changeset 11840:49118e68fbd4 jdk9-b62

Merge
author lana
date Thu, 23 Apr 2015 16:10:19 -0700
parents c0ed608fc7d2 0f3007a3ce63
children f31efd159c33 c6c154e99ead
files src/java.base/share/classes/sun/security/provider/certpath/ReverseBuilder.java src/java.base/share/classes/sun/security/provider/certpath/ReverseState.java src/java.base/share/classes/sun/security/provider/certpath/SunCertPathBuilderParameters.java test/sun/security/provider/certpath/ReverseBuilder/BuildPath.java test/sun/security/provider/certpath/ReverseBuilder/ReverseBuild.java test/sun/security/provider/certpath/ReverseBuilder/mgrM2leadMA test/sun/security/provider/certpath/ReverseBuilder/mgrM2mgrM test/sun/security/provider/certpath/ReverseBuilder/mgrM2prjM test/sun/security/provider/certpath/ReverseBuilder/mgrMcrl test/sun/security/provider/certpath/ReverseBuilder/prjM2divE test/sun/security/provider/certpath/ReverseBuilder/prjM2mgrM test/sun/security/provider/certpath/ReverseBuilder/prjMcrl
diffstat 152 files changed, 1312 insertions(+), 2096 deletions(-) [+]
line wrap: on
line diff
--- a/make/src/classes/build/tools/module/ext.modules	Thu Apr 23 10:43:35 2015 -0700
+++ b/make/src/classes/build/tools/module/ext.modules	Thu Apr 23 16:10:19 2015 -0700
@@ -12,4 +12,5 @@
 jdk.localedata
 jdk.naming.dns
 jdk.scripting.nashorn
+jdk.xml.dom
 jdk.zipfs
--- a/src/java.base/linux/classes/sun/nio/ch/EPollPort.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/linux/classes/sun/nio/ch/EPollPort.java	Thu Apr 23 16:10:19 2015 -0700
@@ -105,7 +105,7 @@
 
         // create the queue and offer the special event to ensure that the first
         // threads polls
-        this.queue = new ArrayBlockingQueue<Event>(MAX_EPOLL_EVENTS);
+        this.queue = new ArrayBlockingQueue<>(MAX_EPOLL_EVENTS);
         this.queue.offer(NEED_TO_POLL);
     }
 
--- a/src/java.base/linux/classes/sun/nio/fs/LinuxNativeDispatcher.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/linux/classes/sun/nio/fs/LinuxNativeDispatcher.java	Thu Apr 23 16:10:19 2015 -0700
@@ -121,7 +121,7 @@
     private static native void init();
 
     static {
-        AccessController.doPrivileged(new PrivilegedAction<Void>() {
+        AccessController.doPrivileged(new PrivilegedAction<>() {
             public Void run() {
                 System.loadLibrary("nio");
                 return null;
--- a/src/java.base/linux/classes/sun/nio/fs/LinuxWatchService.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/linux/classes/sun/nio/fs/LinuxWatchService.java	Thu Apr 23 16:10:19 2015 -0700
@@ -190,7 +190,7 @@
             this.watcher = watcher;
             this.ifd = ifd;
             this.socketpair = sp;
-            this.wdToKey = new HashMap<Integer,LinuxWatchKey>();
+            this.wdToKey = new HashMap<>();
             this.address = unsafe.allocateMemory(BUFFER_SIZE);
         }
 
@@ -457,7 +457,7 @@
     private static native int poll(int fd1, int fd2) throws UnixException;
 
     static {
-        AccessController.doPrivileged(new PrivilegedAction<Void>() {
+        AccessController.doPrivileged(new PrivilegedAction<>() {
             public Void run() {
                 System.loadLibrary("nio");
                 return null;
--- a/src/java.base/linux/classes/sun/nio/fs/MagicFileTypeDetector.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/linux/classes/sun/nio/fs/MagicFileTypeDetector.java	Thu Apr 23 16:10:19 2015 -0700
@@ -68,7 +68,7 @@
     private static native byte[] probe0(long pathAddress);
 
     static {
-        AccessController.doPrivileged(new PrivilegedAction<Void>() {
+        AccessController.doPrivileged(new PrivilegedAction<>() {
             @Override
             public Void run() {
                 System.loadLibrary("nio");
--- a/src/java.base/share/classes/com/sun/java/util/jar/pack/NativeUnpack.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/com/sun/java/util/jar/pack/NativeUnpack.java	Thu Apr 23 16:10:19 2015 -0700
@@ -87,7 +87,7 @@
         // If loading from stand alone build uncomment this.
         // System.loadLibrary("unpack");
         java.security.AccessController.doPrivileged(
-            new java.security.PrivilegedAction<Void>() {
+            new java.security.PrivilegedAction<>() {
                 public Void run() {
                     System.loadLibrary("unpack");
                     return null;
--- a/src/java.base/share/classes/com/sun/java/util/jar/pack/Package.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/com/sun/java/util/jar/pack/Package.java	Thu Apr 23 16:10:19 2015 -0700
@@ -1210,7 +1210,7 @@
         // This keeps files of similar format near each other.
         // Put class files at the end, keeping their fixed order.
         // Be sure the JAR file's required manifest stays at the front. (4893051)
-        Collections.sort(files, new Comparator<File>() {
+        Collections.sort(files, new Comparator<>() {
                 public int compare(File r0, File r1) {
                     // Get the file name.
                     String f0 = r0.nameString;
--- a/src/java.base/share/classes/com/sun/java/util/jar/pack/PackageReader.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/com/sun/java/util/jar/pack/PackageReader.java	Thu Apr 23 16:10:19 2015 -0700
@@ -1151,7 +1151,7 @@
         return -1;
     }
 
-    Comparator<Entry> entryOutputOrder = new Comparator<Entry>() {
+    Comparator<Entry> entryOutputOrder = new Comparator<>() {
         public int compare(Entry e0, Entry e1) {
             int k0 = getOutputIndex(e0);
             int k1 = getOutputIndex(e1);
--- a/src/java.base/share/classes/com/sun/java/util/jar/pack/PackageWriter.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/com/sun/java/util/jar/pack/PackageWriter.java	Thu Apr 23 16:10:19 2015 -0700
@@ -829,7 +829,7 @@
         maxFlags = new int[ATTR_CONTEXT_LIMIT];
         allLayouts = new FixedList<>(ATTR_CONTEXT_LIMIT);
         for (int i = 0; i < ATTR_CONTEXT_LIMIT; i++) {
-            allLayouts.set(i, new HashMap<Attribute.Layout, int[]>());
+            allLayouts.set(i, new HashMap<>());
         }
         // Collect maxFlags and allLayouts.
         for (Class cls : pkg.classes) {
@@ -892,7 +892,7 @@
             // Sort by count, most frequent first.
             // Predefs. participate in this sort, though it does not matter.
             Arrays.sort(layoutsAndCounts,
-                        new Comparator<Map.Entry<Attribute.Layout, int[]>>() {
+                        new Comparator<>() {
                 public int compare(Map.Entry<Attribute.Layout, int[]> e0,
                                    Map.Entry<Attribute.Layout, int[]> e1) {
                     // Primary sort key is count, reversed.
@@ -1010,7 +1010,7 @@
         int numAttrDefs = defList.size();
         Object[][] defs = new Object[numAttrDefs][];
         defList.toArray(defs);
-        Arrays.sort(defs, new Comparator<Object[]>() {
+        Arrays.sort(defs, new Comparator<>() {
             public int compare(Object[] a0, Object[] a1) {
                 // Primary sort key is attr def header.
                 @SuppressWarnings("unchecked")
--- a/src/java.base/share/classes/java/io/ExpiringCache.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/io/ExpiringCache.java	Thu Apr 23 16:10:19 2015 -0700
@@ -64,7 +64,7 @@
     @SuppressWarnings("serial")
     ExpiringCache(long millisUntilExpiration) {
         this.millisUntilExpiration = millisUntilExpiration;
-        map = new LinkedHashMap<String,Entry>() {
+        map = new LinkedHashMap<>() {
             protected boolean removeEldestEntry(Map.Entry<String,Entry> eldest) {
               return size() > MAX_ENTRIES;
             }
--- a/src/java.base/share/classes/java/io/FilePermission.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/io/FilePermission.java	Thu Apr 23 16:10:19 2015 -0700
@@ -201,7 +201,7 @@
         }
 
         // store only the canonical cpath if possible
-        cpath = AccessController.doPrivileged(new PrivilegedAction<String>() {
+        cpath = AccessController.doPrivileged(new PrivilegedAction<>() {
             public String run() {
                 try {
                     String path = cpath;
--- a/src/java.base/share/classes/java/io/ObjectInputStream.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/io/ObjectInputStream.java	Thu Apr 23 16:10:19 2015 -0700
@@ -1263,7 +1263,7 @@
      */
     private static boolean auditSubclass(final Class<?> subcl) {
         Boolean result = AccessController.doPrivileged(
-            new PrivilegedAction<Boolean>() {
+            new PrivilegedAction<>() {
                 public Boolean run() {
                     for (Class<?> cl = subcl;
                          cl != ObjectInputStream.class;
@@ -2255,7 +2255,7 @@
             try {
                 while (list != null) {
                     AccessController.doPrivileged(
-                        new PrivilegedExceptionAction<Void>()
+                        new PrivilegedExceptionAction<>()
                     {
                         public Void run() throws InvalidObjectException {
                             list.obj.validateObject();
--- a/src/java.base/share/classes/java/io/ObjectOutputStream.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/io/ObjectOutputStream.java	Thu Apr 23 16:10:19 2015 -0700
@@ -1066,7 +1066,7 @@
      */
     private static boolean auditSubclass(final Class<?> subcl) {
         Boolean result = AccessController.doPrivileged(
-            new PrivilegedAction<Boolean>() {
+            new PrivilegedAction<>() {
                 public Boolean run() {
                     for (Class<?> cl = subcl;
                          cl != ObjectOutputStream.class;
--- a/src/java.base/share/classes/java/io/ObjectStreamClass.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/io/ObjectStreamClass.java	Thu Apr 23 16:10:19 2015 -0700
@@ -367,7 +367,7 @@
                 entry = th;
             }
             if (future.set(entry)) {
-                Caches.localDescs.put(key, new SoftReference<Object>(entry));
+                Caches.localDescs.put(key, new SoftReference<>(entry));
             } else {
                 // nested lookup call already set future
                 entry = future.get();
@@ -430,7 +430,7 @@
             }
             if (interrupted) {
                 AccessController.doPrivileged(
-                    new PrivilegedAction<Void>() {
+                    new PrivilegedAction<>() {
                         public Void run() {
                             Thread.currentThread().interrupt();
                             return null;
@@ -465,7 +465,7 @@
         localDesc = this;
 
         if (serializable) {
-            AccessController.doPrivileged(new PrivilegedAction<Void>() {
+            AccessController.doPrivileged(new PrivilegedAction<>() {
                 public Void run() {
                     if (isEnum) {
                         suid = Long.valueOf(0);
@@ -1733,7 +1733,7 @@
             for (int i = 0; i < fields.length; i++) {
                 fieldSigs[i] = new MemberSignature(fields[i]);
             }
-            Arrays.sort(fieldSigs, new Comparator<MemberSignature>() {
+            Arrays.sort(fieldSigs, new Comparator<>() {
                 public int compare(MemberSignature ms1, MemberSignature ms2) {
                     return ms1.name.compareTo(ms2.name);
                 }
@@ -1764,7 +1764,7 @@
             for (int i = 0; i < cons.length; i++) {
                 consSigs[i] = new MemberSignature(cons[i]);
             }
-            Arrays.sort(consSigs, new Comparator<MemberSignature>() {
+            Arrays.sort(consSigs, new Comparator<>() {
                 public int compare(MemberSignature ms1, MemberSignature ms2) {
                     return ms1.signature.compareTo(ms2.signature);
                 }
@@ -1787,7 +1787,7 @@
             for (int i = 0; i < methods.length; i++) {
                 methSigs[i] = new MemberSignature(methods[i]);
             }
-            Arrays.sort(methSigs, new Comparator<MemberSignature>() {
+            Arrays.sort(methSigs, new Comparator<>() {
                 public int compare(MemberSignature ms1, MemberSignature ms2) {
                     int comp = ms1.name.compareTo(ms2.name);
                     if (comp == 0) {
@@ -2164,7 +2164,7 @@
                 entry = th;
             }
             future.set(entry);
-            Caches.reflectors.put(key, new SoftReference<Object>(entry));
+            Caches.reflectors.put(key, new SoftReference<>(entry));
         }
 
         if (entry instanceof FieldReflector) {
--- a/src/java.base/share/classes/java/lang/CharacterName.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/lang/CharacterName.java	Thu Apr 23 16:10:19 2015 -0700
@@ -45,7 +45,7 @@
         DataInputStream dis = null;
         try {
             dis = new DataInputStream(new InflaterInputStream(
-                AccessController.doPrivileged(new PrivilegedAction<InputStream>()
+                AccessController.doPrivileged(new PrivilegedAction<>()
                 {
                     public InputStream run() {
                         return getClass().getResourceAsStream("uniName.dat");
--- a/src/java.base/share/classes/java/lang/Class.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/lang/Class.java	Thu Apr 23 16:10:19 2015 -0700
@@ -437,7 +437,7 @@
                 // (the stack depth is wrong for the Constructor's
                 // security check to work)
                 java.security.AccessController.doPrivileged(
-                    new java.security.PrivilegedAction<Void>() {
+                    new java.security.PrivilegedAction<>() {
                         public Void run() {
                                 c.setAccessible(true);
                                 return null;
@@ -1068,7 +1068,7 @@
                                                  Reflection.getCallerClass(), true);
             // Client is ok to access declared methods but j.l.Class might not be.
             Method[] candidates = AccessController.doPrivileged(
-                    new PrivilegedAction<Method[]>() {
+                    new PrivilegedAction<>() {
                         @Override
                         public Method[] run() {
                             return enclosingCandidate.getDeclaredMethods();
@@ -1228,7 +1228,7 @@
                                                  Reflection.getCallerClass(), true);
             // Client is ok to access declared methods but j.l.Class might not be.
             Constructor<?>[] candidates = AccessController.doPrivileged(
-                    new PrivilegedAction<Constructor<?>[]>() {
+                    new PrivilegedAction<>() {
                         @Override
                         public Constructor<?>[] run() {
                             return enclosingCandidate.getDeclaredConstructors();
@@ -1542,7 +1542,7 @@
         // has already been ok'd by the SecurityManager.
 
         return java.security.AccessController.doPrivileged(
-            new java.security.PrivilegedAction<Class<?>[]>() {
+            new java.security.PrivilegedAction<>() {
                 public Class<?>[] run() {
                     List<Class<?>> list = new ArrayList<>();
                     Class<?> currentClass = Class.this;
@@ -3293,7 +3293,7 @@
     private static boolean initted = false;
     private static void checkInitted() {
         if (initted) return;
-        AccessController.doPrivileged(new PrivilegedAction<Void>() {
+        AccessController.doPrivileged(new PrivilegedAction<>() {
                 public Void run() {
                     // Tests to ensure the system properties table is fully
                     // initialized. This is needed because reflection code is
@@ -3349,7 +3349,7 @@
             try {
                 final Method values = getMethod("values");
                 java.security.AccessController.doPrivileged(
-                    new java.security.PrivilegedAction<Void>() {
+                    new java.security.PrivilegedAction<>() {
                         public Void run() {
                                 values.setAccessible(true);
                                 return null;
--- a/src/java.base/share/classes/java/lang/ClassLoader.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/lang/ClassLoader.java	Thu Apr 23 16:10:19 2015 -0700
@@ -496,7 +496,7 @@
             final String name = cls.getName();
             final int i = name.lastIndexOf('.');
             if (i != -1) {
-                AccessController.doPrivileged(new PrivilegedAction<Void>() {
+                AccessController.doPrivileged(new PrivilegedAction<>() {
                     public Void run() {
                         sm.checkPackageAccess(name.substring(0, i));
                         return null;
@@ -1265,7 +1265,7 @@
     {
         final Enumeration<Resource> e =
             getBootstrapClassPath().getResources(name);
-        return new Enumeration<URL> () {
+        return new Enumeration<> () {
             public URL nextElement() {
                 return e.nextElement().getURL();
             }
@@ -1867,7 +1867,7 @@
         boolean isBuiltin = (name != null);
         if (!isBuiltin) {
             name = AccessController.doPrivileged(
-                new PrivilegedAction<String>() {
+                new PrivilegedAction<>() {
                     public String run() {
                         try {
                             return file.exists() ? file.getCanonicalPath() : null;
--- a/src/java.base/share/classes/java/lang/Package.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/lang/Package.java	Thu Apr 23 16:10:19 2015 -0700
@@ -595,7 +595,7 @@
 
         CachedManifest(final String fileName) {
             this.fileName = fileName;
-            this.url = AccessController.doPrivileged(new PrivilegedAction<URL>() {
+            this.url = AccessController.doPrivileged(new PrivilegedAction<>() {
                 public URL run() {
                     final File file = new File(fileName);
                     if (file.isFile()) {
@@ -626,7 +626,7 @@
                 if (m != null) {
                     return m;
                 }
-                m = AccessController.doPrivileged(new PrivilegedAction<Manifest>() {
+                m = AccessController.doPrivileged(new PrivilegedAction<>() {
                     public Manifest run() {
                         try (FileInputStream fis = new FileInputStream(fileName);
                              JarInputStream jis = new JarInputStream(fis, false)) {
--- a/src/java.base/share/classes/java/lang/SecurityManager.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/lang/SecurityManager.java	Thu Apr 23 16:10:19 2015 -0700
@@ -1455,7 +1455,7 @@
             if (!packageAccessValid) {
                 String tmpPropertyStr =
                     AccessController.doPrivileged(
-                        new PrivilegedAction<String>() {
+                        new PrivilegedAction<>() {
                             public String run() {
                                 return java.security.Security.getProperty(
                                     "package.access");
@@ -1524,7 +1524,7 @@
             if (!packageDefinitionValid) {
                 String tmpPropertyStr =
                     AccessController.doPrivileged(
-                        new PrivilegedAction<String>() {
+                        new PrivilegedAction<>() {
                             public String run() {
                                 return java.security.Security.getProperty(
                                     "package.definition");
--- a/src/java.base/share/classes/java/lang/StringBuffer.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/lang/StringBuffer.java	Thu Apr 23 16:10:19 2015 -0700
@@ -206,6 +206,7 @@
     }
 
     /**
+     * @throws IndexOutOfBoundsException {@inheritDoc}
      * @since      1.5
      */
     @Override
@@ -214,6 +215,7 @@
     }
 
     /**
+     * @throws IndexOutOfBoundsException {@inheritDoc}
      * @since     1.5
      */
     @Override
@@ -222,6 +224,7 @@
     }
 
     /**
+     * @throws IndexOutOfBoundsException {@inheritDoc}
      * @since     1.5
      */
     @Override
@@ -230,6 +233,7 @@
     }
 
     /**
+     * @throws IndexOutOfBoundsException {@inheritDoc}
      * @since     1.5
      */
     @Override
--- a/src/java.base/share/classes/java/lang/System.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/lang/System.java	Thu Apr 23 16:10:19 2015 -0700
@@ -309,7 +309,7 @@
             // calls the installed security manager's checkPermission method
             // which will loop infinitely if there is a non-system class
             // (in this case: the new security manager class) on the stack).
-            AccessController.doPrivileged(new PrivilegedAction<Object>() {
+            AccessController.doPrivileged(new PrivilegedAction<>() {
                 public Object run() {
                     s.getClass().getProtectionDomain().implies
                         (SecurityConstants.ALL_PERMISSION);
--- a/src/java.base/share/classes/java/lang/Thread.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/lang/Thread.java	Thu Apr 23 16:10:19 2015 -0700
@@ -1661,7 +1661,7 @@
      */
     private static boolean auditSubclass(final Class<?> subcl) {
         Boolean result = AccessController.doPrivileged(
-            new PrivilegedAction<Boolean>() {
+            new PrivilegedAction<>() {
                 public Boolean run() {
                     for (Class<?> cl = subcl;
                          cl != Thread.class;
--- a/src/java.base/share/classes/java/lang/invoke/InfoFromMemberName.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/lang/invoke/InfoFromMemberName.java	Thu Apr 23 16:10:19 2015 -0700
@@ -87,7 +87,7 @@
             // For more information see comments on {@link MethodHandleNatives#linkMethod}.
             throw new IllegalArgumentException("cannot reflect signature polymorphic method");
         }
-        Member mem = AccessController.doPrivileged(new PrivilegedAction<Member>() {
+        Member mem = AccessController.doPrivileged(new PrivilegedAction<>() {
                 public Member run() {
                     try {
                         return reflectUnchecked();
--- a/src/java.base/share/classes/java/lang/invoke/InnerClassLambdaMetafactory.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/lang/invoke/InnerClassLambdaMetafactory.java	Thu Apr 23 16:10:19 2015 -0700
@@ -194,7 +194,7 @@
         final Class<?> innerClass = spinInnerClass();
         if (invokedType.parameterCount() == 0) {
             final Constructor<?>[] ctrs = AccessController.doPrivileged(
-                    new PrivilegedAction<Constructor<?>[]>() {
+                    new PrivilegedAction<>() {
                 @Override
                 public Constructor<?>[] run() {
                     Constructor<?>[] ctrs = innerClass.getDeclaredConstructors();
@@ -311,7 +311,7 @@
 
         // If requested, dump out to a file for debugging purposes
         if (dumper != null) {
-            AccessController.doPrivileged(new PrivilegedAction<Void>() {
+            AccessController.doPrivileged(new PrivilegedAction<>() {
                 @Override
                 public Void run() {
                     dumper.dumpClass(lambdaClassName, classBytes);
--- a/src/java.base/share/classes/java/lang/invoke/InvokerBytecodeGenerator.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/lang/invoke/InvokerBytecodeGenerator.java	Thu Apr 23 16:10:19 2015 -0700
@@ -167,7 +167,7 @@
     static void maybeDump(final String className, final byte[] classFile) {
         if (DUMP_CLASS_FILES) {
             java.security.AccessController.doPrivileged(
-            new java.security.PrivilegedAction<Void>() {
+            new java.security.PrivilegedAction<>() {
                 public Void run() {
                     try {
                         String dumpName = className;
--- a/src/java.base/share/classes/java/lang/invoke/MethodHandleImpl.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/lang/invoke/MethodHandleImpl.java	Thu Apr 23 16:10:19 2015 -0700
@@ -51,7 +51,7 @@
     private static final int MAX_ARITY;
     static {
         final Object[] values = { 255 };
-        AccessController.doPrivileged(new PrivilegedAction<Void>() {
+        AccessController.doPrivileged(new PrivilegedAction<>() {
             @Override
             public Void run() {
                 values[0] = Integer.getInteger(MethodHandleImpl.class.getName()+".MAX_ARITY", 255);
@@ -1234,7 +1234,7 @@
         private static final byte[] T_BYTES;
         static {
             final Object[] values = {null};
-            AccessController.doPrivileged(new PrivilegedAction<Void>() {
+            AccessController.doPrivileged(new PrivilegedAction<>() {
                     public Void run() {
                         try {
                             Class<T> tClass = T.class;
--- a/src/java.base/share/classes/java/lang/invoke/MethodHandleProxies.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/lang/invoke/MethodHandleProxies.java	Thu Apr 23 16:10:19 2015 -0700
@@ -199,7 +199,7 @@
             // sun.invoke.WrapperInstance is a restricted interface not accessible
             // by any non-null class loader.
             final ClassLoader loader = proxyLoader;
-            proxy = AccessController.doPrivileged(new PrivilegedAction<Object>() {
+            proxy = AccessController.doPrivileged(new PrivilegedAction<>() {
                 public Object run() {
                     return Proxy.newProxyInstance(
                             loader,
--- a/src/java.base/share/classes/java/lang/invoke/MethodHandleStatics.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/lang/invoke/MethodHandleStatics.java	Thu Apr 23 16:10:19 2015 -0700
@@ -53,7 +53,7 @@
 
     static {
         final Object[] values = new Object[9];
-        AccessController.doPrivileged(new PrivilegedAction<Void>() {
+        AccessController.doPrivileged(new PrivilegedAction<>() {
                 public Void run() {
                     values[0] = Boolean.getBoolean("java.lang.invoke.MethodHandle.DEBUG_NAMES");
                     values[1] = Boolean.getBoolean("java.lang.invoke.MethodHandle.DUMP_CLASS_FILES");
--- a/src/java.base/share/classes/java/lang/invoke/ProxyClassesDumper.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/lang/invoke/ProxyClassesDumper.java	Thu Apr 23 16:10:19 2015 -0700
@@ -64,7 +64,7 @@
         try {
             path = path.trim();
             final Path dir = Paths.get(path.length() == 0 ? "." : path);
-            AccessController.doPrivileged(new PrivilegedAction<Void>() {
+            AccessController.doPrivileged(new PrivilegedAction<>() {
                     @Override
                     public Void run() {
                         validateDumpDir(dir);
--- a/src/java.base/share/classes/java/lang/invoke/SerializedLambda.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/lang/invoke/SerializedLambda.java	Thu Apr 23 16:10:19 2015 -0700
@@ -218,7 +218,7 @@
 
     private Object readResolve() throws ReflectiveOperationException {
         try {
-            Method deserialize = AccessController.doPrivileged(new PrivilegedExceptionAction<Method>() {
+            Method deserialize = AccessController.doPrivileged(new PrivilegedExceptionAction<>() {
                 @Override
                 public Method run() throws Exception {
                     Method m = capturingClass.getDeclaredMethod("$deserializeLambda$", SerializedLambda.class);
--- a/src/java.base/share/classes/java/lang/ref/Finalizer.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/lang/ref/Finalizer.java	Thu Apr 23 16:10:19 2015 -0700
@@ -121,7 +121,7 @@
      */
     private static void forkSecondaryFinalizer(final Runnable proc) {
         AccessController.doPrivileged(
-            new PrivilegedAction<Void>() {
+            new PrivilegedAction<>() {
                 public Void run() {
                     ThreadGroup tg = Thread.currentThread().getThreadGroup();
                     for (ThreadGroup tgn = tg;
--- a/src/java.base/share/classes/java/lang/reflect/Proxy.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/lang/reflect/Proxy.java	Thu Apr 23 16:10:19 2015 -0700
@@ -728,7 +728,7 @@
 
             final Constructor<?> cons = cl.getConstructor(constructorParams);
             if (!Modifier.isPublic(cl.getModifiers())) {
-                AccessController.doPrivileged(new PrivilegedAction<Void>() {
+                AccessController.doPrivileged(new PrivilegedAction<>() {
                     public Void run() {
                         cons.setAccessible(true);
                         return null;
--- a/src/java.base/share/classes/java/net/AbstractPlainDatagramSocketImpl.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/net/AbstractPlainDatagramSocketImpl.java	Thu Apr 23 16:10:19 2015 -0700
@@ -62,7 +62,7 @@
      */
     static {
         java.security.AccessController.doPrivileged(
-            new java.security.PrivilegedAction<Void>() {
+            new java.security.PrivilegedAction<>() {
                 public Void run() {
                     System.loadLibrary("net");
                     return null;
--- a/src/java.base/share/classes/java/net/AbstractPlainSocketImpl.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/net/AbstractPlainSocketImpl.java	Thu Apr 23 16:10:19 2015 -0700
@@ -79,7 +79,7 @@
      */
     static {
         java.security.AccessController.doPrivileged(
-            new java.security.PrivilegedAction<Void>() {
+            new java.security.PrivilegedAction<>() {
                 public Void run() {
                     System.loadLibrary("net");
                     return null;
--- a/src/java.base/share/classes/java/net/CookieManager.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/net/CookieManager.java	Thu Apr 23 16:10:19 2015 -0700
@@ -201,14 +201,13 @@
             throw new IllegalArgumentException("Argument is null");
         }
 
-        Map<String, List<String>> cookieMap =
-                        new java.util.HashMap<String, List<String>>();
+        Map<String, List<String>> cookieMap = new java.util.HashMap<>();
         // if there's no default CookieStore, no way for us to get any cookie
         if (cookieJar == null)
             return Collections.unmodifiableMap(cookieMap);
 
         boolean secureLink = "https".equalsIgnoreCase(uri.getScheme());
-        List<HttpCookie> cookies = new java.util.ArrayList<HttpCookie>();
+        List<HttpCookie> cookies = new java.util.ArrayList<>();
         String path = uri.getPath();
         if (path == null || path.isEmpty()) {
             path = "/";
@@ -411,7 +410,7 @@
     private List<String> sortByPath(List<HttpCookie> cookies) {
         Collections.sort(cookies, new CookiePathComparator());
 
-        List<String> cookieHeader = new java.util.ArrayList<String>();
+        List<String> cookieHeader = new java.util.ArrayList<>();
         for (HttpCookie cookie : cookies) {
             // Netscape cookie spec and RFC 2965 have different format of Cookie
             // header; RFC 2965 requires a leading $Version="1" string while Netscape
--- a/src/java.base/share/classes/java/net/DatagramPacket.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/net/DatagramPacket.java	Thu Apr 23 16:10:19 2015 -0700
@@ -47,7 +47,7 @@
      */
     static {
         java.security.AccessController.doPrivileged(
-            new java.security.PrivilegedAction<Void>() {
+            new java.security.PrivilegedAction<>() {
                 public Void run() {
                     System.loadLibrary("net");
                     return null;
--- a/src/java.base/share/classes/java/net/DatagramSocket.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/net/DatagramSocket.java	Thu Apr 23 16:10:19 2015 -0700
@@ -308,7 +308,7 @@
         // getDeclaredMethod, therefore we need permission to access the member
         try {
             AccessController.doPrivileged(
-                new PrivilegedExceptionAction<Void>() {
+                new PrivilegedExceptionAction<>() {
                     public Void run() throws NoSuchMethodException {
                         Class<?>[] cl = new Class<?>[1];
                         cl[0] = DatagramPacket.class;
--- a/src/java.base/share/classes/java/net/HttpConnectSocketImpl.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/net/HttpConnectSocketImpl.java	Thu Apr 23 16:10:19 2015 -0700
@@ -64,7 +64,7 @@
             serverSocketField = netClientClazz.getDeclaredField("serverSocket");
 
             java.security.AccessController.doPrivileged(
-                new java.security.PrivilegedAction<Void>() {
+                new java.security.PrivilegedAction<>() {
                     public Void run() {
                         httpField.setAccessible(true);
                         serverSocketField.setAccessible(true);
@@ -146,7 +146,7 @@
     {
         try {
             return java.security.AccessController.doPrivileged(
-                new java.security.PrivilegedExceptionAction<Socket>() {
+                new java.security.PrivilegedExceptionAction<>() {
                     public Socket run() throws IOException {
                         return doTunnel(urlString, timeout);
                 }
--- a/src/java.base/share/classes/java/net/HttpCookie.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/net/HttpCookie.java	Thu Apr 23 16:10:19 2015 -0700
@@ -1125,7 +1125,7 @@
      * @return  list of strings; never null
      */
     private static List<String> splitMultiCookies(String header) {
-        List<String> cookies = new java.util.ArrayList<String>();
+        List<String> cookies = new java.util.ArrayList<>();
         int quoteCount = 0;
         int p, q;
 
--- a/src/java.base/share/classes/java/net/IDN.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/net/IDN.java	Thu Apr 23 16:10:19 2015 -0700
@@ -228,7 +228,7 @@
         try {
             final String IDN_PROFILE = "uidna.spp";
             if (System.getSecurityManager() != null) {
-                stream = AccessController.doPrivileged(new PrivilegedAction<InputStream>() {
+                stream = AccessController.doPrivileged(new PrivilegedAction<>() {
                     public InputStream run() {
                         return StringPrep.class.getResourceAsStream(IDN_PROFILE);
                     }
--- a/src/java.base/share/classes/java/net/InMemoryCookieStore.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/net/InMemoryCookieStore.java	Thu Apr 23 16:10:19 2015 -0700
@@ -62,9 +62,9 @@
      * The default ctor
      */
     public InMemoryCookieStore() {
-        cookieJar = new ArrayList<HttpCookie>();
-        domainIndex = new HashMap<String, List<HttpCookie>>();
-        uriIndex = new HashMap<URI, List<HttpCookie>>();
+        cookieJar = new ArrayList<>();
+        domainIndex = new HashMap<>();
+        uriIndex = new HashMap<>();
 
         lock = new ReentrantLock(false);
     }
@@ -115,7 +115,7 @@
             throw new NullPointerException("uri is null");
         }
 
-        List<HttpCookie> cookies = new ArrayList<HttpCookie>();
+        List<HttpCookie> cookies = new ArrayList<>();
         boolean secureLink = "https".equalsIgnoreCase(uri.getScheme());
         lock.lock();
         try {
@@ -157,7 +157,7 @@
      * of this cookie store.
      */
     public List<URI> getURIs() {
-        List<URI> uris = new ArrayList<URI>();
+        List<URI> uris = new ArrayList<>();
 
         lock.lock();
         try {
@@ -281,7 +281,7 @@
             String host, boolean secureLink) {
         // Use a separate list to handle cookies that need to be removed so
         // that there is no conflict with iterators.
-        ArrayList<HttpCookie> toRemove = new ArrayList<HttpCookie>();
+        ArrayList<HttpCookie> toRemove = new ArrayList<>();
         for (Map.Entry<String, List<HttpCookie>> entry : cookieIndex.entrySet()) {
             String domain = entry.getKey();
             List<HttpCookie> lst = entry.getValue();
@@ -368,7 +368,7 @@
 
                 cookies.add(cookie);
             } else {
-                cookies = new ArrayList<HttpCookie>();
+                cookies = new ArrayList<>();
                 cookies.add(cookie);
                 indexStore.put(index, cookies);
             }
--- a/src/java.base/share/classes/java/net/InetAddress.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/net/InetAddress.java	Thu Apr 23 16:10:19 2015 -0700
@@ -270,7 +270,7 @@
         preferIPv6Address = java.security.AccessController.doPrivileged(
             new GetBooleanAction("java.net.preferIPv6Addresses")).booleanValue();
         AccessController.doPrivileged(
-            new java.security.PrivilegedAction<Void>() {
+            new java.security.PrivilegedAction<>() {
                 public Void run() {
                     System.loadLibrary("net");
                     return null;
@@ -852,7 +852,7 @@
             final String providerName = provider;
             try {
                 nameService = java.security.AccessController.doPrivileged(
-                    new java.security.PrivilegedExceptionAction<NameService>() {
+                    new java.security.PrivilegedExceptionAction<>() {
                         public NameService run() {
                             Iterator<NameServiceDescriptor> itr =
                                 ServiceLoader.load(NameServiceDescriptor.class)
@@ -892,7 +892,7 @@
         String provider = null;;
         String propPrefix = "sun.net.spi.nameservice.provider.";
         int n = 1;
-        nameServices = new ArrayList<NameService>();
+        nameServices = new ArrayList<>();
         provider = AccessController.doPrivileged(
                 new GetPropertyAction(propPrefix + n));
         while (provider != null) {
--- a/src/java.base/share/classes/java/net/NetworkInterface.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/net/NetworkInterface.java	Thu Apr 23 16:10:19 2015 -0700
@@ -54,7 +54,7 @@
 
     static {
         AccessController.doPrivileged(
-            new java.security.PrivilegedAction<Void>() {
+            new java.security.PrivilegedAction<>() {
                 public Void run() {
                     System.loadLibrary("net");
                     return null;
@@ -167,7 +167,7 @@
      * @since 1.6
      */
     public java.util.List<InterfaceAddress> getInterfaceAddresses() {
-        java.util.List<InterfaceAddress> lst = new java.util.ArrayList<InterfaceAddress>(1);
+        java.util.List<InterfaceAddress> lst = new java.util.ArrayList<>(1);
         SecurityManager sec = System.getSecurityManager();
         for (int j=0; j<bindings.length; j++) {
             try {
@@ -346,7 +346,7 @@
         if (netifs == null)
             return null;
 
-        return new Enumeration<NetworkInterface>() {
+        return new Enumeration<>() {
             private int i = 0;
             public NetworkInterface nextElement() {
                 if (netifs != null && i < netifs.length) {
--- a/src/java.base/share/classes/java/net/Socket.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/net/Socket.java	Thu Apr 23 16:10:19 2015 -0700
@@ -470,7 +470,7 @@
         // getDeclaredMethod, therefore we need permission to access the member
 
         oldImpl = AccessController.doPrivileged
-                                (new PrivilegedAction<Boolean>() {
+                                (new PrivilegedAction<>() {
             public Boolean run() {
                 Class<?> clazz = impl.getClass();
                 while (true) {
@@ -911,7 +911,7 @@
         InputStream is = null;
         try {
             is = AccessController.doPrivileged(
-                new PrivilegedExceptionAction<InputStream>() {
+                new PrivilegedExceptionAction<>() {
                     public InputStream run() throws IOException {
                         return impl.getInputStream();
                     }
@@ -951,7 +951,7 @@
         OutputStream os = null;
         try {
             os = AccessController.doPrivileged(
-                new PrivilegedExceptionAction<OutputStream>() {
+                new PrivilegedExceptionAction<>() {
                     public OutputStream run() throws IOException {
                         return impl.getOutputStream();
                     }
--- a/src/java.base/share/classes/java/net/SocketPermission.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/net/SocketPermission.java	Thu Apr 23 16:10:19 2015 -0700
@@ -1194,7 +1194,7 @@
      */
     private static int initEphemeralPorts(String suffix, int defval) {
         return AccessController.doPrivileged(
-            new PrivilegedAction<Integer>(){
+            new PrivilegedAction<>(){
                 public Integer run() {
                     int val = Integer.getInteger(
                             "jdk.net.ephemeralPortRange."+suffix, -1
@@ -1328,7 +1328,7 @@
      */
 
     public SocketPermissionCollection() {
-        perms = new ArrayList<SocketPermission>();
+        perms = new ArrayList<>();
     }
 
     /**
@@ -1466,7 +1466,7 @@
         // Get the one we want
         @SuppressWarnings("unchecked")
         Vector<SocketPermission> permissions = (Vector<SocketPermission>)gfields.get("permissions", null);
-        perms = new ArrayList<SocketPermission>(permissions.size());
+        perms = new ArrayList<>(permissions.size());
         perms.addAll(permissions);
     }
 }
--- a/src/java.base/share/classes/java/net/SocksSocketImpl.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/net/SocksSocketImpl.java	Thu Apr 23 16:10:19 2015 -0700
@@ -82,7 +82,7 @@
     {
         try {
             AccessController.doPrivileged(
-                new java.security.PrivilegedExceptionAction<Void>() {
+                new java.security.PrivilegedExceptionAction<>() {
                     public Void run() throws IOException {
                               superConnectServer(host, port, timeout);
                               cmdIn = getInputStream();
@@ -157,7 +157,7 @@
             final InetAddress addr = InetAddress.getByName(server);
             PasswordAuthentication pw =
                 java.security.AccessController.doPrivileged(
-                    new java.security.PrivilegedAction<PasswordAuthentication>() {
+                    new java.security.PrivilegedAction<>() {
                         public PasswordAuthentication run() {
                                 return Authenticator.requestPasswordAuthentication(
                                        server, addr, serverPort, "SOCKS5", "SOCKS authentication", null);
@@ -351,7 +351,7 @@
             // server is not null only when the socket was created with a
             // specified proxy in which case it does bypass the ProxySelector
             ProxySelector sel = java.security.AccessController.doPrivileged(
-                new java.security.PrivilegedAction<ProxySelector>() {
+                new java.security.PrivilegedAction<>() {
                     public ProxySelector run() {
                             return ProxySelector.getDefault();
                         }
@@ -595,7 +595,7 @@
         InetAddress naddr = baddr;
         if (naddr.isAnyLocalAddress()) {
             naddr = AccessController.doPrivileged(
-                        new PrivilegedAction<InetAddress>() {
+                        new PrivilegedAction<>() {
                             public InetAddress run() {
                                 return cmdsock.getLocalAddress();
 
@@ -671,7 +671,7 @@
             // server is not null only when the socket was created with a
             // specified proxy in which case it does bypass the ProxySelector
             ProxySelector sel = java.security.AccessController.doPrivileged(
-                new java.security.PrivilegedAction<ProxySelector>() {
+                new java.security.PrivilegedAction<>() {
                     public ProxySelector run() {
                             return ProxySelector.getDefault();
                         }
@@ -724,7 +724,7 @@
                 // Connects to the SOCKS server
                 try {
                     AccessController.doPrivileged(
-                        new PrivilegedExceptionAction<Void>() {
+                        new PrivilegedExceptionAction<>() {
                             public Void run() throws Exception {
                                 cmdsock = new Socket(new PlainSocketImpl());
                                 cmdsock.connect(new InetSocketAddress(server, serverPort));
@@ -755,7 +755,7 @@
         } else {
             try {
                 AccessController.doPrivileged(
-                    new PrivilegedExceptionAction<Void>() {
+                    new PrivilegedExceptionAction<>() {
                         public Void run() throws Exception {
                             cmdsock = new Socket(new PlainSocketImpl());
                             cmdsock.connect(new InetSocketAddress(server, serverPort));
--- a/src/java.base/share/classes/java/net/URL.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/net/URL.java	Thu Apr 23 16:10:19 2015 -0700
@@ -268,6 +268,23 @@
      *     createURLStreamHandler} method of each provider, if instantiated, is
      *     invoked, with the protocol string, until a provider returns non-null,
      *     or all providers have been exhausted.
+     * <li>If the previous step fails to find a protocol handler, the
+     *     constructor reads the value of the system property:
+     *     <blockquote>{@code
+     *         java.protocol.handler.pkgs
+     *     }</blockquote>
+     *     If the value of that system property is not {@code null},
+     *     it is interpreted as a list of packages separated by a vertical
+     *     slash character '{@code |}'. The constructor tries to load
+     *     the class named:
+     *     <blockquote>{@code
+     *         <package>.<protocol>.Handler
+     *     }</blockquote>
+     *     where {@code <package>} is replaced by the name of the package
+     *     and {@code <protocol>} is replaced by the name of the protocol.
+     *     If this class does not exist, or if the class exists but it is not
+     *     a subclass of {@code URLStreamHandler}, then the next package
+     *     in the list is tried.
      * <li>If the previous step fails to find a protocol handler, then the
      *     constructor tries to load a built-in protocol handler.
      *     If this class does not exist, or if the class exists but it is not a
@@ -1139,8 +1156,41 @@
         }
     }
 
+    private static URLStreamHandler lookupViaProperty(String protocol) {
+        String packagePrefixList = java.security.AccessController.doPrivileged(
+                new PrivilegedAction<>() {
+                    public String run() {
+                        return System.getProperty(protocolPathProp, "");
+                    }
+                });
+        String[] packagePrefixes = packagePrefixList.split("\\|");
+
+        URLStreamHandler handler = null;
+        for (int i=0; handler == null && i<packagePrefixes.length; i++) {
+            String packagePrefix = packagePrefixes[i].trim();
+            try {
+                String clsName = packagePrefix + "." + protocol + ".Handler";
+                Class<?> cls = null;
+                try {
+                    cls = Class.forName(clsName);
+                } catch (ClassNotFoundException e) {
+                    ClassLoader cl = ClassLoader.getSystemClassLoader();
+                    if (cl != null) {
+                        cls = cl.loadClass(clsName);
+                    }
+                }
+                if (cls != null) {
+                    handler = (URLStreamHandler)cls.newInstance();
+                }
+            } catch (Exception e) {
+                // any number of exceptions can get thrown here
+            }
+        }
+        return handler;
+    }
+
     private static Iterator<URLStreamHandlerProvider> providers() {
-        return new Iterator<URLStreamHandlerProvider>() {
+        return new Iterator<>() {
 
             ClassLoader cl = ClassLoader.getSystemClassLoader();
             ServiceLoader<URLStreamHandlerProvider> sl =
@@ -1193,7 +1243,7 @@
         gate.set(gate);
         try {
             return AccessController.doPrivileged(
-                new PrivilegedAction<URLStreamHandler>() {
+                new PrivilegedAction<>() {
                     public URLStreamHandler run() {
                         Iterator<URLStreamHandlerProvider> itr = providers();
                         while (itr.hasNext()) {
@@ -1251,6 +1301,10 @@
             if (handler == null && !protocol.equalsIgnoreCase("jar")) {
                 handler = lookupViaProviders(protocol);
             }
+
+            if (handler == null) {
+                handler = lookupViaProperty(protocol);
+            }
         }
 
         synchronized (streamHandlerLock) {
--- a/src/java.base/share/classes/java/net/URLClassLoader.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/net/URLClassLoader.java	Thu Apr 23 16:10:19 2015 -0700
@@ -359,7 +359,7 @@
         final Class<?> result;
         try {
             result = AccessController.doPrivileged(
-                new PrivilegedExceptionAction<Class<?>>() {
+                new PrivilegedExceptionAction<>() {
                     public Class<?> run() throws ClassNotFoundException {
                         String path = name.replace('.', '/').concat(".class");
                         Resource res = ucp.getResource(path, false);
@@ -564,7 +564,7 @@
          * The same restriction to finding classes applies to resources
          */
         URL url = AccessController.doPrivileged(
-            new PrivilegedAction<URL>() {
+            new PrivilegedAction<>() {
                 public URL run() {
                     return ucp.findResource(name, true);
                 }
@@ -587,7 +587,7 @@
     {
         final Enumeration<URL> e = ucp.findResources(name, true);
 
-        return new Enumeration<URL>() {
+        return new Enumeration<>() {
             private URL url = null;
 
             private boolean next() {
@@ -596,7 +596,7 @@
                 }
                 do {
                     URL u = AccessController.doPrivileged(
-                        new PrivilegedAction<URL>() {
+                        new PrivilegedAction<>() {
                             public URL run() {
                                 if (!e.hasMoreElements())
                                     return null;
@@ -704,7 +704,7 @@
             final SecurityManager sm = System.getSecurityManager();
             if (sm != null) {
                 final Permission fp = p;
-                AccessController.doPrivileged(new PrivilegedAction<Void>() {
+                AccessController.doPrivileged(new PrivilegedAction<>() {
                     public Void run() throws SecurityException {
                         sm.checkPermission(fp);
                         return null;
@@ -735,7 +735,7 @@
         final AccessControlContext acc = AccessController.getContext();
         // Need a privileged block to create the class loader
         URLClassLoader ucl = AccessController.doPrivileged(
-            new PrivilegedAction<URLClassLoader>() {
+            new PrivilegedAction<>() {
                 public URLClassLoader run() {
                     return new FactoryURLClassLoader(urls, parent, acc);
                 }
@@ -760,7 +760,7 @@
         final AccessControlContext acc = AccessController.getContext();
         // Need a privileged block to create the class loader
         URLClassLoader ucl = AccessController.doPrivileged(
-            new PrivilegedAction<URLClassLoader>() {
+            new PrivilegedAction<>() {
                 public URLClassLoader run() {
                     return new FactoryURLClassLoader(urls, acc);
                 }
--- a/src/java.base/share/classes/java/nio/channels/AsynchronousFileChannel.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/nio/channels/AsynchronousFileChannel.java	Thu Apr 23 16:10:19 2015 -0700
@@ -296,7 +296,7 @@
     public static AsynchronousFileChannel open(Path file, OpenOption... options)
         throws IOException
     {
-        Set<OpenOption> set = new HashSet<OpenOption>(options.length);
+        Set<OpenOption> set = new HashSet<>(options.length);
         Collections.addAll(set, options);
         return open(file, set, null, NO_ATTRIBUTES);
     }
--- a/src/java.base/share/classes/java/nio/channels/FileChannel.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/nio/channels/FileChannel.java	Thu Apr 23 16:10:19 2015 -0700
@@ -330,7 +330,7 @@
     public static FileChannel open(Path path, OpenOption... options)
         throws IOException
     {
-        Set<OpenOption> set = new HashSet<OpenOption>(options.length);
+        Set<OpenOption> set = new HashSet<>(options.length);
         Collections.addAll(set, options);
         return open(path, set, NO_ATTRIBUTES);
     }
--- a/src/java.base/share/classes/java/nio/channels/spi/AsynchronousChannelProvider.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/nio/channels/spi/AsynchronousChannelProvider.java	Thu Apr 23 16:10:19 2015 -0700
@@ -76,7 +76,7 @@
 
         private static AsynchronousChannelProvider load() {
             return AccessController
-                .doPrivileged(new PrivilegedAction<AsynchronousChannelProvider>() {
+                .doPrivileged(new PrivilegedAction<>() {
                     public AsynchronousChannelProvider run() {
                         AsynchronousChannelProvider p;
                         p = loadProviderFromProperty();
--- a/src/java.base/share/classes/java/nio/channels/spi/SelectorProvider.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/nio/channels/spi/SelectorProvider.java	Thu Apr 23 16:10:19 2015 -0700
@@ -172,7 +172,7 @@
             if (provider != null)
                 return provider;
             return AccessController.doPrivileged(
-                new PrivilegedAction<SelectorProvider>() {
+                new PrivilegedAction<>() {
                     public SelectorProvider run() {
                             if (loadProviderFromProperty())
                                 return provider;
--- a/src/java.base/share/classes/java/nio/charset/Charset.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/nio/charset/Charset.java	Thu Apr 23 16:10:19 2015 -0700
@@ -335,7 +335,7 @@
     // thrown.  Should be invoked with full privileges.
     //
     private static Iterator<CharsetProvider> providers() {
-        return new Iterator<CharsetProvider>() {
+        return new Iterator<>() {
 
                 ClassLoader cl = ClassLoader.getSystemClassLoader();
                 ServiceLoader<CharsetProvider> sl =
@@ -404,7 +404,7 @@
             gate.set(gate);
 
             return AccessController.doPrivileged(
-                new PrivilegedAction<Charset>() {
+                new PrivilegedAction<>() {
                     public Charset run() {
                         for (Iterator<CharsetProvider> i = providers();
                              i.hasNext();) {
@@ -428,7 +428,7 @@
         // returns ExtendedProvider, if installed
         private static CharsetProvider extendedProvider() {
             return AccessController.doPrivileged(
-                       new PrivilegedAction<CharsetProvider>() {
+                       new PrivilegedAction<>() {
                            public CharsetProvider run() {
                                 try {
                                     Class<?> epc
@@ -570,10 +570,10 @@
      */
     public static SortedMap<String,Charset> availableCharsets() {
         return AccessController.doPrivileged(
-            new PrivilegedAction<SortedMap<String,Charset>>() {
+            new PrivilegedAction<>() {
                 public SortedMap<String,Charset> run() {
                     TreeMap<String,Charset> m =
-                        new TreeMap<String,Charset>(
+                        new TreeMap<>(
                             ASCIICaseInsensitiveComparator.CASE_INSENSITIVE_ORDER);
                     put(standardProvider.charsets(), m);
                     CharsetProvider ecp = ExtendedProviderHolder.extendedProvider;
@@ -663,7 +663,7 @@
         if (aliasSet != null)
             return aliasSet;
         int n = aliases.length;
-        HashSet<String> hs = new HashSet<String>(n);
+        HashSet<String> hs = new HashSet<>(n);
         for (int i = 0; i < n; i++)
             hs.add(aliases[i]);
         aliasSet = Collections.unmodifiableSet(hs);
--- a/src/java.base/share/classes/java/nio/charset/CoderResult.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/nio/charset/CoderResult.java	Thu Apr 23 16:10:19 2015 -0700
@@ -204,13 +204,13 @@
             WeakReference<CoderResult> w;
             CoderResult e = null;
             if (cache == null) {
-                cache = new HashMap<Integer,WeakReference<CoderResult>>();
+                cache = new HashMap<>();
             } else if ((w = cache.get(k)) != null) {
                 e = w.get();
             }
             if (e == null) {
                 e = create(len);
-                cache.put(k, new WeakReference<CoderResult>(e));
+                cache.put(k, new WeakReference<>(e));
             }
             return e;
         }
--- a/src/java.base/share/classes/java/nio/file/FileSystems.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/nio/file/FileSystems.java	Thu Apr 23 16:10:19 2015 -0700
@@ -93,7 +93,7 @@
         private static FileSystem defaultFileSystem() {
             // load default provider
             FileSystemProvider provider = AccessController
-                .doPrivileged(new PrivilegedAction<FileSystemProvider>() {
+                .doPrivileged(new PrivilegedAction<>() {
                     public FileSystemProvider run() {
                         return getDefaultProvider();
                     }
--- a/src/java.base/share/classes/java/nio/file/Files.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/nio/file/Files.java	Thu Apr 23 16:10:19 2015 -0700
@@ -402,7 +402,7 @@
     public static SeekableByteChannel newByteChannel(Path path, OpenOption... options)
         throws IOException
     {
-        Set<OpenOption> set = new HashSet<OpenOption>(options.length);
+        Set<OpenOption> set = new HashSet<>(options.length);
         Collections.addAll(set, options);
         return newByteChannel(path, set);
     }
@@ -516,7 +516,7 @@
         // create a matcher and return a filter that uses it.
         FileSystem fs = dir.getFileSystem();
         final PathMatcher matcher = fs.getPathMatcher("glob:" + glob);
-        DirectoryStream.Filter<Path> filter = new DirectoryStream.Filter<Path>() {
+        DirectoryStream.Filter<Path> filter = new DirectoryStream.Filter<>() {
             @Override
             public boolean accept(Path entry)  {
                 return matcher.matches(entry.getFileName());
@@ -1541,7 +1541,7 @@
         // creates the default file type detector
         private static FileTypeDetector createDefaultFileTypeDetector() {
             return AccessController
-                .doPrivileged(new PrivilegedAction<FileTypeDetector>() {
+                .doPrivileged(new PrivilegedAction<>() {
                     @Override public FileTypeDetector run() {
                         return sun.nio.fs.DefaultFileTypeDetector.create();
                 }});
@@ -1550,7 +1550,7 @@
         // loads all installed file type detectors
         private static List<FileTypeDetector> loadInstalledDetectors() {
             return AccessController
-                .doPrivileged(new PrivilegedAction<List<FileTypeDetector>>() {
+                .doPrivileged(new PrivilegedAction<>() {
                     @Override public List<FileTypeDetector> run() {
                         List<FileTypeDetector> list = new ArrayList<>();
                         ServiceLoader<FileTypeDetector> loader = ServiceLoader
@@ -3468,7 +3468,7 @@
             final Iterator<Path> delegate = ds.iterator();
 
             // Re-wrap DirectoryIteratorException to UncheckedIOException
-            Iterator<Path> iterator = new Iterator<Path>() {
+            Iterator<Path> iterator = new Iterator<>() {
                 @Override
                 public boolean hasNext() {
                     try {
--- a/src/java.base/share/classes/java/nio/file/Path.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/nio/file/Path.java	Thu Apr 23 16:10:19 2015 -0700
@@ -801,7 +801,7 @@
      */
     @Override
     default Iterator<Path> iterator() {
-        return new Iterator<Path>() {
+        return new Iterator<>() {
             private int i = 0;
 
             @Override
--- a/src/java.base/share/classes/java/nio/file/attribute/AclEntry.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/nio/file/attribute/AclEntry.java	Thu Apr 23 16:10:19 2015 -0700
@@ -306,7 +306,7 @@
      * @return the permissions component
      */
     public Set<AclEntryPermission> permissions() {
-        return new HashSet<AclEntryPermission>(perms);
+        return new HashSet<>(perms);
     }
 
     /**
@@ -317,7 +317,7 @@
      * @return the flags component
      */
     public Set<AclEntryFlag> flags() {
-        return new HashSet<AclEntryFlag>(flags);
+        return new HashSet<>(flags);
     }
 
     /**
--- a/src/java.base/share/classes/java/nio/file/attribute/PosixFilePermissions.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/nio/file/attribute/PosixFilePermissions.java	Thu Apr 23 16:10:19 2015 -0700
@@ -160,13 +160,13 @@
     {
         // copy set and check for nulls (CCE will be thrown if an element is not
         // a PosixFilePermission)
-        perms = new HashSet<PosixFilePermission>(perms);
+        perms = new HashSet<>(perms);
         for (PosixFilePermission p: perms) {
             if (p == null)
                 throw new NullPointerException();
         }
         final Set<PosixFilePermission> value = perms;
-        return new FileAttribute<Set<PosixFilePermission>>() {
+        return new FileAttribute<>() {
             @Override
             public String name() {
                 return "posix:permissions";
--- a/src/java.base/share/classes/java/nio/file/spi/FileSystemProvider.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/nio/file/spi/FileSystemProvider.java	Thu Apr 23 16:10:19 2015 -0700
@@ -110,7 +110,7 @@
 
     // loads all installed providers
     private static List<FileSystemProvider> loadInstalledProviders() {
-        List<FileSystemProvider> list = new ArrayList<FileSystemProvider>();
+        List<FileSystemProvider> list = new ArrayList<>();
 
         ServiceLoader<FileSystemProvider> sl = ServiceLoader
             .load(FileSystemProvider.class, ClassLoader.getSystemClassLoader());
@@ -163,7 +163,7 @@
                     loadingProviders = true;
 
                     List<FileSystemProvider> list = AccessController
-                        .doPrivileged(new PrivilegedAction<List<FileSystemProvider>>() {
+                        .doPrivileged(new PrivilegedAction<>() {
                             @Override
                             public List<FileSystemProvider> run() {
                                 return loadInstalledProviders();
@@ -419,7 +419,7 @@
         throws IOException
     {
         int len = options.length;
-        Set<OpenOption> opts = new HashSet<OpenOption>(len + 3);
+        Set<OpenOption> opts = new HashSet<>(len + 3);
         if (len == 0) {
             opts.add(StandardOpenOption.CREATE);
             opts.add(StandardOpenOption.TRUNCATE_EXISTING);
--- a/src/java.base/share/classes/java/time/format/DateTimeParseContext.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/time/format/DateTimeParseContext.java	Thu Apr 23 16:10:19 2015 -0700
@@ -399,7 +399,7 @@
      */
     void addChronoChangedListener(Consumer<Chronology> listener) {
         if (chronoListeners == null) {
-            chronoListeners = new ArrayList<Consumer<Chronology>>();
+            chronoListeners = new ArrayList<>();
         }
         chronoListeners.add(listener);
     }
--- a/src/java.base/share/classes/java/time/zone/ZoneRulesProvider.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/time/zone/ZoneRulesProvider.java	Thu Apr 23 16:10:19 2015 -0700
@@ -141,7 +141,7 @@
         // if the property java.time.zone.DefaultZoneRulesProvider is
         // set then its value is the class name of the default provider
         final List<ZoneRulesProvider> loaded = new ArrayList<>();
-        AccessController.doPrivileged(new PrivilegedAction<Object>() {
+        AccessController.doPrivileged(new PrivilegedAction<>() {
             public Object run() {
                 String prop = System.getProperty("java.time.zone.DefaultZoneRulesProvider");
                 if (prop != null) {
--- a/src/java.base/share/classes/java/util/Calendar.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/util/Calendar.java	Thu Apr 23 16:10:19 2015 -0700
@@ -3579,7 +3579,7 @@
         ZoneInfo zi = null;
         try {
             zi = AccessController.doPrivileged(
-                    new PrivilegedExceptionAction<ZoneInfo>() {
+                    new PrivilegedExceptionAction<>() {
                         @Override
                         public ZoneInfo run() throws Exception {
                             return (ZoneInfo) input.readObject();
--- a/src/java.base/share/classes/java/util/Currency.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/util/Currency.java	Thu Apr 23 16:10:19 2015 -0700
@@ -212,7 +212,7 @@
     private static final int VALID_FORMAT_VERSION = 2;
 
     static {
-        AccessController.doPrivileged(new PrivilegedAction<Void>() {
+        AccessController.doPrivileged(new PrivilegedAction<>() {
             @Override
             public Void run() {
                 try {
--- a/src/java.base/share/classes/java/util/ResourceBundle.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/util/ResourceBundle.java	Thu Apr 23 16:10:19 2015 -0700
@@ -2655,7 +2655,7 @@
                 InputStream stream = null;
                 try {
                     stream = AccessController.doPrivileged(
-                        new PrivilegedExceptionAction<InputStream>() {
+                        new PrivilegedExceptionAction<>() {
                             public InputStream run() throws IOException {
                                 InputStream is = null;
                                 if (reloadFlag) {
--- a/src/java.base/share/classes/java/util/TimeZone.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/util/TimeZone.java	Thu Apr 23 16:10:19 2015 -0700
@@ -678,7 +678,7 @@
         assert tz != null;
 
         final String id = zoneID;
-        AccessController.doPrivileged(new PrivilegedAction<Void>() {
+        AccessController.doPrivileged(new PrivilegedAction<>() {
             @Override
                 public Void run() {
                     System.setProperty("user.timezone", id);
--- a/src/java.base/share/classes/java/util/jar/JarFile.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/util/jar/JarFile.java	Thu Apr 23 16:10:19 2015 -0700
@@ -593,7 +593,7 @@
         if (includeUnsigned) {
             return unsignedEntryNames();
         } else {
-            return new Enumeration<String>() {
+            return new Enumeration<>() {
 
                 public boolean hasMoreElements() {
                     return false;
@@ -619,7 +619,7 @@
 
         // screen out entries which are never signed
         final Enumeration<? extends ZipEntry> enum_ = super.entries();
-        return new Enumeration<JarEntry>() {
+        return new Enumeration<>() {
 
             ZipEntry entry;
 
@@ -669,7 +669,7 @@
 
     private Enumeration<String> unsignedEntryNames() {
         final Enumeration<JarEntry> entries = entries();
-        return new Enumeration<String>() {
+        return new Enumeration<>() {
 
             String name;
 
--- a/src/java.base/share/classes/java/util/jar/JarVerifier.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/java/util/jar/JarVerifier.java	Thu Apr 23 16:10:19 2015 -0700
@@ -684,7 +684,7 @@
         final List<CodeSigner[]> signersReq = req;
         final Enumeration<String> enum2 = (matchUnsigned) ? unsignedEntryNames(jar) : emptyEnumeration;
 
-        return new Enumeration<String>() {
+        return new Enumeration<>() {
 
             String name;
 
@@ -726,7 +726,7 @@
         final Map<String, CodeSigner[]> map = new HashMap<>();
         map.putAll(signerMap());
         final Enumeration<? extends ZipEntry> enum_ = e;
-        return new Enumeration<JarEntry>() {
+        return new Enumeration<>() {
 
             Enumeration<String> signers = null;
             JarEntry entry;
@@ -786,7 +786,7 @@
     private Enumeration<String> unsignedEntryNames(JarFile jar) {
         final Map<String, CodeSigner[]> map = signerMap();
         final Enumeration<JarEntry> entries = jar.entries();
-        return new Enumeration<String>() {
+        return new Enumeration<>() {
 
             String name;
 
--- a/src/java.base/share/classes/sun/misc/Cleaner.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/misc/Cleaner.java	Thu Apr 23 16:10:19 2015 -0700
@@ -142,7 +142,7 @@
         try {
             thunk.run();
         } catch (final Throwable x) {
-            AccessController.doPrivileged(new PrivilegedAction<Void>() {
+            AccessController.doPrivileged(new PrivilegedAction<>() {
                     public Void run() {
                         if (System.err != null)
                             new Error("Cleaner terminated abnormally", x)
--- a/src/java.base/share/classes/sun/misc/URLClassPath.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/misc/URLClassPath.java	Thu Apr 23 16:10:19 2015 -0700
@@ -97,16 +97,16 @@
     }
 
     /* The original search path of URLs. */
-    private ArrayList<URL> path = new ArrayList<URL>();
+    private ArrayList<URL> path = new ArrayList<>();
 
     /* The stack of unopened URLs */
-    Stack<URL> urls = new Stack<URL>();
+    Stack<URL> urls = new Stack<>();
 
     /* The resulting search path of Loaders */
-    ArrayList<Loader> loaders = new ArrayList<Loader>();
+    ArrayList<Loader> loaders = new ArrayList<>();
 
     /* Map of each URL opened to its corresponding Loader */
-    HashMap<String, Loader> lmap = new HashMap<String, Loader>();
+    HashMap<String, Loader> lmap = new HashMap<>();
 
     /* The jar protocol handler to use when creating new URLs */
     private URLStreamHandler jarHandler;
@@ -142,7 +142,7 @@
         if (closed) {
             return Collections.emptyList();
         }
-        List<IOException> result = new LinkedList<IOException>();
+        List<IOException> result = new LinkedList<>();
         for (Loader loader : loaders) {
             try {
                 loader.close();
@@ -234,7 +234,7 @@
      */
     public Enumeration<URL> findResources(final String name,
                                      final boolean check) {
-        return new Enumeration<URL>() {
+        return new Enumeration<>() {
             private int index = 0;
             private URL url = null;
 
@@ -281,7 +281,7 @@
      */
     public Enumeration<Resource> getResources(final String name,
                                     final boolean check) {
-        return new Enumeration<Resource>() {
+        return new Enumeration<>() {
             private int index = 0;
             private Resource res = null;
 
@@ -374,7 +374,7 @@
     private Loader getLoader(final URL url) throws IOException {
         try {
             return java.security.AccessController.doPrivileged(
-                new java.security.PrivilegedExceptionAction<Loader>() {
+                new java.security.PrivilegedExceptionAction<>() {
                 public Loader run() throws IOException {
                     String file = url.getFile();
                     if (file != null && file.endsWith("/")) {
@@ -689,7 +689,7 @@
             if (jar == null) {
                 try {
                     java.security.AccessController.doPrivileged(
-                        new java.security.PrivilegedExceptionAction<Void>() {
+                        new java.security.PrivilegedExceptionAction<>() {
                             public Void run() throws IOException {
                                 if (DEBUG) {
                                     System.err.println("Opening " + csu);
@@ -870,7 +870,7 @@
             if (index == null)
                 return null;
 
-            HashSet<String> visited = new HashSet<String>();
+            HashSet<String> visited = new HashSet<>();
             return getResource(name, check, visited);
         }
 
@@ -912,7 +912,7 @@
                              * before
                              */
                             newLoader = AccessController.doPrivileged(
-                                new PrivilegedExceptionAction<JarLoader>() {
+                                new PrivilegedExceptionAction<>() {
                                     public JarLoader run() throws IOException {
                                         return new JarLoader(url, handler,
                                             lmap);
--- a/src/java.base/share/classes/sun/net/NetworkClient.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/net/NetworkClient.java	Thu Apr 23 16:10:19 2015 -0700
@@ -69,7 +69,7 @@
         final String encs[] = { null };
 
         AccessController.doPrivileged(
-                new PrivilegedAction<Void>() {
+                new PrivilegedAction<>() {
                     public Void run() {
                         vals[0] = Integer.getInteger("sun.net.client.defaultReadTimeout", 0).intValue();
                         vals[1] = Integer.getInteger("sun.net.client.defaultConnectTimeout", 0).intValue();
@@ -154,7 +154,7 @@
         if (proxy != null) {
             if (proxy.type() == Proxy.Type.SOCKS) {
                 s = AccessController.doPrivileged(
-                    new PrivilegedAction<Socket>() {
+                    new PrivilegedAction<>() {
                         public Socket run() {
                                        return new Socket(proxy);
                                    }});
@@ -201,7 +201,7 @@
         if (serverSocket == null)
             throw new IOException("not connected");
         return  AccessController.doPrivileged(
-                        new PrivilegedAction<InetAddress>() {
+                        new PrivilegedAction<>() {
                             public InetAddress run() {
                                 return serverSocket.getLocalAddress();
 
--- a/src/java.base/share/classes/sun/net/ProgressMonitor.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/net/ProgressMonitor.java	Thu Apr 23 16:10:19 2015 -0700
@@ -64,7 +64,7 @@
      * Return a snapshot of the ProgressSource list
      */
     public ArrayList<ProgressSource> getProgressSources()    {
-        ArrayList<ProgressSource> snapshot = new ArrayList<ProgressSource>();
+        ArrayList<ProgressSource> snapshot = new ArrayList<>();
 
         try {
             synchronized(progressSourceList)    {
@@ -114,7 +114,7 @@
         if (progressListenerList.size() > 0)
         {
             // Notify progress listener if there is progress change
-            ArrayList<ProgressListener> listeners = new ArrayList<ProgressListener>();
+            ArrayList<ProgressListener> listeners = new ArrayList<>();
 
             // Copy progress listeners to another list to avoid holding locks
             synchronized(progressListenerList) {
@@ -151,7 +151,7 @@
         if (progressListenerList.size() > 0)
         {
             // Notify progress listener if there is progress change
-            ArrayList<ProgressListener> listeners = new ArrayList<ProgressListener>();
+            ArrayList<ProgressListener> listeners = new ArrayList<>();
 
             // Copy progress listeners to another list to avoid holding locks
             synchronized(progressListenerList) {
@@ -183,7 +183,7 @@
         if (progressListenerList.size() > 0)
         {
             // Notify progress listener if there is progress change
-            ArrayList<ProgressListener> listeners = new ArrayList<ProgressListener>();
+            ArrayList<ProgressListener> listeners = new ArrayList<>();
 
             // Copy progress listeners to another list to avoid holding locks
             synchronized(progressListenerList)  {
--- a/src/java.base/share/classes/sun/net/www/MessageHeader.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/net/www/MessageHeader.java	Thu Apr 23 16:10:19 2015 -0700
@@ -244,7 +244,7 @@
     public synchronized Map<String, List<String>> filterAndAddHeaders(
             String[] excludeList, Map<String, List<String>>  include) {
         boolean skipIt = false;
-        Map<String, List<String>> m = new HashMap<String, List<String>>();
+        Map<String, List<String>> m = new HashMap<>();
         for (int i = nkeys; --i >= 0;) {
             if (excludeList != null) {
                 // check if the key is in the excludeList.
@@ -260,7 +260,7 @@
             if (!skipIt) {
                 List<String> l = m.get(keys[i]);
                 if (l == null) {
-                    l = new ArrayList<String>();
+                    l = new ArrayList<>();
                     m.put(keys[i], l);
                 }
                 l.add(values[i]);
@@ -274,7 +274,7 @@
                 for (Map.Entry<String,List<String>> entry: include.entrySet()) {
                 List<String> l = m.get(entry.getKey());
                 if (l == null) {
-                    l = new ArrayList<String>();
+                    l = new ArrayList<>();
                     m.put(entry.getKey(), l);
                 }
                 l.addAll(entry.getValue());
--- a/src/java.base/share/classes/sun/net/www/http/HttpCapture.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/net/www/http/HttpCapture.java	Thu Apr 23 16:10:19 2015 -0700
@@ -64,7 +64,7 @@
     private static synchronized void init() {
         initialized = true;
         String rulesFile = java.security.AccessController.doPrivileged(
-            new java.security.PrivilegedAction<String>() {
+            new java.security.PrivilegedAction<>() {
                 public String run() {
                     return NetProperties.get("sun.net.http.captureRules");
                 }
@@ -85,8 +85,8 @@
                         String[] s = line.split(",");
                         if (s.length == 2) {
                             if (patterns == null) {
-                                patterns = new ArrayList<Pattern>();
-                                capFiles = new ArrayList<String>();
+                                patterns = new ArrayList<>();
+                                capFiles = new ArrayList<>();
                             }
                             patterns.add(Pattern.compile(s[0].trim()));
                             capFiles.add(s[1].trim());
--- a/src/java.base/share/classes/sun/net/www/http/HttpClient.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/net/www/http/HttpClient.java	Thu Apr 23 16:10:19 2015 -0700
@@ -479,7 +479,7 @@
     {
         try {
             java.security.AccessController.doPrivileged(
-                new java.security.PrivilegedExceptionAction<Void>() {
+                new java.security.PrivilegedExceptionAction<>() {
                     public Void run() throws IOException {
                     openServer(server.getHostString(), server.getPort());
                     return null;
--- a/src/java.base/share/classes/sun/net/www/http/KeepAliveCache.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/net/www/http/KeepAliveCache.java	Thu Apr 23 16:10:19 2015 -0700
@@ -94,7 +94,7 @@
              */
             final KeepAliveCache cache = this;
             java.security.AccessController.doPrivileged(
-                new java.security.PrivilegedAction<Void>() {
+                new java.security.PrivilegedAction<>() {
                 public Void run() {
                     keepAliveTimer = new InnocuousThread(cache, "Keep-Alive-Timer");
                     keepAliveTimer.setDaemon(true);
@@ -178,7 +178,7 @@
                 long currentTime = System.currentTimeMillis();
 
                 ArrayList<KeepAliveKey> keysToRemove
-                    = new ArrayList<KeepAliveKey>();
+                    = new ArrayList<>();
 
                 for (KeepAliveKey key : keySet()) {
                     ClientVector v = get(key);
--- a/src/java.base/share/classes/sun/net/www/protocol/http/AuthenticationHeader.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/net/www/protocol/http/AuthenticationHeader.java	Thu Apr 23 16:10:19 2015 -0700
@@ -122,7 +122,7 @@
         this.dontUseNegotiate = dontUseNegotiate;
         rsp = response;
         this.hdrname = hdrname;
-        schemes = new HashMap<String,SchemeMapValue>();
+        schemes = new HashMap<>();
         parse();
     }
 
--- a/src/java.base/share/classes/sun/net/www/protocol/http/DigestAuthentication.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/net/www/protocol/http/DigestAuthentication.java	Thu Apr 23 16:10:19 2015 -0700
@@ -62,7 +62,7 @@
 
     static {
         Boolean b = AccessController.doPrivileged(
-            new PrivilegedAction<Boolean>() {
+            new PrivilegedAction<>() {
                 public Boolean run() {
                     return NetProperties.getBoolean(compatPropName);
                 }
--- a/src/java.base/share/classes/sun/net/www/protocol/http/HttpURLConnection.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/net/www/protocol/http/HttpURLConnection.java	Thu Apr 23 16:10:19 2015 -0700
@@ -244,7 +244,7 @@
                 new sun.security.action.GetBooleanAction(
                     "sun.net.http.allowRestrictedHeaders")).booleanValue();
         if (!allowRestrictedHeaders) {
-            restrictedHeaderSet = new HashSet<String>(restrictedHeaders.length);
+            restrictedHeaderSet = new HashSet<>(restrictedHeaders.length);
             for (int i=0; i < restrictedHeaders.length; i++) {
                 restrictedHeaderSet.add(restrictedHeaders[i].toLowerCase());
             }
@@ -413,7 +413,7 @@
                             final URL url,
                             final RequestorType authType) {
         return java.security.AccessController.doPrivileged(
-            new java.security.PrivilegedAction<PasswordAuthentication>() {
+            new java.security.PrivilegedAction<>() {
                 public PasswordAuthentication run() {
                     if (logger.isLoggable(PlatformLogger.Level.FINEST)) {
                         logger.finest("Requesting Authentication: host =" + host + " url = " + url);
@@ -817,14 +817,14 @@
             } catch (SecurityException se) { /* swallow exception */ }
         } else {
             cookieHandler = java.security.AccessController.doPrivileged(
-                new java.security.PrivilegedAction<CookieHandler>() {
+                new java.security.PrivilegedAction<>() {
                 public CookieHandler run() {
                     return CookieHandler.getDefault();
                 }
             });
         }
         cacheHandler = java.security.AccessController.doPrivileged(
-            new java.security.PrivilegedAction<ResponseCache>() {
+            new java.security.PrivilegedAction<>() {
                 public ResponseCache run() {
                 return ResponseCache.getDefault();
             }
@@ -909,7 +909,7 @@
         final boolean result[] = {false};
 
         java.security.AccessController.doPrivileged(
-            new java.security.PrivilegedAction<Void>() {
+            new java.security.PrivilegedAction<>() {
                 public Void run() {
                 try {
                     InetAddress a1 = InetAddress.getByName(h1);
@@ -954,7 +954,7 @@
         try {
             // lookup hostname and use IP address if available
             host = AccessController.doPrivileged(
-                new PrivilegedExceptionAction<String>() {
+                new PrivilegedExceptionAction<>() {
                     public String run() throws IOException {
                             InetAddress addr = InetAddress.getByName(hostarg);
                             return addr.getHostAddress();
@@ -984,7 +984,7 @@
         if (p != null) {
             try {
                 AccessController.doPrivileged(
-                    new PrivilegedExceptionAction<Void>() {
+                    new PrivilegedExceptionAction<>() {
                         public Void run() throws IOException {
                             plainConnect0();
                             return null;
@@ -1086,7 +1086,7 @@
                  */
                 ProxySelector sel =
                     java.security.AccessController.doPrivileged(
-                        new java.security.PrivilegedAction<ProxySelector>() {
+                        new java.security.PrivilegedAction<>() {
                             public ProxySelector run() {
                                      return ProxySelector.getDefault();
                                  }
@@ -1245,7 +1245,7 @@
         if (p != null) {
             try {
                 return AccessController.doPrivileged(
-                    new PrivilegedExceptionAction<OutputStream>() {
+                    new PrivilegedExceptionAction<>() {
                         public OutputStream run() throws IOException {
                             return getOutputStream0();
                         }
@@ -1423,7 +1423,7 @@
         if (p != null) {
             try {
                 return AccessController.doPrivileged(
-                    new PrivilegedExceptionAction<InputStream>() {
+                    new PrivilegedExceptionAction<>() {
                         public InputStream run() throws IOException {
                             return getInputStream0();
                         }
@@ -1877,7 +1877,7 @@
             final Object[] args = { rememberedException.getMessage() };
             IOException chainedException =
                 java.security.AccessController.doPrivileged(
-                    new java.security.PrivilegedExceptionAction<IOException>() {
+                    new java.security.PrivilegedExceptionAction<>() {
                         public IOException run() throws Exception {
                             return (IOException)
                                 rememberedException.getClass()
@@ -2204,7 +2204,7 @@
                     try {
                         final String finalHost = host;
                         addr = java.security.AccessController.doPrivileged(
-                            new java.security.PrivilegedExceptionAction<InetAddress>() {
+                            new java.security.PrivilegedExceptionAction<>() {
                                 public InetAddress run()
                                     throws java.net.UnknownHostException {
                                     return InetAddress.getByName(finalHost);
@@ -2566,7 +2566,7 @@
         if (p != null) {
             try {
                 return AccessController.doPrivileged(
-                    new PrivilegedExceptionAction<Boolean>() {
+                    new PrivilegedExceptionAction<>() {
                         public Boolean run() throws IOException {
                             return followRedirect0(loc, stat, locUrl0);
                         }
--- a/src/java.base/share/classes/sun/net/www/protocol/jar/URLJarFile.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/net/www/protocol/jar/URLJarFile.java	Thu Apr 23 16:10:19 2015 -0700
@@ -213,7 +213,7 @@
             /* get the stream before asserting privileges */
             try (final InputStream in = url.openConnection().getInputStream()) {
                 result = AccessController.doPrivileged(
-                    new PrivilegedExceptionAction<JarFile>() {
+                    new PrivilegedExceptionAction<>() {
                         public JarFile run() throws IOException {
                             Path tmpFile = Files.createTempFile("jar_cache", null);
                             try {
--- a/src/java.base/share/classes/sun/nio/ch/AsynchronousChannelGroupImpl.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/nio/ch/AsynchronousChannelGroupImpl.java	Thu Apr 23 16:10:19 2015 -0700
@@ -76,7 +76,7 @@
         this.pool = pool;
 
         if (pool.isFixedThreadPool()) {
-            taskQueue = new ConcurrentLinkedQueue<Runnable>();
+            taskQueue = new ConcurrentLinkedQueue<>();
         } else {
             taskQueue = null;   // not used
         }
@@ -115,7 +115,7 @@
     }
 
     private void startInternalThread(final Runnable task) {
-        AccessController.doPrivileged(new PrivilegedAction<Void>() {
+        AccessController.doPrivileged(new PrivilegedAction<>() {
             @Override
             public Void run() {
                 // internal threads should not be visible to application so
@@ -246,7 +246,7 @@
     abstract void shutdownHandlerTasks();
 
     private void shutdownExecutors() {
-        AccessController.doPrivileged(new PrivilegedAction<Void>() {
+        AccessController.doPrivileged(new PrivilegedAction<>() {
             public Void run() {
                 pool.executor().shutdown();
                 timeoutExecutor.shutdown();
@@ -323,7 +323,7 @@
             task = new Runnable() {
                 @Override
                 public void run() {
-                    AccessController.doPrivileged(new PrivilegedAction<Void>() {
+                    AccessController.doPrivileged(new PrivilegedAction<>() {
                         @Override
                         public Void run() {
                             delegate.run();
--- a/src/java.base/share/classes/sun/nio/ch/AsynchronousServerSocketChannelImpl.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/nio/ch/AsynchronousServerSocketChannelImpl.java	Thu Apr 23 16:10:19 2015 -0700
@@ -228,7 +228,7 @@
         static final Set<SocketOption<?>> defaultOptions = defaultOptions();
 
         private static Set<SocketOption<?>> defaultOptions() {
-            HashSet<SocketOption<?>> set = new HashSet<SocketOption<?>>(2);
+            HashSet<SocketOption<?>> set = new HashSet<>(2);
             set.add(StandardSocketOptions.SO_RCVBUF);
             set.add(StandardSocketOptions.SO_REUSEADDR);
             return Collections.unmodifiableSet(set);
--- a/src/java.base/share/classes/sun/nio/ch/AsynchronousSocketChannelImpl.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/nio/ch/AsynchronousSocketChannelImpl.java	Thu Apr 23 16:10:19 2015 -0700
@@ -503,7 +503,7 @@
         static final Set<SocketOption<?>> defaultOptions = defaultOptions();
 
         private static Set<SocketOption<?>> defaultOptions() {
-            HashSet<SocketOption<?>> set = new HashSet<SocketOption<?>>(5);
+            HashSet<SocketOption<?>> set = new HashSet<>(5);
             set.add(StandardSocketOptions.SO_SNDBUF);
             set.add(StandardSocketOptions.SO_RCVBUF);
             set.add(StandardSocketOptions.SO_KEEPALIVE);
--- a/src/java.base/share/classes/sun/nio/ch/DatagramChannelImpl.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/nio/ch/DatagramChannelImpl.java	Thu Apr 23 16:10:19 2015 -0700
@@ -294,7 +294,7 @@
         static final Set<SocketOption<?>> defaultOptions = defaultOptions();
 
         private static Set<SocketOption<?>> defaultOptions() {
-            HashSet<SocketOption<?>> set = new HashSet<SocketOption<?>>(8);
+            HashSet<SocketOption<?>> set = new HashSet<>(8);
             set.add(StandardSocketOptions.SO_SNDBUF);
             set.add(StandardSocketOptions.SO_RCVBUF);
             set.add(StandardSocketOptions.SO_REUSEADDR);
--- a/src/java.base/share/classes/sun/nio/ch/MembershipKeyImpl.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/nio/ch/MembershipKeyImpl.java	Thu Apr 23 16:10:19 2015 -0700
@@ -184,7 +184,7 @@
 
             // created blocked set if required and add source address
             if (blockedSet == null)
-                blockedSet = new HashSet<InetAddress>();
+                blockedSet = new HashSet<>();
             blockedSet.add(toBlock);
         }
         return this;
--- a/src/java.base/share/classes/sun/nio/ch/MembershipRegistry.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/nio/ch/MembershipRegistry.java	Thu Apr 23 16:10:19 2015 -0700
@@ -84,13 +84,13 @@
         InetAddress group = key.group();
         List<MembershipKeyImpl> keys;
         if (groups == null) {
-            groups = new HashMap<InetAddress,List<MembershipKeyImpl>>();
+            groups = new HashMap<>();
             keys = null;
         } else {
             keys = groups.get(group);
         }
         if (keys == null) {
-            keys = new LinkedList<MembershipKeyImpl>();
+            keys = new LinkedList<>();
             groups.put(group, keys);
         }
         keys.add(key);
--- a/src/java.base/share/classes/sun/nio/ch/SelectorImpl.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/nio/ch/SelectorImpl.java	Thu Apr 23 16:10:19 2015 -0700
@@ -52,8 +52,8 @@
 
     protected SelectorImpl(SelectorProvider sp) {
         super(sp);
-        keys = new HashSet<SelectionKey>();
-        selectedKeys = new HashSet<SelectionKey>();
+        keys = new HashSet<>();
+        selectedKeys = new HashSet<>();
         if (Util.atBugLevel("1.4")) {
             publicKeys = keys;
             publicSelectedKeys = selectedKeys;
--- a/src/java.base/share/classes/sun/nio/ch/ServerSocketChannelImpl.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/nio/ch/ServerSocketChannelImpl.java	Thu Apr 23 16:10:19 2015 -0700
@@ -182,7 +182,7 @@
         static final Set<SocketOption<?>> defaultOptions = defaultOptions();
 
         private static Set<SocketOption<?>> defaultOptions() {
-            HashSet<SocketOption<?>> set = new HashSet<SocketOption<?>>(2);
+            HashSet<SocketOption<?>> set = new HashSet<>(2);
             set.add(StandardSocketOptions.SO_RCVBUF);
             set.add(StandardSocketOptions.SO_REUSEADDR);
             set.add(StandardSocketOptions.IP_TOS);
--- a/src/java.base/share/classes/sun/nio/ch/SocketChannelImpl.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/nio/ch/SocketChannelImpl.java	Thu Apr 23 16:10:19 2015 -0700
@@ -229,7 +229,7 @@
         static final Set<SocketOption<?>> defaultOptions = defaultOptions();
 
         private static Set<SocketOption<?>> defaultOptions() {
-            HashSet<SocketOption<?>> set = new HashSet<SocketOption<?>>(8);
+            HashSet<SocketOption<?>> set = new HashSet<>(8);
             set.add(StandardSocketOptions.SO_SNDBUF);
             set.add(StandardSocketOptions.SO_RCVBUF);
             set.add(StandardSocketOptions.SO_KEEPALIVE);
--- a/src/java.base/share/classes/sun/nio/cs/CharsetMapping.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/nio/cs/CharsetMapping.java	Thu Apr 23 16:10:19 2015 -0700
@@ -135,7 +135,7 @@
 
     // init the CharsetMapping object from the .dat binary file
     public static CharsetMapping get(final InputStream is) {
-        return AccessController.doPrivileged(new PrivilegedAction<CharsetMapping>() {
+        return AccessController.doPrivileged(new PrivilegedAction<>() {
             public CharsetMapping run() {
                 return new CharsetMapping().load(is);
             }
--- a/src/java.base/share/classes/sun/nio/fs/AbstractPoller.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/nio/fs/AbstractPoller.java	Thu Apr 23 16:10:19 2015 -0700
@@ -48,7 +48,7 @@
     private boolean shutdown;
 
     protected AbstractPoller() {
-        this.requestList = new LinkedList<Request>();
+        this.requestList = new LinkedList<>();
         this.shutdown = false;
     }
 
@@ -57,7 +57,7 @@
      */
     public void start() {
         final Runnable thisRunnable = this;
-        AccessController.doPrivileged(new PrivilegedAction<Object>() {
+        AccessController.doPrivileged(new PrivilegedAction<>() {
             @Override
             public Object run() {
                 Thread thr = new ManagedLocalsThread(thisRunnable);
--- a/src/java.base/share/classes/sun/nio/fs/AbstractWatchKey.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/nio/fs/AbstractWatchKey.java	Thu Apr 23 16:10:19 2015 -0700
@@ -70,8 +70,8 @@
         this.watcher = watcher;
         this.dir = dir;
         this.state = State.READY;
-        this.events = new ArrayList<WatchEvent<?>>();
-        this.lastModifyEvents = new HashMap<Object,WatchEvent<?>>();
+        this.events = new ArrayList<>();
+        this.lastModifyEvents = new HashMap<>();
     }
 
     final AbstractWatchService watcher() {
@@ -146,7 +146,7 @@
 
             // non-repeated event
             Event<Object> ev =
-                new Event<Object>((WatchEvent.Kind<Object>)kind, context);
+                new Event<>((WatchEvent.Kind<Object>)kind, context);
             if (isModify) {
                 lastModifyEvents.put(context, ev);
             } else if (kind == StandardWatchEventKinds.OVERFLOW) {
@@ -163,7 +163,7 @@
     public final List<WatchEvent<?>> pollEvents() {
         synchronized (this) {
             List<WatchEvent<?>> result = events;
-            events = new ArrayList<WatchEvent<?>>();
+            events = new ArrayList<>();
             lastModifyEvents.clear();
             return result;
         }
--- a/src/java.base/share/classes/sun/reflect/ReflectionFactory.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/reflect/ReflectionFactory.java	Thu Apr 23 16:10:19 2015 -0700
@@ -375,7 +375,7 @@
     private static void checkInitted() {
         if (initted) return;
         AccessController.doPrivileged(
-            new PrivilegedAction<Void>() {
+            new PrivilegedAction<>() {
                 public Void run() {
                     // Tests to ensure the system properties table is fully
                     // initialized. This is needed because reflection code is
--- a/src/java.base/share/classes/sun/reflect/annotation/AnnotationType.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/reflect/annotation/AnnotationType.java	Thu Apr 23 16:10:19 2015 -0700
@@ -106,16 +106,16 @@
             throw new IllegalArgumentException("Not an annotation type");
 
         Method[] methods =
-            AccessController.doPrivileged(new PrivilegedAction<Method[]>() {
+            AccessController.doPrivileged(new PrivilegedAction<>() {
                 public Method[] run() {
                     // Initialize memberTypes and defaultValues
                     return annotationClass.getDeclaredMethods();
                 }
             });
 
-        memberTypes = new HashMap<String,Class<?>>(methods.length+1, 1.0f);
-        memberDefaults = new HashMap<String, Object>(0);
-        members = new HashMap<String, Method>(methods.length+1, 1.0f);
+        memberTypes = new HashMap<>(methods.length+1, 1.0f);
+        memberDefaults = new HashMap<>(0);
+        members = new HashMap<>(methods.length+1, 1.0f);
 
         for (Method method : methods) {
             if (method.getParameterTypes().length != 0)
--- a/src/java.base/share/classes/sun/security/provider/certpath/Builder.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/security/provider/certpath/Builder.java	Thu Apr 23 16:10:19 2015 -0700
@@ -102,8 +102,8 @@
 
     /**
      * Verifies whether the input certificate completes the path.
-     * When building forward, a trust anchor will complete the path.
-     * When building reverse, the target certificate will complete the path.
+     * When building in the forward direction, a trust anchor will
+     * complete the path.
      *
      * @param cert the certificate to test
      * @return a boolean value indicating whether the cert completes the path.
--- a/src/java.base/share/classes/sun/security/provider/certpath/PKIX.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/security/provider/certpath/PKIX.java	Thu Apr 23 16:10:19 2015 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -25,7 +25,6 @@
 package sun.security.provider.certpath;
 
 import java.security.InvalidAlgorithmParameterException;
-import java.security.KeyStore;
 import java.security.PublicKey;
 import java.security.cert.*;
 import java.security.interfaces.DSAPublicKey;
@@ -194,7 +193,6 @@
 
     static class BuilderParams extends ValidatorParams {
         private PKIXBuilderParameters params;
-        private boolean buildForward = true;
         private List<CertStore> stores;
         private X500Principal targetSubject;
 
@@ -213,10 +211,6 @@
                     + "targetCertConstraints parameter must be an "
                     + "X509CertSelector");
             }
-            if (params instanceof SunCertPathBuilderParameters) {
-                buildForward =
-                    ((SunCertPathBuilderParameters)params).getBuildForward();
-            }
             this.params = params;
             this.targetSubject = getTargetSubject(
                 certStores(), (X509CertSelector)targetCertConstraints());
@@ -230,7 +224,6 @@
             return stores;
         }
         int maxPathLength() { return params.getMaxPathLength(); }
-        boolean buildForward() { return buildForward; }
         PKIXBuilderParameters params() { return params; }
         X500Principal targetSubject() { return targetSubject; }
 
--- a/src/java.base/share/classes/sun/security/provider/certpath/ReverseBuilder.java	Thu Apr 23 10:43:35 2015 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,551 +0,0 @@
-/*
- * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-package sun.security.provider.certpath;
-
-import java.io.IOException;
-import java.security.GeneralSecurityException;
-import java.security.Principal;
-import java.security.cert.CertificateException;
-import java.security.cert.CertPathValidatorException;
-import java.security.cert.CertStore;
-import java.security.cert.CertStoreException;
-import java.security.cert.PKIXBuilderParameters;
-import java.security.cert.PKIXCertPathChecker;
-import java.security.cert.PKIXParameters;
-import java.security.cert.PKIXReason;
-import java.security.cert.TrustAnchor;
-import java.security.cert.X509Certificate;
-import java.security.cert.X509CertSelector;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.Comparator;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.List;
-import java.util.LinkedList;
-import java.util.Set;
-
-import javax.security.auth.x500.X500Principal;
-
-import sun.security.provider.certpath.PKIX.BuilderParams;
-import sun.security.util.Debug;
-import sun.security.x509.Extension;
-import static sun.security.x509.PKIXExtensions.*;
-import sun.security.x509.X500Name;
-import sun.security.x509.X509CertImpl;
-import sun.security.x509.PolicyMappingsExtension;
-
-/**
- * This class represents a reverse builder, which is able to retrieve
- * matching certificates from CertStores and verify a particular certificate
- * against a ReverseState.
- *
- * @since       1.4
- * @author      Sean Mullan
- * @author      Yassir Elley
- */
-
-class ReverseBuilder extends Builder {
-
-    private Debug debug = Debug.getInstance("certpath");
-
-    private final Set<String> initPolicies;
-
-    /**
-     * Initialize the builder with the input parameters.
-     *
-     * @param params the parameter set used to build a certification path
-     */
-    ReverseBuilder(BuilderParams buildParams) {
-        super(buildParams);
-
-        Set<String> initialPolicies = buildParams.initialPolicies();
-        initPolicies = new HashSet<String>();
-        if (initialPolicies.isEmpty()) {
-            // if no initialPolicies are specified by user, set
-            // initPolicies to be anyPolicy by default
-            initPolicies.add(PolicyChecker.ANY_POLICY);
-        } else {
-            initPolicies.addAll(initialPolicies);
-        }
-    }
-
-    /**
-     * Retrieves all certs from the specified CertStores that satisfy the
-     * requirements specified in the parameters and the current
-     * PKIX state (name constraints, policy constraints, etc).
-     *
-     * @param currentState the current state.
-     *        Must be an instance of <code>ReverseState</code>
-     * @param certStores list of CertStores
-     */
-    @Override
-    Collection<X509Certificate> getMatchingCerts
-        (State currState, List<CertStore> certStores)
-        throws CertStoreException, CertificateException, IOException
-    {
-        ReverseState currentState = (ReverseState) currState;
-
-        if (debug != null)
-            debug.println("In ReverseBuilder.getMatchingCerts.");
-
-        /*
-         * The last certificate could be an EE or a CA certificate
-         * (we may be building a partial certification path or
-         * establishing trust in a CA).
-         *
-         * Try the EE certs before the CA certs. It will be more
-         * common to build a path to an end entity.
-         */
-        Collection<X509Certificate> certs =
-            getMatchingEECerts(currentState, certStores);
-        certs.addAll(getMatchingCACerts(currentState, certStores));
-
-        return certs;
-    }
-
-    /*
-     * Retrieves all end-entity certificates which satisfy constraints
-     * and requirements specified in the parameters and PKIX state.
-     */
-    private Collection<X509Certificate> getMatchingEECerts
-        (ReverseState currentState, List<CertStore> certStores)
-        throws CertStoreException, CertificateException, IOException {
-
-        /*
-         * Compose a CertSelector to filter out
-         * certs which do not satisfy requirements.
-         *
-         * First, retrieve clone of current target cert constraints, and
-         * then add more selection criteria based on current validation state.
-         */
-        X509CertSelector sel = (X509CertSelector) targetCertConstraints.clone();
-
-        /*
-         * Match on issuer (subject of previous cert)
-         */
-        sel.setIssuer(currentState.subjectDN);
-
-        /*
-         * Match on certificate validity date.
-         */
-        sel.setCertificateValid(buildParams.date());
-
-        /*
-         * Policy processing optimizations
-         */
-        if (currentState.explicitPolicy == 0)
-            sel.setPolicy(getMatchingPolicies());
-
-        /*
-         * If previous cert has a subject key identifier extension,
-         * use it to match on authority key identifier extension.
-         */
-        /*if (currentState.subjKeyId != null) {
-          AuthorityKeyIdentifierExtension authKeyId = new AuthorityKeyIdentifierExtension(
-                (KeyIdentifier) currentState.subjKeyId.get(SubjectKeyIdentifierExtension.KEY_ID),
-                null, null);
-        sel.setAuthorityKeyIdentifier(authKeyId.getExtensionValue());
-        }*/
-
-        /*
-         * Require EE certs
-         */
-        sel.setBasicConstraints(-2);
-
-        /* Retrieve matching certs from CertStores */
-        HashSet<X509Certificate> eeCerts = new HashSet<>();
-        addMatchingCerts(sel, certStores, eeCerts, true);
-
-        if (debug != null) {
-            debug.println("ReverseBuilder.getMatchingEECerts got "
-                          + eeCerts.size() + " certs.");
-        }
-        return eeCerts;
-    }
-
-    /*
-     * Retrieves all CA certificates which satisfy constraints
-     * and requirements specified in the parameters and PKIX state.
-     */
-    private Collection<X509Certificate> getMatchingCACerts
-        (ReverseState currentState, List<CertStore> certStores)
-        throws CertificateException, CertStoreException, IOException {
-
-        /*
-         * Compose a CertSelector to filter out
-         * certs which do not satisfy requirements.
-         */
-        X509CertSelector sel = new X509CertSelector();
-
-        /*
-         * Match on issuer (subject of previous cert)
-         */
-        sel.setIssuer(currentState.subjectDN);
-
-        /*
-         * Match on certificate validity date.
-         */
-        sel.setCertificateValid(buildParams.date());
-
-        /*
-         * Match on target subject name (checks that current cert's
-         * name constraints permit it to certify target).
-         * (4 is the integer type for DIRECTORY name).
-         */
-        byte[] subject = targetCertConstraints.getSubjectAsBytes();
-        if (subject != null) {
-            sel.addPathToName(4, subject);
-        } else {
-            X509Certificate cert = targetCertConstraints.getCertificate();
-            if (cert != null) {
-                sel.addPathToName(4,
-                                  cert.getSubjectX500Principal().getEncoded());
-            }
-        }
-
-        /*
-         * Policy processing optimizations
-         */
-        if (currentState.explicitPolicy == 0)
-            sel.setPolicy(getMatchingPolicies());
-
-        /*
-         * If previous cert has a subject key identifier extension,
-         * use it to match on authority key identifier extension.
-         */
-        /*if (currentState.subjKeyId != null) {
-          AuthorityKeyIdentifierExtension authKeyId = new AuthorityKeyIdentifierExtension(
-                (KeyIdentifier) currentState.subjKeyId.get(SubjectKeyIdentifierExtension.KEY_ID),
-                                null, null);
-          sel.setAuthorityKeyIdentifier(authKeyId.getExtensionValue());
-        }*/
-
-        /*
-         * Require CA certs
-         */
-        sel.setBasicConstraints(0);
-
-        /* Retrieve matching certs from CertStores */
-        ArrayList<X509Certificate> reverseCerts = new ArrayList<>();
-        addMatchingCerts(sel, certStores, reverseCerts, true);
-
-        /* Sort remaining certs using name constraints */
-        Collections.sort(reverseCerts, new PKIXCertComparator());
-
-        if (debug != null)
-            debug.println("ReverseBuilder.getMatchingCACerts got " +
-                          reverseCerts.size() + " certs.");
-        return reverseCerts;
-    }
-
-    /*
-     * This inner class compares 2 PKIX certificates according to which
-     * should be tried first when building a path to the target. For
-     * now, the algorithm is to look at name constraints in each cert and those
-     * which constrain the path closer to the target should be
-     * ranked higher. Later, we may want to consider other components,
-     * such as key identifiers.
-     */
-    class PKIXCertComparator implements Comparator<X509Certificate> {
-
-        private Debug debug = Debug.getInstance("certpath");
-
-        @Override
-        public int compare(X509Certificate cert1, X509Certificate cert2) {
-
-            /*
-             * if either cert certifies the target, always
-             * put at head of list.
-             */
-            X500Principal targetSubject = buildParams.targetSubject();
-            if (cert1.getSubjectX500Principal().equals(targetSubject)) {
-                return -1;
-            }
-            if (cert2.getSubjectX500Principal().equals(targetSubject)) {
-                return 1;
-            }
-
-            int targetDist1;
-            int targetDist2;
-            try {
-                X500Name targetSubjectName = X500Name.asX500Name(targetSubject);
-                targetDist1 = Builder.targetDistance(
-                    null, cert1, targetSubjectName);
-                targetDist2 = Builder.targetDistance(
-                    null, cert2, targetSubjectName);
-            } catch (IOException e) {
-                if (debug != null) {
-                    debug.println("IOException in call to Builder.targetDistance");
-                    e.printStackTrace();
-                }
-                throw new ClassCastException
-                    ("Invalid target subject distinguished name");
-            }
-
-            if (targetDist1 == targetDist2)
-                return 0;
-
-            if (targetDist1 == -1)
-                return 1;
-
-            if (targetDist1 < targetDist2)
-                return -1;
-
-            return 1;
-        }
-    }
-
-    /**
-     * Verifies a matching certificate.
-     *
-     * This method executes any of the validation steps in the PKIX path validation
-     * algorithm which were not satisfied via filtering out non-compliant
-     * certificates with certificate matching rules.
-     *
-     * If the last certificate is being verified (the one whose subject
-     * matches the target subject, then the steps in Section 6.1.4 of the
-     * Certification Path Validation algorithm are NOT executed,
-     * regardless of whether or not the last cert is an end-entity
-     * cert or not. This allows callers to certify CA certs as
-     * well as EE certs.
-     *
-     * @param cert the certificate to be verified
-     * @param currentState the current state against which the cert is verified
-     * @param certPathList the certPathList generated thus far
-     */
-    @Override
-    void verifyCert(X509Certificate cert, State currState,
-        List<X509Certificate> certPathList)
-        throws GeneralSecurityException
-    {
-        if (debug != null) {
-            debug.println("ReverseBuilder.verifyCert(SN: "
-                + Debug.toHexString(cert.getSerialNumber())
-                + "\n  Subject: " + cert.getSubjectX500Principal() + ")");
-        }
-
-        ReverseState currentState = (ReverseState) currState;
-
-        /* we don't perform any validation of the trusted cert */
-        if (currentState.isInitial()) {
-            return;
-        }
-
-        // Don't bother to verify untrusted certificate more.
-        currentState.untrustedChecker.check(cert,
-                                    Collections.<String>emptySet());
-
-        /*
-         * check for looping - abort a loop if
-         * ((we encounter the same certificate twice) AND
-         * ((policyMappingInhibited = true) OR (no policy mapping
-         * extensions can be found between the occurrences of the same
-         * certificate)))
-         * in order to facilitate the check to see if there are
-         * any policy mapping extensions found between the occurrences
-         * of the same certificate, we reverse the certpathlist first
-         */
-        if ((certPathList != null) && (!certPathList.isEmpty())) {
-            List<X509Certificate> reverseCertList = new ArrayList<>();
-            for (X509Certificate c : certPathList) {
-                reverseCertList.add(0, c);
-            }
-
-            boolean policyMappingFound = false;
-            for (X509Certificate cpListCert : reverseCertList) {
-                X509CertImpl cpListCertImpl = X509CertImpl.toImpl(cpListCert);
-                PolicyMappingsExtension policyMappingsExt =
-                        cpListCertImpl.getPolicyMappingsExtension();
-                if (policyMappingsExt != null) {
-                    policyMappingFound = true;
-                }
-                if (debug != null)
-                    debug.println("policyMappingFound = " + policyMappingFound);
-                if (cert.equals(cpListCert)) {
-                    if ((buildParams.policyMappingInhibited()) ||
-                        (!policyMappingFound)){
-                        if (debug != null)
-                            debug.println("loop detected!!");
-                        throw new CertPathValidatorException("loop detected");
-                    }
-                }
-            }
-        }
-
-        /* check if target cert */
-        boolean finalCert = cert.getSubjectX500Principal().equals(buildParams.targetSubject());
-
-        /* check if CA cert */
-        boolean caCert = (cert.getBasicConstraints() != -1 ? true : false);
-
-        /* if there are more certs to follow, verify certain constraints */
-        if (!finalCert) {
-
-            /* check if CA cert */
-            if (!caCert)
-                throw new CertPathValidatorException("cert is NOT a CA cert");
-
-            /* If the certificate was not self-issued, verify that
-             * remainingCerts is greater than zero
-             */
-            if ((currentState.remainingCACerts <= 0) && !X509CertImpl.isSelfIssued(cert)) {
-                    throw new CertPathValidatorException
-                        ("pathLenConstraint violated, path too long", null,
-                         null, -1, PKIXReason.PATH_TOO_LONG);
-            }
-
-            /*
-             * Check keyUsage extension (only if CA cert and not final cert)
-             */
-            KeyChecker.verifyCAKeyUsage(cert);
-
-        } else {
-
-            /*
-             * If final cert, check that it satisfies specified target
-             * constraints
-             */
-            if (targetCertConstraints.match(cert) == false) {
-                throw new CertPathValidatorException("target certificate " +
-                    "constraints check failed");
-            }
-        }
-
-        /*
-         * Check revocation.
-         */
-        if (buildParams.revocationEnabled() && currentState.revChecker != null) {
-            currentState.revChecker.check(cert, Collections.<String>emptySet());
-        }
-
-        /* Check name constraints if this is not a self-issued cert */
-        if (finalCert || !X509CertImpl.isSelfIssued(cert)){
-            if (currentState.nc != null) {
-                try {
-                    if (!currentState.nc.verify(cert)){
-                        throw new CertPathValidatorException
-                            ("name constraints check failed", null, null, -1,
-                             PKIXReason.INVALID_NAME);
-                    }
-                } catch (IOException ioe) {
-                    throw new CertPathValidatorException(ioe);
-                }
-            }
-        }
-
-        /*
-         * Check policy
-         */
-        X509CertImpl certImpl = X509CertImpl.toImpl(cert);
-        currentState.rootNode = PolicyChecker.processPolicies
-            (currentState.certIndex, initPolicies,
-            currentState.explicitPolicy, currentState.policyMapping,
-            currentState.inhibitAnyPolicy,
-            buildParams.policyQualifiersRejected(), currentState.rootNode,
-            certImpl, finalCert);
-
-        /*
-         * Check CRITICAL private extensions
-         */
-        Set<String> unresolvedCritExts = cert.getCriticalExtensionOIDs();
-        if (unresolvedCritExts == null) {
-            unresolvedCritExts = Collections.<String>emptySet();
-        }
-
-        /*
-         * Check that the signature algorithm is not disabled.
-         */
-        currentState.algorithmChecker.check(cert, unresolvedCritExts);
-
-        for (PKIXCertPathChecker checker : currentState.userCheckers) {
-            checker.check(cert, unresolvedCritExts);
-        }
-
-        /*
-         * Look at the remaining extensions and remove any ones we have
-         * already checked. If there are any left, throw an exception!
-         */
-        if (!unresolvedCritExts.isEmpty()) {
-            unresolvedCritExts.remove(BasicConstraints_Id.toString());
-            unresolvedCritExts.remove(NameConstraints_Id.toString());
-            unresolvedCritExts.remove(CertificatePolicies_Id.toString());
-            unresolvedCritExts.remove(PolicyMappings_Id.toString());
-            unresolvedCritExts.remove(PolicyConstraints_Id.toString());
-            unresolvedCritExts.remove(InhibitAnyPolicy_Id.toString());
-            unresolvedCritExts.remove(SubjectAlternativeName_Id.toString());
-            unresolvedCritExts.remove(KeyUsage_Id.toString());
-            unresolvedCritExts.remove(ExtendedKeyUsage_Id.toString());
-
-            if (!unresolvedCritExts.isEmpty())
-                throw new CertPathValidatorException
-                    ("Unrecognized critical extension(s)", null, null, -1,
-                     PKIXReason.UNRECOGNIZED_CRIT_EXT);
-        }
-
-        /*
-         * Check signature.
-         */
-        if (buildParams.sigProvider() != null) {
-            cert.verify(currentState.pubKey, buildParams.sigProvider());
-        } else {
-            cert.verify(currentState.pubKey);
-        }
-    }
-
-    /**
-     * Verifies whether the input certificate completes the path.
-     * This checks whether the cert is the target certificate.
-     *
-     * @param cert the certificate to test
-     * @return a boolean value indicating whether the cert completes the path.
-     */
-    @Override
-    boolean isPathCompleted(X509Certificate cert) {
-        return cert.getSubjectX500Principal().equals(buildParams.targetSubject());
-    }
-
-    /** Adds the certificate to the certPathList
-     *
-     * @param cert the certificate to be added
-     * @param certPathList the certification path list
-     */
-    @Override
-    void addCertToPath(X509Certificate cert,
-        LinkedList<X509Certificate> certPathList) {
-        certPathList.addLast(cert);
-    }
-
-    /** Removes final certificate from the certPathList
-     *
-     * @param certPathList the certification path list
-     */
-    @Override
-    void removeFinalCertFromPath(LinkedList<X509Certificate> certPathList) {
-        certPathList.removeLast();
-    }
-}
--- a/src/java.base/share/classes/sun/security/provider/certpath/ReverseState.java	Thu Apr 23 10:43:35 2015 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,406 +0,0 @@
-/*
- * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-package sun.security.provider.certpath;
-
-import java.io.IOException;
-import java.security.PublicKey;
-import java.security.cert.CertificateException;
-import java.security.cert.CertPathValidatorException;
-import java.security.cert.PKIXCertPathChecker;
-import java.security.cert.PKIXRevocationChecker;
-import java.security.cert.TrustAnchor;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.HashSet;
-import java.util.List;
-import java.util.ListIterator;
-import java.util.Set;
-import javax.security.auth.x500.X500Principal;
-
-import sun.security.provider.certpath.PKIX.BuilderParams;
-import sun.security.util.Debug;
-import sun.security.x509.NameConstraintsExtension;
-import sun.security.x509.SubjectKeyIdentifierExtension;
-import sun.security.x509.X509CertImpl;
-
-/**
- * A specification of a reverse PKIX validation state
- * which is initialized by each build and updated each time a
- * certificate is added to the current path.
- * @since       1.4
- * @author      Sean Mullan
- * @author      Yassir Elley
- */
-
-class ReverseState implements State {
-
-    private static final Debug debug = Debug.getInstance("certpath");
-
-    /* The subject DN of the last cert in the path */
-    X500Principal subjectDN;
-
-    /* The subject public key of the last cert */
-    PublicKey pubKey;
-
-    /* The subject key identifier extension (if any) of the last cert */
-    SubjectKeyIdentifierExtension subjKeyId;
-
-    /* The PKIX constrained/excluded subtrees state variable */
-    NameConstraintsExtension nc;
-
-    /* The PKIX explicit policy, policy mapping, and inhibit_any-policy
-       state variables */
-    int explicitPolicy;
-    int policyMapping;
-    int inhibitAnyPolicy;
-    int certIndex;
-    PolicyNodeImpl rootNode;
-
-    /* The number of remaining CA certs which may follow in the path.
-     * -1: previous cert was an EE cert
-     * 0: only EE certs may follow.
-     * >0 and <Integer.MAX_VALUE:no more than this number of CA certs may follow
-     * Integer.MAX_VALUE: unlimited
-     */
-    int remainingCACerts;
-
-    /* The list of user-defined checkers retrieved from the PKIXParameters
-     * instance */
-    ArrayList<PKIXCertPathChecker> userCheckers;
-
-    /* Flag indicating if state is initial (path is just starting) */
-    private boolean init = true;
-
-    /* the checker used for revocation status */
-    RevocationChecker revChecker;
-
-    /* the algorithm checker */
-    AlgorithmChecker algorithmChecker;
-
-    /* the untrusted certificates checker */
-    UntrustedChecker untrustedChecker;
-
-    /* the trust anchor used to validate the path */
-    TrustAnchor trustAnchor;
-
-    /* Flag indicating if current cert can vouch for the CRL for
-     * the next cert
-     */
-    boolean crlSign = true;
-
-    /**
-     * Returns a boolean flag indicating if the state is initial
-     * (just starting)
-     *
-     * @return boolean flag indicating if the state is initial (just starting)
-     */
-    @Override
-    public boolean isInitial() {
-        return init;
-    }
-
-    /**
-     * Display state for debugging purposes
-     */
-    @Override
-    public String toString() {
-        StringBuilder sb = new StringBuilder();
-        sb.append("State [");
-        sb.append("\n  subjectDN of last cert: ").append(subjectDN);
-        sb.append("\n  subjectKeyIdentifier: ").append
-                 (String.valueOf(subjKeyId));
-        sb.append("\n  nameConstraints: ").append(String.valueOf(nc));
-        sb.append("\n  certIndex: ").append(certIndex);
-        sb.append("\n  explicitPolicy: ").append(explicitPolicy);
-        sb.append("\n  policyMapping:  ").append(policyMapping);
-        sb.append("\n  inhibitAnyPolicy:  ").append(inhibitAnyPolicy);
-        sb.append("\n  rootNode: ").append(rootNode);
-        sb.append("\n  remainingCACerts: ").append(remainingCACerts);
-        sb.append("\n  crlSign: ").append(crlSign);
-        sb.append("\n  init: ").append(init);
-        sb.append("\n]\n");
-        return sb.toString();
-    }
-
-    /**
-     * Initialize the state.
-     *
-     * @param buildParams builder parameters
-     */
-    public void initState(BuilderParams buildParams)
-        throws CertPathValidatorException
-    {
-        /*
-         * Initialize number of remainingCACerts.
-         * Note that -1 maxPathLen implies unlimited.
-         * 0 implies only an EE cert is acceptable.
-         */
-        int maxPathLen = buildParams.maxPathLength();
-        remainingCACerts = (maxPathLen == -1) ? Integer.MAX_VALUE
-                                              : maxPathLen;
-
-        /* Initialize explicit policy state variable */
-        if (buildParams.explicitPolicyRequired()) {
-            explicitPolicy = 0;
-        } else {
-            // unconstrained if maxPathLen is -1,
-            // otherwise, we want to initialize this to the value of the
-            // longest possible path + 1 (i.e. maxpathlen + finalcert + 1)
-            explicitPolicy = (maxPathLen == -1) ? maxPathLen : maxPathLen + 2;
-        }
-
-        /* Initialize policy mapping state variable */
-        if (buildParams.policyMappingInhibited()) {
-            policyMapping = 0;
-        } else {
-            policyMapping = (maxPathLen == -1) ? maxPathLen : maxPathLen + 2;
-        }
-
-        /* Initialize inhibit any policy state variable */
-        if (buildParams.anyPolicyInhibited()) {
-            inhibitAnyPolicy = 0;
-        } else {
-            inhibitAnyPolicy = (maxPathLen == -1) ? maxPathLen : maxPathLen + 2;
-        }
-
-        /* Initialize certIndex */
-        certIndex = 1;
-
-        /* Initialize policy tree */
-        Set<String> initExpPolSet = new HashSet<>(1);
-        initExpPolSet.add(PolicyChecker.ANY_POLICY);
-
-        rootNode = new PolicyNodeImpl(null, PolicyChecker.ANY_POLICY, null,
-                                      false, initExpPolSet, false);
-
-        /*
-         * Initialize each user-defined checker
-         * Shallow copy the checkers
-         */
-        userCheckers = new ArrayList<>(buildParams.certPathCheckers());
-        /* initialize each checker (just in case) */
-        for (PKIXCertPathChecker checker : userCheckers) {
-            checker.init(false);
-        }
-
-        /* Start by trusting the cert to sign CRLs */
-        crlSign = true;
-
-        init = true;
-    }
-
-    /**
-     * Update the state with the specified trust anchor.
-     *
-     * @param anchor the most-trusted CA
-     * @param buildParams builder parameters
-     */
-    public void updateState(TrustAnchor anchor, BuilderParams buildParams)
-        throws CertificateException, IOException, CertPathValidatorException
-    {
-        trustAnchor = anchor;
-        X509Certificate trustedCert = anchor.getTrustedCert();
-        if (trustedCert != null) {
-            updateState(trustedCert);
-        } else {
-            X500Principal caName = anchor.getCA();
-            updateState(anchor.getCAPublicKey(), caName);
-        }
-
-        // The user specified AlgorithmChecker and RevocationChecker may not be
-        // able to set the trust anchor until now.
-        boolean revCheckerAdded = false;
-        for (PKIXCertPathChecker checker : userCheckers) {
-            if (checker instanceof AlgorithmChecker) {
-                ((AlgorithmChecker)checker).trySetTrustAnchor(anchor);
-            } else if (checker instanceof PKIXRevocationChecker) {
-                if (revCheckerAdded) {
-                    throw new CertPathValidatorException(
-                        "Only one PKIXRevocationChecker can be specified");
-                }
-                // if it's our own, initialize it
-                if (checker instanceof RevocationChecker) {
-                    ((RevocationChecker)checker).init(anchor, buildParams);
-                }
-                ((PKIXRevocationChecker)checker).init(false);
-                revCheckerAdded = true;
-            }
-        }
-
-        // only create a RevocationChecker if revocation is enabled and
-        // a PKIXRevocationChecker has not already been added
-        if (buildParams.revocationEnabled() && !revCheckerAdded) {
-            revChecker = new RevocationChecker(anchor, buildParams);
-            revChecker.init(false);
-        }
-
-        init = false;
-    }
-
-    /**
-     * Update the state. This method is used when the most-trusted CA is
-     * a trusted public-key and caName, instead of a trusted cert.
-     *
-     * @param pubKey the public key of the trusted CA
-     * @param subjectDN the subject distinguished name of the trusted CA
-     */
-    private void updateState(PublicKey pubKey, X500Principal subjectDN) {
-
-        /* update subject DN */
-        this.subjectDN = subjectDN;
-
-        /* update subject public key */
-        this.pubKey = pubKey;
-    }
-
-    /**
-     * Update the state with the next certificate added to the path.
-     *
-     * @param cert the certificate which is used to update the state
-     */
-    public void updateState(X509Certificate cert)
-        throws CertificateException, IOException, CertPathValidatorException {
-
-        if (cert == null) {
-            return;
-        }
-
-        /* update subject DN */
-        subjectDN = cert.getSubjectX500Principal();
-
-        /* check for key needing to inherit alg parameters */
-        X509CertImpl icert = X509CertImpl.toImpl(cert);
-        PublicKey newKey = cert.getPublicKey();
-        if (PKIX.isDSAPublicKeyWithoutParams(newKey)) {
-            newKey = BasicChecker.makeInheritedParamsKey(newKey, pubKey);
-        }
-
-        /* update subject public key */
-        pubKey = newKey;
-
-        /*
-         * if this is a trusted cert (init == true), then we
-         * don't update any of the remaining fields
-         */
-        if (init) {
-            init = false;
-            return;
-        }
-
-        /* update subject key identifier */
-        subjKeyId = icert.getSubjectKeyIdentifierExtension();
-
-        /* update crlSign */
-        crlSign = RevocationChecker.certCanSignCrl(cert);
-
-        /* update current name constraints */
-        if (nc != null) {
-            nc.merge(icert.getNameConstraintsExtension());
-        } else {
-            nc = icert.getNameConstraintsExtension();
-            if (nc != null) {
-                // Make sure we do a clone here, because we're probably
-                // going to modify this object later and we don't want to
-                // be sharing it with a Certificate object!
-                nc = (NameConstraintsExtension) nc.clone();
-            }
-        }
-
-        /* update policy state variables */
-        explicitPolicy =
-            PolicyChecker.mergeExplicitPolicy(explicitPolicy, icert, false);
-        policyMapping =
-            PolicyChecker.mergePolicyMapping(policyMapping, icert);
-        inhibitAnyPolicy =
-            PolicyChecker.mergeInhibitAnyPolicy(inhibitAnyPolicy, icert);
-        certIndex++;
-
-        /*
-         * Update remaining CA certs
-         */
-        remainingCACerts =
-            ConstraintsChecker.mergeBasicConstraints(cert, remainingCACerts);
-
-        init = false;
-    }
-
-    /**
-     * Returns a boolean flag indicating if a key lacking necessary key
-     * algorithm parameters has been encountered.
-     *
-     * @return boolean flag indicating if key lacking parameters encountered.
-     */
-    @Override
-    public boolean keyParamsNeeded() {
-        /* when building in reverse, we immediately get parameters needed
-         * or else throw an exception
-         */
-        return false;
-    }
-
-    /*
-     * Clone current state. The state is cloned as each cert is
-     * added to the path. This is necessary if backtracking occurs,
-     * and a prior state needs to be restored.
-     *
-     * Note that this is a SMART clone. Not all fields are fully copied,
-     * because some of them (e.g., subjKeyId) will
-     * not have their contents modified by subsequent calls to updateState.
-     */
-    @Override
-    @SuppressWarnings("unchecked") // Safe casts assuming clone() works correctly
-    public Object clone() {
-        try {
-            ReverseState clonedState = (ReverseState) super.clone();
-
-            /* clone checkers, if cloneable */
-            clonedState.userCheckers =
-                        (ArrayList<PKIXCertPathChecker>)userCheckers.clone();
-            ListIterator<PKIXCertPathChecker> li =
-                        clonedState.userCheckers.listIterator();
-            while (li.hasNext()) {
-                PKIXCertPathChecker checker = li.next();
-                if (checker instanceof Cloneable) {
-                    li.set((PKIXCertPathChecker)checker.clone());
-                }
-            }
-
-            /* make copy of name constraints */
-            if (nc != null) {
-                clonedState.nc = (NameConstraintsExtension) nc.clone();
-            }
-
-            /* make copy of policy tree */
-            if (rootNode != null) {
-                clonedState.rootNode = rootNode.copyTree();
-            }
-
-            return clonedState;
-        } catch (CloneNotSupportedException e) {
-            throw new InternalError(e.toString(), e);
-        }
-    }
-}
--- a/src/java.base/share/classes/sun/security/provider/certpath/SunCertPathBuilder.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/security/provider/certpath/SunCertPathBuilder.java	Thu Apr 23 16:10:19 2015 -0700
@@ -35,8 +35,6 @@
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Collections;
-import java.util.HashSet;
-import java.util.Iterator;
 import java.util.List;
 import java.util.LinkedList;
 import java.util.Set;
@@ -47,8 +45,7 @@
 import sun.security.util.Debug;
 
 /**
- * This class is able to build certification paths in either the forward
- * or reverse directions.
+ * This class builds certification paths in the forward direction.
  *
  * <p> If successful, it returns a certification path which has successfully
  * satisfied all the constraints and requirements specified in the
@@ -102,10 +99,8 @@
     /**
      * Attempts to build a certification path using the Sun build
      * algorithm from a trusted anchor(s) to a target subject, which must both
-     * be specified in the input parameter set. By default, this method will
-     * attempt to build in the forward direction. In order to build in the
-     * reverse direction, the caller needs to pass in an instance of
-     * SunCertPathBuilderParameters with the buildForward flag set to false.
+     * be specified in the input parameter set. This method will
+     * attempt to build in the forward direction: from the target to the CA.
      *
      * <p>The certification path that is constructed is validated
      * according to the PKIX specification.
@@ -162,11 +157,7 @@
         policyTreeResult = null;
         LinkedList<X509Certificate> certPathList = new LinkedList<>();
         try {
-            if (buildParams.buildForward()) {
-                buildForward(adjList, certPathList, searchAllCertStores);
-            } else {
-                buildReverse(adjList, certPathList);
-            }
+            buildForward(adjList, certPathList, searchAllCertStores);
         } catch (GeneralSecurityException | IOException e) {
             if (debug != null) {
                 debug.println("SunCertPathBuilder.engineBuild() exception in "
@@ -210,81 +201,6 @@
     }
 
     /*
-     * Private build reverse method.
-     */
-    private void buildReverse(List<List<Vertex>> adjacencyList,
-                              LinkedList<X509Certificate> certPathList)
-        throws GeneralSecurityException, IOException
-    {
-        if (debug != null) {
-            debug.println("SunCertPathBuilder.buildReverse()...");
-            debug.println("SunCertPathBuilder.buildReverse() InitialPolicies: "
-                + buildParams.initialPolicies());
-        }
-
-        ReverseState currentState = new ReverseState();
-        /* Initialize adjacency list */
-        adjacencyList.clear();
-        adjacencyList.add(new LinkedList<Vertex>());
-
-        /*
-         * Perform a search using each trust anchor, until a valid
-         * path is found
-         */
-        Iterator<TrustAnchor> iter = buildParams.trustAnchors().iterator();
-        while (iter.hasNext()) {
-            TrustAnchor anchor = iter.next();
-
-            /* check if anchor satisfies target constraints */
-            if (anchorIsTarget(anchor, buildParams.targetCertConstraints())) {
-                this.trustAnchor = anchor;
-                this.pathCompleted = true;
-                this.finalPublicKey = anchor.getTrustedCert().getPublicKey();
-                break;
-            }
-
-            // skip anchor if it contains a DSA key with no DSA params
-            X509Certificate trustedCert = anchor.getTrustedCert();
-            PublicKey pubKey = trustedCert != null ? trustedCert.getPublicKey()
-                                                   : anchor.getCAPublicKey();
-
-            if (PKIX.isDSAPublicKeyWithoutParams(pubKey)) {
-                continue;
-            }
-
-            /* Initialize current state */
-            currentState.initState(buildParams);
-            currentState.updateState(anchor, buildParams);
-
-            currentState.algorithmChecker = new AlgorithmChecker(anchor);
-            currentState.untrustedChecker = new UntrustedChecker();
-            try {
-                depthFirstSearchReverse(null, currentState,
-                                        new ReverseBuilder(buildParams),
-                                        adjacencyList, certPathList);
-            } catch (GeneralSecurityException | IOException e) {
-                // continue on error if more anchors to try
-                if (iter.hasNext())
-                    continue;
-                else
-                    throw e;
-            }
-
-            // break out of loop if search is successful
-            if (pathCompleted) {
-                break;
-            }
-        }
-
-        if (debug != null) {
-            debug.println("SunCertPathBuilder.buildReverse() returned from "
-                + "depthFirstSearchReverse()");
-            debug.println("SunCertPathBuilder.buildReverse() "
-                + "certPathList.size: " + certPathList.size());
-        }
-    }
-
-    /*
      * Private build forward method.
      */
     private void buildForward(List<List<Vertex>> adjacencyList,
@@ -632,147 +548,6 @@
     }
 
     /*
-     * This method performs a depth first search for a certification
-     * path while building reverse which meets the requirements set in
-     * the parameters object.
-     * It uses an adjacency list to store all certificates which were
-     * tried (i.e. at one time added to the path - they may not end up in
-     * the final path if backtracking occurs). This information can
-     * be used later to debug or demo the build.
-     *
-     * See "Data Structure and Algorithms, by Aho, Hopcroft, and Ullman"
-     * for an explanation of the DFS algorithm.
-     *
-     * @param dN the distinguished name being currently searched for certs
-     * @param currentState the current PKIX validation state
-     */
-    private void depthFirstSearchReverse(X500Principal dN,
-                                         ReverseState currentState,
-                                         ReverseBuilder builder,
-                                         List<List<Vertex>> adjList,
-                                         LinkedList<X509Certificate> cpList)
-        throws GeneralSecurityException, IOException
-    {
-        if (debug != null)
-            debug.println("SunCertPathBuilder.depthFirstSearchReverse(" + dN
-                + ", " + currentState.toString() + ")");
-
-        /*
-         * Find all the certificates issued by dN which
-         * satisfy the PKIX certification path constraints.
-         */
-        Collection<X509Certificate> certs =
-            builder.getMatchingCerts(currentState, buildParams.certStores());
-        List<Vertex> vertices = addVertices(certs, adjList);
-        if (debug != null)
-            debug.println("SunCertPathBuilder.depthFirstSearchReverse(): "
-                + "certs.size=" + vertices.size());
-
-        /*
-         * For each cert in the collection, verify anything
-         * that hasn't been checked yet (signature, revocation, etc)
-         * and check for loops. Call depthFirstSearchReverse()
-         * recursively for each good cert.
-         */
-        for (Vertex vertex : vertices) {
-            /**
-             * Restore state to currentState each time through the loop.
-             * This is important because some of the user-defined
-             * checkers modify the state, which MUST be restored if
-             * the cert eventually fails to lead to the target and
-             * the next matching cert is tried.
-             */
-            ReverseState nextState = (ReverseState) currentState.clone();
-            X509Certificate cert = vertex.getCertificate();
-            try {
-                builder.verifyCert(cert, nextState, cpList);
-            } catch (GeneralSecurityException gse) {
-                if (debug != null)
-                    debug.println("SunCertPathBuilder.depthFirstSearchReverse()"
-                        + ": validation failed: " + gse);
-                vertex.setThrowable(gse);
-                continue;
-            }
-
-            /*
-             * Certificate is good, add it to the path (if it isn't a
-             * self-signed cert) and update state
-             */
-            if (!currentState.isInitial())
-                builder.addCertToPath(cert, cpList);
-            // save trust anchor
-            this.trustAnchor = currentState.trustAnchor;
-
-            /*
-             * Check if path is completed, return ASAP if so.
-             */
-            if (builder.isPathCompleted(cert)) {
-                if (debug != null)
-                    debug.println("SunCertPathBuilder.depthFirstSearchReverse()"
-                        + ": path completed!");
-                pathCompleted = true;
-
-                PolicyNodeImpl rootNode = nextState.rootNode;
-
-                if (rootNode == null)
-                    policyTreeResult = null;
-                else {
-                    policyTreeResult = rootNode.copyTree();
-                    ((PolicyNodeImpl)policyTreeResult).setImmutable();
-                }
-
-                /*
-                 * Extract and save the final target public key
-                 */
-                finalPublicKey = cert.getPublicKey();
-                if (PKIX.isDSAPublicKeyWithoutParams(finalPublicKey)) {
-                    finalPublicKey =
-                        BasicChecker.makeInheritedParamsKey
-                            (finalPublicKey, currentState.pubKey);
-                }
-
-                return;
-            }
-
-            /* Update the PKIX state */
-            nextState.updateState(cert);
-
-            /*
-             * Append an entry for cert in adjacency list and
-             * set index for current vertex.
-             */
-            adjList.add(new LinkedList<Vertex>());
-            vertex.setIndex(adjList.size() - 1);
-
-            /* recursively search for matching certs at next dN */
-            depthFirstSearchReverse(cert.getSubjectX500Principal(), nextState,
-                                    builder, adjList, cpList);
-
-            /*
-             * If path has been completed, return ASAP!
-             */
-            if (pathCompleted) {
-                return;
-            } else {
-                /*
-                 * If we get here, it means we have searched all possible
-                 * certs issued by the dN w/o finding any matching certs. This
-                 * means we have to backtrack to the previous cert in the path
-                 * and try some other paths.
-                 */
-                if (debug != null)
-                    debug.println("SunCertPathBuilder.depthFirstSearchReverse()"
-                        + ": backtracking");
-                if (!currentState.isInitial())
-                    builder.removeFinalCertFromPath(cpList);
-            }
-        }
-        if (debug != null)
-            debug.println("SunCertPathBuilder.depthFirstSearchReverse() all "
-                + "certs in this adjacency list checked");
-    }
-
-    /*
      * Adds a collection of matching certificates to the
      * adjacency list.
      */
--- a/src/java.base/share/classes/sun/security/provider/certpath/SunCertPathBuilderParameters.java	Thu Apr 23 10:43:35 2015 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,131 +0,0 @@
-/*
- * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-package sun.security.provider.certpath;
-
-import java.security.InvalidAlgorithmParameterException;
-import java.security.KeyStore;
-import java.security.KeyStoreException;
-import java.security.cert.*;
-import java.util.Set;
-
-/**
- * This class specifies the set of parameters used as input for the Sun
- * certification path build algorithm. It is identical to PKIXBuilderParameters
- * with the addition of a <code>buildForward</code> parameter which allows
- * the caller to specify whether or not the path should be constructed in
- * the forward direction.
- *
- * The default for the <code>buildForward</code> parameter is
- * true, which means that the build algorithm should construct paths
- * from the target subject back to the trusted anchor.
- *
- * @since       1.4
- * @author      Sean Mullan
- * @author      Yassir Elley
- */
-public class SunCertPathBuilderParameters extends PKIXBuilderParameters {
-
-    private boolean buildForward = true;
-
-    /**
-     * Creates an instance of <code>SunCertPathBuilderParameters</code> with the
-     * specified parameter values.
-     *
-     * @param trustAnchors a <code>Set</code> of <code>TrustAnchor</code>s
-     * @param targetConstraints a <code>CertSelector</code> specifying the
-     * constraints on the target certificate
-     * @throws InvalidAlgorithmParameterException if the specified
-     * <code>Set</code> is empty <code>(trustAnchors.isEmpty() == true)</code>
-     * @throws NullPointerException if the specified <code>Set</code> is
-     * <code>null</code>
-     * @throws ClassCastException if any of the elements in the <code>Set</code>
-     * are not of type <code>java.security.cert.TrustAnchor</code>
-     */
-    public SunCertPathBuilderParameters(Set<TrustAnchor> trustAnchors,
-        CertSelector targetConstraints) throws InvalidAlgorithmParameterException
-    {
-        super(trustAnchors, targetConstraints);
-        setBuildForward(true);
-    }
-
-    /**
-     * Creates an instance of <code>SunCertPathBuilderParameters</code> that
-     * uses the specified <code>KeyStore</code> to populate the set
-     * of most-trusted CA certificates.
-     *
-     * @param keystore A keystore from which the set of most-trusted
-     * CA certificates will be populated.
-     * @param targetConstraints a <code>CertSelector</code> specifying the
-     * constraints on the target certificate
-     * @throws KeyStoreException if the keystore has not been initialized.
-     * @throws InvalidAlgorithmParameterException if the keystore does
-     * not contain at least one trusted certificate entry
-     * @throws NullPointerException if the keystore is <code>null</code>
-     */
-    public SunCertPathBuilderParameters(KeyStore keystore,
-        CertSelector targetConstraints)
-        throws KeyStoreException, InvalidAlgorithmParameterException
-    {
-        super(keystore, targetConstraints);
-        setBuildForward(true);
-    }
-
-    /**
-     * Returns the value of the buildForward flag.
-     *
-     * @return the value of the buildForward flag
-     */
-    public boolean getBuildForward() {
-        return this.buildForward;
-    }
-
-    /**
-     * Sets the value of the buildForward flag. If true, paths
-     * are built from the target subject to the trusted anchor.
-     * If false, paths are built from the trusted anchor to the
-     * target subject. The default value if not specified is true.
-     *
-     * @param buildForward the value of the buildForward flag
-     */
-    public void setBuildForward(boolean buildForward) {
-        this.buildForward = buildForward;
-    }
-
-    /**
-     * Returns a formatted string describing the parameters.
-     *
-     * @return a formatted string describing the parameters.
-     */
-    @Override
-    public String toString() {
-        StringBuilder sb = new StringBuilder();
-        sb.append("[\n");
-        sb.append(super.toString());
-        sb.append("  Build Forward Flag: " + String.valueOf(buildForward) + "\n");
-        sb.append("]\n");
-        return sb.toString();
-    }
-}
--- a/src/java.base/share/classes/sun/util/PreHashedMap.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/util/PreHashedMap.java	Thu Apr 23 16:10:19 2015 -0700
@@ -166,14 +166,14 @@
     }
 
     public Set<String> keySet() {
-        return new AbstractSet<String> () {
+        return new AbstractSet<> () {
 
             public int size() {
                 return size;
             }
 
             public Iterator<String> iterator() {
-                return new Iterator<String>() {
+                return new Iterator<>() {
                     private int i = -1;
                     Object[] a = null;
                     String cur = null;
--- a/src/java.base/share/classes/sun/util/logging/PlatformLogger.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/util/logging/PlatformLogger.java	Thu Apr 23 16:10:19 2015 -0700
@@ -161,7 +161,7 @@
     private static boolean loggingEnabled;
     static {
         loggingEnabled = AccessController.doPrivileged(
-            new PrivilegedAction<Boolean>() {
+            new PrivilegedAction<>() {
                 public Boolean run() {
                     String cname = System.getProperty("java.util.logging.config.class");
                     String fname = System.getProperty("java.util.logging.config.file");
--- a/src/java.base/share/classes/sun/util/resources/LocaleData.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/util/resources/LocaleData.java	Thu Apr 23 16:10:19 2015 -0700
@@ -159,7 +159,7 @@
     }
 
     public static ResourceBundle getBundle(final String baseName, final Locale locale) {
-        return AccessController.doPrivileged(new PrivilegedAction<ResourceBundle>() {
+        return AccessController.doPrivileged(new PrivilegedAction<>() {
             @Override
             public ResourceBundle run() {
                 return ResourceBundle
@@ -169,7 +169,7 @@
     }
 
     private static OpenListResourceBundle getSupplementary(final String baseName, final Locale locale) {
-        return AccessController.doPrivileged(new PrivilegedAction<OpenListResourceBundle>() {
+        return AccessController.doPrivileged(new PrivilegedAction<>() {
            @Override
            public OpenListResourceBundle run() {
                OpenListResourceBundle rb = null;
--- a/src/java.base/share/classes/sun/util/resources/ParallelListResourceBundle.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/share/classes/sun/util/resources/ParallelListResourceBundle.java	Thu Apr 23 16:10:19 2015 -0700
@@ -213,7 +213,7 @@
             if (parent == null) {
                 return set.iterator();
             }
-            return new Iterator<String>() {
+            return new Iterator<>() {
                 private Iterator<String> itr = set.iterator();
                 private boolean usingParent;
 
--- a/src/java.base/unix/classes/java/lang/ProcessEnvironment.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/unix/classes/java/lang/ProcessEnvironment.java	Thu Apr 23 16:10:19 2015 -0700
@@ -99,7 +99,7 @@
 
     /* Only for use by Runtime.exec(...String[]envp...) */
     static Map<String,String> emptyEnvironment(int capacity) {
-        return new StringEnvironment(new HashMap<Variable,Value>(capacity));
+        return new StringEnvironment(new HashMap<>(capacity));
     }
 
     private static native byte[][] environ();
--- a/src/java.base/unix/classes/sun/net/PortConfig.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/unix/classes/sun/net/PortConfig.java	Thu Apr 23 16:10:19 2015 -0700
@@ -42,7 +42,7 @@
 
     static {
         AccessController.doPrivileged(
-            new java.security.PrivilegedAction<Void>() {
+            new java.security.PrivilegedAction<>() {
                 public Void run() {
                     System.loadLibrary("net");
                     String os = System.getProperty("os.name");
--- a/src/java.base/unix/classes/sun/net/dns/ResolverConfigurationImpl.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/unix/classes/sun/net/dns/ResolverConfigurationImpl.java	Thu Apr 23 16:10:19 2015 -0700
@@ -85,6 +85,15 @@
                     if (val.charAt(0) == '#' || val.charAt(0) == ';') {
                         break;
                     }
+                    if ("nameserver".equals(keyword)) {
+                        if (val.indexOf(':') >= 0 &&
+                            val.indexOf('.') < 0 && // skip for IPv4 literals with port
+                            val.indexOf('[') < 0 &&
+                            val.indexOf(']') < 0 ) {
+                            // IPv6 literal, in non-BSD-style.
+                            val = "[" + val + "]";
+                        }
+                    }
                     ll.add(val);
                     if (--maxvalues == 0) {
                         break;
@@ -122,7 +131,7 @@
         // get the name servers from /etc/resolv.conf
         nameservers =
             java.security.AccessController.doPrivileged(
-                new java.security.PrivilegedAction<LinkedList<String>>() {
+                new java.security.PrivilegedAction<>() {
                     public LinkedList<String> run() {
                         // typically MAXNS is 3 but we've picked 5 here
                         // to allow for additional servers if required.
@@ -147,7 +156,7 @@
         // first try the search keyword in /etc/resolv.conf
 
         sl = java.security.AccessController.doPrivileged(
-                 new java.security.PrivilegedAction<LinkedList<String>>() {
+                 new java.security.PrivilegedAction<>() {
                     public LinkedList<String> run() {
                         LinkedList<String> ll;
 
@@ -173,7 +182,7 @@
 
         String localDomain = localDomain0();
         if (localDomain != null && localDomain.length() > 0) {
-            sl = new LinkedList<String>();
+            sl = new LinkedList<>();
             sl.add(localDomain);
             return sl;
         }
@@ -181,7 +190,7 @@
         // try domain keyword in /etc/resolv.conf
 
         sl = java.security.AccessController.doPrivileged(
-                 new java.security.PrivilegedAction<LinkedList<String>>() {
+                 new java.security.PrivilegedAction<>() {
                     public LinkedList<String> run() {
                         LinkedList<String> ll;
 
@@ -251,7 +260,7 @@
 
     static {
         java.security.AccessController.doPrivileged(
-            new java.security.PrivilegedAction<Void>() {
+            new java.security.PrivilegedAction<>() {
                 public Void run() {
                     System.loadLibrary("net");
                     return null;
--- a/src/java.base/unix/classes/sun/net/sdp/SdpProvider.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/unix/classes/sun/net/sdp/SdpProvider.java	Thu Apr 23 16:10:19 2015 -0700
@@ -198,7 +198,7 @@
     {
         Scanner scanner = new Scanner(new File(file));
         try {
-            List<Rule> result = new ArrayList<Rule>();
+            List<Rule> result = new ArrayList<>();
             while (scanner.hasNextLine()) {
                 String line = scanner.nextLine().trim();
 
--- a/src/java.base/unix/classes/sun/net/www/protocol/http/ntlm/NTLMAuthentication.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/unix/classes/sun/net/www/protocol/http/ntlm/NTLMAuthentication.java	Thu Apr 23 16:10:19 2015 -0700
@@ -95,7 +95,7 @@
     private void init0() {
 
         hostname = java.security.AccessController.doPrivileged(
-            new java.security.PrivilegedAction<String>() {
+            new java.security.PrivilegedAction<>() {
             public String run() {
                 String localhost;
                 try {
--- a/src/java.base/unix/classes/sun/nio/ch/UnixAsynchronousServerSocketChannelImpl.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/unix/classes/sun/nio/ch/UnixAsynchronousServerSocketChannelImpl.java	Thu Apr 23 16:10:19 2015 -0700
@@ -216,7 +216,7 @@
         // permission check must always be in initiator's context
         try {
             if (acc != null) {
-                AccessController.doPrivileged(new PrivilegedAction<Void>() {
+                AccessController.doPrivileged(new PrivilegedAction<>() {
                     public Void run() {
                         SecurityManager sm = System.getSecurityManager();
                         if (sm != null) {
@@ -287,7 +287,7 @@
                 synchronized (updateLock) {
                     if (handler == null) {
                         this.acceptHandler = null;
-                        result = new PendingFuture<AsynchronousSocketChannel,Object>(this);
+                        result = new PendingFuture<>(this);
                         this.acceptFuture = result;
                     } else {
                         this.acceptHandler = handler;
--- a/src/java.base/unix/classes/sun/nio/fs/GnomeFileTypeDetector.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/unix/classes/sun/nio/fs/GnomeFileTypeDetector.java	Thu Apr 23 16:10:19 2015 -0700
@@ -93,7 +93,7 @@
     private static native byte[] probeUsingGnomeVfs(long pathAddress);
 
     static {
-        AccessController.doPrivileged(new PrivilegedAction<Void>() {
+        AccessController.doPrivileged(new PrivilegedAction<>() {
             public Void run() {
                 System.loadLibrary("nio");
                 return null;
--- a/src/java.base/unix/classes/sun/nio/fs/MimeTypesFileTypeDetector.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/unix/classes/sun/nio/fs/MimeTypesFileTypeDetector.java	Thu Apr 23 16:10:19 2015 -0700
@@ -106,7 +106,7 @@
             synchronized (this) {
                 if (!loaded) {
                     List<String> lines = AccessController.doPrivileged(
-                        new PrivilegedAction<List<String>>() {
+                        new PrivilegedAction<>() {
                             @Override
                             public List<String> run() {
                                 try {
--- a/src/java.base/unix/classes/sun/nio/fs/UnixCopyFile.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/unix/classes/sun/nio/fs/UnixCopyFile.java	Thu Apr 23 16:10:19 2015 -0700
@@ -606,7 +606,7 @@
         throws UnixException;
 
     static {
-        AccessController.doPrivileged(new PrivilegedAction<Void>() {
+        AccessController.doPrivileged(new PrivilegedAction<>() {
             @Override
             public Void run() {
                 System.loadLibrary("nio");
--- a/src/java.base/unix/classes/sun/nio/fs/UnixFileStore.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/unix/classes/sun/nio/fs/UnixFileStore.java	Thu Apr 23 16:10:19 2015 -0700
@@ -222,7 +222,7 @@
             synchronized (loadLock) {
                 if (props == null) {
                     props = AccessController.doPrivileged(
-                        new PrivilegedAction<Properties>() {
+                        new PrivilegedAction<>() {
                             @Override
                             public Properties run() {
                                 return loadProperties();
--- a/src/java.base/unix/classes/sun/nio/fs/UnixFileSystem.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/unix/classes/sun/nio/fs/UnixFileSystem.java	Thu Apr 23 16:10:19 2015 -0700
@@ -152,7 +152,7 @@
     public final Iterable<Path> getRootDirectories() {
         final List<Path> allowedList =
            Collections.unmodifiableList(Arrays.asList((Path)rootDirectory));
-        return new Iterable<Path>() {
+        return new Iterable<>() {
             public Iterator<Path> iterator() {
                 try {
                     SecurityManager sm = System.getSecurityManager();
@@ -254,7 +254,7 @@
                 return Collections.emptyList();
             }
         }
-        return new Iterable<FileStore>() {
+        return new Iterable<>() {
             public Iterator<FileStore> iterator() {
                 return new FileStoreIterator();
             }
--- a/src/java.base/unix/classes/sun/nio/fs/UnixNativeDispatcher.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/unix/classes/sun/nio/fs/UnixNativeDispatcher.java	Thu Apr 23 16:10:19 2015 -0700
@@ -568,7 +568,7 @@
 
     private static native int init();
     static {
-        AccessController.doPrivileged(new PrivilegedAction<Void>() {
+        AccessController.doPrivileged(new PrivilegedAction<>() {
             public Void run() {
                 System.loadLibrary("nio");
                 return null;
--- a/src/java.base/unix/classes/sun/nio/fs/UnixPath.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.base/unix/classes/sun/nio/fs/UnixPath.java	Thu Apr 23 16:10:19 2015 -0700
@@ -121,7 +121,7 @@
             ce = Util.jnuEncoding().newEncoder()
                 .onMalformedInput(CodingErrorAction.REPORT)
                 .onUnmappableCharacter(CodingErrorAction.REPORT);
-            encoder.set(new SoftReference<CharsetEncoder>(ce));
+            encoder.set(new SoftReference<>(ce));
         }
 
         char[] ca = fs.normalizeNativePath(input.toCharArray());
--- a/src/java.naming/share/classes/com/sun/jndi/ldap/LdapURL.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.naming/share/classes/com/sun/jndi/ldap/LdapURL.java	Thu Apr 23 16:10:19 2015 -0700
@@ -26,9 +26,6 @@
 package com.sun.jndi.ldap;
 
 import javax.naming.*;
-import javax.naming.directory.*;
-import javax.naming.spi.*;
-import java.net.URL;
 import java.net.MalformedURLException;
 import java.io.UnsupportedEncodingException;
 import java.util.StringTokenizer;
@@ -211,43 +208,52 @@
 
         // query begins with a '?' or is null
 
-        if (query == null) {
+        if (query == null || query.length() < 2) {
             return;
         }
 
-        int qmark2 = query.indexOf('?', 1);
+        int currentIndex = 1;
+        int nextQmark;
+        int endIndex;
 
-        if (qmark2 < 0) {
-            attributes = query.substring(1);
+        // attributes:
+        nextQmark = query.indexOf('?', currentIndex);
+        endIndex = nextQmark == -1 ? query.length() : nextQmark;
+        if (endIndex - currentIndex > 0) {
+            attributes = query.substring(currentIndex, endIndex);
+        }
+        currentIndex = endIndex + 1;
+        if (currentIndex >= query.length()) {
             return;
-        } else if (qmark2 != 1) {
-            attributes = query.substring(1, qmark2);
         }
 
-        int qmark3 = query.indexOf('?', qmark2 + 1);
-
-        if (qmark3 < 0) {
-            scope = query.substring(qmark2 + 1);
+        // scope:
+        nextQmark = query.indexOf('?', currentIndex);
+        endIndex = nextQmark == -1 ? query.length() : nextQmark;
+        if (endIndex - currentIndex > 0) {
+            scope = query.substring(currentIndex, endIndex);
+        }
+        currentIndex = endIndex + 1;
+        if (currentIndex >= query.length()) {
             return;
-        } else if (qmark3 != qmark2 + 1) {
-            scope = query.substring(qmark2 + 1, qmark3);
         }
 
-        int qmark4 = query.indexOf('?', qmark3 + 1);
+        // filter:
+        nextQmark = query.indexOf('?', currentIndex);
+        endIndex = nextQmark == -1 ? query.length() : nextQmark;
+        if (endIndex - currentIndex > 0) {
+            filter = query.substring(currentIndex, endIndex);
+            filter = UrlUtil.decode(filter, "UTF8");
+        }
+        currentIndex = endIndex + 1;
+        if (currentIndex >= query.length()) {
+            return;
+        }
 
-        if (qmark4 < 0) {
-            filter = query.substring(qmark3 + 1);
-        } else {
-            if (qmark4 != qmark3 + 1) {
-                filter = query.substring(qmark3 + 1, qmark4);
-            }
-            extensions = query.substring(qmark4 + 1);
-            if (extensions.length() > 0) {
-                extensions = UrlUtil.decode(extensions, "UTF8");
-            }
-        }
-        if (filter != null && filter.length() > 0) {
-            filter = UrlUtil.decode(filter, "UTF8");
+        // extensions:
+        if (query.length() - currentIndex > 0) {
+            extensions = query.substring(currentIndex);
+            extensions = UrlUtil.decode(extensions, "UTF8");
         }
     }
 
--- a/src/java.security.jgss/share/classes/org/ietf/jgss/GSSCredential.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.security.jgss/share/classes/org/ietf/jgss/GSSCredential.java	Thu Apr 23 16:10:19 2015 -0700
@@ -35,7 +35,7 @@
  * may be used to perform context initiation, acceptance, or both.<p>
  *
  * Credentials are instantiated using one of the
- * <code>createCredential</code> methods in the {@link GSSManager
+ * {@code createCredential} methods in the {@link GSSManager
  * GSSManager} class. GSS-API credential creation is not
  * intended to provide a "login to the network" function, as such a
  * function would involve the creation of new credentials rather than
@@ -75,7 +75,7 @@
  *
  *    Oid [] mechs = cred.getMechs();
  *    if (mechs != null) {
- *            for (int i = 0; i < mechs.length; i++)
+ *            for (int i = 0; i{@literal <} mechs.length; i++)
  *                    System.out.println(mechs[i].toString());
  *    }
  *
@@ -297,8 +297,8 @@
      * with a variety of clients using different security mechanisms.<p>
      *
      * This routine adds the new credential element "in-place".  To add the
-     * element in a new credential, first call <code>clone</code> to obtain a
-     * copy of this credential, then call its <code>add</code> method.<p>
+     * element in a new credential, first call {@code clone} to obtain a
+     * copy of this credential, then call its {@code add} method.<p>
      *
      * As always, GSS-API implementations must impose a local access-control
      * policy on callers to prevent unauthorized callers from acquiring
@@ -311,7 +311,7 @@
      * getRemainingAcceptLifetime} on the credential.
      *
      * @param name the name of the principal for whom this credential is to
-     * be acquired.  Use <code>null</code> to specify the default
+     * be acquired.  Use {@code null} to specify the default
      * principal.
      * @param initLifetime the number of seconds that the credential element
      * should remain valid for initiating of security contexts. Use {@link
@@ -354,8 +354,8 @@
      * object.  The two credentials must be acquired over the same
      * mechanisms and must refer to the same principal.
      *
-     * @return <code>true</code> if the two GSSCredentials assert the same
-     * entity; <code>false</code> otherwise.
+     * @return {@code true} if the two GSSCredentials assert the same
+     * entity; {@code false} otherwise.
      * @param another another GSSCredential for comparison to this one
      */
     public boolean equals(Object another);
--- a/src/java.xml.crypto/share/classes/javax/xml/crypto/dom/package.html	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.xml.crypto/share/classes/javax/xml/crypto/dom/package.html	Thu Apr 23 16:10:19 2015 -0700
@@ -44,11 +44,7 @@
 RFC 3275: XML-Signature Syntax and Processing</a>
 </ul>
 
-<p>
-<dl>
-<dt><b>Since:</b></dt>
-  <dd>1.6</dd>
-</dl>
+@since 1.6
 
 </body>
 </html>
--- a/src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/dom/package.html	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/dom/package.html	Thu Apr 23 16:10:19 2015 -0700
@@ -44,11 +44,7 @@
 RFC 3275: XML-Signature Syntax and Processing</a>
 </ul>
 
-<p>
-<dl>
-<dt><b>Since:</b></dt>
-  <dd>1.6</dd>
-</dl>
+@since 1.6
 
 </body>
 </html>
--- a/src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/keyinfo/package.html	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/keyinfo/package.html	Thu Apr 23 16:10:19 2015 -0700
@@ -55,11 +55,7 @@
 RFC 3275: XML-Signature Syntax and Processing</a>
 </ul>
 
-<p>
-<dl>
-<dt><b>Since:</b></dt>
-  <dd>1.6</dd>
-</dl>
+@since 1.6
 
 </body>
 </html>
--- a/src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/package.html	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/package.html	Thu Apr 23 16:10:19 2015 -0700
@@ -65,11 +65,7 @@
 RFC 3275: XML-Signature Syntax and Processing</a>
 </ul>
 
-<p>
-<dl>
-<dt><b>Since:</b></dt>
-  <dd>1.6</dd>
-</dl>
+@since 1.6
 
 </body>
 </html>
--- a/src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/spec/package.html	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/spec/package.html	Thu Apr 23 16:10:19 2015 -0700
@@ -49,11 +49,7 @@
 XPath Filter 2.0 Transform Algorithm: W3C Recommendation</a>
 </ul>
 
-<p>
-<dl>
-<dt><b>Since:</b></dt>
-  <dd>1.6</dd>
-</dl>
+@since 1.6
 
 </body>
 </html>
--- a/src/java.xml.crypto/share/classes/javax/xml/crypto/package.html	Thu Apr 23 10:43:35 2015 -0700
+++ b/src/java.xml.crypto/share/classes/javax/xml/crypto/package.html	Thu Apr 23 16:10:19 2015 -0700
@@ -42,11 +42,7 @@
 RFC 3275: XML-Signature Syntax and Processing</a>
 </ul>
 
-<p>
-<dl>
-<dt><b>Since:</b></dt>
-  <dd>1.6</dd>
-</dl>
+@since 1.6
 
 </body>
 </html>
--- a/test/com/sun/jdi/JdbReadTwiceTest.sh	Thu Apr 23 10:43:35 2015 -0700
+++ b/test/com/sun/jdi/JdbReadTwiceTest.sh	Thu Apr 23 16:10:19 2015 -0700
@@ -206,39 +206,6 @@
 
 echo
 echo "+++++++++++++++++++++++++++++++++++"
-echo "Read an unreadable file - verify the read fails."
-
-canMakeUnreadable=No
-id > $HOME/jdb.ini
-if chmod a-r $HOME/jdb.ini 
-then
-  grep -q 'uid=0(' $HOME/jdb.ini 2> /dev/null
-  case $? in
-    0)
-      echo "Error! Can't make file unreadable running as root"
-    ;;
-    1)
-      echo "Error! Can't make file unreadable for some other reason (windows?)"
-    ;;
-    *)
-      echo "OK. the file is unreadable"
-      canMakeUnreadable=Yes 
-    ;;
-   esac
-else    
-  echo "Error! Can't create or chmod file"
-fi  
-
-if [ "$canMakeUnreadable" = "Yes" ]
-then
-    doit
-    failIfNot 1 "open: $HOME/jdb.ini"
-fi
-clean
-
-
-echo
-echo "+++++++++++++++++++++++++++++++++++"
 echo "Read a directory - verify the read fails"
 # If the file (IE. directory) exists, we try to read it.  The
 # read will fail.
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/com/sun/jndi/dns/IPv6NameserverPlatformParsingTest.java	Thu Apr 23 16:10:19 2015 -0700
@@ -0,0 +1,104 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.lang.reflect.Field;
+import java.util.Hashtable;
+
+import javax.naming.Context;
+import javax.naming.NamingException;
+import javax.naming.spi.NamingManager;
+
+import com.sun.jndi.dns.DnsContext;
+
+/**
+ * @test
+ * @bug 6991580
+ * @summary IPv6 Nameservers in resolv.conf throws NumberFormatException
+ * @run main/manual IPv6NameserverPlatformParsingTest
+ *
+ * In order to run this test be sure to place, for example, the following
+ * snippet into your platform's {@code /etc/resolv.conf}:
+ * <pre>
+ * nameserver 127.0.0.1
+ * nameserver 2001:4860:4860::8888
+ * nameserver [::1]:5353
+ * nameserver 127.0.0.1:5353
+ * </pre>
+ *
+ * Then, run this test as manual jtreg test.
+ *
+ * @author Severin Gehwolf
+ *
+ */
+public class IPv6NameserverPlatformParsingTest {
+
+    private static boolean foundIPv6 = false;
+
+    public static void main(String[] args) {
+        Hashtable<String, String> env = new Hashtable<>();
+        env.put(Context.INITIAL_CONTEXT_FACTORY, com.sun.jndi.dns.DnsContextFactory.class.getName());
+
+        String[] servers;
+        try {
+            Context ctx = NamingManager.getInitialContext(env);
+            if (!com.sun.jndi.dns.DnsContextFactory.platformServersAvailable()) {
+                throw new RuntimeException("FAIL: no platform servers available, test does not make sense");
+            }
+            DnsContext context = (DnsContext)ctx;
+            servers = getServersFromContext(context);
+        } catch (NamingException e) {
+            throw new RuntimeException(e);
+        }
+        for (String server: servers) {
+            System.out.println("DEBUG: 'nameserver = " + server + "'");
+            if (server.indexOf(':') >= 0 && server.indexOf('.') < 0) {
+                System.out.println("DEBUG: ==> Found IPv6 address in servers list: " + server);
+                foundIPv6 = true;
+            }
+        }
+        try {
+            new com.sun.jndi.dns.DnsClient(servers, 100, 1);
+        } catch (NumberFormatException e) {
+            throw new RuntimeException("FAIL: Tried to parse non-[]-encapsulated IPv6 address.", e);
+        } catch (Exception e) {
+            throw new RuntimeException("ERROR: Something unexpected happened.");
+        }
+        if (!foundIPv6) {
+            // This is a manual test, since it requires changing /etc/resolv.conf on Linux/Unix
+            // platforms. See comment as to how to run this test.
+            throw new RuntimeException("ERROR: No IPv6 address returned from platform.");
+        }
+        System.out.println("PASS: Found IPv6 address and DnsClient parsed it correctly.");
+    }
+
+    private static String[] getServersFromContext(DnsContext context) {
+        try {
+            Field serversField = DnsContext.class.getDeclaredField("servers");
+            serversField.setAccessible(true);
+            return (String[])serversField.get(context);
+        } catch (Exception e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/com/sun/jndi/ldap/LdapURLOptionalFields.java	Thu Apr 23 16:10:19 2015 -0700
@@ -0,0 +1,62 @@
+/*
+ * Copyright (c) 2015, Red Hat, Inc.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * @test
+ * @bug 8074761
+ * @summary RFC-2255 allows attribute, scope and filter to be empty.
+ */
+
+import com.sun.jndi.ldap.LdapURL;
+
+public class LdapURLOptionalFields {
+
+    private static final String[] TEST_URLS = {
+        "ldap://localhost:10389/ou=RefPeople,dc=example,dc=com",
+        "ldap://localhost:10389/ou=RefPeople,dc=example,dc=com?",
+        "ldap://localhost:10389/ou=RefPeople,dc=example,dc=com??",
+        "ldap://localhost:10389/ou=RefPeople,dc=example,dc=com???",
+        "ldap://localhost:10389/ou=RefPeople,dc=example,dc=com????"
+    };
+
+    public static void main(String[] args) throws Exception {
+        for (int i = 0; i < TEST_URLS.length; i++) {
+            String url = TEST_URLS[i];
+            checkEmptyAttributes(url);
+        }
+    }
+
+    private static void checkEmptyAttributes(String urlString) throws Exception {
+        LdapURL url = new LdapURL(urlString);
+        if (url.getAttributes() != null) {
+            throw new Exception("Expected null attributes for url: '" + urlString + "'");
+        }
+        if (url.getScope() != null) {
+            throw new Exception("Expected null scope for url: '" + urlString + "'");
+        }
+        if (url.getFilter() != null) {
+            throw new Exception("Expected null filter for url: '" + urlString + "'");
+        }
+    }
+
+}
--- a/test/com/sun/security/auth/login/ConfigFile/InconsistentError.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/test/com/sun/security/auth/login/ConfigFile/InconsistentError.java	Thu Apr 23 16:10:19 2015 -0700
@@ -26,6 +26,7 @@
  * @bug 4406033
  * @summary     ConfigFile throws an inconsistent error message
  *              when the configuration file is not found
+ * @run main/othervm -Duser.language=en InconsistentError
  */
 
 import com.sun.security.auth.login.*;
--- a/test/com/sun/security/auth/module/KeyStoreLoginModule/OptionTest.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/test/com/sun/security/auth/module/KeyStoreLoginModule/OptionTest.java	Thu Apr 23 16:10:19 2015 -0700
@@ -25,6 +25,7 @@
  * @test
  * @bug 4919147
  * @summary Support for token-based KeyStores
+ * @run main/othervm -Duser.language=en OptionTest
  */
 
 import java.io.File;
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/net/URL/HandlersPkgPrefix/HandlersPkgPrefix.java	Thu Apr 23 16:10:19 2015 -0700
@@ -0,0 +1,95 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.util.function.Consumer;
+
+/*
+ * @test
+ * @bug 8075139
+ * @summary Basic test for java.protocol.handler.pkgs
+ * @compile handlers/foo/Handler.java handlers/bar/Handler.java HandlersPkgPrefix.java
+ * @run main/othervm HandlersPkgPrefix
+ */
+
+public class HandlersPkgPrefix {
+    static final Consumer<Result> KNOWN = r -> {
+        if (r.exception != null)
+            throw new RuntimeException("Unexpected exception " + r.exception);
+        String p = r.url.getProtocol();
+        if (!r.protocol.equals(p))
+            throw new RuntimeException("Expected:" + r.protocol + ", got:" + p);
+    };
+    static final Consumer<Result> UNKNOWN = r -> {
+        if (r.url != null)
+            throw new RuntimeException("Unexpected url:" + r.url);
+        if (!(r.exception instanceof MalformedURLException))
+            throw new RuntimeException("Expected MalformedURLException, got:"
+                                       + r.exception);
+    };
+
+    public static void main(String[] args) {
+        withPrefix("unknown", "", UNKNOWN);
+        withPrefix("unknown", "handlers", UNKNOWN);
+
+        withPrefix("foo", "", UNKNOWN);
+        withPrefix("foo", "xxx|yyy|zzz", UNKNOWN);
+        withPrefix("foo", "||||", UNKNOWN);
+        withPrefix("foo", "|a|b|c|handlers", KNOWN);
+
+        withPrefix("bar", "", UNKNOWN);
+        withPrefix("bar", "x.y.z|y.y.y|z.z.z", UNKNOWN);
+        withPrefix("bar", " x.y.z | y.y.y | z.z.z| |  ", UNKNOWN);
+        withPrefix("bar", "| a | b | c | handlers | d | e", KNOWN);
+    }
+
+    static void withPrefix(String protocol, String pkgPrefix,
+                           Consumer<Result> resultChecker) {
+        System.out.println("Testing, " + protocol + ", " + pkgPrefix);
+
+        // The long standing implementation behavior is that the
+        // property is read multiple times, not cached.
+        System.setProperty("java.protocol.handler.pkgs", pkgPrefix);
+        URL url = null;
+        Exception exception = null;
+        try {
+            url = new URL(protocol + "://");
+        } catch (MalformedURLException x) {
+            exception = x;
+        }
+        resultChecker.accept(new Result(protocol, url, exception));
+    }
+
+    static class Result {
+        final String protocol;
+        final URL url;
+        final Exception exception;
+        Result(String protocol, URL url, Exception exception) {
+            this.protocol = protocol;
+            this.url = url;
+            this.exception = exception;
+        }
+    }
+}
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/net/URL/HandlersPkgPrefix/handlers/bar/Handler.java	Thu Apr 23 16:10:19 2015 -0700
@@ -0,0 +1,37 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package handlers.bar;
+
+import java.io.IOException;
+import java.net.URL;
+import java.net.URLConnection;
+import java.net.URLStreamHandler;
+
+public class Handler extends URLStreamHandler {
+    @Override
+    protected URLConnection openConnection(URL u) throws IOException {
+        return null;
+    }
+}
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/net/URL/HandlersPkgPrefix/handlers/foo/Handler.java	Thu Apr 23 16:10:19 2015 -0700
@@ -0,0 +1,37 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package handlers.foo;
+
+import java.io.IOException;
+import java.net.URL;
+import java.net.URLConnection;
+import java.net.URLStreamHandler;
+
+public class Handler extends URLStreamHandler {
+    @Override
+    protected URLConnection openConnection(URL u) throws IOException {
+        return null;
+    }
+}
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/javax/security/auth/login/LoginContext/CustomLoginModule.java	Thu Apr 23 16:10:19 2015 -0700
@@ -0,0 +1,275 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.io.IOException;
+import java.security.Principal;
+import java.util.Arrays;
+import java.util.Locale;
+import java.util.Map;
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.ChoiceCallback;
+import javax.security.auth.callback.ConfirmationCallback;
+import javax.security.auth.callback.LanguageCallback;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.TextInputCallback;
+import javax.security.auth.callback.TextOutputCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.FailedLoginException;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
+
+public class CustomLoginModule implements LoginModule {
+
+    static final String HELLO = "Hello";
+
+    private Subject subject;
+    private CallbackHandler callbackHandler;
+    private boolean loginSucceeded = false;
+    private String username;
+    private char[] password;
+
+    /*
+     * Initialize this LoginModule.
+     */
+    @Override
+    public void initialize(Subject subject, CallbackHandler callbackHandler,
+            Map<String, ?> sharedState, Map<String, ?> options) {
+        this.subject = subject;
+        this.callbackHandler = callbackHandler;
+
+        // check if custom parameter is passed from comfiguration
+        if (options == null) {
+            throw new RuntimeException("options is null");
+        }
+
+        // read username/password from configuration
+        Object o = options.get("username");
+        if (o == null) {
+            throw new RuntimeException("Custom parameter not passed");
+        }
+        if (!(o instanceof String)) {
+            throw new RuntimeException("Password is not a string");
+        }
+        username = (String) o;
+
+        o = options.get("password");
+        if (o == null) {
+            throw new RuntimeException("Custom parameter not passed");
+        }
+        if (!(o instanceof String)) {
+            throw new RuntimeException("Password is not a string");
+        }
+        password = ((String) o).toCharArray();
+    }
+
+    /*
+     * Authenticate the user.
+     */
+    @Override
+    public boolean login() throws LoginException {
+        // prompt for a user name and password
+        if (callbackHandler == null) {
+            throw new LoginException("No CallbackHandler available");
+        }
+
+        // standard callbacks
+        NameCallback name = new NameCallback("username: ", "default");
+        PasswordCallback passwd = new PasswordCallback("password: ", false);
+
+        LanguageCallback language = new LanguageCallback();
+
+        TextOutputCallback error = new TextOutputCallback(
+                TextOutputCallback.ERROR, "This is an error");
+        TextOutputCallback warning = new TextOutputCallback(
+                TextOutputCallback.WARNING, "This is a warning");
+        TextOutputCallback info = new TextOutputCallback(
+                TextOutputCallback.INFORMATION, "This is a FYI");
+
+        TextInputCallback text = new TextInputCallback("Please type " + HELLO,
+                "Bye");
+
+        ChoiceCallback choice = new ChoiceCallback("Choice: ",
+                new String[] { "pass", "fail" }, 1, true);
+
+        ConfirmationCallback confirmation = new ConfirmationCallback(
+                "confirmation: ", ConfirmationCallback.INFORMATION,
+                ConfirmationCallback.YES_NO_OPTION, ConfirmationCallback.NO);
+
+        CustomCallback custom = new CustomCallback();
+
+        Callback[] callbacks = new Callback[] {
+            choice, info, warning, error, name, passwd, text, language,
+            confirmation, custom
+        };
+
+        boolean uce = false;
+        try {
+            callbackHandler.handle(callbacks);
+        } catch (UnsupportedCallbackException e) {
+            Callback callback = e.getCallback();
+            if (custom.equals(callback)) {
+                uce = true;
+                System.out.println("CustomLoginModule: "
+                        + "custom callback not supported as expected");
+            } else {
+                throw new LoginException("Unsupported callback: " + callback);
+            }
+        } catch (IOException ioe) {
+            throw new LoginException(ioe.toString());
+        }
+
+        if (!uce) {
+            throw new RuntimeException("UnsupportedCallbackException "
+                    + "not thrown");
+        }
+
+        if (!HELLO.equals(text.getText())) {
+            System.out.println("Text: " + text.getText());
+            throw new FailedLoginException("No hello");
+        }
+
+        if (!Locale.GERMANY.equals(language.getLocale())) {
+            System.out.println("Selected locale: " + language.getLocale());
+            throw new FailedLoginException("Achtung bitte");
+        }
+
+        String readUsername = name.getName();
+        char[] readPassword = passwd.getPassword();
+        if (readPassword == null) {
+            // treat a NULL password as an empty password
+            readPassword = new char[0];
+        }
+        passwd.clearPassword();
+
+        // verify the username/password
+        if (!username.equals(readUsername)
+                || !Arrays.equals(password, readPassword)) {
+            loginSucceeded = false;
+            throw new FailedLoginException("Username/password is not correct");
+        }
+
+        // check chosen option
+        int[] selected = choice.getSelectedIndexes();
+        if (selected == null || selected.length == 0) {
+            throw new FailedLoginException("Nothing selected");
+        }
+
+        if (selected[0] != 0) {
+            throw new FailedLoginException("Wrong choice: " + selected[0]);
+        }
+
+        // check confirmation
+        if (confirmation.getSelectedIndex() != ConfirmationCallback.YES) {
+            throw new FailedLoginException("Not confirmed: "
+                    + confirmation.getSelectedIndex());
+        }
+
+        loginSucceeded = true;
+        System.out.println("CustomLoginModule: authentication succeeded");
+        return true;
+    }
+
+    /*
+     * This method is called if the LoginContext's overall authentication
+     * succeeded.
+     */
+    @Override
+    public boolean commit() throws LoginException {
+        if (loginSucceeded) {
+            // add a Principal to the Subject
+            Principal principal = new TestPrincipal(username);
+            if (!subject.getPrincipals().contains(principal)) {
+                subject.getPrincipals().add(principal);
+            }
+            return true;
+        }
+
+        return false;
+    }
+
+    /*
+     * This method is called if the LoginContext's overall authentication
+     * failed.
+     */
+    @Override
+    public boolean abort() throws LoginException {
+        loginSucceeded = false;
+        return true;
+    }
+
+    /*
+     * Logout the user.
+     */
+    @Override
+    public boolean logout() throws LoginException {
+        loginSucceeded = false;
+        boolean removed = subject.getPrincipals().remove(
+                new TestPrincipal(username));
+        if (!removed) {
+            throw new LoginException("Coundn't remove a principal: "
+                    + username);
+        }
+        return true;
+    }
+
+    static class TestPrincipal implements Principal {
+
+        private final String name;
+
+        public TestPrincipal(String name) {
+            this.name = name;
+        }
+
+        @Override
+        public String getName() {
+            return name;
+        }
+
+        @Override
+        public String toString() {
+            return("TestPrincipal [name =" + name + "]");
+        }
+
+        @Override
+        public int hashCode() {
+            return name.hashCode();
+        }
+
+        @Override
+        public boolean equals(Object o) {
+            if (o == null) {
+                return false;
+            }
+            if (!(o instanceof TestPrincipal)) {
+                return false;
+            }
+            TestPrincipal other = (TestPrincipal) o;
+            return name != null ? name.equals(other.name) : other.name == null;
+        }
+    }
+
+    static class CustomCallback implements Callback {}
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/javax/security/auth/login/LoginContext/SharedState.java	Thu Apr 23 16:10:19 2015 -0700
@@ -0,0 +1,98 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.util.Map;
+import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
+
+/**
+ * @test
+ * @bug 8048138
+ * @summary Check if shared state is passed to login module
+ * @run main/othervm SharedState
+ */
+public class SharedState {
+
+    static final String NAME = "name";
+    static final String VALUE = "shared";
+
+    public static void main(String[] args) throws LoginException {
+        System.setProperty("java.security.auth.login.config",
+                System.getProperty("test.src")
+                        + System.getProperty("file.separator")
+                        + "shared.config");
+
+        new LoginContext("SharedState").login();
+    }
+
+    public static abstract class Module implements LoginModule {
+
+        @Override
+        public boolean login() throws LoginException {
+            return true;
+        }
+
+        @Override
+        public boolean commit() throws LoginException {
+            return true;
+        }
+
+        @Override
+        public boolean abort() throws LoginException {
+            return true;
+        }
+
+        @Override
+        public boolean logout() throws LoginException {
+            return true;
+        }
+    }
+
+    public static class FirstModule extends Module {
+
+        @Override
+        public void initialize(Subject subject, CallbackHandler callbackHandler,
+                            Map<String,?> sharedState, Map<String,?> options) {
+            ((Map)sharedState).put(NAME, VALUE);
+        }
+
+    }
+
+    public static class SecondModule extends Module {
+
+        @Override
+        public void initialize(Subject subject, CallbackHandler callbackHandler,
+                            Map<String,?> sharedState, Map<String,?> options) {
+            // check shared object
+            Object shared = sharedState.get(NAME);
+            if (!VALUE.equals(shared)) {
+                throw new RuntimeException("Unexpected shared object: "
+                        + shared);
+            }
+        }
+
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/javax/security/auth/login/LoginContext/StandardCallbacks.java	Thu Apr 23 16:10:19 2015 -0700
@@ -0,0 +1,189 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.security.Principal;
+import java.util.Arrays;
+import java.util.Locale;
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.ChoiceCallback;
+import javax.security.auth.callback.ConfirmationCallback;
+import javax.security.auth.callback.LanguageCallback;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.TextInputCallback;
+import javax.security.auth.callback.TextOutputCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
+
+/*
+ * @test
+ * @bug 8048138
+ * @summary Checks if JAAS login works fine with standard callbacks
+ * @compile DefaultHandlerModule.java
+ * @run main/othervm StandardCallbacks
+ */
+public class StandardCallbacks {
+
+    private static final String USERNAME = "username";
+    private static final char[] PASSWORD = "password".toCharArray();
+
+    public static void main(String[] args) throws LoginException {
+        System.setProperty("java.security.auth.login.config",
+                System.getProperty("test.src")
+                        + System.getProperty("file.separator")
+                        + "custom.config");
+
+        CustomCallbackHandler handler = new CustomCallbackHandler(USERNAME);
+        LoginContext context = new LoginContext("StandardCallbacks", handler);
+
+        handler.setPassword(PASSWORD);
+        System.out.println("Try to login with correct password, "
+                + "successful authentication is expected");
+        context.login();
+        System.out.println("Authentication succeeded!");
+
+        Subject subject = context.getSubject();
+        System.out.println("Authenticated user has the following principals ["
+                + subject.getPrincipals().size() + " ]:");
+        boolean found = true;
+        for (Principal principal : subject.getPrincipals()) {
+            System.out.println("principal: " + principal);
+            if (principal instanceof CustomLoginModule.TestPrincipal) {
+                CustomLoginModule.TestPrincipal testPrincipal =
+                        (CustomLoginModule.TestPrincipal) principal;
+                if (USERNAME.equals(testPrincipal.getName())) {
+                    System.out.println("Found test principal: "
+                            + testPrincipal);
+                    found = true;
+                    break;
+                }
+            }
+        }
+
+        if (!found) {
+            throw new RuntimeException("TestPrincipal not found");
+        }
+
+        // check if all expected text output callbacks have been called
+        if (!handler.info) {
+            throw new RuntimeException("TextOutputCallback.INFO not called");
+        }
+
+        if (!handler.warning) {
+            throw new RuntimeException("TextOutputCallback.WARNING not called");
+        }
+
+        if (!handler.error) {
+            throw new RuntimeException("TextOutputCallback.ERROR not called");
+        }
+
+        System.out.println("Authenticated user has the following public "
+                + "credentials [" + subject.getPublicCredentials().size()
+                + "]:");
+        subject.getPublicCredentials().stream().
+                forEach((o) -> {
+                    System.out.println("public credential: " + o);
+        });
+
+        context.logout();
+
+        System.out.println("Test passed");
+    }
+
+    private static class CustomCallbackHandler implements CallbackHandler {
+
+        private final String username;
+        private char[] password;
+        private boolean info = false;
+        private boolean warning = false;
+        private boolean error = false;
+
+        CustomCallbackHandler(String username) {
+            this.username = username;
+        }
+
+        void setPassword(char[] password) {
+            this.password = password;
+        }
+
+        @Override
+        public void handle(Callback[] callbacks)
+                throws UnsupportedCallbackException {
+            for (Callback callback : callbacks) {
+                if (callback instanceof TextOutputCallback) {
+                    TextOutputCallback toc = (TextOutputCallback) callback;
+                    switch (toc.getMessageType()) {
+                        case TextOutputCallback.INFORMATION:
+                            System.out.println("INFO: " + toc.getMessage());
+                            info = true;
+                            break;
+                        case TextOutputCallback.ERROR:
+                            System.out.println("ERROR: " + toc.getMessage());
+                            error = true;
+                            break;
+                        case TextOutputCallback.WARNING:
+                            System.out.println("WARNING: " + toc.getMessage());
+                            warning = true;
+                            break;
+                        default:
+                            throw new UnsupportedCallbackException(toc,
+                                    "Unsupported message type: "
+                                            + toc.getMessageType());
+                    }
+                } else if (callback instanceof TextInputCallback) {
+                    TextInputCallback tic = (TextInputCallback) callback;
+                    System.out.println(tic.getPrompt());
+                    tic.setText(CustomLoginModule.HELLO);
+                } else if (callback instanceof LanguageCallback) {
+                    LanguageCallback lc = (LanguageCallback) callback;
+                    lc.setLocale(Locale.GERMANY);
+                } else if (callback instanceof ConfirmationCallback) {
+                    ConfirmationCallback cc = (ConfirmationCallback) callback;
+                    System.out.println(cc.getPrompt());
+                    cc.setSelectedIndex(ConfirmationCallback.YES);
+                } else if (callback instanceof ChoiceCallback) {
+                    ChoiceCallback cc = (ChoiceCallback) callback;
+                    System.out.println(cc.getPrompt()
+                            + Arrays.toString(cc.getChoices()));
+                    cc.setSelectedIndex(0);
+                } else if (callback instanceof NameCallback) {
+                    NameCallback nc = (NameCallback) callback;
+                    System.out.println(nc.getPrompt());
+                    nc.setName(username);
+                } else if (callback instanceof PasswordCallback) {
+                    PasswordCallback pc = (PasswordCallback) callback;
+                    System.out.println(pc.getPrompt());
+                    pc.setPassword(password);
+                } else {
+                    throw new UnsupportedCallbackException(callback,
+                            "Unknown callback");
+                }
+            }
+        }
+
+    }
+
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/javax/security/auth/login/LoginContext/custom.config	Thu Apr 23 16:10:19 2015 -0700
@@ -0,0 +1,4 @@
+StandardCallbacks {
+    DefaultHandlerModule required;
+    CustomLoginModule required username="username" password="password";
+};
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/javax/security/auth/login/LoginContext/shared.config	Thu Apr 23 16:10:19 2015 -0700
@@ -0,0 +1,4 @@
+SharedState {
+    SharedState$FirstModule required;
+    SharedState$SecondModule required;
+};
\ No newline at end of file
--- a/test/javax/xml/ws/8046817/GenerateEnumSchema.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/test/javax/xml/ws/8046817/GenerateEnumSchema.java	Thu Apr 23 16:10:19 2015 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2014, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,57 +23,83 @@
 
 /*
  * @test
- * @bug 8046817
- * @summary schemagen fails to generate xsd for enum types
+ * @bug 8046817 8073357
+ * @summary schemagen fails to generate xsd for enum types.
+ * Check that order of Enum values is preserved.
  * @run main/othervm GenerateEnumSchema
  */
 import java.io.BufferedReader;
 import java.io.File;
-import java.io.FileNotFoundException;
 import java.io.IOException;
 import java.io.InputStreamReader;
+import java.nio.file.Files;
 import java.nio.file.Paths;
-import java.util.Scanner;
+import java.util.stream.Collectors;
 
 public class GenerateEnumSchema {
 
     private static final String SCHEMA_OUTPUT_FILENAME = "schema1.xsd";
     private static final File schemaOutputFile = new File(SCHEMA_OUTPUT_FILENAME);
+    private static final String[] expectedEnums = {
+        "\"FIRST\"", "\"ONE\"", "\"TWO\"", "\"THREE\"",
+        "\"FOUR\"", "\"FIVE\"", "\"SIX\"", "\"LAST\""};
+    private static String schemaContent = "";
 
-    public static void main(String[] args) throws Exception, IOException {
+    public static void main(String[] args) throws Exception {
+
         //Check schema generation for class type
         runSchemaGen("TestClassType.java");
         checkIfSchemaGenerated();
+        readSchemaContent();
         checkSchemaContent("<xs:complexType name=\"testClassType\">");
         checkSchemaContent("<xs:element name=\"a\" type=\"xs:int\"/>");
-        schemaOutputFile.delete();
+
         //Check schema generation for enum type
         runSchemaGen("TestEnumType.java");
         checkIfSchemaGenerated();
+        readSchemaContent();
+        //Check if Enum type schema is generated
         checkSchemaContent("<xs:simpleType name=\"testEnumType\">");
-        checkSchemaContent("<xs:enumeration value=\"ONE\"/>");
-        checkSchemaContent("<xs:enumeration value=\"TWO\"/>");
-        checkSchemaContent("<xs:enumeration value=\"THREE\"/>");
+        //Check the sequence of enum values order
+        checkEnumOrder();
         schemaOutputFile.delete();
     }
 
+    // Check if schema file successfully generated by schemagen
     private static void checkIfSchemaGenerated() {
         if (!schemaOutputFile.exists()) {
             throw new RuntimeException("FAIL:" + SCHEMA_OUTPUT_FILENAME + " was not generated by schemagen tool");
         }
     }
 
-    private static void checkSchemaContent(String exp_token) throws FileNotFoundException {
-        System.out.print("Check if generated schema contains '" + exp_token + "' string: ");
-        try (Scanner scanner = new Scanner(schemaOutputFile)) {
-            if (scanner.findWithinHorizon(exp_token, 0) != null) {
-                System.out.println("OK");
-                return;
-            }
+    //Read schema content from file
+    private static void readSchemaContent() throws Exception {
+        schemaContent = Files.lines(schemaOutputFile.toPath()).collect(Collectors.joining(""));
+    }
+
+    // Check if schema file contains specific string
+    private static void checkSchemaContent(String expContent) {
+        System.out.print("Check if generated schema contains '" + expContent + "' string: ");
+        if (schemaContent.contains(expContent)) {
+            System.out.println("OK");
+            return;
         }
         System.out.println("FAIL");
-        throw new RuntimeException("The '" + exp_token + "' is not found in generated schema");
+        throw new RuntimeException("The '" + expContent + "' is not found in generated schema");
+    }
 
+    // Check if the generated schema contains all enum constants
+    // and their order is preserved
+    private static void checkEnumOrder() throws Exception {
+        int prevElem = -1;
+        for (String elem : expectedEnums) {
+            int curElem = schemaContent.indexOf(elem);
+            System.out.println(elem + " position = " + curElem);
+            if (curElem < prevElem) {
+                throw new RuntimeException("FAIL: Enum values order is incorrect or " + elem + " element is not found");
+            }
+            prevElem = curElem;
+        }
     }
 
     private static String getClassFilePath(String filename) {
--- a/test/javax/xml/ws/8046817/TestEnumType.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/test/javax/xml/ws/8046817/TestEnumType.java	Thu Apr 23 16:10:19 2015 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2014, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -25,5 +25,5 @@
 
 @XmlEnum(String.class)
 public enum TestEnumType {
-    ONE, TWO, THREE
+    FIRST, ONE, TWO, THREE, FOUR, FIVE, SIX, LAST
 }
--- a/test/sun/management/jmxremote/bootstrap/RmiSslBootstrapTest.sh	Thu Apr 23 10:43:35 2015 -0700
+++ b/test/sun/management/jmxremote/bootstrap/RmiSslBootstrapTest.sh	Thu Apr 23 16:10:19 2015 -0700
@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2003, 2004, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2003, 2015, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
@@ -29,6 +29,7 @@
 # @library /lib/testlibrary
 # @build jdk.testlibrary.* TestLogger Utils RmiBootstrapTest
 # @run shell/timeout=300  RmiSslBootstrapTest.sh
+# @ignore 8077924
 
 # Define the Java class test name
 TESTCLASS="RmiBootstrapTest"
--- a/test/sun/security/pkcs11/sslecc/CipherTest.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/test/sun/security/pkcs11/sslecc/CipherTest.java	Thu Apr 23 16:10:19 2015 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2002, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2002, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -45,7 +45,7 @@
 public class CipherTest {
 
     // use any available port for the server socket
-    static int serverPort = 0;
+    static volatile int serverPort = 0;
 
     final int THREADS;
 
--- a/test/sun/security/pkcs11/sslecc/JSSEServer.java	Thu Apr 23 10:43:35 2015 -0700
+++ b/test/sun/security/pkcs11/sslecc/JSSEServer.java	Thu Apr 23 16:10:19 2015 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2002, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2002, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -42,7 +42,7 @@
         serverContext.init(new KeyManager[] {cipherTest.keyManager}, new TrustManager[] {cipherTest.trustManager}, cipherTest.secureRandom);
 
         SSLServerSocketFactory factory = (SSLServerSocketFactory)serverContext.getServerSocketFactory();
-        serverSocket = (SSLServerSocket)factory.createServerSocket(cipherTest.serverPort);
+        serverSocket = (SSLServerSocket)factory.createServerSocket(0);
         cipherTest.serverPort = serverSocket.getLocalPort();
         serverSocket.setEnabledCipherSuites(factory.getSupportedCipherSuites());
         serverSocket.setWantClientAuth(true);
--- a/test/sun/security/provider/certpath/ReverseBuilder/BuildPath.java	Thu Apr 23 10:43:35 2015 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,58 +0,0 @@
-/*
- * Copyright (c) 2007, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/**
- * @test
- * @bug 6511784
- * @summary Make sure that building a path to a CRL issuer works in the
- *          reverse direction
- * @library ../../../../../java/security/testlibrary
- * @build CertUtils
- * @run main BuildPath
- */
-import java.security.cert.*;
-import java.util.Collections;
-import sun.security.provider.certpath.SunCertPathBuilderParameters;
-
-public class BuildPath {
-
-    public static void main(String[] args) throws Exception {
-
-        TrustAnchor anchor =
-            new TrustAnchor(CertUtils.getCertFromFile("mgrM2mgrM"), null);
-        X509Certificate target = CertUtils.getCertFromFile("mgrM2leadMA");
-        X509CertSelector xcs = new X509CertSelector();
-        xcs.setSubject("CN=leadMA,CN=mgrM,OU=prjM,OU=divE,OU=Comp,O=sun,C=us");
-        xcs.setCertificate(target);
-        SunCertPathBuilderParameters params =
-            new SunCertPathBuilderParameters(Collections.singleton(anchor),xcs);
-        params.setBuildForward(false);
-        CertStore cs = CertUtils.createStore(new String[]
-            {"mgrM2prjM", "prjM2mgrM", "prjM2divE", "mgrM2leadMA" });
-        params.addCertStore(cs);
-        CertStore cs2 = CertUtils.createCRLStore
-            (new String[] {"mgrMcrl", "prjMcrl"});
-        params.addCertStore(cs2);
-        PKIXCertPathBuilderResult res = CertUtils.build(params);
-    }
-}
--- a/test/sun/security/provider/certpath/ReverseBuilder/ReverseBuild.java	Thu Apr 23 10:43:35 2015 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,356 +0,0 @@
-/*
- * Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-//
-// Security properties, once set, cannot revert to unset.  To avoid
-// conflicts with tests running in the same VM isolate this test by
-// running it in otherVM mode.
-//
-
-/*
- * @test
- * @bug 7167988
- * @summary PKIX CertPathBuilder in reverse mode doesn't work if more than
- *          one trust anchor is specified
- * @run main/othervm ReverseBuild
- */
-import java.io.*;
-import java.util.*;
-import java.security.cert.*;
-import java.security.Security;
-
-import sun.security.provider.certpath.SunCertPathBuilderParameters;
-
-public class ReverseBuild {
-    // Certificate information:
-    // Issuer: C=US, ST=Some-State, L=Some-City, O=Some-Org
-    // Validity
-    //     Not Before: Dec  8 02:43:36 2008 GMT
-    //     Not After : Aug 25 02:43:36 2028 GMT
-    // Subject: C=US, ST=Some-State, L=Some-City, O=Some-Org
-    // X509v3 Subject Key Identifier:
-    //     FA:B9:51:BF:4C:E7:D9:86:98:33:F9:E7:CB:1E:F1:33:49:F7:A8:14
-    // X509v3 Authority Key Identifier:
-    //     keyid:FA:B9:51:BF:4C:E7:D9:86:98:33:F9:E7:CB:1E:F1:33:49:F7:A8:14
-    //     DirName:/C=US/ST=Some-State/L=Some-City/O=Some-Org
-    //     serial:00
-    static String NoiceTrusedCertStr =
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIICrDCCAhWgAwIBAgIBADANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET\n" +
-        "MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK\n" +
-        "EwhTb21lLU9yZzAeFw0wODEyMDgwMjQzMzZaFw0yODA4MjUwMjQzMzZaMEkxCzAJ\n" +
-        "BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp\n" +
-        "dHkxETAPBgNVBAoTCFNvbWUtT3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB\n" +
-        "gQDLxDggB76Ip5OwoUNRLdeOha9U3a2ieyNbz5kTU5lFfe5tui2/461uPZ8a+QOX\n" +
-        "4BdVrhEmV94BKY4FPyH35zboLjfXSKxT1mAOx1Bt9sWF94umxZE1cjyU7vEX8HHj\n" +
-        "7BvOyk5AQrBt7moO1uWtPA/JuoJPePiJl4kqlRJM2Akq6QIDAQABo4GjMIGgMB0G\n" +
-        "A1UdDgQWBBT6uVG/TOfZhpgz+efLHvEzSfeoFDBxBgNVHSMEajBogBT6uVG/TOfZ\n" +
-        "hpgz+efLHvEzSfeoFKFNpEswSTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUt\n" +
-        "U3RhdGUxEjAQBgNVBAcTCVNvbWUtQ2l0eTERMA8GA1UEChMIU29tZS1PcmeCAQAw\n" +
-        "DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQBcIm534U123Hz+rtyYO5uA\n" +
-        "ofd81G6FnTfEAV8Kw9fGyyEbQZclBv34A9JsFKeMvU4OFIaixD7nLZ/NZ+IWbhmZ\n" +
-        "LovmJXyCkOufea73pNiZ+f/4/ScZaIlM/PRycQSqbFNd4j9Wott+08qxHPLpsf3P\n" +
-        "6Mvf0r1PNTY2hwTJLJmKtg==\n" +
-        "-----END CERTIFICATE-----";
-
-    // Certificate information:
-    // Issuer: C=US, O=Java, OU=SunJSSE Test Serivce
-    // Validity
-    //     Not Before: Aug 19 01:52:19 2011 GMT
-    //     Not After : Jul 29 01:52:19 2032 GMT
-    // Subject: C=US, O=Java, OU=SunJSSE Test Serivce
-
-    // X509v3 Subject Key Identifier:
-    //     B9:7C:D5:D9:DF:A7:4C:03:AE:FD:0E:27:5B:31:95:6C:C7:F3:75:E1
-    // X509v3 Authority Key Identifier:
-    //     keyid:B9:7C:D5:D9:DF:A7:4C:03:AE:FD:0E:27:5B:31:95:6C:C7:F3:75:E1
-    //     DirName:/C=US/O=Java/OU=SunJSSE Test Serivce
-    //     serial:00
-    static String NoiceTrusedCertStr_2nd =
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIICkjCCAfugAwIBAgIBADANBgkqhkiG9w0BAQQFADA7MQswCQYDVQQGEwJVUzEN\n" +
-        "MAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UwHhcN\n" +
-        "MTEwODE5MDE1MjE5WhcNMzIwNzI5MDE1MjE5WjA7MQswCQYDVQQGEwJVUzENMAsG\n" +
-        "A1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UwgZ8wDQYJ\n" +
-        "KoZIhvcNAQEBBQADgY0AMIGJAoGBAM8orG08DtF98TMSscjGsidd1ZoN4jiDpi8U\n" +
-        "ICz+9dMm1qM1d7O2T+KH3/mxyox7Rc2ZVSCaUD0a3CkhPMnlAx8V4u0H+E9sqso6\n" +
-        "iDW3JpOyzMExvZiRgRG/3nvp55RMIUV4vEHOZ1QbhuqG4ebN0Vz2DkRft7+flthf\n" +
-        "vDld6f5JAgMBAAGjgaUwgaIwHQYDVR0OBBYEFLl81dnfp0wDrv0OJ1sxlWzH83Xh\n" +
-        "MGMGA1UdIwRcMFqAFLl81dnfp0wDrv0OJ1sxlWzH83XhoT+kPTA7MQswCQYDVQQG\n" +
-        "EwJVUzENMAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2\n" +
-        "Y2WCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEE\n" +
-        "BQADgYEALlgaH1gWtoBZ84EW8Hu6YtGLQ/L9zIFmHonUPZwn3Pr//icR9Sqhc3/l\n" +
-        "pVTxOINuFHLRz4BBtEylzRIOPzK3tg8XwuLb1zd0db90x3KBCiAL6E6cklGEPwLe\n" +
-        "XYMHDn9eDsaq861Tzn6ZwzMgw04zotPMoZN0mVd/3Qca8UJFucE=\n" +
-        "-----END CERTIFICATE-----";
-
-
-    // Certificate information:
-    // Issuer: C=US, O=Java, OU=SunJSSE Test Serivce
-    // Validity
-    //     Not Before: May  5 02:40:50 2012 GMT
-    //     Not After : Apr 15 02:40:50 2033 GMT
-    // Subject: C=US, O=Java, OU=SunJSSE Test Serivce
-    // X509v3 Subject Key Identifier:
-    //     DD:4E:8D:2A:11:C0:83:03:F0:AC:EB:A2:BF:F9:F2:7D:C8:69:1F:9B
-    // X509v3 Authority Key Identifier:
-    //     keyid:DD:4E:8D:2A:11:C0:83:03:F0:AC:EB:A2:BF:F9:F2:7D:C8:69:1F:9B
-    //     DirName:/C=US/O=Java/OU=SunJSSE Test Serivce
-    //     serial:00
-    static String trustedCertStr =
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIICkjCCAfugAwIBAgIBADANBgkqhkiG9w0BAQIFADA7MQswCQYDVQQGEwJVUzEN\n" +
-        "MAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UwHhcN\n" +
-        "MTIwNTA1MDI0MDUwWhcNMzMwNDE1MDI0MDUwWjA7MQswCQYDVQQGEwJVUzENMAsG\n" +
-        "A1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UwgZ8wDQYJ\n" +
-        "KoZIhvcNAQEBBQADgY0AMIGJAoGBANtiq0AIJK+iVRwFrqcD7fYXTCbMYC5Qz/k6\n" +
-        "AXBy7/1rI8wDhEJLE3m/+NSqiJwZcmdq2dNh/1fJFrwvzuURbc9+paOBWeHbN+Sc\n" +
-        "x3huw91oPZme385VpoK3G13rSE114S/rF4DM9mz4EStFhSHXATjtdbskNOAYGLTV\n" +
-        "x8uEy9GbAgMBAAGjgaUwgaIwHQYDVR0OBBYEFN1OjSoRwIMD8Kzror/58n3IaR+b\n" +
-        "MGMGA1UdIwRcMFqAFN1OjSoRwIMD8Kzror/58n3IaR+boT+kPTA7MQswCQYDVQQG\n" +
-        "EwJVUzENMAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2\n" +
-        "Y2WCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEC\n" +
-        "BQADgYEAjjkJesQrkbr36N40egybaIxw7RcqT6iy5fkAGS1JYlBDk8uSCK1o6bCH\n" +
-        "ls5EpYcGeEoabSS73WRdkO1lgeyWDduO4ef8cCCSpmpT6/YdZG0QS1PtcREeVig+\n" +
-        "Zr25jNemS4ADHX0aaXP4kiV/G80cR7nX5t5XCUm4bYdbwM07NgI=\n" +
-        "-----END CERTIFICATE-----";
-    static String trustedPrivateKey = // Private key in the format of PKCS#8
-        "MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBANtiq0AIJK+iVRwF\n" +
-        "rqcD7fYXTCbMYC5Qz/k6AXBy7/1rI8wDhEJLE3m/+NSqiJwZcmdq2dNh/1fJFrwv\n" +
-        "zuURbc9+paOBWeHbN+Scx3huw91oPZme385VpoK3G13rSE114S/rF4DM9mz4EStF\n" +
-        "hSHXATjtdbskNOAYGLTVx8uEy9GbAgMBAAECgYEA2VjHkIiA0ABjkX+PqKeb+VLb\n" +
-        "fxS7tSca5C8zfdRhLxAWRui0/3ihst0eCJNrBDuxvAOACovsDWyLuaUjtI2v2ysz\n" +
-        "vz6SPyGy82PhQOFzyKQuQ814N6EpothpiZzF0yFchfKIGhUsdY89UrGs9nM7m6NT\n" +
-        "rztYvgIu4avg2VPR2AECQQD+pFAqipR2BplQRIuuRSZfHRxvoEyDjT1xnHJsC6WP\n" +
-        "I5hCLghL91MhQGWbP4EJMKYQOTRVukWlcp2Kycpf+P5hAkEA3I43gmVUAPEdyZdY\n" +
-        "fatW7OaLlbbYJb6qEtpCZ1Rwe/BIvm6H6E3qSi/lpz7Ia7WDulpbF6BawHH3pRFq\n" +
-        "CUY5ewJBAP3pUDqrRpBN0jB0uSeDslhjSciQ+dqvSpZv3rSYBHUvlBJhnkpJiy37\n" +
-        "7ZUZhIxqYxyIPgRBolLwb+FFh7OdL+ECQCtldDic9WVmC+VheRDpCKZ+SlK/8lGi\n" +
-        "7VXeShiIvcU1JysJFoa35fSI7hf1O3wt7+hX5PqGG7Un94EsJwACKEcCQQC1TWt6\n" +
-        "ArKH6tRxKjOxFtqfs8fgEVYUaOr3j1jF4KBUuX2mtQtddZe3VfJ2wPsuKMMxmhkB\n" +
-        "e7xWWZnJsErt2e+E";
-
-    // Certificate information:
-    // Issuer: C=US, O=Java, OU=SunJSSE Test Serivce
-    // Validity
-    //     Not Before: May  5 02:40:53 2012 GMT
-    //     Not After : Jan 21 02:40:53 2032 GMT
-    // Subject: C=US, O=Java, OU=SunJSSE Test Serivce, CN=casigner
-    // X509v3 Subject Key Identifier:
-    //     13:07:E0:11:07:DB:EB:33:23:87:31:D0:DB:7E:16:56:BE:11:90:0A
-    // X509v3 Authority Key Identifier:
-    //     keyid:DD:4E:8D:2A:11:C0:83:03:F0:AC:EB:A2:BF:F9:F2:7D:C8:69:1F:9B
-    //     DirName:/C=US/O=Java/OU=SunJSSE Test Serivce
-    //     serial:00
-    static String caSignerStr =
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIICqDCCAhGgAwIBAgIBAjANBgkqhkiG9w0BAQQFADA7MQswCQYDVQQGEwJVUzEN\n" +
-        "MAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UwHhcN\n" +
-        "MTIwNTA1MDI0MDUzWhcNMzIwMTIxMDI0MDUzWjBOMQswCQYDVQQGEwJVUzENMAsG\n" +
-        "A1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UxETAPBgNV\n" +
-        "BAMTCGNhc2lnbmVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+x8+o7oM0\n" +
-        "ct/LZmZLXBL4CQ8jrULD5P7NtEW0hg/zxBFZfBHf+44Oo2eMPYZj+7xaREOH5BmV\n" +
-        "KRYlzRtONAaC5Ng4Mrm5UKNPcMIIUjUOvm7vWM4oSTMSfoEcSX+vp99uUAkw3w7Z\n" +
-        "+frYDm1M4At/j0b+lLij71GFN2L8drpgPQIDAQABo4GoMIGlMB0GA1UdDgQWBBQT\n" +
-        "B+ARB9vrMyOHMdDbfhZWvhGQCjBjBgNVHSMEXDBagBTdTo0qEcCDA/Cs66K/+fJ9\n" +
-        "yGkfm6E/pD0wOzELMAkGA1UEBhMCVVMxDTALBgNVBAoTBEphdmExHTAbBgNVBAsT\n" +
-        "FFN1bkpTU0UgVGVzdCBTZXJpdmNlggEAMBIGA1UdEwEB/wQIMAYBAf8CAQEwCwYD\n" +
-        "VR0PBAQDAgEGMA0GCSqGSIb3DQEBBAUAA4GBAI+LXA/UCPkTANablUkt80JNPWsl\n" +
-        "pS4XLNgPxWaN0bkRDs5oI4ooWAz1rwpeJ/nfetOvWlpmrVjSeovBFja5Hl+dUHTf\n" +
-        "VfuyzkxXbhuNiJIpo1mVBpNsjwu9YRxuwX6UA2LTUQpgvtVJEE012x3zRvxBCbu2\n" +
-        "Y/v1R5fZ4c+hXDfC\n" +
-        "-----END CERTIFICATE-----";
-    static String caSignerPrivateKey = // Private key in the format of PKCS#8
-        "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAL7Hz6jugzRy38tm\n" +
-        "ZktcEvgJDyOtQsPk/s20RbSGD/PEEVl8Ed/7jg6jZ4w9hmP7vFpEQ4fkGZUpFiXN\n" +
-        "G040BoLk2DgyublQo09wwghSNQ6+bu9YzihJMxJ+gRxJf6+n325QCTDfDtn5+tgO\n" +
-        "bUzgC3+PRv6UuKPvUYU3Yvx2umA9AgMBAAECgYBYvu30cW8LONyt62Zua9hPFTe7\n" +
-        "qt9B7QYyfkdmoG5PQMepTrOp84SzfoOukvgvDm0huFuJnSvhXQl2cCDhkgXskvFj\n" +
-        "Hh7KBCFViVXokGdq5YoS0/KYMyQV0TZfJUvILBl51uc4/siQ2tClC/N4sa+1JhgW\n" +
-        "a6dFGfRjiUKSSlmMwQJBAPWpIz3Q/c+DYMvoQr5OD8EaYwYIevlTdXb97RnJJh2b\n" +
-        "UnhB9jrqesJiHYVzPmP0ukyPOXOwlp2T5Am4Kw0LFOkCQQDGz150NoHOp28Mvyc4\n" +
-        "CTqz/zYzUhy2eCJESl196uyP4N65Y01VYQ3JDww4DlsXiU17tVSbgA9TCcfTYOzy\n" +
-        "vyw1AkARUky+1hafZCcWGZljK8PmnMKwsTZikCTvL/Zg5BMA8Wu+OQBwpQnk3OAy\n" +
-        "Aa87gw0DyvGFG8Vy9POWT9sRP1/JAkBqP0hrMvYMSs6+MSn0eHo2151PsAJIQcuO\n" +
-        "U2/Da1khSzu8N6WMi2GiobgV/RYRbf9KrY2ZzMZjykZQYOxAjopBAkEAghCu38cN\n" +
-        "aOsW6ueo24uzsWI1FTdE+qWNVEi3RSP120xXBCyhaBjIq4WVSlJK9K2aBaJpit3j\n" +
-        "iQ5tl6zrLlxQhg==";
-
-    // Certificate information:
-    // Issuer: C=US, O=Java, OU=SunJSSE Test Serivce, CN=casigner
-    // Validity
-    //     Not Before: May  5 02:40:57 2012 GMT
-    //     Not After : Jan 21 02:40:57 2032 GMT
-    // Subject: C=US, O=Java, OU=SunJSSE Test Serivce, CN=certissuer
-    // X509v3 Subject Key Identifier:
-    //     39:0E:C6:33:B1:50:BC:73:07:31:E5:D8:04:F7:BB:97:55:CF:9B:C8
-    // X509v3 Authority Key Identifier:
-    //     keyid:13:07:E0:11:07:DB:EB:33:23:87:31:D0:DB:7E:16:56:BE:11:90:0A
-    //     DirName:/C=US/O=Java/OU=SunJSSE Test Serivce
-    //     serial:02
-    static String certIssuerStr =
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIICvjCCAiegAwIBAgIBAzANBgkqhkiG9w0BAQQFADBOMQswCQYDVQQGEwJVUzEN\n" +
-        "MAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UxETAP\n" +
-        "BgNVBAMTCGNhc2lnbmVyMB4XDTEyMDUwNTAyNDA1N1oXDTMyMDEyMTAyNDA1N1ow\n" +
-        "UDELMAkGA1UEBhMCVVMxDTALBgNVBAoTBEphdmExHTAbBgNVBAsTFFN1bkpTU0Ug\n" +
-        "VGVzdCBTZXJpdmNlMRMwEQYDVQQDEwpjZXJ0aXNzdWVyMIGfMA0GCSqGSIb3DQEB\n" +
-        "AQUAA4GNADCBiQKBgQCyz55zinU6kNL/LeiTNiBI0QWYmDG0YTotuC4D75liBNqs\n" +
-        "7Mmladsh2mTtQUAwmuGaGzaZV25a+cUax0DXZoyBwdbTI09u1bUYsZcaUUKbPoCC\n" +
-        "HH26e4jLFL4olW13Sv4ZAd57tIYevMw+Fp5f4fLPFGegCJTFlv2Qjpmic/cuvQID\n" +
-        "AQABo4GpMIGmMB0GA1UdDgQWBBQ5DsYzsVC8cwcx5dgE97uXVc+byDBjBgNVHSME\n" +
-        "XDBagBQTB+ARB9vrMyOHMdDbfhZWvhGQCqE/pD0wOzELMAkGA1UEBhMCVVMxDTAL\n" +
-        "BgNVBAoTBEphdmExHTAbBgNVBAsTFFN1bkpTU0UgVGVzdCBTZXJpdmNlggECMBMG\n" +
-        "A1UdEwEB/wQJMAcBAf8CAgQAMAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQQFAAOB\n" +
-        "gQCQTagenCdClT98C+oTJGJrw/dUBD9K3tE6ZJKPMc/2bUia8G5ei1C0eXj4mWG2\n" +
-        "lu9umR6C90/A6qB050QB2h50qtqxSrkpu+ym1yypauZpg7U3nUY9wZWJNI1vqrQZ\n" +
-        "pqUMRcXY3iQIVKx+Qj+4/Za1wwFQzpEoGmqRW31V1SdMEw==\n" +
-        "-----END CERTIFICATE-----";
-    static String certIssuerPrivateKey = // Private key in the format of PKCS#8
-        "MIICeQIBADANBgkqhkiG9w0BAQEFAASCAmMwggJfAgEAAoGBALLPnnOKdTqQ0v8t\n" +
-        "6JM2IEjRBZiYMbRhOi24LgPvmWIE2qzsyaVp2yHaZO1BQDCa4ZobNplXblr5xRrH\n" +
-        "QNdmjIHB1tMjT27VtRixlxpRQps+gIIcfbp7iMsUviiVbXdK/hkB3nu0hh68zD4W\n" +
-        "nl/h8s8UZ6AIlMWW/ZCOmaJz9y69AgMBAAECgYEAjtew2tgm4gxDojqIauF4VPM1\n" +
-        "pzsdqd1p3pAdomNLgrQiBLZ8N7oiph6TNb1EjA+OXc+ThFgF/oM9ZDD8qZZwcvjN\n" +
-        "qDZlpTkFs2TaGcyEZfUaMB45NHVs6Nn+pSkagSNwwy3xeyAct7sQEzGNTDlEwVv5\n" +
-        "7V9LQutQtBd6xT48KzkCQQDpNRfv2OFNG/6GtzJoO68oJhpnpl2MsYNi4ntRkre/\n" +
-        "6uXpiCYaDskcrPMRwOOs0m7mxG+Ev+uKnLnSoEMm1GCbAkEAxEmDtiD0Psb8Z9BL\n" +
-        "ZRb83Jqho3xe2MCAh3xUfz9b/Mhae9dZ44o4OCgQZuwvW1mczF0NtpgZl93BmYa2\n" +
-        "hTwHhwJBAKHrEj6ep/fA6x0gD2idoATRR94VfbiU+7NpqtO9ecVP0+gsdr/66hn1\n" +
-        "3yLBeZLh3MxvMTrLgkAQh1i9m0JXjOcCQQClLXAHHegrw+u3uNMZeKTFR+Lp3sk6\n" +
-        "AZSnbvr0Me9I45kxSeG81x3ENALJecvIRbrrRws5MvmmkNhQR8rkh8WVAkEAk6b+\n" +
-        "aVtmBgUaTS5+FFlHGHJY9HFrfT1a1C/dwyMuqlmbC3YsBmZaMOlKli5TXNybLff8\n" +
-        "5KMeGEpXMzgC7AscGA==";
-
-    // Certificate information:
-    // Issuer: C=US, O=Java, OU=SunJSSE Test Serivce, CN=certissuer
-    // Validity
-    //     Not Before: May  5 02:41:01 2012 GMT
-    //     Not After : Jan 21 02:41:01 2032 GMT
-    // Subject: C=US, O=Java, OU=SunJSSE Test Serivce, CN=localhost
-    // X509v3 Subject Key Identifier:
-    //     AD:C0:2C:4C:E4:C2:2E:A1:BB:5D:92:BE:66:E0:4E:E0:0D:2F:11:EF
-    // X509v3 Authority Key Identifier:
-    //     keyid:39:0E:C6:33:B1:50:BC:73:07:31:E5:D8:04:F7:BB:97:55:CF:9B:C8
-    static String targetCertStr =
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIICjTCCAfagAwIBAgIBBDANBgkqhkiG9w0BAQQFADBQMQswCQYDVQQGEwJVUzEN\n" +
-        "MAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UxEzAR\n" +
-        "BgNVBAMTCmNlcnRpc3N1ZXIwHhcNMTIwNTA1MDI0MTAxWhcNMzIwMTIxMDI0MTAx\n" +
-        "WjBPMQswCQYDVQQGEwJVUzENMAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNT\n" +
-        "RSBUZXN0IFNlcml2Y2UxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0B\n" +
-        "AQEFAAOBjQAwgYkCgYEAvwaUd7wmBSKqycEstYLWD26vkU08DM39EtaT8wL9HnQ0\n" +
-        "fgPblwBFI4zdLa2cuYXRZcFUb04N8nrkcpR0D6kkE+AlFAoRWrrZF80B7JTbtEK4\n" +
-        "1PIeurihXvUT+4MpzGLOojIihMfvM4ufelblD56SInso4WFHm7t4qCln88J1gjkC\n" +
-        "AwEAAaN4MHYwCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBStwCxM5MIuobtdkr5m4E7g\n" +
-        "DS8R7zAfBgNVHSMEGDAWgBQ5DsYzsVC8cwcx5dgE97uXVc+byDAnBgNVHSUEIDAe\n" +
-        "BggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMDMA0GCSqGSIb3DQEBBAUAA4GB\n" +
-        "AGfwcfdvEG/nSCiAn2MGbYHp34mgF3OA1SJLWUW0LvWJhwm2cn4AXlSoyvbwrkaB\n" +
-        "IDDCwhJvvc0vUyL2kTx7sqVaFTq3mDs+ktlB/FfH0Pb+i8FE+g+7T42Iw/j0qxHL\n" +
-        "YmgbrjBQf5WYN1AvBE/rrPt9aOtS3UsqtVGW574b0shW\n" +
-        "-----END CERTIFICATE-----";
-    static String targetPrivateKey = // Private key in the format of PKCS#8
-        "MIICdAIBADANBgkqhkiG9w0BAQEFAASCAl4wggJaAgEAAoGBAL8GlHe8JgUiqsnB\n" +
-        "LLWC1g9ur5FNPAzN/RLWk/MC/R50NH4D25cARSOM3S2tnLmF0WXBVG9ODfJ65HKU\n" +
-        "dA+pJBPgJRQKEVq62RfNAeyU27RCuNTyHrq4oV71E/uDKcxizqIyIoTH7zOLn3pW\n" +
-        "5Q+ekiJ7KOFhR5u7eKgpZ/PCdYI5AgMBAAECf3CscOYvFD3zNMnMJ5LomVqA7w3F\n" +
-        "gKYM2jlCWAH+wU41PMEXhW6Lujw92jgXL1o+lERwxFzirVdZJWZwKgUSvzP1G0h3\n" +
-        "fkucq1/UWnToK+8NSXNM/yS8hXbBgSEoJo5f7LKcIi1Ev6doBVofMxs+njzyWKbM\n" +
-        "Nb7rOLHadghoon0CQQDgQzbzzSN8Dc1YmmylhI5v+0sQRHH0DL7D24k4Weh4vInG\n" +
-        "EAbt4x8M7ZKEo8/dv0s4hbmNmAnJl93/RRxIyEqLAkEA2g87DiswSQam2pZ8GlrO\n" +
-        "+w4Qg9mH8uxx8ou2rl0XlHzH1XiTNbkjfY0EZoL7L31BHFk9n11Fb2P85g6ws+Hy\n" +
-        "ywJAM/xgyLNM/nzUlS128geAXUULaYH0SHaL4isJ7B4rXZGW/mrIsGxtzjlkNYsj\n" +
-        "rGujrD6TfNc5rZmexIXowJZtcQJBAIww+pCzZ4mrgx5JXWQ8OZHiiu+ZrPOa2+9J\n" +
-        "r5sOMpi+WGN/73S8oHqZbNjTINZ5OqEVJq8MchWZPQBTNXuQql0CQHEjUzzkCQa3\n" +
-        "j6JTa2KAdqyvLOx0XF9zcc1gA069uNQI2gPUHS8V215z57f/gMGnDNhVfLs/vMKz\n" +
-        "sFkVZ3zg7As=";
-
-
-    public static void main(String args[]) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
-        // generate certificate from cert string
-        CertificateFactory cf = CertificateFactory.getInstance("X.509");
-
-        // create a set of trust anchors
-        LinkedHashSet<TrustAnchor> trustAnchors = new LinkedHashSet<>();
-
-        ByteArrayInputStream is =
-            new ByteArrayInputStream(NoiceTrusedCertStr.getBytes());
-        Certificate trustedCert = cf.generateCertificate(is);
-        is.close();
-        TrustAnchor anchor =
-            new TrustAnchor((X509Certificate)trustedCert, null);
-        trustAnchors.add(anchor);
-
-        is = new ByteArrayInputStream(trustedCertStr.getBytes());
-        trustedCert = cf.generateCertificate(is);
-        is.close();
-        anchor = new TrustAnchor((X509Certificate)trustedCert, null);
-        trustAnchors.add(anchor);
-
-        is = new ByteArrayInputStream(NoiceTrusedCertStr_2nd.getBytes());
-        trustedCert = cf.generateCertificate(is);
-        is.close();
-        anchor = new TrustAnchor((X509Certificate)trustedCert, null);
-        trustAnchors.add(anchor);
-
-        // create a list of certificates
-        List<Certificate> chainList = new ArrayList<>();
-
-        is = new ByteArrayInputStream(targetCertStr.getBytes());
-        Certificate cert = cf.generateCertificate(is);
-        is.close();
-        chainList.add(cert);
-
-        is = new ByteArrayInputStream(certIssuerStr.getBytes());
-        cert = cf.generateCertificate(is);
-        is.close();
-        chainList.add(cert);
-
-        is = new ByteArrayInputStream(caSignerStr.getBytes());
-        cert = cf.generateCertificate(is);
-        is.close();
-        chainList.add(cert);
-
-        // create a certificate selector
-        X509CertSelector xcs = new X509CertSelector();
-        X509Certificate eeCert = (X509Certificate)chainList.get(0);
-        xcs.setSubject(eeCert.getSubjectX500Principal());
-
-        // reverse build
-        SunCertPathBuilderParameters params =
-            new SunCertPathBuilderParameters(trustAnchors, xcs);
-        params.setBuildForward(false);
-        params.setRevocationEnabled(false);
-
-        CollectionCertStoreParameters ccsp =
-            new CollectionCertStoreParameters(chainList);
-        params.addCertStore(CertStore.getInstance("Collection", ccsp));
-
-        CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX");
-        CertPathBuilderResult res = cpb.build(params);
-    }
-}
Binary file test/sun/security/provider/certpath/ReverseBuilder/mgrM2leadMA has changed
Binary file test/sun/security/provider/certpath/ReverseBuilder/mgrM2mgrM has changed
Binary file test/sun/security/provider/certpath/ReverseBuilder/mgrM2prjM has changed
Binary file test/sun/security/provider/certpath/ReverseBuilder/mgrMcrl has changed
Binary file test/sun/security/provider/certpath/ReverseBuilder/prjM2divE has changed
Binary file test/sun/security/provider/certpath/ReverseBuilder/prjM2mgrM has changed
Binary file test/sun/security/provider/certpath/ReverseBuilder/prjMcrl has changed