // add apple package for OS X
-        } else if (osName.startsWith("Windows")) {
-            pkgs.add("com.sun.java.accessibility.");
         }
 
         List<String> jspkgs =
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/java/lang/SecurityManager/CheckSecurityProvider.java	Mon Aug 18 10:59:36 2014 +0100
@@ -0,0 +1,98 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 6997010
+ * @summary Consolidate java.security files into one file with modifications
+ */
+
+import java.security.Provider;
+import java.security.Security;
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+
+/*
+ * The main benefit of this test is to catch merge errors or other types
+ * of issues where one or more of the security providers are accidentally
+ * removed. This is why the known security providers have to
+ * be explicitly listed below.
+ */
+public class CheckSecurityProvider {
+    public static void main(String[] args) throws Exception {
+
+        String os = System.getProperty("os.name");
+
+        /*
+         * This array should be updated whenever new security providers
+         * are added to the the java.security file.
+         * NOTE: it should be in the same order as the java.security file
+         */
+
+        List<String> expected = new ArrayList<>();
+
+        if (os.equals("SunOS")) {
+            if (!isOpenJDKOnly()) {
+                expected.add("com.oracle.security.ucrypto.UcryptoProvider");
+            }
+            expected.add("sun.security.pkcs11.SunPKCS11");
+        }
+        expected.add("sun.security.provider.Sun");
+        expected.add("sun.security.rsa.SunRsaSign");
+        expected.add("sun.security.ec.SunEC");
+        expected.add("com.sun.net.ssl.internal.ssl.Provider");
+        expected.add("com.sun.crypto.provider.SunJCE");
+        expected.add("sun.security.jgss.SunProvider");
+        expected.add("com.sun.security.sasl.Provider");
+        expected.add("org.jcp.xml.dsig.internal.dom.XMLDSigRI");
+        expected.add("sun.security.smartcardio.SunPCSC");
+        if (os.startsWith("Windows")) {
+            expected.add("sun.security.mscapi.SunMSCAPI");
+        }
+        if (os.contains("OS X")) {
+            expected.add("apple.security.AppleProvider");
+        }
+
+        Iterator<String> iter = expected.iterator();
+        for (Provider p: Security.getProviders()) {
+            if (!iter.hasNext()) {
+                throw new Exception("Less expected");
+            }
+            String n1 = iter.next();
+            String n2 = p.getClass().getName();
+            if (!n1.equals(n2)) {
+                throw new Exception("Expected " + n1 + ", actual " + n2);
+            }
+        }
+        if (iter.hasNext()) {
+            throw new Exception("More expected");
+        }
+    }
+
+    // Copied from CheckPackageAccess.java in the same directory
+    private static boolean isOpenJDKOnly() {
+        String prop = System.getProperty("java.runtime.name");
+        return prop != null && prop.startsWith("OpenJDK");
+    }
+}
--- a/jdk/test/java/lang/annotation/typeAnnotations/ConstructorReceiverTest.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/test/java/lang/annotation/typeAnnotations/ConstructorReceiverTest.java	Mon Aug 18 10:59:36 2014 +0100
@@ -23,7 +23,7 @@
 
 /*
  * @test
- * @bug 8023651
+ * @bug 8023651 8044629
  * @summary Test that the receiver annotations and the return annotations of
  *          constructors behave correctly.
  * @run testng ConstructorReceiverTest
@@ -38,11 +38,16 @@
 import static org.testng.Assert.*;
 
 public class ConstructorReceiverTest {
+    public static final Integer EMPTY_ANNOTATED_TYPE =  Integer.valueOf(-1);
+
     // Format is {
     //   { Class to get ctor for,
     //       ctor param class,
     //       value of anno of return type,
-    //       value of anno for receiver or null if there should be no receiver anno
+    //       value of anno for receiver,
+    //              or null if there should be no receiver,
+    //              or EMPTY_ANNOTATED_TYPE of there should be a receiver but
+    //              no annotation
     //    },
     //    ...
     // }
@@ -51,13 +56,15 @@
         { ConstructorReceiverTest.Middle.class, ConstructorReceiverTest.class, Integer.valueOf(10), Integer.valueOf(15) },
         { ConstructorReceiverTest.Middle.Inner.class, ConstructorReceiverTest.Middle.class, Integer.valueOf(100), Integer.valueOf(150) },
         { ConstructorReceiverTest.Middle.Inner.Innermost.class, ConstructorReceiverTest.Middle.Inner.class, Integer.valueOf(1000), Integer.valueOf(1500) },
-        { ConstructorReceiverTest.Middle.InnerNoReceiver.class, ConstructorReceiverTest.Middle.class, Integer.valueOf(300), null },
+        { ConstructorReceiverTest.Middle.InnerNoReceiver.class, ConstructorReceiverTest.Middle.class, Integer.valueOf(300), EMPTY_ANNOTATED_TYPE },
         { ConstructorReceiverTest.Nested.class, null, Integer.valueOf(20), null },
         { ConstructorReceiverTest.Nested.NestedMiddle.class, ConstructorReceiverTest.Nested.class, Integer.valueOf(200), Integer.valueOf(250)},
         { ConstructorReceiverTest.Nested.NestedMiddle.NestedInner.class, ConstructorReceiverTest.Nested.NestedMiddle.class, Integer.valueOf(2000), Integer.valueOf(2500)},
-        { ConstructorReceiverTest.Nested.NestedMiddle.NestedInnerNoReceiver.class, ConstructorReceiverTest.Nested.NestedMiddle.class, Integer.valueOf(4000), null},
+        { ConstructorReceiverTest.Nested.NestedMiddle.NestedInnerNoReceiver.class, ConstructorReceiverTest.Nested.NestedMiddle.class, Integer.valueOf(4000), EMPTY_ANNOTATED_TYPE},
+        { ConstructorReceiverTest.Nested.NestedMiddle.SecondNestedInnerNoReceiver.class, ConstructorReceiverTest.Nested.NestedMiddle.class, Integer.valueOf(5000), EMPTY_ANNOTATED_TYPE},
     };
 
+
     @DataProvider
     public Object[][] data() { return TESTS; }
 
@@ -71,14 +78,27 @@
             c = toTest.getDeclaredConstructor(ctorParamType);
 
         AnnotatedType annotatedReceiverType = c.getAnnotatedReceiverType();
-        Annotation[] receiverAnnotations = annotatedReceiverType.getAnnotations();
 
+        // Some Constructors doesn't conceptually have a receiver, they should return null
         if (receiverVal == null) {
-            assertEquals(receiverAnnotations.length, 0, Arrays.asList(receiverAnnotations).toString() +
-                    " should be empty. Looking at 'length': ");
+            assertNull(annotatedReceiverType, "getAnnotatedReciverType  should return null for Constructor: " + c);
             return;
         }
 
+        // check that getType() matches the receiver
+        assertEquals(annotatedReceiverType.getType(),
+                ctorParamType,
+                "getType() doesn't match receiver type: " + ctorParamType);
+
+        Annotation[] receiverAnnotations = annotatedReceiverType.getAnnotations();
+
+        // Some Constructors have no annotations on but in theory can have a receiver
+        if (receiverVal.equals(EMPTY_ANNOTATED_TYPE)) {
+            assertEquals(receiverAnnotations.length, 0, "expecting an empty annotated type for: " + c);
+            return;
+        }
+
+        // The rest should have annotations
         assertEquals(receiverAnnotations.length, 1, "expecting a 1 element array. Looking at 'length': ");
         assertEquals(((Annot)receiverAnnotations[0]).value(), receiverVal.intValue(), " wrong annotation found. Found " +
                 receiverAnnotations[0] +
@@ -136,6 +156,10 @@
             class NestedInnerNoReceiver {
                 @Annot(4000) public NestedInnerNoReceiver() {}
             }
+
+            class SecondNestedInnerNoReceiver {
+                @Annot(5000) public SecondNestedInnerNoReceiver(NestedMiddle NestedMiddle.this) {}
+            }
         }
     }
 
--- a/jdk/test/java/lang/annotation/typeAnnotations/GetAnnotatedReceiverType.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/test/java/lang/annotation/typeAnnotations/GetAnnotatedReceiverType.java	Mon Aug 18 10:59:36 2014 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2013, 2014 Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,10 +23,11 @@
 
 /*
  * @test
- * @bug 8024915
+ * @bug 8024915 8044629
  */
 
 import java.lang.reflect.AnnotatedType;
+import java.lang.reflect.Executable;
 import java.util.Arrays;
 
 public class GetAnnotatedReceiverType {
@@ -42,41 +43,115 @@
         public Inner1(GetAnnotatedReceiverType GetAnnotatedReceiverType.this) {}
     }
 
+    public static class Nested {
+        public Nested() {}
+
+        public class NestedInner {
+            public NestedInner() { }
+
+            public Class<?> getLocalClass () {
+                class NestedInnerLocal { public NestedInnerLocal() {} }
+                return NestedInnerLocal.class;
+            }
+
+            public Class<?> getAnonymousClass() {
+                return new Object() {}.getClass();
+            }
+        }
+    }
+
+    public class Inner2 {
+        public Inner2() { }
+
+        public class Inner3 {
+            public Inner3() { }
+
+            public Class<?> getLocalClass () {
+                class InnerLocal { public InnerLocal() {} }
+                return InnerLocal.class;
+            }
+
+            public Class<?> getAnonymousClass() {
+                return new Object() {}.getClass();
+            }
+        }
+
+        public Class<?> getLocalClass () {
+            class InnerLocal { public InnerLocal() {} }
+                return InnerLocal.class;
+        }
+
+        public Class<?> getAnonymousClass() {
+            return new Object() {}.getClass();
+        }
+    }
+
     private static int failures = 0;
     private static int tests = 0;
 
     public static void main(String[] args) throws NoSuchMethodException {
-        checkEmptyAT(GetAnnotatedReceiverType.class.getMethod("method").getAnnotatedReceiverType(),
+        checkEmptyAT(GetAnnotatedReceiverType.class.getMethod("method"),
                 "getAnnotatedReceiverType for \"method\" should return an empty AnnotatedType");
-        checkEmptyAT(Inner0.class.getConstructor(GetAnnotatedReceiverType.class).getAnnotatedReceiverType(),
+        checkEmptyAT(Inner0.class.getConstructor(GetAnnotatedReceiverType.class),
                 "getAnnotatedReceiverType for a ctor without a \"this\" should return an empty AnnotatedType");
 
-        checkEmptyAT(GetAnnotatedReceiverType.class.getMethod("method0").getAnnotatedReceiverType(),
+        checkEmptyAT(GetAnnotatedReceiverType.class.getMethod("method0"),
                 "getAnnotatedReceiverType for \"method0\" should return an empty AnnotatedType");
-        checkEmptyAT(Inner1.class.getConstructor(GetAnnotatedReceiverType.class).getAnnotatedReceiverType(),
+        checkEmptyAT(Inner1.class.getConstructor(GetAnnotatedReceiverType.class),
                 "getAnnotatedReceiverType for a ctor with a \"this\" should return an empty AnnotatedType");
 
-        checkNull(GetAnnotatedReceiverType.class.getMethod("method4").getAnnotatedReceiverType(),
+        checkNull(GetAnnotatedReceiverType.class.getMethod("method4"),
                 "getAnnotatedReceiverType() on a static method should return null");
 
+        // More nested, inner, local and anonymous classes
+        Nested nested = new Nested();
+        Nested.NestedInner instance = nested.new NestedInner();
+        checkNull(nested.getClass().getConstructors()[0],
+                "getAnnotatedReceiverType() on a constructor for a static class should return null");
+        checkEmptyAT(instance.getClass().getConstructors()[0],
+                "getAnnotatedReceiverType for a ctor without a \"this\" should return an empty AnnotatedType");
+        checkNull(instance.getLocalClass().getConstructors()[0],
+                "getAnnotatedReceiverType() on a constructor for a local class should return null");
+        checkNull(instance.getAnonymousClass().getDeclaredConstructors()[0],
+                "getAnnotatedReceiverType() on a constructor for an anonymous class should return null");
+
+        GetAnnotatedReceiverType outer = new GetAnnotatedReceiverType();
+        Inner2 instance2 = outer.new Inner2();
+        checkEmptyAT(instance2.getClass().getConstructors()[0],
+                "getAnnotatedReceiverType for a ctor without a \"this\" should return an empty AnnotatedType");
+        checkNull(instance2.getLocalClass().getConstructors()[0],
+                "getAnnotatedReceiverType() on a constructor for a local class should return null");
+        checkNull(instance2.getAnonymousClass().getDeclaredConstructors()[0],
+                "getAnnotatedReceiverType() on a constructor for an anonymous class should return null");
+
+        Inner2.Inner3 instance3 = instance2.new Inner3();
+        checkEmptyAT(instance3.getClass().getConstructors()[0],
+                "getAnnotatedReceiverType for a ctor without a \"this\" should return an empty AnnotatedType");
+        checkNull(instance3.getLocalClass().getConstructors()[0],
+                "getAnnotatedReceiverType() on a constructor for a local class should return null");
+        checkNull(instance3.getAnonymousClass().getDeclaredConstructors()[0],
+                "getAnnotatedReceiverType() on a constructor for an anonymous class should return null");
+
         if (failures != 0)
             throw new RuntimeException("Test failed, see log for details");
-        else if (tests != 5)
+        else if (tests != 15)
             throw new RuntimeException("Not all cases ran, failing");
     }
 
-    private static void checkNull(Object o, String msg) {
-        if (o != null) {
+    private static void checkNull(Executable e, String msg) {
+        AnnotatedType a = e.getAnnotatedReceiverType();
+        if (a != null) {
             failures++;
-            System.err.println(msg);
+            System.err.println(msg + ": " + e);
         }
         tests++;
     }
 
-    private static void checkEmptyAT(AnnotatedType a, String msg) {
+    private static void checkEmptyAT(Executable e, String msg) {
+        AnnotatedType a = e.getAnnotatedReceiverType();
         if (a.getAnnotations().length != 0) {
             failures++;
-            System.err.print(msg);
+            System.err.print(msg + ": " + e);
         }
         tests++;
     }
--- a/jdk/test/java/lang/annotation/typeAnnotations/TestExecutableGetAnnotatedType.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/test/java/lang/annotation/typeAnnotations/TestExecutableGetAnnotatedType.java	Mon Aug 18 10:59:36 2014 +0100
@@ -73,13 +73,11 @@
         testParameters(e.getParameters());
     }
 
-    // should test constructors as well, see JDK-8044629
     @Test(dataProvider = "genericMethodData")
     public void testGenericReceiverType(Executable e) throws Exception {
         testReceiverType0(e);
     }
 
-    // should test constructors as well, see JDK-8044629
     @Test(dataProvider = "methodData")
     public void testReceiverType(Executable e) throws Exception {
         testReceiverType0(e);
--- a/jdk/test/java/net/ipv6tests/Tests.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/test/java/net/ipv6tests/Tests.java	Mon Aug 18 10:59:36 2014 +0100
@@ -26,6 +26,9 @@
 import java.util.*;
 
 public class Tests {
+
+    static boolean isWindows = System.getProperty("os.name").startsWith("Windows");
+
     /**
      * performs a simple exchange of data between the two sockets
      * and throws an exception if there is any problem.
@@ -264,6 +267,12 @@
             if (ifs != null) {
                 while (ifs.hasMoreElements()) {
                     NetworkInterface nic = (NetworkInterface)ifs.nextElement();
+                    // Skip (Windows)Teredo Tunneling Pseudo-Interface
+                    if (isWindows) {
+                        String dName = nic.getDisplayName();
+                        if (dName != null && dName.contains("Teredo"))
+                            continue;
+                    }
                     try {
                         if (nic.isUp() && !nic.isLoopback())
                             return nic;
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/java/util/Calendar/SupplementalJapaneseEraTest.java	Mon Aug 18 10:59:36 2014 +0100
@@ -0,0 +1,156 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.text.SimpleDateFormat;
+import java.time.chrono.JapaneseDate;
+import java.util.Calendar;
+import java.util.Date;
+import java.util.GregorianCalendar;
+import static java.util.GregorianCalendar.*;
+import java.util.Locale;
+import java.util.TimeZone;
+
+/*
+ * Usage:
+ *   java SupplementalJapaneseEraTest <flag>
+ *    <flag>
+ *      -s   prints start time for a test era
+ *      -e   prints the English name of the last predefined era
+ *
+ *   java -Djdk.calendar.japanese.supplemental.era=... SupplementalJapaneseEraTest <flag>
+ *      -t   executes tests with a valid property value
+ *      -b <eraname>
+ *           executes tests with an invalid property value
+ *           <eraname> must be the output with -e
+ */
+
+public class SupplementalJapaneseEraTest {
+    private static final Locale WAREKI_LOCALE = Locale.forLanguageTag("ja-JP-u-ca-japanese");
+    private static final String NEW_ERA_NAME = "NewEra";
+    private static final String NEW_ERA_ABBR = "N.E.";
+    private static int errors = 0;
+
+    public static void main(String[] args) {
+        // args[0] is a flag.
+        switch (args[0]) {
+        case "-s":
+            // print the start time of the new era for testing
+            Calendar cal = new Calendar.Builder()
+                .setCalendarType("japanese")
+                .setTimeZone(TimeZone.getTimeZone("GMT"))
+                .setDate(200, FEBRUARY, 11)
+                .build();
+            System.out.println(cal.getTimeInMillis());
+            break;
+
+        case "-e":
+            // print the current era name in English
+            Calendar jcal = new Calendar.Builder()
+                .setCalendarType("japanese")
+                .setFields(YEAR, 1, DAY_OF_YEAR, 1)
+                .build();
+            System.out.println(jcal.getDisplayName(ERA, LONG, Locale.US));
+            break;
+
+        case "-t":
+            // test with a valid property value
+            testProperty();
+            break;
+
+        case "-b":
+            // test with an invalid property value
+            // args[1] is the current era name given by -e.
+            testValidation(args[1].replace("\r", "")); // remove any CR for Cygwin
+            break;
+        }
+        if (errors != 0) {
+            throw new RuntimeException("test failed");
+        }
+    }
+
+    private static void testProperty() {
+        Calendar jcal = new Calendar.Builder()
+            .setCalendarType("japanese")
+            .setFields(YEAR, 1, DAY_OF_YEAR, 1)
+            .build();
+        Date firstDayOfEra = jcal.getTime();
+
+        jcal.set(ERA, jcal.get(ERA) - 1); // previous era
+        jcal.set(YEAR, 1);
+        jcal.set(DAY_OF_YEAR, 1);
+        Calendar cal = new GregorianCalendar();
+        cal.setTimeInMillis(jcal.getTimeInMillis());
+        cal.add(YEAR, 199);
+        int year = cal.get(YEAR);
+
+        SimpleDateFormat sdf;
+        String expected, got;
+
+        // test long era name
+        sdf = new SimpleDateFormat("GGGG y-MM-dd", WAREKI_LOCALE);
+        got = sdf.format(firstDayOfEra);
+        expected = NEW_ERA_NAME + " 1-02-11";
+        if (!expected.equals(got)) {
+            System.err.printf("GGGG y-MM-dd: got=\"%s\", expected=\"%s\"%n", got, expected);
+            errors++;
+        }
+
+        // test era abbreviation
+        sdf = new SimpleDateFormat("G y-MM-dd", WAREKI_LOCALE);
+        got = sdf.format(firstDayOfEra);
+        expected = NEW_ERA_ABBR+" 1-02-11";
+        if (!expected.equals(got)) {
+            System.err.printf("GGGG y-MM-dd: got=\"%s\", expected=\"%s\"%n", got, expected);
+            errors++;
+        }
+
+        // confirm the gregorian year
+        sdf = new SimpleDateFormat("y", Locale.US);
+        int y = Integer.parseInt(sdf.format(firstDayOfEra));
+        if (y != year) {
+            System.err.printf("Gregorian year: got=%d, expected=%d%n", y, year);
+            errors++;
+        }
+
+        // test java.time.chrono.JapaneseEra
+        JapaneseDate jdate = JapaneseDate.of(year, 2, 11);
+        got = jdate.toString();
+        expected = "Japanese " + NEW_ERA_NAME + " 1-02-11";
+        if (!expected.equals(got)) {
+            System.err.printf("JapaneseDate: got=\"%s\", expected=\"%s\"%n", got, expected);
+            errors++;
+        }
+    }
+
+    private static void testValidation(String eraName) {
+        Calendar jcal = new Calendar.Builder()
+            .setCalendarType("japanese")
+            .setFields(YEAR, 1, DAY_OF_YEAR, 1)
+            .build();
+        if (!jcal.getDisplayName(ERA, LONG, Locale.US).equals(eraName)) {
+            errors++;
+            String prop = System.getProperty("jdk.calendar.japanese.supplemental.era");
+            System.err.println("Era changed with invalid property: " + prop);
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/java/util/Calendar/SupplementalJapaneseEraTest.sh	Mon Aug 18 10:59:36 2014 +0100
@@ -0,0 +1,74 @@
+#
+# Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+# @test
+# @bug 8048123
+# @summary Test for jdk.calendar.japanese.supplemental.era support
+# @build SupplementalJapaneseEraTest
+# @run shell SupplementalJapaneseEraTest.sh
+
+PROPERTY=jdk.calendar.japanese.supplemental.era
+STATUS=0
+
+# get the start time of the fictional next era
+SINCE=`${TESTJAVA}/bin/java -cp "${TESTCLASSES}" SupplementalJapaneseEraTest -s`
+
+echo "Tests with valid property values..."
+for P in "name=NewEra,abbr=N.E.,since=$SINCE" \
+         "name = NewEra, abbr = N.E., since = $SINCE"
+do
+    if ${TESTJAVA}/bin/java ${TESTVMOPTS} -cp "${TESTCLASSES}" \
+           -D$PROPERTY="$P" SupplementalJapaneseEraTest -t; then
+        echo "$P: passed"
+    else
+        echo "$P: failed"
+        STATUS=1
+    fi
+done
+
+# get the name of the current era to be used to confirm that
+# invalid property values are ignored.
+ERA=`${TESTJAVA}/bin/java -cp "${TESTCLASSES}" SupplementalJapaneseEraTest -e`
+
+echo "Tests with invalid property values..."
+for P in "foo=Bar,name=NewEra,abbr=N.E.,since=$SINCE" \
+         "=NewEra,abbr=N.E.,since=$SINCE" \
+         "=,abbr=N.E.,since=$SINCE" \
+         "name,abbr=N.E.,since=$SINCE" \
+         "abbr=N.E.,since=$SINCE" \
+         "name=NewEra,since=$SINCE" \
+         "name=,abbr=N.E.,since=$SINCE" \
+         "name=NewEra,abbr=,since=$SINCE" \
+         "name=NewEra,abbr=N.E." \
+         "name=NewEra,abbr=N.E.,since=0" \
+         "name=NewEra,abbr=N.E.,since=9223372036854775808" # Long.MAX_VALUE+1
+do
+    if ${TESTJAVA}/bin/java ${TESTVMOPTS} -cp "${TESTCLASSES}" \
+           -D$PROPERTY="$P" SupplementalJapaneseEraTest -b "$ERA"; then
+        echo "$P: passed"
+    else
+        echo "$P: failed"
+        STATUS=1
+    fi
+done
+exit $STATUS
--- a/jdk/test/java/util/StringJoiner/MergeTest.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/test/java/util/StringJoiner/MergeTest.java	Mon Aug 18 10:59:36 2014 +0100
@@ -23,7 +23,7 @@
 
 /**
  * @test
- * @bug 8017231 8020977
+ * @bug 8017231 8020977 8054221
  * @summary test  StringJoiner::merge
  * @run testng MergeTest
  */
@@ -36,98 +36,135 @@
 
 @Test
 public class MergeTest {
-    public void testNull() {
-        StringJoiner sj = new StringJoiner(",", "{", "}");
-        try {
-            sj.merge(null);
-            fail("Should throw NullPointerException!");
-        } catch (NullPointerException npe) {
-            // expected
+    private final static String[] PREFIXES = {"", "{", "@#$%"};
+    private final static String[] SUFFIXES = {"", "}", "*&%$"};
+
+    private static class Fixes {
+        public String pre0, suf0;
+        public String pre1, suf1;
+        public Fixes(String prefix0, String suffix0,
+                     String prefix1, String suffix1) {
+            this.pre0 = prefix0;
+            this.suf0 = suffix0;
+            this.pre1 = prefix1;
+            this.suf1 = suffix1;
         }
     }
 
+    private static Stream<Fixes> fixesStream() {
+        Stream.Builder<Fixes> builder = Stream.builder();
+        for (final String prefix0 : PREFIXES) {
+            for (final String suffix0 : SUFFIXES) {
+                for (final String prefix1 : PREFIXES) {
+                    for (final String suffix1 : SUFFIXES) {
+                        builder.accept(new Fixes(prefix0, suffix0,
+                                                 prefix1, suffix1));
+                    }
+                }
+            }
+        }
+        return builder.build();
+    }
+
+    @Test(expectedExceptions = {NullPointerException.class})
+    public void testNull() {
+        StringJoiner sj = new StringJoiner(",", "{", "}");
+        sj.merge(null);
+    }
+
     public void testSimple() {
-        StringJoiner sj = new StringJoiner(",", "{", "}");
-        StringJoiner other = new StringJoiner(",", "[", "]");
-        Stream.of("a", "b", "c").forEachOrdered(sj::add);
-        Stream.of("d", "e", "f").forEachOrdered(other::add);
+        fixesStream().forEach(fixes -> {
+            StringJoiner sj = new StringJoiner(",", fixes.pre0, fixes.suf0);
+            StringJoiner other = new StringJoiner(",", fixes.pre1, fixes.suf1);
+            Stream.of("a", "b", "c").forEachOrdered(sj::add);
+            Stream.of("d", "e", "f").forEachOrdered(other::add);
 
-        sj.merge(other);
-        assertEquals(sj.toString(), "{a,b,c,d,e,f}");
+            sj.merge(other);
+            assertEquals(sj.toString(), fixes.pre0 + "a,b,c,d,e,f" + fixes.suf0);
+        });
     }
 
     public void testEmptyOther() {
-        StringJoiner sj = new StringJoiner(",", "{", "}");
-        StringJoiner other = new StringJoiner(",", "[", "]");
-        Stream.of("a", "b", "c").forEachOrdered(sj::add);
+        fixesStream().forEach(fixes -> {
+            StringJoiner sj = new StringJoiner(",", fixes.pre0, fixes.suf0);
+            StringJoiner other = new StringJoiner(",", fixes.pre1, fixes.suf1);
+            Stream.of("a", "b", "c").forEachOrdered(sj::add);
 
-        sj.merge(other);
-        assertEquals(sj.toString(), "{a,b,c}");
+            sj.merge(other);
+            assertEquals(sj.toString(), fixes.pre0 + "a,b,c" + fixes.suf0);
 
-        other.setEmptyValue("EMPTY");
-        sj.merge(other);
-        assertEquals(sj.toString(), "{a,b,c}");
+            other.setEmptyValue("EMPTY");
+            sj.merge(other);
+            assertEquals(sj.toString(), fixes.pre0 + "a,b,c" + fixes.suf0);
+        });
     }
 
     public void testEmptyThis() {
-        StringJoiner sj = new StringJoiner(",", "{", "}");
-        StringJoiner other = new StringJoiner(":", "[", "]");
-        Stream.of("d", "e", "f").forEachOrdered(other::add);
+        fixesStream().forEach(fixes -> {
+            StringJoiner sj = new StringJoiner(",", fixes.pre0, fixes.suf0);
+            StringJoiner other = new StringJoiner(":", fixes.pre1, fixes.suf1);
+            Stream.of("d", "e", "f").forEachOrdered(other::add);
 
-        sj.merge(other);
-        assertEquals(sj.toString(), "{d:e:f}");
+            sj.merge(other);
+            assertEquals(sj.toString(), fixes.pre0 + "d:e:f" + fixes.suf0);
 
-        sj = new StringJoiner(",", "{", "}").setEmptyValue("EMPTY");
-        assertEquals(sj.toString(), "EMPTY");
-        sj.merge(other);
-        assertEquals(sj.toString(), "{d:e:f}");
+            sj = new StringJoiner(",", fixes.pre0, fixes.suf0).setEmptyValue("EMPTY");
+            assertEquals(sj.toString(), "EMPTY");
+            sj.merge(other);
+            assertEquals(sj.toString(), fixes.pre0 + "d:e:f" + fixes.suf0);
+        });
     }
 
     public void testEmptyBoth() {
-        StringJoiner sj = new StringJoiner(",", "{", "}");
-        StringJoiner other = new StringJoiner(":", "[", "]");
+        fixesStream().forEach(fixes -> {
+            StringJoiner sj = new StringJoiner(",", fixes.pre0, fixes.suf0);
+            StringJoiner other = new StringJoiner(":", fixes.pre1, fixes.suf1);
 
-        sj.merge(other);
-        assertEquals(sj.toString(), "{}");
+            sj.merge(other);
+            assertEquals(sj.toString(), fixes.pre0 + fixes.suf0);
 
-        other.setEmptyValue("NOTHING");
-        sj.merge(other);
-        assertEquals(sj.toString(), "{}");
+            other.setEmptyValue("NOTHING");
+            sj.merge(other);
+            assertEquals(sj.toString(), fixes.pre0 + fixes.suf0);
 
-        sj = new StringJoiner(",", "{", "}").setEmptyValue("EMPTY");
-        assertEquals(sj.toString(), "EMPTY");
-        sj.merge(other);
-        assertEquals(sj.toString(), "EMPTY");
+            sj = new StringJoiner(",", fixes.pre0, fixes.suf0).setEmptyValue("EMPTY");
+            assertEquals(sj.toString(), "EMPTY");
+            sj.merge(other);
+            assertEquals(sj.toString(), "EMPTY");
+        });
     }
 
     public void testCascadeEmpty() {
-        StringJoiner sj = new StringJoiner(",", "{", "}");
-        StringJoiner o1 = new StringJoiner(":", "[", "]").setEmptyValue("Empty1");
-        StringJoiner o2 = new StringJoiner(",", "<", ">").setEmptyValue("Empty2");
+        fixesStream().forEach(fixes -> {
+            StringJoiner sj = new StringJoiner(",", fixes.pre0, fixes.suf0);
+            StringJoiner o1 = new StringJoiner(":", fixes.pre1, fixes.suf1).setEmptyValue("Empty1");
+            StringJoiner o2 = new StringJoiner(",", "<", ">").setEmptyValue("Empty2");
 
-        o1.merge(o2);
-        assertEquals(o1.toString(), "Empty1");
+            o1.merge(o2);
+            assertEquals(o1.toString(), "Empty1");
 
-        sj.merge(o1);
-        assertEquals(sj.toString(), "{}");
+            sj.merge(o1);
+            assertEquals(sj.toString(), fixes.pre0 + fixes.suf0);
+        });
     }
 
     public void testDelimiter() {
-        StringJoiner sj = new StringJoiner(",", "{", "}");
-        StringJoiner other = new StringJoiner(":", "[", "]");
-        Stream.of("a", "b", "c").forEachOrdered(sj::add);
-        Stream.of("d", "e", "f").forEachOrdered(other::add);
+        fixesStream().forEach(fixes -> {
+            StringJoiner sj = new StringJoiner(",", fixes.pre0, fixes.suf0);
+            StringJoiner other = new StringJoiner(":", fixes.pre1, fixes.suf1);
+            Stream.of("a", "b", "c").forEachOrdered(sj::add);
+            Stream.of("d", "e", "f").forEachOrdered(other::add);
 
-        sj.merge(other);
-        assertEquals(sj.toString(), "{a,b,c,d:e:f}");
+            sj.merge(other);
+            assertEquals(sj.toString(), fixes.pre0 + "a,b,c,d:e:f" + fixes.suf0);
+        });
     }
 
     public void testMergeSelf() {
-        final StringJoiner sj = new StringJoiner(",", "[", "]").add("a").add("b");
-        assertEquals(sj.merge(sj).toString(), "[a,b,a,b]");
-        assertEquals(sj.merge(sj).toString(), "[a,b,a,b,a,b,a,b]");
-
-        final StringJoiner sj2 = new StringJoiner(",").add("c").add("d");
-        assertEquals(sj2.merge(sj2).toString(), "c,d,c,d");
+        fixesStream().forEach(fixes -> {
+            final StringJoiner sj = new StringJoiner(",", fixes.pre0, fixes.suf0).add("a").add("b");
+            assertEquals(sj.merge(sj).toString(), fixes.pre0 + "a,b,a,b" + fixes.suf0);
+            assertEquals(sj.merge(sj).toString(), fixes.pre0 + "a,b,a,b,a,b,a,b" + fixes.suf0);
+        });
     }
 }
--- a/jdk/test/java/util/StringJoiner/StringJoinerTest.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/test/java/util/StringJoiner/StringJoinerTest.java	Mon Aug 18 10:59:36 2014 +0100
@@ -305,9 +305,9 @@
         sj.add("2");
         assertEquals(sj.toString(), prefix + "1" + infix + "2" + suffix);
         sj.add("");
-        assertEquals(sj.toString(), prefix + "1" + infix + "2" +infix + suffix);
+        assertEquals(sj.toString(), prefix + "1" + infix + "2" + infix + suffix);
         sj.add("3");
-        assertEquals(sj.toString(), prefix + "1" + infix + "2" +infix + infix + "3" + suffix);
+        assertEquals(sj.toString(), prefix + "1" + infix + "2" + infix + infix + "3" + suffix);
     }
 
     public void testDelimiterCombinations() {
--- a/jdk/test/java/util/logging/TestLoggerBundleSync.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/test/java/util/logging/TestLoggerBundleSync.java	Mon Aug 18 10:59:36 2014 +0100
@@ -58,6 +58,7 @@
  */
 public class TestLoggerBundleSync {
 
+    static final boolean VERBOSE = false;
     static volatile Exception thrown = null;
     static volatile boolean goOn = true;
 
@@ -65,6 +66,7 @@
     static final long TIME = 4 * 1000; // 4 sec.
     static final long STEP = 1 * 1000;  // message every 1 sec.
     static final int  LCOUNT = 50; // change bundle 50 times...
+    static final AtomicLong ignoreLogCount = new AtomicLong(0);
     static final AtomicLong setRBcount = new AtomicLong(0);
     static final AtomicLong setRBNameCount = new AtomicLong(0);
     static final AtomicLong getRBcount = new AtomicLong(0);
@@ -150,6 +152,7 @@
           long sSetRBNameCount  = setRBNameCount.get();
           long sCheckCount = checkCount.get();
           long sNextLong = nextLong.get();
+          long sIgnoreLogCount = ignoreLogCount.get();
           List<Thread> threads = new ArrayList<>();
           for (Class<? extends ResourceBundle> type : classes) {
               threads.add(new SetRB(type));
@@ -181,21 +184,58 @@
                   + " resource bundles set by " + classes.size() + " Thread(s),");
           System.out.println("\t " + (setRBNameCount.get() - sSetRBNameCount)
                   + " resource bundle names set by " + classes.size() + " Thread(s),");
+          System.out.println("\t " + (ignoreLogCount.get() - sIgnoreLogCount)
+                  + " log messages emitted by other GetRB threads were ignored"
+                  + " to ensure MT test consistency,");
           System.out.println("\t ThreadMXBean.findDeadlockedThreads called "
                   + (checkCount.get() -sCheckCount) + " times by 1 Thread.");
 
     }
 
     final static class GetRB extends Thread {
-        final static class MyHandler extends Handler {
+        final class MyHandler extends Handler {
             volatile ResourceBundle rb;
             volatile String rbName;
             volatile int count = 0;
             @Override
             public synchronized void publish(LogRecord record) {
-                count++;
-                rb = record.getResourceBundle();
-                rbName = record.getResourceBundleName();
+                Object[] params = record.getParameters();
+                // Each GetRB thread has its own handler, but since they
+                // log into the same logger, each handler may receive
+                // messages emitted by other threads.
+                // This means that GetRB#2.handler may receive a message
+                // emitted by GetRB#1 at a time where the resource bundle
+                // was still null.
+                // To avoid falling into this trap, the GetRB thread passes
+                // 'this' as argument to the messages it logs - which does
+                // allow us here to ignore messages that where not emitted
+                // by our own GetRB.this thread...
+                if (params.length == 1) {
+                    if (params[0] == GetRB.this) {
+                        // The message was emitted by our thread.
+                        count++;
+                        rb = record.getResourceBundle();
+                        rbName = record.getResourceBundleName();
+                    } else {
+                        // The message was emitted by another thread: just
+                        // ignore it, as it may have been emitted at a time
+                        // where the resource bundle was still null, and
+                        // processing it may overwrite the 'rb' and 'rbName'
+                        // recorded from the message emitted by our own thread.
+                        if (VERBOSE) {
+                            System.out.println("Ignoring message logged by " + params[0]);
+                        }
+                        ignoreLogCount.incrementAndGet();
+                    }
+                } else {
+                    ignoreLogCount.incrementAndGet();
+                    System.err.println("Unexpected message received");
+                }
+            }
+
+            void reset() {
+                rbName = null;
+                rb = null;
             }
 
             @Override
@@ -207,6 +247,7 @@
             }
         };
         final MyHandler handler = new MyHandler();
+
         @Override
         public void run() {
             try {
@@ -234,9 +275,10 @@
                                     + handler.getLevel());
                         }
                         final int countBefore = handler.count;
+                        handler.reset();
                         ll.setLevel(Level.FINEST);
                         ll.addHandler(handler);
-                        ll.fine("dummy");
+                        ll.log(Level.FINE, "dummy {0}", this);
                         ll.removeHandler(handler);
                         final int countAfter = handler.count;
                         if (countBefore == countAfter) {
--- a/jdk/test/sun/jvmstat/monitor/MonitoredVm/MonitorVmStartTerminate.java	Wed Jul 05 19:56:33 2017 +0200
+++ b/jdk/test/sun/jvmstat/monitor/MonitoredVm/MonitorVmStartTerminate.java	Mon Aug 18 10:59:36 2014 +0100
@@ -73,7 +73,6 @@
 public final class MonitorVmStartTerminate {
 
     private static final int PROCESS_COUNT = 10;
-    private static final long PROCESS_TIMEOUT_IN_NS = 1000*1000_000_000L;
 
     public static void main(String... args) throws Exception {
 
@@ -223,13 +222,12 @@
 
         private static void createFile(Path path) throws IOException {
             Files.write(path, new byte[0], StandardOpenOption.CREATE);
-            if (!Files.exists(path)) {
-                throw new Error("Newly created file " + path
-                        + " does not exist!");
-            }
         }
 
         private static void waitForRemoval(Path path) {
+            String timeoutFactorText = System.getProperty("test.timeout.factor", "1.0");
+            double timeoutFactor = Double.parseDouble(timeoutFactorText);
+            long timeoutNanos = 1000_000_000L*(long)(1000*timeoutFactor);
             long start = System.nanoTime();
             while (true) {
                 long now = System.nanoTime();
@@ -238,10 +236,10 @@
                 if (!Files.exists(path)) {
                     return;
                 }
-                if (waited > PROCESS_TIMEOUT_IN_NS) {
+                if (waited > timeoutNanos) {
                     System.out.println("Start: " + start);
                     System.out.println("Now: " + now);
-                    System.out.print("Process timed out after " + waited + " ns. Abort.");
+                    System.out.println("Process timed out after " + waited + " ns. Abort.");
                     System.exit(1);
                 }
                 takeNap();
@@ -293,7 +291,14 @@
         public void terminate() {