changeset 13388:bedcc3c12cae

Merge
author aefimov
date Mon, 12 Nov 2018 23:44:13 +0000
parents 73c9f1fc9b13 c0b2b82d2478
children 79aa78e979b1
files
diffstat 11 files changed, 99 insertions(+), 30 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/sun/security/tools/jarsigner/Resources_ja.java	Mon Nov 12 14:48:27 2018 -0800
+++ b/src/share/classes/sun/security/tools/jarsigner/Resources_ja.java	Mon Nov 12 23:44:13 2018 +0000
@@ -217,6 +217,7 @@
         {"Error.", "\u30A8\u30E9\u30FC: "},
         {"...Signer", ">>> \u7F72\u540D\u8005"},
         {"...TSA", ">>> TSA"},
+        {"trusted.certificate", "\u4FE1\u983C\u3067\u304D\u308B\u8A3C\u660E\u66F8"},
         {"This.jar.contains.unsigned.entries.which.have.not.been.integrity.checked.",
                 "\u3053\u306Ejar\u306B\u306F\u3001\u6574\u5408\u6027\u30C1\u30A7\u30C3\u30AF\u3092\u3057\u3066\u3044\u306A\u3044\u7F72\u540D\u306A\u3057\u306E\u30A8\u30F3\u30C8\u30EA\u304C\u542B\u307E\u308C\u3066\u3044\u307E\u3059\u3002 "},
         {"This.jar.contains.entries.whose.signer.certificate.has.expired.",
@@ -233,8 +234,16 @@
                 "\u8A73\u7D30\u306F\u3001-verbose\u304A\u3088\u3073-certs\u30AA\u30D7\u30B7\u30E7\u30F3\u3092\u4F7F\u7528\u3057\u3066\u518D\u5B9F\u884C\u3057\u3066\u304F\u3060\u3055\u3044\u3002"},
         {"The.signer.certificate.has.expired.",
                 "\u7F72\u540D\u8005\u306E\u8A3C\u660E\u66F8\u306F\u671F\u9650\u5207\u308C\u3067\u3059\u3002"},
+        {"The.timestamp.expired.1.but.usable.2",
+                "\u30BF\u30A4\u30E0\u30B9\u30BF\u30F3\u30D7\u306F%1$tY-%1$tm-%1$td\u306B\u671F\u9650\u5207\u308C\u306B\u306A\u308A\u307E\u3059\u3002\u305F\u3060\u3057\u3001JAR\u306F\u7F72\u540D\u8005\u306E\u8A3C\u660E\u66F8\u304C%2$tY-%2$tm-%2$td\u306B\u671F\u9650\u5207\u308C\u306B\u306A\u308B\u307E\u3067\u6709\u52B9\u3067\u3059\u3002"},
+        {"The.timestamp.has.expired.",
+                "\u30BF\u30A4\u30E0\u30B9\u30BF\u30F3\u30D7\u306F\u671F\u9650\u5207\u308C\u306B\u306A\u308A\u307E\u3057\u305F\u3002"},
         {"The.signer.certificate.will.expire.within.six.months.",
                 "\u7F72\u540D\u8005\u306E\u8A3C\u660E\u66F8\u306F6\u304B\u6708\u4EE5\u5185\u306B\u671F\u9650\u5207\u308C\u306B\u306A\u308A\u307E\u3059\u3002"},
+        {"The.timestamp.will.expire.within.one.year.on.1",
+                "\u30BF\u30A4\u30E0\u30B9\u30BF\u30F3\u30D7\u306F1\u5E74\u4EE5\u5185\u306E%1$tY-%1$tm-%1$td\u306B\u671F\u9650\u5207\u308C\u306B\u306A\u308A\u307E\u3059\u3002"},
+        {"The.timestamp.will.expire.within.one.year.on.1.but.2",
+                "\u30BF\u30A4\u30E0\u30B9\u30BF\u30F3\u30D7\u306F1\u5E74\u4EE5\u5185\u306E%1$tY-%1$tm-%1$td\u306B\u671F\u9650\u5207\u308C\u306B\u306A\u308A\u307E\u3059\u3002\u305F\u3060\u3057\u3001JAR\u306F\u7F72\u540D\u8005\u306E\u8A3C\u660E\u66F8\u304C%2$tY-%2$tm-%2$td\u306B\u671F\u9650\u5207\u308C\u306B\u306A\u308B\u307E\u3067\u6709\u52B9\u3067\u3059\u3002"},
         {"The.signer.certificate.is.not.yet.valid.",
                 "\u7F72\u540D\u8005\u306E\u8A3C\u660E\u66F8\u306F\u307E\u3060\u6709\u52B9\u306B\u306A\u3063\u3066\u3044\u307E\u305B\u3093\u3002"},
         {"The.signer.certificate.s.KeyUsage.extension.doesn.t.allow.code.signing.",
@@ -265,10 +274,18 @@
                 "\u3053\u306Ejar\u306B\u306F\u3001TSA\u8A3C\u660E\u66F8\u30C1\u30A7\u30FC\u30F3\u304C\u7121\u52B9\u306A\u30A8\u30F3\u30C8\u30EA\u304C\u542B\u307E\u308C\u3066\u3044\u307E\u3059\u3002\u7406\u7531: %s"},
         {"no.timestamp.signing",
                 "-tsa\u307E\u305F\u306F-tsacert\u304C\u6307\u5B9A\u3055\u308C\u3066\u3044\u306A\u3044\u305F\u3081\u3001\u3053\u306Ejar\u306B\u306F\u30BF\u30A4\u30E0\u30B9\u30BF\u30F3\u30D7\u304C\u4ED8\u52A0\u3055\u308C\u3066\u3044\u307E\u305B\u3093\u3002\u30BF\u30A4\u30E0\u30B9\u30BF\u30F3\u30D7\u304C\u306A\u3044\u3068\u3001\u7F72\u540D\u8005\u8A3C\u660E\u66F8\u306E\u6709\u52B9\u671F\u9650(%1$tY-%1$tm-%1$td)\u5F8C\u307E\u305F\u306F\u5C06\u6765\u306E\u5931\u52B9\u65E5\u5F8C\u306B\u3001\u30E6\u30FC\u30B6\u30FC\u306F\u3053\u306Ejar\u3092\u691C\u8A3C\u3067\u304D\u306A\u3044\u53EF\u80FD\u6027\u304C\u3042\u308A\u307E\u3059\u3002"},
+        {"invalid.timestamp.signing",
+                "\u30BF\u30A4\u30E0\u30B9\u30BF\u30F3\u30D7\u304C\u7121\u52B9\u3067\u3059\u3002\u6709\u52B9\u306A\u30BF\u30A4\u30E0\u30B9\u30BF\u30F3\u30D7\u304C\u306A\u3044\u3068\u3001\u7F72\u540D\u8005\u8A3C\u660E\u66F8\u306E\u6709\u52B9\u671F\u9650(%1$tY-%1$tm-%1$td)\u5F8C\u306B\u3001\u30E6\u30FC\u30B6\u30FC\u306F\u3053\u306Ejar\u3092\u691C\u8A3C\u3067\u304D\u306A\u3044\u53EF\u80FD\u6027\u304C\u3042\u308A\u307E\u3059\u3002"},
         {"no.timestamp.verifying",
-                "\u3053\u306Ejar\u306B\u306F\u3001\u30BF\u30A4\u30E0\u30B9\u30BF\u30F3\u30D7\u304C\u306A\u3044\u7F72\u540D\u304C\u542B\u307E\u308C\u3066\u3044\u307E\u3059\u3002\u30BF\u30A4\u30E0\u30B9\u30BF\u30F3\u30D7\u304C\u306A\u3044\u3068\u3001\u7F72\u540D\u8005\u8A3C\u660E\u66F8\u306E\u6709\u52B9\u671F\u9650(%1$tY-%1$tm-%1$td)\u5F8C\u307E\u305F\u306F\u5C06\u6765\u306E\u5931\u52B9\u65E5\u5F8C\u306B\u3001\u30E6\u30FC\u30B6\u30FC\u306F\u3053\u306Ejar\u3092\u691C\u8A3C\u3067\u304D\u306A\u3044\u53EF\u80FD\u6027\u304C\u3042\u308A\u307E\u3059\u3002"},
+                "\u3053\u306Ejar\u306B\u306F\u3001\u30BF\u30A4\u30E0\u30B9\u30BF\u30F3\u30D7\u304C\u306A\u3044\u7F72\u540D\u304C\u542B\u307E\u308C\u3066\u3044\u307E\u3059\u3002\u30BF\u30A4\u30E0\u30B9\u30BF\u30F3\u30D7\u304C\u306A\u3044\u3068\u3001\u3044\u305A\u308C\u304B\u306E\u7F72\u540D\u8005\u8A3C\u660E\u66F8\u306E\u6709\u52B9\u671F\u9650\u5F8C\u306B(\u65E9\u3051\u308C\u3070%1$tY-%1$tm-%1$td)\u30E6\u30FC\u30B6\u30FC\u306F\u3053\u306Ejar\u3092\u691C\u8A3C\u3067\u304D\u306A\u3044\u53EF\u80FD\u6027\u304C\u3042\u308A\u307E\u3059\u3002"},
         {"bad.timestamp.verifying",
                 "\u3053\u306Ejar\u306B\u306F\u3001\u7121\u52B9\u306A\u30BF\u30A4\u30E0\u30B9\u30BF\u30F3\u30D7\u306E\u3042\u308B\u7F72\u540D\u304C\u542B\u307E\u308C\u3066\u3044\u307E\u3059\u3002\u6709\u52B9\u306A\u30BF\u30A4\u30E0\u30B9\u30BF\u30F3\u30D7\u304C\u306A\u3044\u3068\u3001\u3044\u305A\u308C\u304B\u306E\u7F72\u540D\u8005\u8A3C\u660E\u66F8\u306E\u6709\u52B9\u671F\u9650\u5F8C\u306B(\u65E9\u3051\u308C\u3070%1$tY-%1$tm-%1$td)\u30E6\u30FC\u30B6\u30FC\u306F\u3053\u306Ejar\u3092\u691C\u8A3C\u3067\u304D\u306A\u3044\u53EF\u80FD\u6027\u304C\u3042\u308A\u307E\u3059\u3002\n\u8A73\u7D30\u306F\u3001-J-Djava.security.debug=jar\u3092\u6307\u5B9A\u3057\u3066jarsigner\u3092\u518D\u5B9F\u884C\u3057\u3066\u304F\u3060\u3055\u3044\u3002"},
+        {"The.signer.certificate.will.expire.on.1.",
+                "\u7F72\u540D\u8005\u306E\u8A3C\u660E\u66F8\u306F%1$tY-%1$tm-%1$td\u306B\u671F\u9650\u5207\u308C\u306B\u306A\u308A\u307E\u3059\u3002"},
+        {"The.timestamp.will.expire.on.1.",
+                "\u30BF\u30A4\u30E0\u30B9\u30BF\u30F3\u30D7\u306F%1$tY-%1$tm-%1$td\u306B\u671F\u9650\u5207\u308C\u306B\u306A\u308A\u307E\u3059\u3002"},
+        {"signer.cert.expired.1.but.timestamp.good.2.",
+                "\u7F72\u540D\u8005\u306E\u8A3C\u660E\u66F8\u306F%1$tY-%1$tm-%1$td\u306B\u671F\u9650\u5207\u308C\u306B\u306A\u308A\u307E\u3059\u3002\u305F\u3060\u3057\u3001JAR\u306F\u30BF\u30A4\u30E0\u30B9\u30BF\u30F3\u30D7\u304C%2$tY-%2$tm-%2$td\u306B\u671F\u9650\u5207\u308C\u306B\u306A\u308B\u307E\u3067\u6709\u52B9\u3067\u3059\u3002"},
         {"Unknown.password.type.", "\u4E0D\u660E\u306A\u30D1\u30B9\u30EF\u30FC\u30C9\u30FB\u30BF\u30A4\u30D7: "},
         {"Cannot.find.environment.variable.",
                 "\u74B0\u5883\u5909\u6570\u304C\u898B\u3064\u304B\u308A\u307E\u305B\u3093: "},
--- a/src/share/classes/sun/security/tools/jarsigner/Resources_zh_CN.java	Mon Nov 12 14:48:27 2018 -0800
+++ b/src/share/classes/sun/security/tools/jarsigner/Resources_zh_CN.java	Mon Nov 12 23:44:13 2018 +0000
@@ -217,6 +217,7 @@
         {"Error.", "\u9519\u8BEF: "},
         {"...Signer", ">>> \u7B7E\u540D\u8005"},
         {"...TSA", ">>> TSA"},
+        {"trusted.certificate", "\u53EF\u4FE1\u8BC1\u4E66"},
         {"This.jar.contains.unsigned.entries.which.have.not.been.integrity.checked.",
                 "\u6B64 jar \u5305\u542B\u5C1A\u672A\u8FDB\u884C\u5B8C\u6574\u6027\u68C0\u67E5\u7684\u672A\u7B7E\u540D\u6761\u76EE\u3002 "},
         {"This.jar.contains.entries.whose.signer.certificate.has.expired.",
@@ -233,8 +234,16 @@
                 "\u6709\u5173\u8BE6\u7EC6\u4FE1\u606F, \u8BF7\u4F7F\u7528 -verbose \u548C -certs \u9009\u9879\u91CD\u65B0\u8FD0\u884C\u3002"},
         {"The.signer.certificate.has.expired.",
                 "\u7B7E\u540D\u8005\u8BC1\u4E66\u5DF2\u8FC7\u671F\u3002"},
+        {"The.timestamp.expired.1.but.usable.2",
+                "\u65F6\u95F4\u6233\u5230\u671F\u65E5\u671F\u4E3A %1$tY-%1$tm-%1$td\u3002\u4E0D\u8FC7\uFF0C\u5728\u7B7E\u540D\u8005\u8BC1\u4E66\u4E8E %2$tY-%2$tm-%2$td \u5230\u671F\u4E4B\u524D\uFF0CJAR \u5C06\u6709\u6548\u3002"},
+        {"The.timestamp.has.expired.",
+                "\u65F6\u95F4\u6233\u5DF2\u5230\u671F\u3002"},
         {"The.signer.certificate.will.expire.within.six.months.",
                 "\u7B7E\u540D\u8005\u8BC1\u4E66\u5C06\u5728\u516D\u4E2A\u6708\u5185\u8FC7\u671F\u3002"},
+        {"The.timestamp.will.expire.within.one.year.on.1",
+                "\u65F6\u95F4\u6233\u5C06\u5728\u4E00\u5E74\u5185\u4E8E %1$tY-%1$tm-%1$td \u5230\u671F\u3002"},
+        {"The.timestamp.will.expire.within.one.year.on.1.but.2",
+                "\u65F6\u95F4\u6233\u5C06\u5728\u4E00\u5E74\u5185\u4E8E %1$tY-%1$tm-%1$td \u5230\u671F\u3002\u4E0D\u8FC7\uFF0C\u5728\u7B7E\u540D\u8005\u8BC1\u4E66\u4E8E %2$tY-%2$tm-%2$td \u5230\u671F\u4E4B\u524D\uFF0CJAR \u5C06\u6709\u6548\u3002"},
         {"The.signer.certificate.is.not.yet.valid.",
                 "\u7B7E\u540D\u8005\u8BC1\u4E66\u4ECD\u65E0\u6548\u3002"},
         {"The.signer.certificate.s.KeyUsage.extension.doesn.t.allow.code.signing.",
@@ -265,10 +274,18 @@
                 "\u6B64 jar \u5305\u542B\u5176 TSA \u8BC1\u4E66\u94FE\u65E0\u6548\u7684\u6761\u76EE\u3002\u539F\u56E0: %s"},
         {"no.timestamp.signing",
                 "\u672A\u63D0\u4F9B -tsa \u6216 -tsacert, \u6B64 jar \u6CA1\u6709\u65F6\u95F4\u6233\u3002\u5982\u679C\u6CA1\u6709\u65F6\u95F4\u6233, \u5219\u5728\u7B7E\u540D\u8005\u8BC1\u4E66\u7684\u5230\u671F\u65E5\u671F (%1$tY-%1$tm-%1$td) \u6216\u4EE5\u540E\u7684\u4EFB\u4F55\u64A4\u9500\u65E5\u671F\u4E4B\u540E, \u7528\u6237\u53EF\u80FD\u65E0\u6CD5\u9A8C\u8BC1\u6B64 jar\u3002"},
+        {"invalid.timestamp.signing",
+                "\u65F6\u95F4\u6233\u65E0\u6548\u3002\u5982\u679C\u6CA1\u6709\u6709\u6548\u7684\u65F6\u95F4\u6233\uFF0C\u5219\u5728\u7B7E\u540D\u8005\u8BC1\u4E66\u7684\u5230\u671F\u65E5\u671F (%1$tY-%1$tm-%1$td) \u4E4B\u540E\uFF0C\u7528\u6237\u53EF\u80FD\u65E0\u6CD5\u9A8C\u8BC1\u6B64 jar\u3002"},
         {"no.timestamp.verifying",
-                "\u6B64 jar \u5305\u542B\u7684\u7B7E\u540D\u6CA1\u6709\u65F6\u95F4\u6233\u3002\u5982\u679C\u6CA1\u6709\u65F6\u95F4\u6233, \u5219\u5728\u7B7E\u540D\u8005\u8BC1\u4E66\u7684\u5230\u671F\u65E5\u671F (%1$tY-%1$tm-%1$td) \u6216\u4EE5\u540E\u7684\u4EFB\u4F55\u64A4\u9500\u65E5\u671F\u4E4B\u540E, \u7528\u6237\u53EF\u80FD\u65E0\u6CD5\u9A8C\u8BC1\u6B64 jar\u3002"},
+                "\u6B64 jar \u5305\u542B\u7684\u7B7E\u540D\u6CA1\u6709\u65F6\u95F4\u6233\u3002\u5982\u679C\u6CA1\u6709\u65F6\u95F4\u6233, \u5219\u5728\u5176\u4E2D\u4EFB\u4E00\u7B7E\u540D\u8005\u8BC1\u4E66\u5230\u671F (\u6700\u65E9\u4E3A %1$tY-%1$tm-%1$td) \u4E4B\u540E, \u7528\u6237\u53EF\u80FD\u65E0\u6CD5\u9A8C\u8BC1\u6B64 jar\u3002"},
         {"bad.timestamp.verifying",
                 "\u6B64 jar \u5305\u542B\u5E26\u6709\u65E0\u6548\u65F6\u95F4\u6233\u7684\u7B7E\u540D\u3002\u5982\u679C\u6CA1\u6709\u6709\u6548\u65F6\u95F4\u6233, \u5219\u5728\u5176\u4E2D\u4EFB\u4E00\u7B7E\u540D\u8005\u8BC1\u4E66\u5230\u671F (\u6700\u65E9\u4E3A %1$tY-%1$tm-%1$td) \u4E4B\u540E, \u7528\u6237\u53EF\u80FD\u65E0\u6CD5\u9A8C\u8BC1\u6B64 jar\u3002\n\u6709\u5173\u8BE6\u7EC6\u4FE1\u606F, \u8BF7\u4F7F\u7528 -J-Djava.security.debug=jar \u91CD\u65B0\u8FD0\u884C jarsigner\u3002"},
+        {"The.signer.certificate.will.expire.on.1.",
+                "\u7B7E\u540D\u8005\u8BC1\u4E66\u5C06\u4E8E %1$tY-%1$tm-%1$td \u5230\u671F\u3002"},
+        {"The.timestamp.will.expire.on.1.",
+                "\u65F6\u95F4\u6233\u5C06\u4E8E %1$tY-%1$tm-%1$td \u5230\u671F\u3002"},
+        {"signer.cert.expired.1.but.timestamp.good.2.",
+                "\u7B7E\u540D\u8005\u8BC1\u4E66\u5230\u671F\u65E5\u671F\u4E3A %1$tY-%1$tm-%1$td\u3002\u4E0D\u8FC7\uFF0C\u5728\u65F6\u95F4\u6233\u4E8E %2$tY-%2$tm-%2$td \u5230\u671F\u4E4B\u524D\uFF0CJAR \u5C06\u6709\u6548\u3002"},
         {"Unknown.password.type.", "\u672A\u77E5\u53E3\u4EE4\u7C7B\u578B: "},
         {"Cannot.find.environment.variable.",
                 "\u627E\u4E0D\u5230\u73AF\u5883\u53D8\u91CF: "},
--- a/src/share/classes/sun/security/util/Resources_sv.java	Mon Nov 12 14:48:27 2018 -0800
+++ b/src/share/classes/sun/security/util/Resources_sv.java	Mon Nov 12 23:44:13 2018 +0000
@@ -67,10 +67,10 @@
         {".Principal.", "\tIdentitetshavare: "},
         {".Public.Credential.", "\tOffentlig inloggning: "},
         {".Private.Credentials.inaccessible.",
-                "\tPrivat inloggning \u00E4r inte tillg\u00E4nglig\n"},
+                "\tPrivat inloggning \u00E4r inte m\u00F6jlig\n"},
         {".Private.Credential.", "\tPrivat inloggning: "},
         {".Private.Credential.inaccessible.",
-                "\tPrivat inloggning \u00E4r inte tillg\u00E4nglig\n"},
+                "\tPrivat inloggning \u00E4r inte m\u00F6jlig\n"},
         {"Subject.is.read.only", "Innehavare \u00E4r skrivskyddad"},
         {"attempting.to.add.an.object.which.is.not.an.instance.of.java.security.Principal.to.a.Subject.s.Principal.Set",
                 "f\u00F6rs\u00F6k att l\u00E4gga till ett objekt som inte \u00E4r en instans av java.security.Principal till ett subjekts upps\u00E4ttning av identitetshavare"},
--- a/src/share/lib/security/java.security-aix	Mon Nov 12 14:48:27 2018 -0800
+++ b/src/share/lib/security/java.security-aix	Mon Nov 12 23:44:13 2018 +0000
@@ -620,7 +620,7 @@
 # Example:
 #   jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
 jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \
-    EC keySize < 224, 3DES_EDE_CBC
+    EC keySize < 224, 3DES_EDE_CBC, anon, NULL
 
 # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
 # processing in JSSE implementation.
--- a/src/share/lib/security/java.security-linux	Mon Nov 12 14:48:27 2018 -0800
+++ b/src/share/lib/security/java.security-linux	Mon Nov 12 23:44:13 2018 +0000
@@ -620,7 +620,7 @@
 # Example:
 #   jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
 jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \
-    EC keySize < 224, 3DES_EDE_CBC
+    EC keySize < 224, 3DES_EDE_CBC, anon, NULL
 
 # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
 # processing in JSSE implementation.
--- a/src/share/lib/security/java.security-macosx	Mon Nov 12 14:48:27 2018 -0800
+++ b/src/share/lib/security/java.security-macosx	Mon Nov 12 23:44:13 2018 +0000
@@ -623,7 +623,7 @@
 # Example:
 #   jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
 jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \
-    EC keySize < 224, 3DES_EDE_CBC
+    EC keySize < 224, 3DES_EDE_CBC, anon, NULL
 
 # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
 # processing in JSSE implementation.
--- a/src/share/lib/security/java.security-solaris	Mon Nov 12 14:48:27 2018 -0800
+++ b/src/share/lib/security/java.security-solaris	Mon Nov 12 23:44:13 2018 +0000
@@ -622,7 +622,7 @@
 # Example:
 #   jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
 jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \
-    EC keySize < 224, 3DES_EDE_CBC
+    EC keySize < 224, 3DES_EDE_CBC, anon, NULL
 
 # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
 # processing in JSSE implementation.
--- a/src/share/lib/security/java.security-windows	Mon Nov 12 14:48:27 2018 -0800
+++ b/src/share/lib/security/java.security-windows	Mon Nov 12 23:44:13 2018 +0000
@@ -623,7 +623,7 @@
 # Example:
 #   jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
 jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \
-    EC keySize < 224, 3DES_EDE_CBC
+    EC keySize < 224, 3DES_EDE_CBC, anon, NULL
 
 # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
 # processing in JSSE implementation.
--- a/test/javax/net/ssl/ciphersuites/DisabledAlgorithms.java	Mon Nov 12 14:48:27 2018 -0800
+++ b/test/javax/net/ssl/ciphersuites/DisabledAlgorithms.java	Mon Nov 12 23:44:13 2018 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2015, 2018, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -38,7 +38,7 @@
 
 /**
  * @test
- * @bug 8076221 8157035
+ * @bug 8076221 8157035 8211883
  * @summary Check if weak cipher suites are disabled
  * @run main/othervm DisabledAlgorithms default
  * @run main/othervm DisabledAlgorithms empty
@@ -59,9 +59,9 @@
             System.getProperty("test.src", "./") + "/" + pathToStores +
                 "/" + trustStoreFile;
 
-    // supported RC4 cipher suites
+    // supported RC4, NULL, and anon cipher suites
     // it does not contain KRB5 cipher suites because they need a KDC
-    private static final String[] rc4_ciphersuites = new String[] {
+    private static final String[] rc4_null_anon_ciphersuites = new String[] {
         "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",
         "TLS_ECDHE_RSA_WITH_RC4_128_SHA",
         "SSL_RSA_WITH_RC4_128_SHA",
@@ -69,7 +69,31 @@
         "TLS_ECDH_RSA_WITH_RC4_128_SHA",
         "SSL_RSA_WITH_RC4_128_MD5",
         "TLS_ECDH_anon_WITH_RC4_128_SHA",
-        "SSL_DH_anon_WITH_RC4_128_MD5"
+        "SSL_DH_anon_WITH_RC4_128_MD5",
+        "SSL_RSA_WITH_NULL_MD5",
+        "SSL_RSA_WITH_NULL_SHA",
+        "TLS_RSA_WITH_NULL_SHA256",
+        "TLS_ECDH_ECDSA_WITH_NULL_SHA",
+        "TLS_ECDHE_ECDSA_WITH_NULL_SHA",
+        "TLS_ECDH_RSA_WITH_NULL_SHA",
+        "TLS_ECDHE_RSA_WITH_NULL_SHA",
+        "TLS_ECDH_anon_WITH_NULL_SHA",
+        "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA",
+        "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5",
+        "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA",
+        "SSL_DH_anon_WITH_DES_CBC_SHA",
+        "SSL_DH_anon_WITH_RC4_128_MD5",
+        "TLS_DH_anon_WITH_AES_128_CBC_SHA",
+        "TLS_DH_anon_WITH_AES_128_CBC_SHA256",
+        "TLS_DH_anon_WITH_AES_128_GCM_SHA256",
+        "TLS_DH_anon_WITH_AES_256_CBC_SHA",
+        "TLS_DH_anon_WITH_AES_256_CBC_SHA256",
+        "TLS_DH_anon_WITH_AES_256_GCM_SHA384",
+        "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA",
+        "TLS_ECDH_anon_WITH_AES_128_CBC_SHA",
+        "TLS_ECDH_anon_WITH_AES_256_CBC_SHA",
+        "TLS_ECDH_anon_WITH_NULL_SHA",
+        "TLS_ECDH_anon_WITH_RC4_128_SHA"
     };
 
     public static void main(String[] args) throws Exception {
@@ -88,8 +112,9 @@
                 System.out.println("jdk.tls.disabledAlgorithms = "
                         + Security.getProperty("jdk.tls.disabledAlgorithms"));
 
-                // check if RC4 cipher suites can't be used by default
-                checkFailure(rc4_ciphersuites);
+                // check if RC4, NULL, and anon cipher suites
+                // can't be used by default
+                checkFailure(rc4_null_anon_ciphersuites);
                 break;
             case "empty":
                 // reset jdk.tls.disabledAlgorithms
@@ -97,9 +122,9 @@
                 System.out.println("jdk.tls.disabledAlgorithms = "
                         + Security.getProperty("jdk.tls.disabledAlgorithms"));
 
-                // check if RC4 cipher suites can be used
+                // check if RC4, NULL, and anon cipher suites can be used
                 // if jdk.tls.disabledAlgorithms is empty
-                checkSuccess(rc4_ciphersuites);
+                checkSuccess(rc4_null_anon_ciphersuites);
                 break;
             default:
                 throw new RuntimeException("Wrong parameter: " + args[0]);
--- a/test/sun/security/ssl/SSLContextImpl/CustomizedCipherSuites.java	Mon Nov 12 14:48:27 2018 -0800
+++ b/test/sun/security/ssl/SSLContextImpl/CustomizedCipherSuites.java	Mon Nov 12 23:44:13 2018 +0000
@@ -74,6 +74,7 @@
  *      TLS_ECDH_anon_WITH_AES_128_CBC_SHA
  */
 
+import java.security.Security;
 import javax.net.ssl.*;
 
 /**
@@ -90,14 +91,18 @@
     private static boolean isClientMode;
 
     private static String enabledCipherSuite;
-    private static String disabledCipherSuite;
+    private static String notEnabledCipherSuite;
 
     public static void main(String[] args) throws Exception {
 
+        // reset the security property to make sure the cipher suites
+        // used in this test are not disabled
+        Security.setProperty("jdk.tls.disabledAlgorithms", "");
+
         contextProtocol = trimQuotes(args[0]);
         isClientMode = Boolean.parseBoolean(args[1]);
         enabledCipherSuite = trimQuotes(args[2]);
-        disabledCipherSuite = trimQuotes(args[3]);
+        notEnabledCipherSuite = trimQuotes(args[3]);
 
         //
         // Create instance of SSLContext with the specified protocol.
@@ -206,8 +211,8 @@
                 isMatch = true;
             }
 
-            if (!disabledCipherSuite.isEmpty() &&
-                        cipher.equals(disabledCipherSuite)) {
+            if (!notEnabledCipherSuite.isEmpty() &&
+                        cipher.equals(notEnabledCipherSuite)) {
                 isBroken = true;
             }
         }
@@ -219,7 +224,7 @@
 
         if (isBroken) {
             throw new Exception(
-                "Cipher suite " + disabledCipherSuite + " should be disabled");
+                "Cipher suite " + notEnabledCipherSuite + " should not be enabled");
         }
     }
 
@@ -231,7 +236,7 @@
         }
 
         boolean hasEnabledCipherSuite = enabledCipherSuite.isEmpty();
-        boolean hasDisabledCipherSuite = disabledCipherSuite.isEmpty();
+        boolean hasNotEnabledCipherSuite = notEnabledCipherSuite.isEmpty();
         for (String cipher : ciphers) {
             System.out.println("\tsupported cipher suite " + cipher);
             if (!enabledCipherSuite.isEmpty() &&
@@ -239,9 +244,9 @@
                 hasEnabledCipherSuite = true;
             }
 
-            if (!disabledCipherSuite.isEmpty() &&
-                        cipher.equals(disabledCipherSuite)) {
-                hasDisabledCipherSuite = true;
+            if (!notEnabledCipherSuite.isEmpty() &&
+                        cipher.equals(notEnabledCipherSuite)) {
+                hasNotEnabledCipherSuite = true;
             }
         }
 
@@ -250,9 +255,9 @@
                 "Cipher suite " + enabledCipherSuite + " should be supported");
         }
 
-        if (!hasDisabledCipherSuite) {
+        if (!hasNotEnabledCipherSuite) {
             throw new Exception(
-                "Cipher suite " + disabledCipherSuite + " should be supported");
+                "Cipher suite " + notEnabledCipherSuite + " should not be enabled");
         }
     }
 
--- a/test/sun/security/ssl/javax/net/ssl/NewAPIs/JSSERenegotiate.java	Mon Nov 12 14:48:27 2018 -0800
+++ b/test/sun/security/ssl/javax/net/ssl/NewAPIs/JSSERenegotiate.java	Mon Nov 12 23:44:13 2018 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2001, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2018, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -37,6 +37,7 @@
 
 import java.io.*;
 import java.net.*;
+import java.security.Security;
 import javax.net.ssl.*;
 
 public class JSSERenegotiate {
@@ -190,6 +191,10 @@
     volatile Exception clientException = null;
 
     public static void main(String[] args) throws Exception {
+        // reset the security property to make sure that the cipher suites
+        // used in this test are not disabled
+        Security.setProperty("jdk.tls.disabledAlgorithms", "");
+
         String keyFilename =
             System.getProperty("test.src", "./") + "/" + pathToStores +
                 "/" + keyStoreFile;