changeset 13184:9d10137b769f

Merge
author asaha
date Wed, 07 Feb 2018 13:43:33 -0800
parents f298cf430745 1fc8d9f8ca5b
children f7c7fe9e2268
files .hgtags
diffstat 13 files changed, 128 insertions(+), 35 deletions(-) [+]
line wrap: on
line diff
--- a/.hgtags	Tue Jan 30 15:38:36 2018 -0800
+++ b/.hgtags	Wed Feb 07 13:43:33 2018 -0800
@@ -863,8 +863,10 @@
 cac020298633fc736f5e21afddf00145665ef0a7 jdk8u171-b02
 c260afc0c5a13407aad4f066f81fba814bb0cbae jdk8u171-b03
 ac700f67341a20ddae093c319da1c65e41edcacd jdk8u171-b04
+863ef3413aa42c15fbdc14fef6732f2741f97046 jdk8u171-b05
 64df143be721d3ef031d765d86277c1e114d627a jdk8u172-b00
 25f7b0cd25cf13106783050fc8e6f4a78487a7bd jdk8u172-b01
 db8272cb8c99eea536a66c4c368c4bf2bf013a81 jdk8u172-b02
 bd24ee3a9a0494121fd1d96c308b9738f585001b jdk8u172-b03
 cf952b84daa1e74403a4d1df541c0ecca830717d jdk8u172-b04
+076daed81c0a851f6d13fac538834ac465cdc122 jdk8u172-b05
--- a/src/share/classes/com/sun/crypto/provider/DESedeWrapCipher.java	Tue Jan 30 15:38:36 2018 -0800
+++ b/src/share/classes/com/sun/crypto/provider/DESedeWrapCipher.java	Wed Feb 07 13:43:33 2018 -0800
@@ -473,6 +473,9 @@
         } catch (InvalidKeyException ike) {
             // should never happen
             throw new RuntimeException("Internal cipher key is corrupted");
+        } catch (InvalidAlgorithmParameterException iape) {
+            // should never happen
+            throw new RuntimeException("Internal cipher IV is invalid");
         }
         byte[] out2 = new byte[out.length];
         cipher.encrypt(out, 0, out.length, out2, 0);
@@ -484,6 +487,9 @@
         } catch (InvalidKeyException ike) {
             // should never happen
             throw new RuntimeException("Internal cipher key is corrupted");
+        } catch (InvalidAlgorithmParameterException iape) {
+            // should never happen
+            throw new RuntimeException("Internal cipher IV is invalid");
         }
         return out2;
     }
@@ -527,8 +533,12 @@
         }
         iv = new byte[IV_LEN];
         System.arraycopy(buffer, 0, iv, 0, iv.length);
-        cipher.init(true, cipherKey.getAlgorithm(), cipherKey.getEncoded(),
+        try {
+            cipher.init(true, cipherKey.getAlgorithm(), cipherKey.getEncoded(),
                     iv);
+        } catch (InvalidAlgorithmParameterException iape) {
+            throw new InvalidKeyException("IV in wrapped key is invalid");
+        }
         byte[] buffer2 = new byte[buffer.length - iv.length];
         cipher.decrypt(buffer, iv.length, buffer2.length,
                        buffer2, 0);
@@ -541,8 +551,12 @@
             }
         }
         // restore cipher state to prior to this call
-        cipher.init(decrypting, cipherKey.getAlgorithm(),
+        try {
+          cipher.init(decrypting, cipherKey.getAlgorithm(),
                     cipherKey.getEncoded(), IV2);
+        } catch (InvalidAlgorithmParameterException iape) {
+            throw new InvalidKeyException("IV in wrapped key is invalid");
+        }
         byte[] out = new byte[keyValLen];
         System.arraycopy(buffer2, 0, out, 0, keyValLen);
         return ConstructKeys.constructKey(out, wrappedKeyAlgorithm,
--- a/src/share/classes/com/sun/crypto/provider/FeedbackCipher.java	Tue Jan 30 15:38:36 2018 -0800
+++ b/src/share/classes/com/sun/crypto/provider/FeedbackCipher.java	Wed Feb 07 13:43:33 2018 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -26,6 +26,7 @@
 package com.sun.crypto.provider;
 
 import java.security.InvalidKeyException;
+import java.security.InvalidAlgorithmParameterException;
 import javax.crypto.*;
 
 /**
@@ -99,7 +100,8 @@
      * initializing this cipher
      */
     abstract void init(boolean decrypting, String algorithm, byte[] key,
-                       byte[] iv) throws InvalidKeyException;
+                       byte[] iv) throws InvalidKeyException,
+                                         InvalidAlgorithmParameterException;
 
    /**
      * Gets the initialization vector.
--- a/src/share/classes/com/sun/crypto/provider/GaloisCounterMode.java	Tue Jan 30 15:38:36 2018 -0800
+++ b/src/share/classes/com/sun/crypto/provider/GaloisCounterMode.java	Wed Feb 07 13:43:33 2018 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013, 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2013, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -262,8 +262,9 @@
      * @exception InvalidKeyException if the given key is inappropriate for
      * initializing this cipher
      */
+    @Override
     void init(boolean decrypting, String algorithm, byte[] key, byte[] iv)
-            throws InvalidKeyException {
+            throws InvalidKeyException, InvalidAlgorithmParameterException {
         init(decrypting, algorithm, key, iv, DEFAULT_TAG_LEN);
     }
 
@@ -282,10 +283,16 @@
      */
     void init(boolean decrypting, String algorithm, byte[] keyValue,
               byte[] ivValue, int tagLenBytes)
-              throws InvalidKeyException {
-        if (keyValue == null || ivValue == null) {
+              throws InvalidKeyException, InvalidAlgorithmParameterException {
+        if (keyValue == null) {
             throw new InvalidKeyException("Internal error");
         }
+        if (ivValue == null) {
+            throw new InvalidAlgorithmParameterException("Internal error");
+        }
+        if (ivValue.length == 0) {
+            throw new InvalidAlgorithmParameterException("IV is empty");
+        }
 
         // always encrypt mode for embedded cipher
         this.embeddedCipher.init(false, algorithm, keyValue);
--- a/src/share/lib/security/java.security-aix	Tue Jan 30 15:38:36 2018 -0800
+++ b/src/share/lib/security/java.security-aix	Wed Feb 07 13:43:33 2018 -0800
@@ -620,7 +620,7 @@
 # Example:
 #   jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
 jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \
-    EC keySize < 224, DES40_CBC, RC4_40
+    EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC
 
 # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
 # processing in JSSE implementation.
--- a/src/share/lib/security/java.security-linux	Tue Jan 30 15:38:36 2018 -0800
+++ b/src/share/lib/security/java.security-linux	Wed Feb 07 13:43:33 2018 -0800
@@ -620,7 +620,7 @@
 # Example:
 #   jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
 jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \
-    EC keySize < 224, DES40_CBC, RC4_40
+    EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC
 
 # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
 # processing in JSSE implementation.
--- a/src/share/lib/security/java.security-macosx	Tue Jan 30 15:38:36 2018 -0800
+++ b/src/share/lib/security/java.security-macosx	Wed Feb 07 13:43:33 2018 -0800
@@ -623,7 +623,7 @@
 # Example:
 #   jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
 jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \
-    EC keySize < 224, DES40_CBC, RC4_40
+    EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC
 
 # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
 # processing in JSSE implementation.
--- a/src/share/lib/security/java.security-solaris	Tue Jan 30 15:38:36 2018 -0800
+++ b/src/share/lib/security/java.security-solaris	Wed Feb 07 13:43:33 2018 -0800
@@ -622,7 +622,7 @@
 # Example:
 #   jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
 jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \
-    EC keySize < 224, DES40_CBC, RC4_40
+    EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC
 
 # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
 # processing in JSSE implementation.
--- a/src/share/lib/security/java.security-windows	Tue Jan 30 15:38:36 2018 -0800
+++ b/src/share/lib/security/java.security-windows	Wed Feb 07 13:43:33 2018 -0800
@@ -623,7 +623,7 @@
 # Example:
 #   jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
 jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \
-    EC keySize < 224, DES40_CBC, RC4_40
+    EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC
 
 # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
 # processing in JSSE implementation.
--- a/src/windows/native/sun/windows/awt_FileDialog.cpp	Tue Jan 30 15:38:36 2018 -0800
+++ b/src/windows/native/sun/windows/awt_FileDialog.cpp	Wed Feb 07 13:43:33 2018 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -251,13 +251,7 @@
     OPENFILENAME ofn;
     memset(&ofn, 0, sizeof(ofn));
 
-    /*
-     * There's a situation (see bug 4906972) when InvokeFunction (by which this method is called)
-     * returnes earlier than this method returnes. Probably it's caused due to ReplyMessage system call.
-     * So for the avoidance of this mistiming we need to make new global reference here
-     * (not local as it's used by the hook) and then manage it independently of the calling thread.
-     */
-    peer = env->NewGlobalRef((jobject)p);
+    peer = (jobject)p;
 
     try {
         DASSERT(peer);
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/awt/FileDialog/FileDialogMemoryLeak/FileDialogLeakTest.java	Wed Feb 07 13:43:33 2018 -0800
@@ -0,0 +1,72 @@
+/*
+ * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.awt.*;
+import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.TimeUnit;
+
+/**
+ * @test
+ * @bug 8177758
+ * @requires os.family == "windows"
+ * @summary Regression in java.awt.FileDialog
+ * @run main FileDialogLeakTest
+ */
+
+public class FileDialogLeakTest {
+    static CountDownLatch latch = new CountDownLatch(3);
+    static boolean passed;
+
+    public static void main(String[] args) throws Exception {
+        test();
+        System.gc();
+        System.runFinalization();
+        latch.await(1, TimeUnit.SECONDS);
+        if (!passed) {
+            throw new RuntimeException("Test failed.");
+        }
+    }
+
+    private static void test() throws Exception {
+        FileDialog fd = new FileDialog((Frame) null) {
+            @Override
+            protected void finalize() throws Throwable {
+                System.out.println("Finalize");
+                super.finalize();
+                passed = true;
+                latch.countDown();
+            }
+        };
+
+        new Thread(() -> {
+            latch.countDown();
+            fd.setVisible(true);
+            latch.countDown();
+        }).start();
+        latch.await(1, TimeUnit.SECONDS);
+        fd.dispose();
+        latch.await(1, TimeUnit.SECONDS);
+    }
+
+}
+
--- a/test/sun/security/ssl/sun/net/www/protocol/https/NewImpl/ComHostnameVerifier.java	Tue Jan 30 15:38:36 2018 -0800
+++ b/test/sun/security/ssl/sun/net/www/protocol/https/NewImpl/ComHostnameVerifier.java	Wed Feb 07 13:43:33 2018 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2001, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2018, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,21 +21,20 @@
  * questions.
  */
 
+// SunJSSE does not support dynamic system properties, no way to re-use
+// system properties in samevm/agentvm mode.
+
 /*
  * @test
- * @bug 4474255
- * @test 1.1 01/06/27
- * @bug 4484246
+ * @bug 4474255 4484246
  * @summary When an application enables anonymous SSL cipher suite,
  *        Hostname verification is not required
  * @run main/othervm ComHostnameVerifier
- *
- *     SunJSSE does not support dynamic system properties, no way to re-use
- *     system properties in samevm/agentvm mode.
  */
 
 import java.io.*;
 import java.net.*;
+import java.security.Security;
 import javax.net.ssl.*;
 import javax.security.cert.*;
 import com.sun.net.ssl.HostnameVerifier;
@@ -249,6 +248,8 @@
     volatile Exception clientException = null;
 
     public static void main(String[] args) throws Exception {
+        // re-enable 3DES
+        Security.setProperty("jdk.tls.disabledAlgorithms", "");
 
         if (debug)
             System.setProperty("javax.net.debug", "all");
--- a/test/sun/security/ssl/sun/net/www/protocol/https/NewImpl/JavaxHostnameVerifier.java	Tue Jan 30 15:38:36 2018 -0800
+++ b/test/sun/security/ssl/sun/net/www/protocol/https/NewImpl/JavaxHostnameVerifier.java	Wed Feb 07 13:43:33 2018 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2001, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2018, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,21 +21,20 @@
  * questions.
  */
 
+// SunJSSE does not support dynamic system properties, no way to re-use
+// system properties in samevm/agentvm mode.
+
 /*
  * @test
- * @bug 4474255
- * @test 1.1 01/06/27
- * @bug 4484246
+ * @bug 4474255 4484246
  * @summary When an application enables anonymous SSL cipher suite,
  *        Hostname verification is not required
  * @run main/othervm JavaxHostnameVerifier
- *
- *     SunJSSE does not support dynamic system properties, no way to re-use
- *     system properties in samevm/agentvm mode.
  */
 
 import java.io.*;
 import java.net.*;
+import java.security.Security;
 import java.security.cert.*;
 import javax.net.ssl.*;
 
@@ -244,6 +243,8 @@
     volatile Exception clientException = null;
 
     public static void main(String[] args) throws Exception {
+        // re-enable 3DES
+        Security.setProperty("jdk.tls.disabledAlgorithms", "");
 
         if (debug)
             System.setProperty("javax.net.debug", "all");