changeset 8183:9765801f209f

Merge
author mfang
date Tue, 24 Sep 2013 14:34:55 -0700
parents 2b928330970a b606775fd1a3
children d16a53d1762f
files test/java/util/regex/PatternTest.java
diffstat 119 files changed, 4425 insertions(+), 2268 deletions(-) [+]
line wrap: on
line diff
--- a/.hgtags	Tue Sep 24 14:17:42 2013 -0700
+++ b/.hgtags	Tue Sep 24 14:34:55 2013 -0700
@@ -228,3 +228,5 @@
 f1d8d15bfcb5ada858a942f8a31f6598f23214d1 jdk8-b104
 1fe211ae3d2b8cc2dfc4f58d9a6eb96418679672 jdk8-b105
 c817276bd870dfe1dcc3a3dbbc092436b6907f75 jdk8-b106
+eea685b9ccaa1980e0a7e07d6a3a84bcc7e9ab82 jdk8-b107
+006aaa5f069e7dd98fccdc696866c9f8582c087c jdk8-b108
--- a/make/Makefile	Tue Sep 24 14:17:42 2013 -0700
+++ b/make/Makefile	Tue Sep 24 14:34:55 2013 -0700
@@ -99,7 +99,6 @@
 CACERTS_FILE.desc          = Location of certificates file
 DEVTOOLS_PATH.desc         = Directory containing zip and unzip
 CUPS_HEADERS_PATH.desc     = Include directory location for CUPS header files
-DXSDK_PATH.desc            = Root directory of DirectX SDK
 
 # Make variables to print out (description and value)
 VARIABLE_PRINTVAL_LIST +=       \
@@ -128,17 +127,6 @@
 VARIABLE_CHECKFIL_LIST +=       \
     CACERTS_FILE
 
-# Some are windows specific
-ifeq ($(PLATFORM), windows)
-
-VARIABLE_PRINTVAL_LIST +=       \
-    DXSDK_PATH
-
-VARIABLE_CHECKDIR_LIST +=       \
-    DXSDK_PATH
-
-endif
-
 # For pattern rules below, so all are treated the same
 DO_PRINTVAL_LIST=$(VARIABLE_PRINTVAL_LIST:%=%.printval)
 DO_CHECKDIR_LIST=$(VARIABLE_CHECKDIR_LIST:%=%.checkdir)
--- a/make/common/Defs-windows.gmk	Tue Sep 24 14:17:42 2013 -0700
+++ b/make/common/Defs-windows.gmk	Tue Sep 24 14:34:55 2013 -0700
@@ -78,8 +78,6 @@
   MS_RUNTIME_LIBRARIES = $(MSVCRNN_DLL)
 endif
 
-EXTRA_LFLAGS += -LIBPATH:$(DXSDK_LIB_PATH)
-
 # Full Debug Symbols has been enabled on Windows since JDK1.4.1.
 # The Full Debug Symbols (FDS) default for VARIANT == OPT builds is
 # enabled with debug info files ZIP'ed to save space. For VARIANT !=
--- a/make/common/Sanity.gmk	Tue Sep 24 14:17:42 2013 -0700
+++ b/make/common/Sanity.gmk	Tue Sep 24 14:34:55 2013 -0700
@@ -65,7 +65,6 @@
     sane-libCrun \
     sane-unixccs_path \
     sane-msdevtools_path \
-    sane-dxsdk \
     sane-compiler \
     sane-cacerts \
     sane-ant_version \
--- a/make/common/shared/Defs-versions.gmk	Tue Sep 24 14:17:42 2013 -0700
+++ b/make/common/shared/Defs-versions.gmk	Tue Sep 24 14:34:55 2013 -0700
@@ -74,9 +74,6 @@
 # REQUIRED_CYGWIN_VER
 #   Windows only: If CYGWIN is used, the minimum CYGWIN version.
 #
-# REQUIRED_DXSDK_VER
-#   Windows only: The version of DirectX SDK expected.
-#
 # REQUIRED_FREETYPE_VERSION
 #   If we are using freetype, the freetype version expected.
 #
@@ -193,7 +190,6 @@
   REQUIRED_OS_VARIANT_VERSION = $(REQUIRED_OS_VERSION)
   REQUIRED_CYGWIN_VER         = 4.0
   REQUIRED_MKS_VER            = 6.1
-  REQUIRED_DXSDK_VER          = 0x0900
   ifeq ($(CC_VERSION),msvc)
     REQUIRED_COMPILER_NAME    = Visual Studio 10
     REQUIRED_COMPILER_VERSION = VS2010
--- a/make/common/shared/Defs-windows.gmk	Tue Sep 24 14:17:42 2013 -0700
+++ b/make/common/shared/Defs-windows.gmk	Tue Sep 24 14:34:55 2013 -0700
@@ -79,7 +79,7 @@
 #   The ALT values should never really have spaces or use \.
 #   Suspect these environment variables to have spaces and/or \ characters:
 #     SYSTEMROOT, SystemRoot, WINDIR, windir, PROGRAMFILES, ProgramFiles,
-#     DXSDK_DIR, MSTOOLS, Mstools, MSSDK, MSSdk, VCnnCOMNTOOLS, 
+#     MSTOOLS, Mstools, MSSDK, MSSdk, VCnnCOMNTOOLS, 
 #     MSVCDIR, MSVCDir.
 #     So use $(subst \,/,) on them first adding quotes and placing them in
 #         their own variable assigned with :=, then use FullPath.
@@ -255,18 +255,6 @@
   _program_files:=
 endif
 
-# DirectX SDK
-ifdef ALT_DXSDK_DRIVE
-  _dx_sdk_dir  =$(ALT_DXSDK_DRIVE):/DXSDK
-else
-  ifdef DXSDK_DIR
-    xDXSDK_DIR  :="$(subst \,/,$(DXSDK_DIR))"
-  else
-    xDXSDK_DIR  :="$(_system_drive)/DXSDK"
-  endif
-  _dx_sdk_dir :=$(call FullPath,$(xDXSDK_DIR))
-endif
-
 # Use of the Visual Studio compilers requires certain env variables be set:
 #   PATH should include the path to cl.exe
 #   INCLUDE should be defined
@@ -489,39 +477,6 @@
   MSVCRNN_DLL_PATH:=$(call AltCheckValue,MSVCRNN_DLL_PATH)
 endif
 
-# DXSDK_PATH: path to Microsoft DirectX SDK Include and Lib
-ifdef ALT_DXSDK_PATH
-  xALT_DXSDK_PATH :="$(subst \,/,$(ALT_DXSDK_PATH))"
-  DXSDK_PATH      :=$(call FullPath,$(xALT_DXSDK_PATH))
-else
-  _DXSDK_PATH1 :=$(_dx_sdk_dir)
-  _DXSDK_PATH2 :=$(JDK_DEVTOOLS_DIR)/windows/dxsdk
-  DXSDK_PATH  :=$(call DirExists,$(_DXSDK_PATH1),$(_DXSDK_PATH2),$(_dx_sdk_dir))
-endif
-DXSDK_PATH :=$(call AltCheckSpaces,DXSDK_PATH)
-DXSDK_PATH:=$(call AltCheckValue,DXSDK_PATH)
-
-# DXSDK_INCLUDE_PATH: path to Microsoft DirectX SDK Include
-ifdef ALT_DXSDK_INCLUDE_PATH
-  xALT_DXSDK_INCLUDE_PATH :="$(subst \,/,$(ALT_DXSDK_INCLUDE_PATH))"
-  DXSDK_INCLUDE_PATH      :=$(call FullPath,$(xALT_DXSDK_INCLUDE_PATH))
-else
-  DXSDK_INCLUDE_PATH =$(subst //,/,$(DXSDK_PATH)/Include)
-endif
-
-# DXSDK_LIB_PATH: path to Microsoft DirectX SDK Lib
-ifdef ALT_DXSDK_LIB_PATH
-  xALT_DXSDK_LIB_PATH :="$(subst \,/,$(ALT_DXSDK_LIB_PATH))"
-  DXSDK_LIB_PATH      :=$(call FullPath,$(xALT_DXSDK_LIB_PATH))
-else
-  ifeq ($(ARCH_DATA_MODEL), 64)
-    # 64bit libs are located in "Lib/x64" subdir
-    DXSDK_LIB_PATH =$(subst //,/,$(DXSDK_PATH)/Lib/x64)
-  else
-    DXSDK_LIB_PATH =$(subst //,/,$(DXSDK_PATH)/Lib)
-  endif
-endif
-
 # DEPLOY_MSSDK: Microsoft SDK for this platform (for deploy)
 ifdef ALT_DEPLOY_MSSDK
   xALT_DEPLOY_MSSDK :="$(subst \,/,$(ALT_DEPLOY_MSSDK))"
--- a/make/common/shared/Sanity-Settings.gmk	Tue Sep 24 14:17:42 2013 -0700
+++ b/make/common/shared/Sanity-Settings.gmk	Tue Sep 24 14:34:55 2013 -0700
@@ -234,10 +234,6 @@
 ALL_SETTINGS+=$(call addAltSetting,HOTSPOT_SERVER_PATH)
 ifeq ($(PLATFORM),windows)
   ALL_SETTINGS+=$(call addAltSetting,HOTSPOT_LIB_PATH)
-  ALL_SETTINGS+=$(call addRequiredSetting,DXSDK_VER)
-  ALL_SETTINGS+=$(call addAltSetting,DXSDK_PATH)
-  ALL_SETTINGS+=$(call addAltSetting,DXSDK_INCLUDE_PATH)
-  ALL_SETTINGS+=$(call addAltSetting,DXSDK_LIB_PATH)
   ALL_SETTINGS+=$(call addAltSetting,WINDOWSSDKDIR)
   ALL_SETTINGS+=$(call addRequiredSetting,RC)
   ALL_SETTINGS+=$(call addRequiredSetting,REBASE)
--- a/make/common/shared/Sanity.gmk	Tue Sep 24 14:17:42 2013 -0700
+++ b/make/common/shared/Sanity.gmk	Tue Sep 24 14:34:55 2013 -0700
@@ -143,8 +143,6 @@
     _CYGWIN_VER := $(SYSTEM_UNAME)
     CYGWIN_VER  :=$(call GetVersion,$(_CYGWIN_VER))
   endif
-  DXSDK_VER := $(shell $(EGREP) DIRECT3D_VERSION $(DXSDK_INCLUDE_PATH)/d3d9.h 2>&1 | \
-    $(EGREP) "\#define" | $(NAWK) '{print $$3}')
 endif
 
 # Get the version numbers of what we are using
@@ -1301,51 +1299,6 @@
 	fi
 
 ######################################################
-# Check for windows DirectX sdk directory
-######################################################
-sane-dxsdk:
-ifeq ($(PLATFORM), windows)
-	@if [ ! -r $(DXSDK_INCLUDE_PATH)/d3d9.h  ]; then \
-	$(ECHO) "ERROR: You do not have access to a valid DirectX SDK Include dir.\n" \
-	  "      The value of DXSDK_INCLUDE_PATH must point a valid DX SDK dir.\n" \
-	  "      Please check your access to \n" \
-	  "          $(DXSDK_INCLUDE_PATH) \n" \
-	  "      and/or check your value of ALT_DXSDK_PATH or ALT_DXSDK_INCLUDE_PATH.\n" \
-	  "      Microsoft DirectX 9 SDK (Summer 2004 Update or newer) can be downloaded from the following location:\n" \
-	  "          http://msdn.microsoft.com/library/default.asp?url=/downloads/list/directx.asp\n" \
-	  "      Or  http://www.microsoft.com/directx\n" \
-	  "" >> $(ERROR_FILE) ; \
-	else \
-	  if [ ! "$(DXSDK_VER)" = "$(REQUIRED_DXSDK_VER)" ]; then \
-	  $(ECHO) "ERROR: The DirectX SDK must be version $(REQUIRED_DXSDK_VER).\n" \
-	    "      $(YOU_ARE_USING) DirectX SDK version: $(DXSDK_VER)\n" \
-	    "      The DirectX SDK was obtained from the following location: \n" \
-	    "          $(DXSDK_PATH) \n" \
-	    "      Please change your DirectX SDK. \n" \
-	    "      Microsoft DirectX 9 SDK (Summer 2004 Update or newer) can be downloaded from the following location:\n" \
-	    "          http://msdn.microsoft.com/library/default.asp?url=/downloads/list/directx.asp\n" \
-	    "      Or  http://www.microsoft.com/directx\n" \
-	    "" >> $(ERROR_FILE) ; \
-	  else \
-	    if [ -r $(DXSDK_INCLUDE_PATH)/basetsd.h ]; then \
-              if [ `$(EGREP) -c __int3264 $(DXSDK_INCLUDE_PATH)/basetsd.h` -ne 0 ]; then \
-	      $(ECHO) "WARNING: The DirectX SDK Include directory contains a newer basetsd.h,\n" \
-		"      which may indicate that you're using an incorrect version of DirectX SDK.\n" \
-		"      This may result in a build failure.\n" \
-		"      The DirectX SDK Include dir was obtained from the following location:\n" \
-		" 	  $(DXSDK_INCLUDE_PATH) \n" \
-		"      Please change your DirectX SDK to version 9 (Summer 2004 Update or newer).\n" \
-	        "      Microsoft DirectX 9 SDK can be downloaded from the following location:\n" \
-	        "          http://msdn.microsoft.com/library/default.asp?url=/downloads/list/directx.asp\n" \
-		"      Or  http://www.microsoft.com/directx\n" \
-		"" >> $(WARNING_FILE) ; \
-	      fi \
-	    fi \
-	  fi \
-	fi
-endif
-
-######################################################
 # Check the linker version(s)
 ######################################################
 ifeq ($(PLATFORM), windows)
--- a/make/java/security/Makefile	Tue Sep 24 14:17:42 2013 -0700
+++ b/make/java/security/Makefile	Tue Sep 24 14:34:55 2013 -0700
@@ -70,9 +70,13 @@
 CACERTS_SRC =	$(CACERTS_FILE)
 CACERTS_BUILD = $(LIBDIR)/security/cacerts
 
+BLACKLISTED_CERTS_SRC =	$(TOPDIR)/src/share/lib/security/blacklisted.certs
+BLACKLISTED_CERTS_BUILD = $(LIBDIR)/security/blacklisted.certs
+
 ifndef OPENJDK
   BLACKLIST_SRC =	$(CLOSED_SHARE_SRC)/lib/security/blacklist
   BLACKLIST_BUILD = $(LIBDIR)/security/blacklist
+  BLACKLISTED_CERTS_SRC +=	$(wildcard $(CLOSED_SHARE_SRC)/lib/security/blacklisted.certs)
   TRUSTEDLIBS_SRC = $(CLOSED_SHARE_SRC)/lib/security/trusted.libraries
   TRUSTEDLIBS_BUILD = $(LIBDIR)/security/trusted.libraries
 endif
@@ -85,9 +89,9 @@
 include $(BUILDDIR)/common/Rules.gmk
 
 ifdef OPENJDK
-build: properties policy cacerts
+build: properties policy cacerts blacklisted-certs
 else
-build: properties policy cacerts blacklist trustedlibs
+build: properties policy cacerts blacklist blacklisted-certs trustedlibs
 endif
 
 install: all
@@ -100,6 +104,8 @@
 
 blacklist: classes $(BLACKLIST_BUILD)
 
+blacklisted-certs: classes $(BLACKLISTED_CERTS_BUILD)
+
 trustedlibs: classes $(TRUSTEDLIBS_BUILD)
 
 $(PROPS_BUILD): $(PROPS_SRC)
@@ -114,12 +120,25 @@
 $(BLACKLIST_BUILD): $(BLACKLIST_SRC)
 	$(install-file)
 
+$(BLACKLISTED_CERTS_BUILD): $(BLACKLISTED_CERTS_SRC)
+	$(MKDIR) -p $(@D)
+	$(CAT) $^ | $(SED) '/^$$/d' | $(SORT) | $(UNIQ) > $@.tmp
+	$(GREP) -i Algorithm $@.tmp > $@
+	if [ `$(SED) -n -e "$$=" $@` != 1 ]; then \
+	   $(ECHO) "Different algorithms defined in $^"; \
+	   $(RM) $@ $@.tmp; \
+	   false; \
+	fi
+	$(GREP) -iv Algorithm $@.tmp >> $@
+	$(RM) $@.tmp
+
 $(TRUSTEDLIBS_BUILD): $(TRUSTEDLIBS_SRC)
 	$(install-file)
 
 clean clobber:: .delete.classlist
 	$(RM) -r $(CLASSBINDIR)/java/security
-	$(RM) $(PROPS_BUILD) $(POLICY_BUILD) $(CACERTS_BUILD) $(BLACKLIST_BUILD) $(TRUSTEDLIBS_BUILD)
+	$(RM) $(PROPS_BUILD) $(POLICY_BUILD) $(CACERTS_BUILD) $(BLACKLIST_BUILD) \
+	      $(BLACKLISTED_CERTS_BUILD) $(TRUSTEDLIBS_BUILD)
 
 # Additional Rule for building sun.security.util
 $(CLASSBINDIR)/%.class: $(SHARE_SRC)/sun/%.java
--- a/make/javax/sound/jsoundds/Makefile	Tue Sep 24 14:17:42 2013 -0700
+++ b/make/javax/sound/jsoundds/Makefile	Tue Sep 24 14:34:55 2013 -0700
@@ -55,8 +55,7 @@
 LDLIBS += dsound.lib winmm.lib user32.lib ole32.lib
 CPPFLAGS += \
 	-DUSE_DAUDIO=TRUE \
-	-I$(SHARE_SRC)/native/com/sun/media/sound \
-	-I$(DXSDK_INCLUDE_PATH)
+	-I$(SHARE_SRC)/native/com/sun/media/sound
 
 #
 # Add to the ambient VPATH.
--- a/make/jdk_generic_profile.sh	Tue Sep 24 14:17:42 2013 -0700
+++ b/make/jdk_generic_profile.sh	Tue Sep 24 14:34:55 2013 -0700
@@ -80,7 +80,6 @@
 #    ALT_BOOTDIR
 #    Windows Only:
 #      ALT_UNIXCOMMAND_PATH
-#      ALT_DXSDK_PATH
 #      ALT_MSVCRNN_DLL_PATH
 #
 #############################################################################
--- a/make/netbeans/awt2d/README	Tue Sep 24 14:17:42 2013 -0700
+++ b/make/netbeans/awt2d/README	Tue Sep 24 14:34:55 2013 -0700
@@ -39,7 +39,6 @@
       (on Windows):
         #>env | grep ALT
         ALT_JDK_IMPORT_PATH=c:/devtools/java/jdk1.7.0
-        ALT_DXSDK_PATH=c:/devtools/DirectX/DXSDK_Dec06
         ALT_BOOTDIR=c:/DevTools/java/jdk1.6.0
 
       If your build is a FASTDEBUG build, don't forget
@@ -50,7 +49,6 @@
       accordingly:
         make.options=\
             ALT_JDK_IMPORT_PATH=c:/devtools/java/jdk1.7.0 \
-            ALT_DXSDK_PATH=c:/devtools/DirectX/DXSDK_Dec06 \
             ALT_BOOTDIR=c:/DevTools/java/jdk1.6.0 \
             FASTDEBUG=true
         make=c:/devtools/cygwin/bin/make
@@ -175,7 +173,6 @@
   ../../build/windows-i586/tmp/sun/sun.awt/splashscreen/CClassHeaders;
   ../../build/windows-i586/tmp/sun/sun.font/fontmanager/CClassHeaders;
   ../../build/windows-i586/tmp/sun/sun.font/t2k/CClassHeaders;
-  C:/DevTools/DirectX/DXSDK_Dec06/Include;
   C:/devtools/VS2003/SDK/v1.1/include;
   C:/devtools/VS2003/VC7/ATLMFC/INCLUDE;
   C:/devtools/VS2003/VC7/INCLUDE;
@@ -188,7 +185,7 @@
   Note that most paths are relative to the native project directory - 
   this helps if you decide to relocate the workspace later. The ones that 
   aren't relative are paths to external include directories, like those 
-  of the Platform SDK, DirectX SDK.
+  of the Platform SDK.
   On Unix platforms these may be directories like /usr/include.
 
   The parser must know some defines to correctly parse the source files,
--- a/make/sun/awt/Makefile	Tue Sep 24 14:17:42 2013 -0700
+++ b/make/sun/awt/Makefile	Tue Sep 24 14:34:55 2013 -0700
@@ -564,7 +564,6 @@
 	-I$(OBJDIR) \
 	-I$(SHARE_SRC)/native/common \
 	-I$(WINAWT_native) \
-	-I$(DXSDK_INCLUDE_PATH) \
 	-I$(SHARE_SRC)/native/sun/awt/image/cvutils \
 	-I$(SHARE_SRC)/native/sun/awt/image \
 	-I$(SHARE_SRC)/native/sun/java2d/loops \
--- a/make/sun/cmm/lcms/mapfile-vers	Tue Sep 24 14:17:42 2013 -0700
+++ b/make/sun/cmm/lcms/mapfile-vers	Tue Sep 24 14:34:55 2013 -0700
@@ -28,9 +28,8 @@
 SUNWprivate_1.1 {
 	global:
         Java_sun_java2d_cmm_lcms_LCMS_loadProfileNative;
-        Java_sun_java2d_cmm_lcms_LCMS_freeProfileNative;
-        Java_sun_java2d_cmm_lcms_LCMS_getProfileSize;
-        Java_sun_java2d_cmm_lcms_LCMS_getProfileData;
+        Java_sun_java2d_cmm_lcms_LCMS_getProfileSizeNative;
+        Java_sun_java2d_cmm_lcms_LCMS_getProfileDataNative;
         Java_sun_java2d_cmm_lcms_LCMS_getTagNative;
         Java_sun_java2d_cmm_lcms_LCMS_setTagDataNative;
         Java_sun_java2d_cmm_lcms_LCMS_colorConvert;
--- a/make/sun/jawt/Makefile	Tue Sep 24 14:17:42 2013 -0700
+++ b/make/sun/jawt/Makefile	Tue Sep 24 14:34:55 2013 -0700
@@ -69,7 +69,6 @@
 # Other extra flags needed for compiling.
 #
 CPPFLAGS += -I$(SHARE_SRC)/native/common \
-	-I$(DXSDK_INCLUDE_PATH) \
 	-I$(PLATFORM_SRC)/native/sun/windows \
 	-I$(CLASSHDRDIR)/../../awt/CClassHeaders \
         -I$(SHARE_SRC)/native/sun/awt/debug \
--- a/makefiles/CompileNativeLibraries.gmk	Tue Sep 24 14:17:42 2013 -0700
+++ b/makefiles/CompileNativeLibraries.gmk	Tue Sep 24 14:34:55 2013 -0700
@@ -474,7 +474,6 @@
 	$(JDK_TOPDIR)/src/$(OPENJDK_TARGET_OS_API_DIR)/native/sun/windows \
 	$(JDK_TOPDIR)/src/$(OPENJDK_TARGET_OS_API_DIR)/native/sun/java2d/windows \
 	$(JDK_TOPDIR)/src/$(OPENJDK_TARGET_OS_API_DIR)/native/sun/java2d/d3d
-    LIBAWT_CFLAGS+=-I$(DXSDK_INCLUDE_PATH)
 else
     LIBAWT_DIRS+=\
 	$(JDK_TOPDIR)/src/$(OPENJDK_TARGET_OS_API_DIR)/native/sun/java2d/x11
@@ -1484,8 +1483,7 @@
 		        -I$(JDK_TOPDIR)/src/share/native/sun/awt/debug \
 		        -I$(JDK_TOPDIR)/src/share/native/sun/java2d \
 			-I$(JDK_TOPDIR)/src/share/native/sun/awt/image/cvutils \
-			-I$(JDK_TOPDIR)/src/$(OPENJDK_TARGET_OS_API_DIR)/native/sun/java2d/windows \
-			-I$(DXSDK_INCLUDE_PATH), \
+			-I$(JDK_TOPDIR)/src/$(OPENJDK_TARGET_OS_API_DIR)/native/sun/java2d/windows, \
 		LDFLAGS:=$(LDFLAGS_JDKLIB) $(KERNEL32_LIB) $(LDFLAGS_CXX_JDK) \
 			 advapi32.lib $(WIN_AWT_LIB),\
 		LDFLAGS_SUFFIX:=$(LDFLAGS_JDKLIB_SUFFIX),\
@@ -2963,8 +2961,7 @@
 		OPTIMIZATION:=LOW, \
 		CFLAGS:=$(CFLAGS_JDKLIB) \
 			$(LIBJSOUND_CFLAGS) \
-			-DUSE_DAUDIO=TRUE \
-                        -I$(DXSDK_INCLUDE_PATH), \
+			-DUSE_DAUDIO=TRUE, \
 		LDFLAGS:=$(LDFLAGS_JDKLIB) $(LDFLAGS_CXX_JDK) \
 			 $(call SET_SHARED_LIBRARY_ORIGIN),\
 		LDFLAGS_SUFFIX:=$(LDFLAGS_JDKLIB_SUFFIX) dsound.lib winmm.lib user32.lib ole32.lib,\
--- a/makefiles/CopyFiles.gmk	Tue Sep 24 14:17:42 2013 -0700
+++ b/makefiles/CopyFiles.gmk	Tue Sep 24 14:34:55 2013 -0700
@@ -382,11 +382,16 @@
 
 ##########################################################################################
 
+BLACKLISTED_CERTS_SRC := $(JDK_TOPDIR)/src/share/lib/security/blacklisted.certs
+BLACKLISTED_CERTS_DST := $(JDK_OUTPUTDIR)/lib/security/blacklisted.certs
+
 ifndef OPENJDK
 
 BLACKLIST_SRC   := $(JDK_TOPDIR)/src/closed/share/lib/security/blacklist
 BLACKLIST_DST   := $(JDK_OUTPUTDIR)/lib/security/blacklist
 
+BLACKLISTED_CERTS_SRC += $(wildcard $(JDK_TOPDIR)/src/closed/share/lib/security/blacklisted.certs)
+
 TRUSTEDLIBS_SRC := $(JDK_TOPDIR)/src/closed/share/lib/security/trusted.libraries
 TRUSTEDLIBS_DST := $(JDK_OUTPUTDIR)/lib/security/trusted.libraries
 
@@ -402,6 +407,20 @@
 
 endif
 
+$(BLACKLISTED_CERTS_DST): $(BLACKLISTED_CERTS_SRC)
+	$(MKDIR) -p $(@D)
+	$(CAT) $^ | $(SED) '/^$$/d' | $(SORT) | $(UNIQ) > $@.tmp
+	$(GREP) -i Algorithm $@.tmp > $@
+	if [ `$(SED) -n -e "$$=" $@` != 1 ]; then \
+	   $(ECHO) "Different algorithms defined in $^"; \
+	   $(RM) $@ $@.tmp; \
+	   false; \
+	fi
+	$(GREP) -iv Algorithm $@.tmp >> $@
+	$(RM) $@.tmp
+
+COPY_FILES += $(BLACKLISTED_CERTS_DST)
+
 ##########################################################################################
 
 ifndef OPENJDK
--- a/makefiles/mapfiles/liblcms/mapfile-vers	Tue Sep 24 14:17:42 2013 -0700
+++ b/makefiles/mapfiles/liblcms/mapfile-vers	Tue Sep 24 14:34:55 2013 -0700
@@ -28,9 +28,8 @@
 SUNWprivate_1.1 {
 	global:
         Java_sun_java2d_cmm_lcms_LCMS_loadProfileNative;
-        Java_sun_java2d_cmm_lcms_LCMS_freeProfileNative;
-        Java_sun_java2d_cmm_lcms_LCMS_getProfileSize;
-        Java_sun_java2d_cmm_lcms_LCMS_getProfileData;
+        Java_sun_java2d_cmm_lcms_LCMS_getProfileSizeNative;
+        Java_sun_java2d_cmm_lcms_LCMS_getProfileDataNative;
         Java_sun_java2d_cmm_lcms_LCMS_getTagNative;
         Java_sun_java2d_cmm_lcms_LCMS_setTagDataNative;
         Java_sun_java2d_cmm_lcms_LCMS_colorConvert;
--- a/src/macosx/native/sun/awt/CTextPipe.m	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/macosx/native/sun/awt/CTextPipe.m	Tue Sep 24 14:34:55 2013 -0700
@@ -145,11 +145,6 @@
 
     BOOL saved = false;
 
-    /* Save and restore of graphics context is done before the iteration.  
-       This seems to work using our test case (see bug ID 7158350) so we are restoring it at
-       the end of the for loop.  If we find out that save/restore outside the loop
-       doesn't work on all cases then we will move the Save/Restore inside the loop.*/
-    CGContextSaveGState(cgRef);
     CGAffineTransform invTx = CGAffineTransformInvert(strike->fTx);
 
     NSUInteger i;
@@ -226,7 +221,9 @@
 
     }
     // reset the font on the context after striking a unicode with CoreText
-    CGContextRestoreGState(cgRef);
+    if (saved) {
+        CGContextRestoreGState(cgRef);
+    }
 }
 
 // Using the Quartz Surface Data context, draw a hot-substituted character run
--- a/src/share/classes/java/awt/color/ICC_Profile.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/java/awt/color/ICC_Profile.java	Tue Sep 24 14:34:55 2013 -0700
@@ -37,6 +37,7 @@
 
 import sun.java2d.cmm.PCMM;
 import sun.java2d.cmm.CMSManager;
+import sun.java2d.cmm.Profile;
 import sun.java2d.cmm.ProfileDataVerifier;
 import sun.java2d.cmm.ProfileDeferralMgr;
 import sun.java2d.cmm.ProfileDeferralInfo;
@@ -94,7 +95,7 @@
 
     private static final long serialVersionUID = -3938515861990936766L;
 
-    transient long ID;
+    private transient Profile cmmProfile;
 
     private transient ProfileDeferralInfo deferralInfo;
     private transient ProfileActivator profileActivator;
@@ -727,8 +728,8 @@
     /**
      * Constructs an ICC_Profile object with a given ID.
      */
-    ICC_Profile(long ID) {
-        this.ID = ID;
+    ICC_Profile(Profile p) {
+        this.cmmProfile = p;
     }
 
 
@@ -751,8 +752,8 @@
      * Frees the resources associated with an ICC_Profile object.
      */
     protected void finalize () {
-        if (ID != 0) {
-            CMSManager.getModule().freeProfile(ID);
+        if (cmmProfile != null) {
+            CMSManager.getModule().freeProfile(cmmProfile);
         } else if (profileActivator != null) {
             ProfileDeferralMgr.unregisterDeferral(profileActivator);
         }
@@ -770,7 +771,7 @@
     public static ICC_Profile getInstance(byte[] data) {
     ICC_Profile thisProfile;
 
-        long theID;
+        Profile p = null;
 
         if (ProfileDeferralMgr.deferring) {
             ProfileDeferralMgr.activateProfiles();
@@ -779,32 +780,32 @@
         ProfileDataVerifier.verify(data);
 
         try {
-            theID = CMSManager.getModule().loadProfile(data);
+            p = CMSManager.getModule().loadProfile(data);
         } catch (CMMException c) {
             throw new IllegalArgumentException("Invalid ICC Profile Data");
         }
 
         try {
-            if ((getColorSpaceType (theID) == ColorSpace.TYPE_GRAY) &&
-                (getData (theID, icSigMediaWhitePointTag) != null) &&
-                (getData (theID, icSigGrayTRCTag) != null)) {
-                thisProfile = new ICC_ProfileGray (theID);
+            if ((getColorSpaceType (p) == ColorSpace.TYPE_GRAY) &&
+                (getData (p, icSigMediaWhitePointTag) != null) &&
+                (getData (p, icSigGrayTRCTag) != null)) {
+                thisProfile = new ICC_ProfileGray (p);
             }
-            else if ((getColorSpaceType (theID) == ColorSpace.TYPE_RGB) &&
-                (getData (theID, icSigMediaWhitePointTag) != null) &&
-                (getData (theID, icSigRedColorantTag) != null) &&
-                (getData (theID, icSigGreenColorantTag) != null) &&
-                (getData (theID, icSigBlueColorantTag) != null) &&
-                (getData (theID, icSigRedTRCTag) != null) &&
-                (getData (theID, icSigGreenTRCTag) != null) &&
-                (getData (theID, icSigBlueTRCTag) != null)) {
-                thisProfile = new ICC_ProfileRGB (theID);
+            else if ((getColorSpaceType (p) == ColorSpace.TYPE_RGB) &&
+                (getData (p, icSigMediaWhitePointTag) != null) &&
+                (getData (p, icSigRedColorantTag) != null) &&
+                (getData (p, icSigGreenColorantTag) != null) &&
+                (getData (p, icSigBlueColorantTag) != null) &&
+                (getData (p, icSigRedTRCTag) != null) &&
+                (getData (p, icSigGreenTRCTag) != null) &&
+                (getData (p, icSigBlueTRCTag) != null)) {
+                thisProfile = new ICC_ProfileRGB (p);
             }
             else {
-                thisProfile = new ICC_Profile (theID);
+                thisProfile = new ICC_Profile (p);
             }
         } catch (CMMException c) {
-            thisProfile = new ICC_Profile (theID);
+            thisProfile = new ICC_Profile (p);
         }
         return thisProfile;
     }
@@ -1119,7 +1120,7 @@
                 fileName);
         }
         try {
-            ID = CMSManager.getModule().loadProfile(profileData);
+            cmmProfile = CMSManager.getModule().loadProfile(profileData);
         } catch (CMMException c) {
             ProfileDataException pde = new
                 ProfileDataException("Invalid ICC Profile Data" + fileName);
@@ -1229,14 +1230,14 @@
                                                    causing a deferred profile
                                                    to be loaded */
         }
-        return    getColorSpaceType(ID);
+        return    getColorSpaceType(cmmProfile);
     }
 
-    static int getColorSpaceType(long profileID) {
+    static int getColorSpaceType(Profile p) {
     byte[] theHeader;
     int theColorSpaceSig, theColorSpace;
 
-        theHeader = getData(profileID, icSigHead);
+        theHeader = getData(p, icSigHead);
         theColorSpaceSig = intFromBigEndian(theHeader, icHdrColorSpace);
         theColorSpace = iccCStoJCS (theColorSpaceSig);
         return theColorSpace;
@@ -1258,15 +1259,15 @@
         if (ProfileDeferralMgr.deferring) {
             ProfileDeferralMgr.activateProfiles();
         }
-        return getPCSType(ID);
+        return getPCSType(cmmProfile);
     }
 
 
-    static int getPCSType(long profileID) {
+    static int getPCSType(Profile p) {
     byte[] theHeader;
     int thePCSSig, thePCS;
 
-        theHeader = getData(profileID, icSigHead);
+        theHeader = getData(p, icSigHead);
         thePCSSig = intFromBigEndian(theHeader, icHdrPcs);
         thePCS = iccCStoJCS(thePCSSig);
         return thePCS;
@@ -1326,12 +1327,12 @@
         PCMM mdl = CMSManager.getModule();
 
         /* get the number of bytes needed for this profile */
-        profileSize = mdl.getProfileSize(ID);
+        profileSize = mdl.getProfileSize(cmmProfile);
 
         profileData = new byte [profileSize];
 
         /* get the data for the profile */
-        mdl.getProfileData(ID, profileData);
+        mdl.getProfileData(cmmProfile, profileData);
 
         return profileData;
     }
@@ -1358,11 +1359,11 @@
             ProfileDeferralMgr.activateProfiles();
         }
 
-        return getData(ID, tagSignature);
+        return getData(cmmProfile, tagSignature);
     }
 
 
-    static byte[] getData(long profileID, int tagSignature) {
+    static byte[] getData(Profile p, int tagSignature) {
     int tagSize;
     byte[] tagData;
 
@@ -1370,12 +1371,12 @@
             PCMM mdl = CMSManager.getModule();
 
             /* get the number of bytes needed for this tag */
-            tagSize = mdl.getTagSize(profileID, tagSignature);
+            tagSize = mdl.getTagSize(p, tagSignature);
 
             tagData = new byte[tagSize]; /* get an array for the tag */
 
             /* get the tag's data */
-            mdl.getTagData(profileID, tagSignature, tagData);
+            mdl.getTagData(p, tagSignature, tagData);
         } catch(CMMException c) {
             tagData = null;
         }
@@ -1406,7 +1407,7 @@
             ProfileDeferralMgr.activateProfiles();
         }
 
-        CMSManager.getModule().setTagData(ID, tagSignature, tagData);
+        CMSManager.getModule().setTagData(cmmProfile, tagSignature, tagData);
     }
 
     /**
--- a/src/share/classes/java/awt/color/ICC_ProfileGray.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/java/awt/color/ICC_ProfileGray.java	Tue Sep 24 14:34:55 2013 -0700
@@ -35,7 +35,7 @@
 
 package java.awt.color;
 
-import java.awt.image.LookupTable;
+import sun.java2d.cmm.Profile;
 import sun.java2d.cmm.ProfileDeferralInfo;
 
 /**
@@ -76,8 +76,8 @@
     /**
      * Constructs a new ICC_ProfileGray from a CMM ID.
      */
-    ICC_ProfileGray(long ID) {
-        super(ID);
+    ICC_ProfileGray(Profile p) {
+        super(p);
     }
 
     /**
--- a/src/share/classes/java/awt/color/ICC_ProfileRGB.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/java/awt/color/ICC_ProfileRGB.java	Tue Sep 24 14:34:55 2013 -0700
@@ -35,7 +35,7 @@
 
 package java.awt.color;
 
-import java.awt.image.LookupTable;
+import sun.java2d.cmm.Profile;
 import sun.java2d.cmm.ProfileDeferralInfo;
 
 /**
@@ -114,8 +114,8 @@
      * @param ID The CMM ID for the profile.
      *
      */
-    ICC_ProfileRGB(long ID) {
-        super(ID);
+    ICC_ProfileRGB(Profile p) {
+        super(p);
     }
 
     /**
--- a/src/share/classes/java/lang/CharSequence.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/java/lang/CharSequence.java	Tue Sep 24 14:34:55 2013 -0700
@@ -228,7 +228,7 @@
                 Spliterators.spliteratorUnknownSize(
                         new CodePointIterator(),
                         Spliterator.ORDERED),
-                Spliterator.SUBSIZED | Spliterator.SIZED | Spliterator.ORDERED,
+                Spliterator.ORDERED,
                 false);
     }
 }
--- a/src/share/classes/java/lang/Class.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/java/lang/Class.java	Tue Sep 24 14:34:55 2013 -0700
@@ -48,6 +48,7 @@
 import java.util.Arrays;
 import java.util.Collection;
 import java.util.HashSet;
+import java.util.LinkedHashMap;
 import java.util.List;
 import java.util.Set;
 import java.util.Map;
@@ -2370,11 +2371,14 @@
         private static final long reflectionDataOffset;
         // offset of Class.annotationType instance field
         private static final long annotationTypeOffset;
+        // offset of Class.annotationData instance field
+        private static final long annotationDataOffset;
 
         static {
             Field[] fields = Class.class.getDeclaredFields0(false); // bypass caches
             reflectionDataOffset = objectFieldOffset(fields, "reflectionData");
             annotationTypeOffset = objectFieldOffset(fields, "annotationType");
+            annotationDataOffset = objectFieldOffset(fields, "annotationData");
         }
 
         private static long objectFieldOffset(Field[] fields, String fieldName) {
@@ -2396,6 +2400,12 @@
                                              AnnotationType newType) {
             return unsafe.compareAndSwapObject(clazz, annotationTypeOffset, oldType, newType);
         }
+
+        static <T> boolean casAnnotationData(Class<?> clazz,
+                                             AnnotationData oldData,
+                                             AnnotationData newData) {
+            return unsafe.compareAndSwapObject(clazz, annotationDataOffset, oldData, newData);
+        }
     }
 
     /**
@@ -2406,7 +2416,7 @@
     private static boolean useCaches = true;
 
     // reflection data that might get invalidated when JVM TI RedefineClasses() is called
-    static class ReflectionData<T> {
+    private static class ReflectionData<T> {
         volatile Field[] declaredFields;
         volatile Field[] publicFields;
         volatile Method[] declaredMethods;
@@ -3253,8 +3263,7 @@
     public <A extends Annotation> A getAnnotation(Class<A> annotationClass) {
         Objects.requireNonNull(annotationClass);
 
-        initAnnotationsIfNecessary();
-        return (A) annotations.get(annotationClass);
+        return (A) annotationData().annotations.get(annotationClass);
     }
 
     /**
@@ -3275,16 +3284,14 @@
     public <A extends Annotation> A[] getAnnotationsByType(Class<A> annotationClass) {
         Objects.requireNonNull(annotationClass);
 
-        initAnnotationsIfNecessary();
-        return AnnotationSupport.getMultipleAnnotations(annotations, annotationClass);
+        return AnnotationSupport.getMultipleAnnotations(annotationData().annotations, annotationClass);
     }
 
     /**
      * @since 1.5
      */
     public Annotation[] getAnnotations() {
-        initAnnotationsIfNecessary();
-        return AnnotationParser.toArray(annotations);
+        return AnnotationParser.toArray(annotationData().annotations);
     }
 
     /**
@@ -3296,8 +3303,7 @@
     public <A extends Annotation> A getDeclaredAnnotation(Class<A> annotationClass) {
         Objects.requireNonNull(annotationClass);
 
-        initAnnotationsIfNecessary();
-        return (A) declaredAnnotations.get(annotationClass);
+        return (A) annotationData().declaredAnnotations.get(annotationClass);
     }
 
     /**
@@ -3308,52 +3314,85 @@
     public <A extends Annotation> A[] getDeclaredAnnotationsByType(Class<A> annotationClass) {
         Objects.requireNonNull(annotationClass);
 
-        initAnnotationsIfNecessary();
-        return AnnotationSupport.getMultipleAnnotations(declaredAnnotations, annotationClass);
+        return AnnotationSupport.getMultipleAnnotations(annotationData().declaredAnnotations, annotationClass);
     }
 
     /**
      * @since 1.5
      */
     public Annotation[] getDeclaredAnnotations()  {
-        initAnnotationsIfNecessary();
-        return AnnotationParser.toArray(declaredAnnotations);
+        return AnnotationParser.toArray(annotationData().declaredAnnotations);
+    }
+
+    // annotation data that might get invalidated when JVM TI RedefineClasses() is called
+    private static class AnnotationData {
+        final Map<Class<? extends Annotation>, Annotation> annotations;
+        final Map<Class<? extends Annotation>, Annotation> declaredAnnotations;
+
+        // Value of classRedefinedCount when we created this AnnotationData instance
+        final int redefinedCount;
+
+        AnnotationData(Map<Class<? extends Annotation>, Annotation> annotations,
+                       Map<Class<? extends Annotation>, Annotation> declaredAnnotations,
+                       int redefinedCount) {
+            this.annotations = annotations;
+            this.declaredAnnotations = declaredAnnotations;
+            this.redefinedCount = redefinedCount;
+        }
     }
 
     // Annotations cache
-    private transient Map<Class<? extends Annotation>, Annotation> annotations;
-    private transient Map<Class<? extends Annotation>, Annotation> declaredAnnotations;
-    // Value of classRedefinedCount when we last cleared the cached annotations and declaredAnnotations fields
-    private  transient int lastAnnotationsRedefinedCount = 0;
+    @SuppressWarnings("UnusedDeclaration")
+    private volatile transient AnnotationData annotationData;
 
-    // Clears cached values that might possibly have been obsoleted by
-    // a class redefinition.
-    private void clearAnnotationCachesOnClassRedefinition() {
-        if (lastAnnotationsRedefinedCount != classRedefinedCount) {
-            annotations = declaredAnnotations = null;
-            lastAnnotationsRedefinedCount = classRedefinedCount;
+    private AnnotationData annotationData() {
+        while (true) { // retry loop
+            AnnotationData annotationData = this.annotationData;
+            int classRedefinedCount = this.classRedefinedCount;
+            if (annotationData != null &&
+                annotationData.redefinedCount == classRedefinedCount) {
+                return annotationData;
+            }
+            // null or stale annotationData -> optimistically create new instance
+            AnnotationData newAnnotationData = createAnnotationData(classRedefinedCount);
+            // try to install it
+            if (Atomic.casAnnotationData(this, annotationData, newAnnotationData)) {
+                // successfully installed new AnnotationData
+                return newAnnotationData;
+            }
         }
     }
 
-    private synchronized void initAnnotationsIfNecessary() {
-        clearAnnotationCachesOnClassRedefinition();
-        if (annotations != null)
-            return;
-        declaredAnnotations = AnnotationParser.parseAnnotations(
-            getRawAnnotations(), getConstantPool(), this);
+    private AnnotationData createAnnotationData(int classRedefinedCount) {
+        Map<Class<? extends Annotation>, Annotation> declaredAnnotations =
+            AnnotationParser.parseAnnotations(getRawAnnotations(), getConstantPool(), this);
         Class<?> superClass = getSuperclass();
-        if (superClass == null) {
+        Map<Class<? extends Annotation>, Annotation> annotations = null;
+        if (superClass != null) {
+            Map<Class<? extends Annotation>, Annotation> superAnnotations =
+                superClass.annotationData().annotations;
+            for (Map.Entry<Class<? extends Annotation>, Annotation> e : superAnnotations.entrySet()) {
+                Class<? extends Annotation> annotationClass = e.getKey();
+                if (AnnotationType.getInstance(annotationClass).isInherited()) {
+                    if (annotations == null) { // lazy construction
+                        annotations = new LinkedHashMap<>((Math.max(
+                                declaredAnnotations.size(),
+                                Math.min(12, declaredAnnotations.size() + superAnnotations.size())
+                            ) * 4 + 2) / 3
+                        );
+                    }
+                    annotations.put(annotationClass, e.getValue());
+                }
+            }
+        }
+        if (annotations == null) {
+            // no inherited annotations -> share the Map with declaredAnnotations
             annotations = declaredAnnotations;
         } else {
-            annotations = new HashMap<>();
-            superClass.initAnnotationsIfNecessary();
-            for (Map.Entry<Class<? extends Annotation>, Annotation> e : superClass.annotations.entrySet()) {
-                Class<? extends Annotation> annotationClass = e.getKey();
-                if (AnnotationType.getInstance(annotationClass).isInherited())
-                    annotations.put(annotationClass, e.getValue());
-            }
+            // at least one inherited annotation -> declared may override inherited
             annotations.putAll(declaredAnnotations);
         }
+        return new AnnotationData(annotations, declaredAnnotations, classRedefinedCount);
     }
 
     // Annotation types cache their internal (AnnotationType) form
--- a/src/share/classes/java/security/cert/Certificate.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/java/security/cert/Certificate.java	Tue Sep 24 14:34:55 2013 -0700
@@ -66,6 +66,9 @@
     // the certificate type
     private final String type;
 
+    /** Cache the hash code for the certiticate */
+    private int hash = -1; // Default to -1
+
     /**
      * Creates a certificate of the specified type.
      *
@@ -123,16 +126,16 @@
      * @return the hashcode value.
      */
     public int hashCode() {
-        int retval = 0;
-        try {
-            byte[] certData = X509CertImpl.getEncodedInternal(this);
-            for (int i = 1; i < certData.length; i++) {
-                 retval += certData[i] * i;
+        int h = hash;
+        if (h == -1) {
+            try {
+                h = Arrays.hashCode(X509CertImpl.getEncodedInternal(this));
+            } catch (CertificateException e) {
+                h = 0;
             }
-            return retval;
-        } catch (CertificateException e) {
-            return retval;
+            hash = h;
         }
+        return h;
     }
 
     /**
--- a/src/share/classes/java/util/HashMap.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/java/util/HashMap.java	Tue Sep 24 14:34:55 2013 -0700
@@ -1132,6 +1132,8 @@
 
     public V computeIfPresent(K key,
                               BiFunction<? super K, ? super V, ? extends V> remappingFunction) {
+        if (remappingFunction == null)
+            throw new NullPointerException();
         Node<K,V> e; V oldValue;
         int hash = hash(key);
         if ((e = getNode(hash, key)) != null &&
--- a/src/share/classes/java/util/Map.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/java/util/Map.java	Tue Sep 24 14:34:55 2013 -0700
@@ -934,6 +934,7 @@
      */
     default V computeIfAbsent(K key,
             Function<? super K, ? extends V> mappingFunction) {
+        Objects.requireNonNull(mappingFunction);
         V v, newValue;
         return ((v = get(key)) == null &&
                 (newValue = mappingFunction.apply(key)) != null &&
@@ -992,6 +993,7 @@
      */
     default V computeIfPresent(K key,
             BiFunction<? super K, ? super V, ? extends V> remappingFunction) {
+        Objects.requireNonNull(remappingFunction);
         V oldValue;
         while ((oldValue = get(key)) != null) {
             V newValue = remappingFunction.apply(key, oldValue);
@@ -1068,6 +1070,7 @@
      */
     default V compute(K key,
             BiFunction<? super K, ? super V, ? extends V> remappingFunction) {
+        Objects.requireNonNull(remappingFunction);
         V oldValue = get(key);
         for (;;) {
             V newValue = remappingFunction.apply(key, oldValue);
@@ -1174,6 +1177,7 @@
      */
     default V merge(K key, V value,
             BiFunction<? super V, ? super V, ? extends V> remappingFunction) {
+        Objects.requireNonNull(remappingFunction);
         V oldValue = get(key);
         for (;;) {
             if (oldValue != null) {
--- a/src/share/classes/java/util/Spliterator.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/java/util/Spliterator.java	Tue Sep 24 14:34:55 2013 -0700
@@ -539,7 +539,7 @@
      * Spliterator is expected to have a documented policy concerning the impact
      * of modifications during traversal.
      *
-     * <p>A top-level Spliterator should not report {@code CONCURRENT} and
+     * <p>A top-level Spliterator should not report both {@code CONCURRENT} and
      * {@code SIZED}, since the finite size, if known, may change if the source
      * is concurrently modified during traversal. Such a Spliterator is
      * inconsistent and no guarantees can be made about any computation using
--- a/src/share/classes/java/util/Spliterators.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/java/util/Spliterators.java	Tue Sep 24 14:34:55 2013 -0700
@@ -409,16 +409,16 @@
      *
      * @param <T> Type of elements
      * @param c The collection
-     * @param additionalCharacteristics Additional spliterator characteristics
-     *        of this spliterator's source or elements beyond {@code SIZED} and
-     *        {@code SUBSIZED} which are are always reported
+     * @param characteristics Characteristics of this spliterator's source or
+     *        elements.  The characteristics {@code SIZED} and {@code SUBSIZED}
+     *        are additionally reported unless {@code CONCURRENT} is supplied.
      * @return A spliterator from an iterator
      * @throws NullPointerException if the given collection is {@code null}
      */
     public static <T> Spliterator<T> spliterator(Collection<? extends T> c,
-                                                 int additionalCharacteristics) {
+                                                 int characteristics) {
         return new IteratorSpliterator<>(Objects.requireNonNull(c),
-                                         additionalCharacteristics);
+                                         characteristics);
     }
 
     /**
@@ -439,17 +439,17 @@
      * @param iterator The iterator for the source
      * @param size The number of elements in the source, to be reported as
      *        initial {@code estimateSize}
-     * @param additionalCharacteristics Additional spliterator characteristics
-     *        of this spliterator's source or elements beyond {@code SIZED} and
-     *        {@code SUBSIZED} which are are always reported
+     * @param characteristics Characteristics of this spliterator's source or
+     *        elements.  The characteristics {@code SIZED} and {@code SUBSIZED}
+     *        are additionally reported unless {@code CONCURRENT} is supplied.
      * @return A spliterator from an iterator
      * @throws NullPointerException if the given iterator is {@code null}
      */
     public static <T> Spliterator<T> spliterator(Iterator<? extends T> iterator,
                                                  long size,
-                                                 int additionalCharacteristics) {
+                                                 int characteristics) {
         return new IteratorSpliterator<>(Objects.requireNonNull(iterator), size,
-                                         additionalCharacteristics);
+                                         characteristics);
     }
 
     /**
@@ -467,7 +467,7 @@
      *
      * @param <T> Type of elements
      * @param iterator The iterator for the source
-     * @param characteristics Properties of this spliterator's source
+     * @param characteristics Characteristics of this spliterator's source
      *        or elements ({@code SIZED} and {@code SUBSIZED}, if supplied, are
      *        ignored and are not reported.)
      * @return A spliterator from an iterator
@@ -496,17 +496,17 @@
      * @param iterator The iterator for the source
      * @param size The number of elements in the source, to be reported as
      *        initial {@code estimateSize}.
-     * @param additionalCharacteristics Additional spliterator characteristics
-     *        of this spliterator's source or elements beyond {@code SIZED} and
-     *        {@code SUBSIZED} which are are always reported
+     * @param characteristics Characteristics of this spliterator's source or
+     *        elements.  The characteristics {@code SIZED} and {@code SUBSIZED}
+     *        are additionally reported unless {@code CONCURRENT} is supplied.
      * @return A spliterator from an iterator
      * @throws NullPointerException if the given iterator is {@code null}
      */
     public static Spliterator.OfInt spliterator(PrimitiveIterator.OfInt iterator,
                                                 long size,
-                                                int additionalCharacteristics) {
+                                                int characteristics) {
         return new IntIteratorSpliterator(Objects.requireNonNull(iterator),
-                                          size, additionalCharacteristics);
+                                          size, characteristics);
     }
 
     /**
@@ -524,7 +524,7 @@
      * operated on after the spliterator is returned.
      *
      * @param iterator The iterator for the source
-     * @param characteristics Properties of this spliterator's source
+     * @param characteristics Characteristics of this spliterator's source
      *        or elements ({@code SIZED} and {@code SUBSIZED}, if supplied, are
      *        ignored and are not reported.)
      * @return A spliterator from an iterator
@@ -553,17 +553,17 @@
      * @param iterator The iterator for the source
      * @param size The number of elements in the source, to be reported as
      *        initial {@code estimateSize}.
-     * @param additionalCharacteristics Additional spliterator characteristics
-     *        of this spliterator's source or elements beyond {@code SIZED} and
-     *        {@code SUBSIZED} which are are always reported
+     * @param characteristics Characteristics of this spliterator's source or
+     *        elements.  The characteristics {@code SIZED} and {@code SUBSIZED}
+     *        are additionally reported unless {@code CONCURRENT} is supplied.
      * @return A spliterator from an iterator
      * @throws NullPointerException if the given iterator is {@code null}
      */
     public static Spliterator.OfLong spliterator(PrimitiveIterator.OfLong iterator,
                                                  long size,
-                                                 int additionalCharacteristics) {
+                                                 int characteristics) {
         return new LongIteratorSpliterator(Objects.requireNonNull(iterator),
-                                           size, additionalCharacteristics);
+                                           size, characteristics);
     }
 
     /**
@@ -581,7 +581,7 @@
      * operated on after the spliterator is returned.
      *
      * @param iterator The iterator for the source
-     * @param characteristics Properties of this spliterator's source
+     * @param characteristics Characteristics of this spliterator's source
      *        or elements ({@code SIZED} and {@code SUBSIZED}, if supplied, are
      *        ignored and are not reported.)
      * @return A spliterator from an iterator
@@ -610,17 +610,17 @@
      * @param iterator The iterator for the source
      * @param size The number of elements in the source, to be reported as
      *        initial {@code estimateSize}
-     * @param additionalCharacteristics Additional spliterator characteristics
-     *        of this spliterator's source or elements beyond {@code SIZED} and
-     *        {@code SUBSIZED} which are are always reported
+     * @param characteristics Characteristics of this spliterator's source or
+     *        elements.  The characteristics {@code SIZED} and {@code SUBSIZED}
+     *        are additionally reported unless {@code CONCURRENT} is supplied.
      * @return A spliterator from an iterator
      * @throws NullPointerException if the given iterator is {@code null}
      */
     public static Spliterator.OfDouble spliterator(PrimitiveIterator.OfDouble iterator,
                                                    long size,
-                                                   int additionalCharacteristics) {
+                                                   int characteristics) {
         return new DoubleIteratorSpliterator(Objects.requireNonNull(iterator),
-                                             size, additionalCharacteristics);
+                                             size, characteristics);
     }
 
     /**
@@ -638,7 +638,7 @@
      * operated on after the spliterator is returned.
      *
      * @param iterator The iterator for the source
-     * @param characteristics Properties of this spliterator's source
+     * @param characteristics Characteristics of this spliterator's source
      *        or elements ({@code SIZED} and {@code SUBSIZED}, if supplied, are
      *        ignored and are not reported.)
      * @return A spliterator from an iterator
@@ -1710,7 +1710,9 @@
         public IteratorSpliterator(Collection<? extends T> collection, int characteristics) {
             this.collection = collection;
             this.it = null;
-            this.characteristics = characteristics | Spliterator.SIZED | Spliterator.SUBSIZED;
+            this.characteristics = (characteristics & Spliterator.CONCURRENT) == 0
+                                   ? characteristics | Spliterator.SIZED | Spliterator.SUBSIZED
+                                   : characteristics;
         }
 
         /**
@@ -1727,7 +1729,9 @@
             this.collection = null;
             this.it = iterator;
             this.est = size;
-            this.characteristics = characteristics | Spliterator.SIZED | Spliterator.SUBSIZED;
+            this.characteristics = (characteristics & Spliterator.CONCURRENT) == 0
+                                   ? characteristics | Spliterator.SIZED | Spliterator.SUBSIZED
+                                   : characteristics;
         }
 
         /**
@@ -1857,7 +1861,9 @@
         public IntIteratorSpliterator(PrimitiveIterator.OfInt iterator, long size, int characteristics) {
             this.it = iterator;
             this.est = size;
-            this.characteristics = characteristics | Spliterator.SIZED | Spliterator.SUBSIZED;
+            this.characteristics = (characteristics & Spliterator.CONCURRENT) == 0
+                                   ? characteristics | Spliterator.SIZED | Spliterator.SUBSIZED
+                                   : characteristics;
         }
 
         /**
@@ -1949,7 +1955,9 @@
         public LongIteratorSpliterator(PrimitiveIterator.OfLong iterator, long size, int characteristics) {
             this.it = iterator;
             this.est = size;
-            this.characteristics = characteristics | Spliterator.SIZED | Spliterator.SUBSIZED;
+            this.characteristics = (characteristics & Spliterator.CONCURRENT) == 0
+                                   ? characteristics | Spliterator.SIZED | Spliterator.SUBSIZED
+                                   : characteristics;
         }
 
         /**
@@ -2041,7 +2049,9 @@
         public DoubleIteratorSpliterator(PrimitiveIterator.OfDouble iterator, long size, int characteristics) {
             this.it = iterator;
             this.est = size;
-            this.characteristics = characteristics | Spliterator.SIZED | Spliterator.SUBSIZED;
+            this.characteristics = (characteristics & Spliterator.CONCURRENT) == 0
+                                   ? characteristics | Spliterator.SIZED | Spliterator.SUBSIZED
+                                   : characteristics;
         }
 
         /**
--- a/src/share/classes/java/util/SplittableRandom.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/java/util/SplittableRandom.java	Tue Sep 24 14:34:55 2013 -0700
@@ -25,8 +25,7 @@
 
 package java.util;
 
-import java.security.SecureRandom;
-import java.net.InetAddress;
+import java.net.NetworkInterface;
 import java.util.concurrent.atomic.AtomicLong;
 import java.util.function.IntConsumer;
 import java.util.function.LongConsumer;
@@ -242,12 +241,34 @@
                 s = (s << 8) | ((long)(seedBytes[i]) & 0xffL);
             return s;
         }
-        int hh = 0; // hashed host address
+        long h = 0L;
         try {
-            hh = InetAddress.getLocalHost().hashCode();
+            Enumeration<NetworkInterface> ifcs =
+                    NetworkInterface.getNetworkInterfaces();
+            boolean retry = false; // retry once if getHardwareAddress is null
+            while (ifcs.hasMoreElements()) {
+                NetworkInterface ifc = ifcs.nextElement();
+                if (!ifc.isVirtual()) { // skip fake addresses
+                    byte[] bs = ifc.getHardwareAddress();
+                    if (bs != null) {
+                        int n = bs.length;
+                        int m = Math.min(n >>> 1, 4);
+                        for (int i = 0; i < m; ++i)
+                            h = (h << 16) ^ (bs[i] << 8) ^ bs[n-1-i];
+                        if (m < 4)
+                            h = (h << 8) ^ bs[n-1-m];
+                        h = mix64(h);
+                        break;
+                    }
+                    else if (!retry)
+                        retry = true;
+                    else
+                        break;
+                }
+            }
         } catch (Exception ignore) {
         }
-        return (mix64((((long)hh) << 32) ^ System.currentTimeMillis()) ^
+        return (h ^ mix64(System.currentTimeMillis()) ^
                 mix64(System.nanoTime()));
     }
 
--- a/src/share/classes/java/util/concurrent/ThreadLocalRandom.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/java/util/concurrent/ThreadLocalRandom.java	Tue Sep 24 14:34:55 2013 -0700
@@ -36,6 +36,8 @@
 package java.util.concurrent;
 
 import java.io.ObjectStreamField;
+import java.net.NetworkInterface;
+import java.util.Enumeration;
 import java.util.Random;
 import java.util.Spliterator;
 import java.util.concurrent.atomic.AtomicInteger;
@@ -71,7 +73,10 @@
  *
  * <p>Instances of {@code ThreadLocalRandom} are not cryptographically
  * secure.  Consider instead using {@link java.security.SecureRandom}
- * in security-sensitive applications.
+ * in security-sensitive applications. Additionally,
+ * default-constructed instances do not use a cryptographically random
+ * seed unless the {@linkplain System#getProperty system property}
+ * {@code java.util.secureRandomSeed} is set to {@code true}.
  *
  * @since 1.7
  * @author Doug Lea
@@ -129,9 +134,49 @@
     /**
      * The next seed for default constructors.
      */
-    private static final AtomicLong seeder =
-        new AtomicLong(mix64(System.currentTimeMillis()) ^
-                       mix64(System.nanoTime()));
+    private static final AtomicLong seeder = new AtomicLong(initialSeed());
+
+    private static long initialSeed() {
+        String pp = java.security.AccessController.doPrivileged(
+                new sun.security.action.GetPropertyAction(
+                        "java.util.secureRandomSeed"));
+        if (pp != null && pp.equalsIgnoreCase("true")) {
+            byte[] seedBytes = java.security.SecureRandom.getSeed(8);
+            long s = (long)(seedBytes[0]) & 0xffL;
+            for (int i = 1; i < 8; ++i)
+                s = (s << 8) | ((long)(seedBytes[i]) & 0xffL);
+            return s;
+        }
+        long h = 0L;
+        try {
+            Enumeration<NetworkInterface> ifcs =
+                    NetworkInterface.getNetworkInterfaces();
+            boolean retry = false; // retry once if getHardwareAddress is null
+            while (ifcs.hasMoreElements()) {
+                NetworkInterface ifc = ifcs.nextElement();
+                if (!ifc.isVirtual()) { // skip fake addresses
+                    byte[] bs = ifc.getHardwareAddress();
+                    if (bs != null) {
+                        int n = bs.length;
+                        int m = Math.min(n >>> 1, 4);
+                        for (int i = 0; i < m; ++i)
+                            h = (h << 16) ^ (bs[i] << 8) ^ bs[n-1-i];
+                        if (m < 4)
+                            h = (h << 8) ^ bs[n-1-m];
+                        h = mix64(h);
+                        break;
+                    }
+                    else if (!retry)
+                        retry = true;
+                    else
+                        break;
+                }
+            }
+        } catch (Exception ignore) {
+        }
+        return (h ^ mix64(System.currentTimeMillis()) ^
+                mix64(System.nanoTime()));
+    }
 
     /**
      * The seed increment
--- a/src/share/classes/java/util/regex/Pattern.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/java/util/regex/Pattern.java	Tue Sep 24 14:34:55 2013 -0700
@@ -5755,7 +5755,8 @@
      * input sequence that is terminated by another subsequence that matches
      * this pattern or is terminated by the end of the input sequence.  The
      * substrings in the stream are in the order in which they occur in the
-     * input.
+     * input.  Trailing empty strings will be discarded and not encountered in
+     * the stream.
      *
      * <p> If this pattern does not match any subsequence of the input then
      * the resulting stream has just one element, namely the input sequence in
@@ -5781,6 +5782,8 @@
             private int current;
             // null if the next element, if any, needs to obtained
             private String nextElement;
+            // > 0 if there are N next empty elements
+            private int emptyElementCount;
 
             MatcherIterator() {
                 this.matcher = matcher(input);
@@ -5790,26 +5793,46 @@
                 if (!hasNext())
                     throw new NoSuchElementException();
 
-                String n = nextElement;
-                nextElement = null;
-                return n;
+                if (emptyElementCount == 0) {
+                    String n = nextElement;
+                    nextElement = null;
+                    return n;
+                } else {
+                    emptyElementCount--;
+                    return "";
+                }
             }
 
             public boolean hasNext() {
-                if (nextElement != null)
+                if (nextElement != null || emptyElementCount > 0)
                     return true;
 
                 if (current == input.length())
                     return false;
 
-                if (matcher.find()) {
+                // Consume the next matching element
+                // Count sequence of matching empty elements
+                while (matcher.find()) {
                     nextElement = input.subSequence(current, matcher.start()).toString();
                     current = matcher.end();
+                    if (!nextElement.isEmpty()) {
+                        return true;
+                    } else {
+                        emptyElementCount++;
+                    }
+                }
+
+                // Consume last matching element
+                nextElement = input.subSequence(current, input.length()).toString();
+                current = input.length();
+                if (!nextElement.isEmpty()) {
+                    return true;
                 } else {
-                    nextElement = input.subSequence(current, input.length()).toString();
-                    current = input.length();
+                    // Ignore a terminal sequence of matching empty elements
+                    emptyElementCount = 0;
+                    nextElement = null;
+                    return false;
                 }
-                return true;
             }
         }
         return StreamSupport.stream(Spliterators.spliteratorUnknownSize(
--- a/src/share/classes/javax/management/MBeanAttributeInfo.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/javax/management/MBeanAttributeInfo.java	Tue Sep 24 14:34:55 2013 -0700
@@ -286,10 +286,10 @@
         if (!(o instanceof MBeanAttributeInfo))
             return false;
         MBeanAttributeInfo p = (MBeanAttributeInfo) o;
-        return (p.getName().equals(getName()) &&
-                p.getType().equals(getType()) &&
-                p.getDescription().equals(getDescription()) &&
-                p.getDescriptor().equals(getDescriptor()) &&
+        return (Objects.equals(p.getName(), getName()) &&
+                Objects.equals(p.getType(), getType()) &&
+                Objects.equals(p.getDescription(), getDescription()) &&
+                Objects.equals(p.getDescriptor(), getDescriptor()) &&
                 p.isReadable() == isReadable() &&
                 p.isWritable() == isWritable() &&
                 p.isIs() == isIs());
--- a/src/share/classes/javax/management/MBeanConstructorInfo.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/javax/management/MBeanConstructorInfo.java	Tue Sep 24 14:34:55 2013 -0700
@@ -191,10 +191,10 @@
         if (!(o instanceof MBeanConstructorInfo))
             return false;
         MBeanConstructorInfo p = (MBeanConstructorInfo) o;
-        return (p.getName().equals(getName()) &&
-                p.getDescription().equals(getDescription()) &&
+        return (Objects.equals(p.getName(), getName()) &&
+                Objects.equals(p.getDescription(), getDescription()) &&
                 Arrays.equals(p.fastGetSignature(), fastGetSignature()) &&
-                p.getDescriptor().equals(getDescriptor()));
+                Objects.equals(p.getDescriptor(), getDescriptor()));
     }
 
     /* Unlike attributes and operations, it's quite likely we'll have
--- a/src/share/classes/javax/management/MBeanFeatureInfo.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/javax/management/MBeanFeatureInfo.java	Tue Sep 24 14:34:55 2013 -0700
@@ -30,6 +30,7 @@
 import java.io.ObjectOutputStream;
 import java.io.Serializable;
 import java.io.StreamCorruptedException;
+import java.util.Objects;
 
 /**
  * <p>Provides general information for an MBean descriptor object.
@@ -147,9 +148,9 @@
         if (!(o instanceof MBeanFeatureInfo))
             return false;
         MBeanFeatureInfo p = (MBeanFeatureInfo) o;
-        return (p.getName().equals(getName()) &&
-                p.getDescription().equals(getDescription()) &&
-                p.getDescriptor().equals(getDescriptor()));
+        return (Objects.equals(p.getName(), getName()) &&
+                Objects.equals(p.getDescription(), getDescription()) &&
+                Objects.equals(p.getDescriptor(), getDescriptor()));
     }
 
     public int hashCode() {
--- a/src/share/classes/javax/management/MBeanNotificationInfo.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/javax/management/MBeanNotificationInfo.java	Tue Sep 24 14:34:55 2013 -0700
@@ -26,6 +26,7 @@
 package javax.management;
 
 import java.util.Arrays;
+import java.util.Objects;
 
 /**
  * <p>The <CODE>MBeanNotificationInfo</CODE> class is used to describe the
@@ -191,9 +192,9 @@
         if (!(o instanceof MBeanNotificationInfo))
             return false;
         MBeanNotificationInfo p = (MBeanNotificationInfo) o;
-        return (p.getName().equals(getName()) &&
-                p.getDescription().equals(getDescription()) &&
-                p.getDescriptor().equals(getDescriptor()) &&
+        return (Objects.equals(p.getName(), getName()) &&
+                Objects.equals(p.getDescription(), getDescription()) &&
+                Objects.equals(p.getDescriptor(), getDescriptor()) &&
                 Arrays.equals(p.fastGetNotifTypes(), fastGetNotifTypes()));
     }
 
--- a/src/share/classes/javax/management/MBeanOperationInfo.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/javax/management/MBeanOperationInfo.java	Tue Sep 24 14:34:55 2013 -0700
@@ -294,12 +294,12 @@
         if (!(o instanceof MBeanOperationInfo))
             return false;
         MBeanOperationInfo p = (MBeanOperationInfo) o;
-        return (p.getName().equals(getName()) &&
-                p.getReturnType().equals(getReturnType()) &&
-                p.getDescription().equals(getDescription()) &&
+        return (Objects.equals(p.getName(), getName()) &&
+                Objects.equals(p.getReturnType(), getReturnType()) &&
+                Objects.equals(p.getDescription(), getDescription()) &&
                 p.getImpact() == getImpact() &&
                 Arrays.equals(p.fastGetSignature(), fastGetSignature()) &&
-                p.getDescriptor().equals(getDescriptor()));
+                Objects.equals(p.getDescriptor(), getDescriptor()));
     }
 
     /* We do not include everything in the hashcode.  We assume that
--- a/src/share/classes/javax/management/MBeanParameterInfo.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/javax/management/MBeanParameterInfo.java	Tue Sep 24 14:34:55 2013 -0700
@@ -27,6 +27,7 @@
 
 import java.util.Objects;
 
+
 /**
  * Describes an argument of an operation exposed by an MBean.
  * Instances of this class are immutable.  Subclasses may be mutable
@@ -137,10 +138,10 @@
         if (!(o instanceof MBeanParameterInfo))
             return false;
         MBeanParameterInfo p = (MBeanParameterInfo) o;
-        return (p.getName().equals(getName()) &&
-                p.getType().equals(getType()) &&
-                p.getDescription().equals(getDescription()) &&
-                p.getDescriptor().equals(getDescriptor()));
+        return (Objects.equals(p.getName(), getName()) &&
+                Objects.equals(p.getType(), getType()) &&
+                Objects.equals(p.getDescription(), getDescription()) &&
+                Objects.equals(p.getDescriptor(), getDescriptor()));
     }
 
     public int hashCode() {
--- a/src/share/classes/sun/java2d/cmm/CMSManager.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/sun/java2d/cmm/CMSManager.java	Tue Sep 24 14:34:55 2013 -0700
@@ -104,53 +104,53 @@
             cName = tcmm.getClass().getName();
         }
 
-        public long loadProfile(byte[] data) {
+        public Profile loadProfile(byte[] data) {
             System.err.print(cName + ".loadProfile");
-            long profileID = tcmm.loadProfile(data);
-            System.err.printf("(ID=%x)\n", profileID);
-            return profileID;
+            Profile p = tcmm.loadProfile(data);
+            System.err.printf("(ID=%s)\n", p.toString());
+            return p;
         }
 
-        public void freeProfile(long profileID) {
-            System.err.printf(cName + ".freeProfile(ID=%x)\n", profileID);
-            tcmm.freeProfile(profileID);
+        public void freeProfile(Profile p) {
+            System.err.printf(cName + ".freeProfile(ID=%s)\n", p.toString());
+            tcmm.freeProfile(p);
         }
 
-        public int getProfileSize(long profileID) {
-            System.err.print(cName + ".getProfileSize(ID=" + profileID + ")");
-            int size = tcmm.getProfileSize(profileID);
+        public int getProfileSize(Profile p) {
+            System.err.print(cName + ".getProfileSize(ID=" + p + ")");
+            int size = tcmm.getProfileSize(p);
             System.err.println("=" + size);
             return size;
         }
 
-        public void getProfileData(long profileID, byte[] data) {
-            System.err.print(cName + ".getProfileData(ID=" + profileID + ") ");
+        public void getProfileData(Profile p, byte[] data) {
+            System.err.print(cName + ".getProfileData(ID=" + p + ") ");
             System.err.println("requested " + data.length + " byte(s)");
-            tcmm.getProfileData(profileID, data);
+            tcmm.getProfileData(p, data);
         }
 
-        public int getTagSize(long profileID, int tagSignature) {
+        public int getTagSize(Profile p, int tagSignature) {
             System.err.printf(cName + ".getTagSize(ID=%x, TagSig=%s)",
-                              profileID, signatureToString(tagSignature));
-            int size = tcmm.getTagSize(profileID, tagSignature);
+                              p, signatureToString(tagSignature));
+            int size = tcmm.getTagSize(p, tagSignature);
             System.err.println("=" + size);
             return size;
         }
 
-        public void getTagData(long profileID, int tagSignature,
+        public void getTagData(Profile p, int tagSignature,
                                byte[] data) {
             System.err.printf(cName + ".getTagData(ID=%x, TagSig=%s)",
-                              profileID, signatureToString(tagSignature));
+                              p, signatureToString(tagSignature));
             System.err.println(" requested " + data.length + " byte(s)");
-            tcmm.getTagData(profileID, tagSignature, data);
+            tcmm.getTagData(p, tagSignature, data);
         }
 
-        public void setTagData(long profileID, int tagSignature,
+        public void setTagData(Profile p, int tagSignature,
                                byte[] data) {
-            System.err.print(cName + ".setTagData(ID=" + profileID +
+            System.err.print(cName + ".setTagData(ID=" + p +
                              ", TagSig=" + tagSignature + ")");
             System.err.println(" sending " + data.length + " byte(s)");
-            tcmm.setTagData(profileID, tagSignature, data);
+            tcmm.setTagData(p, tagSignature, data);
         }
 
         /* methods for creating ColorTransforms */
--- a/src/share/classes/sun/java2d/cmm/PCMM.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/sun/java2d/cmm/PCMM.java	Tue Sep 24 14:34:55 2013 -0700
@@ -32,13 +32,13 @@
 public interface PCMM {
 
     /* methods invoked from ICC_Profile */
-    public long loadProfile(byte[] data);
-    public void freeProfile(long profileID);
-    public int  getProfileSize(long profileID);
-    public void getProfileData(long profileID, byte[] data);
-    public void getTagData(long profileID, int tagSignature, byte[] data);
-    public int getTagSize(long profileID, int tagSignature);
-    public void setTagData(long profileID, int tagSignature, byte[] data);
+    public Profile loadProfile(byte[] data);
+    public void freeProfile(Profile p);
+    public int  getProfileSize(Profile p);
+    public void getProfileData(Profile p, byte[] data);
+    public void getTagData(Profile p, int tagSignature, byte[] data);
+    public int getTagSize(Profile p, int tagSignature);
+    public void setTagData(Profile p, int tagSignature, byte[] data);
 
     /* methods for creating ColorTransforms */
     public ColorTransform createTransform(ICC_Profile profile, int renderType,
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/share/classes/sun/java2d/cmm/Profile.java	Tue Sep 24 14:34:55 2013 -0700
@@ -0,0 +1,43 @@
+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.java2d.cmm;
+
+import java.awt.color.CMMException;
+
+public class Profile {
+    private final long nativePtr;
+
+    protected Profile(long ptr) {
+        nativePtr = ptr;
+    }
+
+    protected final long getNativePtr() {
+        if (nativePtr == 0L) {
+            throw new CMMException("Invalid profile: ptr is null");
+        }
+        return nativePtr;
+    }
+}
--- a/src/share/classes/sun/java2d/cmm/lcms/LCMS.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/sun/java2d/cmm/lcms/LCMS.java	Tue Sep 24 14:34:55 2013 -0700
@@ -25,96 +25,139 @@
 
 package sun.java2d.cmm.lcms;
 
+import java.awt.color.CMMException;
 import java.awt.color.ICC_Profile;
-import java.util.Arrays;
-import java.util.HashMap;
 import sun.java2d.cmm.ColorTransform;
 import sun.java2d.cmm.PCMM;
+import sun.java2d.cmm.Profile;
+import sun.java2d.cmm.lcms.LCMSProfile.TagData;
 
 public class LCMS implements PCMM {
 
     /* methods invoked from ICC_Profile */
     @Override
-    public long loadProfile(byte[] data) {
-        long id = loadProfileNative(data);
+    public Profile loadProfile(byte[] data) {
+        final Object disposerRef = new Object();
 
-        if (id != 0L) {
-            if (profiles == null) {
-                profiles = new HashMap<>();
-            }
-            profiles.put(id, new TagCache(id));
+        final long ptr = loadProfileNative(data, disposerRef);
+
+        if (ptr != 0L) {
+            return new LCMSProfile(ptr, disposerRef);
         }
-        return id;
+        return null;
     }
 
-    private native long loadProfileNative(byte[] data);
+    private native long loadProfileNative(byte[] data, Object ref);
+
+    private LCMSProfile getLcmsProfile(Profile p) {
+        if (p instanceof LCMSProfile) {
+            return (LCMSProfile)p;
+        }
+        throw new CMMException("Invalid profile: " + p);
+    }
+
 
     @Override
-    public void freeProfile(long profileID) {
-        TagCache c = profiles.remove(profileID);
-        if (c != null) {
-            c.clear();
-        }
-        if (profiles.isEmpty()) {
-            profiles = null;
-        }
-        freeProfileNative(profileID);
+    public void freeProfile(Profile p) {
+        // we use disposer, so this method does nothing
     }
 
-    private native void freeProfileNative(long profileID);
+    @Override
+    public int getProfileSize(final Profile p) {
+        synchronized (p) {
+            return getProfileSizeNative(getLcmsProfile(p).getLcmsPtr());
+        }
+    }
 
-    public native synchronized int getProfileSize(long profileID);
-
-    public native synchronized void getProfileData(long profileID, byte[] data);
+    private native int getProfileSizeNative(long ptr);
 
     @Override
-    public synchronized int getTagSize(long profileID, int tagSignature) {
-        TagCache cache = profiles.get(profileID);
-
-        if (cache ==  null) {
-            cache = new TagCache(profileID);
-            profiles.put(profileID, cache);
+    public void getProfileData(final Profile p, byte[] data) {
+        synchronized (p) {
+            getProfileDataNative(getLcmsProfile(p).getLcmsPtr(), data);
         }
-
-        TagData t = cache.getTag(tagSignature);
-        return t == null ? 0 : t.getSize();
     }
 
-    private static native byte[] getTagNative(long profileID, int signature);
+    private native void getProfileDataNative(long ptr, byte[] data);
 
     @Override
-    public synchronized void getTagData(long profileID, int tagSignature,
-                                               byte[] data)
+    public int getTagSize(Profile p, int tagSignature) {
+        final LCMSProfile profile = getLcmsProfile(p);
+
+        synchronized (profile) {
+            TagData t = profile.getTag(tagSignature);
+            return t == null ? 0 : t.getSize();
+        }
+    }
+
+    static native byte[] getTagNative(long profileID, int signature);
+
+    @Override
+    public void getTagData(Profile p, int tagSignature, byte[] data)
     {
-        TagCache cache = profiles.get(profileID);
+        final LCMSProfile profile = getLcmsProfile(p);
 
-        if (cache ==  null) {
-            cache = new TagCache(profileID);
-            profiles.put(profileID, cache);
-        }
-
-        TagData t = cache.getTag(tagSignature);
-        if (t != null) {
-            t.copyDataTo(data);
+        synchronized (profile) {
+            TagData t = profile.getTag(tagSignature);
+            if (t != null) {
+                t.copyDataTo(data);
+            }
         }
     }
 
     @Override
-    public synchronized void setTagData(long profileID, int tagSignature, byte[] data) {
-        TagCache cache = profiles.get(profileID);
+    public synchronized void setTagData(Profile p, int tagSignature, byte[] data) {
+        final LCMSProfile profile = getLcmsProfile(p);
 
-        if (cache != null) {
-            cache.clear();
+        synchronized (profile) {
+            profile.clearTagCache();
+
+            // Now we are going to update the profile with new tag data
+            // In some cases, we may change the pointer to the native
+            // profile.
+            //
+            // If we fail to write tag data for any reason, the old pointer
+            // should be used.
+            setTagDataNative(profile.getLcmsPtr(),
+                    tagSignature, data);
         }
-        setTagDataNative(profileID, tagSignature, data);
     }
 
-    private native synchronized void setTagDataNative(long profileID, int tagSignature,
+    /**
+     * Writes supplied data as a tag into the profile.
+     * Destroys old profile, if new one was successfully
+     * created.
+     *
+     * Returns valid pointer to new profile.
+     *
+     * Throws CMMException if operation fails, preserve old profile from
+     * destruction.
+     */
+    private native void setTagDataNative(long ptr, int tagSignature,
                                                byte[] data);
 
-    public static native long getProfileID(ICC_Profile profile);
+    public synchronized static native LCMSProfile getProfileID(ICC_Profile profile);
 
-    public static native long createNativeTransform(
+    /* Helper method used from LCMSColorTransfrom */
+    static long createTransform(
+        LCMSProfile[] profiles, int renderType,
+        int inFormatter, boolean isInIntPacked,
+        int outFormatter, boolean isOutIntPacked,
+        Object disposerRef)
+    {
+        long[] ptrs = new long[profiles.length];
+
+        for (int i = 0; i < profiles.length; i++) {
+            if (profiles[i] == null) throw new CMMException("Unknown profile ID");
+
+            ptrs[i] = profiles[i].getLcmsPtr();
+        }
+
+        return createNativeTransform(ptrs, renderType, inFormatter,
+                isInIntPacked, outFormatter, isOutIntPacked, disposerRef);
+    }
+
+    private static native long createNativeTransform(
         long[] profileIDs, int renderType,
         int inFormatter, boolean isInIntPacked,
         int outFormatter, boolean isOutIntPacked,
@@ -175,59 +218,4 @@
 
         return theLcms;
     }
-
-    private static class TagData {
-        private int signature;
-        private byte[] data;
-
-        TagData(int sig, byte[] data) {
-            this.signature = sig;
-            this.data = data;
-        }
-
-        int getSize() {
-            return data.length;
-        }
-
-        byte[] getData() {
-            return Arrays.copyOf(data, data.length);
-        }
-
-        void copyDataTo(byte[] dst) {
-            System.arraycopy(data, 0, dst, 0, data.length);
-        }
-
-        int getSignature() {
-            return signature;
-        }
-    }
-
-    private static class TagCache  {
-        private long profileID;
-        private HashMap<Integer, TagData> tags;
-
-        TagCache(long id) {
-            profileID = id;
-
-            tags = new HashMap<>();
-        }
-
-        TagData getTag(int sig) {
-            TagData t = tags.get(sig);
-            if (t == null) {
-                byte[] tagData = getTagNative(profileID, sig);
-                if (tagData != null) {
-                    t = new TagData(sig, tagData);
-                    tags.put(sig, t);
-                }
-            }
-            return t;
-        }
-
-        void clear() {
-            tags.clear();
-        }
-    }
-
-    private static HashMap<Long, TagCache> profiles;
 }
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/share/classes/sun/java2d/cmm/lcms/LCMSProfile.java	Tue Sep 24 14:34:55 2013 -0700
@@ -0,0 +1,109 @@
+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.java2d.cmm.lcms;
+
+import java.awt.color.CMMException;
+import java.util.Arrays;
+import java.util.HashMap;
+import sun.java2d.cmm.Profile;
+
+final class LCMSProfile extends Profile {
+    private final TagCache tagCache;
+
+    private final Object disposerReferent;
+
+    LCMSProfile(long ptr, Object ref) {
+        super(ptr);
+
+        disposerReferent = ref;
+
+        tagCache = new TagCache(this);
+    }
+
+    final long getLcmsPtr() {
+        return this.getNativePtr();
+    }
+
+    TagData getTag(int sig) {
+        return tagCache.getTag(sig);
+    }
+
+    void clearTagCache() {
+        tagCache.clear();
+    }
+
+    static class TagCache  {
+        final LCMSProfile profile;
+        private HashMap<Integer, TagData> tags;
+
+        TagCache(LCMSProfile p) {
+            profile = p;
+            tags = new HashMap<>();
+        }
+
+        TagData getTag(int sig) {
+            TagData t = tags.get(sig);
+            if (t == null) {
+                byte[] tagData = LCMS.getTagNative(profile.getNativePtr(), sig);
+                if (tagData != null) {
+                    t = new TagData(sig, tagData);
+                    tags.put(sig, t);
+                }
+            }
+            return t;
+        }
+
+        void clear() {
+            tags.clear();
+        }
+    }
+
+    static class TagData {
+        private int signature;
+        private byte[] data;
+
+        TagData(int sig, byte[] data) {
+            this.signature = sig;
+            this.data = data;
+        }
+
+        int getSize() {
+            return data.length;
+        }
+
+        byte[] getData() {
+            return Arrays.copyOf(data, data.length);
+        }
+
+        void copyDataTo(byte[] dst) {
+            System.arraycopy(data, 0, dst, 0, data.length);
+        }
+
+        int getSignature() {
+            return signature;
+        }
+    }
+}
--- a/src/share/classes/sun/java2d/cmm/lcms/LCMSTransform.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/sun/java2d/cmm/lcms/LCMSTransform.java	Tue Sep 24 14:34:55 2013 -0700
@@ -62,7 +62,7 @@
     private boolean isOutIntPacked = false;
 
     ICC_Profile[] profiles;
-    long [] profileIDs;
+    LCMSProfile[] lcmsProfiles;
     int renderType;
     int transformType;
 
@@ -84,8 +84,8 @@
         /* Actually, it is not a complete transform but just part of it */
         profiles = new ICC_Profile[1];
         profiles[0] = profile;
-        profileIDs = new long[1];
-        profileIDs[0] = LCMS.getProfileID(profile);
+        lcmsProfiles = new LCMSProfile[1];
+        lcmsProfiles[0] = LCMS.getProfileID(profile);
         this.renderType = (renderType == ColorTransform.Any)?
                               ICC_Profile.icPerceptual : renderType;
         this.transformType = transformType;
@@ -105,14 +105,14 @@
             size+=((LCMSTransform)transforms[i]).profiles.length;
         }
         profiles = new ICC_Profile[size];
-        profileIDs = new long[size];
+        lcmsProfiles = new LCMSProfile[size];
         int j = 0;
         for (int i=0; i < transforms.length; i++) {
             LCMSTransform curTrans = (LCMSTransform)transforms[i];
             System.arraycopy(curTrans.profiles, 0, profiles, j,
                              curTrans.profiles.length);
-            System.arraycopy(curTrans.profileIDs, 0, profileIDs, j,
-                             curTrans.profileIDs.length);
+            System.arraycopy(curTrans.lcmsProfiles, 0, lcmsProfiles, j,
+                             curTrans.lcmsProfiles.length);
             j += curTrans.profiles.length;
         }
         renderType = ((LCMSTransform)transforms[0]).renderType;
@@ -152,7 +152,7 @@
             outFormatter = out.pixelType;
             isOutIntPacked = out.isIntPacked;
 
-            ID = LCMS.createNativeTransform(profileIDs, renderType,
+            ID = LCMS.createTransform(lcmsProfiles, renderType,
                                             inFormatter, isInIntPacked,
                                             outFormatter, isOutIntPacked,
                                             disposerReferent);
--- a/src/share/classes/sun/launcher/LauncherHelper.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/sun/launcher/LauncherHelper.java	Tue Sep 24 14:34:55 2013 -0700
@@ -51,6 +51,7 @@
 import java.nio.file.DirectoryStream;
 import java.nio.file.Files;
 import java.nio.file.Path;
+import java.text.Normalizer;
 import java.util.ResourceBundle;
 import java.text.MessageFormat;
 import java.util.ArrayList;
@@ -493,7 +494,19 @@
         try {
             mainClass = scloader.loadClass(cn);
         } catch (NoClassDefFoundError | ClassNotFoundException cnfe) {
-            abort(cnfe, "java.launcher.cls.error1", cn);
+            if (System.getProperty("os.name", "").contains("OS X")
+                && Normalizer.isNormalized(cn, Normalizer.Form.NFD)) {
+                try {
+                    // On Mac OS X since all names with diacretic symbols are given as decomposed it
+                    // is possible that main class name comes incorrectly from the command line
+                    // and we have to re-compose it
+                    mainClass = scloader.loadClass(Normalizer.normalize(cn, Normalizer.Form.NFC));
+                } catch (NoClassDefFoundError | ClassNotFoundException cnfe1) {
+                    abort(cnfe, "java.launcher.cls.error1", cn);
+                }
+            } else {
+                abort(cnfe, "java.launcher.cls.error1", cn);
+            }
         }
         // set to mainClass
         appClass = mainClass;
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/share/classes/sun/print/DocumentPropertiesUI.java	Tue Sep 24 14:34:55 2013 -0700
@@ -0,0 +1,62 @@
+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.print;
+
+import java.awt.Window;
+import java.awt.print.PrinterJob;
+import javax.print.PrintService;
+import javax.print.ServiceUIFactory;
+import javax.print.attribute.PrintRequestAttributeSet;
+
+public abstract class DocumentPropertiesUI {
+
+    /**
+     * For Win32 doc properties sheet.
+     */
+    public static final int
+        DOCUMENTPROPERTIES_ROLE = ServiceUIFactory.RESERVED_UIROLE +100;
+
+    /**
+     * Name of (this) abstract class for Document Properties.
+     */
+    public static final String
+        DOCPROPERTIESCLASSNAME = DocumentPropertiesUI.class.getName();
+
+    /**
+     * Invokes whatever code is needed to display a native dialog
+     * with the specified owner. The owner should be the cross-platform
+     * dialog. If the user cancels the dialog the return value is null.
+     * A non-null return value is always a new attribute set (or is it?)
+     * The cross-platform dialog may need to be updated to reflect the
+     * updated properties.
+     */
+    public abstract PrintRequestAttributeSet
+        showDocumentProperties(PrinterJob job,
+                               Window owner,
+                               PrintService service,
+                               PrintRequestAttributeSet aset);
+
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/share/classes/sun/print/PrinterJobWrapper.java	Tue Sep 24 14:34:55 2013 -0700
@@ -0,0 +1,60 @@
+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.print;
+
+import java.awt.print.PrinterJob;
+import javax.print.attribute.PrintRequestAttribute;
+
+public class PrinterJobWrapper implements PrintRequestAttribute {
+
+    private static final long serialVersionUID = -8792124426995707237L;
+
+    private PrinterJob job;
+
+    public PrinterJobWrapper(PrinterJob job) {
+        this.job = job;
+    }
+
+    public PrinterJob getPrinterJob() {
+        return job;
+    }
+
+    public final Class getCategory() {
+        return PrinterJobWrapper.class;
+    }
+
+    public final String getName() {
+        return "printerjob-wrapper";
+    }
+
+    public String toString() {
+       return "printerjob-wrapper: " + job.toString();
+    }
+
+    public int hashCode() {
+        return job.hashCode();
+    }
+}
--- a/src/share/classes/sun/print/RasterPrinterJob.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/sun/print/RasterPrinterJob.java	Tue Sep 24 14:34:55 2013 -0700
@@ -903,6 +903,9 @@
         int x = bounds.x+bounds.width/3;
         int y = bounds.y+bounds.height/3;
         PrintService newService;
+        // temporarily add an attribute pointing back to this job.
+        PrinterJobWrapper jobWrapper = new PrinterJobWrapper(this);
+        attributes.add(jobWrapper);
         try {
             newService =
             ServiceUI.printDialog(gc, x, y,
@@ -915,6 +918,7 @@
                                   DocFlavor.SERVICE_FORMATTED.PAGEABLE,
                                   attributes);
         }
+        attributes.remove(PrinterJobWrapper.class);
 
         if (newService == null) {
             return false;
--- a/src/share/classes/sun/print/ServiceDialog.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/sun/print/ServiceDialog.java	Tue Sep 24 14:34:55 2013 -0700
@@ -46,6 +46,7 @@
 import java.awt.event.ItemListener;
 import java.awt.event.WindowEvent;
 import java.awt.event.WindowAdapter;
+import java.awt.print.PrinterJob;
 import java.io.File;
 import java.io.FilePermission;
 import java.io.IOException;
@@ -119,8 +120,6 @@
     private AppearancePanel pnlAppearance;
 
     private boolean isAWT = false;
-
-
     static {
         initResource();
     }
@@ -801,9 +800,32 @@
                     if (dialog != null) {
                         dialog.show();
                     } else {
-                        // REMIND: may want to notify the user why we're
-                        //         disabling the button
-                        btnProperties.setEnabled(false);
+                        DocumentPropertiesUI docPropertiesUI = null;
+                        try {
+                            docPropertiesUI =
+                                (DocumentPropertiesUI)uiFactory.getUI
+                                (DocumentPropertiesUI.DOCUMENTPROPERTIES_ROLE,
+                                 DocumentPropertiesUI.DOCPROPERTIESCLASSNAME);
+                        } catch (Exception ex) {
+                        }
+                        if (docPropertiesUI != null) {
+                            PrinterJobWrapper wrapper = (PrinterJobWrapper)
+                                asCurrent.get(PrinterJobWrapper.class);
+                            if (wrapper == null) {
+                                return; // should not happen, defensive only.
+                            }
+                            PrinterJob job = wrapper.getPrinterJob();
+                            if (job == null) {
+                                return;  // should not happen, defensive only.
+                            }
+                            PrintRequestAttributeSet newAttrs =
+                               docPropertiesUI.showDocumentProperties
+                               (job, ServiceDialog.this, psCurrent, asCurrent);
+                            if (newAttrs != null) {
+                                asCurrent.addAll(newAttrs);
+                                updatePanels();
+                            }
+                        }
                     }
                 }
             }
--- a/src/share/classes/sun/security/krb5/Config.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/sun/security/krb5/Config.java	Tue Sep 24 14:34:55 2013 -0700
@@ -225,19 +225,19 @@
      * and has no sub-key at all (given "forwardable" is defined, otherwise,
      * this method has no knowledge if it's a value name or a section name),
      */
-    @SuppressWarnings("unchecked")
     public String get(String... keys) {
-        Vector<String> v = get0(keys);
+        Vector<String> v = getString0(keys);
         if (v == null) return null;
         return v.lastElement();
     }
 
     /**
      * Gets all values for the specified keys.
-     * @see #get(java.lang.String[])
+     * @throws IllegalArgumentException if any of the keys is illegal
+     *         (See {@link #get})
      */
     public String getAll(String... keys) {
-        Vector<String> v = get0(keys);
+        Vector<String> v = getString0(keys);
         if (v == null) return null;
         StringBuilder sb = new StringBuilder();
         boolean first = true;
@@ -252,17 +252,37 @@
         return sb.toString();
     }
 
-    // Internal method. Returns the vector of strings for keys.
+    /**
+     * Returns true if keys exists, can be either final string(s) or sub-stanza
+     * @throws IllegalArgumentException if any of the keys is illegal
+     *         (See {@link #get})
+     */
+    public boolean exists(String... keys) {
+        return get0(keys) != null;
+    }
+
+    // Returns final string value(s) for given keys.
+    @SuppressWarnings("unchecked")
+    private Vector<String> getString0(String... keys) {
+        try {
+            return (Vector<String>)get0(keys);
+        } catch (ClassCastException cce) {
+            throw new IllegalArgumentException(cce);
+        }
+    }
+
+    // Internal method. Returns the value for keys, which can be a sub-stanza
+    // or final string value(s).
     // The only method (except for toString) that reads stanzaTable directly.
     @SuppressWarnings("unchecked")
-    private Vector<String> get0(String... keys) {
+    private Object get0(String... keys) {
         Object current = stanzaTable;
         try {
             for (String key: keys) {
                 current = ((Hashtable<String,Object>)current).get(key);
                 if (current == null) return null;
             }
-            return (Vector<String>)current;
+            return current;
         } catch (ClassCastException cce) {
             throw new IllegalArgumentException(cce);
         }
--- a/src/share/classes/sun/security/krb5/Realm.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/sun/security/krb5/Realm.java	Tue Sep 24 14:34:55 2013 -0700
@@ -34,10 +34,8 @@
 import sun.security.krb5.internal.Krb5;
 import sun.security.util.*;
 import java.io.IOException;
-import java.util.StringTokenizer;
-import java.util.Vector;
-import java.util.Stack;
-import java.util.EmptyStackException;
+import java.util.*;
+
 import sun.security.krb5.internal.util.KerberosString;
 
 /**
@@ -50,7 +48,6 @@
  */
 public class Realm implements Cloneable {
     private final String realm; // not null nor empty
-    private static boolean DEBUG = Krb5.DEBUG;
 
     public Realm(String name) throws RealmException {
         realm = parseRealm(name);
@@ -233,90 +230,53 @@
         }
     }
 
-    /*
-     * First leg of realms parsing. Used by getRealmsList.
-     */
-    private static String[] doInitialParse(String cRealm, String sRealm)
-        throws KrbException {
-            if (cRealm == null || sRealm == null){
-                throw new KrbException(Krb5.API_INVALID_ARG);
-            }
-            if (DEBUG) {
-                System.out.println(">>> Realm doInitialParse: cRealm=["
-                                   + cRealm + "], sRealm=[" +sRealm + "]");
-            }
-            if (cRealm.equals(sRealm)) {
-                String[] retList = null;
-                retList = new String[1];
-                retList[0] = new String(cRealm);
-
-                if (DEBUG) {
-                    System.out.println(">>> Realm doInitialParse: "
-                                       + retList[0]);
-                }
-                return retList;
-            }
-            return null;
-        }
-
     /**
      * Returns an array of realms that may be traversed to obtain
      * a TGT from the initiating realm cRealm to the target realm
      * sRealm.
      * <br>
-     * There may be an arbitrary number of intermediate realms
-     * between cRealm and sRealm. The realms may be organized
-     * organized hierarchically, or the paths between them may be
-     * specified in the [capaths] stanza of the caller's
-     * Kerberos configuration file. The configuration file is consulted
-     * first. Then a hirarchical organization is assumed if no realms
-     * are found in the configuration file.
+     * This method would read [capaths] to create a path, or generate a
+     * hierarchical path if [capaths] does not contain a sub-stanza for cRealm
+     * or the sub-stanza does not contain a tag for sRealm.
      * <br>
-     * The returned list, if not null, contains cRealm as the first
-     * entry. sRealm is not included unless it is mistakenly listed
-     * in the configuration file as an intermediary realm.
+     * The returned list would never be null, and it always contains
+     * cRealm as the head entry. sRealm is not included as the tail.
      *
-     * @param cRealm the initiating realm
-     * @param sRealm the target realm
-     * @returns array of realms
-     * @thows KrbException
+     * @param cRealm the initiating realm, not null
+     * @param sRealm the target realm, not null, not equals to cRealm
+     * @returns array of realms including at least cRealm as the first
+     *          element
      */
-    public static String[] getRealmsList(String cRealm, String sRealm)
-        throws KrbException {
-            String[] retList = doInitialParse(cRealm, sRealm);
-            if (retList != null && retList.length != 0) {
-                return retList;
-            }
-            /*
-             * Try [capaths].
-             */
-            retList = parseCapaths(cRealm, sRealm);
-            if (retList != null && retList.length != 0) {
-                return retList;
-            }
-            /*
-             * Now assume the realms are organized hierarchically.
-             */
-            retList = parseHierarchy(cRealm, sRealm);
-            return retList;
+    public static String[] getRealmsList(String cRealm, String sRealm) {
+        try {
+            // Try [capaths]
+            return parseCapaths(cRealm, sRealm);
+        } catch (KrbException ke) {
+            // Now assume the realms are organized hierarchically.
+            return parseHierarchy(cRealm, sRealm);
         }
+    }
 
     /**
-     * Parses the [capaths] stanza of the configuration file
-     * for a list of realms to traverse
-     * to obtain credentials from the initiating realm cRealm to
-     * the target realm sRealm.
-     * @param cRealm the initiating realm
-     * @param sRealm the target realm
-     * @returns array of realms
-     * @ throws KrbException
-     */
-
-    /*
-     * parseCapaths works for a capaths organized such that
-     * for a given client realm C there is a tag C that
-     * contains subtags Ci ... Cn that completely define intermediate
-     * realms from C to target T. For example:
+     * Parses the [capaths] stanza of the configuration file for a
+     * list of realms to traverse to obtain credentials from the
+     * initiating realm cRealm to the target realm sRealm.
+     *
+     * For a given client realm C there is a tag C in [capaths] whose
+     * subtag S has a value which is a (possibly partial) path from C
+     * to S. When the path is partial, it contains only the tail of the
+     * full path. Values of other subtags will be used to build the full
+     * path. The value "." means a direct path from C to S. If realm S
+     * does not appear as a subtag, there is no path defined here.
+     *
+     * The implementation ignores all values which equals to C or S, or
+     * a "." in multiple values, or any duplicated realm names.
+     *
+     * When a path value has more than two realms, they can be specified
+     * with multiple key-value pairs each having a single value, but the
+     * order must not change.
+     *
+     * For example:
      *
      * [capaths]
      *    TIVOLI.COM = {
@@ -325,357 +285,130 @@
      *        LDAPCENTRAL.NET = .
      *    }
      *
-     * The tag TIVOLI.COM contains subtags IBM.COM, IBM_LDAPCENTRAL.COM
-     * and LDAPCENTRAL.NET that completely define the path from TIVOLI.COM
-     * to IBM.COM (TIVOLI.COM->LADAPCENTRAL.NET->IBM_LDAPCENTRAL.COM->IBM
-     * or TIVOLI.COM->MOONLITE.ORG->IBM.COM).
+     * TIVOLI.COM has a direct path to LDAPCENTRAL.NET, which has a direct
+     * path to IBM_LDAPCENTRAL.COM. It also has a partial path to IBM.COM
+     * being "IBM_LDAPCENTRAL.COM MOONLITE.ORG". Merging these info together,
+     * a full path from TIVOLI.COM to IBM.COM will be
      *
-     * A direct path is assumed for an intermediary whose entry is not
-     * "closed" by a "." In the above example, TIVOLI.COM is assumed
-     * to have a direct path to MOONLITE.ORG and MOONLITE.COM
-     * in turn to IBM.COM.
+     *   TIVOLI.COM -> LDAPCENTRAL.NET -> IBM_LDAPCENTRAL.COM
+     *              -> IBM_LDAPCENTRAL.COM -> MOONLITE.ORG
+     *
+     * Please note the sRealm IBM.COM does not appear in the path.
+     *
+     * @param cRealm the initiating realm
+     * @param sRealm the target realm, not the same as cRealm
+     * @returns array of realms including at least cRealm as the first
+     *          element
+     * @throws KrbException if the config does not contain a sub-stanza
+     *          for cRealm in [capaths] or the sub-stanza does not contain
+     *          sRealm as a tag
      */
+    private static String[] parseCapaths(String cRealm, String sRealm)
+            throws KrbException {
 
-    private static String[] parseCapaths(String cRealm, String sRealm) throws KrbException {
-        String[] retList = null;
+        // This line could throw a KrbException
+        Config cfg = Config.getInstance();
 
-        Config cfg = null;
-        try {
-            cfg = Config.getInstance();
-        } catch (Exception exc) {
-            if (DEBUG) {
-                System.out.println ("Configuration information can not be " +
-                                    "obtained " + exc.getMessage());
-            }
-            return null;
+        if (!cfg.exists("capaths", cRealm, sRealm)) {
+            throw new KrbException("No conf");
         }
 
-        String intermediaries = cfg.getAll("capaths", cRealm, sRealm);
+        LinkedList<String> path = new LinkedList<>();
 
-        if (intermediaries == null) {
-            if (DEBUG) {
-                System.out.println(">>> Realm parseCapaths: no cfg entry");
-            }
-            return null;
-        }
-
-        String tempTarget = null, tempRealm = null;
-        Stack<String> iStack = new Stack<>();
-
-        /*
-         * The half-established reversed-path, starting from the final target
-         * (sRealm), each item can be connected to by the next one.
-         * Might contains wrong item, if found, a bad track is performed
-         */
-        Vector<String> tempList = new Vector<>(8, 8);
-        tempList.add(sRealm);
-
-        int count = 0; // For debug only
-        tempTarget = sRealm;
-
-        out: do {
-            if (DEBUG) {
-                count++;
-                System.out.println(">>> Realm parseCapaths: loop " +
-                                   count + ": target=" + tempTarget);
-            }
-
-            if (intermediaries != null &&
-                !intermediaries.equals(".") &&
-                !intermediaries.equals(cRealm)) {
-                if (DEBUG) {
-                    System.out.println(">>> Realm parseCapaths: loop " +
-                                       count + ": intermediaries=[" +
-                                       intermediaries + "]");
-                }
-
-                /*
-                 * We have one or more space-separated intermediary realms.
-                 * Stack them. A null is always added between intermedies of
-                 * different targets. When this null is popped, it means none
-                 * of the intermedies for this target is useful (because of
-                 * infinite loop), the target is then removed from the partial
-                 * tempList, and the next possible intermediary is tried.
-                 */
-                iStack.push(null);
-                String[] ints = intermediaries.split("\\s+");
-                for (int i = ints.length-1; i>=0; i--)
-                {
-                    tempRealm = ints[i];
-                    if (tempRealm.equals(PrincipalName.REALM_COMPONENT_SEPARATOR_STR)) {
-                        break out;
-                    }
-                    if (!tempList.contains(tempRealm)) {
-                        iStack.push(tempRealm);
-                        if (DEBUG) {
-                            System.out.println(">>> Realm parseCapaths: loop " +
-                                               count +
-                                               ": pushed realm on to stack: " +
-                                               tempRealm);
-                        }
-                    } else if (DEBUG) {
-                        System.out.println(">>> Realm parseCapaths: loop " +
-                                           count +
-                                           ": ignoring realm: [" +
-                                           tempRealm + "]");
-                    }
-                }
-            } else {
-                if (DEBUG) {
-                    System.out.println(">>> Realm parseCapaths: loop " +
-                                       count +
-                                       ": no intermediaries");
-                }
+        String head = sRealm;
+        while (true) {
+            String value = cfg.getAll("capaths", cRealm, head);
+            if (value == null) {
                 break;
             }
-
-            /*
-             * Get next intermediary realm from the stack
-             */
-
-            try {
-                while ((tempTarget = iStack.pop()) == null) {
-                    tempList.removeElementAt(tempList.size()-1);
-                    if (DEBUG) {
-                        System.out.println(">>> Realm parseCapaths: backtrack, remove tail");
-                    }
+            String[] more = value.split("\\s+");
+            boolean changed = false;
+            for (int i=more.length-1; i>=0; i--) {
+                if (path.contains(more[i])
+                        || more[i].equals(".")
+                        || more[i].equals(cRealm)
+                        || more[i].equals(sRealm)
+                        || more[i].equals(head)) {
+                    // Ignore invalid values
+                    continue;
                 }
-            } catch (EmptyStackException exc) {
-                tempTarget = null;
+                changed = true;
+                path.addFirst(more[i]);
             }
-
-            if (tempTarget == null) {
-                /*
-                 * No more intermediaries. We're done.
-                 */
-                break;
-            }
-
-            tempList.add(tempTarget);
-
-            if (DEBUG) {
-                System.out.println(">>> Realm parseCapaths: loop " + count +
-                                   ": added intermediary to list: " +
-                                   tempTarget);
-            }
-
-            intermediaries = cfg.getAll("capaths", cRealm, tempTarget);
-
-        } while (true);
-
-        if (tempList.isEmpty()) {
-            return null;
+            if (!changed) break;
+            head = path.getFirst();
         }
-
-        // From (SREALM, T1, T2) to (CREALM, T2, T1)
-        retList = new String[tempList.size()];
-        retList[0] = cRealm;
-        for (int i=1; i<tempList.size(); i++) {
-            retList[i] = tempList.elementAt(tempList.size()-i);
-        }
-
-        if (DEBUG && retList != null) {
-            for (int i = 0; i < retList.length; i++) {
-                System.out.println(">>> Realm parseCapaths [" + i +
-                                   "]=" + retList[i]);
-            }
-        }
-
-        return retList;
-    }
+        path.addFirst(cRealm);
+        return path.toArray(new String[path.size()]);
+   }
 
     /**
      * Build a list of realm that can be traversed
      * to obtain credentials from the initiating realm cRealm
      * for a service in the target realm sRealm.
      * @param cRealm the initiating realm
-     * @param sRealm the target realm
-     * @returns array of realms
-     * @throws KrbException
+     * @param sRealm the target realm, not the same as cRealm
+     * @returns array of realms including cRealm as the first element
      */
-    private static String[] parseHierarchy(String cRealm, String sRealm)
-        throws KrbException
-    {
-        String[] retList = null;
+    private static String[] parseHierarchy(String cRealm, String sRealm) {
 
-        // Parse the components and determine common part, if any.
+        String[] cComponents = cRealm.split("\\.");
+        String[] sComponents = sRealm.split("\\.");
 
-        String[] cComponents = null;
-        String[] sComponents = null;
+        int cPos = cComponents.length;
+        int sPos = sComponents.length;
 
-        StringTokenizer strTok =
-        new StringTokenizer(cRealm,
-                            PrincipalName.REALM_COMPONENT_SEPARATOR_STR);
-
-        // Parse cRealm
-
-        int cCount = strTok.countTokens();
-        cComponents = new String[cCount];
-
-        for (cCount = 0; strTok.hasMoreTokens(); cCount++) {
-            cComponents[cCount] = strTok.nextToken();
+        boolean hasCommon = false;
+        for (sPos--, cPos--; sPos >=0 && cPos >= 0 &&
+                sComponents[sPos].equals(cComponents[cPos]);
+                sPos--, cPos--) {
+            hasCommon = true;
         }
 
-        if (DEBUG) {
-            System.out.println(">>> Realm parseHierarchy: cRealm has " +
-                               cCount + " components:");
-            int j = 0;
-            while (j < cCount) {
-                System.out.println(">>> Realm parseHierarchy: " +
-                                   "cComponents["+j+"]=" + cComponents[j++]);
-            }
+        // For those with common components:
+        //                            length  pos
+        // SITES1.SALES.EXAMPLE.COM   4       1
+        //   EVERYWHERE.EXAMPLE.COM   3       0
+
+        // For those without common components:
+        //                     length  pos
+        // DEVEL.EXAMPLE.COM   3       2
+        // PROD.EXAMPLE.ORG    3       2
+
+        LinkedList<String> path = new LinkedList<>();
+
+        // Un-common ones for client side
+        for (int i=0; i<=cPos; i++) {
+            path.addLast(subStringFrom(cComponents, i));
         }
 
-        // Parse sRealm
-
-        strTok = new StringTokenizer(sRealm,
-                                     PrincipalName.REALM_COMPONENT_SEPARATOR_STR);
-
-        int sCount = strTok.countTokens();
-        sComponents = new String[sCount];
-
-        for (sCount = 0; strTok.hasMoreTokens(); sCount++) {
-            sComponents[sCount] = strTok.nextToken();
+        // Common one
+        if (hasCommon) {
+            path.addLast(subStringFrom(cComponents, cPos+1));
         }
 
-        if (DEBUG) {
-            System.out.println(">>> Realm parseHierarchy: sRealm has " +
-                               sCount + " components:");
-            int j = 0;
-            while (j < sCount) {
-                System.out.println(">>> Realm parseHierarchy: sComponents["+j+
-                                   "]=" + sComponents[j++]);
-            }
+        // Un-common ones for server side
+        for (int i=sPos; i>=0; i--) {
+            path.addLast(subStringFrom(sComponents, i));
         }
 
-        // Determine common components, if any.
+        // Remove sRealm from path. Note that it might be added at last loop
+        // or as a common component, if sRealm is a parent of cRealm
+        path.removeLast();
 
-        int commonComponents = 0;
-
-        //while (sCount > 0 && cCount > 0 &&
-        //          sComponents[--sCount].equals(cComponents[--cCount]))
-
-        for (sCount--, cCount--; sCount >=0 && cCount >= 0 &&
-                 sComponents[sCount].equals(cComponents[cCount]);
-             sCount--, cCount--) {
-            commonComponents++;
-        }
-
-        int cCommonStart = -1;
-        int sCommonStart = -1;
-
-        int links = 0;
-
-        if (commonComponents > 0) {
-            sCommonStart = sCount+1;
-            cCommonStart = cCount+1;
-
-            // components from common to ancestors
-            links += sCommonStart;
-            links += cCommonStart;
-        } else {
-            links++;
-        }
-
-        if (DEBUG) {
-            if (commonComponents > 0) {
-                System.out.println(">>> Realm parseHierarchy: " +
-                                   commonComponents + " common component" +
-                                   (commonComponents > 1 ? "s" : " "));
-
-                System.out.println(">>> Realm parseHierarchy: common part "
-                                   +
-                                   "in cRealm (starts at index " +
-                                   cCommonStart + ")");
-                System.out.println(">>> Realm parseHierarchy: common part in sRealm (starts at index " +
-                                   sCommonStart + ")");
-
-
-                String commonPart = substring(cRealm, cCommonStart);
-                System.out.println(">>> Realm parseHierarchy: common part in cRealm=" +
-                                   commonPart);
-
-                commonPart = substring(sRealm, sCommonStart);
-                System.out.println(">>> Realm parseHierarchy: common part in sRealm=" +
-                                   commonPart);
-
-            } else
-            System.out.println(">>> Realm parseHierarchy: no common part");
-        }
-
-        if (DEBUG) {
-            System.out.println(">>> Realm parseHierarchy: total links=" + links);
-        }
-
-        retList = new String[links];
-
-        retList[0] = new String(cRealm);
-
-        if (DEBUG) {
-            System.out.println(">>> Realm parseHierarchy A: retList[0]=" +
-                               retList[0]);
-        }
-
-        // For an initiator realm A.B.C.D.COM,
-        // build a list krbtgt/B.C.D.COM@A.B.C.D.COM up to the common part,
-        // ie the issuer realm is the immediate descendant
-        // of the target realm.
-
-        String cTemp = null, sTemp = null;
-        int i;
-        for (i = 1, cCount = 0; i < links && cCount < cCommonStart; cCount++) {
-            sTemp = substring(cRealm, cCount+1);
-            //cTemp = substring(cRealm, cCount);
-            retList[i++] = new String(sTemp);
-
-            if (DEBUG) {
-                System.out.println(">>> Realm parseHierarchy B: retList[" +
-                                   (i-1) +"]="+retList[i-1]);
-            }
-        }
-
-
-        for (sCount = sCommonStart; i < links && sCount - 1 > 0; sCount--) {
-            sTemp = substring(sRealm, sCount-1);
-            //cTemp = substring(sRealm, sCount);
-            retList[i++] = new String(sTemp);
-            if (DEBUG) {
-                System.out.println(">>> Realm parseHierarchy D: retList[" +
-                                   (i-1) +"]="+retList[i-1]);
-            }
-        }
-
-        return retList;
+        return path.toArray(new String[path.size()]);
     }
 
-    private static String substring(String realm, int componentIndex)
-    {
-        int i = 0 , j = 0, len = realm.length();
-
-        while(i < len && j != componentIndex) {
-            if (realm.charAt(i++) != PrincipalName.REALM_COMPONENT_SEPARATOR)
-                continue;
-            j++;
+    /**
+     * Creates a realm name using components from the given postion.
+     * For example, subStringFrom({"A", "B", "C"}, 1) is "B.C".
+     */
+    private static String subStringFrom(String[] components, int from) {
+        StringBuilder sb = new StringBuilder();
+        for (int i=from; i<components.length; i++) {
+            if (sb.length() != 0) sb.append('.');
+            sb.append(components[i]);
         }
-
-        return realm.substring(i);
+        return sb.toString();
     }
-
-    static int getRandIndex(int arraySize) {
-        return (int)(Math.random() * 16384.0) % arraySize;
-    }
-
-    static void printNames(String[] names) {
-        if (names == null || names.length == 0)
-            return;
-
-        int len = names.length;
-        int i = 0;
-        System.out.println("List length = " + len);
-        while (i < names.length) {
-            System.out.println("["+ i +"]=" + names[i]);
-            i++;
-        }
-    }
-
 }
--- a/src/share/classes/sun/security/krb5/internal/CredentialsUtil.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/sun/security/krb5/internal/CredentialsUtil.java	Tue Sep 24 14:34:55 2013 -0700
@@ -160,7 +160,7 @@
     /**
      * Gets a TGT to another realm
      * @param localRealm this realm
-     * @param serviceRealm the other realm
+     * @param serviceRealm the other realm, cannot equals to localRealm
      * @param ccreds TGT in this realm
      * @param okAsDelegate an [out] argument to receive the okAsDelegate
      * property. True only if all realms allow delegation.
@@ -174,14 +174,6 @@
         // Get a list of realms to traverse
         String[] realms = Realm.getRealmsList(localRealm, serviceRealm);
 
-        if (realms == null || realms.length == 0) {
-            if (DEBUG) {
-                System.out.println(
-                        ">>> Credentials acquireServiceCreds: no realms list");
-            }
-            return null;
-        }
-
         int i = 0, k = 0;
         Credentials cTgt = null, newTgt = null, theTgt = null;
         PrincipalName tempService = null;
@@ -206,16 +198,14 @@
             if (newTgt == null) {
                 if (DEBUG) {
                     System.out.println(">>> Credentials acquireServiceCreds: "
-                            + "no tgt; searching backwards");
+                            + "no tgt; searching thru capath");
                 }
 
                 /*
-                 * No tgt found. Try to get one for a
-                 * realm as close to the target as possible.
-                 * That means traversing the realms list backwards.
+                 * No tgt found. Let's go thru the realms list one by one.
                  */
-                for (newTgt = null, k = realms.length - 1;
-                        newTgt == null && k > i; k--) {
+                for (newTgt = null, k = i+1;
+                        newTgt == null && k < realms.length; k++) {
                     tempService = PrincipalName.tgsService(realms[k], realms[i]);
                     if (DEBUG) {
                         System.out.println(
--- a/src/share/classes/sun/security/util/UntrustedCertificates.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/sun/security/util/UntrustedCertificates.java	Tue Sep 24 14:34:55 2013 -0700
@@ -24,13 +24,15 @@
  */
 package sun.security.util;
 
-import java.io.IOException;
-import java.io.ByteArrayInputStream;
+import java.io.*;
+import java.security.AccessController;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivilegedAction;
 import java.security.cert.X509Certificate;
-import java.security.cert.CertificateFactory;
 import java.security.cert.CertificateException;
-import java.util.Set;
-import java.util.HashSet;
+import java.util.*;
+import sun.security.x509.X509CertImpl;
 
 /**
  * A utility class to check if a certificate is untrusted. This is an internal
@@ -42,8 +44,50 @@
  */
 public final class UntrustedCertificates {
 
-    private final static Set<X509Certificate> untrustedCerts = new HashSet<>();
+    private static final Debug debug = Debug.getInstance("certpath");
+    private static final String ALGORITHM_KEY = "Algorithm";
 
+    private static final Properties props = new Properties();
+    private static final String algorithm;
+
+    static {
+        AccessController.doPrivileged(new PrivilegedAction<Void>() {
+            @Override
+            public Void run() {
+                File f = new File(System.getProperty("java.home"),
+                        "lib/security/blacklisted.certs");
+                try (FileInputStream fin = new FileInputStream(f)) {
+                    props.load(fin);
+                    // It's said that the fingerprint could contain colons
+                    for (Map.Entry<Object,Object> e: props.entrySet()) {
+                        e.setValue(stripColons(e.getValue()));
+                    }
+                } catch (IOException fnfe) {
+                    if (debug != null) {
+                        debug.println("Error parsing blacklisted.certs");
+                    }
+                }
+                return null;
+            }
+        });
+        algorithm = props.getProperty(ALGORITHM_KEY);
+    }
+
+    private static String stripColons(Object input) {
+        String s = (String)input;
+        char[] letters = s.toCharArray();
+        int pos = 0;
+        for (int i = 0; i < letters.length; i++) {
+            if (letters[i] != ':') {
+                if (i != pos) {
+                    letters[pos] = letters[i];
+                }
+                pos++;
+            }
+        }
+        if (pos == letters.length) return s;
+        else return new String(letters, 0, pos);
+    }
     /**
      * Checks if a certificate is untrusted.
      *
@@ -51,844 +95,21 @@
      * @return true if the certificate is untrusted.
      */
     public static boolean isUntrusted(X509Certificate cert) {
-        return untrustedCerts.contains(cert);
+        if (algorithm == null) {
+            return false;
+        }
+        String key;
+        if (cert instanceof X509CertImpl) {
+            key = ((X509CertImpl)cert).getFingerprint(algorithm);
+        } else {
+            try {
+                key = new X509CertImpl(cert.getEncoded()).getFingerprint(algorithm);
+            } catch (CertificateException cee) {
+                return false;
+            }
+        }
+        return props.containsKey(key);
     }
 
-    private static void add(String alias, String pemCert) {
-        // generate certificate from PEM certificate
-        try (ByteArrayInputStream is =
-                new ByteArrayInputStream(pemCert.getBytes())) {
-            CertificateFactory cf = CertificateFactory.getInstance("X.509");
-            X509Certificate cert = (X509Certificate)cf.generateCertificate(is);
-
-            if (!untrustedCerts.add(cert)) {
-                throw new RuntimeException("Duplicate untrusted certificate: " +
-                    cert.getSubjectX500Principal());
-            }
-        } catch (CertificateException | IOException e) {
-            throw new RuntimeException(
-                        "Incorrect untrusted certificate: " + alias, e);
-        }
-    }
-
-    static {
-        // -----------------------------------------------------------------
-        // Compromised CAs of Digicert Malaysia
-        //
-        // Reported by Digicert in its announcement on November 05, 2011.
-        //
-
-        // Digicert Malaysia intermediate, cross-signed by CyberTrust
-        //
-        // Subject: CN=Digisign Server ID (Enrich),
-        //          OU=457608-K,
-        //          O=Digicert Sdn. Bhd.,
-        //          C=MY
-        // Issuer:  CN=GTE CyberTrust Global Root,
-        //          OU=GTE CyberTrust Solutions, Inc.,
-        //          O=GTE Corporation,
-        //          C=US
-        // Serial:  120001705 (07:27:14:a9)
-        add("digicert-server-cross-to-cybertrust-4C0E636A",
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIIDyzCCAzSgAwIBAgIEBycUqTANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV\n" +
-        "UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU\n" +
-        "cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds\n" +
-        "b2JhbCBSb290MB4XDTA3MDcxNzE1MTc0OFoXDTEyMDcxNzE1MTY1NFowYzELMAkG\n" +
-        "A1UEBhMCTVkxGzAZBgNVBAoTEkRpZ2ljZXJ0IFNkbi4gQmhkLjERMA8GA1UECxMI\n" +
-        "NDU3NjA4LUsxJDAiBgNVBAMTG0RpZ2lzaWduIFNlcnZlciBJRCAoRW5yaWNoKTCB\n" +
-        "nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArahkS02Hx4RZufuQRqCmicDx/tXa\n" +
-        "VII3DZkrRSYK6Fawf8qo9I5HhAGCKeOzarWR8/uVhbxyqGToCkCcxfRxrnt7agfq\n" +
-        "kBRPjYmvlKuyBtQCanuYH1m5Os1U+iDfsioK6bjdaZDAKdNO0JftZszFGUkGf/pe\n" +
-        "LHx7hRsyQt97lSUCAwEAAaOCAXgwggF0MBIGA1UdEwEB/wQIMAYBAf8CAQAwXAYD\n" +
-        "VR0gBFUwUzBIBgkrBgEEAbE+AQAwOzA5BggrBgEFBQcCARYtaHR0cDovL2N5YmVy\n" +
-        "dHJ1c3Qub21uaXJvb3QuY29tL3JlcG9zaXRvcnkuY2ZtMAcGBWCDSgEBMA4GA1Ud\n" +
-        "DwEB/wQEAwIB5jCBiQYDVR0jBIGBMH+heaR3MHUxCzAJBgNVBAYTAlVTMRgwFgYD\n" +
-        "VQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJlclRydXN0IFNv\n" +
-        "bHV0aW9ucywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVyVHJ1c3QgR2xvYmFsIFJv\n" +
-        "b3SCAgGlMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly93d3cucHVibGljLXRydXN0\n" +
-        "LmNvbS9jZ2ktYmluL0NSTC8yMDE4L2NkcC5jcmwwHQYDVR0OBBYEFMYWk04WF+wW\n" +
-        "royUdvOGbcV0boR3MA0GCSqGSIb3DQEBBQUAA4GBAHYAe6Z4K2Ydjl42xqSOBfIj\n" +
-        "knyTZ9P0wAp9iy3Z6tVvGvPhSilaIoRNUC9LDPL/hcJ7VdREgr5trGeOvLQfkpxR\n" +
-        "gBoU9m6rYYgLrRx/90tQUdZlG6ZHcRVesHHzNRTyN71jyNXwk1o0X9g96F33xR7A\n" +
-        "5c8fhiSpPAdmzcHSNmNZ\n" +
-        "-----END CERTIFICATE-----");
-
-        // Digicert Malaysia intermediate, cross-signed by Entrust
-        //
-        // Subject: CN=Digisign Server ID - (Enrich),
-        //          OU=457608-K,
-        //          O=Digicert Sdn. Bhd.,
-        //          C=MY
-        // Issuer:  CN=Entrust.net Certification Authority (2048)
-        //          OU=(c) 1999 Entrust.net Limited,
-        //          OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.),
-        //          O=Entrust.net
-        // Serial:  1184644297 (4c:0e:63:6a)
-        add("digicert-server-cross-to-entrust-ca-4C0E636A",
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIIEzjCCA7agAwIBAgIETA5jajANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML\n" +
-        "RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp\n" +
-        "bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5\n" +
-        "IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENlcnRp\n" +
-        "ZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw0xMDA3MTYxNzIzMzdaFw0xNTA3\n" +
-        "MTYxNzUzMzdaMGUxCzAJBgNVBAYTAk1ZMRswGQYDVQQKExJEaWdpY2VydCBTZG4u\n" +
-        "IEJoZC4xETAPBgNVBAsTCDQ1NzYwOC1LMSYwJAYDVQQDEx1EaWdpc2lnbiBTZXJ2\n" +
-        "ZXIgSUQgLSAoRW5yaWNoKTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n" +
-        "AMWJ5PQNBkCSWccaszXRDkwqM/n4r8qef+65p21g9FTob9Wb8xtjMQRoctE0Foy0\n" +
-        "FyyX3nPF2JAVoBor9cuzSIZE8B2ITM5BQhrv9Qze/kDaOSD3BlU6ap1GwdJvpbLI\n" +
-        "Vz4po5zg6YV3ZuiYpyR+vsBZIOVEb7ZX2L7OwmV3WMZhQdF0BMh/SULFcqlyFu6M\n" +
-        "3RJdtErU0a9Qt9iqdXZorT5dqjBtYairEFs+E78z4K9EnTgiW+9ML6ZxJhUmyiiM\n" +
-        "2fqOjqmiFDXimySItPR/hZ2DTwehthSQNsQ0HI0mYW0Tb3i+6I8nx0uElqOGaAwj\n" +
-        "vgvsjJQAqQSKE5D334VsDLECAwEAAaOCATQwggEwMA4GA1UdDwEB/wQEAwIBBjAS\n" +
-        "BgNVHRMBAf8ECDAGAQH/AgEAMCcGA1UdJQQgMB4GCCsGAQUFBwMBBggrBgEFBQcD\n" +
-        "AgYIKwYBBQUHAwQwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8v\n" +
-        "b2NzcC5lbnRydXN0Lm5ldDBEBgNVHSAEPTA7MDkGBWCDSgEBMDAwLgYIKwYBBQUH\n" +
-        "AgEWImh0dHA6Ly93d3cuZGlnaWNlcnQuY29tLm15L2Nwcy5odG0wMgYDVR0fBCsw\n" +
-        "KTAnoCWgI4YhaHR0cDovL2NybC5lbnRydXN0Lm5ldC8yMDQ4Y2EuY3JsMBEGA1Ud\n" +
-        "DgQKBAhMTswlKAMpgTAfBgNVHSMEGDAWgBRV5IHREYC+2Im5CKMx+aEkCRa5cDAN\n" +
-        "BgkqhkiG9w0BAQUFAAOCAQEAl0zvSjpJrHL8MCBrtClbp8WVBJD5MtXChWreA6E3\n" +
-        "+YkAsFqsVX7bQzX/yQH4Ub7MJsrIaqTEVD4mHucMo82XZ5TdpkLrXM2POXlrM3kh\n" +
-        "Bnn6gkQVmczBtznTRmJ8snDrb84gqj4Zt+l0gpy0pUtNYQA35IfS8hQ6ZHy4qXth\n" +
-        "4JMi59WfPkfmNnagU9gAAzoPtTP+lsrT0oI6Lt3XSOHkp2nMHOmZSufKcEXXCwcO\n" +
-        "mnUb0C+Sb/akB8O9HEumhLZ9qJqp0qcp8QtXaR6XVybsK0Os1EWDBQDp4/BGQAf6\n" +
-        "6rFRc5Mcpd1TETfIKqcVJx20qsx/qjEw/LhFn0gJ7RDixQ==\n" +
-        "-----END CERTIFICATE-----");
-
-
-        // -----------------------------------------------------------------
-        //
-        // No longer used certificates
-        //
-
-        // Subject: CN=Java Media APIs,
-        //          OU=Java Signed Extensions,
-        //          OU=Corporate Object Signing,
-        //          O=Sun Microsystems Inc
-        // Issuer:  CN=Object Signing CA,
-        //          OU=Class 2 OnSite Subscriber CA,
-        //          OU=VeriSign Trust Network,
-        //          O=Sun Microsystems Inc
-        // Serial:  6a:8b:99:91:37:59:4f:89:53:e2:97:18:9f:19:1e:4e
-        add("java-media-pretrusted-9F191E4E",
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIIFdzCCBF+gAwIBAgIQaouZkTdZT4lT4pcYnxkeTjANBgkqhkiG9w0BAQUFADCB\n" +
-        "gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT\n" +
-        "aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj\n" +
-        "cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA5MDUxMjAw\n" +
-        "MDAwMFoXDTEyMDUxMTIzNTk1OVowfTEdMBsGA1UEChQUU3VuIE1pY3Jvc3lzdGVt\n" +
-        "cyBJbmMxITAfBgNVBAsUGENvcnBvcmF0ZSBPYmplY3QgU2lnbmluZzEfMB0GA1UE\n" +
-        "CxQWSmF2YSBTaWduZWQgRXh0ZW5zaW9uczEYMBYGA1UEAxQPSmF2YSBNZWRpYSBB\n" +
-        "UElzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5blzoKTVE8y4Hpz\n" +
-        "q6E15RZz1bF5HnYEyYqgHkZXnAKedmYCoMzm1XK8s+gQWShLEvGEAvs5yqarx9gE\n" +
-        "nnC21N28aEZgIJMa2/arKxCUkS4pxdGPYGexL9UzSRkUpoBShCZKEGdmX7gfJE2K\n" +
-        "/sd9MFvGV5/yZtWXrADzvm0Kd/9mg1KRv1gfrZIq0TJbupoXPYYqb73AkI9eT2ZD\n" +
-        "q9MdwD4E5+oojsDFXt8GU/D00fUhtXpYwuplU7D667WHYdJhIah0ST6JywyqcLXG\n" +
-        "XSuFTXOgITT2idSHluZVmx3dqJ72u9kPkO4JdJTMDfaK8zgNLaRkiU8Qcj+qhLYH\n" +
-        "ytaqcwIDAQABo4IB6jCCAeYwCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCB4AwfwYD\n" +
-        "VR0fBHgwdjB0oHKgcIZuaHR0cDovL29uc2l0ZWNybC52ZXJpc2lnbi5jb20vU3Vu\n" +
-        "TWljcm9zeXN0ZW1zSW5jQ29ycG9yYXRlT2JqZWN0U2lnbmluZ0phdmFTaWduZWRF\n" +
-        "eHRlbnNpb25zQ2xhc3NCL0xhdGVzdENSTC5jcmwwHwYDVR0jBBgwFoAUs0crgn5T\n" +
-        "tHPKuLsZt76BTQeVx+0wHQYDVR0OBBYEFKS32mVx0gNWTeS4ProHEaeSpvvIMDsG\n" +
-        "CCsGAQUFBwEBBC8wLTArBggrBgEFBQcwAYYfaHR0cDovL29uc2l0ZS1vY3NwLnZl\n" +
-        "cmlzaWduLmNvbTCBtQYDVR0gBIGtMIGqMDkGC2CGSAGG+EUBBxcCMCowKAYIKwYB\n" +
-        "BQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9ycGEwbQYLYIZIAYb3AIN9\n" +
-        "nD8wXjAnBggrBgEFBQcCARYbaHR0cHM6Ly93d3cuc3VuLmNvbS9wa2kvY3BzMDMG\n" +
-        "CCsGAQUFBwICMCcaJVZhbGlkYXRlZCBGb3IgU3VuIEJ1c2luZXNzIE9wZXJhdGlv\n" +
-        "bnMwEwYDVR0lBAwwCgYIKwYBBQUHAwMwDQYJKoZIhvcNAQEFBQADggEBAAe6BO4W\n" +
-        "3TSNWfezyelJs6kE3HfulT6Bdyz4UUoh9ykXcV8nRwT+kh25I5MdyG2GfkJoADPR\n" +
-        "VhC5DYo13UFpIsTNVjq+hGYe2hML93bN7ad9SxCCyjHUo3yMz2qgBbHZI3VA9ZHA\n" +
-        "aWM4Tx0saMwbcnVvlbuGh+PXvStfypJqYT6lzcdFfjNVX4FI/QQNGhBswMY51tC8\n" +
-        "GTBCL2qhJon0gSCU4zaawDOf7+XxJWirLamYL1Aal1/h2z2sFrvA/1ftxtU3kZ6I\n" +
-        "7De8DyoHeZg7pYGdrj7g+lPhCga/WvEhN152I+aP08YbFcJHYmK05ngl/Ye4c6Bd\n" +
-        "cdrdfbw6QzEUIYY=\n" +
-        "-----END CERTIFICATE-----");
-
-        // Subject: CN=JavaFX 1.0 Runtime,
-        //          OU=Java Signed Extensions,
-        //          OU=Corporate Object Signing,
-        //          O=Sun Microsystems Inc
-        // Issuer:  CN=Object Signing CA,
-        //          OU=Class 2 OnSite Subscriber CA,
-        //          OU=VeriSign Trust Network,
-        //          O=Sun Microsystems Inc
-        // Serial:  55:c0:e6:44:59:59:79:9e:d9:26:f1:b0:4a:1e:f0:27
-        add("java-fx10-pretrusted-4A1EF027",
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIIFezCCBGOgAwIBAgIQVcDmRFlZeZ7ZJvGwSh7wJzANBgkqhkiG9w0BAQUFADCB\n" +
-        "gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT\n" +
-        "aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj\n" +
-        "cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA4MTAwOTAw\n" +
-        "MDAwMFoXDTExMTAwOTIzNTk1OVowgYAxHTAbBgNVBAoUFFN1biBNaWNyb3N5c3Rl\n" +
-        "bXMgSW5jMSEwHwYDVQQLFBhDb3Jwb3JhdGUgT2JqZWN0IFNpZ25pbmcxHzAdBgNV\n" +
-        "BAsUFkphdmEgU2lnbmVkIEV4dGVuc2lvbnMxGzAZBgNVBAMUEkphdmFGWCAxLjAg\n" +
-        "UnVudGltZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM+WDc6+bu+4\n" +
-        "tmAcS/lBtUc02WOt9QZpVsXg9cG2pu/8bUtmDELa8iiYBVFpIs8DU58HLrGQtCUY\n" +
-        "SIAGOVPsOJoN29UKCDWfY9j5JeVhfhMGqk9DwrWhzgsjy4cpZ1pIp+k/fJ8zT8Ul\n" +
-        "aYLpow1vg3UNddsmwz02tN7cOrMw9WYIG4CRYnY1OrtJSfe2pYzheC4zyvR+aiVl\n" +
-        "nang2OtqikSQsNFOFHsLOJFxngy9LrO8evDSu25VTKI6zlWU6/bMeqtztJPN0VOn\n" +
-        "NyUrJZvkxZ207Jg0T693BGSxNC1n+ihztXogql8950M/pEuUbDjylv5FFvlp6DSB\n" +
-        "dDT2MkutmyMCAwEAAaOCAeowggHmMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgeA\n" +
-        "MH8GA1UdHwR4MHYwdKByoHCGbmh0dHA6Ly9vbnNpdGVjcmwudmVyaXNpZ24uY29t\n" +
-        "L1N1bk1pY3Jvc3lzdGVtc0luY0NvcnBvcmF0ZU9iamVjdFNpZ25pbmdKYXZhU2ln\n" +
-        "bmVkRXh0ZW5zaW9uc0NsYXNzQi9MYXRlc3RDUkwuY3JsMB8GA1UdIwQYMBaAFLNH\n" +
-        "K4J+U7Rzyri7Gbe+gU0HlcftMB0GA1UdDgQWBBTjgufVi3XJ3gx1ewsA6Rr7BR4Z\n" +
-        "zjA7BggrBgEFBQcBAQQvMC0wKwYIKwYBBQUHMAGGH2h0dHA6Ly9vbnNpdGUtb2Nz\n" +
-        "cC52ZXJpc2lnbi5jb20wgbUGA1UdIASBrTCBqjA5BgtghkgBhvhFAQcXAjAqMCgG\n" +
-        "CCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMG0GC2CGSAGG\n" +
-        "9wCDfZw/MF4wJwYIKwYBBQUHAgEWG2h0dHBzOi8vd3d3LnN1bi5jb20vcGtpL2Nw\n" +
-        "czAzBggrBgEFBQcCAjAnGiVWYWxpZGF0ZWQgRm9yIFN1biBCdXNpbmVzcyBPcGVy\n" +
-        "YXRpb25zMBMGA1UdJQQMMAoGCCsGAQUFBwMDMA0GCSqGSIb3DQEBBQUAA4IBAQAB\n" +
-        "YVJTTVe7rzyTO4jc3zajErOT/COkdQTfNo0eIX1QbNynFieJvwY/jRzUZwjktIFR\n" +
-        "2p4JtbpHGAtKtjOAOTieQ8xdDOoC1djzpE7/AbMvuvlTavtUKT+F7tPdhfXgWXJV\n" +
-        "6Wbt8jryKyk3zZGiEhauIwZUkfjRkEtffEmZWLUd8c8rURJjfC/XHH2oyurscoxc\n" +
-        "CjX29c9ynxSiS/VvQp1an0HvErGh69N48wj7cj8mtZ1yHzd2XCzSSR1OfTPfk0Pt\n" +
-        "yg51p7yJaFiH21PTZegEL6zyVNOYBTKwwIi2OzpwYalD3uvK6e3OKDrfFCOxu17u\n" +
-        "4PveESbrdyrmvLe7IVez\n" +
-        "-----END CERTIFICATE-----");
-
-        // Subject: CN=JavaFX Runtime,
-        //          OU=Java Signed Extensions,
-        //          OU=Corporate Object Signing,
-        //          O=Sun Microsystems Inc
-        // Issuer:  CN=Object Signing CA,
-        //          OU=Class 2 OnSite Subscriber CA,
-        //          OU=VeriSign Trust Network,
-        //          O=Sun Microsystems Inc
-        // Serial:  47:f4:55:f1:da:4a:5e:f9:e3:f7:a8:03:62:17:c0:ff
-        add("javafx-runtime-pretrusted-6217C0FF",
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIIFdjCCBF6gAwIBAgIQR/RV8dpKXvnj96gDYhfA/zANBgkqhkiG9w0BAQUFADCB\n" +
-        "gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT\n" +
-        "aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj\n" +
-        "cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA5MDEyOTAw\n" +
-        "MDAwMFoXDTEyMDEyOTIzNTk1OVowfDEdMBsGA1UEChQUU3VuIE1pY3Jvc3lzdGVt\n" +
-        "cyBJbmMxITAfBgNVBAsUGENvcnBvcmF0ZSBPYmplY3QgU2lnbmluZzEfMB0GA1UE\n" +
-        "CxQWSmF2YSBTaWduZWQgRXh0ZW5zaW9uczEXMBUGA1UEAxQOSmF2YUZYIFJ1bnRp\n" +
-        "bWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCIzd0fAk8mI9ONc6RJ\n" +
-        "aGieioK2FLdXEwj8zL3vdGDVmBwyR1zwYkaOIFFgF9IW/8qc4iAYA5sGUY+0g8q3\n" +
-        "5DuYAxfTzBB5KdaYvbuq6GGnoHIWmTirXY+1friFp8lyXSvtuEaGB1VHaBoZchEg\n" +
-        "k+UgeVDA43dHwcT1Ov3DePczJRUes8T/QHzLX+BxUDG43vjyncCEO/AjqLZxXEz2\n" +
-        "xrNbKLcH3lGMJK7hdbfssUfF5BjC38Hn71HauYlA43b2no+2y0Sjulwzez2YPbDC\n" +
-        "0GLR3TnKtA8dqOrnl5t3DniDbfOBNtBE3VOydJO0XW57Ng1HRXD023nm9ECPY2xp\n" +
-        "0N/pAgMBAAGjggHqMIIB5jAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIHgDB/BgNV\n" +
-        "HR8EeDB2MHSgcqBwhm5odHRwOi8vb25zaXRlY3JsLnZlcmlzaWduLmNvbS9TdW5N\n" +
-        "aWNyb3N5c3RlbXNJbmNDb3Jwb3JhdGVPYmplY3RTaWduaW5nSmF2YVNpZ25lZEV4\n" +
-        "dGVuc2lvbnNDbGFzc0IvTGF0ZXN0Q1JMLmNybDAfBgNVHSMEGDAWgBSzRyuCflO0\n" +
-        "c8q4uxm3voFNB5XH7TAdBgNVHQ4EFgQUvOdd0cKPj+Yik/iOBwTdphh5A+gwOwYI\n" +
-        "KwYBBQUHAQEELzAtMCsGCCsGAQUFBzABhh9odHRwOi8vb25zaXRlLW9jc3AudmVy\n" +
-        "aXNpZ24uY29tMIG1BgNVHSAEga0wgaowOQYLYIZIAYb4RQEHFwIwKjAoBggrBgEF\n" +
-        "BQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYTBtBgtghkgBhvcAg32c\n" +
-        "PzBeMCcGCCsGAQUFBwIBFhtodHRwczovL3d3dy5zdW4uY29tL3BraS9jcHMwMwYI\n" +
-        "KwYBBQUHAgIwJxolVmFsaWRhdGVkIEZvciBTdW4gQnVzaW5lc3MgT3BlcmF0aW9u\n" +
-        "czATBgNVHSUEDDAKBggrBgEFBQcDAzANBgkqhkiG9w0BAQUFAAOCAQEAbGcf2NjL\n" +
-        "AI93HG6ny2BbepaZA1a8xa/R6uUc7xV+Qw6MgLwFD4Q4i6LWUztQDvg9l68MM2/i\n" +
-        "Y9LEi1KM4lcNbK5+D+t9x98wXBiuojXhVdp5ZmC03EyEBbriopdBsmXVLDSu/Y3+\n" +
-        "zowOO5xwpMK3dbgsSDs2Vt0UosD3FTcRaD3GNfOhXMp+o1grHNiXF9YgkmdQbPPZ\n" +
-        "DQ2KBhFPCRJXBGvyKOqno/DTg0sQ3crGH/C4/4t7mnQXWldZotmJUZ0ONc9oD+Q1\n" +
-        "JAaguUKqIwn9yZ093ie+JWHbYNid9IIIPXYgtRxmf9a376WBhqhu56uJftBJ7x9g\n" +
-        "eQ7Lot6CSWCiFw==\n" +
-        "-----END CERTIFICATE-----");
-
-        //
-        // Compromised Solaris INTERNAL DEVELOPMENT USE ONLY certificate
-        //
-
-        // Subject: CN=Solaris INTERNAL DEVELOPMENT USE ONLY,
-        //          OU=Solaris Cryptographic Framework,
-        //          OU=Corporate Object Signing,
-        //          O=Sun Microsystems Inc
-        // Issuer:  CN=Object Signing CA,
-        //          OU=Class 2 OnSite Subscriber CA,
-        //          OU=VeriSign Trust Network,
-        //          O=Sun Microsystems Inc
-        // Serial:  77:29:77:52:6a:19:7b:9a:a6:a2:c7:99:a0:e1:cd:8c
-        add("solaris-internal-dev-A0E1CD8C",
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIIFHjCCBAagAwIBAgIQdyl3UmoZe5qmoseZoOHNjDANBgkqhkiG9w0BAQUFADCB\n" +
-        "gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT\n" +
-        "aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj\n" +
-        "cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA3MDEwNDAw\n" +
-        "MDAwMFoXDTEwMDEwMzIzNTk1OVowgZwxHTAbBgNVBAoUFFN1biBNaWNyb3N5c3Rl\n" +
-        "bXMgSW5jMSEwHwYDVQQLFBhDb3Jwb3JhdGUgT2JqZWN0IFNpZ25pbmcxKDAmBgNV\n" +
-        "BAsUH1NvbGFyaXMgQ3J5cHRvZ3JhcGhpYyBGcmFtZXdvcmsxLjAsBgNVBAMUJVNv\n" +
-        "bGFyaXMgSU5URVJOQUwgREVWRUxPUE1FTlQgVVNFIE9OTFkwgZ8wDQYJKoZIhvcN\n" +
-        "AQEBBQADgY0AMIGJAoGBALbNU4hf3mD5ArDI9pjgioAyvV3bjMPRQdCZniIeGJBp\n" +
-        "odFlSEH+Mh64W1DsY8coeZ7FvvGJkx9IpTMJW9k8w1oJK9UNqHyAQfaYjQyXi3xQ\n" +
-        "LJp62EvYdGfDlwOZejEcR/MbzZG+GOPMMvQj5+xyFDvLXNGfQNTnxw2qnBgCJXjj\n" +
-        "AgMBAAGjggH1MIIB8TAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIHgDCBiQYDVR0f\n" +
-        "BIGBMH8wfaB7oHmGd2h0dHA6Ly9vbnNpdGVjcmwudmVyaXNpZ24uY29tL1N1bk1p\n" +
-        "Y3Jvc3lzdGVtc0luY0NvcnBvcmF0ZU9iamVjdFNpZ25pbmdTb2xhcmlzQ3J5cHRv\n" +
-        "Z3JhcGhpY0ZyYW1ld29ya0NsYXNzQi9MYXRlc3RDUkwuY3JsMB8GA1UdIwQYMBaA\n" +
-        "FLNHK4J+U7Rzyri7Gbe+gU0HlcftMB0GA1UdDgQWBBRpfiGYkehTnsIzuN2H6AFb\n" +
-        "VCZG8jA7BggrBgEFBQcBAQQvMC0wKwYIKwYBBQUHMAGGH2h0dHA6Ly9vbnNpdGUt\n" +
-        "b2NzcC52ZXJpc2lnbi5jb20wgbUGA1UdIASBrTCBqjA5BgtghkgBhvhFAQcXAjAq\n" +
-        "MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMG0GC2CG\n" +
-        "SAGG9wCDfZw/MF4wJwYIKwYBBQUHAgEWG2h0dHBzOi8vd3d3LnN1bi5jb20vcGtp\n" +
-        "L2NwczAzBggrBgEFBQcCAjAnFiVWYWxpZGF0ZWQgRm9yIFN1biBCdXNpbmVzcyBP\n" +
-        "cGVyYXRpb25zMBMGA1UdJQQMMAoGCCsGAQUFBwMDMA0GCSqGSIb3DQEBBQUAA4IB\n" +
-        "AQCG5soy3LFHTFbA8/5SzDRhQoJkHUnOP0t3b6nvX6vZYRp649fje7TQOPRm1pFd\n" +
-        "CZ17J+tggdZwgzTqY4aYpJ00jZaK6pV37q/vgFC/ia6jDs8Q+ly9cEcadBZ5loYg\n" +
-        "cmxp9p57W2MNWx8VA8oFdNtKfF0jUNXbLNtvwGHmgR6YcwLrGN1b6/9Lt9bO3ODl\n" +
-        "FO+ZDwkfQz5ClUVrTx2dGBvKRYFqSG5S8JAfsgYhPvcacUQkA7ExyKvfRXLWVrce\n" +
-        "ZiPpcElbx+819H2sAPvVvparVeAruZGMAtejHZp9NFoowKen5drJp9VxePS4eM49\n" +
-        "3DepB6lKRrNRw66LNQol4ZBz\n" +
-        "-----END CERTIFICATE-----");
-
-
-        // -----------------------------------------------------------------
-        // Compromised CAs of DigiNotar
-        //
-        // Reported by Fox-IT in its interim report on September 5, 2011,
-        // "DigiNotar Certificate Authority breach 'Operation Black Tulip'".
-        //
-
-        //
-        // Compromised DigiNotar Cyber CA
-        //
-
-        // DigiNotar intermediate, cross-signed by CyberTrust
-        //
-        // Subject: EMAILADDRESS=info@diginotar.nl, CN=DigiNotar Cyber CA,
-        //          O=DigiNotar, C=NL
-        // Issuer:  CN=GTE CyberTrust Global Root,
-        //          OU=GTE CyberTrust Solutions, Inc.,
-        //          O=GTE Corporation,
-        //          C=US
-        // Serial:  120000525 (07:27:10:0D)
-        add("info-at-diginotar-cyber-ca-cross-to-gte-cybertrust-0727100D",
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIIFWjCCBMOgAwIBAgIEBycQDTANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV\n" +
-        "UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU\n" +
-        "cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds\n" +
-        "b2JhbCBSb290MB4XDTA2MTAwNDEwNTQxMVoXDTExMTAwNDEwNTMxMVowYDELMAkG\n" +
-        "A1UEBhMCTkwxEjAQBgNVBAoTCURpZ2lOb3RhcjEbMBkGA1UEAxMSRGlnaU5vdGFy\n" +
-        "IEN5YmVyIENBMSAwHgYJKoZIhvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCCAiIw\n" +
-        "DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANLOFQotqF6EZ639vu9Gx8i5z3P8\n" +
-        "9DS5+SxD52ATPXrjss87Z2yQrcC5P4RS8DVC3HTcKDu9UrSnrHJFF8bwieu0qiXy\n" +
-        "XUte0dmHutZ9fPXOMp8QM8WxSrtekTHC0OlBwpFkfglBO9uLCDdqqspS3rU5HsCI\n" +
-        "A6U/i5kTYUO1m4Kz7iBvz6FEouova0CfjytXraFTwoUiaZ2gP1HfC0GRDaXhqKpc\n" +
-        "SQhdvd5wQbEPyWNr0380dAIvNFp4dRxoeoFnivPaQPBgY/SSINcDpj2jHmfEhBtB\n" +
-        "pcmM5r3qSLYFFgizNxJa92E89zhvLpfgb1Y4VNMota0Ubi5LZLUnZbd1JQm2Bz2V\n" +
-        "VgIKgmCyc0XgMyZRdJq51FAc9k1bW1JSE1qmf6cO4ehBVGeYjIfVydNsy9NUkgYJ\n" +
-        "NEH3gW8/nsl8dVWw58Gzd+jDxAA1lUBwEEoF3iW7n1mlZLxHYL9g43aLE1Xd4XR6\n" +
-        "uc8kpmp/3mQiRFhogmoQ+T3lPhu5vfwi9GAEibtVbShV+t6OjRshFNc3izR7Tfay\n" +
-        "shDPM7F9HGKZSMsrbHaWVb8ZDR0fu2WqG46ZtcYokOWCLXhQIJr9eS8kf/CJKWn0\n" +
-        "fc1zvrPtTsHR7VJej/e4142HrbLZG1ES/1az4a80fVykeIgQnp0DxqWqoiRR90kU\n" +
-        "xbHuWUOV36toKDA/AgMBAAGjggGGMIIBgjASBgNVHRMBAf8ECDAGAQH/AgEBMFMG\n" +
-        "A1UdIARMMEowSAYJKwYBBAGxPgEAMDswOQYIKwYBBQUHAgEWLWh0dHA6Ly93d3cu\n" +
-        "cHVibGljLXRydXN0LmNvbS9DUFMvT21uaVJvb3QuaHRtbDAOBgNVHQ8BAf8EBAMC\n" +
-        "AQYwgaAGA1UdIwSBmDCBlYAUpgwdn2H/Bxe1vzhG20Mw1Y6wUgaheaR3MHUxCzAJ\n" +
-        "BgNVBAYTAlVTMRgwFgYDVQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdU\n" +
-        "RSBDeWJlclRydXN0IFNvbHV0aW9ucywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVy\n" +
-        "VHJ1c3QgR2xvYmFsIFJvb3SCAgGlMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly93\n" +
-        "d3cucHVibGljLXRydXN0LmNvbS9jZ2ktYmluL0NSTC8yMDE4L2NkcC5jcmwwHQYD\n" +
-        "VR0OBBYEFKv5aN/PSjfXe0WMX3LeQETDZbvCMA0GCSqGSIb3DQEBBQUAA4GBAI9o\n" +
-        "a6VbB7pEZg4cqFwwezPkCiYE/O+eGjjWLqEf0JlHwnVkJP2eOyh2uSYoYZEMbSz4\n" +
-        "BJ98UAHV42mv7xXSRZskCSpmBU8lgcpdvqrBWSeuM46C9990sFWzjvjnN8huqlZE\n" +
-        "9r1TgSOWPbT6MopTZkQloiXGpjwljPDgKAYityZB\n" +
-        "-----END CERTIFICATE-----");
-
-        // DigiNotar intermediate, cross-signed by CyberTrust
-        //
-        // Subject: CN=DigiNotar Cyber CA, O=DigiNotar, C=NL
-        // Issuer:  CN=GTE CyberTrust Global Root,
-        //          OU=GTE CyberTrust Solutions, Inc.,
-        //          O=GTE Corporation,
-        //          C=US
-        // Serial:  120000505 (07:27:0F:F9)
-        add("diginotar-cyber-ca-cross-to-gte-cybertrust-07270FF9",
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIIFODCCBKGgAwIBAgIEBycP+TANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV\n" +
-        "UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU\n" +
-        "cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds\n" +
-        "b2JhbCBSb290MB4XDTA2MDkyMDA5NDUzMloXDTEzMDkyMDA5NDQwNlowPjELMAkG\n" +
-        "A1UEBhMCTkwxEjAQBgNVBAoTCURpZ2lOb3RhcjEbMBkGA1UEAxMSRGlnaU5vdGFy\n" +
-        "IEN5YmVyIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0s4VCi2o\n" +
-        "XoRnrf2+70bHyLnPc/z0NLn5LEPnYBM9euOyzztnbJCtwLk/hFLwNULcdNwoO71S\n" +
-        "tKesckUXxvCJ67SqJfJdS17R2Ye61n189c4ynxAzxbFKu16RMcLQ6UHCkWR+CUE7\n" +
-        "24sIN2qqylLetTkewIgDpT+LmRNhQ7WbgrPuIG/PoUSi6i9rQJ+PK1etoVPChSJp\n" +
-        "naA/Ud8LQZENpeGoqlxJCF293nBBsQ/JY2vTfzR0Ai80Wnh1HGh6gWeK89pA8GBj\n" +
-        "9JIg1wOmPaMeZ8SEG0GlyYzmvepItgUWCLM3Elr3YTz3OG8ul+BvVjhU0yi1rRRu\n" +
-        "LktktSdlt3UlCbYHPZVWAgqCYLJzReAzJlF0mrnUUBz2TVtbUlITWqZ/pw7h6EFU\n" +
-        "Z5iMh9XJ02zL01SSBgk0QfeBbz+eyXx1VbDnwbN36MPEADWVQHAQSgXeJbufWaVk\n" +
-        "vEdgv2DjdosTVd3hdHq5zySman/eZCJEWGiCahD5PeU+G7m9/CL0YASJu1VtKFX6\n" +
-        "3o6NGyEU1zeLNHtN9rKyEM8zsX0cYplIyytsdpZVvxkNHR+7Zaobjpm1xiiQ5YIt\n" +
-        "eFAgmv15LyR/8IkpafR9zXO+s+1OwdHtUl6P97jXjYetstkbURL/VrPhrzR9XKR4\n" +
-        "iBCenQPGpaqiJFH3SRTFse5ZQ5Xfq2goMD8CAwEAAaOCAYYwggGCMBIGA1UdEwEB\n" +
-        "/wQIMAYBAf8CAQEwUwYDVR0gBEwwSjBIBgkrBgEEAbE+AQAwOzA5BggrBgEFBQcC\n" +
-        "ARYtaHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL0NQUy9PbW5pUm9vdC5odG1s\n" +
-        "MA4GA1UdDwEB/wQEAwIBBjCBoAYDVR0jBIGYMIGVgBSmDB2fYf8HF7W/OEbbQzDV\n" +
-        "jrBSBqF5pHcwdTELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD0dURSBDb3Jwb3JhdGlv\n" +
-        "bjEnMCUGA1UECxMeR1RFIEN5YmVyVHJ1c3QgU29sdXRpb25zLCBJbmMuMSMwIQYD\n" +
-        "VQQDExpHVEUgQ3liZXJUcnVzdCBHbG9iYWwgUm9vdIICAaUwRQYDVR0fBD4wPDA6\n" +
-        "oDigNoY0aHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL2NnaS1iaW4vQ1JMLzIw\n" +
-        "MTgvY2RwLmNybDAdBgNVHQ4EFgQUq/lo389KN9d7RYxfct5ARMNlu8IwDQYJKoZI\n" +
-        "hvcNAQEFBQADgYEACcpiD427SuDUejUrBi3RKGG2rAH7g0m8rtQvLYauGYOl1h0T\n" +
-        "4he+/jJ06XoUOMqUXvcpAWlxG5Ea/aO7qh3Ke+IW/aGjDvMMX7LhIDGUK16Sdu36\n" +
-        "6bUjpr8KOwOpb1JgVM1f6bcvfKIn/UGDdbYN+3gm87FF6TKVKho1IZXFonU=\n" +
-        "-----END CERTIFICATE-----");
-
-        // DigiNotar intermediate, cross-signed by CyberTrust
-        //
-        // Subject: CN=DigiNotar Cyber CA, O=DigiNotar, C=NL
-        // Issuer:  CN=GTE CyberTrust Global Root,
-        //          OU=GTE CyberTrust Solutions, Inc.,
-        //          O=GTE Corporation,
-        //          C=US
-        // Serial:  120000515 (07:27:10:03)
-        add("diginotar-cyber-ca-cross-to-gte-cybertrust-07271003",
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIIFODCCBKGgAwIBAgIEBycQAzANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV\n" +
-        "UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU\n" +
-        "cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds\n" +
-        "b2JhbCBSb290MB4XDTA2MDkyNzEwNTMzMloXDTExMDkyNzEwNTIzMFowPjELMAkG\n" +
-        "A1UEBhMCTkwxEjAQBgNVBAoTCURpZ2lOb3RhcjEbMBkGA1UEAxMSRGlnaU5vdGFy\n" +
-        "IEN5YmVyIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0s4VCi2o\n" +
-        "XoRnrf2+70bHyLnPc/z0NLn5LEPnYBM9euOyzztnbJCtwLk/hFLwNULcdNwoO71S\n" +
-        "tKesckUXxvCJ67SqJfJdS17R2Ye61n189c4ynxAzxbFKu16RMcLQ6UHCkWR+CUE7\n" +
-        "24sIN2qqylLetTkewIgDpT+LmRNhQ7WbgrPuIG/PoUSi6i9rQJ+PK1etoVPChSJp\n" +
-        "naA/Ud8LQZENpeGoqlxJCF293nBBsQ/JY2vTfzR0Ai80Wnh1HGh6gWeK89pA8GBj\n" +
-        "9JIg1wOmPaMeZ8SEG0GlyYzmvepItgUWCLM3Elr3YTz3OG8ul+BvVjhU0yi1rRRu\n" +
-        "LktktSdlt3UlCbYHPZVWAgqCYLJzReAzJlF0mrnUUBz2TVtbUlITWqZ/pw7h6EFU\n" +
-        "Z5iMh9XJ02zL01SSBgk0QfeBbz+eyXx1VbDnwbN36MPEADWVQHAQSgXeJbufWaVk\n" +
-        "vEdgv2DjdosTVd3hdHq5zySman/eZCJEWGiCahD5PeU+G7m9/CL0YASJu1VtKFX6\n" +
-        "3o6NGyEU1zeLNHtN9rKyEM8zsX0cYplIyytsdpZVvxkNHR+7Zaobjpm1xiiQ5YIt\n" +
-        "eFAgmv15LyR/8IkpafR9zXO+s+1OwdHtUl6P97jXjYetstkbURL/VrPhrzR9XKR4\n" +
-        "iBCenQPGpaqiJFH3SRTFse5ZQ5Xfq2goMD8CAwEAAaOCAYYwggGCMBIGA1UdEwEB\n" +
-        "/wQIMAYBAf8CAQEwUwYDVR0gBEwwSjBIBgkrBgEEAbE+AQAwOzA5BggrBgEFBQcC\n" +
-        "ARYtaHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL0NQUy9PbW5pUm9vdC5odG1s\n" +
-        "MA4GA1UdDwEB/wQEAwIBBjCBoAYDVR0jBIGYMIGVgBSmDB2fYf8HF7W/OEbbQzDV\n" +
-        "jrBSBqF5pHcwdTELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD0dURSBDb3Jwb3JhdGlv\n" +
-        "bjEnMCUGA1UECxMeR1RFIEN5YmVyVHJ1c3QgU29sdXRpb25zLCBJbmMuMSMwIQYD\n" +
-        "VQQDExpHVEUgQ3liZXJUcnVzdCBHbG9iYWwgUm9vdIICAaUwRQYDVR0fBD4wPDA6\n" +
-        "oDigNoY0aHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL2NnaS1iaW4vQ1JMLzIw\n" +
-        "MTgvY2RwLmNybDAdBgNVHQ4EFgQUq/lo389KN9d7RYxfct5ARMNlu8IwDQYJKoZI\n" +
-        "hvcNAQEFBQADgYEAWcyGZhizJlRP1jjNupZey+yZG6oMDW4Z11boriMHbYPCndBE\n" +
-        "bVh07zmPbZsihOw9w/vm5KbVX5CgxUv4Rhzh/20Faixf3P3bpWg0qgzHVVusNVR/\n" +
-        "P50aKkpdK3hp+QLl56e+lWOddSAINIpmcuyDI1hyuzB+GJEASm9tNU/6rs8=\n" +
-        "-----END CERTIFICATE-----");
-
-        //
-        // Compromised DigiNotar Root CA
-        //
-
-        // DigiNotar intermediate, cross-signed by Entrust
-        //
-        // Subject: EMAILADDRESS=info@diginotar.nl,
-        //          CN=DigiNotar Root CA,
-        //          O=DigiNotar, C=NL
-        // Issuer:  CN=Entrust.net Secure Server Certification Authority
-        //          OU=(c) 1999 Entrust.net Limited,
-        //          OU=www.entrust.net/CPS incorp. by ref. (limits liab.),
-        //          O=Entrust.net,
-        //          C=US,
-        // Serial:  1184644297 (46:9C:3C:C9)
-        add("info-at-diginotar-root-ca-cross-to-entrust-secure-server-469C3CC9",
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIIFSDCCBLGgAwIBAgIERpw8yTANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC\n" +
-        "VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u\n" +
-        "ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc\n" +
-        "KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u\n" +
-        "ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNzA0\n" +
-        "MjYwNTAwMDBaFw0xMzA4MTQyMDEyMzZaMF8xCzAJBgNVBAYTAk5MMRIwEAYDVQQK\n" +
-        "EwlEaWdpTm90YXIxGjAYBgNVBAMTEURpZ2lOb3RhciBSb290IENBMSAwHgYJKoZI\n" +
-        "hvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCCAiIwDQYJKoZIhvcNAQEBBQADggIP\n" +
-        "ADCCAgoCggIBAKywWMEAvdghCAsrmv5uVjAFnxt3kBBBXMMNhxF3joHxynzpjGrt\n" +
-        "OHQ1u9rf+bvACTe0lnOBfTMamDn3k2+Vfz25sXWHulFI6ItwPpUExdi2wxbZiLCx\n" +
-        "hx1w2oa0DxSLes8Q0XQ2ohJ7d4ZKeeZ73wIRaKVOhq40WJskE3hWIiUeAYtLUXH7\n" +
-        "gsxZlmmIWmhTxbkNAjfLS7xmSpB+KgsFB+0WX1WQddhGyRuD4gi+8SPMmR3WKg+D\n" +
-        "IBVYJ4Iu+uIiwkmxuQGBap1tnUB3aHZOISpthECFTnaZfILz87cCWdQmARuO361T\n" +
-        "BtGuGN3isjrL14g4jqxbKbkZ05j5GAPPSIKGZgsbaQ/J6ziIeiYaBUyS1yTUlvKs\n" +
-        "Ui2jR9VS9j/+zoQGcKaqPqLytlY0GFei5IFt58rwatPHkWsCg0F8Fe9rmmRe49A8\n" +
-        "5bHre12G+8vmd0nNo2Xc97mcuOQLX5PPzDAaMhzOHGOVpfnq4XSLnukrqTB7oBgf\n" +
-        "DhgL5Vup09FsHgdnj5FLqYq80maqkwGIspH6MVzVpsFSCAnNCmOi0yKm6KHZOQaX\n" +
-        "9W6NApCMFHs/gM0bnLrEWHIjr7ZWn8Z6QjMpBz+CyeYfBQ3NTCg2i9PIPhzGiO9e\n" +
-        "7olk6R3r2ol+MqZp0d3MiJ/R0MlmIdwGZ8WUepptYkx9zOBkgLKeR46jAgMBAAGj\n" +
-        "ggEmMIIBIjASBgNVHRMBAf8ECDAGAQH/AgEBMCcGA1UdJQQgMB4GCCsGAQUFBwMB\n" +
-        "BggrBgEFBQcDAgYIKwYBBQUHAwQwEQYDVR0gBAowCDAGBgRVHSAAMDMGCCsGAQUF\n" +
-        "BwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMwYD\n" +
-        "VR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9zZXJ2ZXIxLmNy\n" +
-        "bDAdBgNVHQ4EFgQUiGi/4I41xDs4a2L3KDuEgcgM100wCwYDVR0PBAQDAgEGMB8G\n" +
-        "A1UdIwQYMBaAFPAXYhNVPbP/CgBr+1CEl/PtYtAaMBkGCSqGSIb2fQdBAAQMMAob\n" +
-        "BFY3LjEDAgCBMA0GCSqGSIb3DQEBBQUAA4GBAI979rBep8tu3TeLunapgsZ0jtXp\n" +
-        "GDFjKWSk87dj1jCyYi+q/GyDyZ6ZQZNRP0sF+6twscq05lClWNy3TROMp7QeuoLO\n" +
-        "G7Utw3OJaswUtp4YglANMRTHEe3g9ltifUXRH5tSuy7u6yi4LD4WTm5ULP6r/g6l\n" +
-        "0CnjXYb0+b1Fmz6U\n" +
-        "-----END CERTIFICATE-----");
-
-        // DigiNotar intermediate, cross-signed by Entrust
-        //
-        // Subject: EMAILADDRESS=info@diginotar.nl,
-        //          CN=DigiNotar Root CA,
-        //          O=DigiNotar, C=NL
-        // Issuer:  CN=Entrust.net Secure Server Certification Authority
-        //          OU=(c) 1999 Entrust.net Limited,
-        //          OU=www.entrust.net/CPS incorp. by ref. (limits liab.),
-        //          O=Entrust.net,
-        //          C=US,
-        // Serial:  1184640175 (46:9C:2C:AF)
-        add("info-at-diginotar-root-ca-cross-to-entrust-secure-server-469C2CAF",
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIIFSDCCBLGgAwIBAgIERpwsrzANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC\n" +
-        "VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u\n" +
-        "ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc\n" +
-        "KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u\n" +
-        "ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNzA3\n" +
-        "MjYxNTU3MzlaFw0xMzA4MjYxNjI3MzlaMF8xCzAJBgNVBAYTAk5MMRIwEAYDVQQK\n" +
-        "EwlEaWdpTm90YXIxGjAYBgNVBAMTEURpZ2lOb3RhciBSb290IENBMSAwHgYJKoZI\n" +
-        "hvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCCAiIwDQYJKoZIhvcNAQEBBQADggIP\n" +
-        "ADCCAgoCggIBAKywWMEAvdghCAsrmv5uVjAFnxt3kBBBXMMNhxF3joHxynzpjGrt\n" +
-        "OHQ1u9rf+bvACTe0lnOBfTMamDn3k2+Vfz25sXWHulFI6ItwPpUExdi2wxbZiLCx\n" +
-        "hx1w2oa0DxSLes8Q0XQ2ohJ7d4ZKeeZ73wIRaKVOhq40WJskE3hWIiUeAYtLUXH7\n" +
-        "gsxZlmmIWmhTxbkNAjfLS7xmSpB+KgsFB+0WX1WQddhGyRuD4gi+8SPMmR3WKg+D\n" +
-        "IBVYJ4Iu+uIiwkmxuQGBap1tnUB3aHZOISpthECFTnaZfILz87cCWdQmARuO361T\n" +
-        "BtGuGN3isjrL14g4jqxbKbkZ05j5GAPPSIKGZgsbaQ/J6ziIeiYaBUyS1yTUlvKs\n" +
-        "Ui2jR9VS9j/+zoQGcKaqPqLytlY0GFei5IFt58rwatPHkWsCg0F8Fe9rmmRe49A8\n" +
-        "5bHre12G+8vmd0nNo2Xc97mcuOQLX5PPzDAaMhzOHGOVpfnq4XSLnukrqTB7oBgf\n" +
-        "DhgL5Vup09FsHgdnj5FLqYq80maqkwGIspH6MVzVpsFSCAnNCmOi0yKm6KHZOQaX\n" +
-        "9W6NApCMFHs/gM0bnLrEWHIjr7ZWn8Z6QjMpBz+CyeYfBQ3NTCg2i9PIPhzGiO9e\n" +
-        "7olk6R3r2ol+MqZp0d3MiJ/R0MlmIdwGZ8WUepptYkx9zOBkgLKeR46jAgMBAAGj\n" +
-        "ggEmMIIBIjASBgNVHRMBAf8ECDAGAQH/AgEBMCcGA1UdJQQgMB4GCCsGAQUFBwMB\n" +
-        "BggrBgEFBQcDAgYIKwYBBQUHAwQwEQYDVR0gBAowCDAGBgRVHSAAMDMGCCsGAQUF\n" +
-        "BwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMwYD\n" +
-        "VR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9zZXJ2ZXIxLmNy\n" +
-        "bDAdBgNVHQ4EFgQUiGi/4I41xDs4a2L3KDuEgcgM100wCwYDVR0PBAQDAgEGMB8G\n" +
-        "A1UdIwQYMBaAFPAXYhNVPbP/CgBr+1CEl/PtYtAaMBkGCSqGSIb2fQdBAAQMMAob\n" +
-        "BFY3LjEDAgCBMA0GCSqGSIb3DQEBBQUAA4GBAEa6RcDNcEIGUlkDJUY/pWTds4zh\n" +
-        "xbVkp3wSmpwPFhx5fxTyF4HD2L60jl3aqjTB7gPpsL2Pk5QZlNsi3t4UkCV70UOd\n" +
-        "ueJRN3o/LOtk4+bjXY2lC0qTHbN80VMLqPjmaf9ghSA9hwhskdtMgRsgfd90q5QP\n" +
-        "ZFdYf+hthc3m6IcJ\n" +
-        "-----END CERTIFICATE-----");
-
-        //
-        // Compromised DigiNotar PKIoverheid CA Organisatie - G2
-        //
-
-        // DigiNotar intermediate, cross-signed by the Dutch government
-        //
-        // Subject: CN=DigiNotar PKIoverheid CA Organisatie - G2,
-        //          O=DigiNotar B.V.,
-        //          C=NL
-        // Issuer:  CN=Staat der Nederlanden Organisatie CA - G2,
-        //          O=Staat der Nederlanden,
-        //          C=NL
-        // Serial:  20001983 (01:31:34:bf)
-        add("diginotar-pkioverheid-organisatie-cross-to-nederlanden-013134BF",
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIIGnDCCBISgAwIBAgIEATE0vzANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJO\n" +
-        "TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMTIwMAYDVQQDDClTdGFh\n" +
-        "dCBkZXIgTmVkZXJsYW5kZW4gT3JnYW5pc2F0aWUgQ0EgLSBHMjAeFw0xMDA1MTIw\n" +
-        "ODUxMzhaFw0yMDAzMjMwOTUwMDRaMFoxCzAJBgNVBAYTAk5MMRcwFQYDVQQKDA5E\n" +
-        "aWdpTm90YXIgQi5WLjEyMDAGA1UEAwwpRGlnaU5vdGFyIFBLSW92ZXJoZWlkIENB\n" +
-        "IE9yZ2FuaXNhdGllIC0gRzIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC\n" +
-        "AQCxExkPJ+Zs1FWGS9DsiYpFkXisR71HK+T8RetPtCZzWzfTw3/2497Xo/gtaMUI\n" +
-        "PkuU1uSHJTZrhLUYdPMoWHMvm2rPvAQe9t7dr/xLqvXbZmIlASWC3vKXWhBu3V2p\n" +
-        "IrEEqSNzOvhxrR3PhETrR9Gvbch8KKvH8jd6dF9fxQIUiqNa4xtsAeNdjtlo1vQJ\n" +
-        "GzLckbUs9SDrjANtJkm4k8SFXdjSm69WaswFM8ygQp40VUSca6DUEtArVM23iQ3l\n" +
-        "9uvo+4UBM096a/GdcjOWDveyhKWlJ8Qn8VFzKXe6Z27+TNy04qGhgS85SY1DOBPO\n" +
-        "0KVcwoc6AGdlQiPxNlkKHaNRyLyjlCox3+M88p0aPASw77EKMBNzttfzo0wBdRSF\n" +
-        "eMDXijlYhVD6LubFvs+LP6+PNtQlCS3SD6xyk/K/i9RQs/kVUJuZ9RTZ+4uRozIm\n" +
-        "JqD43ztggYaDeVsr6xM9KTrBbd29no6H1kquNJcF7hSm9tw4fkrpJFQHPZdoN0Zr\n" +
-        "DceoIa8TVOQJavFNRgrJXfubT73e+7dUy7g4nKc5+2otwHuNq6WnV+xKkoozxeEg\n" +
-        "XHPYkJIrgNUPhhhpfDlPhIa890xb89W0yqDC8DciynlSH1PmqvOQsDvd8ij9rOvF\n" +
-        "BiSgydQvD1j9tZ7sD8+yWdCiBHo4aq5y+73wJWKUCacFCwIDAQABo4IBYTCCAV0w\n" +
-        "SAYDVR0gBEEwPzA9BgRVHSAAMDUwMwYIKwYBBQUHAgEWJ2h0dHA6Ly93d3cuZGln\n" +
-        "aW5vdGFyLm5sL2Nwcy9wa2lvdmVyaGVpZDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud\n" +
-        "DwEB/wQEAwIBBjCBhQYDVR0jBH4wfIAUORCLSZJc22ESIM1JnRqO2pxnQLmhXqRc\n" +
-        "MFoxCzAJBgNVBAYTAk5MMR4wHAYDVQQKDBVTdGFhdCBkZXIgTmVkZXJsYW5kZW4x\n" +
-        "KzApBgNVBAMMIlN0YWF0IGRlciBOZWRlcmxhbmRlbiBSb290IENBIC0gRzKCBACY\n" +
-        "lvQwSQYDVR0fBEIwQDA+oDygOoY4aHR0cDovL2NybC5wa2lvdmVyaGVpZC5ubC9E\n" +
-        "b21PcmdhbmlzYXRpZUxhdGVzdENSTC1HMi5jcmwwHQYDVR0OBBYEFLxdlDvZq3sD\n" +
-        "JXNhwtst7vyrj2WhMA0GCSqGSIb3DQEBCwUAA4ICAQCP/C1Mt9kt1R+978v0t2gX\n" +
-        "dZ1O1ffdnPEqJu2forYcA9VTs+wIzzTi48P0tRYvyMO+19NzqwA2+RpKftZj6V5G\n" +
-        "uqW2jhW3oyrYQx3vXcgfgYWzi/f/PPTZ9EYIP5y8HaDZqEzNJVJOCrEg9x/pQ9lU\n" +
-        "RoETmsBedGwqmDLq/He7DaWiMZgifnx859qkrey3LhoZcfhIUNpDjyyE3cFAJ+O1\n" +
-        "8BVOltT4XOOGKUYr1zsH6zh/yIZXl9PvKjPEF1DVZGlrK2tFXl0vF8paTs/D1zk8\n" +
-        "9TufRrmb5w5Jl53W1eMbD+qPAU6aE5RZCgIHSEsaYKt/T+0L2FUNaG9VnGllFULs\n" +
-        "wNzdbKzDFs4LHVabpMTE0i7gD+JEJytQaaTcYuiKISlCbMwAOpZ2m+9AwKRed4Qy\n" +
-        "bCYqOWauXeO5ubIsaB8empADOfCqs6TMSYsYNOk3yXspx4R8b0QVL+xhWQTJRcui\n" +
-        "1lKifH8pktZKxYtCqNT+6tjHhyMY5J16fXNAUpigrm7jBT8FD+Clxm1N7YM3iJzH\n" +
-        "89xCmmq21yFJNnfy7xhPxXDZnunetyuL9Lx+KN8NQMmFXK6dxTH/0FwOtah+8Okv\n" +
-        "uq+IruW10Vilr5xxpykBkINpN4IFuvwJwQhujHg7wzMCgD9EhQgd31VWCK0shS1d\n" +
-        "sQPhrqp0xaTzTro3mHuCuQ==\n" +
-        "-----END CERTIFICATE-----");
-
-        //
-        // Compromised DigiNotar PKIoverheid CA Overheid en Bedrijven
-        //
-
-        // DigiNotar intermediate, cross-signed by the Dutch government
-        //
-        // Subject: CN=DigiNotar PKIoverheid CA Overheid en Bedrijven,
-        //          O=DigiNotar B.V.,
-        //          C=NL
-        // Issuer:  CN=Staat der Nederlanden Overheid CA
-        //          O=Staat der Nederlanden,
-        //          C=NL
-        // Serial:  20015536 (01:31:69:b0)
-        add("diginotar-pkioverheid-overheid-enb-cross-to-nederlanden-013169B0",
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIIEiDCCA3CgAwIBAgIEATFpsDANBgkqhkiG9w0BAQUFADBZMQswCQYDVQQGEwJO\n" +
-        "TDEeMBwGA1UEChMVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSowKAYDVQQDEyFTdGFh\n" +
-        "dCBkZXIgTmVkZXJsYW5kZW4gT3ZlcmhlaWQgQ0EwHhcNMDcwNzA1MDg0MjA3WhcN\n" +
-        "MTUwNzI3MDgzOTQ2WjBfMQswCQYDVQQGEwJOTDEXMBUGA1UEChMORGlnaU5vdGFy\n" +
-        "IEIuVi4xNzA1BgNVBAMTLkRpZ2lOb3RhciBQS0lvdmVyaGVpZCBDQSBPdmVyaGVp\n" +
-        "ZCBlbiBCZWRyaWp2ZW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc\n" +
-        "vdKnTmoKuzuiheF/AK2+tDBomAfNoHrElM9x+Yo35FPrV3bMi+Zs/u6HVcg+uwQ5\n" +
-        "AKeAeKxbT370vbhUuHE7BzFJOZNUfCA7eSuPu2GQfbGs5h+QLp1FAalkLU3DL7nn\n" +
-        "UNVOKlyrdnY3Rtd57EKZ96LspIlw3Dgrh6aqJOadkiQbvvb91C8ZF3rmMgeUVAVT\n" +
-        "Q+lsvK9Hy7zL/b07RBKB8WtLu+20z6slTxjSzAL8o0+1QjPLWc0J3NNQ/aB2jKx+\n" +
-        "ZopC9q0ckvO2+xRG603XLzDgbe5bNr5EdLcgBVeFTegAGaL2DOauocBC36esgl3H\n" +
-        "aLcY5olLmmv6znn58yynAgMBAAGjggFQMIIBTDBIBgNVHSAEQTA/MD0GBFUdIAAw\n" +
-        "NTAzBggrBgEFBQcCARYnaHR0cDovL3d3dy5kaWdpbm90YXIubmwvY3BzL3BraW92\n" +
-        "ZXJoZWlkMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMIGABgNVHSME\n" +
-        "eTB3gBQLhtYPd6NosftkCcOIblwEHFfpPaFZpFcwVTELMAkGA1UEBhMCTkwxHjAc\n" +
-        "BgNVBAoTFVN0YWF0IGRlciBOZWRlcmxhbmRlbjEmMCQGA1UEAxMdU3RhYXQgZGVy\n" +
-        "IE5lZGVybGFuZGVuIFJvb3QgQ0GCBACYmnkwPQYDVR0fBDYwNDAyoDCgLoYsaHR0\n" +
-        "cDovL2NybC5wa2lvdmVyaGVpZC5ubC9Eb21PdkxhdGVzdENSTC5jcmwwHQYDVR0O\n" +
-        "BBYEFEwIyY128ZjHPt881y91DbF2eZfMMA0GCSqGSIb3DQEBBQUAA4IBAQAMlIca\n" +
-        "v03jheLu19hjeQ5Q38aEW9K72fUxCho1l3TfFPoqDz7toOMI9tVOW6+mriXiRWsi\n" +
-        "D7dUKH6S3o0UbNEc5W50BJy37zRERd/Jgx0ZH8Apad+J1T/CsFNt5U4X5HNhIxMm\n" +
-        "cUP9TFnLw98iqiEr2b+VERqKpOKrp11Lbyn1UtHk0hWxi/7wA8+nfemZhzizDXMU\n" +
-        "5HIs4c71rQZIZPrTKbmi2Lv01QulQERDjqC/zlqlUkxk0xcxYczopIro5Ij76eUv\n" +
-        "BjMzm5RmZrGrUDqhCYF0U1onuabSJc/Tw6f/ltAv6uAejVLpGBwgCkegllYOQJBR\n" +
-        "RKwa/fHuhR/3Qlpl\n" +
-        "-----END CERTIFICATE-----");
-
-        //
-        // Compromised DigiNotar PKIoverheid CA Overheid
-        //
-
-        // DigiNotar intermediate, cross-signed by the Dutch government
-        //
-        // Subject: CN=DigiNotar PKIoverheid CA Overheid
-        //          O=DigiNotar B.V.,
-        //          C=NL
-        // Issuer:  CN=Staat der Nederlanden Overheid CA
-        //          O=Staat der Nederlanden,
-        //          C=NL
-        // Serial:  20006006 (01:31:44:76)
-        add("diginotar-pkioverheid-overheid-cross-to-nederlanden-01314476",
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIIEezCCA2OgAwIBAgIEATFEdjANBgkqhkiG9w0BAQUFADBZMQswCQYDVQQGEwJO\n" +
-        "TDEeMBwGA1UEChMVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSowKAYDVQQDEyFTdGFh\n" +
-        "dCBkZXIgTmVkZXJsYW5kZW4gT3ZlcmhlaWQgQ0EwHhcNMDQwNjI0MDgxOTMyWhcN\n" +
-        "MTAwNjIzMDgxNzM2WjBSMQswCQYDVQQGEwJOTDEXMBUGA1UEChMORGlnaU5vdGFy\n" +
-        "IEIuVi4xKjAoBgNVBAMTIURpZ2lOb3RhciBQS0lvdmVyaGVpZCBDQSBPdmVyaGVp\n" +
-        "ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANSlrubta5tlOjVCi/gb\n" +
-        "yLCvRqfBjxG8H594VcKHu0WAYc99SPZF9cycj5mw2GyfQvy/WIrGrL4iyNq1gSqR\n" +
-        "0QA/mTXKZIaPqzpDhdm+VvrKkmjrbZfaQxgMSs3ChtBsjcP9Lc0X1zXZ4Q8nBe3k\n" +
-        "BTp+zehINfmbjoEgXLxsMR5RQ6GxzKjuC04PQpbJQgTIakglKaqYcDDZbEscWgPV\n" +
-        "Hgj/2aoHlj6leW/ThHZ+O41jUguEmBLZA3mu3HrCfrHntb5dPt0ihzSx7GtD/SaX\n" +
-        "5HBLxnP189YuqMk5iRA95CtiSdKauvon/xRKRLNgG6XAz0ctSoY7xLDdiBVU5kJd\n" +
-        "FScCAwEAAaOCAVAwggFMMEgGA1UdIARBMD8wPQYEVR0gADA1MDMGCCsGAQUFBwIB\n" +
-        "FidodHRwOi8vd3d3LmRpZ2lub3Rhci5ubC9jcHMvcGtpb3ZlcmhlaWQwDwYDVR0T\n" +
-        "AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwgYAGA1UdIwR5MHeAFAuG1g93o2ix\n" +
-        "+2QJw4huXAQcV+k9oVmkVzBVMQswCQYDVQQGEwJOTDEeMBwGA1UEChMVU3RhYXQg\n" +
-        "ZGVyIE5lZGVybGFuZGVuMSYwJAYDVQQDEx1TdGFhdCBkZXIgTmVkZXJsYW5kZW4g\n" +
-        "Um9vdCBDQYIEAJiaeTA9BgNVHR8ENjA0MDKgMKAuhixodHRwOi8vY3JsLnBraW92\n" +
-        "ZXJoZWlkLm5sL0RvbU92TGF0ZXN0Q1JMLmNybDAdBgNVHQ4EFgQUvRaYQh2+kdE9\n" +
-        "wpcl4CjXWOC1f+IwDQYJKoZIhvcNAQEFBQADggEBAGhQsCWLiaN2EOhPAW+JQP6o\n" +
-        "XBOrLv5w6joahzBFVn1BiefzmlMKjibqKYxURRvMAsMkh82/MfL8V0w6ugxl81lu\n" +
-        "i42dcxl9cKSVXKMw4bbBzJ2VQI5HTIABwefeNuy/eX6idVwYdt3ajAH7fUA8Q9Cq\n" +
-        "vr6H8B+8mwoEqTVTEVlCSsC/EXsokYEUr06PPzRudKjDmijgj7zFaIioZNc8hk7g\n" +
-        "ufEgrs/tmcNGylrwRHgCXjCRBt2NHlZ08l7A1AGU8HcHlSbG9Un/2q9kVHUkps0D\n" +
-        "gtUaEK+x6jpAu/R8Ojezu/+ZEcwwjI/KOhG+84+ejFmtyEkrUdsAdEdLf/2dKsw=\n" +
-        "-----END CERTIFICATE-----");
-
-        //
-        // Compromised DigiNotar Services 1024 CA
-        //
-
-        // DigiNotar intermediate, cross-signed by the Entrust
-        //
-        // Subject: EMAILADDRESS=info@diginotar.nl,
-        //          CN=DigiNotar Services 1024 CA
-        //          O=DigiNotar, C=NL
-        // Issuer:  CN=Entrust.net Secure Server Certification Authority,
-        //          OU=(c) 1999 Entrust.net Limited,
-        //          OU=www.entrust.net/CPS incorp. by ref. (limits liab.),
-        //          O=Entrust.net,
-        //          C=US
-        // Serial:  1184640176 (46:9c:2c:b0)
-        add("diginotar-services-1024-ca-cross-to-entrust-469C2CB0",
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIIDzTCCAzagAwIBAgIERpwssDANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC\n" +
-        "VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u\n" +
-        "ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc\n" +
-        "KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u\n" +
-        "ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNzA3\n" +
-        "MjYxNTU5MDBaFw0xMzA4MjYxNjI5MDBaMGgxCzAJBgNVBAYTAk5MMRIwEAYDVQQK\n" +
-        "EwlEaWdpTm90YXIxIzAhBgNVBAMTGkRpZ2lOb3RhciBTZXJ2aWNlcyAxMDI0IENB\n" +
-        "MSAwHgYJKoZIhvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCBnzANBgkqhkiG9w0B\n" +
-        "AQEFAAOBjQAwgYkCgYEA2ptNXTz50eKLxsYIIMXZHkjsZlhneWIrQWP0iY1o2q+4\n" +
-        "lDaLGSSkoJPSmQ+yrS01Tc0vauH5mxkrvAQafi09UmTN8T5nD4ku6PJPrqYIoYX+\n" +
-        "oakJ5sarPkP8r3oDkdqmOaZh7phPGKjTs69mgumfvN1y+QYEvRLZGCTnq5NTi1kC\n" +
-        "AwEAAaOCASYwggEiMBIGA1UdEwEB/wQIMAYBAf8CAQAwJwYDVR0lBCAwHgYIKwYB\n" +
-        "BQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBDARBgNVHSAECjAIMAYGBFUdIAAwMwYI\n" +
-        "KwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5lbnRydXN0Lm5l\n" +
-        "dDAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmVudHJ1c3QubmV0L3NlcnZl\n" +
-        "cjEuY3JsMB0GA1UdDgQWBBT+3JRJDG/vXH/G8RKZTxZJrfuCZTALBgNVHQ8EBAMC\n" +
-        "AQYwHwYDVR0jBBgwFoAU8BdiE1U9s/8KAGv7UISX8+1i0BowGQYJKoZIhvZ9B0EA\n" +
-        "BAwwChsEVjcuMQMCAIEwDQYJKoZIhvcNAQEFBQADgYEAY3RqN6k/lpxmyFisCcnv\n" +
-        "9WWUf6MCxDgxvV0jh+zUVrLJsm7kBQb87PX6iHBZ1O7m3bV6oKNgLwIMq94SXa/w\n" +
-        "NUuqikeRGvWFLELHHe+VQ7NeuJWTpdrFKKqtci0xrZlrbP+MISevrZqRK8fdWMNu\n" +
-        "B8WfedLHjFW/TMcnXlEWKz4=\n" +
-        "-----END CERTIFICATE-----");
-
-        //
-        // Revoked DigiCert code signing certificates used to sign malware
-        //
-
-        // Subject: CN=Buster Paper Comercial Ltda,
-        //          O=Buster Paper Comercial Ltda,
-        //          L=S?o Jos? Dos Campos,
-        //          ST=S?o Paulo,
-        //          C=BR
-        // Issuer:  CN=DigiCert Assured ID Code Signing CA-1,
-        //          OU=www.digicert.com,
-        //          O=DigiCert Inc,
-        //          C=US
-        // Serial:  07:b4:4c:db:ff:fb:78:de:05:f4:26:16:72:a6:73:12
-        add("buster-paper-comercial-ltda-72A67312",
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIIGwzCCBaugAwIBAgIQB7RM2//7eN4F9CYWcqZzEjANBgkqhkiG9w0BAQUFADBv\n" +
-        "MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\n" +
-        "d3cuZGlnaWNlcnQuY29tMS4wLAYDVQQDEyVEaWdpQ2VydCBBc3N1cmVkIElEIENv\n" +
-        "ZGUgU2lnbmluZyBDQS0xMB4XDTEzMDExNzAwMDAwMFoXDTE0MDEyMjEyMDAwMFow\n" +
-        "gY4xCzAJBgNVBAYTAkJSMRMwEQYDVQQIDApTw6NvIFBhdWxvMR4wHAYDVQQHDBVT\n" +
-        "w6NvIEpvc8OpIERvcyBDYW1wb3MxJDAiBgNVBAoTG0J1c3RlciBQYXBlciBDb21l\n" +
-        "cmNpYWwgTHRkYTEkMCIGA1UEAxMbQnVzdGVyIFBhcGVyIENvbWVyY2lhbCBMdGRh\n" +
-        "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzO0l6jWIpEfO2oUpVHpL\n" +
-        "HETj5lzivNb0S9jKHgGJax917czh81PnGTxwxFXd6gLJuy/XFHvmiSi8g8jzlymn\n" +
-        "2Ji5zQ3CPaz7nomJokSUDlMVJ2qYWtctw4jrdjuI4qtn+koXXUFkWjkf8h8251I4\n" +
-        "tUs7S49HE2Go5owCYP3byajj7fsFAYR/Xb7TdVtndkZsUB/YgOjHovyACjouaNCi\n" +
-        "mDiRyQ6zLLjZGiyeD65Yiseuhp5b8/BL5h1p7w76QYMYMVQNAdtDKut2R8MBpuWf\n" +
-        "Ny7Eoi0x/gm1p9X5Rcl5aN7K0G4UtTAJKbkuUfXddsyFoM0Nx8uo8SgNQ8Y/X5Jx\n" +
-        "BwIDAQABo4IDOTCCAzUwHwYDVR0jBBgwFoAUe2jOKarAF75JeuHlP9an90WPNTIw\n" +
-        "HQYDVR0OBBYEFFLZ3n5nt/Eer7n1bvtOqMb1qKO5MA4GA1UdDwEB/wQEAwIHgDAT\n" +
-        "BgNVHSUEDDAKBggrBgEFBQcDAzBzBgNVHR8EbDBqMDOgMaAvhi1odHRwOi8vY3Js\n" +
-        "My5kaWdpY2VydC5jb20vYXNzdXJlZC1jcy0yMDExYS5jcmwwM6AxoC+GLWh0dHA6\n" +
-        "Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9hc3N1cmVkLWNzLTIwMTFhLmNybDCCAcQGA1Ud\n" +
-        "IASCAbswggG3MIIBswYJYIZIAYb9bAMBMIIBpDA6BggrBgEFBQcCARYuaHR0cDov\n" +
-        "L3d3dy5kaWdpY2VydC5jb20vc3NsLWNwcy1yZXBvc2l0b3J5Lmh0bTCCAWQGCCsG\n" +
-        "AQUFBwICMIIBVh6CAVIAQQBuAHkAIAB1AHMAZQAgAG8AZgAgAHQAaABpAHMAIABD\n" +
-        "AGUAcgB0AGkAZgBpAGMAYQB0AGUAIABjAG8AbgBzAHQAaQB0AHUAdABlAHMAIABh\n" +
-        "AGMAYwBlAHAAdABhAG4AYwBlACAAbwBmACAAdABoAGUAIABEAGkAZwBpAEMAZQBy\n" +
-        "AHQAIABDAFAALwBDAFAAUwAgAGEAbgBkACAAdABoAGUAIABSAGUAbAB5AGkAbgBn\n" +
-        "ACAAUABhAHIAdAB5ACAAQQBnAHIAZQBlAG0AZQBuAHQAIAB3AGgAaQBjAGgAIABs\n" +
-        "AGkAbQBpAHQAIABsAGkAYQBiAGkAbABpAHQAeQAgAGEAbgBkACAAYQByAGUAIABp\n" +
-        "AG4AYwBvAHIAcABvAHIAYQB0AGUAZAAgAGgAZQByAGUAaQBuACAAYgB5ACAAcgBl\n" +
-        "AGYAZQByAGUAbgBjAGUALjCBggYIKwYBBQUHAQEEdjB0MCQGCCsGAQUFBzABhhho\n" +
-        "dHRwOi8vb2NzcC5kaWdpY2VydC5jb20wTAYIKwYBBQUHMAKGQGh0dHA6Ly9jYWNl\n" +
-        "cnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRENvZGVTaWduaW5nQ0Et\n" +
-        "MS5jcnQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQUFAAOCAQEAPTTQvpOIikXI\n" +
-        "hTLnNbajaFRR5GhQpTzUNgBfF9VYSlNw/wMjpGsrh5RxaJCip52jbehmTgjMRhft\n" +
-        "jRYyml44PAVsCcR9uEoDpCZYpI1fHI1R+F8jd1C9rqprbSwwOG4xlg4SmvTHYs6e\n" +
-        "gBItQ/1p9XY+Sf4Wv1qOuOFL1qvV/5VyR2zdlOQCmKCeMgxt6a/tHLBDiAA67D44\n" +
-        "/vfdoNJl0CU2It0PO60jdCPFNWIRcxL+OSDqAoePeUC7xQ+JsTEIxuUE8+d6w6fc\n" +
-        "BV2mYb1flh22t46GLjh4gyo7xw3aL6L0L0jzlTT6IcEw6NIbaPbIKj/npQnHobYj\n" +
-        "XMuKLxbh7g==\n" +
-        "-----END CERTIFICATE-----");
-
-        // Subject: CN=BUSTER ASSISTENCIA TECNICA ELETRONICA LTDA - ME,
-        //          O=BUSTER ASSISTENCIA TECNICA ELETRONICA LTDA - ME,
-        //          L=S?o Paulo,
-        //          ST=S?o Paulo,
-        //          C=BR
-        // Issuer:  CN=DigiCert Assured ID Code Signing CA-1,
-        //          OU=www.digicert.com,
-        //          O=DigiCert Inc,
-        //          C=US
-        // Serial:  0a:38:9b:95:ee:73:6d:d1:3b:c0:ed:74:3f:d7:4d:2f
-        add("buster-assistencia-tecnica-electronica-ltda-3FD74D2F",
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIIG4DCCBcigAwIBAgIQCjible5zbdE7wO10P9dNLzANBgkqhkiG9w0BAQUFADBv\n" +
-        "MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\n" +
-        "d3cuZGlnaWNlcnQuY29tMS4wLAYDVQQDEyVEaWdpQ2VydCBBc3N1cmVkIElEIENv\n" +
-        "ZGUgU2lnbmluZyBDQS0xMB4XDTEyMTEwOTAwMDAwMFoXDTEzMTExNDEyMDAwMFow\n" +
-        "gasxCzAJBgNVBAYTAkJSMRMwEQYDVQQIDApTw6NvIFBhdWxvMRMwEQYDVQQHDApT\n" +
-        "w6NvIFBhdWxvMTgwNgYDVQQKEy9CVVNURVIgQVNTSVNURU5DSUEgVEVDTklDQSBF\n" +
-        "TEVUUk9OSUNBIExUREEgLSBNRTE4MDYGA1UEAxMvQlVTVEVSIEFTU0lTVEVOQ0lB\n" +
-        "IFRFQ05JQ0EgRUxFVFJPTklDQSBMVERBIC0gTUUwggEiMA0GCSqGSIb3DQEBAQUA\n" +
-        "A4IBDwAwggEKAoIBAQDAqNeEs5/B2CTXGjTOkUIdu6jV6qulOZwdw4sefHWYj1UR\n" +
-        "4z6zPk9kjpUgbnb402RFq88QtfInwddZ/wXn9OxMtDd/3TnC7HrhNS7ga79ZFL2V\n" +
-        "JnmzKHum2Yvh0q82QEJ9tHBR2X9VdKpUIH08Zs3k6cWWM1H0YX0cxA/HohhesQJW\n" +
-        "kwJ3urOIJiH/HeByDk8a1NS8safcCxk5vxvW4WvCg43iT09LeHY5Aa8abKw8lqVb\n" +
-        "0tD5ZSIjdmdj3TT1U37iAHLLRM2DXbxfdbhouUX1c5U1ZHAMA67HwjKiseOiDaHj\n" +
-        "NUGbC37C+cgbc9VVM/cURD8WvS0Kj6fQv7F2QtJDAgMBAAGjggM5MIIDNTAfBgNV\n" +
-        "HSMEGDAWgBR7aM4pqsAXvkl64eU/1qf3RY81MjAdBgNVHQ4EFgQU88EXKAyDsh30\n" +
-        "o9+Gu9a4xUy+FSMwDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMD\n" +
-        "MHMGA1UdHwRsMGowM6AxoC+GLWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9hc3N1\n" +
-        "cmVkLWNzLTIwMTFhLmNybDAzoDGgL4YtaHR0cDovL2NybDQuZGlnaWNlcnQuY29t\n" +
-        "L2Fzc3VyZWQtY3MtMjAxMWEuY3JsMIIBxAYDVR0gBIIBuzCCAbcwggGzBglghkgB\n" +
-        "hv1sAwEwggGkMDoGCCsGAQUFBwIBFi5odHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9z\n" +
-        "c2wtY3BzLXJlcG9zaXRvcnkuaHRtMIIBZAYIKwYBBQUHAgIwggFWHoIBUgBBAG4A\n" +
-        "eQAgAHUAcwBlACAAbwBmACAAdABoAGkAcwAgAEMAZQByAHQAaQBmAGkAYwBhAHQA\n" +
-        "ZQAgAGMAbwBuAHMAdABpAHQAdQB0AGUAcwAgAGEAYwBjAGUAcAB0AGEAbgBjAGUA\n" +
-        "IABvAGYAIAB0AGgAZQAgAEQAaQBnAGkAQwBlAHIAdAAgAEMAUAAvAEMAUABTACAA\n" +
-        "YQBuAGQAIAB0AGgAZQAgAFIAZQBsAHkAaQBuAGcAIABQAGEAcgB0AHkAIABBAGcA\n" +
-        "cgBlAGUAbQBlAG4AdAAgAHcAaABpAGMAaAAgAGwAaQBtAGkAdAAgAGwAaQBhAGIA\n" +
-        "aQBsAGkAdAB5ACAAYQBuAGQAIABhAHIAZQAgAGkAbgBjAG8AcgBwAG8AcgBhAHQA\n" +
-        "ZQBkACAAaABlAHIAZQBpAG4AIABiAHkAIAByAGUAZgBlAHIAZQBuAGMAZQAuMIGC\n" +
-        "BggrBgEFBQcBAQR2MHQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0\n" +
-        "LmNvbTBMBggrBgEFBQcwAoZAaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0Rp\n" +
-        "Z2lDZXJ0QXNzdXJlZElEQ29kZVNpZ25pbmdDQS0xLmNydDAMBgNVHRMBAf8EAjAA\n" +
-        "MA0GCSqGSIb3DQEBBQUAA4IBAQAei1QmiXepje8OIfo/WonD4MIXgpPr2dfRaquQ\n" +
-        "A8q63OpTRSveyqdQDCSPpDRF/nvO1Y30yksZvIH1tNBsW5LBdxAKN3lFdBlqBwtE\n" +
-        "Q3jHc0KVVYRJ0FBaGE/PJHmRajscdAhYIcMPhTga0u0tDK+wOHEq3993dfl6yHjA\n" +
-        "XHU2iW5pnk75ZoE39zALD5eKXT8ZXrET5c3XUFJKWA+XuGmdmyzqo0Au49PanBv9\n" +
-        "UlZnabYfqoMArqMS0tGSX4cGgi9/2E+pHG9BX4sFW+ZDumroOA2pxyMWEKjxePEL\n" +
-        "zCOfhbsRWdMLYepauaNZOIMZXmFwcrIl0TGMkTAtATz+XmZc\n" +
-        "-----END CERTIFICATE-----");
-
-        //
-        // Revoked code signing certificate w/ a stolen key issued by GoDaddy
-        // used to sign malware
-        //
-
-        // Subject: CN=CLEARESULT CONSULTING INC., OU=Corporate IT,
-        //          O=CLEARESULT CONSULTING INC., L=Austin, ST=TX, C=US
-        // Issuer:  SERIALNUMBER=07969287,
-        //          CN=Go Daddy Secure Certification Authority,
-        //          OU=http://certificates.godaddy.com/repository,
-        //          O="GoDaddy.com, Inc.",
-        //          L=Scottsdale,
-        //          ST=Arizona,
-        //          C=US
-        // Serial:  2b:73:43:2a:a8:4f:44
-        add("clearesult-consulting-inc-2AA84F44",
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIIFYjCCBEqgAwIBAgIHK3NDKqhPRDANBgkqhkiG9w0BAQUFADCByjELMAkGA1UE\n" +
-        "BhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAY\n" +
-        "BgNVBAoTEUdvRGFkZHkuY29tLCBJbmMuMTMwMQYDVQQLEypodHRwOi8vY2VydGlm\n" +
-        "aWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkxMDAuBgNVBAMTJ0dvIERhZGR5\n" +
-        "IFNlY3VyZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTERMA8GA1UEBRMIMDc5Njky\n" +
-        "ODcwHhcNMTIwMjE1MjEwOTA2WhcNMTQwMjE1MjEwOTA2WjCBjDELMAkGA1UEBgwC\n" +
-        "VVMxCzAJBgNVBAgMAlRYMQ8wDQYDVQQHDAZBdXN0aW4xIzAhBgNVBAoMGkNMRUFS\n" +
-        "RVNVTFQgQ09OU1VMVElORyBJTkMuMRUwEwYDVQQLDAxDb3Jwb3JhdGUgSVQxIzAh\n" +
-        "BgNVBAMMGkNMRUFSRVNVTFQgQ09OU1VMVElORyBJTkMuMIIBIjANBgkqhkiG9w0B\n" +
-        "AQEFAAOCAQ8AMIIBCgKCAQEAtIOjCKeAicull+7ZIzt0/4ya3IeXUFlfypqKMLkU\n" +
-        "IbKjn0P5uMj6VE3rlbZr44RCegxvdnR6umBh1c0ZXoN3o+yc0JKcKcLiApmJJ277\n" +
-        "p7IbLwYDhBXRQNoIJm187IOMRPIxsKN4hL91txn9jGBmW+9zKlJlNhR5R7vjwU2E\n" +
-        "jrH/6oqsc9EM2yYpfjlNv6+3jSwAYZCkSWr+27PQOV+YHKmIxtJjX0upFz5FdIrV\n" +
-        "9CCX+L2Kji1THOkSgG4QTbYxmEcHqGViWz8hXLeNXjcbEsPuIiAu3hknxRHfUTE/\n" +
-        "U0Lh0Ug1e3LrJu+WnxM2SmUY4krsZ22c0yWUW9hzWITIjQIDAQABo4IBhzCCAYMw\n" +
-        "DwYDVR0TAQH/BAUwAwEBADATBgNVHSUEDDAKBggrBgEFBQcDAzAOBgNVHQ8BAf8E\n" +
-        "BAMCB4AwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5nb2RhZGR5LmNvbS9n\n" +
-        "ZHM1LTE2LmNybDBTBgNVHSAETDBKMEgGC2CGSAGG/W0BBxcCMDkwNwYIKwYBBQUH\n" +
-        "AgEWK2h0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS8w\n" +
-        "gYAGCCsGAQUFBwEBBHQwcjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZ29kYWRk\n" +
-        "eS5jb20vMEoGCCsGAQUFBzAChj5odHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHku\n" +
-        "Y29tL3JlcG9zaXRvcnkvZ2RfaW50ZXJtZWRpYXRlLmNydDAfBgNVHSMEGDAWgBT9\n" +
-        "rGEyk2xF1uLuhV+auud2mWjM5zAdBgNVHQ4EFgQUDtdeKqeN2QkcbEp1HovFieNB\n" +
-        "XiowDQYJKoZIhvcNAQEFBQADggEBAD74Agw5tvi2aBl4/f/s7/VE/BClzDsKMb9K\n" +
-        "v9qpeC45ZA/jelxV11HKbQnVF194gDb7D2H9OsAsRUy8HVKbXEcc/8dKvwOqb+BC\n" +
-        "2i/EmfjLgmCfezNFtLq8xcPxF3zIRc44vPrK0z4YZsaHdH+yTEJ51p5EMdTqaLaP\n" +
-        "4n5m8LX3RfqlQB9dYFe6dUoYZjKm9d/pIRww3VqfOzjl42Edi1w6dWmBVMx1NZuR\n" +
-        "DBabJH1vJ9Gd+KwxMCmBZ6pQPl28JDimhJhI2LNqU349uADQVV0HJosddN/ARyyI\n" +
-        "LSIQO7BnNVKVG9Iujf33bvPNeg0qNz5qw+rKKq97Pqeum+L5oKU=\n" +
-        "-----END CERTIFICATE-----");
-    }
+    private UntrustedCertificates() {}
 }
--- a/src/share/classes/sun/security/x509/X509CertImpl.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/sun/security/x509/X509CertImpl.java	Tue Sep 24 14:34:55 2013 -0700
@@ -37,6 +37,7 @@
 import java.security.cert.*;
 import java.security.cert.Certificate;
 import java.util.*;
+import java.util.concurrent.ConcurrentHashMap;
 
 import javax.security.auth.x500.X500Principal;
 
@@ -1913,4 +1914,45 @@
         }
         return false;
     }
+
+    private ConcurrentHashMap<String,String> fingerprints =
+            new ConcurrentHashMap<>(2);
+
+    public String getFingerprint(String algorithm) {
+        return fingerprints.computeIfAbsent(algorithm,
+                x -> getCertificateFingerPrint(x));
+    }
+
+    /**
+     * Gets the requested finger print of the certificate. The result
+     * only contains 0-9 and A-F. No small case, no colon.
+     */
+    private String getCertificateFingerPrint(String mdAlg) {
+        String fingerPrint = "";
+        try {
+            byte[] encCertInfo = getEncoded();
+            MessageDigest md = MessageDigest.getInstance(mdAlg);
+            byte[] digest = md.digest(encCertInfo);
+            StringBuffer buf = new StringBuffer();
+            for (int i = 0; i < digest.length; i++) {
+                byte2hex(digest[i], buf);
+            }
+            fingerPrint = buf.toString();
+        } catch (NoSuchAlgorithmException | CertificateEncodingException e) {
+            // ignored
+        }
+        return fingerPrint;
+    }
+
+    /**
+     * Converts a byte to hex digit and writes to the supplied buffer
+     */
+    private static void byte2hex(byte b, StringBuffer buf) {
+        char[] hexChars = { '0', '1', '2', '3', '4', '5', '6', '7', '8',
+                '9', 'A', 'B', 'C', 'D', 'E', 'F' };
+        int high = ((b & 0xf0) >> 4);
+        int low = (b & 0x0f);
+        buf.append(hexChars[high]);
+        buf.append(hexChars[low]);
+    }
 }
--- a/src/share/classes/sun/tools/jstat/resources/jstat_options	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/classes/sun/tools/jstat/resources/jstat_options	Tue Sep 24 14:34:55 2013 -0700
@@ -208,6 +208,22 @@
     format "0.0"
   }
   column {
+    header "^CCSC^"	/* Compressed Class Space Capacity - Current */
+    data sun.gc.compressedclassspace.capacity
+    align center
+    width 6
+    scale K
+    format "0.0"
+  }
+  column {
+    header "^CCSU^"	/* Compressed Class Space Used */
+    data sun.gc.compressedclassspace.used
+    align center
+    width 6
+    scale K
+    format "0.0"
+  }
+  column {
     header "^YGC^"	/* Young Generation Collections */
     data sun.gc.collector.0.invocations
     align right
@@ -354,6 +370,30 @@
     format "0.0"
   }
   column {
+    header "^CCSMN^"    /* Compressed Class Space Capacity - Minimum */
+    data sun.gc.compressedclassspace.minCapacity
+    scale K
+    align right
+    width 8
+    format "0.0"
+  }
+  column {
+    header "^CCSMX^"	/* Compressed Class Space Capacity - Maximum */
+    data sun.gc.compressedclassspace.maxCapacity
+    scale K
+    align right
+    width 8
+    format "0.0"
+  }
+  column {
+    header "^CCSC^"	/* Compressed Class Space Capacity - Current */
+    data sun.gc.compressedclassspace.capacity
+    scale K
+    align right
+    width 8
+    format "0.0"
+  }
+  column {
     header "^YGC^"	/* Young Generation Collections */
     data sun.gc.collector.0.invocations
     align right
@@ -412,6 +452,14 @@
     format "0.00"
   }
   column {
+    header "^CCS^"	/* Compressed Class Space - Percent Used */
+    data (1-((sun.gc.compressedclassspace.capacity - sun.gc.compressedclassspace.used)/sun.gc.compressedclassspace.capacity)) * 100
+    align right
+    width 6
+    scale raw
+    format "0.00"
+  }
+  column {
     header "^YGC^"	/* Young Generation Collections */
     data sun.gc.collector.0.invocations
     align right
@@ -662,6 +710,22 @@
     format "0.0"
   }
   column {
+    header "^CCSC^"	/* Compressed Class Space Capacity - Current */
+    data sun.gc.compressedclassspace.capacity
+    width 8
+    align right
+    scale K
+    format "0.0"
+  }
+  column {
+    header "^CCSU^"	/* Compressed Class Space Used */
+    data sun.gc.compressedclassspace.used
+    width 8
+    align right
+    scale K
+    format "0.0"
+  }
+  column {
     header "^OC^"	/* Old Space Capacity - Current */
     data sun.gc.generation.1.space.0.capacity
     width 11
@@ -802,6 +866,30 @@
     format "0.0"
   }
   column {
+    header "^CCSMN^"	/* Compressed Class Space Capacity - Minimum */
+    data sun.gc.compressedclassspace.minCapacity
+    scale K
+    align right
+    width 10
+    format "0.0"
+  }
+  column {
+    header "^CCSMX^"	/* Compressed Class Space Capacity - Maximum */
+    data sun.gc.compressedclassspace.maxCapacity
+    scale K
+    align right
+    width 10
+    format "0.0"
+  }
+  column {
+    header "^CCSC^"	/* Compressed Class Space Capacity - Current */
+    data sun.gc.compressedclassspace.capacity
+    scale K
+    align right
+    width 10
+    format "0.0"
+  }
+  column {
     header "^YGC^"	/* Young Generation Collections */
     data sun.gc.collector.0.invocations
     align right
@@ -876,6 +964,14 @@
     format "0.00"
   }
   column {
+    header "^CCS^"	/* Compressed Class Space Space - Percent Used */
+    data (1-((sun.gc.compressedclassspace.capacity - sun.gc.compressedclassspace.used)/sun.gc.compressedclassspace.capacity)) * 100
+    align right
+    width 6
+    scale raw
+    format "0.00"
+  }
+  column {
     header "^YGC^"	/* Young Generation Collections */
     data sun.gc.collector.0.invocations
     align right
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/share/lib/security/BlacklistedCertsConverter.java	Tue Sep 24 14:34:55 2013 -0700
@@ -0,0 +1,89 @@
+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+import java.util.Collection;
+
+/**
+ * This is the tool to convert blacklisted.certs.pem to blacklisted.certs.
+ * Every time a new blacklisted certs is added, please append the PEM format
+ * to the end of blacklisted.certs.pem (with proper comments) and then use
+ * this tool to generate an updated blacklisted.certs. Make sure to include
+ * changes to both in a changeset.
+ */
+public class BlacklistedCertsConverter {
+    public static void main(String[] args) throws Exception {
+        if (args.length == 0) {
+            System.out.println("Usage: java BlacklistedCertsConverter SHA-256" +
+                    " < blacklisted.certs.pem > blacklisted.certs");
+            System.exit(1);
+        }
+        String mdAlg = args[0];
+        CertificateFactory cf = CertificateFactory.getInstance("X.509");
+        Collection<? extends Certificate> certs
+                = cf.generateCertificates(System.in);
+        System.out.println("Algorithm=" + mdAlg);
+        for (Certificate cert: certs) {
+            System.out.println(
+                    getCertificateFingerPrint(mdAlg, (X509Certificate)cert));
+        }
+    }
+
+    /**
+     * Converts a byte to hex digit and writes to the supplied buffer
+     */
+    private static void byte2hex(byte b, StringBuffer buf) {
+        char[] hexChars = { '0', '1', '2', '3', '4', '5', '6', '7', '8',
+                '9', 'A', 'B', 'C', 'D', 'E', 'F' };
+        int high = ((b & 0xf0) >> 4);
+        int low = (b & 0x0f);
+        buf.append(hexChars[high]);
+        buf.append(hexChars[low]);
+    }
+
+    /**
+     * Gets the requested finger print of the certificate.
+     */
+    private static String getCertificateFingerPrint(String mdAlg,
+                                                    X509Certificate cert) {
+        String fingerPrint = "";
+        try {
+            byte[] encCertInfo = cert.getEncoded();
+            MessageDigest md = MessageDigest.getInstance(mdAlg);
+            byte[] digest = md.digest(encCertInfo);
+            StringBuffer buf = new StringBuffer();
+            for (int i = 0; i < digest.length; i++) {
+                byte2hex(digest[i], buf);
+            }
+            fingerPrint = buf.toString();
+        } catch (NoSuchAlgorithmException | CertificateEncodingException e) {
+            // ignored
+        }
+        return fingerPrint;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/share/lib/security/blacklisted.certs	Tue Sep 24 14:34:55 2013 -0700
@@ -0,0 +1,19 @@
+Algorithm=SHA-256
+76A45A496031E4DD2D7ED23E8F6FF97DBDEA980BAAC8B0BA94D7EDB551348645
+4CBBF8256BC9888A8007B2F386940A2E394378B0D903CBB3863C5A6394B889CE
+D24566BF315F4E597D6E381C87119FB4198F5E9E2607F5F4AB362EF7E2E7672F
+14E6D2764A4B06701C6CBC376A253775F79C782FBCB6C0EE6F99DE4BA1024ADD
+D3A936E1A7775A45217C8296A1F22AC5631DCDEC45594099E78EEEBBEDCBA967
+5E83124D68D24E8E177E306DF643D5EA99C5A94D6FC34B072F7544A1CABB7C7B
+9ED8F9B0E8E42A1656B8E1DD18F42BA42DC06FE52686173BA2FC70E756F207DC
+FDEDB5BDFCB67411513A61AEE5CB5B5D7C52AF06028EFC996CC1B05B1D6CEA2B
+A686FEE577C88AB664D0787ECDFFF035F4806F3DE418DC9E4D516324FFF02083
+4FEE0163686ECBD65DB968E7494F55D84B25486D438E9DE558D629D28CD4D176
+8A1BD21661C60015065212CC98B1ABB50DFD14C872A208E66BAE890F25C448AF
+B8686723E415534BC0DBD16326F9486F85B0B0799BF6639334E61DAAE67F36CD
+3946901F46B0071E90D78279E82FABABCA177231A704BE72C5B0E8918566EA66
+31C8FD37DB9B56E708B03D1F01848B068C6DA66F36FB5D82C008C6040FA3E133
+450F1B421BB05C8609854884559C323319619E8B06B001EA2DCBB74A23AA3BE2
+FC02FD48DB92D4DCE6F11679D38354CF750CFC7F584A520EB90BDE80E241F2BD
+DF21016B00FC54F9FE3BC8B039911BB216E9162FAD2FD14D990AB96E951B49BE
+F5B6F88F75D391A4B1EB336F9E201239FB6B1377DB8CFA7B84736216E5AFFFD7
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/share/lib/security/blacklisted.certs.pem	Tue Sep 24 14:34:55 2013 -0700
@@ -0,0 +1,721 @@
+// Subject: CN=Digisign Server ID (Enrich),
+//          OU=457608-K,
+//          O=Digicert Sdn. Bhd.,
+//          C=MY
+// Issuer:  CN=GTE CyberTrust Global Root,
+//          OU=GTE CyberTrust Solutions, Inc.,
+//          O=GTE Corporation,
+//          C=US
+// Serial:  120001705 (07:27:14:a9)
+-----BEGIN CERTIFICATE-----
+MIIDyzCCAzSgAwIBAgIEBycUqTANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV
+UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU
+cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds
+b2JhbCBSb290MB4XDTA3MDcxNzE1MTc0OFoXDTEyMDcxNzE1MTY1NFowYzELMAkG
+A1UEBhMCTVkxGzAZBgNVBAoTEkRpZ2ljZXJ0IFNkbi4gQmhkLjERMA8GA1UECxMI
+NDU3NjA4LUsxJDAiBgNVBAMTG0RpZ2lzaWduIFNlcnZlciBJRCAoRW5yaWNoKTCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArahkS02Hx4RZufuQRqCmicDx/tXa
+VII3DZkrRSYK6Fawf8qo9I5HhAGCKeOzarWR8/uVhbxyqGToCkCcxfRxrnt7agfq
+kBRPjYmvlKuyBtQCanuYH1m5Os1U+iDfsioK6bjdaZDAKdNO0JftZszFGUkGf/pe
+LHx7hRsyQt97lSUCAwEAAaOCAXgwggF0MBIGA1UdEwEB/wQIMAYBAf8CAQAwXAYD
+VR0gBFUwUzBIBgkrBgEEAbE+AQAwOzA5BggrBgEFBQcCARYtaHR0cDovL2N5YmVy
+dHJ1c3Qub21uaXJvb3QuY29tL3JlcG9zaXRvcnkuY2ZtMAcGBWCDSgEBMA4GA1Ud
+DwEB/wQEAwIB5jCBiQYDVR0jBIGBMH+heaR3MHUxCzAJBgNVBAYTAlVTMRgwFgYD
+VQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJlclRydXN0IFNv
+bHV0aW9ucywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVyVHJ1c3QgR2xvYmFsIFJv
+b3SCAgGlMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly93d3cucHVibGljLXRydXN0
+LmNvbS9jZ2ktYmluL0NSTC8yMDE4L2NkcC5jcmwwHQYDVR0OBBYEFMYWk04WF+wW
+royUdvOGbcV0boR3MA0GCSqGSIb3DQEBBQUAA4GBAHYAe6Z4K2Ydjl42xqSOBfIj
+knyTZ9P0wAp9iy3Z6tVvGvPhSilaIoRNUC9LDPL/hcJ7VdREgr5trGeOvLQfkpxR
+gBoU9m6rYYgLrRx/90tQUdZlG6ZHcRVesHHzNRTyN71jyNXwk1o0X9g96F33xR7A
+5c8fhiSpPAdmzcHSNmNZ
+-----END CERTIFICATE-----
+
+// Subject: CN=Digisign Server ID - (Enrich),
+//          OU=457608-K,
+//          O=Digicert Sdn. Bhd.,
+//          C=MY
+// Issuer:  CN=Entrust.net Certification Authority (2048)
+//          OU=(c) 1999 Entrust.net Limited,
+//          OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.),
+//          O=Entrust.net
+// Serial:  1184644297 (4c:0e:63:6a)
+-----BEGIN CERTIFICATE-----
+MIIEzjCCA7agAwIBAgIETA5jajANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML
+RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp
+bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5
+IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENlcnRp
+ZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw0xMDA3MTYxNzIzMzdaFw0xNTA3
+MTYxNzUzMzdaMGUxCzAJBgNVBAYTAk1ZMRswGQYDVQQKExJEaWdpY2VydCBTZG4u
+IEJoZC4xETAPBgNVBAsTCDQ1NzYwOC1LMSYwJAYDVQQDEx1EaWdpc2lnbiBTZXJ2
+ZXIgSUQgLSAoRW5yaWNoKTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
+AMWJ5PQNBkCSWccaszXRDkwqM/n4r8qef+65p21g9FTob9Wb8xtjMQRoctE0Foy0
+FyyX3nPF2JAVoBor9cuzSIZE8B2ITM5BQhrv9Qze/kDaOSD3BlU6ap1GwdJvpbLI
+Vz4po5zg6YV3ZuiYpyR+vsBZIOVEb7ZX2L7OwmV3WMZhQdF0BMh/SULFcqlyFu6M
+3RJdtErU0a9Qt9iqdXZorT5dqjBtYairEFs+E78z4K9EnTgiW+9ML6ZxJhUmyiiM
+2fqOjqmiFDXimySItPR/hZ2DTwehthSQNsQ0HI0mYW0Tb3i+6I8nx0uElqOGaAwj
+vgvsjJQAqQSKE5D334VsDLECAwEAAaOCATQwggEwMA4GA1UdDwEB/wQEAwIBBjAS
+BgNVHRMBAf8ECDAGAQH/AgEAMCcGA1UdJQQgMB4GCCsGAQUFBwMBBggrBgEFBQcD
+AgYIKwYBBQUHAwQwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8v
+b2NzcC5lbnRydXN0Lm5ldDBEBgNVHSAEPTA7MDkGBWCDSgEBMDAwLgYIKwYBBQUH
+AgEWImh0dHA6Ly93d3cuZGlnaWNlcnQuY29tLm15L2Nwcy5odG0wMgYDVR0fBCsw
+KTAnoCWgI4YhaHR0cDovL2NybC5lbnRydXN0Lm5ldC8yMDQ4Y2EuY3JsMBEGA1Ud
+DgQKBAhMTswlKAMpgTAfBgNVHSMEGDAWgBRV5IHREYC+2Im5CKMx+aEkCRa5cDAN
+BgkqhkiG9w0BAQUFAAOCAQEAl0zvSjpJrHL8MCBrtClbp8WVBJD5MtXChWreA6E3
++YkAsFqsVX7bQzX/yQH4Ub7MJsrIaqTEVD4mHucMo82XZ5TdpkLrXM2POXlrM3kh
+Bnn6gkQVmczBtznTRmJ8snDrb84gqj4Zt+l0gpy0pUtNYQA35IfS8hQ6ZHy4qXth
+4JMi59WfPkfmNnagU9gAAzoPtTP+lsrT0oI6Lt3XSOHkp2nMHOmZSufKcEXXCwcO
+mnUb0C+Sb/akB8O9HEumhLZ9qJqp0qcp8QtXaR6XVybsK0Os1EWDBQDp4/BGQAf6
+6rFRc5Mcpd1TETfIKqcVJx20qsx/qjEw/LhFn0gJ7RDixQ==
+-----END CERTIFICATE-----
+
+// Subject: CN=Java Media APIs,
+//          OU=Java Signed Extensions,
+//          OU=Corporate Object Signing,
+//          O=Sun Microsystems Inc
+// Issuer:  CN=Object Signing CA,
+//          OU=Class 2 OnSite Subscriber CA,
+//          OU=VeriSign Trust Network,
+//          O=Sun Microsystems Inc
+// Serial:  6a:8b:99:91:37:59:4f:89:53:e2:97:18:9f:19:1e:4e
+-----BEGIN CERTIFICATE-----
+MIIFdzCCBF+gAwIBAgIQaouZkTdZT4lT4pcYnxkeTjANBgkqhkiG9w0BAQUFADCB
+gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT
+aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj
+cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA5MDUxMjAw
+MDAwMFoXDTEyMDUxMTIzNTk1OVowfTEdMBsGA1UEChQUU3VuIE1pY3Jvc3lzdGVt
+cyBJbmMxITAfBgNVBAsUGENvcnBvcmF0ZSBPYmplY3QgU2lnbmluZzEfMB0GA1UE
+CxQWSmF2YSBTaWduZWQgRXh0ZW5zaW9uczEYMBYGA1UEAxQPSmF2YSBNZWRpYSBB
+UElzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5blzoKTVE8y4Hpz
+q6E15RZz1bF5HnYEyYqgHkZXnAKedmYCoMzm1XK8s+gQWShLEvGEAvs5yqarx9gE
+nnC21N28aEZgIJMa2/arKxCUkS4pxdGPYGexL9UzSRkUpoBShCZKEGdmX7gfJE2K
+/sd9MFvGV5/yZtWXrADzvm0Kd/9mg1KRv1gfrZIq0TJbupoXPYYqb73AkI9eT2ZD
+q9MdwD4E5+oojsDFXt8GU/D00fUhtXpYwuplU7D667WHYdJhIah0ST6JywyqcLXG
+XSuFTXOgITT2idSHluZVmx3dqJ72u9kPkO4JdJTMDfaK8zgNLaRkiU8Qcj+qhLYH
+ytaqcwIDAQABo4IB6jCCAeYwCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCB4AwfwYD
+VR0fBHgwdjB0oHKgcIZuaHR0cDovL29uc2l0ZWNybC52ZXJpc2lnbi5jb20vU3Vu
+TWljcm9zeXN0ZW1zSW5jQ29ycG9yYXRlT2JqZWN0U2lnbmluZ0phdmFTaWduZWRF
+eHRlbnNpb25zQ2xhc3NCL0xhdGVzdENSTC5jcmwwHwYDVR0jBBgwFoAUs0crgn5T
+tHPKuLsZt76BTQeVx+0wHQYDVR0OBBYEFKS32mVx0gNWTeS4ProHEaeSpvvIMDsG
+CCsGAQUFBwEBBC8wLTArBggrBgEFBQcwAYYfaHR0cDovL29uc2l0ZS1vY3NwLnZl
+cmlzaWduLmNvbTCBtQYDVR0gBIGtMIGqMDkGC2CGSAGG+EUBBxcCMCowKAYIKwYB
+BQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9ycGEwbQYLYIZIAYb3AIN9
+nD8wXjAnBggrBgEFBQcCARYbaHR0cHM6Ly93d3cuc3VuLmNvbS9wa2kvY3BzMDMG
+CCsGAQUFBwICMCcaJVZhbGlkYXRlZCBGb3IgU3VuIEJ1c2luZXNzIE9wZXJhdGlv
+bnMwEwYDVR0lBAwwCgYIKwYBBQUHAwMwDQYJKoZIhvcNAQEFBQADggEBAAe6BO4W
+3TSNWfezyelJs6kE3HfulT6Bdyz4UUoh9ykXcV8nRwT+kh25I5MdyG2GfkJoADPR
+VhC5DYo13UFpIsTNVjq+hGYe2hML93bN7ad9SxCCyjHUo3yMz2qgBbHZI3VA9ZHA
+aWM4Tx0saMwbcnVvlbuGh+PXvStfypJqYT6lzcdFfjNVX4FI/QQNGhBswMY51tC8
+GTBCL2qhJon0gSCU4zaawDOf7+XxJWirLamYL1Aal1/h2z2sFrvA/1ftxtU3kZ6I
+7De8DyoHeZg7pYGdrj7g+lPhCga/WvEhN152I+aP08YbFcJHYmK05ngl/Ye4c6Bd
+cdrdfbw6QzEUIYY=
+-----END CERTIFICATE-----
+
+// Subject: CN=JavaFX 1.0 Runtime,
+//          OU=Java Signed Extensions,
+//          OU=Corporate Object Signing,
+//          O=Sun Microsystems Inc
+// Issuer:  CN=Object Signing CA,
+//          OU=Class 2 OnSite Subscriber CA,
+//          OU=VeriSign Trust Network,
+//          O=Sun Microsystems Inc
+// Serial:  55:c0:e6:44:59:59:79:9e:d9:26:f1:b0:4a:1e:f0:27
+-----BEGIN CERTIFICATE-----
+MIIFezCCBGOgAwIBAgIQVcDmRFlZeZ7ZJvGwSh7wJzANBgkqhkiG9w0BAQUFADCB
+gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT
+aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj
+cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA4MTAwOTAw
+MDAwMFoXDTExMTAwOTIzNTk1OVowgYAxHTAbBgNVBAoUFFN1biBNaWNyb3N5c3Rl
+bXMgSW5jMSEwHwYDVQQLFBhDb3Jwb3JhdGUgT2JqZWN0IFNpZ25pbmcxHzAdBgNV
+BAsUFkphdmEgU2lnbmVkIEV4dGVuc2lvbnMxGzAZBgNVBAMUEkphdmFGWCAxLjAg
+UnVudGltZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM+WDc6+bu+4
+tmAcS/lBtUc02WOt9QZpVsXg9cG2pu/8bUtmDELa8iiYBVFpIs8DU58HLrGQtCUY
+SIAGOVPsOJoN29UKCDWfY9j5JeVhfhMGqk9DwrWhzgsjy4cpZ1pIp+k/fJ8zT8Ul
+aYLpow1vg3UNddsmwz02tN7cOrMw9WYIG4CRYnY1OrtJSfe2pYzheC4zyvR+aiVl
+nang2OtqikSQsNFOFHsLOJFxngy9LrO8evDSu25VTKI6zlWU6/bMeqtztJPN0VOn
+NyUrJZvkxZ207Jg0T693BGSxNC1n+ihztXogql8950M/pEuUbDjylv5FFvlp6DSB
+dDT2MkutmyMCAwEAAaOCAeowggHmMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgeA
+MH8GA1UdHwR4MHYwdKByoHCGbmh0dHA6Ly9vbnNpdGVjcmwudmVyaXNpZ24uY29t
+L1N1bk1pY3Jvc3lzdGVtc0luY0NvcnBvcmF0ZU9iamVjdFNpZ25pbmdKYXZhU2ln
+bmVkRXh0ZW5zaW9uc0NsYXNzQi9MYXRlc3RDUkwuY3JsMB8GA1UdIwQYMBaAFLNH
+K4J+U7Rzyri7Gbe+gU0HlcftMB0GA1UdDgQWBBTjgufVi3XJ3gx1ewsA6Rr7BR4Z
+zjA7BggrBgEFBQcBAQQvMC0wKwYIKwYBBQUHMAGGH2h0dHA6Ly9vbnNpdGUtb2Nz
+cC52ZXJpc2lnbi5jb20wgbUGA1UdIASBrTCBqjA5BgtghkgBhvhFAQcXAjAqMCgG
+CCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMG0GC2CGSAGG
+9wCDfZw/MF4wJwYIKwYBBQUHAgEWG2h0dHBzOi8vd3d3LnN1bi5jb20vcGtpL2Nw
+czAzBggrBgEFBQcCAjAnGiVWYWxpZGF0ZWQgRm9yIFN1biBCdXNpbmVzcyBPcGVy
+YXRpb25zMBMGA1UdJQQMMAoGCCsGAQUFBwMDMA0GCSqGSIb3DQEBBQUAA4IBAQAB
+YVJTTVe7rzyTO4jc3zajErOT/COkdQTfNo0eIX1QbNynFieJvwY/jRzUZwjktIFR
+2p4JtbpHGAtKtjOAOTieQ8xdDOoC1djzpE7/AbMvuvlTavtUKT+F7tPdhfXgWXJV
+6Wbt8jryKyk3zZGiEhauIwZUkfjRkEtffEmZWLUd8c8rURJjfC/XHH2oyurscoxc
+CjX29c9ynxSiS/VvQp1an0HvErGh69N48wj7cj8mtZ1yHzd2XCzSSR1OfTPfk0Pt
+yg51p7yJaFiH21PTZegEL6zyVNOYBTKwwIi2OzpwYalD3uvK6e3OKDrfFCOxu17u
+4PveESbrdyrmvLe7IVez
+-----END CERTIFICATE-----
+
+// Subject: CN=JavaFX Runtime,
+//          OU=Java Signed Extensions,
+//          OU=Corporate Object Signing,
+//          O=Sun Microsystems Inc
+// Issuer:  CN=Object Signing CA,
+//          OU=Class 2 OnSite Subscriber CA,
+//          OU=VeriSign Trust Network,
+//          O=Sun Microsystems Inc
+// Serial:  47:f4:55:f1:da:4a:5e:f9:e3:f7:a8:03:62:17:c0:ff
+-----BEGIN CERTIFICATE-----
+MIIFdjCCBF6gAwIBAgIQR/RV8dpKXvnj96gDYhfA/zANBgkqhkiG9w0BAQUFADCB
+gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT
+aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj
+cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA5MDEyOTAw
+MDAwMFoXDTEyMDEyOTIzNTk1OVowfDEdMBsGA1UEChQUU3VuIE1pY3Jvc3lzdGVt
+cyBJbmMxITAfBgNVBAsUGENvcnBvcmF0ZSBPYmplY3QgU2lnbmluZzEfMB0GA1UE
+CxQWSmF2YSBTaWduZWQgRXh0ZW5zaW9uczEXMBUGA1UEAxQOSmF2YUZYIFJ1bnRp
+bWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCIzd0fAk8mI9ONc6RJ
+aGieioK2FLdXEwj8zL3vdGDVmBwyR1zwYkaOIFFgF9IW/8qc4iAYA5sGUY+0g8q3
+5DuYAxfTzBB5KdaYvbuq6GGnoHIWmTirXY+1friFp8lyXSvtuEaGB1VHaBoZchEg
+k+UgeVDA43dHwcT1Ov3DePczJRUes8T/QHzLX+BxUDG43vjyncCEO/AjqLZxXEz2
+xrNbKLcH3lGMJK7hdbfssUfF5BjC38Hn71HauYlA43b2no+2y0Sjulwzez2YPbDC
+0GLR3TnKtA8dqOrnl5t3DniDbfOBNtBE3VOydJO0XW57Ng1HRXD023nm9ECPY2xp
+0N/pAgMBAAGjggHqMIIB5jAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIHgDB/BgNV
+HR8EeDB2MHSgcqBwhm5odHRwOi8vb25zaXRlY3JsLnZlcmlzaWduLmNvbS9TdW5N
+aWNyb3N5c3RlbXNJbmNDb3Jwb3JhdGVPYmplY3RTaWduaW5nSmF2YVNpZ25lZEV4
+dGVuc2lvbnNDbGFzc0IvTGF0ZXN0Q1JMLmNybDAfBgNVHSMEGDAWgBSzRyuCflO0
+c8q4uxm3voFNB5XH7TAdBgNVHQ4EFgQUvOdd0cKPj+Yik/iOBwTdphh5A+gwOwYI
+KwYBBQUHAQEELzAtMCsGCCsGAQUFBzABhh9odHRwOi8vb25zaXRlLW9jc3AudmVy
+aXNpZ24uY29tMIG1BgNVHSAEga0wgaowOQYLYIZIAYb4RQEHFwIwKjAoBggrBgEF
+BQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYTBtBgtghkgBhvcAg32c
+PzBeMCcGCCsGAQUFBwIBFhtodHRwczovL3d3dy5zdW4uY29tL3BraS9jcHMwMwYI
+KwYBBQUHAgIwJxolVmFsaWRhdGVkIEZvciBTdW4gQnVzaW5lc3MgT3BlcmF0aW9u
+czATBgNVHSUEDDAKBggrBgEFBQcDAzANBgkqhkiG9w0BAQUFAAOCAQEAbGcf2NjL
+AI93HG6ny2BbepaZA1a8xa/R6uUc7xV+Qw6MgLwFD4Q4i6LWUztQDvg9l68MM2/i
+Y9LEi1KM4lcNbK5+D+t9x98wXBiuojXhVdp5ZmC03EyEBbriopdBsmXVLDSu/Y3+
+zowOO5xwpMK3dbgsSDs2Vt0UosD3FTcRaD3GNfOhXMp+o1grHNiXF9YgkmdQbPPZ
+DQ2KBhFPCRJXBGvyKOqno/DTg0sQ3crGH/C4/4t7mnQXWldZotmJUZ0ONc9oD+Q1
+JAaguUKqIwn9yZ093ie+JWHbYNid9IIIPXYgtRxmf9a376WBhqhu56uJftBJ7x9g
+eQ7Lot6CSWCiFw==
+-----END CERTIFICATE-----
+
+// Subject: CN=Solaris INTERNAL DEVELOPMENT USE ONLY,
+//          OU=Solaris Cryptographic Framework,
+//          OU=Corporate Object Signing,
+//          O=Sun Microsystems Inc
+// Issuer:  CN=Object Signing CA,
+//          OU=Class 2 OnSite Subscriber CA,
+//          OU=VeriSign Trust Network,
+//          O=Sun Microsystems Inc
+// Serial:  77:29:77:52:6a:19:7b:9a:a6:a2:c7:99:a0:e1:cd:8c
+-----BEGIN CERTIFICATE-----
+MIIFHjCCBAagAwIBAgIQdyl3UmoZe5qmoseZoOHNjDANBgkqhkiG9w0BAQUFADCB
+gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT
+aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj
+cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA3MDEwNDAw
+MDAwMFoXDTEwMDEwMzIzNTk1OVowgZwxHTAbBgNVBAoUFFN1biBNaWNyb3N5c3Rl
+bXMgSW5jMSEwHwYDVQQLFBhDb3Jwb3JhdGUgT2JqZWN0IFNpZ25pbmcxKDAmBgNV
+BAsUH1NvbGFyaXMgQ3J5cHRvZ3JhcGhpYyBGcmFtZXdvcmsxLjAsBgNVBAMUJVNv
+bGFyaXMgSU5URVJOQUwgREVWRUxPUE1FTlQgVVNFIE9OTFkwgZ8wDQYJKoZIhvcN
+AQEBBQADgY0AMIGJAoGBALbNU4hf3mD5ArDI9pjgioAyvV3bjMPRQdCZniIeGJBp
+odFlSEH+Mh64W1DsY8coeZ7FvvGJkx9IpTMJW9k8w1oJK9UNqHyAQfaYjQyXi3xQ
+LJp62EvYdGfDlwOZejEcR/MbzZG+GOPMMvQj5+xyFDvLXNGfQNTnxw2qnBgCJXjj
+AgMBAAGjggH1MIIB8TAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIHgDCBiQYDVR0f
+BIGBMH8wfaB7oHmGd2h0dHA6Ly9vbnNpdGVjcmwudmVyaXNpZ24uY29tL1N1bk1p
+Y3Jvc3lzdGVtc0luY0NvcnBvcmF0ZU9iamVjdFNpZ25pbmdTb2xhcmlzQ3J5cHRv
+Z3JhcGhpY0ZyYW1ld29ya0NsYXNzQi9MYXRlc3RDUkwuY3JsMB8GA1UdIwQYMBaA
+FLNHK4J+U7Rzyri7Gbe+gU0HlcftMB0GA1UdDgQWBBRpfiGYkehTnsIzuN2H6AFb
+VCZG8jA7BggrBgEFBQcBAQQvMC0wKwYIKwYBBQUHMAGGH2h0dHA6Ly9vbnNpdGUt
+b2NzcC52ZXJpc2lnbi5jb20wgbUGA1UdIASBrTCBqjA5BgtghkgBhvhFAQcXAjAq
+MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMG0GC2CG
+SAGG9wCDfZw/MF4wJwYIKwYBBQUHAgEWG2h0dHBzOi8vd3d3LnN1bi5jb20vcGtp
+L2NwczAzBggrBgEFBQcCAjAnFiVWYWxpZGF0ZWQgRm9yIFN1biBCdXNpbmVzcyBP
+cGVyYXRpb25zMBMGA1UdJQQMMAoGCCsGAQUFBwMDMA0GCSqGSIb3DQEBBQUAA4IB
+AQCG5soy3LFHTFbA8/5SzDRhQoJkHUnOP0t3b6nvX6vZYRp649fje7TQOPRm1pFd
+CZ17J+tggdZwgzTqY4aYpJ00jZaK6pV37q/vgFC/ia6jDs8Q+ly9cEcadBZ5loYg
+cmxp9p57W2MNWx8VA8oFdNtKfF0jUNXbLNtvwGHmgR6YcwLrGN1b6/9Lt9bO3ODl
+FO+ZDwkfQz5ClUVrTx2dGBvKRYFqSG5S8JAfsgYhPvcacUQkA7ExyKvfRXLWVrce
+ZiPpcElbx+819H2sAPvVvparVeAruZGMAtejHZp9NFoowKen5drJp9VxePS4eM49
+3DepB6lKRrNRw66LNQol4ZBz
+-----END CERTIFICATE-----
+
+// Subject: EMAILADDRESS=info@diginotar.nl, CN=DigiNotar Cyber CA,
+//          O=DigiNotar, C=NL
+// Issuer:  CN=GTE CyberTrust Global Root,
+//          OU=GTE CyberTrust Solutions, Inc.,
+//          O=GTE Corporation,
+//          C=US
+// Serial:  120000525 (07:27:10:0D)
+-----BEGIN CERTIFICATE-----
+MIIFWjCCBMOgAwIBAgIEBycQDTANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV
+UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU
+cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds
+b2JhbCBSb290MB4XDTA2MTAwNDEwNTQxMVoXDTExMTAwNDEwNTMxMVowYDELMAkG
+A1UEBhMCTkwxEjAQBgNVBAoTCURpZ2lOb3RhcjEbMBkGA1UEAxMSRGlnaU5vdGFy
+IEN5YmVyIENBMSAwHgYJKoZIhvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCCAiIw
+DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANLOFQotqF6EZ639vu9Gx8i5z3P8
+9DS5+SxD52ATPXrjss87Z2yQrcC5P4RS8DVC3HTcKDu9UrSnrHJFF8bwieu0qiXy
+XUte0dmHutZ9fPXOMp8QM8WxSrtekTHC0OlBwpFkfglBO9uLCDdqqspS3rU5HsCI
+A6U/i5kTYUO1m4Kz7iBvz6FEouova0CfjytXraFTwoUiaZ2gP1HfC0GRDaXhqKpc
+SQhdvd5wQbEPyWNr0380dAIvNFp4dRxoeoFnivPaQPBgY/SSINcDpj2jHmfEhBtB
+pcmM5r3qSLYFFgizNxJa92E89zhvLpfgb1Y4VNMota0Ubi5LZLUnZbd1JQm2Bz2V
+VgIKgmCyc0XgMyZRdJq51FAc9k1bW1JSE1qmf6cO4ehBVGeYjIfVydNsy9NUkgYJ
+NEH3gW8/nsl8dVWw58Gzd+jDxAA1lUBwEEoF3iW7n1mlZLxHYL9g43aLE1Xd4XR6
+uc8kpmp/3mQiRFhogmoQ+T3lPhu5vfwi9GAEibtVbShV+t6OjRshFNc3izR7Tfay
+shDPM7F9HGKZSMsrbHaWVb8ZDR0fu2WqG46ZtcYokOWCLXhQIJr9eS8kf/CJKWn0
+fc1zvrPtTsHR7VJej/e4142HrbLZG1ES/1az4a80fVykeIgQnp0DxqWqoiRR90kU
+xbHuWUOV36toKDA/AgMBAAGjggGGMIIBgjASBgNVHRMBAf8ECDAGAQH/AgEBMFMG
+A1UdIARMMEowSAYJKwYBBAGxPgEAMDswOQYIKwYBBQUHAgEWLWh0dHA6Ly93d3cu
+cHVibGljLXRydXN0LmNvbS9DUFMvT21uaVJvb3QuaHRtbDAOBgNVHQ8BAf8EBAMC
+AQYwgaAGA1UdIwSBmDCBlYAUpgwdn2H/Bxe1vzhG20Mw1Y6wUgaheaR3MHUxCzAJ
+BgNVBAYTAlVTMRgwFgYDVQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdU
+RSBDeWJlclRydXN0IFNvbHV0aW9ucywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVy
+VHJ1c3QgR2xvYmFsIFJvb3SCAgGlMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly93
+d3cucHVibGljLXRydXN0LmNvbS9jZ2ktYmluL0NSTC8yMDE4L2NkcC5jcmwwHQYD
+VR0OBBYEFKv5aN/PSjfXe0WMX3LeQETDZbvCMA0GCSqGSIb3DQEBBQUAA4GBAI9o
+a6VbB7pEZg4cqFwwezPkCiYE/O+eGjjWLqEf0JlHwnVkJP2eOyh2uSYoYZEMbSz4
+BJ98UAHV42mv7xXSRZskCSpmBU8lgcpdvqrBWSeuM46C9990sFWzjvjnN8huqlZE
+9r1TgSOWPbT6MopTZkQloiXGpjwljPDgKAYityZB
+-----END CERTIFICATE-----
+
+// Subject: CN=DigiNotar Cyber CA, O=DigiNotar, C=NL
+// Issuer:  CN=GTE CyberTrust Global Root,
+//          OU=GTE CyberTrust Solutions, Inc.,
+//          O=GTE Corporation,
+//          C=US
+// Serial:  120000505 (07:27:0F:F9)
+-----BEGIN CERTIFICATE-----
+MIIFODCCBKGgAwIBAgIEBycP+TANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV
+UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU
+cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds
+b2JhbCBSb290MB4XDTA2MDkyMDA5NDUzMloXDTEzMDkyMDA5NDQwNlowPjELMAkG
+A1UEBhMCTkwxEjAQBgNVBAoTCURpZ2lOb3RhcjEbMBkGA1UEAxMSRGlnaU5vdGFy
+IEN5YmVyIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0s4VCi2o
+XoRnrf2+70bHyLnPc/z0NLn5LEPnYBM9euOyzztnbJCtwLk/hFLwNULcdNwoO71S
+tKesckUXxvCJ67SqJfJdS17R2Ye61n189c4ynxAzxbFKu16RMcLQ6UHCkWR+CUE7
+24sIN2qqylLetTkewIgDpT+LmRNhQ7WbgrPuIG/PoUSi6i9rQJ+PK1etoVPChSJp
+naA/Ud8LQZENpeGoqlxJCF293nBBsQ/JY2vTfzR0Ai80Wnh1HGh6gWeK89pA8GBj
+9JIg1wOmPaMeZ8SEG0GlyYzmvepItgUWCLM3Elr3YTz3OG8ul+BvVjhU0yi1rRRu
+LktktSdlt3UlCbYHPZVWAgqCYLJzReAzJlF0mrnUUBz2TVtbUlITWqZ/pw7h6EFU
+Z5iMh9XJ02zL01SSBgk0QfeBbz+eyXx1VbDnwbN36MPEADWVQHAQSgXeJbufWaVk
+vEdgv2DjdosTVd3hdHq5zySman/eZCJEWGiCahD5PeU+G7m9/CL0YASJu1VtKFX6
+3o6NGyEU1zeLNHtN9rKyEM8zsX0cYplIyytsdpZVvxkNHR+7Zaobjpm1xiiQ5YIt
+eFAgmv15LyR/8IkpafR9zXO+s+1OwdHtUl6P97jXjYetstkbURL/VrPhrzR9XKR4
+iBCenQPGpaqiJFH3SRTFse5ZQ5Xfq2goMD8CAwEAAaOCAYYwggGCMBIGA1UdEwEB
+/wQIMAYBAf8CAQEwUwYDVR0gBEwwSjBIBgkrBgEEAbE+AQAwOzA5BggrBgEFBQcC
+ARYtaHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL0NQUy9PbW5pUm9vdC5odG1s
+MA4GA1UdDwEB/wQEAwIBBjCBoAYDVR0jBIGYMIGVgBSmDB2fYf8HF7W/OEbbQzDV
+jrBSBqF5pHcwdTELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD0dURSBDb3Jwb3JhdGlv
+bjEnMCUGA1UECxMeR1RFIEN5YmVyVHJ1c3QgU29sdXRpb25zLCBJbmMuMSMwIQYD
+VQQDExpHVEUgQ3liZXJUcnVzdCBHbG9iYWwgUm9vdIICAaUwRQYDVR0fBD4wPDA6
+oDigNoY0aHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL2NnaS1iaW4vQ1JMLzIw
+MTgvY2RwLmNybDAdBgNVHQ4EFgQUq/lo389KN9d7RYxfct5ARMNlu8IwDQYJKoZI
+hvcNAQEFBQADgYEACcpiD427SuDUejUrBi3RKGG2rAH7g0m8rtQvLYauGYOl1h0T
+4he+/jJ06XoUOMqUXvcpAWlxG5Ea/aO7qh3Ke+IW/aGjDvMMX7LhIDGUK16Sdu36
+6bUjpr8KOwOpb1JgVM1f6bcvfKIn/UGDdbYN+3gm87FF6TKVKho1IZXFonU=
+-----END CERTIFICATE-----
+
+// Subject: CN=DigiNotar Cyber CA, O=DigiNotar, C=NL
+// Issuer:  CN=GTE CyberTrust Global Root,
+//          OU=GTE CyberTrust Solutions, Inc.,
+//          O=GTE Corporation,
+//          C=US
+// Serial:  120000515 (07:27:10:03)
+-----BEGIN CERTIFICATE-----
+MIIFODCCBKGgAwIBAgIEBycQAzANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV
+UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU
+cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds
+b2JhbCBSb290MB4XDTA2MDkyNzEwNTMzMloXDTExMDkyNzEwNTIzMFowPjELMAkG
+A1UEBhMCTkwxEjAQBgNVBAoTCURpZ2lOb3RhcjEbMBkGA1UEAxMSRGlnaU5vdGFy
+IEN5YmVyIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0s4VCi2o
+XoRnrf2+70bHyLnPc/z0NLn5LEPnYBM9euOyzztnbJCtwLk/hFLwNULcdNwoO71S
+tKesckUXxvCJ67SqJfJdS17R2Ye61n189c4ynxAzxbFKu16RMcLQ6UHCkWR+CUE7
+24sIN2qqylLetTkewIgDpT+LmRNhQ7WbgrPuIG/PoUSi6i9rQJ+PK1etoVPChSJp
+naA/Ud8LQZENpeGoqlxJCF293nBBsQ/JY2vTfzR0Ai80Wnh1HGh6gWeK89pA8GBj
+9JIg1wOmPaMeZ8SEG0GlyYzmvepItgUWCLM3Elr3YTz3OG8ul+BvVjhU0yi1rRRu
+LktktSdlt3UlCbYHPZVWAgqCYLJzReAzJlF0mrnUUBz2TVtbUlITWqZ/pw7h6EFU
+Z5iMh9XJ02zL01SSBgk0QfeBbz+eyXx1VbDnwbN36MPEADWVQHAQSgXeJbufWaVk
+vEdgv2DjdosTVd3hdHq5zySman/eZCJEWGiCahD5PeU+G7m9/CL0YASJu1VtKFX6
+3o6NGyEU1zeLNHtN9rKyEM8zsX0cYplIyytsdpZVvxkNHR+7Zaobjpm1xiiQ5YIt
+eFAgmv15LyR/8IkpafR9zXO+s+1OwdHtUl6P97jXjYetstkbURL/VrPhrzR9XKR4
+iBCenQPGpaqiJFH3SRTFse5ZQ5Xfq2goMD8CAwEAAaOCAYYwggGCMBIGA1UdEwEB
+/wQIMAYBAf8CAQEwUwYDVR0gBEwwSjBIBgkrBgEEAbE+AQAwOzA5BggrBgEFBQcC
+ARYtaHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL0NQUy9PbW5pUm9vdC5odG1s
+MA4GA1UdDwEB/wQEAwIBBjCBoAYDVR0jBIGYMIGVgBSmDB2fYf8HF7W/OEbbQzDV
+jrBSBqF5pHcwdTELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD0dURSBDb3Jwb3JhdGlv
+bjEnMCUGA1UECxMeR1RFIEN5YmVyVHJ1c3QgU29sdXRpb25zLCBJbmMuMSMwIQYD
+VQQDExpHVEUgQ3liZXJUcnVzdCBHbG9iYWwgUm9vdIICAaUwRQYDVR0fBD4wPDA6
+oDigNoY0aHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL2NnaS1iaW4vQ1JMLzIw
+MTgvY2RwLmNybDAdBgNVHQ4EFgQUq/lo389KN9d7RYxfct5ARMNlu8IwDQYJKoZI
+hvcNAQEFBQADgYEAWcyGZhizJlRP1jjNupZey+yZG6oMDW4Z11boriMHbYPCndBE
+bVh07zmPbZsihOw9w/vm5KbVX5CgxUv4Rhzh/20Faixf3P3bpWg0qgzHVVusNVR/
+P50aKkpdK3hp+QLl56e+lWOddSAINIpmcuyDI1hyuzB+GJEASm9tNU/6rs8=
+-----END CERTIFICATE-----
+
+// Subject: EMAILADDRESS=info@diginotar.nl,
+//          CN=DigiNotar Root CA,
+//          O=DigiNotar, C=NL
+// Issuer:  CN=Entrust.net Secure Server Certification Authority
+//          OU=(c) 1999 Entrust.net Limited,
+//          OU=www.entrust.net/CPS incorp. by ref. (limits liab.),
+//          O=Entrust.net,
+//          C=US,
+// Serial:  1184644297 (46:9C:3C:C9)
+-----BEGIN CERTIFICATE-----
+MIIFSDCCBLGgAwIBAgIERpw8yTANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC
+VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u
+ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc
+KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u
+ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNzA0
+MjYwNTAwMDBaFw0xMzA4MTQyMDEyMzZaMF8xCzAJBgNVBAYTAk5MMRIwEAYDVQQK
+EwlEaWdpTm90YXIxGjAYBgNVBAMTEURpZ2lOb3RhciBSb290IENBMSAwHgYJKoZI
+hvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCCAiIwDQYJKoZIhvcNAQEBBQADggIP
+ADCCAgoCggIBAKywWMEAvdghCAsrmv5uVjAFnxt3kBBBXMMNhxF3joHxynzpjGrt
+OHQ1u9rf+bvACTe0lnOBfTMamDn3k2+Vfz25sXWHulFI6ItwPpUExdi2wxbZiLCx
+hx1w2oa0DxSLes8Q0XQ2ohJ7d4ZKeeZ73wIRaKVOhq40WJskE3hWIiUeAYtLUXH7
+gsxZlmmIWmhTxbkNAjfLS7xmSpB+KgsFB+0WX1WQddhGyRuD4gi+8SPMmR3WKg+D
+IBVYJ4Iu+uIiwkmxuQGBap1tnUB3aHZOISpthECFTnaZfILz87cCWdQmARuO361T
+BtGuGN3isjrL14g4jqxbKbkZ05j5GAPPSIKGZgsbaQ/J6ziIeiYaBUyS1yTUlvKs
+Ui2jR9VS9j/+zoQGcKaqPqLytlY0GFei5IFt58rwatPHkWsCg0F8Fe9rmmRe49A8
+5bHre12G+8vmd0nNo2Xc97mcuOQLX5PPzDAaMhzOHGOVpfnq4XSLnukrqTB7oBgf
+DhgL5Vup09FsHgdnj5FLqYq80maqkwGIspH6MVzVpsFSCAnNCmOi0yKm6KHZOQaX
+9W6NApCMFHs/gM0bnLrEWHIjr7ZWn8Z6QjMpBz+CyeYfBQ3NTCg2i9PIPhzGiO9e
+7olk6R3r2ol+MqZp0d3MiJ/R0MlmIdwGZ8WUepptYkx9zOBkgLKeR46jAgMBAAGj
+ggEmMIIBIjASBgNVHRMBAf8ECDAGAQH/AgEBMCcGA1UdJQQgMB4GCCsGAQUFBwMB
+BggrBgEFBQcDAgYIKwYBBQUHAwQwEQYDVR0gBAowCDAGBgRVHSAAMDMGCCsGAQUF
+BwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMwYD
+VR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9zZXJ2ZXIxLmNy
+bDAdBgNVHQ4EFgQUiGi/4I41xDs4a2L3KDuEgcgM100wCwYDVR0PBAQDAgEGMB8G
+A1UdIwQYMBaAFPAXYhNVPbP/CgBr+1CEl/PtYtAaMBkGCSqGSIb2fQdBAAQMMAob
+BFY3LjEDAgCBMA0GCSqGSIb3DQEBBQUAA4GBAI979rBep8tu3TeLunapgsZ0jtXp
+GDFjKWSk87dj1jCyYi+q/GyDyZ6ZQZNRP0sF+6twscq05lClWNy3TROMp7QeuoLO
+G7Utw3OJaswUtp4YglANMRTHEe3g9ltifUXRH5tSuy7u6yi4LD4WTm5ULP6r/g6l
+0CnjXYb0+b1Fmz6U
+-----END CERTIFICATE-----
+
+// Subject: EMAILADDRESS=info@diginotar.nl,
+//          CN=DigiNotar Root CA,
+//          O=DigiNotar, C=NL
+// Issuer:  CN=Entrust.net Secure Server Certification Authority
+//          OU=(c) 1999 Entrust.net Limited,
+//          OU=www.entrust.net/CPS incorp. by ref. (limits liab.),
+//          O=Entrust.net,
+//          C=US,
+// Serial:  1184640175 (46:9C:2C:AF)
+-----BEGIN CERTIFICATE-----
+MIIFSDCCBLGgAwIBAgIERpwsrzANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC
+VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u
+ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc
+KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u
+ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNzA3
+MjYxNTU3MzlaFw0xMzA4MjYxNjI3MzlaMF8xCzAJBgNVBAYTAk5MMRIwEAYDVQQK
+EwlEaWdpTm90YXIxGjAYBgNVBAMTEURpZ2lOb3RhciBSb290IENBMSAwHgYJKoZI
+hvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCCAiIwDQYJKoZIhvcNAQEBBQADggIP
+ADCCAgoCggIBAKywWMEAvdghCAsrmv5uVjAFnxt3kBBBXMMNhxF3joHxynzpjGrt
+OHQ1u9rf+bvACTe0lnOBfTMamDn3k2+Vfz25sXWHulFI6ItwPpUExdi2wxbZiLCx
+hx1w2oa0DxSLes8Q0XQ2ohJ7d4ZKeeZ73wIRaKVOhq40WJskE3hWIiUeAYtLUXH7
+gsxZlmmIWmhTxbkNAjfLS7xmSpB+KgsFB+0WX1WQddhGyRuD4gi+8SPMmR3WKg+D
+IBVYJ4Iu+uIiwkmxuQGBap1tnUB3aHZOISpthECFTnaZfILz87cCWdQmARuO361T
+BtGuGN3isjrL14g4jqxbKbkZ05j5GAPPSIKGZgsbaQ/J6ziIeiYaBUyS1yTUlvKs
+Ui2jR9VS9j/+zoQGcKaqPqLytlY0GFei5IFt58rwatPHkWsCg0F8Fe9rmmRe49A8
+5bHre12G+8vmd0nNo2Xc97mcuOQLX5PPzDAaMhzOHGOVpfnq4XSLnukrqTB7oBgf
+DhgL5Vup09FsHgdnj5FLqYq80maqkwGIspH6MVzVpsFSCAnNCmOi0yKm6KHZOQaX
+9W6NApCMFHs/gM0bnLrEWHIjr7ZWn8Z6QjMpBz+CyeYfBQ3NTCg2i9PIPhzGiO9e
+7olk6R3r2ol+MqZp0d3MiJ/R0MlmIdwGZ8WUepptYkx9zOBkgLKeR46jAgMBAAGj
+ggEmMIIBIjASBgNVHRMBAf8ECDAGAQH/AgEBMCcGA1UdJQQgMB4GCCsGAQUFBwMB
+BggrBgEFBQcDAgYIKwYBBQUHAwQwEQYDVR0gBAowCDAGBgRVHSAAMDMGCCsGAQUF
+BwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMwYD
+VR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9zZXJ2ZXIxLmNy
+bDAdBgNVHQ4EFgQUiGi/4I41xDs4a2L3KDuEgcgM100wCwYDVR0PBAQDAgEGMB8G
+A1UdIwQYMBaAFPAXYhNVPbP/CgBr+1CEl/PtYtAaMBkGCSqGSIb2fQdBAAQMMAob
+BFY3LjEDAgCBMA0GCSqGSIb3DQEBBQUAA4GBAEa6RcDNcEIGUlkDJUY/pWTds4zh
+xbVkp3wSmpwPFhx5fxTyF4HD2L60jl3aqjTB7gPpsL2Pk5QZlNsi3t4UkCV70UOd
+ueJRN3o/LOtk4+bjXY2lC0qTHbN80VMLqPjmaf9ghSA9hwhskdtMgRsgfd90q5QP
+ZFdYf+hthc3m6IcJ
+-----END CERTIFICATE-----
+
+// Subject: CN=DigiNotar PKIoverheid CA Organisatie - G2,
+//          O=DigiNotar B.V.,
+//          C=NL
+// Issuer:  CN=Staat der Nederlanden Organisatie CA - G2,
+//          O=Staat der Nederlanden,
+//          C=NL
+// Serial:  20001983 (01:31:34:bf)
+-----BEGIN CERTIFICATE-----
+MIIGnDCCBISgAwIBAgIEATE0vzANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJO
+TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMTIwMAYDVQQDDClTdGFh
+dCBkZXIgTmVkZXJsYW5kZW4gT3JnYW5pc2F0aWUgQ0EgLSBHMjAeFw0xMDA1MTIw
+ODUxMzhaFw0yMDAzMjMwOTUwMDRaMFoxCzAJBgNVBAYTAk5MMRcwFQYDVQQKDA5E
+aWdpTm90YXIgQi5WLjEyMDAGA1UEAwwpRGlnaU5vdGFyIFBLSW92ZXJoZWlkIENB
+IE9yZ2FuaXNhdGllIC0gRzIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
+AQCxExkPJ+Zs1FWGS9DsiYpFkXisR71HK+T8RetPtCZzWzfTw3/2497Xo/gtaMUI
+PkuU1uSHJTZrhLUYdPMoWHMvm2rPvAQe9t7dr/xLqvXbZmIlASWC3vKXWhBu3V2p
+IrEEqSNzOvhxrR3PhETrR9Gvbch8KKvH8jd6dF9fxQIUiqNa4xtsAeNdjtlo1vQJ
+GzLckbUs9SDrjANtJkm4k8SFXdjSm69WaswFM8ygQp40VUSca6DUEtArVM23iQ3l
+9uvo+4UBM096a/GdcjOWDveyhKWlJ8Qn8VFzKXe6Z27+TNy04qGhgS85SY1DOBPO
+0KVcwoc6AGdlQiPxNlkKHaNRyLyjlCox3+M88p0aPASw77EKMBNzttfzo0wBdRSF
+eMDXijlYhVD6LubFvs+LP6+PNtQlCS3SD6xyk/K/i9RQs/kVUJuZ9RTZ+4uRozIm
+JqD43ztggYaDeVsr6xM9KTrBbd29no6H1kquNJcF7hSm9tw4fkrpJFQHPZdoN0Zr
+DceoIa8TVOQJavFNRgrJXfubT73e+7dUy7g4nKc5+2otwHuNq6WnV+xKkoozxeEg
+XHPYkJIrgNUPhhhpfDlPhIa890xb89W0yqDC8DciynlSH1PmqvOQsDvd8ij9rOvF
+BiSgydQvD1j9tZ7sD8+yWdCiBHo4aq5y+73wJWKUCacFCwIDAQABo4IBYTCCAV0w
+SAYDVR0gBEEwPzA9BgRVHSAAMDUwMwYIKwYBBQUHAgEWJ2h0dHA6Ly93d3cuZGln
+aW5vdGFyLm5sL2Nwcy9wa2lvdmVyaGVpZDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud
+DwEB/wQEAwIBBjCBhQYDVR0jBH4wfIAUORCLSZJc22ESIM1JnRqO2pxnQLmhXqRc
+MFoxCzAJBgNVBAYTAk5MMR4wHAYDVQQKDBVTdGFhdCBkZXIgTmVkZXJsYW5kZW4x
+KzApBgNVBAMMIlN0YWF0IGRlciBOZWRlcmxhbmRlbiBSb290IENBIC0gRzKCBACY
+lvQwSQYDVR0fBEIwQDA+oDygOoY4aHR0cDovL2NybC5wa2lvdmVyaGVpZC5ubC9E
+b21PcmdhbmlzYXRpZUxhdGVzdENSTC1HMi5jcmwwHQYDVR0OBBYEFLxdlDvZq3sD
+JXNhwtst7vyrj2WhMA0GCSqGSIb3DQEBCwUAA4ICAQCP/C1Mt9kt1R+978v0t2gX
+dZ1O1ffdnPEqJu2forYcA9VTs+wIzzTi48P0tRYvyMO+19NzqwA2+RpKftZj6V5G
+uqW2jhW3oyrYQx3vXcgfgYWzi/f/PPTZ9EYIP5y8HaDZqEzNJVJOCrEg9x/pQ9lU
+RoETmsBedGwqmDLq/He7DaWiMZgifnx859qkrey3LhoZcfhIUNpDjyyE3cFAJ+O1
+8BVOltT4XOOGKUYr1zsH6zh/yIZXl9PvKjPEF1DVZGlrK2tFXl0vF8paTs/D1zk8
+9TufRrmb5w5Jl53W1eMbD+qPAU6aE5RZCgIHSEsaYKt/T+0L2FUNaG9VnGllFULs
+wNzdbKzDFs4LHVabpMTE0i7gD+JEJytQaaTcYuiKISlCbMwAOpZ2m+9AwKRed4Qy
+bCYqOWauXeO5ubIsaB8empADOfCqs6TMSYsYNOk3yXspx4R8b0QVL+xhWQTJRcui
+1lKifH8pktZKxYtCqNT+6tjHhyMY5J16fXNAUpigrm7jBT8FD+Clxm1N7YM3iJzH
+89xCmmq21yFJNnfy7xhPxXDZnunetyuL9Lx+KN8NQMmFXK6dxTH/0FwOtah+8Okv
+uq+IruW10Vilr5xxpykBkINpN4IFuvwJwQhujHg7wzMCgD9EhQgd31VWCK0shS1d
+sQPhrqp0xaTzTro3mHuCuQ==
+-----END CERTIFICATE-----
+
+// Subject: CN=DigiNotar PKIoverheid CA Overheid en Bedrijven,
+//          O=DigiNotar B.V.,
+//          C=NL
+// Issuer:  CN=Staat der Nederlanden Overheid CA
+//          O=Staat der Nederlanden,
+//          C=NL
+// Serial:  20015536 (01:31:69:b0)
+-----BEGIN CERTIFICATE-----
+MIIEiDCCA3CgAwIBAgIEATFpsDANBgkqhkiG9w0BAQUFADBZMQswCQYDVQQGEwJO
+TDEeMBwGA1UEChMVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSowKAYDVQQDEyFTdGFh
+dCBkZXIgTmVkZXJsYW5kZW4gT3ZlcmhlaWQgQ0EwHhcNMDcwNzA1MDg0MjA3WhcN
+MTUwNzI3MDgzOTQ2WjBfMQswCQYDVQQGEwJOTDEXMBUGA1UEChMORGlnaU5vdGFy
+IEIuVi4xNzA1BgNVBAMTLkRpZ2lOb3RhciBQS0lvdmVyaGVpZCBDQSBPdmVyaGVp
+ZCBlbiBCZWRyaWp2ZW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc
+vdKnTmoKuzuiheF/AK2+tDBomAfNoHrElM9x+Yo35FPrV3bMi+Zs/u6HVcg+uwQ5
+AKeAeKxbT370vbhUuHE7BzFJOZNUfCA7eSuPu2GQfbGs5h+QLp1FAalkLU3DL7nn
+UNVOKlyrdnY3Rtd57EKZ96LspIlw3Dgrh6aqJOadkiQbvvb91C8ZF3rmMgeUVAVT
+Q+lsvK9Hy7zL/b07RBKB8WtLu+20z6slTxjSzAL8o0+1QjPLWc0J3NNQ/aB2jKx+
+ZopC9q0ckvO2+xRG603XLzDgbe5bNr5EdLcgBVeFTegAGaL2DOauocBC36esgl3H
+aLcY5olLmmv6znn58yynAgMBAAGjggFQMIIBTDBIBgNVHSAEQTA/MD0GBFUdIAAw
+NTAzBggrBgEFBQcCARYnaHR0cDovL3d3dy5kaWdpbm90YXIubmwvY3BzL3BraW92
+ZXJoZWlkMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMIGABgNVHSME
+eTB3gBQLhtYPd6NosftkCcOIblwEHFfpPaFZpFcwVTELMAkGA1UEBhMCTkwxHjAc
+BgNVBAoTFVN0YWF0IGRlciBOZWRlcmxhbmRlbjEmMCQGA1UEAxMdU3RhYXQgZGVy
+IE5lZGVybGFuZGVuIFJvb3QgQ0GCBACYmnkwPQYDVR0fBDYwNDAyoDCgLoYsaHR0
+cDovL2NybC5wa2lvdmVyaGVpZC5ubC9Eb21PdkxhdGVzdENSTC5jcmwwHQYDVR0O
+BBYEFEwIyY128ZjHPt881y91DbF2eZfMMA0GCSqGSIb3DQEBBQUAA4IBAQAMlIca
+v03jheLu19hjeQ5Q38aEW9K72fUxCho1l3TfFPoqDz7toOMI9tVOW6+mriXiRWsi
+D7dUKH6S3o0UbNEc5W50BJy37zRERd/Jgx0ZH8Apad+J1T/CsFNt5U4X5HNhIxMm
+cUP9TFnLw98iqiEr2b+VERqKpOKrp11Lbyn1UtHk0hWxi/7wA8+nfemZhzizDXMU
+5HIs4c71rQZIZPrTKbmi2Lv01QulQERDjqC/zlqlUkxk0xcxYczopIro5Ij76eUv
+BjMzm5RmZrGrUDqhCYF0U1onuabSJc/Tw6f/ltAv6uAejVLpGBwgCkegllYOQJBR
+RKwa/fHuhR/3Qlpl
+-----END CERTIFICATE-----
+
+// Subject: CN=DigiNotar PKIoverheid CA Overheid
+//          O=DigiNotar B.V.,
+//          C=NL
+// Issuer:  CN=Staat der Nederlanden Overheid CA
+//          O=Staat der Nederlanden,
+//          C=NL
+// Serial:  20006006 (01:31:44:76)
+-----BEGIN CERTIFICATE-----
+MIIEezCCA2OgAwIBAgIEATFEdjANBgkqhkiG9w0BAQUFADBZMQswCQYDVQQGEwJO
+TDEeMBwGA1UEChMVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSowKAYDVQQDEyFTdGFh
+dCBkZXIgTmVkZXJsYW5kZW4gT3ZlcmhlaWQgQ0EwHhcNMDQwNjI0MDgxOTMyWhcN
+MTAwNjIzMDgxNzM2WjBSMQswCQYDVQQGEwJOTDEXMBUGA1UEChMORGlnaU5vdGFy
+IEIuVi4xKjAoBgNVBAMTIURpZ2lOb3RhciBQS0lvdmVyaGVpZCBDQSBPdmVyaGVp
+ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANSlrubta5tlOjVCi/gb
+yLCvRqfBjxG8H594VcKHu0WAYc99SPZF9cycj5mw2GyfQvy/WIrGrL4iyNq1gSqR
+0QA/mTXKZIaPqzpDhdm+VvrKkmjrbZfaQxgMSs3ChtBsjcP9Lc0X1zXZ4Q8nBe3k
+BTp+zehINfmbjoEgXLxsMR5RQ6GxzKjuC04PQpbJQgTIakglKaqYcDDZbEscWgPV
+Hgj/2aoHlj6leW/ThHZ+O41jUguEmBLZA3mu3HrCfrHntb5dPt0ihzSx7GtD/SaX
+5HBLxnP189YuqMk5iRA95CtiSdKauvon/xRKRLNgG6XAz0ctSoY7xLDdiBVU5kJd
+FScCAwEAAaOCAVAwggFMMEgGA1UdIARBMD8wPQYEVR0gADA1MDMGCCsGAQUFBwIB
+FidodHRwOi8vd3d3LmRpZ2lub3Rhci5ubC9jcHMvcGtpb3ZlcmhlaWQwDwYDVR0T
+AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwgYAGA1UdIwR5MHeAFAuG1g93o2ix
++2QJw4huXAQcV+k9oVmkVzBVMQswCQYDVQQGEwJOTDEeMBwGA1UEChMVU3RhYXQg
+ZGVyIE5lZGVybGFuZGVuMSYwJAYDVQQDEx1TdGFhdCBkZXIgTmVkZXJsYW5kZW4g
+Um9vdCBDQYIEAJiaeTA9BgNVHR8ENjA0MDKgMKAuhixodHRwOi8vY3JsLnBraW92
+ZXJoZWlkLm5sL0RvbU92TGF0ZXN0Q1JMLmNybDAdBgNVHQ4EFgQUvRaYQh2+kdE9
+wpcl4CjXWOC1f+IwDQYJKoZIhvcNAQEFBQADggEBAGhQsCWLiaN2EOhPAW+JQP6o
+XBOrLv5w6joahzBFVn1BiefzmlMKjibqKYxURRvMAsMkh82/MfL8V0w6ugxl81lu
+i42dcxl9cKSVXKMw4bbBzJ2VQI5HTIABwefeNuy/eX6idVwYdt3ajAH7fUA8Q9Cq
+vr6H8B+8mwoEqTVTEVlCSsC/EXsokYEUr06PPzRudKjDmijgj7zFaIioZNc8hk7g
+ufEgrs/tmcNGylrwRHgCXjCRBt2NHlZ08l7A1AGU8HcHlSbG9Un/2q9kVHUkps0D
+gtUaEK+x6jpAu/R8Ojezu/+ZEcwwjI/KOhG+84+ejFmtyEkrUdsAdEdLf/2dKsw=
+-----END CERTIFICATE-----
+
+// Subject: EMAILADDRESS=info@diginotar.nl,
+//          CN=DigiNotar Services 1024 CA
+//          O=DigiNotar, C=NL
+// Issuer:  CN=Entrust.net Secure Server Certification Authority,
+//          OU=(c) 1999 Entrust.net Limited,
+//          OU=www.entrust.net/CPS incorp. by ref. (limits liab.),
+//          O=Entrust.net,
+//          C=US
+// Serial:  1184640176 (46:9c:2c:b0)
+-----BEGIN CERTIFICATE-----
+MIIDzTCCAzagAwIBAgIERpwssDANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC
+VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u
+ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc
+KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u
+ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNzA3
+MjYxNTU5MDBaFw0xMzA4MjYxNjI5MDBaMGgxCzAJBgNVBAYTAk5MMRIwEAYDVQQK
+EwlEaWdpTm90YXIxIzAhBgNVBAMTGkRpZ2lOb3RhciBTZXJ2aWNlcyAxMDI0IENB
+MSAwHgYJKoZIhvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEA2ptNXTz50eKLxsYIIMXZHkjsZlhneWIrQWP0iY1o2q+4
+lDaLGSSkoJPSmQ+yrS01Tc0vauH5mxkrvAQafi09UmTN8T5nD4ku6PJPrqYIoYX+
+oakJ5sarPkP8r3oDkdqmOaZh7phPGKjTs69mgumfvN1y+QYEvRLZGCTnq5NTi1kC
+AwEAAaOCASYwggEiMBIGA1UdEwEB/wQIMAYBAf8CAQAwJwYDVR0lBCAwHgYIKwYB
+BQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBDARBgNVHSAECjAIMAYGBFUdIAAwMwYI
+KwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5lbnRydXN0Lm5l
+dDAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmVudHJ1c3QubmV0L3NlcnZl
+cjEuY3JsMB0GA1UdDgQWBBT+3JRJDG/vXH/G8RKZTxZJrfuCZTALBgNVHQ8EBAMC
+AQYwHwYDVR0jBBgwFoAU8BdiE1U9s/8KAGv7UISX8+1i0BowGQYJKoZIhvZ9B0EA
+BAwwChsEVjcuMQMCAIEwDQYJKoZIhvcNAQEFBQADgYEAY3RqN6k/lpxmyFisCcnv
+9WWUf6MCxDgxvV0jh+zUVrLJsm7kBQb87PX6iHBZ1O7m3bV6oKNgLwIMq94SXa/w
+NUuqikeRGvWFLELHHe+VQ7NeuJWTpdrFKKqtci0xrZlrbP+MISevrZqRK8fdWMNu
+B8WfedLHjFW/TMcnXlEWKz4=
+-----END CERTIFICATE-----
+
+// Subject: CN=Buster Paper Comercial Ltda,
+//          O=Buster Paper Comercial Ltda,
+//          L=S?o Jos? Dos Campos,
+//          ST=S?o Paulo,
+//          C=BR
+// Issuer:  CN=DigiCert Assured ID Code Signing CA-1,
+//          OU=www.digicert.com,
+//          O=DigiCert Inc,
+//          C=US
+// Serial:  07:b4:4c:db:ff:fb:78:de:05:f4:26:16:72:a6:73:12
+-----BEGIN CERTIFICATE-----
+MIIGwzCCBaugAwIBAgIQB7RM2//7eN4F9CYWcqZzEjANBgkqhkiG9w0BAQUFADBv
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMS4wLAYDVQQDEyVEaWdpQ2VydCBBc3N1cmVkIElEIENv
+ZGUgU2lnbmluZyBDQS0xMB4XDTEzMDExNzAwMDAwMFoXDTE0MDEyMjEyMDAwMFow
+gY4xCzAJBgNVBAYTAkJSMRMwEQYDVQQIDApTw6NvIFBhdWxvMR4wHAYDVQQHDBVT
+w6NvIEpvc8OpIERvcyBDYW1wb3MxJDAiBgNVBAoTG0J1c3RlciBQYXBlciBDb21l
+cmNpYWwgTHRkYTEkMCIGA1UEAxMbQnVzdGVyIFBhcGVyIENvbWVyY2lhbCBMdGRh
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzO0l6jWIpEfO2oUpVHpL
+HETj5lzivNb0S9jKHgGJax917czh81PnGTxwxFXd6gLJuy/XFHvmiSi8g8jzlymn
+2Ji5zQ3CPaz7nomJokSUDlMVJ2qYWtctw4jrdjuI4qtn+koXXUFkWjkf8h8251I4
+tUs7S49HE2Go5owCYP3byajj7fsFAYR/Xb7TdVtndkZsUB/YgOjHovyACjouaNCi
+mDiRyQ6zLLjZGiyeD65Yiseuhp5b8/BL5h1p7w76QYMYMVQNAdtDKut2R8MBpuWf
+Ny7Eoi0x/gm1p9X5Rcl5aN7K0G4UtTAJKbkuUfXddsyFoM0Nx8uo8SgNQ8Y/X5Jx
+BwIDAQABo4IDOTCCAzUwHwYDVR0jBBgwFoAUe2jOKarAF75JeuHlP9an90WPNTIw
+HQYDVR0OBBYEFFLZ3n5nt/Eer7n1bvtOqMb1qKO5MA4GA1UdDwEB/wQEAwIHgDAT
+BgNVHSUEDDAKBggrBgEFBQcDAzBzBgNVHR8EbDBqMDOgMaAvhi1odHRwOi8vY3Js
+My5kaWdpY2VydC5jb20vYXNzdXJlZC1jcy0yMDExYS5jcmwwM6AxoC+GLWh0dHA6
+Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9hc3N1cmVkLWNzLTIwMTFhLmNybDCCAcQGA1Ud
+IASCAbswggG3MIIBswYJYIZIAYb9bAMBMIIBpDA6BggrBgEFBQcCARYuaHR0cDov
+L3d3dy5kaWdpY2VydC5jb20vc3NsLWNwcy1yZXBvc2l0b3J5Lmh0bTCCAWQGCCsG
+AQUFBwICMIIBVh6CAVIAQQBuAHkAIAB1AHMAZQAgAG8AZgAgAHQAaABpAHMAIABD
+AGUAcgB0AGkAZgBpAGMAYQB0AGUAIABjAG8AbgBzAHQAaQB0AHUAdABlAHMAIABh
+AGMAYwBlAHAAdABhAG4AYwBlACAAbwBmACAAdABoAGUAIABEAGkAZwBpAEMAZQBy
+AHQAIABDAFAALwBDAFAAUwAgAGEAbgBkACAAdABoAGUAIABSAGUAbAB5AGkAbgBn
+ACAAUABhAHIAdAB5ACAAQQBnAHIAZQBlAG0AZQBuAHQAIAB3AGgAaQBjAGgAIABs
+AGkAbQBpAHQAIABsAGkAYQBiAGkAbABpAHQAeQAgAGEAbgBkACAAYQByAGUAIABp
+AG4AYwBvAHIAcABvAHIAYQB0AGUAZAAgAGgAZQByAGUAaQBuACAAYgB5ACAAcgBl
+AGYAZQByAGUAbgBjAGUALjCBggYIKwYBBQUHAQEEdjB0MCQGCCsGAQUFBzABhhho
+dHRwOi8vb2NzcC5kaWdpY2VydC5jb20wTAYIKwYBBQUHMAKGQGh0dHA6Ly9jYWNl
+cnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRENvZGVTaWduaW5nQ0Et
+MS5jcnQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQUFAAOCAQEAPTTQvpOIikXI
+hTLnNbajaFRR5GhQpTzUNgBfF9VYSlNw/wMjpGsrh5RxaJCip52jbehmTgjMRhft
+jRYyml44PAVsCcR9uEoDpCZYpI1fHI1R+F8jd1C9rqprbSwwOG4xlg4SmvTHYs6e
+gBItQ/1p9XY+Sf4Wv1qOuOFL1qvV/5VyR2zdlOQCmKCeMgxt6a/tHLBDiAA67D44
+/vfdoNJl0CU2It0PO60jdCPFNWIRcxL+OSDqAoePeUC7xQ+JsTEIxuUE8+d6w6fc
+BV2mYb1flh22t46GLjh4gyo7xw3aL6L0L0jzlTT6IcEw6NIbaPbIKj/npQnHobYj
+XMuKLxbh7g==
+-----END CERTIFICATE-----
+
+// Subject: CN=BUSTER ASSISTENCIA TECNICA ELETRONICA LTDA - ME,
+//          O=BUSTER ASSISTENCIA TECNICA ELETRONICA LTDA - ME,
+//          L=S?o Paulo,
+//          ST=S?o Paulo,
+//          C=BR
+// Issuer:  CN=DigiCert Assured ID Code Signing CA-1,
+//          OU=www.digicert.com,
+//          O=DigiCert Inc,
+//          C=US
+// Serial:  0a:38:9b:95:ee:73:6d:d1:3b:c0:ed:74:3f:d7:4d:2f
+-----BEGIN CERTIFICATE-----
+MIIG4DCCBcigAwIBAgIQCjible5zbdE7wO10P9dNLzANBgkqhkiG9w0BAQUFADBv
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMS4wLAYDVQQDEyVEaWdpQ2VydCBBc3N1cmVkIElEIENv
+ZGUgU2lnbmluZyBDQS0xMB4XDTEyMTEwOTAwMDAwMFoXDTEzMTExNDEyMDAwMFow
+gasxCzAJBgNVBAYTAkJSMRMwEQYDVQQIDApTw6NvIFBhdWxvMRMwEQYDVQQHDApT
+w6NvIFBhdWxvMTgwNgYDVQQKEy9CVVNURVIgQVNTSVNURU5DSUEgVEVDTklDQSBF
+TEVUUk9OSUNBIExUREEgLSBNRTE4MDYGA1UEAxMvQlVTVEVSIEFTU0lTVEVOQ0lB
+IFRFQ05JQ0EgRUxFVFJPTklDQSBMVERBIC0gTUUwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQDAqNeEs5/B2CTXGjTOkUIdu6jV6qulOZwdw4sefHWYj1UR
+4z6zPk9kjpUgbnb402RFq88QtfInwddZ/wXn9OxMtDd/3TnC7HrhNS7ga79ZFL2V
+JnmzKHum2Yvh0q82QEJ9tHBR2X9VdKpUIH08Zs3k6cWWM1H0YX0cxA/HohhesQJW
+kwJ3urOIJiH/HeByDk8a1NS8safcCxk5vxvW4WvCg43iT09LeHY5Aa8abKw8lqVb
+0tD5ZSIjdmdj3TT1U37iAHLLRM2DXbxfdbhouUX1c5U1ZHAMA67HwjKiseOiDaHj
+NUGbC37C+cgbc9VVM/cURD8WvS0Kj6fQv7F2QtJDAgMBAAGjggM5MIIDNTAfBgNV
+HSMEGDAWgBR7aM4pqsAXvkl64eU/1qf3RY81MjAdBgNVHQ4EFgQU88EXKAyDsh30
+o9+Gu9a4xUy+FSMwDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMD
+MHMGA1UdHwRsMGowM6AxoC+GLWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9hc3N1
+cmVkLWNzLTIwMTFhLmNybDAzoDGgL4YtaHR0cDovL2NybDQuZGlnaWNlcnQuY29t
+L2Fzc3VyZWQtY3MtMjAxMWEuY3JsMIIBxAYDVR0gBIIBuzCCAbcwggGzBglghkgB
+hv1sAwEwggGkMDoGCCsGAQUFBwIBFi5odHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9z
+c2wtY3BzLXJlcG9zaXRvcnkuaHRtMIIBZAYIKwYBBQUHAgIwggFWHoIBUgBBAG4A
+eQAgAHUAcwBlACAAbwBmACAAdABoAGkAcwAgAEMAZQByAHQAaQBmAGkAYwBhAHQA
+ZQAgAGMAbwBuAHMAdABpAHQAdQB0AGUAcwAgAGEAYwBjAGUAcAB0AGEAbgBjAGUA
+IABvAGYAIAB0AGgAZQAgAEQAaQBnAGkAQwBlAHIAdAAgAEMAUAAvAEMAUABTACAA
+YQBuAGQAIAB0AGgAZQAgAFIAZQBsAHkAaQBuAGcAIABQAGEAcgB0AHkAIABBAGcA
+cgBlAGUAbQBlAG4AdAAgAHcAaABpAGMAaAAgAGwAaQBtAGkAdAAgAGwAaQBhAGIA
+aQBsAGkAdAB5ACAAYQBuAGQAIABhAHIAZQAgAGkAbgBjAG8AcgBwAG8AcgBhAHQA
+ZQBkACAAaABlAHIAZQBpAG4AIABiAHkAIAByAGUAZgBlAHIAZQBuAGMAZQAuMIGC
+BggrBgEFBQcBAQR2MHQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0
+LmNvbTBMBggrBgEFBQcwAoZAaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0Rp
+Z2lDZXJ0QXNzdXJlZElEQ29kZVNpZ25pbmdDQS0xLmNydDAMBgNVHRMBAf8EAjAA
+MA0GCSqGSIb3DQEBBQUAA4IBAQAei1QmiXepje8OIfo/WonD4MIXgpPr2dfRaquQ
+A8q63OpTRSveyqdQDCSPpDRF/nvO1Y30yksZvIH1tNBsW5LBdxAKN3lFdBlqBwtE
+Q3jHc0KVVYRJ0FBaGE/PJHmRajscdAhYIcMPhTga0u0tDK+wOHEq3993dfl6yHjA
+XHU2iW5pnk75ZoE39zALD5eKXT8ZXrET5c3XUFJKWA+XuGmdmyzqo0Au49PanBv9
+UlZnabYfqoMArqMS0tGSX4cGgi9/2E+pHG9BX4sFW+ZDumroOA2pxyMWEKjxePEL
+zCOfhbsRWdMLYepauaNZOIMZXmFwcrIl0TGMkTAtATz+XmZc
+-----END CERTIFICATE-----
+
+// Subject: CN=CLEARESULT CONSULTING INC., OU=Corporate IT,
+//          O=CLEARESULT CONSULTING INC., L=Austin, ST=TX, C=US
+// Issuer:  SERIALNUMBER=07969287,
+//          CN=Go Daddy Secure Certification Authority,
+//          OU=http://certificates.godaddy.com/repository,
+//          O="GoDaddy.com, Inc.",
+//          L=Scottsdale,
+//          ST=Arizona,
+//          C=US
+// Serial:  2b:73:43:2a:a8:4f:44
+-----BEGIN CERTIFICATE-----
+MIIFYjCCBEqgAwIBAgIHK3NDKqhPRDANBgkqhkiG9w0BAQUFADCByjELMAkGA1UE
+BhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAY
+BgNVBAoTEUdvRGFkZHkuY29tLCBJbmMuMTMwMQYDVQQLEypodHRwOi8vY2VydGlm
+aWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkxMDAuBgNVBAMTJ0dvIERhZGR5
+IFNlY3VyZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTERMA8GA1UEBRMIMDc5Njky
+ODcwHhcNMTIwMjE1MjEwOTA2WhcNMTQwMjE1MjEwOTA2WjCBjDELMAkGA1UEBgwC
+VVMxCzAJBgNVBAgMAlRYMQ8wDQYDVQQHDAZBdXN0aW4xIzAhBgNVBAoMGkNMRUFS
+RVNVTFQgQ09OU1VMVElORyBJTkMuMRUwEwYDVQQLDAxDb3Jwb3JhdGUgSVQxIzAh
+BgNVBAMMGkNMRUFSRVNVTFQgQ09OU1VMVElORyBJTkMuMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAtIOjCKeAicull+7ZIzt0/4ya3IeXUFlfypqKMLkU
+IbKjn0P5uMj6VE3rlbZr44RCegxvdnR6umBh1c0ZXoN3o+yc0JKcKcLiApmJJ277
+p7IbLwYDhBXRQNoIJm187IOMRPIxsKN4hL91txn9jGBmW+9zKlJlNhR5R7vjwU2E
+jrH/6oqsc9EM2yYpfjlNv6+3jSwAYZCkSWr+27PQOV+YHKmIxtJjX0upFz5FdIrV
+9CCX+L2Kji1THOkSgG4QTbYxmEcHqGViWz8hXLeNXjcbEsPuIiAu3hknxRHfUTE/
+U0Lh0Ug1e3LrJu+WnxM2SmUY4krsZ22c0yWUW9hzWITIjQIDAQABo4IBhzCCAYMw
+DwYDVR0TAQH/BAUwAwEBADATBgNVHSUEDDAKBggrBgEFBQcDAzAOBgNVHQ8BAf8E
+BAMCB4AwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5nb2RhZGR5LmNvbS9n
+ZHM1LTE2LmNybDBTBgNVHSAETDBKMEgGC2CGSAGG/W0BBxcCMDkwNwYIKwYBBQUH
+AgEWK2h0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS8w
+gYAGCCsGAQUFBwEBBHQwcjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZ29kYWRk
+eS5jb20vMEoGCCsGAQUFBzAChj5odHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHku
+Y29tL3JlcG9zaXRvcnkvZ2RfaW50ZXJtZWRpYXRlLmNydDAfBgNVHSMEGDAWgBT9
+rGEyk2xF1uLuhV+auud2mWjM5zAdBgNVHQ4EFgQUDtdeKqeN2QkcbEp1HovFieNB
+XiowDQYJKoZIhvcNAQEFBQADggEBAD74Agw5tvi2aBl4/f/s7/VE/BClzDsKMb9K
+v9qpeC45ZA/jelxV11HKbQnVF194gDb7D2H9OsAsRUy8HVKbXEcc/8dKvwOqb+BC
+2i/EmfjLgmCfezNFtLq8xcPxF3zIRc44vPrK0z4YZsaHdH+yTEJ51p5EMdTqaLaP
+4n5m8LX3RfqlQB9dYFe6dUoYZjKm9d/pIRww3VqfOzjl42Edi1w6dWmBVMx1NZuR
+DBabJH1vJ9Gd+KwxMCmBZ6pQPl28JDimhJhI2LNqU349uADQVV0HJosddN/ARyyI
+LSIQO7BnNVKVG9Iujf33bvPNeg0qNz5qw+rKKq97Pqeum+L5oKU=
+-----END CERTIFICATE-----
--- a/src/share/native/sun/awt/image/jpeg/imageioJPEG.c	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/native/sun/awt/image/jpeg/imageioJPEG.c	Tue Sep 24 14:34:55 2013 -0700
@@ -930,9 +930,10 @@
      * Now fill a complete buffer, or as much of one as the stream
      * will give us if we are near the end.
      */
+    RELEASE_ARRAYS(env, data, src->next_input_byte);
+
     GET_IO_REF(input);
 
-    RELEASE_ARRAYS(env, data, src->next_input_byte);
     ret = (*env)->CallIntMethod(env,
                                 input,
                                 JPEGImageReader_readInputDataID,
@@ -1017,9 +1018,11 @@
         memcpy(sb->buf, src->next_input_byte, offset);
     }
 
+
+    RELEASE_ARRAYS(env, data, src->next_input_byte);
+
     GET_IO_REF(input);
 
-    RELEASE_ARRAYS(env, data, src->next_input_byte);
     buflen = sb->bufferLength - offset;
     if (buflen <= 0) {
         if (!GET_ARRAYS(env, data, &(src->next_input_byte))) {
@@ -1121,9 +1124,10 @@
         return;
     }
 
+    RELEASE_ARRAYS(env, data, src->next_input_byte);
+
     GET_IO_REF(input);
 
-    RELEASE_ARRAYS(env, data, src->next_input_byte);
     ret = (*env)->CallLongMethod(env,
                                  input,
                                  JPEGImageReader_skipInputBytesID,
@@ -2306,10 +2310,10 @@
     JNIEnv *env = (JNIEnv *)JNU_GetEnv(jvm, JNI_VERSION_1_2);
     jobject output = NULL;
 
+    RELEASE_ARRAYS(env, data, (const JOCTET *)(dest->next_output_byte));
+
     GET_IO_REF(output);
 
-    RELEASE_ARRAYS(env, data, (const JOCTET *)(dest->next_output_byte));
-
     (*env)->CallVoidMethod(env,
                            output,
                            JPEGImageWriter_writeOutputDataID,
@@ -2348,10 +2352,10 @@
     if (datacount != 0) {
         jobject output = NULL;
 
+        RELEASE_ARRAYS(env, data, (const JOCTET *)(dest->next_output_byte));
+
         GET_IO_REF(output);
 
-        RELEASE_ARRAYS(env, data, (const JOCTET *)(dest->next_output_byte));
-
         (*env)->CallVoidMethod(env,
                                output,
                                JPEGImageWriter_writeOutputDataID,
--- a/src/share/native/sun/font/layout/SunLayoutEngine.cpp	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/native/sun/font/layout/SunLayoutEngine.cpp	Tue Sep 24 14:34:55 2013 -0700
@@ -179,6 +179,10 @@
   FontInstanceAdapter fia(env, font2d, strike, mat, 72, 72, (le_int32) upem, (TTLayoutTableCache *) layoutTables);
   LEErrorCode success = LE_NO_ERROR;
   LayoutEngine *engine = LayoutEngine::layoutEngineFactory(&fia, script, lang, typo_flags & TYPO_MASK, success);
+  if (engine == NULL) {
+    env->SetIntField(gvdata, gvdCountFID, -1); // flag failure
+    return;
+  }
 
   if (min < 0) min = 0; if (max < min) max = min; /* defensive coding */
   // have to copy, yuck, since code does upcalls now.  this will be soooo slow
--- a/src/share/native/sun/java2d/cmm/lcms/LCMS.c	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/native/sun/java2d/cmm/lcms/LCMS.c	Tue Sep 24 14:34:55 2013 -0700
@@ -94,8 +94,12 @@
 # endif
 #endif
 
+typedef struct lcmsProfile_s {
+    cmsHPROFILE pf;
+} lcmsProfile_t, *lcmsProfile_p;
+
 typedef union storeID_s {    /* store SProfile stuff in a Java Long */
-    cmsHPROFILE pf;
+    lcmsProfile_p lcmsPf;
     cmsHTRANSFORM xf;
     jobject jobj;
     jlong j;
@@ -106,7 +110,6 @@
     jint j;
 } TagSignature_t, *TagSignature_p;
 
-static jfieldID Trans_profileIDs_fID;
 static jfieldID Trans_renderType_fID;
 static jfieldID Trans_ID_fID;
 static jfieldID IL_isIntPacked_fID;
@@ -118,7 +121,6 @@
 static jfieldID IL_width_fID;
 static jfieldID IL_height_fID;
 static jfieldID IL_imageAtOnce_fID;
-static jfieldID PF_ID_fID;
 
 JavaVM *javaVM;
 
@@ -145,6 +147,18 @@
     return JNI_VERSION_1_6;
 }
 
+void LCMS_freeProfile(JNIEnv *env, jlong ptr) {
+    storeID_t sProfile;
+    sProfile.j = ptr;
+
+    if (sProfile.lcmsPf != NULL) {
+        if (sProfile.lcmsPf->pf != NULL) {
+            cmsCloseProfile(sProfile.lcmsPf->pf);
+        }
+        free(sProfile.lcmsPf);
+    }
+}
+
 void LCMS_freeTransform(JNIEnv *env, jlong ID)
 {
     storeID_t sTrans;
@@ -170,7 +184,7 @@
     jlong* ids;
 
     size = (*env)->GetArrayLength (env, profileIDs);
-    ids = (*env)->GetPrimitiveArrayCritical(env, profileIDs, 0);
+    ids = (*env)->GetLongArrayElements(env, profileIDs, 0);
 
 #ifdef _LITTLE_ENDIAN
     /* Reversing data packed into int for LE archs */
@@ -186,6 +200,8 @@
         iccArray = (cmsHPROFILE*) malloc(
             size*2*sizeof(cmsHPROFILE));
         if (iccArray == NULL) {
+            (*env)->ReleaseLongArrayElements(env, profileIDs, ids, 0);
+
             J2dRlsTraceLn(J2D_TRACE_ERROR, "getXForm: iccArray == NULL");
             return 0L;
         }
@@ -197,7 +213,7 @@
         cmsColorSpaceSignature cs;
 
         sTrans.j = ids[i];
-        icc = sTrans.pf;
+        icc = sTrans.lcmsPf->pf;
         iccArray[j++] = icc;
 
         /* Middle non-abstract profiles should be doubled before passing to
@@ -215,13 +231,15 @@
     sTrans.xf = cmsCreateMultiprofileTransform(iccArray, j,
         inFormatter, outFormatter, renderType, 0);
 
-    (*env)->ReleasePrimitiveArrayCritical(env, profileIDs, ids, 0);
+    (*env)->ReleaseLongArrayElements(env, profileIDs, ids, 0);
 
     if (sTrans.xf == NULL) {
         J2dRlsTraceLn(J2D_TRACE_ERROR, "LCMS_createNativeTransform: "
                                        "sTrans.xf == NULL");
-        JNU_ThrowByName(env, "java/awt/color/CMMException",
-                        "Cannot get color transform");
+        if ((*env)->ExceptionOccurred(env) == NULL) {
+            JNU_ThrowByName(env, "java/awt/color/CMMException",
+                            "Cannot get color transform");
+        }
     } else {
         Disposer_AddRecord(env, disposerRef, LCMS_freeTransform, sTrans.j);
     }
@@ -236,20 +254,23 @@
 /*
  * Class:     sun_java2d_cmm_lcms_LCMS
  * Method:    loadProfile
- * Signature: ([B)J
+ * Signature: ([B,Lsun/java2d/cmm/lcms/LCMSProfile;)V
  */
 JNIEXPORT jlong JNICALL Java_sun_java2d_cmm_lcms_LCMS_loadProfileNative
-  (JNIEnv *env, jobject obj, jbyteArray data)
+  (JNIEnv *env, jobject obj, jbyteArray data, jobject disposerRef)
 {
     jbyte* dataArray;
     jint dataSize;
     storeID_t sProf;
+    cmsHPROFILE pf;
 
     if (JNU_IsNull(env, data)) {
         JNU_ThrowIllegalArgumentException(env, "Invalid profile data");
         return 0L;
     }
 
+    sProf.j = 0L;
+
     dataArray = (*env)->GetByteArrayElements (env, data, 0);
     dataSize = (*env)->GetArrayLength (env, data);
 
@@ -258,22 +279,37 @@
         return 0L;
     }
 
-    sProf.pf = cmsOpenProfileFromMem((const void *)dataArray,
+    pf = cmsOpenProfileFromMem((const void *)dataArray,
                                      (cmsUInt32Number) dataSize);
 
     (*env)->ReleaseByteArrayElements (env, data, dataArray, 0);
 
-    if (sProf.pf == NULL) {
+    if (pf == NULL) {
         JNU_ThrowIllegalArgumentException(env, "Invalid profile data");
     } else {
         /* Sanity check: try to save the profile in order
          * to force basic validation.
          */
         cmsUInt32Number pfSize = 0;
-        if (!cmsSaveProfileToMem(sProf.pf, NULL, &pfSize) ||
+        if (!cmsSaveProfileToMem(pf, NULL, &pfSize) ||
             pfSize < sizeof(cmsICCHeader))
         {
             JNU_ThrowIllegalArgumentException(env, "Invalid profile data");
+
+            cmsCloseProfile(pf);
+            pf = NULL;
+        }
+    }
+
+    if (pf != NULL) {
+        // create profile holder
+        sProf.lcmsPf = (lcmsProfile_p)malloc(sizeof(lcmsProfile_t));
+        if (sProf.lcmsPf != NULL) {
+            // register the disposer record
+            sProf.lcmsPf->pf = pf;
+            Disposer_AddRecord(env, disposerRef, LCMS_freeProfile, sProf.j);
+        } else {
+            cmsCloseProfile(pf);
         }
     }
 
@@ -282,37 +318,17 @@
 
 /*
  * Class:     sun_java2d_cmm_lcms_LCMS
- * Method:    freeProfile
- * Signature: (J)V
- */
-JNIEXPORT void JNICALL Java_sun_java2d_cmm_lcms_LCMS_freeProfileNative
-  (JNIEnv *env, jobject obj, jlong id)
-{
-    storeID_t sProf;
-
-    sProf.j = id;
-    if (cmsCloseProfile(sProf.pf) == 0) {
-        J2dRlsTraceLn1(J2D_TRACE_ERROR, "LCMS_freeProfile: cmsCloseProfile(%d)"
-                       "== 0", id);
-        JNU_ThrowByName(env, "java/awt/color/CMMException",
-                        "Cannot close profile");
-    }
-
-}
-
-/*
- * Class:     sun_java2d_cmm_lcms_LCMS
- * Method:    getProfileSize
+ * Method:    getProfileSizeNative
  * Signature: (J)I
  */
-JNIEXPORT jint JNICALL Java_sun_java2d_cmm_lcms_LCMS_getProfileSize
+JNIEXPORT jint JNICALL Java_sun_java2d_cmm_lcms_LCMS_getProfileSizeNative
   (JNIEnv *env, jobject obj, jlong id)
 {
     storeID_t sProf;
     cmsUInt32Number pfSize = 0;
     sProf.j = id;
 
-    if (cmsSaveProfileToMem(sProf.pf, NULL, &pfSize) && ((jint)pfSize > 0)) {
+    if (cmsSaveProfileToMem(sProf.lcmsPf->pf, NULL, &pfSize) && ((jint)pfSize > 0)) {
         return (jint)pfSize;
     } else {
       JNU_ThrowByName(env, "java/awt/color/CMMException",
@@ -323,10 +339,10 @@
 
 /*
  * Class:     sun_java2d_cmm_lcms_LCMS
- * Method:    getProfileData
+ * Method:    getProfileDataNative
  * Signature: (J[B)V
  */
-JNIEXPORT void JNICALL Java_sun_java2d_cmm_lcms_LCMS_getProfileData
+JNIEXPORT void JNICALL Java_sun_java2d_cmm_lcms_LCMS_getProfileDataNative
   (JNIEnv *env, jobject obj, jlong id, jbyteArray data)
 {
     storeID_t sProf;
@@ -338,7 +354,7 @@
     sProf.j = id;
 
     // determine actual profile size
-    if (!cmsSaveProfileToMem(sProf.pf, NULL, &pfSize)) {
+    if (!cmsSaveProfileToMem(sProf.lcmsPf->pf, NULL, &pfSize)) {
         JNU_ThrowByName(env, "java/awt/color/CMMException",
                         "Can not access specified profile.");
         return;
@@ -354,7 +370,7 @@
 
     dataArray = (*env)->GetByteArrayElements (env, data, 0);
 
-    status = cmsSaveProfileToMem(sProf.pf, dataArray, &pfSize);
+    status = cmsSaveProfileToMem(sProf.lcmsPf->pf, dataArray, &pfSize);
 
     (*env)->ReleaseByteArrayElements (env, data, dataArray, 0);
 
@@ -368,7 +384,7 @@
 /* Get profile header info */
 static cmsBool _getHeaderInfo(cmsHPROFILE pf, jbyte* pBuffer, jint bufferSize);
 static cmsBool _setHeaderInfo(cmsHPROFILE pf, jbyte* pBuffer, jint bufferSize);
-static cmsBool _writeCookedTag(cmsHPROFILE pfTarget, cmsTagSignature sig, jbyte *pData, jint size);
+static cmsHPROFILE _writeCookedTag(cmsHPROFILE pfTarget, cmsTagSignature sig, jbyte *pData, jint size);
 
 
 /*
@@ -412,7 +428,7 @@
            return NULL;
         }
 
-        status = _getHeaderInfo(sProf.pf, dataArray, bufSize);
+        status = _getHeaderInfo(sProf.lcmsPf->pf, dataArray, bufSize);
 
         (*env)->ReleaseByteArrayElements (env, data, dataArray, 0);
 
@@ -425,8 +441,8 @@
         return data;
     }
 
-    if (cmsIsTag(sProf.pf, sig.cms)) {
-        tagSize = cmsReadRawTag(sProf.pf, sig.cms, NULL, 0);
+    if (cmsIsTag(sProf.lcmsPf->pf, sig.cms)) {
+        tagSize = cmsReadRawTag(sProf.lcmsPf->pf, sig.cms, NULL, 0);
     } else {
         JNU_ThrowByName(env, "java/awt/color/CMMException",
                         "ICC profile tag not found");
@@ -449,7 +465,7 @@
         return NULL;
     }
 
-    bufSize = cmsReadRawTag(sProf.pf, sig.cms, dataArray, tagSize);
+    bufSize = cmsReadRawTag(sProf.lcmsPf->pf, sig.cms, dataArray, tagSize);
 
     (*env)->ReleaseByteArrayElements (env, data, dataArray, 0);
 
@@ -470,8 +486,10 @@
   (JNIEnv *env, jobject obj, jlong id, jint tagSig, jbyteArray data)
 {
     storeID_t sProf;
+    cmsHPROFILE pfReplace = NULL;
+
     TagSignature_t sig;
-    cmsBool status;
+    cmsBool status = FALSE;
     jbyte* dataArray;
     int tagSize;
 
@@ -493,15 +511,24 @@
     }
 
     if (tagSig == SigHead) {
-        status = _setHeaderInfo(sProf.pf, dataArray, tagSize);
+        status  = _setHeaderInfo(sProf.lcmsPf->pf, dataArray, tagSize);
     } else {
-        status = _writeCookedTag(sProf.pf, sig.cms, dataArray, tagSize);
+        /*
+        * New strategy for generic tags: create a place holder,
+        * dump all existing tags there, dump externally supplied
+        * tag, and return the new profile to the java.
+        */
+        pfReplace = _writeCookedTag(sProf.lcmsPf->pf, sig.cms, dataArray, tagSize);
+        status = (pfReplace != NULL);
     }
 
     (*env)->ReleaseByteArrayElements(env, data, dataArray, 0);
 
     if (!status) {
         JNU_ThrowIllegalArgumentException(env, "Can not write tag data.");
+    } else if (pfReplace != NULL) {
+        cmsCloseProfile(sProf.lcmsPf->pf);
+        sProf.lcmsPf->pf = pfReplace;
     }
 }
 
@@ -624,12 +651,27 @@
 /*
  * Class:     sun_java2d_cmm_lcms_LCMS
  * Method:    getProfileID
- * Signature: (Ljava/awt/color/ICC_Profile;)J
+ * Signature: (Ljava/awt/color/ICC_Profile;)Lsun/java2d/cmm/lcms/LCMSProfile
  */
-JNIEXPORT jlong JNICALL Java_sun_java2d_cmm_lcms_LCMS_getProfileID
+JNIEXPORT jobject JNICALL Java_sun_java2d_cmm_lcms_LCMS_getProfileID
   (JNIEnv *env, jclass cls, jobject pf)
 {
-    return (*env)->GetLongField (env, pf, PF_ID_fID);
+    jfieldID fid = (*env)->GetFieldID (env,
+        (*env)->GetObjectClass(env, pf),
+        "cmmProfile", "Lsun/java2d/cmm/Profile;");
+
+    jclass clsLcmsProfile = (*env)->FindClass(env,
+            "sun/java2d/cmm/lcms/LCMSProfile");
+
+    jobject cmmProfile = (*env)->GetObjectField (env, pf, fid);
+
+    if (JNU_IsNull(env, cmmProfile)) {
+        return NULL;
+    }
+    if ((*env)->IsInstanceOf(env, cmmProfile, clsLcmsProfile)) {
+        return cmmProfile;
+    }
+    return NULL;
 }
 
 /*
@@ -644,7 +686,6 @@
      * corresponding classes to avoid problems with invalidating ids by class
      * unloading
      */
-    Trans_profileIDs_fID = (*env)->GetFieldID (env, Trans, "profileIDs", "[J");
     Trans_renderType_fID = (*env)->GetFieldID (env, Trans, "renderType", "I");
     Trans_ID_fID = (*env)->GetFieldID (env, Trans, "ID", "J");
 
@@ -658,8 +699,6 @@
     IL_offset_fID = (*env)->GetFieldID (env, IL, "offset", "I");
     IL_imageAtOnce_fID = (*env)->GetFieldID (env, IL, "imageAtOnce", "Z");
     IL_nextRowOffset_fID = (*env)->GetFieldID (env, IL, "nextRowOffset", "I");
-
-    PF_ID_fID = (*env)->GetFieldID (env, Pf, "ID", "J");
 }
 
 static cmsBool _getHeaderInfo(cmsHPROFILE pf, jbyte* pBuffer, jint bufferSize)
@@ -714,76 +753,114 @@
   return TRUE;
 }
 
-static cmsBool _writeCookedTag(cmsHPROFILE pfTarget,
-                               cmsTagSignature sig,
+/* Returns new profile handler, if it was created successfully,
+   NULL otherwise.
+   */
+static cmsHPROFILE _writeCookedTag(const cmsHPROFILE pfTarget,
+                               const cmsTagSignature sig,
                                jbyte *pData, jint size)
 {
-    cmsBool status;
     cmsUInt32Number pfSize = 0;
-    cmsUInt8Number* pfBuffer = NULL;
+    const cmsInt32Number tagCount = cmsGetTagCount(pfTarget);
+    cmsInt32Number i;
+    cmsHPROFILE pfSanity = NULL;
+
+    cmsICCHeader hdr = { 0 };
 
     cmsHPROFILE p = cmsCreateProfilePlaceholder(NULL);
-    if (NULL != p) {
-        cmsICCHeader hdr = { 0 };
 
-        /* Populate the placeholder's header according to target profile */
-        hdr.flags = cmsGetHeaderFlags(pfTarget);
-        hdr.renderingIntent = cmsGetHeaderRenderingIntent(pfTarget);
-        hdr.manufacturer = cmsGetHeaderManufacturer(pfTarget);
-        hdr.model = cmsGetHeaderModel(pfTarget);
-        hdr.pcs = cmsGetPCS(pfTarget);
-        hdr.colorSpace = cmsGetColorSpace(pfTarget);
-        hdr.deviceClass = cmsGetDeviceClass(pfTarget);
-        hdr.version = cmsGetEncodedICCversion(pfTarget);
-        cmsGetHeaderAttributes(pfTarget, &hdr.attributes);
-        cmsGetHeaderProfileID(pfTarget, (cmsUInt8Number*)&hdr.profileID);
+    if (NULL == p) {
+        return NULL;
+    }
 
-        cmsSetHeaderFlags(p, hdr.flags);
-        cmsSetHeaderManufacturer(p, hdr.manufacturer);
-        cmsSetHeaderModel(p, hdr.model);
-        cmsSetHeaderAttributes(p, hdr.attributes);
-        cmsSetHeaderProfileID(p, (cmsUInt8Number*)&(hdr.profileID));
-        cmsSetHeaderRenderingIntent(p, hdr.renderingIntent);
-        cmsSetPCS(p, hdr.pcs);
-        cmsSetColorSpace(p, hdr.colorSpace);
-        cmsSetDeviceClass(p, hdr.deviceClass);
-        cmsSetEncodedICCversion(p, hdr.version);
+    // Populate the placeholder's header according to target profile
+    hdr.flags = cmsGetHeaderFlags(pfTarget);
+    hdr.renderingIntent = cmsGetHeaderRenderingIntent(pfTarget);
+    hdr.manufacturer = cmsGetHeaderManufacturer(pfTarget);
+    hdr.model = cmsGetHeaderModel(pfTarget);
+    hdr.pcs = cmsGetPCS(pfTarget);
+    hdr.colorSpace = cmsGetColorSpace(pfTarget);
+    hdr.deviceClass = cmsGetDeviceClass(pfTarget);
+    hdr.version = cmsGetEncodedICCversion(pfTarget);
+    cmsGetHeaderAttributes(pfTarget, &hdr.attributes);
+    cmsGetHeaderProfileID(pfTarget, (cmsUInt8Number*)&hdr.profileID);
 
+    cmsSetHeaderFlags(p, hdr.flags);
+    cmsSetHeaderManufacturer(p, hdr.manufacturer);
+    cmsSetHeaderModel(p, hdr.model);
+    cmsSetHeaderAttributes(p, hdr.attributes);
+    cmsSetHeaderProfileID(p, (cmsUInt8Number*)&(hdr.profileID));
+    cmsSetHeaderRenderingIntent(p, hdr.renderingIntent);
+    cmsSetPCS(p, hdr.pcs);
+    cmsSetColorSpace(p, hdr.colorSpace);
+    cmsSetDeviceClass(p, hdr.deviceClass);
+    cmsSetEncodedICCversion(p, hdr.version);
 
-        if (cmsWriteRawTag(p, sig, pData, size)) {
-            if (cmsSaveProfileToMem(p, NULL, &pfSize)) {
-                pfBuffer = malloc(pfSize);
-                if (pfBuffer != NULL) {
-                    /* load raw profile data into the buffer */
-                    if (!cmsSaveProfileToMem(p, pfBuffer, &pfSize)) {
-                        free(pfBuffer);
-                        pfBuffer = NULL;
-                    }
+    // now write the user supplied tag
+    if (size <= 0 || !cmsWriteRawTag(p, sig, pData, size)) {
+        cmsCloseProfile(p);
+        return NULL;
+    }
+
+    // copy tags from the original profile
+    for (i = 0; i < tagCount; i++) {
+        cmsBool isTagReady = FALSE;
+        const cmsTagSignature s = cmsGetTagSignature(pfTarget, i);
+        const cmsInt32Number tagSize = cmsReadRawTag(pfTarget, s, NULL, 0);
+
+        if (s == sig) {
+            // skip the user supplied tag
+            continue;
+        }
+
+        // read raw tag from the original profile
+        if (tagSize > 0) {
+            cmsUInt8Number* buf = (cmsUInt8Number*)malloc(tagSize);
+            if (buf != NULL) {
+                if (tagSize ==  cmsReadRawTag(pfTarget, s, buf, tagSize)) {
+                    // now we are ready to write the tag
+                    isTagReady = cmsWriteRawTag(p, s, buf, tagSize);
                 }
+                free(buf);
             }
         }
-        cmsCloseProfile(p);
+
+        if (!isTagReady) {
+            cmsCloseProfile(p);
+            return NULL;
+        }
     }
 
-    if (pfBuffer == NULL) {
-        return FALSE;
+    // now we have all tags moved to the new profile.
+    // do some sanity checks: write it to a memory buffer and read again.
+    if (cmsSaveProfileToMem(p, NULL, &pfSize)) {
+        void* buf = malloc(pfSize);
+        if (buf != NULL) {
+            // load raw profile data into the buffer
+            if (cmsSaveProfileToMem(p, buf, &pfSize)) {
+                pfSanity = cmsOpenProfileFromMem(buf, pfSize);
+            }
+            free(buf);
+        }
     }
 
-    /* re-open the placeholder profile */
-    p = cmsOpenProfileFromMem(pfBuffer, pfSize);
-    free(pfBuffer);
-    status = FALSE;
+    if (pfSanity == NULL) {
+        // for some reason, we failed to save and read the updated profile
+        // It likely indicates that the profile is not correct, so we report
+        // a failure here.
+        cmsCloseProfile(p);
+        p =  NULL;
+    } else {
+        // do final check whether we can read and handle the the target tag.
+        const void* pTag = cmsReadTag(pfSanity, sig);
+        if (pTag == NULL) {
+            // the tag can not be cooked
+            cmsCloseProfile(p);
+            p = NULL;
+        }
+        cmsCloseProfile(pfSanity);
+        pfSanity = NULL;
+    }
 
-    if (p != NULL) {
-        /* Note that pCookedTag points to internal structures of the placeholder,
-         * so this data is valid only while the placeholder is open.
-         */
-        void *pCookedTag = cmsReadTag(p, sig);
-        if (pCookedTag != NULL) {
-            status = cmsWriteTag(pfTarget, sig, pCookedTag);
-        }
-        pCookedTag = NULL;
-        cmsCloseProfile(p);
-    }
-    return status;
+    return p;
 }
--- a/src/share/npt/utf.c	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/share/npt/utf.c	Tue Sep 24 14:34:55 2013 -0700
@@ -105,18 +105,24 @@
 
         code = utf16[i];
         if ( code >= 0x0001 && code <= 0x007F ) {
+            if ( outputLen + 1 >= outputMaxLen ) {
+                return -1;
+            }
             output[outputLen++] = code;
         } else if ( code == 0 || ( code >= 0x0080 && code <= 0x07FF ) ) {
+            if ( outputLen + 2 >= outputMaxLen ) {
+                return -1;
+            }
             output[outputLen++] = ((code>>6) & 0x1F) | 0xC0;
             output[outputLen++] = (code & 0x3F) | 0x80;
         } else if ( code >= 0x0800 && code <= 0xFFFF ) {
+            if ( outputLen + 3 >= outputMaxLen ) {
+                return -1;
+            }
             output[outputLen++] = ((code>>12) & 0x0F) | 0xE0;
             output[outputLen++] = ((code>>6) & 0x3F) | 0x80;
             output[outputLen++] = (code & 0x3F) | 0x80;
         }
-        if ( outputLen > outputMaxLen ) {
-            return -1;
-        }
     }
     output[outputLen] = 0;
     return outputLen;
@@ -412,12 +418,15 @@
         unsigned byte;
 
         byte = bytes[i];
-        if ( outputLen >= outputMaxLen ) {
-            return -1;
-        }
         if ( byte <= 0x7f && isprint(byte) && !iscntrl(byte) ) {
+            if ( outputLen + 1 >= outputMaxLen ) {
+                return -1;
+            }
             output[outputLen++] = (char)byte;
         } else {
+            if ( outputLen + 4 >= outputMaxLen ) {
+                return -1;
+            }
             (void)sprintf(output+outputLen,"\\x%02x",byte);
             outputLen += 4;
         }
--- a/src/solaris/classes/sun/font/XRTextRenderer.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/solaris/classes/sun/font/XRTextRenderer.java	Tue Sep 24 14:34:55 2013 -0700
@@ -142,7 +142,7 @@
             }
 
             int maskFormat = containsLCDGlyphs ? XRUtils.PictStandardARGB32 : XRUtils.PictStandardA8;
-            maskBuffer.compositeText(x11sd.picture, 0, maskFormat, eltList);
+            maskBuffer.compositeText(x11sd, (int) gl.getX(), (int) gl.getY(), 0, maskFormat, eltList);
 
             eltList.clear();
         } finally {
--- a/src/solaris/classes/sun/java2d/xr/XRBackendNative.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/solaris/classes/sun/java2d/xr/XRBackendNative.java	Tue Sep 24 14:34:55 2013 -0700
@@ -267,8 +267,9 @@
 
     private static native void
         XRenderCompositeTextNative(int op, int src, int dst,
-                                   long maskFormat, int[] eltArray,
-                                   int[] glyphIDs, int eltCnt, int glyphCnt);
+                                   int srcX, int srcY, long maskFormat,
+                                   int[] eltArray, int[] glyphIDs, int eltCnt,
+                                   int glyphCnt);
 
     public int XRenderCreateGlyphSet(int formatID) {
         return XRenderCreateGlyphSetNative(getFormatPtr(formatID));
@@ -278,11 +279,11 @@
 
     public void XRenderCompositeText(byte op, int src, int dst,
                                      int maskFormatID,
-                                     int src2, int src3, int dst2, int dst3,
+                                     int sx, int sy, int dx, int dy,
                                      int glyphset, GrowableEltArray elts) {
 
         GrowableIntArray glyphs = elts.getGlyphs();
-        XRenderCompositeTextNative(op, src, dst, 0, elts.getArray(),
+        XRenderCompositeTextNative(op, src, dst, sx, sy, 0, elts.getArray(),
                                    glyphs.getArray(), elts.getSize(),
                                    glyphs.getSize());
     }
--- a/src/solaris/classes/sun/java2d/xr/XRCompositeManager.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/solaris/classes/sun/java2d/xr/XRCompositeManager.java	Tue Sep 24 14:34:55 2013 -0700
@@ -285,7 +285,12 @@
         if (xorEnabled) {
             con.GCRectangles(dst.getXid(), dst.getGC(), rects);
         } else {
-            con.renderRectangles(dst.getPicture(), compRule, solidColor, rects);
+            if (rects.getSize() == 1) {
+                con.renderRectangle(dst.getPicture(), compRule, solidColor,
+                        rects.getX(0), rects.getY(0), rects.getWidth(0), rects.getHeight(0));
+            } else {
+                con.renderRectangles(dst.getPicture(), compRule, solidColor, rects);
+            }
         }
     }
 
@@ -295,10 +300,10 @@
                 sy, 0, 0, dx, dy, w, h);
     }
 
-    public void compositeText(int dst, int glyphSet, int maskFormat,
-            GrowableEltArray elts) {
-        con.XRenderCompositeText(compRule, src.picture, dst, maskFormat, 0, 0,
-                0, 0, glyphSet, elts);
+    public void compositeText(XRSurfaceData dst, int sx, int sy,
+            int glyphSet, int maskFormat, GrowableEltArray elts) {
+        con.XRenderCompositeText(compRule, src.picture, dst.picture,
+                maskFormat, sx, sy, 0, 0, glyphSet, elts);
     }
 
     public XRColor getMaskColor() {
--- a/src/solaris/classes/sun/java2d/xr/XRPMBlitLoops.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/solaris/classes/sun/java2d/xr/XRPMBlitLoops.java	Tue Sep 24 14:34:55 2013 -0700
@@ -225,6 +225,9 @@
  * @author Clemens Eisserer
  */
 class XRPMTransformedBlit extends TransformBlit {
+    final Rectangle compositeBounds = new Rectangle();
+    final double[] srcCoords = new double[8];
+    final double[] dstCoords = new double[8];
 
     public XRPMTransformedBlit(SurfaceType srcType, SurfaceType dstType) {
         super(srcType, CompositeType.AnyAlpha, dstType);
@@ -235,61 +238,68 @@
      * method is functionally equal to: Shape shp =
      * xform.createTransformedShape(rect); Rectangle bounds = shp.getBounds();
      * but performs significantly better.
+     * Returns true if the destination shape is parallel to x/y axis
      */
-    public Rectangle getCompositeBounds(AffineTransform tr, int dstx, int dsty, int width, int height) {
-        double[] compBounds = new double[8];
-        compBounds[0] = dstx;
-        compBounds[1] = dsty;
-        compBounds[2] = dstx + width;
-        compBounds[3] = dsty;
-        compBounds[4] = dstx + width;
-        compBounds[5] = dsty + height;
-        compBounds[6] = dstx;
-        compBounds[7] = dsty + height;
+    protected boolean adjustCompositeBounds(AffineTransform tr, int dstx, int dsty, int width, int height) {
+        srcCoords[0] = dstx;
+        srcCoords[1] = dsty;
+        srcCoords[2] = dstx + width;
+        srcCoords[3] = dsty;
+        srcCoords[4] = dstx + width;
+        srcCoords[5] = dsty + height;
+        srcCoords[6] = dstx;
+        srcCoords[7] = dsty + height;
 
-        tr.transform(compBounds, 0, compBounds, 0, 4);
+        tr.transform(srcCoords, 0, dstCoords, 0, 4);
 
-        double minX = Math.min(compBounds[0], Math.min(compBounds[2], Math.min(compBounds[4], compBounds[6])));
-        double minY = Math.min(compBounds[1], Math.min(compBounds[3], Math.min(compBounds[5], compBounds[7])));
-        double maxX = Math.max(compBounds[0], Math.max(compBounds[2], Math.max(compBounds[4], compBounds[6])));
-        double maxY = Math.max(compBounds[1], Math.max(compBounds[3], Math.max(compBounds[5], compBounds[7])));
+        double minX = Math.min(dstCoords[0], Math.min(dstCoords[2], Math.min(dstCoords[4], dstCoords[6])));
+        double minY = Math.min(dstCoords[1], Math.min(dstCoords[3], Math.min(dstCoords[5], dstCoords[7])));
+        double maxX = Math.max(dstCoords[0], Math.max(dstCoords[2], Math.max(dstCoords[4], dstCoords[6])));
+        double maxY = Math.max(dstCoords[1], Math.max(dstCoords[3], Math.max(dstCoords[5], dstCoords[7])));
 
-        minX = Math.floor(minX);
-        minY = Math.floor(minY);
-        maxX = Math.ceil(maxX);
-        maxY = Math.ceil(maxY);
+        minX = Math.round(minX);
+        minY = Math.round(minY);
+        maxX = Math.round(maxX);
+        maxY = Math.round(maxY);
 
-        return new Rectangle((int) minX, (int) minY, (int) (maxX - minX), (int) (maxY - minY));
+        compositeBounds.x = (int) minX;
+        compositeBounds.y = (int) minY;
+        compositeBounds.width = (int) (maxX - minX);
+        compositeBounds.height = (int) (maxY - minY);
+
+        boolean is0or180 = (dstCoords[1] == dstCoords[3]) && (dstCoords[2] == dstCoords[4]);
+        boolean is90or270 = (dstCoords[0] == dstCoords[2]) && (dstCoords[3] == dstCoords[5]);
+
+        return is0or180 || is90or270;
     }
 
-    public void Transform(SurfaceData src, SurfaceData dst, Composite comp, Region clip, AffineTransform xform, int hint, int srcx, int srcy,
-            int dstx, int dsty, int width, int height) {
+    public void Transform(SurfaceData src, SurfaceData dst, Composite comp, Region clip, AffineTransform xform,
+            int hint, int srcx, int srcy, int dstx, int dsty, int width, int height) {
         try {
             SunToolkit.awtLock();
 
+            XRSurfaceData x11sdDst = (XRSurfaceData) dst;
+            XRSurfaceData x11sdSrc = (XRSurfaceData) src;
+
             int filter = XRUtils.ATransOpToXRQuality(hint);
+            boolean isAxisAligned = adjustCompositeBounds(xform, dstx, dsty, width, height);
 
-            XRSurfaceData x11sdDst = (XRSurfaceData) dst;
             x11sdDst.validateAsDestination(null, clip);
-            XRSurfaceData x11sdSrc = (XRSurfaceData) src;
             x11sdDst.maskBuffer.validateCompositeState(comp, null, null, null);
 
-            Rectangle bounds = getCompositeBounds(xform, dstx, dsty, width, height);
-
-            AffineTransform trx = AffineTransform.getTranslateInstance((-bounds.x), (-bounds.y));
+            AffineTransform trx = AffineTransform.getTranslateInstance(-compositeBounds.x, -compositeBounds.y);
             trx.concatenate(xform);
             AffineTransform maskTX = (AffineTransform) trx.clone();
-
             trx.translate(-srcx, -srcy);
 
             try {
                 trx.invert();
             } catch (NoninvertibleTransformException ex) {
                 trx.setToIdentity();
-                System.err.println("Reseted to identity!");
             }
 
-            boolean omitMask = isMaskOmittable(trx, comp, filter);
+            boolean omitMask = (filter == XRUtils.FAST)
+                    || (isAxisAligned && ((AlphaComposite) comp).getAlpha() == 1.0f);
 
             if (!omitMask) {
                 XRMaskImage mask = x11sdSrc.maskBuffer.getMaskImage();
@@ -297,33 +307,17 @@
                 x11sdSrc.validateAsSource(trx, XRUtils.RepeatPad, filter);
                 int maskPicture = mask.prepareBlitMask(x11sdDst, maskTX, width, height);
                 x11sdDst.maskBuffer.con.renderComposite(XRCompositeManager.getInstance(x11sdSrc).getCompRule(), x11sdSrc.picture, maskPicture, x11sdDst.picture,
-                        0, 0, 0, 0, bounds.x, bounds.y, bounds.width, bounds.height);
+                        0, 0, 0, 0, compositeBounds.x, compositeBounds.y, compositeBounds.width, compositeBounds.height);
             } else {
                 int repeat = filter == XRUtils.FAST ? XRUtils.RepeatNone : XRUtils.RepeatPad;
 
                 x11sdSrc.validateAsSource(trx, repeat, filter);
-                x11sdDst.maskBuffer.compositeBlit(x11sdSrc, x11sdDst, 0, 0, bounds.x, bounds.y, bounds.width, bounds.height);
+                x11sdDst.maskBuffer.compositeBlit(x11sdSrc, x11sdDst, 0, 0, compositeBounds.x, compositeBounds.y, compositeBounds.width, compositeBounds.height);
             }
         } finally {
             SunToolkit.awtUnlock();
         }
     }
-
-    /* TODO: Is mask ever omitable??? ... should be for 90 degree rotation and no shear, but we always need to use RepeatPad */
-    protected static boolean isMaskOmittable(AffineTransform trx, Composite comp, int filter) {
-        return (filter == XRUtils.FAST || trx.getTranslateX() == (int) trx.getTranslateX() /*
-                                                                                            * If
-                                                                                            * translate
-                                                                                            * is
-                                                                                            * integer
-                                                                                            * only
-                                                                                            */
-                && trx.getTranslateY() == (int) trx.getTranslateY() && (trx.getShearX() == 0 && trx.getShearY() == 0 // Only
-                // 90 degree
-                // rotation
-                || trx.getShearX() == -trx.getShearY())) && ((AlphaComposite) comp).getAlpha() == 1.0f; // No
-        // ExtraAlpha!=1
-    }
 }
 
 class XrSwToPMBlit extends Blit {
--- a/src/solaris/classes/sun/nio/ch/DevPollArrayWrapper.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/solaris/classes/sun/nio/ch/DevPollArrayWrapper.java	Tue Sep 24 14:34:55 2013 -0700
@@ -26,9 +26,11 @@
 package sun.nio.ch;
 
 import java.io.IOException;
+import java.security.AccessController;
 import java.util.BitSet;
 import java.util.Map;
 import java.util.HashMap;
+import sun.security.action.GetIntegerAction;
 
 
 /**
@@ -78,10 +80,11 @@
     static final int   NUM_POLLFDS   = Math.min(OPEN_MAX-1, 8192);
 
     // Initial size of arrays for fd registration changes
-    private final int INITIAL_PENDING_UPDATE_SIZE = 64;
+    private static final int INITIAL_PENDING_UPDATE_SIZE = 64;
 
     // maximum size of updatesLow
-    private final int MAX_UPDATE_ARRAY_SIZE = Math.min(OPEN_MAX, 64*1024);
+    private static final int MAX_UPDATE_ARRAY_SIZE = AccessController.doPrivileged(
+        new GetIntegerAction("sun.nio.ch.maxUpdateArraySize", Math.min(OPEN_MAX, 64*1024)));
 
     // The pollfd array for results from devpoll driver
     private final AllocatedNativeObject pollArray;
--- a/src/solaris/classes/sun/nio/ch/EPollArrayWrapper.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/solaris/classes/sun/nio/ch/EPollArrayWrapper.java	Tue Sep 24 14:34:55 2013 -0700
@@ -26,9 +26,11 @@
 package sun.nio.ch;
 
 import java.io.IOException;
+import java.security.AccessController;
 import java.util.BitSet;
 import java.util.HashMap;
 import java.util.Map;
+import sun.security.action.GetIntegerAction;
 
 /**
  * Manipulates a native array of epoll_event structs on Linux:
@@ -78,8 +80,8 @@
     private static final int INITIAL_PENDING_UPDATE_SIZE = 64;
 
     // maximum size of updatesLow
-    private static final int MAX_UPDATE_ARRAY_SIZE = Math.min(OPEN_MAX, 64*1024);
-
+    private static final int MAX_UPDATE_ARRAY_SIZE = AccessController.doPrivileged(
+        new GetIntegerAction("sun.nio.ch.maxUpdateArraySize", Math.min(OPEN_MAX, 64*1024)));
 
     // The fd of the epoll driver
     private final int epfd;
@@ -164,6 +166,16 @@
     }
 
     /**
+     * Returns {@code true} if updates for the given key (file
+     * descriptor) are killed.
+     */
+    private boolean isEventsHighKilled(Integer key) {
+        assert key >= MAX_UPDATE_ARRAY_SIZE;
+        Byte value = eventsHigh.get(key);
+        return (value != null && value == KILLED);
+    }
+
+    /**
      * Sets the pending update events for the given file descriptor. This
      * method has no effect if the update events is already set to KILLED,
      * unless {@code force} is {@code true}.
@@ -175,7 +187,7 @@
             }
         } else {
             Integer key = Integer.valueOf(fd);
-            if ((eventsHigh.get(key) != KILLED) || force) {
+            if (!isEventsHighKilled(key) || force) {
                 eventsHigh.put(key, Byte.valueOf(events));
             }
         }
--- a/src/solaris/classes/sun/nio/ch/EventPortWrapper.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/solaris/classes/sun/nio/ch/EventPortWrapper.java	Tue Sep 24 14:34:55 2013 -0700
@@ -25,9 +25,14 @@
 
 package sun.nio.ch;
 
+import java.io.IOException;
+import java.security.AccessController;
+import java.util.BitSet;
+import java.util.HashMap;
+import java.util.Map;
+
 import sun.misc.Unsafe;
-import java.io.IOException;
-import java.util.*;
+import sun.security.action.GetIntegerAction;
 import static sun.nio.ch.SolarisEventPort.*;
 
 /**
@@ -49,7 +54,8 @@
     private final int INITIAL_PENDING_UPDATE_SIZE = 256;
 
     // maximum size of updateArray
-    private final int MAX_UPDATE_ARRAY_SIZE = Math.min(OPEN_MAX, 64*1024);
+    private static final int MAX_UPDATE_ARRAY_SIZE = AccessController.doPrivileged(
+        new GetIntegerAction("sun.nio.ch.maxUpdateArraySize", Math.min(OPEN_MAX, 64*1024)));
 
     // special update status to indicate that it should be ignored
     private static final byte IGNORE = -1;
--- a/src/solaris/native/sun/java2d/x11/XRBackendNative.c	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/solaris/native/sun/java2d/x11/XRBackendNative.c	Tue Sep 24 14:34:55 2013 -0700
@@ -911,8 +911,9 @@
 
 JNIEXPORT void JNICALL
 Java_sun_java2d_xr_XRBackendNative_XRenderCompositeTextNative
- (JNIEnv *env, jclass cls, jint op, jint src, jint dst, jlong maskFmt,
-  jintArray eltArray, jintArray  glyphIDArray, jint eltCnt, jint glyphCnt) {
+ (JNIEnv *env, jclass cls, jint op, jint src, jint dst,
+  jint sx, jint sy, jlong maskFmt, jintArray eltArray,
+  jintArray  glyphIDArray, jint eltCnt, jint glyphCnt) {
     jint i;
     jint *ids;
     jint *elts;
@@ -991,7 +992,7 @@
 
     XRenderCompositeText32(awt_display, op, (Picture) src, (Picture) dst,
                            (XRenderPictFormat *) jlong_to_ptr(maskFmt),
-                            0, 0, 0, 0, xelts, eltCnt);
+                            sx, sy, 0, 0, xelts, eltCnt);
 
     (*env)->ReleasePrimitiveArrayCritical(env, glyphIDArray, ids, JNI_ABORT);
     (*env)->ReleasePrimitiveArrayCritical(env, eltArray, elts, JNI_ABORT);
--- a/src/windows/classes/sun/awt/windows/WPrinterJob.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/windows/classes/sun/awt/windows/WPrinterJob.java	Tue Sep 24 14:34:55 2013 -0700
@@ -179,6 +179,7 @@
     private static final int SET_RES_LOW = 0x00000080;
     private static final int SET_COLOR = 0x00000200;
     private static final int SET_ORIENTATION = 0x00004000;
+    private static final int SET_COLLATED    = 0x00008000;
 
     /**
      * Values must match those defined in wingdi.h & commdlg.h
@@ -189,10 +190,33 @@
     private static final int PD_NOSELECTION = 0x00000004;
     private static final int PD_COLLATE = 0x00000010;
     private static final int PD_PRINTTOFILE = 0x00000020;
-    private static final int DM_ORIENTATION = 0x00000001;
-    private static final int DM_PRINTQUALITY = 0x00000400;
-    private static final int DM_COLOR = 0x00000800;
-    private static final int DM_DUPLEX = 0x00001000;
+    private static final int DM_ORIENTATION   = 0x00000001;
+    private static final int DM_PAPERSIZE     = 0x00000002;
+    private static final int DM_COPIES        = 0x00000100;
+    private static final int DM_DEFAULTSOURCE = 0x00000200;
+    private static final int DM_PRINTQUALITY  = 0x00000400;
+    private static final int DM_COLOR         = 0x00000800;
+    private static final int DM_DUPLEX        = 0x00001000;
+    private static final int DM_YRESOLUTION   = 0x00002000;
+    private static final int DM_COLLATE       = 0x00008000;
+
+    private static final short DMCOLLATE_FALSE  = 0;
+    private static final short DMCOLLATE_TRUE   = 1;
+
+    private static final short DMORIENT_PORTRAIT  = 1;
+    private static final short DMORIENT_LANDSCAPE = 2;
+
+    private static final short DMCOLOR_MONOCHROME = 1;
+    private static final short DMCOLOR_COLOR      = 2;
+
+    private static final short DMRES_DRAFT  = -1;
+    private static final short DMRES_LOW    = -2;
+    private static final short DMRES_MEDIUM = -3;
+    private static final short DMRES_HIGH   = -4;
+
+    private static final short DMDUP_SIMPLEX    = 1;
+    private static final short DMDUP_VERTICAL   = 2;
+    private static final short DMDUP_HORIZONTAL = 3;
 
     /**
      * Pageable MAX pages
@@ -592,13 +616,23 @@
         }
         driverDoesMultipleCopies = false;
         driverDoesCollation = false;
-        setNativePrintService(service.getName());
+        setNativePrintServiceIfNeeded(service.getName());
     }
 
     /* associates this job with the specified native service */
     private native void setNativePrintService(String name)
         throws PrinterException;
 
+    private String lastNativeService = null;
+    private void setNativePrintServiceIfNeeded(String name)
+        throws PrinterException {
+
+        if (name != null && !(name.equals(lastNativeService))) {
+            setNativePrintService(name);
+            lastNativeService = name;
+        }
+    }
+
     public PrintService getPrintService() {
         if (myService == null) {
             String printerName = getNativePrintService();
@@ -616,7 +650,7 @@
             myService = PrintServiceLookup.lookupDefaultPrintService();
             if (myService != null) {
                 try {
-                    setNativePrintService(myService.getName());
+                    setNativePrintServiceIfNeeded(myService.getName());
                 } catch (Exception e) {
                     myService = null;
                 }
@@ -1754,8 +1788,13 @@
         mAttMediaSizeName = ((Win32PrintService)myService).findPaperID(msn);
     }
 
-    private void setWin32MediaAttrib(int dmIndex, int width, int length) {
-       MediaSizeName msn =
+    private void addPaperSize(PrintRequestAttributeSet aset,
+                              int dmIndex, int width, int length) {
+
+        if (aset == null) {
+            return;
+        }
+        MediaSizeName msn =
            ((Win32PrintService)myService).findWin32Media(dmIndex);
         if (msn == null) {
             msn = ((Win32PrintService)myService).
@@ -1763,10 +1802,12 @@
         }
 
         if (msn != null) {
-            if (attributes != null) {
-                attributes.add(msn);
-            }
+            aset.add(msn);
         }
+    }
+
+    private void setWin32MediaAttrib(int dmIndex, int width, int length) {
+        addPaperSize(attributes, dmIndex, width, length);
         mAttMediaSizeName = dmIndex;
     }
 
@@ -1788,7 +1829,7 @@
             // no equivalent predefined value
             mAttMediaTray = 7;              // DMBIN_AUTO
         } else if (attr == MediaTray.TOP) {
-            mAttMediaTray =1;               // DMBIN_UPPER
+            mAttMediaTray = 1;              // DMBIN_UPPER
         } else {
             if (attr instanceof Win32MediaTray) {
                 mAttMediaTray = ((Win32MediaTray)attr).winID;
@@ -1914,6 +1955,254 @@
         }
     }
 
+    private static final class DevModeValues {
+        int dmFields;
+        short copies;
+        short collate;
+        short color;
+        short duplex;
+        short orient;
+        short paper;
+        short bin;
+        short xres_quality;
+        short yres;
+    }
+
+    private void getDevModeValues(PrintRequestAttributeSet aset,
+                                  DevModeValues info) {
+
+        Copies c = (Copies)aset.get(Copies.class);
+        if (c != null) {
+            info.dmFields |= DM_COPIES;
+            info.copies = (short)c.getValue();
+        }
+
+        SheetCollate sc = (SheetCollate)aset.get(SheetCollate.class);
+        if (sc != null) {
+            info.dmFields |= DM_COLLATE;
+            info.collate = (sc == SheetCollate.COLLATED) ?
+                DMCOLLATE_TRUE : DMCOLLATE_FALSE;
+        }
+
+        Chromaticity ch = (Chromaticity)aset.get(Chromaticity.class);
+        if (ch != null) {
+            info.dmFields |= DM_COLOR;
+            if (ch == Chromaticity.COLOR) {
+                info.color = DMCOLOR_COLOR;
+            } else {
+                info.color = DMCOLOR_MONOCHROME;
+            }
+        }
+
+        Sides s = (Sides)aset.get(Sides.class);
+        if (s != null) {
+            info.dmFields |= DM_DUPLEX;
+            if (s == Sides.TWO_SIDED_LONG_EDGE) {
+                info.duplex = DMDUP_VERTICAL;
+            } else if (s == Sides.TWO_SIDED_SHORT_EDGE) {
+                info.duplex = DMDUP_HORIZONTAL;
+            } else { // Sides.ONE_SIDED
+                info.duplex = DMDUP_SIMPLEX;
+            }
+        }
+
+        OrientationRequested or =
+            (OrientationRequested)aset.get(OrientationRequested.class);
+        if (or != null) {
+            info.dmFields |= DM_ORIENTATION;
+            info.orient = (or == OrientationRequested.LANDSCAPE)
+                ? DMORIENT_LANDSCAPE : DMORIENT_PORTRAIT;
+        }
+
+        Media m = (Media)aset.get(Media.class);
+        if (m instanceof MediaSizeName) {
+            info.dmFields |= DM_PAPERSIZE;
+            MediaSizeName msn = (MediaSizeName)m;
+            info.paper =
+                (short)((Win32PrintService)myService).findPaperID(msn);
+        }
+
+        MediaTray mt = null;
+        if (m instanceof MediaTray) {
+            mt = (MediaTray)m;
+        }
+        if (mt == null) {
+            SunAlternateMedia sam =
+                (SunAlternateMedia)aset.get(SunAlternateMedia.class);
+            if (sam != null && (sam.getMedia() instanceof MediaTray)) {
+                mt = (MediaTray)sam.getMedia();
+            }
+        }
+
+        if (mt != null) {
+            info.dmFields |= DM_DEFAULTSOURCE;
+            info.bin = (short)(((Win32PrintService)myService).findTrayID(mt));
+        }
+
+        PrintQuality q = (PrintQuality)aset.get(PrintQuality.class);
+        if (q != null) {
+            info.dmFields |= DM_PRINTQUALITY;
+            if (q == PrintQuality.DRAFT) {
+                info.xres_quality = DMRES_DRAFT;
+            } else if (q == PrintQuality.HIGH) {
+                info.xres_quality = DMRES_HIGH;
+            } else {
+                info.xres_quality = DMRES_MEDIUM;
+            }
+        }
+
+        PrinterResolution r =
+            (PrinterResolution)aset.get(PrinterResolution.class);
+        if (r != null) {
+            info.dmFields |= DM_PRINTQUALITY | DM_YRESOLUTION;
+            info.xres_quality =
+                (short)r.getCrossFeedResolution(PrinterResolution.DPI);
+            info.yres = (short)r.getFeedResolution(PrinterResolution.DPI);
+        }
+    }
+
+    /* This method is called from native to update the values in the
+     * attribute set which originates from the cross-platform dialog,
+     * but updated by the native DocumentPropertiesUI which updates the
+     * devmode. This syncs the devmode back in to the attributes so that
+     * we can update the cross-platform dialog.
+     * The attribute set here is a temporary one installed whilst this
+     * happens,
+     */
+    private final void setJobAttributes(PrintRequestAttributeSet attributes,
+                                        int fields, int values,
+                                        short copies,
+                                        short dmPaperSize,
+                                        short dmPaperWidth,
+                                        short dmPaperLength,
+                                        short dmDefaultSource,
+                                        short xRes,
+                                        short yRes) {
+
+        if (attributes == null) {
+            return;
+        }
+
+        if ((fields & DM_COPIES) != 0) {
+            attributes.add(new Copies(copies));
+        }
+
+        if ((fields & DM_COLLATE) != 0) {
+            if ((values & SET_COLLATED) != 0) {
+                attributes.add(SheetCollate.COLLATED);
+            } else {
+                attributes.add(SheetCollate.UNCOLLATED);
+            }
+        }
+
+        if ((fields & DM_ORIENTATION) != 0) {
+            if ((values & SET_ORIENTATION) != 0) {
+                attributes.add(OrientationRequested.LANDSCAPE);
+            } else {
+                attributes.add(OrientationRequested.PORTRAIT);
+            }
+        }
+
+        if ((fields & DM_COLOR) != 0) {
+            if ((values & SET_COLOR) != 0) {
+                attributes.add(Chromaticity.COLOR);
+            } else {
+                attributes.add(Chromaticity.MONOCHROME);
+            }
+        }
+
+        if ((fields & DM_PRINTQUALITY) != 0) {
+            /* value < 0 indicates quality setting.
+             * value > 0 indicates X resolution. In that case
+             * hopefully we will also find y-resolution specified.
+             * If its not, assume its the same as x-res.
+             * Maybe Java code should try to reconcile this against
+             * the printers claimed set of supported resolutions.
+             */
+            if (xRes < 0) {
+                PrintQuality quality;
+                if ((values & SET_RES_LOW) != 0) {
+                    quality = PrintQuality.DRAFT;
+                } else if ((fields & SET_RES_HIGH) != 0) {
+                    quality = PrintQuality.HIGH;
+                } else {
+                    quality = PrintQuality.NORMAL;
+                }
+                attributes.add(quality);
+            } else if (xRes > 0 && yRes > 0) {
+                attributes.add(
+                    new PrinterResolution(xRes, yRes, PrinterResolution.DPI));
+            }
+        }
+
+        if ((fields & DM_DUPLEX) != 0) {
+            Sides sides;
+            if ((values & SET_DUP_VERTICAL) != 0) {
+                sides = Sides.TWO_SIDED_LONG_EDGE;
+            } else if ((values & SET_DUP_HORIZONTAL) != 0) {
+                sides = Sides.TWO_SIDED_SHORT_EDGE;
+            } else {
+                sides = Sides.ONE_SIDED;
+            }
+            attributes.add(sides);
+        }
+
+        if ((fields & DM_PAPERSIZE) != 0) {
+            addPaperSize(attributes, dmPaperSize, dmPaperWidth, dmPaperLength);
+        }
+
+        if ((fields & DM_DEFAULTSOURCE) != 0) {
+            MediaTray tray =
+                ((Win32PrintService)myService).findMediaTray(dmDefaultSource);
+            attributes.add(new SunAlternateMedia(tray));
+        }
+    }
+
+    private native boolean showDocProperties(long hWnd,
+                                             PrintRequestAttributeSet aset,
+                                             int dmFields,
+                                             short copies,
+                                             short collate,
+                                             short color,
+                                             short duplex,
+                                             short orient,
+                                             short paper,
+                                             short bin,
+                                             short xres_quality,
+                                             short yres);
+
+    @SuppressWarnings("deprecation")
+    public PrintRequestAttributeSet
+        showDocumentProperties(Window owner,
+                               PrintService service,
+                               PrintRequestAttributeSet aset)
+    {
+        try {
+            setNativePrintServiceIfNeeded(service.getName());
+        } catch (PrinterException e) {
+        }
+        long hWnd = ((WWindowPeer)(owner.getPeer())).getHWnd();
+        DevModeValues info = new DevModeValues();
+        getDevModeValues(aset, info);
+        boolean ok =
+            showDocProperties(hWnd, aset,
+                              info.dmFields,
+                              info.copies,
+                              info.collate,
+                              info.color,
+                              info.duplex,
+                              info.orient,
+                              info.paper,
+                              info.bin,
+                              info.xres_quality,
+                              info.yres);
+
+        if (ok) {
+            return aset;
+        } else {
+            return null;
+        }
+    }
 
     /* Printer Resolution. See also getXRes() and getYRes() */
     private final void setResolutionDPI(int xres, int yres) {
@@ -1956,7 +2245,7 @@
         }
     //** END Functions called by native code for querying/updating attributes
 
-   }
+    }
 
 class PrintToFileErrorDialog extends Dialog implements ActionListener{
     public PrintToFileErrorDialog(Frame parent, String title, String message,
--- a/src/windows/classes/sun/print/Win32MediaTray.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/windows/classes/sun/print/Win32MediaTray.java	Tue Sep 24 14:34:55 2013 -0700
@@ -70,6 +70,10 @@
         winEnumTable.add(this);
     }
 
+    public int getDMBinID() {
+        return winID;
+    }
+
     private static final String[] myStringTable ={
         "Manual-Envelope",
         "Automatic-Feeder",
--- a/src/windows/classes/sun/print/Win32PrintService.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/windows/classes/sun/print/Win32PrintService.java	Tue Sep 24 14:34:55 2013 -0700
@@ -25,6 +25,8 @@
 
 package sun.print;
 
+import java.awt.Window;
+import java.awt.print.PrinterJob;
 import java.io.File;
 import java.net.URI;
 import java.net.URISyntaxException;
@@ -39,6 +41,7 @@
 import javax.print.attribute.AttributeSetUtilities;
 import javax.print.attribute.EnumSyntax;
 import javax.print.attribute.HashAttributeSet;
+import javax.print.attribute.PrintRequestAttributeSet;
 import javax.print.attribute.PrintServiceAttribute;
 import javax.print.attribute.PrintServiceAttributeSet;
 import javax.print.attribute.HashPrintServiceAttributeSet;
@@ -69,6 +72,7 @@
 import javax.print.attribute.standard.PrinterResolution;
 import javax.print.attribute.standard.SheetCollate;
 import javax.print.event.PrintServiceAttributeListener;
+import sun.awt.windows.WPrinterJob;
 
 public class Win32PrintService implements PrintService, AttributeUpdater,
                                           SunPrinterJobService {
@@ -282,6 +286,22 @@
         return 0;
     }
 
+    public int findTrayID(MediaTray tray) {
+
+        getMediaTrays(); // make sure they are initialised.
+
+        if (tray instanceof Win32MediaTray) {
+            Win32MediaTray winTray = (Win32MediaTray)tray;
+            return winTray.getDMBinID();
+        }
+        for (int id=0; id<dmPaperBinToPrintService.length; id++) {
+            if (tray.equals(dmPaperBinToPrintService[id])) {
+                return id+1; // DMBIN_FIRST = 1;
+            }
+        }
+        return 0; // didn't find the tray
+    }
+
     public MediaTray findMediaTray(int dmBin) {
         if (dmBin >= 1 && dmBin <= dmPaperBinToPrintService.length) {
             return dmPaperBinToPrintService[dmBin-1];
@@ -673,7 +693,6 @@
         return arr2;
     }
 
-
     private PrinterIsAcceptingJobs getPrinterIsAcceptingJobs() {
         if (getJobStatus(printer, 2) != 1) {
             return PrinterIsAcceptingJobs.NOT_ACCEPTING_JOBS;
@@ -1596,8 +1615,76 @@
         }
     }
 
-    public ServiceUIFactory getServiceUIFactory() {
-        return null;
+    private Win32DocumentPropertiesUI docPropertiesUI = null;
+
+    private static class Win32DocumentPropertiesUI
+        extends DocumentPropertiesUI {
+
+        Win32PrintService service;
+
+        private Win32DocumentPropertiesUI(Win32PrintService s) {
+            service = s;
+        }
+
+        public PrintRequestAttributeSet
+            showDocumentProperties(PrinterJob job,
+                                   Window owner,
+                                   PrintService service,
+                                   PrintRequestAttributeSet aset) {
+
+            if (!(job instanceof WPrinterJob)) {
+                return null;
+            }
+            WPrinterJob wJob = (WPrinterJob)job;
+            return wJob.showDocumentProperties(owner, service, aset);
+        }
+    }
+
+    private synchronized DocumentPropertiesUI getDocumentPropertiesUI() {
+        return new Win32DocumentPropertiesUI(this);
+    }
+
+    private static class Win32ServiceUIFactory extends ServiceUIFactory {
+
+        Win32PrintService service;
+
+        Win32ServiceUIFactory(Win32PrintService s) {
+            service = s;
+        }
+
+        public Object getUI(int role, String ui) {
+            if (role <= ServiceUIFactory.MAIN_UIROLE) {
+                return null;
+            }
+            if (role == DocumentPropertiesUI.DOCUMENTPROPERTIES_ROLE &&
+                DocumentPropertiesUI.DOCPROPERTIESCLASSNAME.equals(ui))
+            {
+                return service.getDocumentPropertiesUI();
+            }
+            throw new IllegalArgumentException("Unsupported role");
+        }
+
+        public String[] getUIClassNamesForRole(int role) {
+
+            if (role <= ServiceUIFactory.MAIN_UIROLE) {
+                return null;
+            }
+            if (role == DocumentPropertiesUI.DOCUMENTPROPERTIES_ROLE) {
+                String[] names = new String[0];
+                names[0] = DocumentPropertiesUI.DOCPROPERTIESCLASSNAME;
+                return names;
+            }
+            throw new IllegalArgumentException("Unsupported role");
+        }
+    }
+
+    private Win32ServiceUIFactory uiFactory = null;
+
+    public synchronized ServiceUIFactory getServiceUIFactory() {
+        if (uiFactory == null) {
+            uiFactory = new Win32ServiceUIFactory(this);
+        }
+        return uiFactory;
     }
 
     public String toString() {
--- a/src/windows/native/java/lang/ProcessImpl_md.c	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/windows/native/java/lang/ProcessImpl_md.c	Tue Sep 24 14:34:55 2013 -0700
@@ -308,7 +308,11 @@
 
                 if (success) {
                     PROCESS_INFORMATION pi;
-                    DWORD processFlag = CREATE_NO_WINDOW | CREATE_UNICODE_ENVIRONMENT;
+                    DWORD processFlag = CREATE_UNICODE_ENVIRONMENT;
+
+                    /* Suppress popping-up of a console window for non-console applications */
+                    if (GetConsoleWindow() == NULL)
+                        processFlag |= CREATE_NO_WINDOW;
 
                     si.dwFlags = STARTF_USESTDHANDLES;
                     if (!CreateProcessW(
--- a/src/windows/native/sun/windows/awt_PrintControl.cpp	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/windows/native/sun/windows/awt_PrintControl.cpp	Tue Sep 24 14:34:55 2013 -0700
@@ -81,6 +81,7 @@
 jmethodID AwtPrintControl::setNativeAttID;
 jmethodID AwtPrintControl::setRangeCopiesID;
 jmethodID AwtPrintControl::setResID;
+jmethodID AwtPrintControl::setJobAttributesID;
 
 
 BOOL AwtPrintControl::IsSupportedLevel(HANDLE hPrinter, DWORD dwLevel) {
@@ -297,6 +298,10 @@
     AwtPrintControl::setPrinterID =
       env->GetMethodID(cls, "setPrinterNameAttrib", "(Ljava/lang/String;)V");
 
+    AwtPrintControl::setJobAttributesID =
+        env->GetMethodID(cls, "setJobAttributes",
+        "(Ljavax/print/attribute/PrintRequestAttributeSet;IISSSSSSS)V");
+
     DASSERT(AwtPrintControl::driverDoesMultipleCopiesID != NULL);
     DASSERT(AwtPrintControl::getPrintDCID != NULL);
     DASSERT(AwtPrintControl::setPrintDCID != NULL);
@@ -327,6 +332,7 @@
     DASSERT(AwtPrintControl::getSidesID != NULL);
     DASSERT(AwtPrintControl::getSelectID != NULL);
     DASSERT(AwtPrintControl::getPrintToFileEnabledID != NULL);
+    DASSERT(AwtPrintControl::setJobAttributesID != NULL);
 
 
     CATCH_BAD_ALLOC;
--- a/src/windows/native/sun/windows/awt_PrintControl.h	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/windows/native/sun/windows/awt_PrintControl.h	Tue Sep 24 14:34:55 2013 -0700
@@ -47,7 +47,6 @@
     static jmethodID setDevmodeID;
     static jmethodID getDevnamesID;
     static jmethodID setDevnamesID;
-
     static jmethodID getWin32MediaID;
     static jmethodID setWin32MediaID;
     static jmethodID getWin32MediaTrayID;
@@ -73,6 +72,7 @@
     static jmethodID setNativeAttID;
     static jmethodID setRangeCopiesID;
     static jmethodID setResID;
+    static jmethodID setJobAttributesID;
 
     static void initIDs(JNIEnv *env, jclass cls);
     static BOOL FindPrinter(jstring printerName, LPBYTE pPrinterEnum,
--- a/src/windows/native/sun/windows/awt_PrintJob.cpp	Tue Sep 24 14:17:42 2013 -0700
+++ b/src/windows/native/sun/windows/awt_PrintJob.cpp	Tue Sep 24 14:34:55 2013 -0700
@@ -329,6 +329,156 @@
 static int embolden(int currentWeight);
 static BOOL getPrintableArea(HDC pdc, HANDLE hDevMode, RectDouble *margin);
 
+
+
+/************************************************************************
+ * DocumentProperties native support
+ */
+
+/* Values must match those defined in WPrinterJob.java */
+static const DWORD SET_COLOR = 0x00000200;
+static const DWORD SET_ORIENTATION = 0x00004000;
+static const DWORD SET_COLLATED    = 0x00008000;
+static const DWORD SET_DUP_VERTICAL = 0x00000010;
+static const DWORD SET_DUP_HORIZONTAL = 0x00000020;
+static const DWORD SET_RES_HIGH = 0x00000040;
+static const DWORD SET_RES_LOW = 0x00000080;
+
+/*
+ * Copy DEVMODE state back into JobAttributes.
+ */
+
+static void UpdateJobAttributes(JNIEnv *env,
+                                jobject wJob,
+                                jobject attrSet,
+                                DEVMODE *devmode) {
+
+    DWORD dmValues = 0;
+    int xRes = 0, yRes = 0;
+
+    if (devmode->dmFields & DM_COLOR) {
+        if (devmode->dmColor == DMCOLOR_COLOR) {
+            dmValues |= SET_COLOR;
+        }
+    }
+
+    if (devmode->dmFields & DM_ORIENTATION) {
+        if (devmode->dmOrientation == DMORIENT_LANDSCAPE) {
+            dmValues |= SET_ORIENTATION;
+        }
+    }
+
+    if (devmode->dmFields & DM_COLLATE &&
+        devmode->dmCollate == DMCOLLATE_TRUE) {
+            dmValues |= SET_COLLATED;
+    }
+
+    if (devmode->dmFields & DM_PRINTQUALITY) {
+        /* value < 0 indicates quality setting.
+         * value > 0 indicates X resolution. In that case
+         * hopefully we will also find y-resolution specified.
+         * If its not, assume its the same as x-res.
+         * Maybe Java code should try to reconcile this against
+          * the printers claimed set of supported resolutions.
+         */
+        if (devmode->dmPrintQuality < 0) {
+            if (devmode->dmPrintQuality == DMRES_HIGH) {
+                dmValues |= SET_RES_HIGH;
+            } else if ((devmode->dmPrintQuality == DMRES_LOW) ||
+                       (devmode->dmPrintQuality == DMRES_DRAFT)) {
+                dmValues |= SET_RES_LOW;
+            }
+            /* else if (devmode->dmPrintQuality == DMRES_MEDIUM)
+             * will set to NORMAL.
+             */
+        } else {
+            xRes = devmode->dmPrintQuality;
+            yRes = (devmode->dmFields & DM_YRESOLUTION) ?
+                devmode->dmYResolution : devmode->dmPrintQuality;
+        }
+    }
+
+    if (devmode->dmFields & DM_DUPLEX) {
+        if (devmode->dmDuplex == DMDUP_HORIZONTAL) {
+            dmValues |= SET_DUP_HORIZONTAL;
+        } else if (devmode->dmDuplex == DMDUP_VERTICAL) {
+            dmValues |= SET_DUP_VERTICAL;
+        }
+    }
+
+    env->CallVoidMethod(wJob, AwtPrintControl::setJobAttributesID, attrSet,
+                        devmode->dmFields, dmValues, devmode->dmCopies,
+                        devmode->dmPaperSize, devmode->dmPaperWidth,
+                        devmode->dmPaperLength, devmode->dmDefaultSource,
+                        xRes, yRes);
+
+}
+
+JNIEXPORT jboolean JNICALL
+Java_sun_awt_windows_WPrinterJob_showDocProperties(JNIEnv *env,
+                                                   jobject wJob,
+                                                   jlong hWndParent,
+                                                   jobject attrSet,
+                                                   jint dmFields,
+                                                   jshort copies,
+                                                   jshort collate,
+                                                   jshort color,
+                                                   jshort duplex,
+                                                   jshort orient,
+                                                   jshort paper,
+                                                   jshort bin,
+                                                   jshort xres_quality,
+                                                   jshort yres)
+{
+    TRY;
+
+    HGLOBAL hDevMode = AwtPrintControl::getPrintHDMode(env, wJob);
+    HGLOBAL hDevNames = AwtPrintControl::getPrintHDName(env, wJob);
+    DEVMODE *devmode = NULL;
+    DEVNAMES *devnames = NULL;
+    LONG rval = IDCANCEL;
+    jboolean ret = JNI_FALSE;
+
+    if (hDevMode != NULL && hDevNames != NULL) {
+        devmode = (DEVMODE *)::GlobalLock(hDevMode);
+        devnames = (DEVNAMES *)::GlobalLock(hDevNames);
+
+        LPTSTR lpdevnames = (LPTSTR)devnames;
+        // No need to call _tcsdup as we won't unlock until we are done.
+        LPTSTR printerName = lpdevnames+devnames->wDeviceOffset;
+        LPTSTR portName = lpdevnames+devnames->wOutputOffset;
+
+        HANDLE hPrinter;
+        if (::OpenPrinter(printerName, &hPrinter, NULL) == TRUE) {
+            devmode->dmFields |= dmFields;
+            devmode->dmCopies = copies;
+            devmode->dmCollate = collate;
+            devmode->dmColor = color;
+            devmode->dmDuplex = duplex;
+            devmode->dmOrientation = orient;
+            devmode->dmPrintQuality = xres_quality;
+            devmode->dmYResolution = yres;
+            devmode->dmPaperSize = paper;
+            devmode->dmDefaultSource = bin;
+
+            rval = ::DocumentProperties((HWND)hWndParent,
+                           hPrinter, printerName, devmode, devmode,
+                           DM_IN_BUFFER | DM_OUT_BUFFER | DM_IN_PROMPT);
+            if (rval == IDOK) {
+                UpdateJobAttributes(env, wJob, attrSet, devmode);
+                ret = JNI_TRUE;
+            }
+            VERIFY(::ClosePrinter(hPrinter));
+        }
+        ::GlobalUnlock(hDevNames);
+        ::GlobalUnlock(hDevMode);
+    }
+
+    return ret;
+
+    CATCH_BAD_ALLOC_RET(0);
+}
+
 /************************************************************************
  * WPageDialog native methods
  */
@@ -732,7 +882,6 @@
         memset(&pd, 0, sizeof(PRINTDLG));
         pd.lStructSize = sizeof(PRINTDLG);
         pd.Flags = PD_RETURNDEFAULT | PD_RETURNDC;
-
         if (::PrintDlg(&pd)) {
             printDC = pd.hDC;
             hDevMode = pd.hDevMode;
@@ -792,8 +941,19 @@
     jint imgPixelWid = GetDeviceCaps(printDC, HORZRES);
     jint imgPixelHgt = GetDeviceCaps(printDC, VERTRES);
 
+    // The DC may be obtained when we first selected the printer as a
+    // result of a call to setNativePrintService.
+    // If the Devmode was obtained later on from the DocumentProperties dialog
+    // the DC won't have been updated and its settings may be for PORTRAIT.
+    // This may happen in other cases too, but was observed for the above.
+    // To get a DC compatible with this devmode we should really call
+    // CreateDC() again to get a DC for the devmode we are using.
+    // The changes for that are a lot more risk, so to minimise that
+    // risk, assume its not LANDSCAPE unless width > height, even if the
+    // devmode says its LANDSCAPE.
     // if the values were obtained from a rotated device, swap.
-    if (getOrientationFromDevMode2(hDevMode) == DMORIENT_LANDSCAPE) {
+    if ((getOrientationFromDevMode2(hDevMode) == DMORIENT_LANDSCAPE) &&
+        (imgPixelWid > imgPixelHgt)) {
       jint tmp;
       tmp = xPixelRes;
       xPixelRes = yPixelRes;
@@ -941,6 +1101,9 @@
             setBooleanField(env, self, DRIVER_COLLATE_STR, JNI_FALSE);
         }
 
+        if (dmFields & DM_COPIES) {
+            setBooleanField(env, self, DRIVER_COPIES_STR, JNI_TRUE);
+        }
     }
 
     CATCH_BAD_ALLOC;
--- a/test/ProblemList.txt	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/ProblemList.txt	Tue Sep 24 14:34:55 2013 -0700
@@ -166,6 +166,13 @@
 # 8021186
 jdk/lambda/vm/DefaultMethodsTest.java                           generic-all 
 
+# 8024423 - JVMTI: GetLoadedClasses doesn't enumerate anonymous classes 
+demo/jvmti/hprof/HeapAllTest.java                               generic-all
+demo/jvmti/hprof/HeapBinaryFormatTest.java                      generic-all
+demo/jvmti/hprof/HeapDumpTest.java                              generic-all
+demo/jvmti/hprof/OptionsTest.java                               generic-all
+demo/jvmti/hprof/StackMapTableTest.java                         generic-all
+
 ############################################################################
 
 # jdk_net
--- a/test/com/sun/jdi/ExceptionEvents.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/com/sun/jdi/ExceptionEvents.java	Tue Sep 24 14:34:55 2013 -0700
@@ -417,8 +417,12 @@
         request = eventRequestManager().createExceptionRequest(exceptionClass,
                                                                caught, uncaught);
         request.addClassExclusionFilter("java.*");
+        request.addClassExclusionFilter("javax.*");
         request.addClassExclusionFilter("sun.*");
         request.addClassExclusionFilter("com.sun.*");
+        request.addClassExclusionFilter("com.oracle.*");
+        request.addClassExclusionFilter("oracle.*");
+        request.addClassExclusionFilter("jdk.internal.*");
         request.setSuspendPolicy(suspendPolicy);
         request.enable();
 
--- a/test/com/sun/jdi/FilterNoMatch.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/com/sun/jdi/FilterNoMatch.java	Tue Sep 24 14:34:55 2013 -0700
@@ -121,9 +121,13 @@
 
         // We have to filter out all these so that they don't cause the
         // listener to be called.
-        request1.addClassExclusionFilter( "java.*");
-        request1.addClassExclusionFilter( "com.*");
-        request1.addClassExclusionFilter( "sun.*");
+        request1.addClassExclusionFilter("java.*");
+        request1.addClassExclusionFilter("javax.*");
+        request1.addClassExclusionFilter("sun.*");
+        request1.addClassExclusionFilter("com.sun.*");
+        request1.addClassExclusionFilter("com.oracle.*");
+        request1.addClassExclusionFilter("oracle.*");
+        request1.addClassExclusionFilter("jdk.internal.*");
 
         // We want our listener to be called if a pattern does not match.
         // So, here we want patterns that do not match HelloWorld.
--- a/test/com/sun/jdi/JDIScaffold.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/com/sun/jdi/JDIScaffold.java	Tue Sep 24 14:34:55 2013 -0700
@@ -450,8 +450,12 @@
                   requestManager.createStepRequest(thread, gran, depth);
 
         sr.addClassExclusionFilter("java.*");
+        sr.addClassExclusionFilter("javax.*");
         sr.addClassExclusionFilter("sun.*");
         sr.addClassExclusionFilter("com.sun.*");
+        sr.addClassExclusionFilter("com.oracle.*");
+        sr.addClassExclusionFilter("oracle.*");
+        sr.addClassExclusionFilter("jdk.internal.*");
         sr.addCountFilter(1);
         sr.enable();
         StepEvent retEvent = (StepEvent)waitForRequestedEvent(sr);
--- a/test/com/sun/jdi/MethodEntryExitEvents.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/com/sun/jdi/MethodEntryExitEvents.java	Tue Sep 24 14:34:55 2013 -0700
@@ -115,7 +115,7 @@
      */
     private String[] excludes = {"java.*", "javax.*", "sun.*",
                                  "com.sun.*", "com.oracle.*",
-                                 "oracle.*"};
+                                 "oracle.*", "jdk.internal.*"};
 
     MethodEntryExitEvents (String args[]) {
         super(args);
--- a/test/com/sun/jdi/PopAndStepTest.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/com/sun/jdi/PopAndStepTest.java	Tue Sep 24 14:34:55 2013 -0700
@@ -130,8 +130,12 @@
         StepRequest srInto = erm.createStepRequest(mainThread, StepRequest.STEP_LINE,
                                                    StepRequest.STEP_INTO);
         srInto.addClassExclusionFilter("java.*");
+        srInto.addClassExclusionFilter("javax.*");
         srInto.addClassExclusionFilter("sun.*");
         srInto.addClassExclusionFilter("com.sun.*");
+        srInto.addClassExclusionFilter("com.oracle.*");
+        srInto.addClassExclusionFilter("oracle.*");
+        srInto.addClassExclusionFilter("jdk.internal.*");
         srInto.addCountFilter(1);
         srInto.enable(); // This fails
         mainThread.popFrames(frameFor("A"));
--- a/test/com/sun/jdi/RepStep.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/com/sun/jdi/RepStep.java	Tue Sep 24 14:34:55 2013 -0700
@@ -75,8 +75,12 @@
                                                    DEPTH);
 
         sr.addClassExclusionFilter("java.*");
+        sr.addClassExclusionFilter("javax.*");
         sr.addClassExclusionFilter("sun.*");
         sr.addClassExclusionFilter("com.sun.*");
+        sr.addClassExclusionFilter("com.oracle.*");
+        sr.addClassExclusionFilter("oracle.*");
+        sr.addClassExclusionFilter("jdk.internal.*");
         sr.enable();
     }
 
--- a/test/com/sun/jdi/TestScaffold.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/com/sun/jdi/TestScaffold.java	Tue Sep 24 14:34:55 2013 -0700
@@ -746,8 +746,12 @@
                   requestManager.createStepRequest(thread, gran, depth);
 
         sr.addClassExclusionFilter("java.*");
+        sr.addClassExclusionFilter("javax.*");
         sr.addClassExclusionFilter("sun.*");
         sr.addClassExclusionFilter("com.sun.*");
+        sr.addClassExclusionFilter("com.oracle.*");
+        sr.addClassExclusionFilter("oracle.*");
+        sr.addClassExclusionFilter("jdk.internal.*");
         sr.addCountFilter(1);
         sr.enable();
         StepEvent retEvent = (StepEvent)waitForRequestedEvent(sr);
@@ -829,7 +833,8 @@
 
         Method method = findMethod(rt, methodName, methodSignature);
         if (method == null) {
-            throw new IllegalArgumentException("Bad method name/signature");
+            throw new IllegalArgumentException("Bad method name/signature: "
+                    + clsName + "." + methodName + ":" + methodSignature);
         }
 
         return resumeTo(method.location());
--- a/test/java/lang/CharSequence/DefaultTest.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/java/lang/CharSequence/DefaultTest.java	Tue Sep 24 14:34:55 2013 -0700
@@ -25,6 +25,7 @@
 import java.util.List;
 import java.util.NoSuchElementException;
 import java.util.PrimitiveIterator;
+import java.util.Spliterator;
 import java.util.stream.Collectors;
 
 import org.testng.annotations.Test;
@@ -34,7 +35,7 @@
 /*
  * @test
  * @summary Unit test for CharSequence default methods
- * @bug 8012665
+ * @bug 8012665 8025002
  * @run testng DefaultTest
  */
 
@@ -53,6 +54,12 @@
         assertEquals(list, Arrays.asList((int) 'a', (int) 'b', (int) 'c'));
     }
 
+    public void testCodePointsCharacteristics() {
+        Spliterator.OfInt s = "".codePoints().spliterator();
+        assertFalse(s.hasCharacteristics(Spliterator.SIZED | Spliterator.SUBSIZED));
+        assertTrue(s.hasCharacteristics(Spliterator.ORDERED));
+    }
+
     @Test(expectedExceptions = NoSuchElementException.class)
     public void testEmptyCodePoints() {
         PrimitiveIterator.OfInt s = "".codePoints().iterator();
--- a/test/java/lang/ProcessBuilder/Basic.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/java/lang/ProcessBuilder/Basic.java	Tue Sep 24 14:34:55 2013 -0700
@@ -298,11 +298,15 @@
                     System.exit(5);
                 System.err.print("standard error");
                 System.out.print("standard output");
-            } else if (action.equals("testInheritIO")) {
+            } else if (action.equals("testInheritIO")
+                    || action.equals("testRedirectInherit")) {
                 List<String> childArgs = new ArrayList<String>(javaChildArgs);
                 childArgs.add("testIO");
                 ProcessBuilder pb = new ProcessBuilder(childArgs);
-                pb.inheritIO();
+                if (action.equals("testInheritIO"))
+                    pb.inheritIO();
+                else
+                    redirectIO(pb, INHERIT, INHERIT, INHERIT);
                 ProcessResults r = run(pb);
                 if (! r.out().equals(""))
                     System.exit(7);
@@ -1019,10 +1023,10 @@
         // Note that this requires __FOUR__ nested JVMs involved in one test,
         // if you count the harness JVM.
         //----------------------------------------------------------------
-        {
+        for (String testName : new String[] { "testInheritIO", "testRedirectInherit" } ) {
             redirectIO(pb, PIPE, PIPE, PIPE);
             List<String> command = pb.command();
-            command.set(command.size() - 1, "testInheritIO");
+            command.set(command.size() - 1, testName);
             Process p = pb.start();
             new PrintStream(p.getOutputStream()).print("standard input");
             p.getOutputStream().close();
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/lang/ProcessBuilder/InheritIO/InheritIO.java	Tue Sep 24 14:34:55 2013 -0700
@@ -0,0 +1,47 @@
+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import static java.lang.ProcessBuilder.Redirect.*;
+
+class InheritIO {
+
+    public static class TestInheritIO {
+        public static void main(String args[]) throws Throwable {
+            int err = new ProcessBuilder(args).inheritIO().start().waitFor();
+            System.err.print("exit value: " + err);
+            System.exit(err);
+        }
+    }
+
+    public static class TestRedirectInherit {
+        public static void main(String args[]) throws Throwable {
+            int err = new ProcessBuilder(args)
+                    .redirectInput(INHERIT)
+                    .redirectOutput(INHERIT)
+                    .redirectError(INHERIT)
+                    .start().waitFor();
+            System.err.print("exit value: " + err);
+            System.exit(err);
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/lang/ProcessBuilder/InheritIO/InheritIO.sh	Tue Sep 24 14:34:55 2013 -0700
@@ -0,0 +1,81 @@
+#
+# Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+# @test
+# @bug 8023130
+# @summary (process) ProcessBuilder#inheritIO does not work on Windows
+# @run shell InheritIO.sh
+
+if [ "x${TESTSRC}" = "x" ]; then
+  echo "TESTSRC not set.  Test cannot execute.  Failed."
+  exit 1
+fi
+
+if [ "x${TESTJAVA}" = "x" ]; then
+  echo "TESTJAVA not set.  Test cannot execute.  Failed."
+  exit 1
+fi
+
+
+JAVA="${TESTJAVA}/bin/java"
+JAVAC="${TESTJAVA}/bin/javac"
+
+cp -f ${TESTSRC}/InheritIO.java .
+
+# compile the class ourselves, so this can run as a standalone test
+
+${JAVAC} InheritIO.java
+RES="$?"
+if [ ${RES} != 0 ]; then
+    echo 'FAIL: Cannot compile InheritIO.java'
+    exit ${RES}
+fi
+
+
+for TEST_NAME in TestInheritIO TestRedirectInherit
+do
+    ${JAVA} ${TESTVMOPTS} -classpath . \
+        'InheritIO$'${TEST_NAME} printf message > stdout.txt 2> stderr.txt
+
+    RES="$?"
+    if [ ${RES} != 0 ]; then
+        echo 'FAIL: InheritIO$'${TEST_NAME}' failed with '${RES}
+        exit ${RES}
+    fi
+
+    OUT_EXPECTED='message'
+    OUT_RECEIVED=`cat stdout.txt`
+    if [ "x${OUT_RECEIVED}" != "x${OUT_EXPECTED}" ]; then
+        echo "FAIL: unexpected '${OUT_RECEIVED}' in stdout"
+        exit 1
+    fi
+
+    ERR_EXPECTED='exit value: 0'
+    ERR_RECEIVED=`cat stderr.txt`
+    if [ "x${ERR_RECEIVED}" != "x${ERR_EXPECTED}" ]; then
+        echo "FAIL: unexpected '${ERR_RECEIVED}' in stderr"
+        exit 1
+    fi
+done
+
+echo 'PASS: InheritIO works as expected'
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/lang/annotation/AnnotationsInheritanceOrderRedefinitionTest.java	Tue Sep 24 14:34:55 2013 -0700
@@ -0,0 +1,210 @@
+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8011940
+ * @summary Test inheritance, order and class redefinition behaviour of RUNTIME
+ *          class annotations
+ * @author plevart
+ */
+
+import sun.reflect.annotation.AnnotationParser;
+
+import java.lang.annotation.Annotation;
+import java.lang.annotation.Inherited;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.reflect.Field;
+import java.lang.reflect.InvocationTargetException;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+import java.util.StringJoiner;
+
+public class AnnotationsInheritanceOrderRedefinitionTest {
+
+    @Retention(RetentionPolicy.RUNTIME)
+    @Inherited
+    @interface Ann1 {
+        String value();
+    }
+
+    @Retention(RetentionPolicy.RUNTIME)
+    @Inherited
+    @interface Ann2 {
+        String value();
+    }
+
+    @Retention(RetentionPolicy.RUNTIME)
+    @Inherited
+    @interface Ann3 {
+        String value();
+    }
+
+    @Ann1("A")
+    @Ann2("A")
+    static class A {}
+
+    @Ann3("B")
+    static class B extends A {}
+
+    @Ann1("C")
+    @Ann3("C")
+    static class C extends B {}
+
+    public static void main(String[] args) {
+
+        StringBuilder msgs = new StringBuilder();
+        boolean ok = true;
+
+        ok &= annotationsEqual(msgs, A.class, true,
+            ann(Ann1.class, "A"), ann(Ann2.class, "A"));
+        ok &= annotationsEqual(msgs, A.class, false,
+            ann(Ann1.class, "A"), ann(Ann2.class, "A"));
+        ok &= annotationsEqual(msgs, B.class, true,
+            ann(Ann3.class, "B"));
+        ok &= annotationsEqual(msgs, B.class, false,
+            ann(Ann1.class, "A"), ann(Ann2.class, "A"), ann(Ann3.class, "B"));
+        ok &= annotationsEqual(msgs, C.class, true,
+            ann(Ann1.class, "C"), ann(Ann3.class, "C"));
+        ok &= annotationsEqual(msgs, C.class, false,
+            ann(Ann1.class, "C"), ann(Ann2.class, "A"), ann(Ann3.class, "C"));
+
+        Annotation[] declaredAnnotatiosA = A.class.getDeclaredAnnotations();
+        Annotation[] annotationsA = A.class.getAnnotations();
+        Annotation[] declaredAnnotatiosB = B.class.getDeclaredAnnotations();
+        Annotation[] annotationsB = B.class.getAnnotations();
+        Annotation[] declaredAnnotatiosC = C.class.getDeclaredAnnotations();
+        Annotation[] annotationsC = C.class.getAnnotations();
+
+        incrementClassRedefinedCount(A.class);
+        incrementClassRedefinedCount(B.class);
+        incrementClassRedefinedCount(C.class);
+
+        ok &= annotationsEqualButNotSame(msgs, A.class, true, declaredAnnotatiosA);
+        ok &= annotationsEqualButNotSame(msgs, A.class, false, annotationsA);
+        ok &= annotationsEqualButNotSame(msgs, B.class, true, declaredAnnotatiosB);
+        ok &= annotationsEqualButNotSame(msgs, B.class, false, annotationsB);
+        ok &= annotationsEqualButNotSame(msgs, C.class, true, declaredAnnotatiosC);
+        ok &= annotationsEqualButNotSame(msgs, C.class, false, annotationsC);
+
+        if (!ok) {
+            throw new RuntimeException("test failure\n" + msgs);
+        }
+    }
+
+    // utility methods
+
+    private static boolean annotationsEqualButNotSame(StringBuilder msgs,
+            Class<?> declaringClass, boolean declaredOnly, Annotation[] oldAnns) {
+        if (!annotationsEqual(msgs, declaringClass, declaredOnly, oldAnns)) {
+            return false;
+        }
+        Annotation[] anns = declaredOnly
+                            ? declaringClass.getDeclaredAnnotations()
+                            : declaringClass.getAnnotations();
+        List<Annotation> sameAnns = new ArrayList<>();
+        for (int i = 0; i < anns.length; i++) {
+            if (anns[i] == oldAnns[i]) {
+                sameAnns.add(anns[i]);
+            }
+        }
+        if (!sameAnns.isEmpty()) {
+            msgs.append(declaredOnly ? "declared " : "").append("annotations for ")
+                .append(declaringClass.getSimpleName())
+                .append(" not re-parsed after class redefinition: ")
+                .append(toSimpleString(sameAnns)).append("\n");
+            return false;
+        } else {
+            return true;
+        }
+    }
+
+    private static boolean annotationsEqual(StringBuilder msgs,
+            Class<?> declaringClass, boolean declaredOnly, Annotation... expectedAnns) {
+        Annotation[] anns = declaredOnly
+                            ? declaringClass.getDeclaredAnnotations()
+                            : declaringClass.getAnnotations();
+        if (!Arrays.equals(anns, expectedAnns)) {
+            msgs.append(declaredOnly ? "declared " : "").append("annotations for ")
+                .append(declaringClass.getSimpleName()).append(" are: ")
+                .append(toSimpleString(anns)).append(", expected: ")
+                .append(toSimpleString(expectedAnns)).append("\n");
+            return false;
+        } else {
+            return true;
+        }
+    }
+
+    private static Annotation ann(Class<? extends Annotation> annotationType,
+                                  Object value) {
+        return AnnotationParser.annotationForMap(annotationType,
+            Collections.singletonMap("value", value));
+    }
+
+    private static String toSimpleString(List<Annotation> anns) {
+        return toSimpleString(anns.toArray(new Annotation[anns.size()]));
+    }
+
+    private static String toSimpleString(Annotation[] anns) {
+        StringJoiner joiner = new StringJoiner(", ");
+        for (Annotation ann : anns) {
+            joiner.add(toSimpleString(ann));
+        }
+        return joiner.toString();
+    }
+
+    private static String toSimpleString(Annotation ann) {
+        Class<? extends Annotation> annotationType = ann.annotationType();
+        Object value;
+        try {
+            value = annotationType.getDeclaredMethod("value").invoke(ann);
+        } catch (IllegalAccessException | InvocationTargetException
+            | NoSuchMethodException e) {
+            throw new RuntimeException(e);
+        }
+        return "@" + annotationType.getSimpleName() + "(" + value + ")";
+    }
+
+    private static final Field classRedefinedCountField;
+
+    static {
+        try {
+            classRedefinedCountField = Class.class.getDeclaredField("classRedefinedCount");
+            classRedefinedCountField.setAccessible(true);
+        } catch (NoSuchFieldException e) {
+            throw new Error(e);
+        }
+    }
+
+    private static void incrementClassRedefinedCount(Class<?> clazz) {
+        try {
+            classRedefinedCountField.set(clazz,
+                ((Integer) classRedefinedCountField.get(clazz)) + 1);
+        } catch (IllegalAccessException e) {
+            throw new RuntimeException(e);
+        }
+    }
+}
--- a/test/java/nio/channels/DatagramChannel/AdaptDatagramSocket.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/java/nio/channels/DatagramChannel/AdaptDatagramSocket.java	Tue Sep 24 14:34:55 2013 -0700
@@ -136,7 +136,7 @@
                                         echoServer.getPort());
             test(address, 0, false, false);
             test(address, 0, false, true);
-            test(address, 5000, false, false);
+            test(address, 15000, false, false);
         }
         try (TestServers.UdpDiscardServer discardServer
                 = TestServers.UdpDiscardServer.startNewServer()) {
--- a/test/java/nio/channels/Selector/LotsOfChannels.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/java/nio/channels/Selector/LotsOfChannels.java	Tue Sep 24 14:34:55 2013 -0700
@@ -22,9 +22,10 @@
  */
 
 /* @test
- * @bug 4503092
+ * @bug 4503092 8024883
  * @summary Tests that Windows Selector can use more than 63 channels
- * @run main/timeout=300 LotsOfChannels
+ * @run main LotsOfChannels
+ * @run main/othervm -Dsun.nio.ch.maxUpdateArraySize=64 LotsOfChannels
  * @author kladko
  */
 
--- a/test/java/nio/channels/Selector/SelectorLimit.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/java/nio/channels/Selector/SelectorLimit.java	Tue Sep 24 14:34:55 2013 -0700
@@ -22,12 +22,13 @@
  */
 
 /* @test
- * @bug 4777504
+ * @bug 4777504 8024883
  * @summary Ensure that a Selector can return at least 100 selected keys
  * @author Mark Reinhold
  * @library ..
  * @build SelectorLimit
  * @run main/othervm SelectorLimit
+ * @run main/othervm -Dsun.nio.ch.maxUpdateArraySize=128 SelectorLimit
  */
 
 import java.io.*;
--- a/test/java/util/Map/Defaults.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/java/util/Map/Defaults.java	Tue Sep 24 14:34:55 2013 -0700
@@ -23,7 +23,7 @@
 
 /*
  * @test
- * @bug 8010122 8004518
+ * @bug 8010122 8004518 8024331
  * @summary Test Map default methods
  * @author Mike Duigou
  * @run testng Defaults
@@ -288,6 +288,21 @@
         assertSame(map.get(EXTRA_KEY), EXTRA_VALUE);
     }
 
+    @Test(expectedExceptions = {NullPointerException.class})
+    public void testComputeIfAbsentNPEHashMap() {
+        Object value = new HashMap().computeIfAbsent(KEYS[1], null);
+    }
+
+    @Test(expectedExceptions = {NullPointerException.class})
+    public void testComputeIfAbsentNPEHashtable() {
+        Object value = new Hashtable().computeIfAbsent(KEYS[1], null);
+    }
+
+    @Test(expectedExceptions = {NullPointerException.class})
+    public void testComputeIfAbsentNPETreeMap() {
+        Object value = new TreeMap().computeIfAbsent(KEYS[1], null);
+    }
+
     @Test(dataProvider = "Map<IntegerEnum,String> rw=true keys=withNull values=withNull")
     public void testComputeIfPresentNulls(String description, Map<IntegerEnum, String> map) {
         assertTrue(map.containsKey(null), description + ": null key absent");
@@ -328,6 +343,21 @@
         assertSame(map.get(EXTRA_KEY), null);
     }
 
+    @Test(expectedExceptions = {NullPointerException.class})
+    public void testComputeIfPresentNPEHashMap() {
+        Object value = new HashMap().computeIfPresent(KEYS[1], null);
+    }
+
+    @Test(expectedExceptions = {NullPointerException.class})
+    public void testComputeIfPresentNPEHashtable() {
+        Object value = new Hashtable().computeIfPresent(KEYS[1], null);
+    }
+
+    @Test(expectedExceptions = {NullPointerException.class})
+    public void testComputeIfPresentNPETreeMap() {
+        Object value = new TreeMap().computeIfPresent(KEYS[1], null);
+    }
+
     @Test(dataProvider = "Map<IntegerEnum,String> rw=true keys=withNull values=withNull")
     public void testComputeNulls(String description, Map<IntegerEnum, String> map) {
         assertTrue(map.containsKey(null), "null key absent");
@@ -414,6 +444,20 @@
         assertSame(map.get(EXTRA_KEY), EXTRA_VALUE);
     }
 
+    @Test(expectedExceptions = {NullPointerException.class})
+    public void testComputeNPEHashMap() {
+        Object value = new HashMap().compute(KEYS[1], null);
+    }
+
+    @Test(expectedExceptions = {NullPointerException.class})
+    public void testComputeNPEHashtable() {
+        Object value = new Hashtable().compute(KEYS[1], null);
+    }
+
+    @Test(expectedExceptions = {NullPointerException.class})
+    public void testComputeNPETreeMap() {
+        Object value = new TreeMap().compute(KEYS[1], null);
+    }
 
     @Test(dataProvider = "Map<IntegerEnum,String> rw=true keys=withNull values=withNull")
     public void testMergeNulls(String description, Map<IntegerEnum, String> map) {
@@ -456,6 +500,21 @@
         assertSame(map.get(EXTRA_KEY), EXTRA_VALUE);
     }
 
+    @Test(expectedExceptions = {NullPointerException.class})
+    public void testMergeNPEHashMap() {
+        Object value = new HashMap().merge(KEYS[1], VALUES[1], null);
+    }
+
+    @Test(expectedExceptions = {NullPointerException.class})
+    public void testMergeNPEHashtable() {
+        Object value = new Hashtable().merge(KEYS[1], VALUES[1], null);
+    }
+
+    @Test(expectedExceptions = {NullPointerException.class})
+    public void testMergeNPETreeMap() {
+        Object value = new TreeMap().merge(KEYS[1], VALUES[1], null);
+    }
+
     enum IntegerEnum {
 
         e0, e1, e2, e3, e4, e5, e6, e7, e8, e9,
--- a/test/java/util/Spliterator/SpliteratorCharacteristics.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/java/util/Spliterator/SpliteratorCharacteristics.java	Tue Sep 24 14:34:55 2013 -0700
@@ -23,7 +23,7 @@
 
 /**
  * @test
- * @bug 8020156 8020009 8022326 8012913
+ * @bug 8020156 8020009 8022326 8012913 8024405
  * @run testng SpliteratorCharacteristics
  */
 
@@ -36,21 +36,150 @@
 import java.util.HashSet;
 import java.util.LinkedHashMap;
 import java.util.LinkedHashSet;
+import java.util.List;
 import java.util.Map;
+import java.util.PrimitiveIterator;
 import java.util.Set;
 import java.util.SortedMap;
 import java.util.SortedSet;
 import java.util.Spliterator;
+import java.util.Spliterators;
 import java.util.TreeMap;
 import java.util.TreeSet;
 import java.util.concurrent.ConcurrentSkipListMap;
 import java.util.concurrent.ConcurrentSkipListSet;
+import java.util.function.Supplier;
+import java.util.stream.DoubleStream;
+import java.util.stream.IntStream;
+import java.util.stream.LongStream;
 
 import static org.testng.Assert.*;
 
 @Test
 public class SpliteratorCharacteristics {
 
+    public void testSpliteratorFromCollection() {
+        List<Integer> l = Arrays.asList(1, 2, 3, 4);
+
+        {
+            Spliterator<?> s = Spliterators.spliterator(l, 0);
+            assertCharacteristics(s, Spliterator.SIZED | Spliterator.SUBSIZED);
+            assertHasNotCharacteristics(s, Spliterator.CONCURRENT);
+        }
+
+        {
+            Spliterator<?> s = Spliterators.spliterator(l, Spliterator.CONCURRENT);
+            assertHasNotCharacteristics(s, Spliterator.SIZED | Spliterator.SUBSIZED);
+            assertCharacteristics(s, Spliterator.CONCURRENT);
+        }
+
+        {
+            Spliterator<?> s = Spliterators.spliterator(l.iterator( ), 1, 0);
+            assertCharacteristics(s, Spliterator.SIZED | Spliterator.SUBSIZED);
+            assertHasNotCharacteristics(s, Spliterator.CONCURRENT);
+        }
+
+        {
+            Spliterator<?> s = Spliterators.spliterator(l.iterator( ), 1, Spliterator.CONCURRENT);
+            assertHasNotCharacteristics(s, Spliterator.SIZED | Spliterator.SUBSIZED);
+            assertCharacteristics(s, Spliterator.CONCURRENT);
+        }
+
+        {
+            Spliterator<?> s = Spliterators.spliteratorUnknownSize(l.iterator( ), 0);
+            assertHasNotCharacteristics(s, Spliterator.SIZED | Spliterator.SUBSIZED);
+        }
+
+        {
+            Spliterator<?> s = Spliterators.spliteratorUnknownSize(
+                    l.iterator(), Spliterator.SIZED | Spliterator.SUBSIZED);
+            assertHasNotCharacteristics(s, Spliterator.SIZED | Spliterator.SUBSIZED);
+        }
+    }
+
+    public void testSpliteratorOfIntFromIterator() {
+        Supplier<PrimitiveIterator.OfInt> si = () -> IntStream.of(1, 2, 3, 4).iterator();
+
+        {
+            Spliterator<?> s = Spliterators.spliterator(si.get(), 1, 0);
+            assertCharacteristics(s, Spliterator.SIZED | Spliterator.SUBSIZED);
+            assertHasNotCharacteristics(s, Spliterator.CONCURRENT);
+        }
+
+        {
+            Spliterator<?> s = Spliterators.spliterator(si.get(), 1, Spliterator.CONCURRENT);
+            assertHasNotCharacteristics(s, Spliterator.SIZED | Spliterator.SUBSIZED);
+            assertCharacteristics(s, Spliterator.CONCURRENT);
+        }
+
+        {
+            Spliterator<?> s = Spliterators.spliteratorUnknownSize(si.get(), 0);
+            assertHasNotCharacteristics(s, Spliterator.SIZED | Spliterator.SUBSIZED);
+        }
+
+        {
+            Spliterator<?> s = Spliterators.spliteratorUnknownSize(
+                    si.get(), Spliterator.SIZED | Spliterator.SUBSIZED);
+            assertHasNotCharacteristics(s, Spliterator.SIZED | Spliterator.SUBSIZED);
+        }
+    }
+
+    public void testSpliteratorOfLongFromIterator() {
+        Supplier<PrimitiveIterator.OfLong> si = () -> LongStream.of(1, 2, 3, 4).iterator();
+
+        {
+            Spliterator<?> s = Spliterators.spliterator(si.get(), 1, 0);
+            assertCharacteristics(s, Spliterator.SIZED | Spliterator.SUBSIZED);
+            assertHasNotCharacteristics(s, Spliterator.CONCURRENT);
+        }
+
+        {
+            Spliterator<?> s = Spliterators.spliterator(si.get(), 1, Spliterator.CONCURRENT);
+            assertHasNotCharacteristics(s, Spliterator.SIZED | Spliterator.SUBSIZED);
+            assertCharacteristics(s, Spliterator.CONCURRENT);
+        }
+
+        {
+            Spliterator<?> s = Spliterators.spliteratorUnknownSize(si.get(), 0);
+            assertHasNotCharacteristics(s, Spliterator.SIZED | Spliterator.SUBSIZED);
+        }
+
+        {
+            Spliterator<?> s = Spliterators.spliteratorUnknownSize(
+                    si.get(), Spliterator.SIZED | Spliterator.SUBSIZED);
+            assertHasNotCharacteristics(s, Spliterator.SIZED | Spliterator.SUBSIZED);
+        }
+    }
+
+    public void testSpliteratorOfDoubleFromIterator() {
+        Supplier<PrimitiveIterator.OfDouble> si = () -> DoubleStream.of(1, 2, 3, 4).iterator();
+
+        {
+            Spliterator<?> s = Spliterators.spliterator(si.get(), 1, 0);
+            assertCharacteristics(s, Spliterator.SIZED | Spliterator.SUBSIZED);
+            assertHasNotCharacteristics(s, Spliterator.CONCURRENT);
+        }
+
+        {
+            Spliterator<?> s = Spliterators.spliterator(si.get(), 1, Spliterator.CONCURRENT);
+            assertHasNotCharacteristics(s, Spliterator.SIZED | Spliterator.SUBSIZED);
+            assertCharacteristics(s, Spliterator.CONCURRENT);
+        }
+
+        {
+            Spliterator<?> s = Spliterators.spliteratorUnknownSize(si.get(), 0);
+            assertHasNotCharacteristics(s, Spliterator.SIZED | Spliterator.SUBSIZED);
+        }
+
+        {
+            Spliterator<?> s = Spliterators.spliteratorUnknownSize(
+                    si.get(), Spliterator.SIZED | Spliterator.SUBSIZED);
+            assertHasNotCharacteristics(s, Spliterator.SIZED | Spliterator.SUBSIZED);
+        }
+    }
+
+    //
+
     public void testHashMap() {
         assertMapCharacteristics(new HashMap<>(),
                                  Spliterator.SIZED | Spliterator.DISTINCT);
@@ -199,10 +328,19 @@
     }
 
     void assertCharacteristics(Collection<?> c, int expectedCharacteristics) {
-        assertTrue(c.spliterator().hasCharacteristics(expectedCharacteristics),
+        assertCharacteristics(c.spliterator(), expectedCharacteristics);
+    }
+
+    void assertCharacteristics(Spliterator<?> s, int expectedCharacteristics) {
+        assertTrue(s.hasCharacteristics(expectedCharacteristics),
                    "Spliterator characteristics");
     }
 
+    void assertHasNotCharacteristics(Spliterator<?> s, int expectedCharacteristics) {
+        assertFalse(s.hasCharacteristics(expectedCharacteristics),
+                    "Spliterator characteristics");
+    }
+
     void assertNullComparator(Collection<?> c) {
         assertNull(c.spliterator().getComparator(),
                    "Comparator of Spliterator of Collection");
--- a/test/java/util/Spliterator/SpliteratorTraversingAndSplittingTest.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/java/util/Spliterator/SpliteratorTraversingAndSplittingTest.java	Tue Sep 24 14:34:55 2013 -0700
@@ -1159,7 +1159,7 @@
             List<T> dest = new ArrayList<>();
             spliterator = supplier.get();
 
-            assertSpliterator(spliterator);
+            assertRootSpliterator(spliterator);
 
             // verify splitting with forEach
             visit(depth, 0, dest, spliterator, boxingAdapter, spliterator.characteristics(), false);
@@ -1234,7 +1234,7 @@
             UnaryOperator<Consumer<T>> boxingAdapter) {
         Spliterator<T> s = supplier.get();
         boolean isOrdered = s.hasCharacteristics(Spliterator.ORDERED);
-        assertSpliterator(s);
+        assertRootSpliterator(s);
 
         List<T> splits = new ArrayList<>();
         Consumer<T> c = boxingAdapter.apply(splits::add);
@@ -1326,6 +1326,13 @@
         }
     }
 
+    private static void assertRootSpliterator(Spliterator<?> s) {
+        assertFalse(s.hasCharacteristics(Spliterator.SIZED | Spliterator.CONCURRENT),
+                    "Root spliterator should not be SIZED and CONCURRENT");
+
+        assertSpliterator(s);
+    }
+
     private static void assertSpliterator(Spliterator<?> s, int rootCharacteristics) {
         if ((rootCharacteristics & Spliterator.SUBSIZED) != 0) {
             assertTrue(s.hasCharacteristics(Spliterator.SUBSIZED),
--- a/test/java/util/concurrent/ThreadLocalRandom/ThreadLocalRandomTest.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/java/util/concurrent/ThreadLocalRandom/ThreadLocalRandomTest.java	Tue Sep 24 14:34:55 2013 -0700
@@ -33,7 +33,9 @@
 
 /**
  * @test
+ * @bug 8024253
  * @run testng ThreadLocalRandomTest
+ * @run testng/othervm -Djava.util.secureRandomSeed=true ThreadLocalRandomTest
  * @summary test methods on ThreadLocalRandom
  */
 @Test
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/util/regex/PatternStreamTest.java	Tue Sep 24 14:34:55 2013 -0700
@@ -0,0 +1,180 @@
+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * @test
+ * @bug 8016846 8024341
+ * @summary Unit tests for wrapping classes should delegate to default methods
+ * @library ../stream/bootlib
+ * @build java.util.stream.OpTestCase
+ * @run testng/othervm PatternStreamTest
+ */
+
+import org.testng.annotations.DataProvider;
+import org.testng.annotations.Test;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.function.Supplier;
+import java.util.regex.Pattern;
+import java.util.stream.LambdaTestHelpers;
+import java.util.stream.OpTestCase;
+import java.util.stream.Stream;
+import java.util.stream.TestData;
+
+@Test
+public class PatternStreamTest extends OpTestCase {
+
+    @DataProvider(name = "Stream<String>")
+    public static Object[][] makeStreamTestData() {
+        List<Object[]> data = new ArrayList<>();
+
+        String description = "";
+        String input = "awgqwefg1fefw4vssv1vvv1";
+        Pattern pattern = Pattern.compile("4");
+        List<String> expected = new ArrayList<>();
+        expected.add("awgqwefg1fefw");
+        expected.add("vssv1vvv1");
+
+        // Must match the type signature of the consumer of this data, testStrings
+        // String, String, Pattern, List<String>
+        data.add(new Object[]{description, input, pattern, expected});
+
+        input = "afbfq\u00a3abgwgb\u00a3awngnwggw\u00a3a\u00a3ahjrnhneerh";
+        pattern = Pattern.compile("\u00a3a");
+        expected = new ArrayList<>();
+        expected.add("afbfq");
+        expected.add("bgwgb");
+        expected.add("wngnwggw");
+        expected.add("");
+        expected.add("hjrnhneerh");
+
+        data.add(new Object[]{description, input, pattern, expected});
+
+
+        input = "awgqwefg1fefw4vssv1vvv1";
+        pattern = Pattern.compile("1");
+        expected = new ArrayList<>();
+        expected.add("awgqwefg");
+        expected.add("fefw4vssv");
+        expected.add("vvv");
+
+        data.add(new Object[]{description, input, pattern, expected});
+
+
+        input = "a\u4ebafg1fefw\u4eba4\u9f9cvssv\u9f9c1v\u672c\u672cvv";
+        pattern = Pattern.compile("1");
+        expected = new ArrayList<>();
+        expected.add("a\u4ebafg");
+        expected.add("fefw\u4eba4\u9f9cvssv\u9f9c");
+        expected.add("v\u672c\u672cvv");
+
+        data.add(new Object[]{description, input, pattern, expected});
+
+
+        input = "1\u56da23\u56da456\u56da7890";
+        pattern = Pattern.compile("\u56da");
+        expected = new ArrayList<>();
+        expected.add("1");
+        expected.add("23");
+        expected.add("456");
+        expected.add("7890");
+
+        data.add(new Object[]{description, input, pattern, expected});
+
+
+        input = "1\u56da23\u9f9c\u672c\u672c\u56da456\u56da\u9f9c\u672c7890";
+        pattern = Pattern.compile("\u56da");
+        expected = new ArrayList<>();
+        expected.add("1");
+        expected.add("23\u9f9c\u672c\u672c");
+        expected.add("456");
+        expected.add("\u9f9c\u672c7890");
+
+        data.add(new Object[]{description, input, pattern, expected});
+
+
+        input = "";
+        pattern = Pattern.compile("\u56da");
+        expected = new ArrayList<>();
+
+        data.add(new Object[]{description, input, pattern, expected});
+
+
+        description = "Multiple separators";
+        input = "This is,testing: with\tdifferent separators.";
+        pattern = Pattern.compile("[ \t,:.]");
+        expected = new ArrayList<>();
+        expected.add("This");
+        expected.add("is");
+        expected.add("testing");
+        expected.add("");
+        expected.add("with");
+        expected.add("different");
+        expected.add("separators");
+
+
+        description = "Repeated separators within and at end";
+        input = "boo:and:foo";
+        pattern = Pattern.compile("o");
+        expected = new ArrayList<>();
+        expected.add("b");
+        expected.add("");
+        expected.add(":and:f");
+
+
+        description = "Many repeated separators within and at end";
+        input = "booooo:and:fooooo";
+        pattern = Pattern.compile("o");
+        expected = new ArrayList<>();
+        expected.add("b");
+        expected.add("");
+        expected.add("");
+        expected.add("");
+        expected.add("");
+        expected.add(":and:f");
+
+        description = "Many repeated separators before last match";
+        input = "fooooo:";
+        pattern = Pattern.compile("o");
+        expected = new ArrayList<>();
+        expected.add("f");
+        expected.add("");
+        expected.add("");
+        expected.add("");
+        expected.add("");
+        expected.add(":");
+
+        data.add(new Object[] {description, input, pattern, expected});
+        return data.toArray(new Object[0][]);
+    }
+
+    @Test(dataProvider = "Stream<String>")
+    public void testStrings(String description, String input, Pattern pattern, List<String> expected) {
+        Supplier<Stream<String>> ss =  () -> pattern.splitAsStream(input);
+        withData(TestData.Factory.ofSupplier(description, ss))
+                .stream(LambdaTestHelpers.identity())
+                .expectedResult(expected)
+                .exercise();
+    }
+}
--- a/test/java/util/regex/PatternTest.java	Tue Sep 24 14:17:42 2013 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,147 +0,0 @@
-/*
- * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/**
- * @test
- * @summary Unit tests for wrapping classes should delegate to default methods
- * @library ../stream/bootlib
- * @build java.util.stream.OpTestCase
- * @run testng/othervm PatternTest
- */
-
-import org.testng.annotations.DataProvider;
-import org.testng.annotations.Test;
-
-import java.util.ArrayList;
-import java.util.List;
-import java.util.function.Supplier;
-import java.util.regex.Pattern;
-import java.util.stream.LambdaTestHelpers;
-import java.util.stream.OpTestCase;
-import java.util.stream.Stream;
-import java.util.stream.TestData;
-
-@Test
-public class PatternTest extends OpTestCase {
-
-    @DataProvider(name = "Stream<String>")
-    public static Object[][] makeStreamTestData() {
-        List<Object[]> data = new ArrayList<>();
-
-        String description = "";
-        String input = "awgqwefg1fefw4vssv1vvv1";
-        Pattern pattern = Pattern.compile("4");
-        List<String> expected = new ArrayList<>();
-        expected.add("awgqwefg1fefw");
-        expected.add("vssv1vvv1");
-
-        // Must match the type signature of the consumer of this data, testStrings
-        // String, String, Pattern, List<String>
-        data.add(new Object[]{description, input, pattern, expected});
-
-        input = "afbfq\u00a3abgwgb\u00a3awngnwggw\u00a3a\u00a3ahjrnhneerh";
-        pattern = Pattern.compile("\u00a3a");
-        expected = new ArrayList<>();
-        expected.add("afbfq");
-        expected.add("bgwgb");
-        expected.add("wngnwggw");
-        expected.add("");
-        expected.add("hjrnhneerh");
-
-        data.add(new Object[]{description, input, pattern, expected});
-
-
-        input = "awgqwefg1fefw4vssv1vvv1";
-        pattern = Pattern.compile("1");
-        expected = new ArrayList<>();
-        expected.add("awgqwefg");
-        expected.add("fefw4vssv");
-        expected.add("vvv");
-
-        data.add(new Object[]{description, input, pattern, expected});
-
-
-        input = "a\u4ebafg1fefw\u4eba4\u9f9cvssv\u9f9c1v\u672c\u672cvv";
-        pattern = Pattern.compile("1");
-        expected = new ArrayList<>();
-        expected.add("a\u4ebafg");
-        expected.add("fefw\u4eba4\u9f9cvssv\u9f9c");
-        expected.add("v\u672c\u672cvv");
-
-        data.add(new Object[]{description, input, pattern, expected});
-
-
-        input = "1\u56da23\u56da456\u56da7890";
-        pattern = Pattern.compile("\u56da");
-        expected = new ArrayList<>();
-        expected.add("1");
-        expected.add("23");
-        expected.add("456");
-        expected.add("7890");
-
-        data.add(new Object[]{description, input, pattern, expected});
-
-
-        input = "1\u56da23\u9f9c\u672c\u672c\u56da456\u56da\u9f9c\u672c7890";
-        pattern = Pattern.compile("\u56da");
-        expected = new ArrayList<>();
-        expected.add("1");
-        expected.add("23\u9f9c\u672c\u672c");
-        expected.add("456");
-        expected.add("\u9f9c\u672c7890");
-
-        data.add(new Object[]{description, input, pattern, expected});
-
-
-        input = "";
-        pattern = Pattern.compile("\u56da");
-        expected = new ArrayList<>();
-
-        data.add(new Object[]{description, input, pattern, expected});
-
-
-        description = "Multiple separators";
-        input = "This is,testing: with\tdifferent separators.";
-        pattern = Pattern.compile("[ \t,:.]");
-        expected = new ArrayList<>();
-        expected.add("This");
-        expected.add("is");
-        expected.add("testing");
-        expected.add("");
-        expected.add("with");
-        expected.add("different");
-        expected.add("separators");
-
-        data.add(new Object[] {description, input, pattern, expected});
-        return data.toArray(new Object[0][]);
-    }
-
-    @Test(dataProvider = "Stream<String>")
-    public void testStrings(String description, String input, Pattern pattern, List<String> expected) {
-        Supplier<Stream<String>> ss =  () -> pattern.splitAsStream(input);
-        withData(TestData.Factory.ofSupplier(description, ss))
-                .stream(LambdaTestHelpers.identity())
-                .expectedResult(expected)
-                .exercise();
-    }
-}
--- a/test/javax/imageio/plugins/jpeg/JpegWriterLeakTest.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/javax/imageio/plugins/jpeg/JpegWriterLeakTest.java	Tue Sep 24 14:34:55 2013 -0700
@@ -23,7 +23,7 @@
 
 /**
  * @test
- * @bug     8020983
+ * @bug     8020983 8024697
  * @summary Test verifies that jpeg writer instances are collected
  *          even if destroy() or reset() methods is not invoked.
  *
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/javax/management/MBeanInfo/MBeanInfoEqualsNPETest.java	Tue Sep 24 14:34:55 2013 -0700
@@ -0,0 +1,216 @@
+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import javax.management.MBeanAttributeInfo;
+import javax.management.MBeanConstructorInfo;
+import javax.management.MBeanFeatureInfo;
+import javax.management.MBeanInfo;
+import javax.management.MBeanNotificationInfo;
+import javax.management.MBeanOperationInfo;
+import javax.management.MBeanParameterInfo;
+import javax.management.modelmbean.DescriptorSupport;
+import javax.management.openmbean.SimpleType;
+
+/*
+ * @test
+ * @bug 8023954
+ * @summary Test that MBean*Info.equals do not throw NPE
+ * @author Shanliang JIANG
+ * @run clean MBeanInfoEqualsNPETest
+ * @run build MBeanInfoEqualsNPETest
+ * @run main MBeanInfoEqualsNPETest
+ */
+public class MBeanInfoEqualsNPETest {
+    private static int failed = 0;
+
+    public static void main(String[] args) throws Exception {
+        System.out.println("---MBeanInfoEqualsNPETest-main ...");
+
+        // ----
+        System.out.println("\n---Testing on MBeanAttributeInfo...");
+        MBeanAttributeInfo mbeanAttributeInfo0 = new MBeanAttributeInfo(
+                "name", SimpleType.INTEGER.getClassName(), "description", true, true, false);
+        MBeanAttributeInfo mbeanAttributeInfo = new MBeanAttributeInfo(
+                null, SimpleType.INTEGER.getClassName(), "description", true, true, false);
+        test(mbeanAttributeInfo0, mbeanAttributeInfo, "class name");
+
+        mbeanAttributeInfo = new MBeanAttributeInfo(
+                "name", null, "description", true, true, false);
+        test(mbeanAttributeInfo0, mbeanAttributeInfo, "type");
+
+        mbeanAttributeInfo = new MBeanAttributeInfo(
+                "name", SimpleType.INTEGER.getClassName(), null, true, true, false);
+        test(mbeanAttributeInfo0, mbeanAttributeInfo, "description");
+
+        // ----
+        System.out.println("\n---Testing on MBeanConstructorInfo...");
+        MBeanConstructorInfo mbeanConstructorInfo0 = new MBeanConstructorInfo(
+                "", "", new MBeanParameterInfo[]{}, new DescriptorSupport());
+        MBeanConstructorInfo mbeanConstructorInfo = new MBeanConstructorInfo(
+                null, "", new MBeanParameterInfo[]{}, new DescriptorSupport());
+        test(mbeanConstructorInfo0, mbeanConstructorInfo, "name");
+
+        mbeanConstructorInfo = new MBeanConstructorInfo(
+                "", null, new MBeanParameterInfo[]{}, new DescriptorSupport());
+        test(mbeanConstructorInfo0, mbeanConstructorInfo, "description");
+
+        mbeanConstructorInfo = new MBeanConstructorInfo(
+                "", "", null, new DescriptorSupport());
+        test(mbeanConstructorInfo0, mbeanConstructorInfo, "MBeanParameterInfo");
+
+        mbeanConstructorInfo = new MBeanConstructorInfo(
+                "", "", new MBeanParameterInfo[]{}, null);
+        test(mbeanConstructorInfo0, mbeanConstructorInfo, "descriptor");
+
+        // ----
+        System.out.println("\n---Testing on MBeanOperationInfo...");
+        MBeanOperationInfo mbeanOperationInfo0 = new MBeanOperationInfo(
+                "name", "description", new MBeanParameterInfo[]{}, "type",
+                MBeanOperationInfo.UNKNOWN, new DescriptorSupport());
+
+        MBeanOperationInfo mbeanOperationInfo = new MBeanOperationInfo(
+                null, "description", new MBeanParameterInfo[]{}, "type",
+                MBeanOperationInfo.UNKNOWN, new DescriptorSupport());
+        test(mbeanOperationInfo0, mbeanOperationInfo, "name");
+
+        mbeanOperationInfo = new MBeanOperationInfo(
+                "name", null, new MBeanParameterInfo[]{}, "type",
+                MBeanOperationInfo.UNKNOWN, new DescriptorSupport());
+        test(mbeanOperationInfo0, mbeanOperationInfo, "description");
+
+        mbeanOperationInfo = new MBeanOperationInfo(
+                "name", "description", null, "type", 1, new DescriptorSupport());
+        test(mbeanOperationInfo0, mbeanOperationInfo, "MBeanParameterInfo");
+
+        mbeanOperationInfo = new MBeanOperationInfo(
+                "name", "description", new MBeanParameterInfo[]{}, null,
+                MBeanOperationInfo.UNKNOWN, new DescriptorSupport());
+        test(mbeanOperationInfo0, mbeanOperationInfo, "type");
+
+        mbeanOperationInfo = new MBeanOperationInfo(
+                "name", "description", new MBeanParameterInfo[]{}, null,
+                MBeanOperationInfo.UNKNOWN, null);
+        test(mbeanOperationInfo0, mbeanOperationInfo, "Descriptor");
+
+        // ----
+        System.out.println("\n---Testing on MBeanParameterInfo...");
+        MBeanParameterInfo mbeanParameterInfo0 = new MBeanParameterInfo(
+                "name", "type", "description", new DescriptorSupport());
+        MBeanParameterInfo mbeanParameterInfo = new MBeanParameterInfo(
+                null, "type", "description", new DescriptorSupport());
+        test(mbeanParameterInfo0, mbeanParameterInfo, "name");
+
+        mbeanParameterInfo = new MBeanParameterInfo(
+                "name", null, "description", new DescriptorSupport());
+        test(mbeanParameterInfo0, mbeanParameterInfo, "type");
+
+        mbeanParameterInfo = new MBeanParameterInfo(
+                "name", "type", null, new DescriptorSupport());
+        test(mbeanParameterInfo0, mbeanParameterInfo, "description");
+
+        mbeanParameterInfo = new MBeanParameterInfo(
+                "name", "type", "description", null);
+        test(mbeanParameterInfo0, mbeanParameterInfo, "Descriptor");
+
+        // ----
+        System.out.println("\n---Testing on MBeanFeatureInfo ...");
+        MBeanFeatureInfo mbeanFeatureInfo0 = new MBeanFeatureInfo(
+                "name", "description", new DescriptorSupport());
+        MBeanFeatureInfo mbeanFeatureInfo = new MBeanFeatureInfo(
+                null, "description", new DescriptorSupport());
+        test(mbeanFeatureInfo0, mbeanFeatureInfo, "name");
+
+        mbeanFeatureInfo = new MBeanFeatureInfo(
+                "name", null, new DescriptorSupport());
+        test(mbeanParameterInfo0, mbeanParameterInfo, "description");
+
+        mbeanFeatureInfo = new MBeanFeatureInfo(
+                "name", "description", null);
+        test(mbeanParameterInfo0, mbeanParameterInfo, "Descriptor");
+
+        // ----
+        System.out.println("\n---Testing on MBeanInfo...");
+        String className = "toto";
+        String description = "titi";
+        MBeanAttributeInfo[] attrInfos = new MBeanAttributeInfo[]{};
+        MBeanConstructorInfo[] constrInfos = new MBeanConstructorInfo[]{};
+        MBeanOperationInfo[] operaInfos = new MBeanOperationInfo[]{};
+        MBeanNotificationInfo[] notifInfos = new MBeanNotificationInfo[]{};
+
+        MBeanInfo minfo0 = new MBeanInfo("toto", description, attrInfos, constrInfos, operaInfos, notifInfos);
+        MBeanInfo minfo = new MBeanInfo(null, description, attrInfos, constrInfos, operaInfos, notifInfos);
+        test(minfo0, minfo, "class name");
+
+        minfo = new MBeanInfo(className, null, attrInfos, constrInfos, operaInfos, notifInfos);
+        test(minfo0, minfo, "description");
+
+        minfo = new MBeanInfo(className, description, null, constrInfos, operaInfos, notifInfos);
+        test(minfo0, minfo, "attrInfos");
+
+        minfo = new MBeanInfo(className, description, attrInfos, null, operaInfos, notifInfos);
+        test(minfo0, minfo, "constrInfos");
+
+        minfo = new MBeanInfo(className, description, attrInfos, constrInfos, null, notifInfos);
+        test(minfo0, minfo, "operaInfos");
+
+        minfo = new MBeanInfo(className, description, attrInfos, constrInfos, operaInfos, null);
+        test(minfo0, minfo, "notifInfos");
+
+        if (failed > 0) {
+            throw new RuntimeException("Test failed: "+failed);
+        } else {
+            System.out.println("---Test: PASSED");
+        }
+    }
+
+    private static void test(Object obj1, Object obj2, String param) {
+        try {
+            obj1.equals(obj2);
+            System.out.println("OK-1: "+obj1.getClass().getSimpleName()+".equals worked with a null paramer: "+param);
+        } catch (NullPointerException npe) {
+            System.out.println("--->KO-1!!! "+obj1.getClass().getSimpleName()+".equals got NPE with a null paramer: "+param);
+            npe.printStackTrace();
+            failed++;
+        }
+
+        try {
+            obj2.equals(obj1);
+            System.out.println("OK-2: "+obj2.getClass().getSimpleName()+".equals worked with a null paramer: "+param);
+        } catch (NullPointerException npe) {
+            System.out.println("--->KO-2!!! "+obj2.getClass().getSimpleName()+".equals got NPE with a null paramer: "+param);
+            npe.printStackTrace();
+            failed++;
+        }
+
+        try {
+            obj1.equals(null);
+            obj2.equals(null);
+
+            System.out.println("OK-3: "+obj1.getClass().getSimpleName()+".equals worked with a null field.");
+        } catch (NullPointerException npe) {
+            System.out.println("--->KO-3!!! "+obj1.getClass().getSimpleName()+".equals got NPE with a null field.");
+            npe.printStackTrace();
+            failed++;
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/lib/security/CheckBlacklistedCerts.java	Tue Sep 24 14:34:55 2013 -0700
@@ -0,0 +1,131 @@
+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8011402
+ * @summary Move blacklisting certificate logic from hard code to data
+ */
+
+import sun.security.util.UntrustedCertificates;
+
+import java.io.*;
+import java.security.KeyStore;
+import java.security.cert.*;
+import java.util.*;
+
+public class CheckBlacklistedCerts {
+    public static void main(String[] args) throws Exception {
+
+        String home = System.getProperty("java.home");
+        boolean failed = false;
+
+        // Root CAs should always be trusted
+        File file = new File(home, "lib/security/cacerts");
+        KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
+        try (FileInputStream fis = new FileInputStream(file)) {
+            ks.load(new FileInputStream(file), null);
+        }
+        System.out.println("Check for cacerts: " + ks.size());
+        for (String alias: Collections.list(ks.aliases())) {
+            X509Certificate cert = (X509Certificate)ks.getCertificate(alias);
+            if (UntrustedCertificates.isUntrusted(cert)) {
+                System.out.print(alias + " is untrusted");
+                failed = true;
+            }
+        }
+
+        // All certs in the pem files
+        Set<Certificate> blacklisted = new HashSet<>();
+
+        // Hopefully src comes with test, but it might be missing if doing
+        // a -testonly JPRT job.
+        File[] blacklists = {
+            new File(System.getProperty("test.src"),
+                "../../../src/share/lib/security/blacklisted.certs.pem"),
+            new File(System.getProperty("test.src"),
+                "../../../src/closed/share/lib/security/blacklisted.certs.pem")
+        };
+
+        // Is this an OPENJDK build?
+        if (!new File(home, "lib/security/local_policy.jar").exists()) {
+            blacklists = Arrays.copyOf(blacklists, 1);
+        }
+
+        CertificateFactory cf = CertificateFactory.getInstance("X.509");
+        for (File blacklist: blacklists) {
+            System.out.print("Check for " + blacklist + ": ");
+            if (!blacklist.exists()) {
+                System.out.println("does not exist");
+            } else {
+                try (FileInputStream fis = new FileInputStream(blacklist)) {
+                    Collection<? extends Certificate> certs
+                            = cf.generateCertificates(fis);
+                    System.out.println(certs.size());
+                    for (Certificate c: certs) {
+                        blacklisted.add(c);
+                        X509Certificate cert = ((X509Certificate)c);
+                        if (!UntrustedCertificates.isUntrusted(cert)) {
+                            System.out.println(cert.getSubjectDN() + " is trusted");
+                            failed = true;
+                        }
+                    }
+                }
+            }
+        }
+
+        // Check the blacklisted.certs file itself
+        file = new File(home, "lib/security/blacklisted.certs");
+        System.out.print("Check for " + file + ": ");
+        try (BufferedReader reader = new BufferedReader(
+                new InputStreamReader(new FileInputStream(file)))) {
+            int acount = 0;
+            int ccount = 0;
+            while (true) {
+                String line = reader.readLine();
+                if (line == null) break;
+                if (line.startsWith("Algorithm")) {
+                    acount++;
+                } else if (!line.isEmpty() && !line.startsWith("#")) {
+                    ccount++;
+                }
+            }
+            System.out.println(acount + " algs, " + ccount + " certs" );
+            if (acount != 1) {
+                System.out.println("There are " + acount + " algorithms");
+                failed = true;
+            }
+            if (ccount != blacklisted.size()
+                    && !blacklisted.isEmpty()) {
+                System.out.println("Wrong blacklisted.certs size: "
+                        + ccount + " fingerprints, "
+                        + blacklisted.size() + " certs");
+                failed = true;
+            }
+        }
+
+        if (failed) {
+            throw new Exception("Failed");
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/java2d/cmm/ProfileOp/DisposalCrashTest.java	Tue Sep 24 14:34:55 2013 -0700
@@ -0,0 +1,83 @@
+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * @test
+ * @bug     8024511
+ * @summary Verifies that instances of color profiles are destroyed correctly.
+ *          A crash during profile destruction indicates failure.
+ *
+ * @run     main DisposalCrashTest
+ */
+
+import static java.awt.color.ColorSpace.*;
+import java.awt.color.ICC_Profile;
+import java.lang.ref.Reference;
+import java.lang.ref.ReferenceQueue;
+import java.lang.ref.WeakReference;
+import java.util.Vector;
+
+public class DisposalCrashTest {
+
+    static final ReferenceQueue<ICC_Profile> queue = new ReferenceQueue<>();
+    static final Vector<Reference<? extends ICC_Profile>> v = new Vector<>();
+
+    public static void main(String[] args) {
+        int[] ids = new int[]{
+            CS_sRGB, CS_CIEXYZ, CS_GRAY, CS_LINEAR_RGB, CS_PYCC
+        };
+
+        for (int id : ids) {
+            ICC_Profile p = getCopyOf(id);
+        }
+
+        while (!v.isEmpty()) {
+            System.gc();
+            System.out.println(".");
+            try {
+                Thread.sleep(500);
+            } catch (InterruptedException e) {};
+
+            final Reference<? extends ICC_Profile> ref = queue.poll();
+            System.out.println("Got reference: " + ref);
+
+            v.remove(ref);
+        }
+
+        System.out.println("Test PASSED.");
+    }
+
+    private static ICC_Profile getCopyOf(int id) {
+        ICC_Profile std = ICC_Profile.getInstance(id);
+
+        byte[] data = std.getData();
+
+        ICC_Profile p = ICC_Profile.getInstance(data);
+
+        WeakReference<ICC_Profile> ref = new WeakReference<>(p, queue);
+
+        v.add(ref);
+
+        return p;
+    }
+}
--- a/test/sun/java2d/cmm/ProfileOp/ReadWriteProfileTest.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/sun/java2d/cmm/ProfileOp/ReadWriteProfileTest.java	Tue Sep 24 14:34:55 2013 -0700
@@ -23,7 +23,7 @@
 
 /**
  * @test
- * @bug 6476665 6523403 6733501 7042594
+ * @bug 6476665 6523403 6733501 7042594 7043064
  * @summary Verifies reading and writing profiles and tags of the standard color
  * spaces
  * @run main ReadWriteProfileTest
@@ -82,6 +82,7 @@
 
     public void run() {
         for (int i = 0; i < cspaces.length; i++) {
+            System.out.println("Profile: " + csNames[i]);
             ICC_Profile pf = ICC_Profile.getInstance(cspaces[i]);
             byte [] data = pf.getData();
             pf = ICC_Profile.getInstance(data);
@@ -92,6 +93,10 @@
             }
 
             for (int tagSig : tags[i].keySet()) {
+                String signature = SigToString(tagSig);
+                System.out.printf("Tag: %s\n", signature);
+                System.out.flush();
+
                 byte [] tagData = pf.getData(tagSig);
                 byte [] empty = new byte[tagData.length];
                 boolean emptyDataRejected = false;
@@ -104,15 +109,23 @@
                     throw new
                         RuntimeException("Test failed: empty tag data was not rejected.");
                 }
-                pf.setData(tagSig, tagData);
-
+                try {
+                    pf.setData(tagSig, tagData);
+                } catch (IllegalArgumentException e) {
+                    // let's ignore this exception for Kodak proprietary tags
+                    if (isKodakExtention(signature)) {
+                        System.out.println("Ignore Kodak tag: " + signature);
+                    } else {
+                        throw new RuntimeException("Test failed!", e);
+                    }
+                }
                 byte [] tagData1 = pf.getData(tagSig);
 
                 if (!Arrays.equals(tagData1, tags[i].get(tagSig)))
                 {
                     System.err.println("Incorrect result of getData(int) with" +
                                        " tag " +
-                                       Integer.toHexString(tagSig) +
+                                       SigToString(tagSig) +
                                        " of " + csNames[i] + " profile");
 
                     throw new RuntimeException("Incorrect result of " +
@@ -122,6 +135,19 @@
         }
     }
 
+    private static boolean isKodakExtention(String signature) {
+        return signature.matches("K\\d\\d\\d");
+    }
+
+    private static String SigToString(int tagSig ) {
+              return String.format("%c%c%c%c",
+                        (char)(0xff & (tagSig >> 24)),
+                        (char)(0xff & (tagSig >> 16)),
+                        (char)(0xff & (tagSig >>  8)),
+                        (char)(0xff & (tagSig)));
+
+    }
+
     public static void main(String [] args) {
         ReadWriteProfileTest test = new ReadWriteProfileTest();
         test.run();
--- a/test/sun/security/krb5/ParseCAPaths.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/sun/security/krb5/ParseCAPaths.java	Tue Sep 24 14:34:55 2013 -0700
@@ -22,7 +22,7 @@
  */
 /*
  * @test
- * @bug 6789935
+ * @bug 6789935 8012615
  * @run main/othervm ParseCAPaths
  * @summary cross-realm capath search error
  */
@@ -35,37 +35,75 @@
     public static void main(String[] args) throws Exception {
         System.setProperty("java.security.krb5.conf",
                 System.getProperty("test.src", ".") +"/krb5-capaths.conf");
-        //System.setProperty("sun.security.krb5.debug", "true");
 
-        // Standard example
+        // MIT
         check("ANL.GOV", "TEST.ANL.GOV", "ANL.GOV");
         check("ANL.GOV", "ES.NET", "ANL.GOV");
         check("ANL.GOV", "PNL.GOV", "ANL.GOV", "ES.NET");
         check("ANL.GOV", "NERSC.GOV", "ANL.GOV", "ES.NET");
+        check("NERSC.GOV", "TEST.ANL.GOV", "NERSC.GOV", "ES.NET", "ANL.GOV");
+
+        // RedHat
+        // 3.6.2.1. Configuring a Shared Hierarchy of Names
+        check("AA.EXAMPLE.COM", "BB.EXAMPLE.COM",
+                "AA.EXAMPLE.COM", "EXAMPLE.COM");
+        check("SITE1.SALES.EXAMPLE.COM", "EVERYWHERE.EXAMPLE.COM",
+                "SITE1.SALES.EXAMPLE.COM", "SALES.EXAMPLE.COM",
+                "EXAMPLE.COM");
+        check("DEVEL.EXAMPLE.COM", "PROD.EXAMPLE.ORG",
+                "DEVEL.EXAMPLE.COM", "EXAMPLE.COM", "COM",
+                "ORG", "EXAMPLE.ORG");
+        // 3.6.2.2. Configuring Paths in krb5.conf
+        check("A.EXAMPLE.COM", "B.EXAMPLE.COM", "A.EXAMPLE.COM");
+        check("A.EXAMPLE.COM", "C.EXAMPLE.COM",
+                "A.EXAMPLE.COM", "B.EXAMPLE.COM");
+        check("A.EXAMPLE.COM", "D.EXAMPLE.COM",
+                "A.EXAMPLE.COM", "B.EXAMPLE.COM", "C.EXAMPLE.COM");
+
+        // The original JDK example
+        check("TIVOLI.COM", "IBM.COM", "TIVOLI.COM", "LDAPCENTRAL.NET",
+            "IBM_LDAPCENTRAL.COM", "MOONLITE.ORG");
+
         // Hierachical
-        check("N1.N.COM", "N2.N.COM", "N1.N.COM", "N.COM");     // 2 common
-        check("N1.N.COM", "N2.N3.COM", "N1.N.COM", "N.COM",     // 1 common
+        check("N1.N.COM", "N2.N.COM", "N1.N.COM", "N.COM");
+        check("N1.N.COM", "N2.N3.COM", "N1.N.COM", "N.COM",
                 "COM", "N3.COM");
-        check("N1.COM", "N2.COM", "N1.COM", "COM");             // 1 common
-        check("N1", "N2", "N1");                                // 0 common
-        // Extra garbages
-        check("A1.COM", "A4.COM", "A1.COM", "A2.COM");
+        check("N1.COM", "N2.COM", "N1.COM", "COM");
+        check("N1", "N2", "N1");
+        check("N1.COM", "N2.ORG", "N1.COM", "COM", "ORG");
+        check("N1.N.COM", "N.COM", "N1.N.COM");
+        check("X.N1.N.COM", "N.COM", "X.N1.N.COM", "N1.N.COM");
+        check("N.COM", "N1.N.COM", "N.COM");
+        check("N.COM", "X.N1.N.COM", "N.COM", "N1.N.COM");
+        check("A.B.C", "D.E.F", "A.B.C", "B.C", "C", "F", "E.F");
+
+        // Full path
+        check("A1.COM", "A2.COM", "A1.COM");
+        check("A1.COM", "A3.COM", "A1.COM", "A2.COM");
+        check("A1.COM", "A4.COM", "A1.COM", "A2.COM", "A3.COM");
+
+        // Shortest path
+        check("B1.COM", "B2.COM", "B1.COM");
         check("B1.COM", "B3.COM", "B1.COM", "B2.COM");
+        check("B1.COM", "B4.COM", "B1.COM", "B2.COM", "B3.COM");
+
         // Missing is "."
+        check("C1.COM", "C2.COM", "C1.COM", "COM");
         check("C1.COM", "C3.COM", "C1.COM", "C2.COM");
-        // Multiple path
-        check("D1.COM", "D4.COM", "D1.COM", "D2.COM");
-        check("E1.COM", "E4.COM", "E1.COM", "E2.COM");
-        check("F1.COM", "F4.COM", "F1.COM", "F9.COM");
-        // Infinite loop
-        check("G1.COM", "G3.COM", "G1.COM", "COM");
-        check("H1.COM", "H3.COM", "H1.COM");
+
+        // cRealm = .
+        check("D1.COM", "D2.COM", "D1.COM");
+
+        // Bad cases
+        check("E1.COM", "E2.COM", "E1.COM");
+        check("E1.COM", "E3.COM", "E1.COM", "E4.COM");
+        check("G1.COM", "G3.COM", "G1.COM", "G2.COM");
         check("I1.COM", "I4.COM", "I1.COM", "I5.COM");
-        // J2=J1 is the same as J2=.
-        check("J1.COM", "J2.COM", "J1.COM");
+
         // 7019384
         check("A9.PRAGUE.XXX.CZ", "SERVIS.XXX.CZ",
                 "A9.PRAGUE.XXX.CZ", "PRAGUE.XXX.CZ", "ROOT.XXX.CZ");
+
         if (failed != null) {
             throw failed;
         }
@@ -75,6 +113,7 @@
         try {
             check2(from, to, paths);
         } catch (Exception e) {
+            System.out.println("         " + e.getMessage());
             failed = e;
         }
     }
@@ -84,18 +123,14 @@
         System.out.println(from + " -> " + to);
         System.out.println("    expected: " + Arrays.toString(paths));
         String[] result = Realm.getRealmsList(from, to);
-        System.out.println("    result:   " + Arrays.toString(result));
-        if (result == null) {
-            if (paths.length == 0) {
-                // OK
-            } else {
-                throw new Exception("Shouldn't have a valid path.");
-            }
+        if (result == null || result.length == 0) {
+            throw new Exception("There is always a valid path.");
         } else if(result.length != paths.length) {
             throw new Exception("Length of path not correct");
         } else {
             for (int i=0; i<result.length; i++) {
                 if (!result[i].equals(paths[i])) {
+                    System.out.println("    result:   " + Arrays.toString(result));
                     throw new Exception("Path not same");
                 }
             }
--- a/test/sun/security/krb5/krb5-capaths.conf	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/sun/security/krb5/krb5-capaths.conf	Tue Sep 24 14:34:55 2013 -0700
@@ -1,6 +1,6 @@
 [capaths]
 
-# Standard
+# http://web.mit.edu/kerberos/krb5-1.5/krb5-1.5.4/doc/krb5-admin/capaths.html
 
 ANL.GOV = {
     TEST.ANL.GOV = .
@@ -14,81 +14,86 @@
 PNL.GOV = {
     ANL.GOV = ES.NET
 }
-NERSC.GOV = {
-    ANL.GOV = ES.NET
-}
+#NERSC.GOV = {
+#    ANL.GOV = ES.NET
+#}
 ES.NET = {
     ANL.GOV = .
 }
+NERSC.GOV = {
+    ANL.GOV = ES.NET
+    TEST.ANL.GOV = ES.NET
+    TEST.ANL.GOV = ANL.GOV
+    PNL.GOV = ES.NET
+    ES.NET = .
+}
 
-# Extra garbages
+# The original JDK example
+
+TIVOLI.COM = {
+    IBM.COM = IBM_LDAPCENTRAL.COM MOONLITE.ORG
+    IBM_LDAPCENTRAL.COM = LDAPCENTRAL.NET
+    LDAPCENTRAL.NET = .
+}
+
+# https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Managing_Smart_Cards/Setting_Up_Cross_Realm_Authentication.html
+
+A.EXAMPLE.COM = {
+    B.EXAMPLE.COM = .
+    C.EXAMPLE.COM = B.EXAMPLE.COM
+    D.EXAMPLE.COM = B.EXAMPLE.COM
+    D.EXAMPLE.COM = C.EXAMPLE.COM
+}
+
+# Full path
 
 A1.COM = {
     A2.COM = .
+    A3.COM = A2.COM
     A4.COM = A2.COM
-    A3.COM = A4.COM
-    A3.COM = A2.COM
+    A4.COM = A3.COM
 }
 
+# Shortest path
+
 B1.COM = {
     B2.COM = .
     B3.COM = B2.COM
-    B3.COM = B4.COM
+    B4.COM = B3.COM
 }
 
-# Missing is "."
+# If no sRealm key, fallback to hierarchy
 
 C1.COM = {
     C3.COM = C2.COM
 }
 
-# Multiple paths
+# cRealm is "."
 
 D1.COM = {
-    D2.COM = .
-    D3.COM = .
-    D4.COM = D2.COM
-    D4.COM = D3.COM
+    D2.COM=D1.COM
 }
 
+# Bad cases
+
 E1.COM = {
-    E2.COM = .
+    E2.COM = E2.COM
+    E3.COM = E4.COM
     E3.COM = .
-    E4.COM = E2.COM   E3.COM   E2.COM
 }
 
-# Shortest or First?
-
-F1.COM = {
-    F2.COM = .
-    F3.COM = F2.COM
-    F4.COM = F9.COM
-    F4.COM = F3.COM
-    F4.COM = F2.COM
-}
-
-# Infinite loop
-
 G1.COM = {
     G2.COM = G3.COM
     G3.COM = G2.COM
 }
 
-H1.COM = {
-    H2.COM = H3.COM
-    H3.COM = H2.COM
-    H3.COM = .
-}
-
 I1.COM = {
     I2.COM = I3.COM
     I3.COM = I2.COM
-    I4.COM = I2.COM I5.COM
+    I4.COM = I5.COM
 }
 
-J1.COM = {
-    J2.COM=J1.COM
-}
+# 7019384
 
 A9.PRAGUE.XXX.CZ = {
     PRAGUE.XXX.CZ = .
--- a/test/sun/tools/jstat/gcCapacityOutput1.awk	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/sun/tools/jstat/gcCapacityOutput1.awk	Tue Sep 24 14:34:55 2013 -0700
@@ -3,19 +3,19 @@
 # that the numerical values conform to a specific pattern, rather than
 # specific values.
 #
-# NGCMN    NGCMX     NGC     S0C   S1C       EC      OGCMN      OGCMX       OGC         OC      MCMN     MCMX      MC     YGC    FGC 
-#  2176.0   7232.0   2176.0   64.0   64.0   2048.0     6016.0    58304.0     6016.0     6016.0   8192.0  65536.0   8192.0   8192.0      0
+# NGCMN    NGCMX     NGC     S0C   S1C       EC      OGCMN      OGCMX       OGC         OC       MCMN     MCMX      MC     CCSMN    CCSMX     CCSC    YGC    FGC 
+#  4096.0 657408.0   8192.0  512.0  512.0   3072.0     6144.0  1312768.0     6144.0     6144.0    512.0 132096.0   5120.0    512.0 131072.0    512.0      1     0
 
 
 BEGIN	{
 	    headerlines=0; datalines=0; totallines=0
 	}
 
-/^ NGCMN    NGCMX     NGC     S0C   S1C       EC      OGCMN      OGCMX       OGC         OC       MCMN     MCMX      MC     YGC    FGC $/	{
+/^ NGCMN    NGCMX     NGC     S0C   S1C       EC      OGCMN      OGCMX       OGC         OC       MCMN     MCMX      MC     CCSMN    CCSMX     CCSC    YGC    FGC $/	{
 	    headerlines++;
 	}
 
-/^[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+$/	{
+/^[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+$/	{
 	    datalines++;
 	}
 
--- a/test/sun/tools/jstat/gcCauseOutput1.awk	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/sun/tools/jstat/gcCauseOutput1.awk	Tue Sep 24 14:34:55 2013 -0700
@@ -3,15 +3,15 @@
 # that the numerical values conform to a specific pattern, rather than
 # specific values.
 #
-#  S0     S1     E      O      P     YGC     YGCT    FGC    FGCT     GCT    LGCC                 GCC                 
-#  0.00 100.00  14.01   3.06  23.20      1    0.032     0    0.000    0.032 Allocation Failure   No GC           
+#  S0     S1     E      O      M     CCS    YGC     YGCT    FGC    FGCT     GCT    LGCC                 GCC                 
+#  0.00   0.00   0.00   9.97  90.94  87.70      2    0.013     0    0.000    0.013 Allocation Failure   No GC
 
 
 BEGIN	{
 	    headerlines=0; datalines=0; totallines=0
 	}
 
-/^  S0     S1     E      O      M     YGC     YGCT    FGC    FGCT     GCT    LGCC                 GCC                 $/	{
+/^  S0     S1     E      O      M     CCS    YGC     YGCT    FGC    FGCT     GCT    LGCC                 GCC                 $/	{
 	    headerlines++;
 	}
 
@@ -23,7 +23,7 @@
 # or more letters and spaces. It also provides for the ".", "(", and ")"
 # characters to allow for the string "System.gc()".
 #
-/^[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[a-zA-Z]+[a-zA-Z \.\(\)]*[ ]*[a-zA-Z]+[a-zA-Z \.\(\)]*$/	{
+/^[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[a-zA-Z]+[a-zA-Z \.\(\)]*[ ]*[a-zA-Z]+[a-zA-Z \.\(\)]*$/	{
 	    datalines++;
 	}
 
--- a/test/sun/tools/jstat/gcMetaCapacityOutput1.awk	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/sun/tools/jstat/gcMetaCapacityOutput1.awk	Tue Sep 24 14:34:55 2013 -0700
@@ -3,18 +3,18 @@
 # that the numerical values conform to a specific pattern, rather than
 # specific values.
 #
-#   MCMN       MCMX        MC      YGC   FGC    FGCT     GCT   
-#    8192.0    65536.0     8192.0     8192.0     1     0    0.000    0.029
+#   MCMN       MCMX        MC       CCSMN      CCSMX       CCSC     YGC   FGC    FGCT     GCT   
+#     512.0   132096.0     5120.0      512.0   131072.0      512.0     1     0    0.000    0.004
 
 BEGIN	{
 	    headerlines=0; datalines=0; totallines=0
 	}
 
-/^   MCMN       MCMX        MC      YGC   FGC    FGCT     GCT   $/	{
+/^   MCMN       MCMX        MC       CCSMN      CCSMX       CCSC     YGC   FGC    FGCT     GCT   $/	{
 	    headerlines++;
 	}
 
-/^[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+$/	{
+/^[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+$/	{
 	    datalines++;
 	}
 
--- a/test/sun/tools/jstat/gcOldOutput1.awk	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/sun/tools/jstat/gcOldOutput1.awk	Tue Sep 24 14:34:55 2013 -0700
@@ -3,19 +3,19 @@
 # that the numerical values conform to a specific pattern, rather than
 # specific values.
 #
-#   MC       MU        OC          OU       YGC    FGC    FGCT     GCT   
-#  8192.0   1877.3      6016.0       180.8      1     0    0.000    0.030
+#   MC       MU      CCSC     CCSU       OC          OU       YGC    FGC    FGCT     GCT   
+#  5120.0   4152.0    512.0    397.9      6144.0       200.0      1     0    0.000    0.005
 
 
 BEGIN	{
 	    headerlines=0; datalines=0; totallines=0
 	}
 
-/^   MC       MU        OC          OU       YGC    FGC    FGCT     GCT   $/	{
+/^   MC       MU      CCSC     CCSU       OC          OU       YGC    FGC    FGCT     GCT   $/	{
 	    headerlines++;
 	}
 
-/^[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+$/	{
+/^[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+$/	{
 	    datalines++;
 	}
 
--- a/test/sun/tools/jstat/gcOutput1.awk	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/sun/tools/jstat/gcOutput1.awk	Tue Sep 24 14:34:55 2013 -0700
@@ -3,19 +3,19 @@
 # that the numerical values conform to a specific pattern, rather than
 # specific values.
 #
-# S0C    S1C    S0U    S1U      EC       EU        OC         OU       MC     MU    YGC     YGCT    FGC    FGCT     GCT   
-# 64.0   64.0   0.0    0.0    2048.0   1711.2    6016.0      0.0     8192.0 1948.6      0    0.000   0      0.000    0.000
+# S0C    S1C    S0U    S1U      EC       EU        OC         OU       MC     MU    CCSC   CCSU   YGC     YGCT    FGC    FGCT     GCT   
+# 512.0  512.0   0.0   496.0   3072.0   615.5     6144.0     280.0    5120.0 4176.0 512.0  401.0       1    0.005   0      0.000    0.005
 
 
 BEGIN	{
 	    headerlines=0; datalines=0; totallines=0
 	}
 
-/^ S0C    S1C    S0U    S1U      EC       EU        OC         OU       MC     MU    YGC     YGCT    FGC    FGCT     GCT   $/	{
+/^ S0C    S1C    S0U    S1U      EC       EU        OC         OU       MC     MU    CCSC   CCSU   YGC     YGCT    FGC    FGCT     GCT   $/	{
 	    headerlines++;
 	}
 
-/^[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+$/	{
+/^[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+$/	{
 	    datalines++;
 	}
 
--- a/test/sun/tools/jstat/lineCounts1.awk	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/sun/tools/jstat/lineCounts1.awk	Tue Sep 24 14:34:55 2013 -0700
@@ -3,22 +3,22 @@
 # that the numerical values conform to a specific pattern, rather than
 # specific values.
 #
-#  S0     S1     E      O      M     YGC     YGCT    FGC    FGCT     GCT   
-#  0.00 100.00  68.87   1.24  27.75      1    0.044     0    0.000    0.044
-#  0.00 100.00  68.87   1.24  27.84      1    0.044     0    0.000    0.044
-#  0.00 100.00  68.87   1.24  27.84      1    0.044     0    0.000    0.044
-#  0.00 100.00  70.89   1.24  27.84      1    0.044     0    0.000    0.044
-#  0.00 100.00  70.89   1.24  27.84      1    0.044     0    0.000    0.044
+#  S0     S1     E      O      M     CCS    YGC     YGCT    FGC    FGCT     GCT   
+#  0.00  93.76  28.80   1.82  77.74  68.02      1    0.005     0    0.000    0.005
+#  0.00  93.76  73.04   1.82  77.74  68.02      1    0.005     0    0.000    0.005
+#  0.00  93.76  73.04   1.82  77.74  68.02      1    0.005     0    0.000    0.005
+#  0.00  93.76  73.04   1.82  77.74  68.02      1    0.005     0    0.000    0.005
+#  0.00  93.76  75.00   1.82  77.74  68.02      1    0.005     0    0.000    0.005
 
 BEGIN	{
 	    headerlines=0; datalines=0; totallines=0
 	}
 
-/^  S0     S1     E      O      M     YGC     YGCT    FGC    FGCT     GCT   $/	{
+/^  S0     S1     E      O      M     CCS    YGC     YGCT    FGC    FGCT     GCT   $/	{
 	    headerlines++;
 	}
 
-/^[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+$/	{
+/^[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+$/	{
 	    datalines++;
 	}
 
--- a/test/sun/tools/jstat/lineCounts2.awk	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/sun/tools/jstat/lineCounts2.awk	Tue Sep 24 14:34:55 2013 -0700
@@ -3,18 +3,18 @@
 # that the numerical values conform to a specific pattern, rather than
 # specific values.
 #
-#  S0     S1     E      O      M     YGC     YGCT    FGC    FGCT     GCT   
-#  0.00 100.00  68.87   1.24  27.75      1    0.044     0    0.000    0.044
+#  S0     S1     E      O      M     CCS    YGC     YGCT    FGC    FGCT     GCT   
+#  0.00  93.76  28.40   1.82  77.74  68.02      1    0.005     0    0.000    0.005
 
 BEGIN	{
 	    headerlines=0; datalines=0; totallines=0
 	}
 
-/^  S0     S1     E      O      M     YGC     YGCT    FGC    FGCT     GCT   $/	{
+/^  S0     S1     E      O      M     CCS    YGC     YGCT    FGC    FGCT     GCT   $/	{
 	    headerlines++;
 	}
 
-/^[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+$/	{
+/^[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+$/	{
 	    datalines++;
 	}
 
--- a/test/sun/tools/jstat/lineCounts3.awk	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/sun/tools/jstat/lineCounts3.awk	Tue Sep 24 14:34:55 2013 -0700
@@ -3,27 +3,27 @@
 # that the numerical values conform to a specific pattern, rather than
 # specific values.
 #
-#  S0     S1     E      O      M     YGC     YGCT    FGC    FGCT     GCT   
-#  0.00  99.99  66.81   1.24  26.55      1    0.028     0    0.000    0.028
-#  0.00  99.99  68.81   1.24  27.84      1    0.028     0    0.000    0.028
-#  0.00  99.99  70.81   1.24  27.84      1    0.028     0    0.000    0.028
-#  0.00  99.99  70.81   1.24  27.84      1    0.028     0    0.000    0.028
-#  0.00  99.99  70.81   1.24  27.84      1    0.028     0    0.000    0.028
-#  0.00  99.99  72.81   1.24  27.84      1    0.028     0    0.000    0.028
-#  0.00  99.99  72.81   1.24  27.84      1    0.028     0    0.000    0.028
-#  0.00  99.99  74.81   1.24  27.84      1    0.028     0    0.000    0.028
-#  0.00  99.99  74.81   1.24  27.84      1    0.028     0    0.000    0.028
-#  0.00  99.99  76.81   1.24  27.85      1    0.028     0    0.000    0.028
+#  S0     S1     E      O      M     CCS    YGC     YGCT    FGC    FGCT     GCT   
+#  0.00  93.76  26.48   1.95  77.78  68.02      1    0.006     0    0.000    0.006
+#  0.00  93.76  71.58   1.95  77.78  68.02      1    0.006     0    0.000    0.006
+#  0.00  93.76  73.58   1.95  77.78  68.02      1    0.006     0    0.000    0.006
+#  0.00  93.76  73.58   1.95  77.78  68.02      1    0.006     0    0.000    0.006
+#  0.00  93.76  73.58   1.95  77.78  68.02      1    0.006     0    0.000    0.006
+#  0.00  93.76  75.58   1.95  77.78  68.02      1    0.006     0    0.000    0.006
+#  0.00  93.76  75.58   1.95  77.78  68.02      1    0.006     0    0.000    0.006
+#  0.00  93.76  77.58   1.95  77.78  68.02      1    0.006     0    0.000    0.006
+#  0.00  93.76  77.58   1.95  77.78  68.02      1    0.006     0    0.000    0.006
+#  0.00  93.76  77.58   1.95  77.78  68.02      1    0.006     0    0.000    0.006
 
 BEGIN	{
 	    headerlines=0; datalines=0; totallines=0
         }
 
-/^  S0     S1     E      O      M     YGC     YGCT    FGC    FGCT     GCT   $/	{
+/^  S0     S1     E      O      M     CCS    YGC     YGCT    FGC    FGCT     GCT   $/	{
 	    headerlines++;
 	}
 
-/^[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+$/	{
+/^[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+$/	{
 	    datalines++;
 	}
 
--- a/test/sun/tools/jstat/lineCounts4.awk	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/sun/tools/jstat/lineCounts4.awk	Tue Sep 24 14:34:55 2013 -0700
@@ -3,30 +3,30 @@
 # that the numerical values conform to a specific pattern, rather than
 # specific values.
 #
-#  S0     S1     E      O      M     YGC     YGCT    FGC    FGCT     GCT   
-#  0.00  99.99  66.81   1.24  26.55      1    0.028     0    0.000    0.028
-#  0.00  99.99  68.81   1.24  27.84      1    0.028     0    0.000    0.028
-#  0.00  99.99  70.81   1.24  27.84      1    0.028     0    0.000    0.028
-#  0.00  99.99  70.81   1.24  27.84      1    0.028     0    0.000    0.028
-#  0.00  99.99  70.81   1.24  27.84      1    0.028     0    0.000    0.028
-#  0.00  99.99  72.81   1.24  27.84      1    0.028     0    0.000    0.028
-#  0.00  99.99  72.81   1.24  27.84      1    0.028     0    0.000    0.028
-#  0.00  99.99  74.81   1.24  27.84      1    0.028     0    0.000    0.028
-#  0.00  99.99  74.81   1.24  27.84      1    0.028     0    0.000    0.028
-#  0.00  99.99  76.81   1.24  27.85      1    0.028     0    0.000    0.028
-#  S0     S1     E      O      P     YGC     YGCT    FGC    FGCT     GCT   
-#  0.00  99.99  76.81   1.24  27.85      1    0.028     0    0.000    0.028
+#  S0     S1     E      O      M     CCS    YGC     YGCT    FGC    FGCT     GCT   
+#  0.00  96.88  66.55   2.34  77.78  68.02      1    0.003     0    0.000    0.003
+#  0.00  96.88  71.58   2.34  77.78  68.02      1    0.003     0    0.000    0.003
+#  0.00  96.88  73.58   2.34  77.78  68.02      1    0.003     0    0.000    0.003
+#  0.00  96.88  73.58   2.34  77.78  68.02      1    0.003     0    0.000    0.003
+#  0.00  96.88  73.58   2.34  77.78  68.02      1    0.003     0    0.000    0.003
+#  0.00  96.88  75.58   2.34  77.78  68.02      1    0.003     0    0.000    0.003
+#  0.00  96.88  75.58   2.34  77.78  68.02      1    0.003     0    0.000    0.003
+#  0.00  96.88  77.58   2.34  77.78  68.02      1    0.003     0    0.000    0.003
+#  0.00  96.88  77.58   2.34  77.78  68.02      1    0.003     0    0.000    0.003
+#  0.00  96.88  77.58   2.34  77.78  68.02      1    0.003     0    0.000    0.003
+#  S0     S1     E      O      M     CCS    YGC     YGCT    FGC    FGCT     GCT   
+#  0.00  96.88  79.58   2.34  77.78  68.02      1    0.003     0    0.000    0.003
 
 BEGIN	{
 	    headerlines=0; datalines=0; totallines=0
 	    datalines2=0;
         }
 
-/^  S0     S1     E      O      M     YGC     YGCT    FGC    FGCT     GCT   $/	{
+/^  S0     S1     E      O      M     CCS    YGC     YGCT    FGC    FGCT     GCT   $/	{
 	    headerlines++;
 	}
 
-/^[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+$/	{
+/^[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+$/	{
 	    if (headerlines == 2) {
 	        datalines2++;
 	    }
--- a/test/sun/tools/jstat/timeStamp1.awk	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/sun/tools/jstat/timeStamp1.awk	Tue Sep 24 14:34:55 2013 -0700
@@ -3,18 +3,18 @@
 # that the numerical values conform to a specific pattern, rather than
 # specific values.
 #
-#  S0     S1     E      O      M     YGC     YGCT    FGC    FGCT     GCT   
-#  0.00 100.00  68.87   1.24  27.75      1    0.044     0    0.000    0.044
+#Timestamp         S0     S1     E      O      M     CCS    YGC     YGCT    FGC    FGCT     GCT   
+#            0.3   0.00 100.00  68.74   1.95  77.73  68.02      1    0.004     0    0.000    0.004
 
 BEGIN	{
 	    headerlines=0; datalines=0; totallines=0
 	}
 
-/^Timestamp         S0     S1     E      O      M     YGC     YGCT    FGC    FGCT     GCT   $/	{
+/^Timestamp         S0     S1     E      O      M     CCS    YGC     YGCT    FGC    FGCT     GCT   $/	{
 	    headerlines++;
 	}
 
-/^[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+$/	{
+/^[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+$/	{
 	    datalines++;
 	}
 
--- a/test/sun/tools/jstatd/jstatGcutilOutput1.awk	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/sun/tools/jstatd/jstatGcutilOutput1.awk	Tue Sep 24 14:34:55 2013 -0700
@@ -3,22 +3,22 @@
 # that the numerical values conform to a specific pattern, rather than
 # specific values.
 #
-#  S0     S1     E      O      M     YGC     YGCT    FGC    FGCT     GCT   
-#  0.00 100.00  68.87   1.24  27.75      1    0.044     0    0.000    0.044
-#  0.00 100.00  68.87   1.24  27.84      1    0.044     0    0.000    0.044
-#  0.00 100.00  68.87   1.24  27.84      1    0.044     0    0.000    0.044
-#  0.00 100.00  70.89   1.24  27.84      1    0.044     0    0.000    0.044
-#  0.00 100.00  70.89   1.24  27.84      1    0.044     0    0.000    0.044
+#  S0     S1     E      O      M     CCS    YGC     YGCT    FGC    FGCT     GCT   
+#  0.00 100.00  56.99   7.81  95.03  87.56      1    0.009     0    0.000    0.009
+#  0.00 100.00  63.64   7.81  95.03  87.56      1    0.009     0    0.000    0.009
+#  0.00 100.00  64.68   7.81  95.03  87.56      1    0.009     0    0.000    0.009
+#  0.00 100.00  65.73   7.81  95.03  87.56      1    0.009     0    0.000    0.009
+#  0.00 100.00  67.22   7.81  95.03  87.56      1    0.009     0    0.000    0.009
 
 BEGIN	{
 	    headerlines=0; datalines=0; totallines=0
 	}
 
-/^  S0     S1     E      O      M     YGC     YGCT    FGC    FGCT     GCT   $/	{
+/^  S0     S1     E      O      M     CCS    YGC     YGCT    FGC    FGCT     GCT   $/	{
 	    headerlines++;
 	}
 
-/^[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+$/	{
+/^[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+[ ]*[0-9]+\.[0-9]+[ ]*[0-9]+\.[0-9]+$/	{
 	    datalines++;
 	}
 
--- a/test/tools/jar/ChangeDir.java	Tue Sep 24 14:17:42 2013 -0700
+++ b/test/tools/jar/ChangeDir.java	Tue Sep 24 14:34:55 2013 -0700
@@ -23,13 +23,15 @@
 
 /**
  * @test
- * @bug 4806786
+ * @bug 4806786 8023113
  * @summary jar -C doesn't ignore multiple // in path
  */
 
 import java.io.*;
+import java.nio.file.*;
 import java.util.*;
 import java.util.jar.*;
+import java.util.stream.Stream;
 import sun.tools.jar.Main;
 
 public class ChangeDir {
@@ -37,13 +39,16 @@
     private final static String fileName = "hello.txt";
 
     /** Remove dirs & files needed for test. */
-    private static void cleanup(File dir) throws Throwable {
-        if (dir != null && dir.exists()) {
-            for (File ff : dir.listFiles()) {
-                check(ff.delete());
+    private static void cleanup(Path dir) {
+        try {
+            if (Files.isDirectory(dir)) {
+                try (Stream<Path> s = Files.list(dir)) {
+                    s.forEach( p -> cleanup(p));
+                }
             }
-            check(dir.delete());
-            check(new File(jarName).delete());
+            Files.delete(dir);
+        } catch (IOException x) {
+            fail(x.toString());
         }
     }
 
@@ -62,19 +67,16 @@
     }
 
     static void doTest(String sep) throws Throwable {
-        File testDir = null;
-        JarFile jf = null;
+        Path topDir = Files.createTempDirectory("delete");
         try {
+            Files.deleteIfExists(Paths.get(jarName));
+
             // Create a subdirectory "a/b"
-            File f = File.createTempFile("delete", ".me");
-            String dirName = f.getParent();
-            testDir = new File(dirName + sep + "a" + sep + "b");
-            cleanup(testDir);
-            check(testDir.mkdirs());
+            Path testDir = Files.createDirectories(topDir.resolve("a").resolve("b"));
 
             // Create file in that subdirectory
-            File testFile = new File(testDir, fileName);
-            check(testFile.createNewFile());
+            Path testFile = testDir.resolve(fileName);
+            Files.createFile(testFile);
 
             // Create a jar file from that subdirectory, but with a // in the
             // path  name.
@@ -82,33 +84,32 @@
             argList.add("cf");
             argList.add(jarName);
             argList.add("-C");
-            argList.add(dirName + sep + "a" + sep + sep + "b"); // Note double 'sep' is intentional
+            argList.add(topDir.toString() + sep + "a" + sep + sep + "b"); // Note double 'sep' is intentional
             argList.add(fileName);
-            String jarArgs[] = new String[argList.size()];
-            jarArgs = argList.toArray(jarArgs);
 
             Main jarTool = new Main(System.out, System.err, "jar");
-            if (!jarTool.run(jarArgs)) {
+            if (!jarTool.run(argList.toArray(new String[argList.size()]))) {
                 fail("Could not create jar file.");
             }
 
             // Check that the entry for hello.txt does *not* have a pathname.
-            jf = new JarFile(jarName);
-            for (Enumeration<JarEntry> i = jf.entries(); i.hasMoreElements();) {
-                JarEntry je = i.nextElement();
-                String name = je.getName();
-                if (name.indexOf(fileName) != -1) {
-                    if (name.indexOf(fileName) != 0) {
-                        fail(String.format(
-                                 "Expected '%s' but got '%s'%n", fileName, name));
+            try (JarFile jf = new JarFile(jarName)) {
+                for (Enumeration<JarEntry> i = jf.entries(); i.hasMoreElements();) {
+                    JarEntry je = i.nextElement();
+                    String name = je.getName();
+                    if (name.indexOf(fileName) != -1) {
+                        if (name.indexOf(fileName) != 0) {
+                            fail(String.format(
+                                     "Expected '%s' but got '%s'%n", fileName, name));
+                        } else {
+                            pass();
+                        }
                     }
                 }
             }
         } finally {
-            if (jf != null) {
-                jf.close();
-            }
-            cleanup(testDir);
+            cleanup(topDir);
+            Files.deleteIfExists(Paths.get(jarName));
         }
     }
 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/tools/launcher/DiacriticTest.java	Tue Sep 24 14:34:55 2013 -0700
@@ -0,0 +1,76 @@
+/*
+ * Copyright (c) 2013 Oracle and/or its affiliates. All right