changeset 17729:e78706585c43

Merge
author sspitsyn
date Mon, 28 Aug 2017 07:53:26 +0000
parents 1f8498df012c 16daa56570b8
children c8796a577885 daed9a0332d3 ab44eeefaac9
files src/jdk.security.auth/share/classes/com/sun/security/auth/PolicyFile.java src/jdk.security.auth/share/classes/com/sun/security/auth/SolarisNumericGroupPrincipal.java src/jdk.security.auth/share/classes/com/sun/security/auth/SolarisNumericUserPrincipal.java src/jdk.security.auth/share/classes/com/sun/security/auth/SolarisPrincipal.java src/jdk.security.auth/share/classes/com/sun/security/auth/X500Principal.java src/jdk.security.auth/share/classes/com/sun/security/auth/module/SolarisLoginModule.java src/jdk.security.auth/share/classes/com/sun/security/auth/module/SolarisSystem.java src/jdk.security.auth/solaris/native/libjaas/Solaris.c
diffstat 44 files changed, 324 insertions(+), 2114 deletions(-) [+]
line wrap: on
line diff
--- a/.hgtags	Mon Aug 28 00:49:06 2017 -0700
+++ b/.hgtags	Mon Aug 28 07:53:26 2017 +0000
@@ -444,3 +444,4 @@
 b561eeca30decc6258b4aca8bb23beffbb6e2f7d jdk-10+19
 4feab1acec6a9c3620a19ff379a65ab8618d0e2a jdk-9+180
 bd66ea2fdde3d60a73b5272263a7b8b0ca926a33 jdk-9+181
+6256e94781f55e6f9e04eb284298d00eb9c5e106 jdk-10+20
--- a/make/mapfiles/libjaas/mapfile-vers	Mon Aug 28 00:49:06 2017 -0700
+++ b/make/mapfiles/libjaas/mapfile-vers	Mon Aug 28 07:53:26 2017 +0000
@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2005, 2017, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
@@ -27,7 +27,6 @@
 
 SUNWprivate_1.1 {
 	global:
-            Java_com_sun_security_auth_module_SolarisSystem_getSolarisInfo;
             Java_com_sun_security_auth_module_UnixSystem_getUnixInfo;
         local:
 	    *;
--- a/src/java.base/share/classes/java/io/BufferedInputStream.java	Mon Aug 28 00:49:06 2017 -0700
+++ b/src/java.base/share/classes/java/io/BufferedInputStream.java	Mon Aug 28 07:53:26 2017 +0000
@@ -24,7 +24,8 @@
  */
 
 package java.io;
-import java.util.concurrent.atomic.AtomicReferenceFieldUpdater;
+
+import jdk.internal.misc.Unsafe;
 
 /**
  * A <code>BufferedInputStream</code> adds
@@ -61,22 +62,27 @@
     private static int MAX_BUFFER_SIZE = Integer.MAX_VALUE - 8;
 
     /**
+     * As this class is used early during bootstrap, it's motivated to use
+     * Unsafe.compareAndSetObject instead of AtomicReferenceFieldUpdater
+     * (or VarHandles) to reduce dependencies and improve startup time.
+     */
+    private static final Unsafe U = Unsafe.getUnsafe();
+
+    private static final long BUF_OFFSET
+            = U.objectFieldOffset(BufferedInputStream.class, "buf");
+
+    /**
      * The internal buffer array where the data is stored. When necessary,
      * it may be replaced by another array of
      * a different size.
      */
-    protected volatile byte buf[];
-
-    /**
-     * Atomic updater to provide compareAndSet for buf. This is
-     * necessary because closes can be asynchronous. We use nullness
-     * of buf[] as primary indicator that this stream is closed. (The
-     * "in" field is also nulled out on close.)
+    /*
+     * We null this out with a CAS on close(), which is necessary since
+     * closes can be asynchronous. We use nullness of buf[] as primary
+     * indicator that this stream is closed. (The "in" field is also
+     * nulled out on close.)
      */
-    private static final
-        AtomicReferenceFieldUpdater<BufferedInputStream, byte[]> bufUpdater =
-        AtomicReferenceFieldUpdater.newUpdater
-        (BufferedInputStream.class,  byte[].class, "buf");
+    protected volatile byte[] buf;
 
     /**
      * The index one greater than the index of the last valid byte in
@@ -230,9 +236,9 @@
                         pos * 2 : MAX_BUFFER_SIZE;
                 if (nsz > marklimit)
                     nsz = marklimit;
-                byte nbuf[] = new byte[nsz];
+                byte[] nbuf = new byte[nsz];
                 System.arraycopy(buffer, 0, nbuf, 0, pos);
-                if (!bufUpdater.compareAndSet(this, buffer, nbuf)) {
+                if (!U.compareAndSetObject(this, BUF_OFFSET, buffer, nbuf)) {
                     // Can't replace buf if there was an async close.
                     // Note: This would need to be changed if fill()
                     // is ever made accessible to multiple threads.
@@ -476,7 +482,7 @@
     public void close() throws IOException {
         byte[] buffer;
         while ( (buffer = buf) != null) {
-            if (bufUpdater.compareAndSet(this, buffer, null)) {
+            if (U.compareAndSetObject(this, BUF_OFFSET, buffer, null)) {
                 InputStream input = in;
                 in = null;
                 if (input != null)
--- a/src/java.base/share/classes/java/io/ObjectInputFilter.java	Mon Aug 28 00:49:06 2017 -0700
+++ b/src/java.base/share/classes/java/io/ObjectInputFilter.java	Mon Aug 28 07:53:26 2017 +0000
@@ -34,6 +34,7 @@
 import java.util.Optional;
 import java.util.function.Function;
 
+import jdk.internal.misc.SharedSecrets;
 
 /**
  * Filter classes, array lengths, and graph metrics during deserialization.
@@ -265,6 +266,9 @@
                         return null;
                     });
             configLog = (configuredFilter != null) ? System.getLogger("java.io.serialization") : null;
+
+            // Setup shared secrets for RegistryImpl to use.
+            SharedSecrets.setJavaObjectInputFilterAccess(Config::createFilter2);
         }
 
         /**
@@ -370,7 +374,20 @@
          */
         public static ObjectInputFilter createFilter(String pattern) {
             Objects.requireNonNull(pattern, "pattern");
-            return Global.createFilter(pattern);
+            return Global.createFilter(pattern, true);
+        }
+
+        /**
+         * Returns an ObjectInputFilter from a string of patterns that
+         * checks only the length for arrays, not the component type.
+         *
+         * @param pattern the pattern string to parse; not null
+         * @return a filter to check a class being deserialized;
+         *          {@code null} if no patterns
+         */
+        static ObjectInputFilter createFilter2(String pattern) {
+            Objects.requireNonNull(pattern, "pattern");
+            return Global.createFilter(pattern, false);
         }
 
         /**
@@ -404,20 +421,26 @@
              * Maximum length of any array.
              */
             private long maxArrayLength;
+            /**
+             * True to check the component type for arrays.
+             */
+            private final boolean checkComponentType;
 
             /**
              * Returns an ObjectInputFilter from a string of patterns.
              *
              * @param pattern the pattern string to parse
+             * @param checkComponentType true if the filter should check
+             *                           the component type of arrays
              * @return a filter to check a class being deserialized;
              *          {@code null} if no patterns
              * @throws IllegalArgumentException if the parameter is malformed
              *                if the pattern is missing the name, the long value
              *                is not a number or is negative.
              */
-            static ObjectInputFilter createFilter(String pattern) {
+            static ObjectInputFilter createFilter(String pattern, boolean checkComponentType) {
                 try {
-                    return new Global(pattern);
+                    return new Global(pattern, checkComponentType);
                 } catch (UnsupportedOperationException uoe) {
                     // no non-empty patterns
                     return null;
@@ -428,12 +451,15 @@
              * Construct a new filter from the pattern String.
              *
              * @param pattern a pattern string of filters
+             * @param checkComponentType true if the filter should check
+             *                           the component type of arrays
              * @throws IllegalArgumentException if the pattern is malformed
              * @throws UnsupportedOperationException if there are no non-empty patterns
              */
-            private Global(String pattern) {
+            private Global(String pattern, boolean checkComponentType) {
                 boolean hasLimits = false;
                 this.pattern = pattern;
+                this.checkComponentType = checkComponentType;
 
                 maxArrayLength = Long.MAX_VALUE; // Default values are unlimited
                 maxDepth = Long.MAX_VALUE;
@@ -595,6 +621,10 @@
                             // array length is too big
                             return Status.REJECTED;
                         }
+                        if (!checkComponentType) {
+                            // As revised; do not check the component type for arrays
+                            return Status.UNDECIDED;
+                        }
                         do {
                             // Arrays are decided based on the component type
                             clazz = clazz.getComponentType();
--- a/src/java.base/share/classes/java/text/ChoiceFormat.java	Mon Aug 28 00:49:06 2017 -0700
+++ b/src/java.base/share/classes/java/text/ChoiceFormat.java	Mon Aug 28 07:53:26 2017 +0000
@@ -202,26 +202,26 @@
                 segments[part].append(ch);
             } else if (ch == '<' || ch == '#' || ch == '\u2264') {
                 if (segments[0].length() == 0) {
-                    throw new IllegalArgumentException();
+                    throw new IllegalArgumentException("Each interval must"
+                            + " contain a number before a format");
                 }
-                try {
-                    String tempBuffer = segments[0].toString();
-                    if (tempBuffer.equals("\u221E")) {
-                        startValue = Double.POSITIVE_INFINITY;
-                    } else if (tempBuffer.equals("-\u221E")) {
-                        startValue = Double.NEGATIVE_INFINITY;
-                    } else {
-                        startValue = Double.valueOf(segments[0].toString()).doubleValue();
-                    }
-                } catch (Exception e) {
-                    throw new IllegalArgumentException();
+
+                String tempBuffer = segments[0].toString();
+                if (tempBuffer.equals("\u221E")) {
+                    startValue = Double.POSITIVE_INFINITY;
+                } else if (tempBuffer.equals("-\u221E")) {
+                    startValue = Double.NEGATIVE_INFINITY;
+                } else {
+                    startValue = Double.valueOf(tempBuffer);
                 }
+
                 if (ch == '<' && startValue != Double.POSITIVE_INFINITY &&
                         startValue != Double.NEGATIVE_INFINITY) {
                     startValue = nextDouble(startValue);
                 }
                 if (startValue <= oldStartValue) {
-                    throw new IllegalArgumentException();
+                    throw new IllegalArgumentException("Incorrect order of"
+                            + " intervals, must be in ascending order");
                 }
                 segments[0].setLength(0);
                 part = 1;
--- a/src/java.base/share/classes/java/util/jar/JarFile.java	Mon Aug 28 00:49:06 2017 -0700
+++ b/src/java.base/share/classes/java/util/jar/JarFile.java	Mon Aug 28 07:53:26 2017 +0000
@@ -25,21 +25,36 @@
 
 package java.util.jar;
 
-import java.io.*;
-import java.lang.ref.SoftReference;
-import java.net.URL;
-import java.util.*;
-import java.util.stream.Stream;
-import java.util.stream.StreamSupport;
-import java.util.zip.*;
-import java.security.CodeSigner;
-import java.security.cert.Certificate;
-import java.security.CodeSource;
 import jdk.internal.misc.SharedSecrets;
 import sun.security.action.GetPropertyAction;
 import sun.security.util.ManifestEntryVerifier;
 import sun.security.util.SignatureFileVerifier;
 
+import java.io.ByteArrayInputStream;
+import java.io.EOFException;
+import java.io.File;
+import java.io.IOException;
+import java.io.InputStream;
+import java.lang.ref.SoftReference;
+import java.net.URL;
+import java.security.CodeSigner;
+import java.security.CodeSource;
+import java.security.cert.Certificate;
+import java.util.ArrayList;
+import java.util.Enumeration;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Locale;
+import java.util.NoSuchElementException;
+import java.util.Objects;
+import java.util.Spliterator;
+import java.util.Spliterators;
+import java.util.stream.Stream;
+import java.util.stream.StreamSupport;
+import java.util.zip.ZipEntry;
+import java.util.zip.ZipException;
+import java.util.zip.ZipFile;
+
 /**
  * The {@code JarFile} class is used to read the contents of a jar file
  * from any file that can be opened with {@code java.io.RandomAccessFile}.
@@ -848,7 +863,7 @@
     private static final byte[] MULTIRELEASE_OPTOSFT;
 
     static {
-        CLASSPATH_LASTOCC = new byte[64];
+        CLASSPATH_LASTOCC = new byte[65];
         CLASSPATH_OPTOSFT = new byte[12];
         CLASSPATH_LASTOCC[(int)'C' - 32] = 1;
         CLASSPATH_LASTOCC[(int)'L' - 32] = 2;
@@ -865,7 +880,7 @@
         }
         CLASSPATH_OPTOSFT[11] = 1;
 
-        MULTIRELEASE_LASTOCC = new byte[64];
+        MULTIRELEASE_LASTOCC = new byte[65];
         MULTIRELEASE_OPTOSFT = new byte[19];
         MULTIRELEASE_LASTOCC[(int)'M' - 32] = 1;
         MULTIRELEASE_LASTOCC[(int)'I' - 32] = 5;
--- a/src/java.base/share/classes/javax/security/auth/Policy.java	Mon Aug 28 00:49:06 2017 -0700
+++ b/src/java.base/share/classes/javax/security/auth/Policy.java	Mon Aug 28 07:53:26 2017 +0000
@@ -82,13 +82,13 @@
  *
  * <pre>
  *      grant CodeBase "foo.com", Signedby "foo",
- *            Principal com.sun.security.auth.SolarisPrincipal "duke" {
+ *            Principal com.sun.security.auth.UnixPrincipal "duke" {
  *          permission java.io.FilePermission "/home/duke", "read, write";
  *      };
  * </pre>
  *
  * This <b><i>grant</i></b> entry specifies that code from "foo.com",
- * signed by "foo', and running as a {@code SolarisPrincipal} with the
+ * signed by "foo', and running as a {@code UnixPrincipal} with the
  * name, duke, has one {@code Permission}.  This {@code Permission}
  * permits the executing code to read and write files in the directory,
  * "/home/duke".
@@ -107,8 +107,8 @@
  * for that {@code Subject} to be granted the specified Permissions.
  *
  * <pre>
- *      grant Principal com.sun.security.auth.SolarisPrincipal "duke",
- *            Principal com.sun.security.auth.SolarisNumericUserPrincipal "0" {
+ *      grant Principal com.sun.security.auth.UnixPrincipal "duke",
+ *            Principal com.sun.security.auth.UnixNumericUserPrincipal "0" {
  *          permission java.io.FilePermission "/home/duke", "read, write";
  *          permission java.net.SocketPermission "duke.com", "connect";
  *      };
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/java.base/share/classes/jdk/internal/misc/JavaObjectInputFilterAccess.java	Mon Aug 28 07:53:26 2017 +0000
@@ -0,0 +1,38 @@
+/*
+ * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package jdk.internal.misc;
+
+import java.io.ObjectInputFilter;
+
+/**
+ * Access to the alternative ObjectInputFilter.Config.createFilter2 for RMI.
+ */
+public interface JavaObjectInputFilterAccess {
+    /**
+     * Creates a filter from the pattern.
+     */
+    ObjectInputFilter createFilter2(String pattern);
+}
--- a/src/java.base/share/classes/jdk/internal/misc/SharedSecrets.java	Mon Aug 28 00:49:06 2017 -0700
+++ b/src/java.base/share/classes/jdk/internal/misc/SharedSecrets.java	Mon Aug 28 07:53:26 2017 +0000
@@ -25,6 +25,7 @@
 
 package jdk.internal.misc;
 
+import java.io.ObjectInputFilter;
 import java.lang.module.ModuleDescriptor;
 import java.util.ResourceBundle;
 import java.util.jar.JarFile;
@@ -70,6 +71,7 @@
     private static JavaAWTFontAccess javaAWTFontAccess;
     private static JavaBeansAccess javaBeansAccess;
     private static JavaObjectInputStreamAccess javaObjectInputStreamAccess;
+    private static JavaObjectInputFilterAccess javaObjectInputFilterAccess;
     private static JavaIORandomAccessFileAccess javaIORandomAccessFileAccess;
 
     public static JavaUtilJarAccess javaUtilJarAccess() {
@@ -315,6 +317,17 @@
         javaObjectInputStreamAccess = access;
     }
 
+    public static JavaObjectInputFilterAccess getJavaObjectInputFilterAccess() {
+        if (javaObjectInputFilterAccess == null) {
+            unsafe.ensureClassInitialized(ObjectInputFilter.Config.class);
+        }
+        return javaObjectInputFilterAccess;
+    }
+
+    public static void setJavaObjectInputFilterAccess(JavaObjectInputFilterAccess access) {
+        javaObjectInputFilterAccess = access;
+    }
+
     public static void setJavaIORandomAccessFileAccess(JavaIORandomAccessFileAccess jirafa) {
         javaIORandomAccessFileAccess = jirafa;
     }
--- a/src/java.base/share/classes/sun/security/util/AuthResources.java	Mon Aug 28 00:49:06 2017 -0700
+++ b/src/java.base/share/classes/sun/security/util/AuthResources.java	Mon Aug 28 07:53:26 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -95,51 +95,6 @@
                 "Kerberos username [{0}]: "},
         {"Kerberos.password.for.username.",
                 "Kerberos password for {0}: "},
-
-        /***    EVERYTHING BELOW IS DEPRECATED  ***/
-
-        // com.sun.security.auth.PolicyFile
-        {".error.parsing.", ": error parsing "},
-        {"COLON", ": "},
-        {".error.adding.Permission.", ": error adding Permission "},
-        {"SPACE", " "},
-        {"NEWLINE", "\n"},
-        {".error.adding.Entry.", ": error adding Entry "},
-        {"LPARAM", "("},
-        {"RPARAM", ")"},
-        {"attempt.to.add.a.Permission.to.a.readonly.PermissionCollection",
-            "attempt to add a Permission to a readonly PermissionCollection"},
-
-        // com.sun.security.auth.PolicyParser
-        {"expected.keystore.type", "expected keystore type"},
-        {"can.not.specify.Principal.with.a.wildcard.class.without.a.wildcard.name",
-                "can not specify Principal with a wildcard class without a wildcard name"},
-        {"expected.codeBase.or.SignedBy", "expected codeBase or SignedBy"},
-        {"only.Principal.based.grant.entries.permitted",
-                "only Principal-based grant entries permitted"},
-        {"expected.permission.entry", "expected permission entry"},
-        {"number.", "number "},
-        {"expected.expect.read.end.of.file.",
-                "expected {0}, read end of file"},
-        {"expected.read.end.of.file", "expected ';', read end of file"},
-        {"line.", "line "},
-        {".expected.", ": expected '"},
-        {".found.", "', found '"},
-        {"QUOTE", "'"},
-
-        // SolarisPrincipals
-        {"SolarisNumericGroupPrincipal.Primary.Group.",
-                "SolarisNumericGroupPrincipal [Primary Group]: "},
-        {"SolarisNumericGroupPrincipal.Supplementary.Group.",
-                "SolarisNumericGroupPrincipal [Supplementary Group]: "},
-        {"SolarisNumericUserPrincipal.",
-                "SolarisNumericUserPrincipal: "},
-        {"SolarisPrincipal.", "SolarisPrincipal: "},
-        // provided.null.name is the NullPointerException message when a
-        // developer incorrectly passes a null name to the constructor of
-        // subclasses of java.security.Principal
-        {"provided.null.name", "provided null name"}
-
     };
 
     /**
--- a/src/java.base/share/classes/sun/security/util/AuthResources_de.java	Mon Aug 28 00:49:06 2017 -0700
+++ b/src/java.base/share/classes/sun/security/util/AuthResources_de.java	Mon Aug 28 07:53:26 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -95,50 +95,6 @@
                 "Kerberos-Benutzername [{0}]: "},
         {"Kerberos.password.for.username.",
                 "Kerberos-Kennwort f\u00FCr {0}: "},
-
-        /***    EVERYTHING BELOW IS DEPRECATED  ***/
-
-        // com.sun.security.auth.PolicyFile
-        {".error.parsing.", ": Parsefehler "},
-        {"COLON", ": "},
-        {".error.adding.Permission.", ": Fehler beim Hinzuf\u00FCgen der Berechtigung "},
-        {"SPACE", " "},
-        {".error.adding.Entry.", ": Fehler beim Hinzuf\u00FCgen des Eintrags "},
-        {"LPARAM", "("},
-        {"RPARAM", ")"},
-        {"attempt.to.add.a.Permission.to.a.readonly.PermissionCollection",
-            "Es wurde versucht, eine Berechtigung zu einer schreibgesch\u00FCtzten PermissionCollection hinzuzuf\u00FCgen"},
-
-        // com.sun.security.auth.PolicyParser
-        {"expected.keystore.type", "Keystore-Typ erwartet"},
-        {"can.not.specify.Principal.with.a.wildcard.class.without.a.wildcard.name",
-                "Principal kann nicht mit einer Platzhalterklasse ohne Platzhalternamen angegeben werden"},
-        {"expected.codeBase.or.SignedBy", "codeBase oder SignedBy erwartet"},
-        {"only.Principal.based.grant.entries.permitted",
-                "Nur Principal-basierte Berechtigungseintr\u00E4ge zul\u00E4ssig"},
-        {"expected.permission.entry", "Berechtigungseintrag erwartet"},
-        {"number.", "Nummer "},
-        {"expected.expect.read.end.of.file.",
-                "{0} erwartet, Dateiende gelesen"},
-        {"expected.read.end.of.file", "\";\" erwartet, Dateiende gelesen"},
-        {"line.", "Zeile "},
-        {".expected.", ": erwartet: \""},
-        {".found.", "\", gefunden: \""},
-        {"QUOTE", "'"},
-
-        // SolarisPrincipals
-        {"SolarisNumericGroupPrincipal.Primary.Group.",
-                "SolarisNumericGroupPrincipal [Prim\u00E4rgruppe]: "},
-        {"SolarisNumericGroupPrincipal.Supplementary.Group.",
-                "SolarisNumericGroupPrincipal [Zusatzgruppe]: "},
-        {"SolarisNumericUserPrincipal.",
-                "SolarisNumericUserPrincipal: "},
-        {"SolarisPrincipal.", "SolarisPrincipal: "},
-        // provided.null.name is the NullPointerException message when a
-        // developer incorrectly passes a null name to the constructor of
-        // subclasses of java.security.Principal
-        {"provided.null.name", "Nullname angegeben"}
-
     };
 
     /**
--- a/src/java.base/share/classes/sun/security/util/AuthResources_es.java	Mon Aug 28 00:49:06 2017 -0700
+++ b/src/java.base/share/classes/sun/security/util/AuthResources_es.java	Mon Aug 28 07:53:26 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -95,50 +95,6 @@
                 "Nombre de usuario de Kerberos [{0}]: "},
         {"Kerberos.password.for.username.",
                 "Contrase\u00F1a de Kerberos de {0}: "},
-
-        /***    EVERYTHING BELOW IS DEPRECATED  ***/
-
-        // com.sun.security.auth.PolicyFile
-        {".error.parsing.", ": error de an\u00E1lisis "},
-        {"COLON", ": "},
-        {".error.adding.Permission.", ": error al agregar el permiso "},
-        {"SPACE", " "},
-        {".error.adding.Entry.", ": error al agregar la entrada "},
-        {"LPARAM", "("},
-        {"RPARAM", ")"},
-        {"attempt.to.add.a.Permission.to.a.readonly.PermissionCollection",
-            "se ha intentado agregar un permiso a una recopilaci\u00F3n de permisos de s\u00F3lo lectura"},
-
-        // com.sun.security.auth.PolicyParser
-        {"expected.keystore.type", "se esperaba un tipo de almac\u00E9n de claves"},
-        {"can.not.specify.Principal.with.a.wildcard.class.without.a.wildcard.name",
-                "no se puede especificar Principal con una clase de comod\u00EDn sin un nombre de comod\u00EDn"},
-        {"expected.codeBase.or.SignedBy", "se esperaba codeBase o SignedBy"},
-        {"only.Principal.based.grant.entries.permitted",
-                "s\u00F3lo se permite otorgar entradas basadas en Principal"},
-        {"expected.permission.entry", "se esperaba un permiso de entrada"},
-        {"number.", "n\u00FAmero "},
-        {"expected.expect.read.end.of.file.",
-                "se esperaba [{0}], se ha le\u00EDdo final de archivo"},
-        {"expected.read.end.of.file", "se esperaba ';', se ha le\u00EDdo el final de archivo"},
-        {"line.", "l\u00EDnea "},
-        {".expected.", ": se esperaba '"},
-        {".found.", "', se ha encontrado '"},
-        {"QUOTE", "'"},
-
-        // SolarisPrincipals
-        {"SolarisNumericGroupPrincipal.Primary.Group.",
-                "SolarisNumericGroupPrincipal [Grupo Principal]: "},
-        {"SolarisNumericGroupPrincipal.Supplementary.Group.",
-                "SolarisNumericGroupPrincipal [Grupo Adicional]: "},
-        {"SolarisNumericUserPrincipal.",
-                "SolarisNumericUserPrincipal: "},
-        {"SolarisPrincipal.", "SolarisPrincipal: "},
-        // provided.null.name is the NullPointerException message when a
-        // developer incorrectly passes a null name to the constructor of
-        // subclasses of java.security.Principal
-        {"provided.null.name", "se ha proporcionado un nombre nulo"}
-
     };
 
     /**
--- a/src/java.base/share/classes/sun/security/util/AuthResources_fr.java	Mon Aug 28 00:49:06 2017 -0700
+++ b/src/java.base/share/classes/sun/security/util/AuthResources_fr.java	Mon Aug 28 07:53:26 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -95,50 +95,6 @@
                 "Nom utilisateur Kerberos [{0}] : "},
         {"Kerberos.password.for.username.",
                 "Mot de passe Kerberos pour {0} : "},
-
-        /***    EVERYTHING BELOW IS DEPRECATED  ***/
-
-        // com.sun.security.auth.PolicyFile
-        {".error.parsing.", ": erreur d'analyse "},
-        {"COLON", ": "},
-        {".error.adding.Permission.", ": erreur d'ajout de droit "},
-        {"SPACE", " "},
-        {".error.adding.Entry.", ": erreur d'ajout d'entr\u00E9e "},
-        {"LPARAM", "("},
-        {"RPARAM", ")"},
-        {"attempt.to.add.a.Permission.to.a.readonly.PermissionCollection",
-            "tentative d'ajout de droit \u00E0 un ensemble de droits en lecture seule"},
-
-        // com.sun.security.auth.PolicyParser
-        {"expected.keystore.type", "type de fichier de cl\u00E9s attendu"},
-        {"can.not.specify.Principal.with.a.wildcard.class.without.a.wildcard.name",
-                "impossible de sp\u00E9cifier le principal avec une classe g\u00E9n\u00E9rique sans nom g\u00E9n\u00E9rique"},
-        {"expected.codeBase.or.SignedBy", "codeBase ou SignedBy attendu"},
-        {"only.Principal.based.grant.entries.permitted",
-                "seules les entr\u00E9es bas\u00E9es sur Principal sont autoris\u00E9es"},
-        {"expected.permission.entry", "entr\u00E9e de droit attendue"},
-        {"number.", "nombre "},
-        {"expected.expect.read.end.of.file.",
-                "attendu {0}, lecture de fin de fichier"},
-        {"expected.read.end.of.file", "attendu ';', lecture de fin de fichier"},
-        {"line.", "ligne "},
-        {".expected.", ": attendu '"},
-        {".found.", "', trouv\u00E9 '"},
-        {"QUOTE", "'"},
-
-        // SolarisPrincipals
-        {"SolarisNumericGroupPrincipal.Primary.Group.",
-                "SolarisNumericGroupPrincipal [groupe principal] : "},
-        {"SolarisNumericGroupPrincipal.Supplementary.Group.",
-                "SolarisNumericGroupPrincipal [groupe suppl\u00E9mentaire] : "},
-        {"SolarisNumericUserPrincipal.",
-                "SolarisNumericUserPrincipal : "},
-        {"SolarisPrincipal.", "SolarisPrincipal : "},
-        // provided.null.name is the NullPointerException message when a
-        // developer incorrectly passes a null name to the constructor of
-        // subclasses of java.security.Principal
-        {"provided.null.name", "nom NULL fourni"}
-
     };
 
     /**
--- a/src/java.base/share/classes/sun/security/util/AuthResources_it.java	Mon Aug 28 00:49:06 2017 -0700
+++ b/src/java.base/share/classes/sun/security/util/AuthResources_it.java	Mon Aug 28 07:53:26 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -95,50 +95,6 @@
                 "Nome utente Kerberos [{0}]: "},
         {"Kerberos.password.for.username.",
                 "Password Kerberos per {0}: "},
-
-        /***    EVERYTHING BELOW IS DEPRECATED  ***/
-
-        // com.sun.security.auth.PolicyFile
-        {".error.parsing.", ": errore durante l'analisi "},
-        {"COLON", ": "},
-        {".error.adding.Permission.", ": errore durante l'aggiunta dell'autorizzazione "},
-        {"SPACE", " "},
-        {".error.adding.Entry.", ": errore durante l'aggiunta della voce "},
-        {"LPARAM", "("},
-        {"RPARAM", ")"},
-        {"attempt.to.add.a.Permission.to.a.readonly.PermissionCollection",
-            "tentativo di aggiungere un'autorizzazione a una PermissionCollection di sola lettura"},
-
-        // com.sun.security.auth.PolicyParser
-        {"expected.keystore.type", "tipo keystore previsto"},
-        {"can.not.specify.Principal.with.a.wildcard.class.without.a.wildcard.name",
-                "impossibile specificare un principal con una classe carattere jolly senza un nome carattere jolly"},
-        {"expected.codeBase.or.SignedBy", "previsto codeBase o SignedBy"},
-        {"only.Principal.based.grant.entries.permitted",
-                "sono consentiti solo valori garantiti basati sul principal"},
-        {"expected.permission.entry", "prevista voce di autorizzazione"},
-        {"number.", "numero "},
-        {"expected.expect.read.end.of.file.",
-                "previsto {0}, letto end of file"},
-        {"expected.read.end.of.file", "previsto ';', letto end of file"},
-        {"line.", "riga "},
-        {".expected.", ": previsto '"},
-        {".found.", "', trovato '"},
-        {"QUOTE", "'"},
-
-        // SolarisPrincipals
-        {"SolarisNumericGroupPrincipal.Primary.Group.",
-                "SolarisNumericGroupPrincipal [gruppo primario]: "},
-        {"SolarisNumericGroupPrincipal.Supplementary.Group.",
-                "SolarisNumericGroupPrincipal [gruppo supplementare]: "},
-        {"SolarisNumericUserPrincipal.",
-                "SolarisNumericUserPrincipal: "},
-        {"SolarisPrincipal.", "SolarisPrincipal: "},
-        // provided.null.name is the NullPointerException message when a
-        // developer incorrectly passes a null name to the constructor of
-        // subclasses of java.security.Principal
-        {"provided.null.name", "il nome fornito \u00E8 nullo"}
-
     };
 
     /**
--- a/src/java.base/share/classes/sun/security/util/AuthResources_ja.java	Mon Aug 28 00:49:06 2017 -0700
+++ b/src/java.base/share/classes/sun/security/util/AuthResources_ja.java	Mon Aug 28 07:53:26 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -95,50 +95,6 @@
                 "Kerberos\u30E6\u30FC\u30B6\u30FC\u540D[{0}]: "},
         {"Kerberos.password.for.username.",
                 "{0}\u306EKerberos\u30D1\u30B9\u30EF\u30FC\u30C9: "},
-
-        /***    EVERYTHING BELOW IS DEPRECATED  ***/
-
-        // com.sun.security.auth.PolicyFile
-        {".error.parsing.", ": \u89E3\u6790\u30A8\u30E9\u30FC "},
-        {"COLON", ": "},
-        {".error.adding.Permission.", ": \u30A2\u30AF\u30BB\u30B9\u6A29\u306E\u8FFD\u52A0\u30A8\u30E9\u30FC "},
-        {"SPACE", " "},
-        {".error.adding.Entry.", ": \u30A8\u30F3\u30C8\u30EA\u306E\u8FFD\u52A0\u30A8\u30E9\u30FC "},
-        {"LPARAM", "("},
-        {"RPARAM", ")"},
-        {"attempt.to.add.a.Permission.to.a.readonly.PermissionCollection",
-            "\u8AAD\u53D6\u308A\u5C02\u7528\u306EPermissionCollection\u306B\u30A2\u30AF\u30BB\u30B9\u6A29\u306E\u8FFD\u52A0\u304C\u8A66\u884C\u3055\u308C\u307E\u3057\u305F"},
-
-        // com.sun.security.auth.PolicyParser
-        {"expected.keystore.type", "\u4E88\u60F3\u3055\u308C\u305F\u30AD\u30FC\u30B9\u30C8\u30A2\u30FB\u30BF\u30A4\u30D7"},
-        {"can.not.specify.Principal.with.a.wildcard.class.without.a.wildcard.name",
-                "\u30EF\u30A4\u30EB\u30C9\u30AB\u30FC\u30C9\u540D\u306E\u306A\u3044\u30EF\u30A4\u30EB\u30C9\u30AB\u30FC\u30C9\u30FB\u30AF\u30E9\u30B9\u3092\u4F7F\u7528\u3057\u3066\u3001\u30D7\u30EA\u30F3\u30B7\u30D1\u30EB\u3092\u6307\u5B9A\u3059\u308B\u3053\u3068\u306F\u3067\u304D\u307E\u305B\u3093"},
-        {"expected.codeBase.or.SignedBy", "\u4E88\u60F3\u3055\u308C\u305FcodeBase\u307E\u305F\u306FSignedBy"},
-        {"only.Principal.based.grant.entries.permitted",
-                "\u30D7\u30EA\u30F3\u30B7\u30D1\u30EB\u30FB\u30D9\u30FC\u30B9\u306E\u30A8\u30F3\u30C8\u30EA\u306E\u307F\u304C\u8A31\u53EF\u3055\u308C\u307E\u3059\u3002"},
-        {"expected.permission.entry", "\u4E88\u60F3\u3055\u308C\u305F\u30A2\u30AF\u30BB\u30B9\u6A29\u30A8\u30F3\u30C8\u30EA"},
-        {"number.", "\u6570 "},
-        {"expected.expect.read.end.of.file.",
-                "{0}\u3067\u306F\u306A\u304F\u30D5\u30A1\u30A4\u30EB\u306E\u7D42\u308F\u308A\u304C\u8AAD\u307F\u8FBC\u307E\u308C\u307E\u3057\u305F"},
-        {"expected.read.end.of.file", "\u4E88\u60F3\u5024\u306F';'\u3067\u3059\u304C\u3001\u30D5\u30A1\u30A4\u30EB\u306E\u7D42\u308F\u308A\u304C\u8AAD\u307F\u8FBC\u307E\u308C\u307E\u3057\u305F"},
-        {"line.", "\u884C\u756A\u53F7 "},
-        {".expected.", ": \u4E88\u60F3\u5024'"},
-        {".found.", "',\u691C\u51FA\u5024'"},
-        {"QUOTE", "'"},
-
-        // SolarisPrincipals
-        {"SolarisNumericGroupPrincipal.Primary.Group.",
-                "SolarisNumericGroupPrincipal [\u4E3B\u30B0\u30EB\u30FC\u30D7]: "},
-        {"SolarisNumericGroupPrincipal.Supplementary.Group.",
-                "SolarisNumericGroupPrincipal [\u88DC\u52A9\u30B0\u30EB\u30FC\u30D7]: "},
-        {"SolarisNumericUserPrincipal.",
-                "SolarisNumericUserPrincipal: "},
-        {"SolarisPrincipal.", "SolarisPrincipal: "},
-        // provided.null.name is the NullPointerException message when a
-        // developer incorrectly passes a null name to the constructor of
-        // subclasses of java.security.Principal
-        {"provided.null.name", "null\u306E\u540D\u524D\u304C\u6307\u5B9A\u3055\u308C\u307E\u3057\u305F"}
-
     };
 
     /**
--- a/src/java.base/share/classes/sun/security/util/AuthResources_ko.java	Mon Aug 28 00:49:06 2017 -0700
+++ b/src/java.base/share/classes/sun/security/util/AuthResources_ko.java	Mon Aug 28 07:53:26 2017 +0000
@@ -95,50 +95,6 @@
                 "Kerberos \uC0AC\uC6A9\uC790 \uC774\uB984 [{0}]: "},
         {"Kerberos.password.for.username.",
                 "{0}\uC758 Kerberos \uBE44\uBC00\uBC88\uD638: "},
-
-        /***    EVERYTHING BELOW IS DEPRECATED  ***/
-
-        // com.sun.security.auth.PolicyFile
-        {".error.parsing.", ": \uAD6C\uBB38\uBD84\uC11D \uC624\uB958 "},
-        {"COLON", ": "},
-        {".error.adding.Permission.", ": \uAD8C\uD55C \uCD94\uAC00 \uC624\uB958 "},
-        {"SPACE", " "},
-        {".error.adding.Entry.", ": \uD56D\uBAA9 \uCD94\uAC00 \uC624\uB958 "},
-        {"LPARAM", "("},
-        {"RPARAM", ")"},
-        {"attempt.to.add.a.Permission.to.a.readonly.PermissionCollection",
-            "\uC77D\uAE30 \uC804\uC6A9 PermissionCollection\uC5D0 \uAD8C\uD55C\uC744 \uCD94\uAC00\uD558\uB824\uACE0 \uC2DC\uB3C4\uD588\uC2B5\uB2C8\uB2E4."},
-
-        // com.sun.security.auth.PolicyParser
-        {"expected.keystore.type", "\uD0A4 \uC800\uC7A5\uC18C \uC720\uD615\uC774 \uD544\uC694\uD569\uB2C8\uB2E4."},
-        {"can.not.specify.Principal.with.a.wildcard.class.without.a.wildcard.name",
-                "\uC640\uC77C\uB4DC \uCE74\uB4DC \uBB38\uC790 \uC774\uB984 \uC5C6\uC774 \uC640\uC77C\uB4DC \uCE74\uB4DC \uBB38\uC790 \uD074\uB798\uC2A4\uB97C \uC0AC\uC6A9\uD558\uB294 \uC8FC\uCCB4\uB97C \uC9C0\uC815\uD560 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4."},
-        {"expected.codeBase.or.SignedBy", "codeBase \uB610\uB294 SignedBy\uAC00 \uD544\uC694\uD569\uB2C8\uB2E4."},
-        {"only.Principal.based.grant.entries.permitted",
-                "\uC8FC\uCCB4 \uAE30\uBC18 \uAD8C\uD55C \uBD80\uC5EC \uD56D\uBAA9\uB9CC \uD5C8\uC6A9\uB429\uB2C8\uB2E4."},
-        {"expected.permission.entry", "\uAD8C\uD55C \uD56D\uBAA9\uC774 \uD544\uC694\uD569\uB2C8\uB2E4."},
-        {"number.", "\uC22B\uC790 "},
-        {"expected.expect.read.end.of.file.",
-                "{0}\uC774(\uAC00) \uD544\uC694\uD558\uC9C0\uB9CC \uD30C\uC77C\uC758 \uB05D\uC5D0 \uB3C4\uB2EC\uD588\uC2B5\uB2C8\uB2E4."},
-        {"expected.read.end.of.file", "';'\uC774 \uD544\uC694\uD558\uC9C0\uB9CC \uD30C\uC77C\uC758 \uB05D\uC5D0 \uB3C4\uB2EC\uD588\uC2B5\uB2C8\uB2E4."},
-        {"line.", "\uD589 "},
-        {".expected.", ": \uD544\uC694\uD55C \uD56D\uBAA9: '"},
-        {".found.", "', \uBC1C\uACAC\uB41C \uD56D\uBAA9: '"},
-        {"QUOTE", "'"},
-
-        // SolarisPrincipals
-        {"SolarisNumericGroupPrincipal.Primary.Group.",
-                "SolarisNumericGroupPrincipal [\uAE30\uBCF8 \uADF8\uB8F9]: "},
-        {"SolarisNumericGroupPrincipal.Supplementary.Group.",
-                "SolarisNumericGroupPrincipal [\uBCF4\uC870 \uADF8\uB8F9]: "},
-        {"SolarisNumericUserPrincipal.",
-                "SolarisNumericUserPrincipal: "},
-        {"SolarisPrincipal.", "SolarisPrincipal: "},
-        // provided.null.name is the NullPointerException message when a
-        // developer incorrectly passes a null name to the constructor of
-        // subclasses of java.security.Principal
-        {"provided.null.name", "\uB110 \uC774\uB984\uC744 \uC81C\uACF5\uD588\uC2B5\uB2C8\uB2E4."}
-
     };
 
     /**
--- a/src/java.base/share/classes/sun/security/util/AuthResources_pt_BR.java	Mon Aug 28 00:49:06 2017 -0700
+++ b/src/java.base/share/classes/sun/security/util/AuthResources_pt_BR.java	Mon Aug 28 07:53:26 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -95,50 +95,6 @@
                 "Nome do usu\u00E1rio de Kerberos [{0}]: "},
         {"Kerberos.password.for.username.",
                 "Senha de Kerberos de {0}: "},
-
-        /***    EVERYTHING BELOW IS DEPRECATED  ***/
-
-        // com.sun.security.auth.PolicyFile
-        {".error.parsing.", ": erro de parsing "},
-        {"COLON", ": "},
-        {".error.adding.Permission.", ": erro ao adicionar a Permiss\u00E3o "},
-        {"SPACE", " "},
-        {".error.adding.Entry.", ": erro ao adicionar a Entrada "},
-        {"LPARAM", "("},
-        {"RPARAM", ")"},
-        {"attempt.to.add.a.Permission.to.a.readonly.PermissionCollection",
-            "tentativa de adicionar uma Permiss\u00E3o a um PermissionCollection somente para leitura"},
-
-        // com.sun.security.auth.PolicyParser
-        {"expected.keystore.type", "tipo de armazenamento de chaves esperado"},
-        {"can.not.specify.Principal.with.a.wildcard.class.without.a.wildcard.name",
-                "n\u00E3o \u00E9 poss\u00EDvel especificar um principal com uma classe curinga sem um nome curinga"},
-        {"expected.codeBase.or.SignedBy", "CodeBase ou SignedBy esperado"},
-        {"only.Principal.based.grant.entries.permitted",
-                "somente \u00E9 permitido conceder entradas com base no Principal"},
-        {"expected.permission.entry", "entrada de permiss\u00E3o esperada"},
-        {"number.", "n\u00FAmero "},
-        {"expected.expect.read.end.of.file.",
-                "esperado {0}, ler fim do arquivo"},
-        {"expected.read.end.of.file", "esperado ';', fim de arquivo lido"},
-        {"line.", "linha "},
-        {".expected.", ": esperado '"},
-        {".found.", "', encontrado '"},
-        {"QUOTE", "'"},
-
-        // SolarisPrincipals
-        {"SolarisNumericGroupPrincipal.Primary.Group.",
-                "SolarisNumericGroupPrincipal [Grupo Principal]: "},
-        {"SolarisNumericGroupPrincipal.Supplementary.Group.",
-                "SolarisNumericGroupPrincipal [Grupo Complementar]: "},
-        {"SolarisNumericUserPrincipal.",
-                "SolarisNumericUserPrincipal: "},
-        {"SolarisPrincipal.", "SolarisPrincipal: "},
-        // provided.null.name is the NullPointerException message when a
-        // developer incorrectly passes a null name to the constructor of
-        // subclasses of java.security.Principal
-        {"provided.null.name", "nome nulo fornecido"}
-
     };
 
     /**
--- a/src/java.base/share/classes/sun/security/util/AuthResources_sv.java	Mon Aug 28 00:49:06 2017 -0700
+++ b/src/java.base/share/classes/sun/security/util/AuthResources_sv.java	Mon Aug 28 07:53:26 2017 +0000
@@ -95,50 +95,6 @@
                 "Kerberos-anv\u00E4ndarnamn [{0}]: "},
         {"Kerberos.password.for.username.",
                 "Kerberos-l\u00F6senord f\u00F6r {0}: "},
-
-        /***    EVERYTHING BELOW IS DEPRECATED  ***/
-
-        // com.sun.security.auth.PolicyFile
-        {".error.parsing.", ": tolkningsfel "},
-        {"COLON", ": "},
-        {".error.adding.Permission.", ": fel vid till\u00E4gg av beh\u00F6righet "},
-        {"SPACE", " "},
-        {".error.adding.Entry.", ": fel vid till\u00E4gg av post "},
-        {"LPARAM", "("},
-        {"RPARAM", ")"},
-        {"attempt.to.add.a.Permission.to.a.readonly.PermissionCollection",
-            "f\u00F6rs\u00F6k att l\u00E4gga till beh\u00F6righet till skrivskyddad PermissionCollection"},
-
-        // com.sun.security.auth.PolicyParser
-        {"expected.keystore.type", "f\u00F6rv\u00E4ntad nyckellagertyp"},
-        {"can.not.specify.Principal.with.a.wildcard.class.without.a.wildcard.name",
-                "kan inte ange identitetshavare med en jokerteckenklass utan ett jokerteckennamn"},
-        {"expected.codeBase.or.SignedBy", "f\u00F6rv\u00E4ntade codeBase eller SignedBy"},
-        {"only.Principal.based.grant.entries.permitted",
-                "endast identitetshavarbaserade poster till\u00E5ts"},
-        {"expected.permission.entry", "f\u00F6rv\u00E4ntade beh\u00F6righetspost"},
-        {"number.", "nummer"},
-        {"expected.expect.read.end.of.file.",
-                "f\u00F6rv\u00E4ntade {0}, l\u00E4ste filslut"},
-        {"expected.read.end.of.file", "f\u00F6rv\u00E4ntade ';', l\u00E4ste filslut"},
-        {"line.", "rad "},
-        {".expected.", ": f\u00F6rv\u00E4ntade '"},
-        {".found.", "', hittade '"},
-        {"QUOTE", "'"},
-
-        // SolarisPrincipals
-        {"SolarisNumericGroupPrincipal.Primary.Group.",
-                "SolarisNumericGroupPrincipal [prim\u00E4r grupp]: "},
-        {"SolarisNumericGroupPrincipal.Supplementary.Group.",
-                "SolarisNumericGroupPrincipal [till\u00E4ggsgrupp]: "},
-        {"SolarisNumericUserPrincipal.",
-                "SolarisNumericUserPrincipal: "},
-        {"SolarisPrincipal.", "SolarisPrincipal: "},
-        // provided.null.name is the NullPointerException message when a
-        // developer incorrectly passes a null name to the constructor of
-        // subclasses of java.security.Principal
-        {"provided.null.name", "null-namn angavs"}
-
     };
 
     /**
--- a/src/java.base/share/classes/sun/security/util/AuthResources_zh_CN.java	Mon Aug 28 00:49:06 2017 -0700
+++ b/src/java.base/share/classes/sun/security/util/AuthResources_zh_CN.java	Mon Aug 28 07:53:26 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -95,50 +95,6 @@
                 "Kerberos \u7528\u6237\u540D [{0}]: "},
         {"Kerberos.password.for.username.",
                 "{0}\u7684 Kerberos \u53E3\u4EE4: "},
-
-        /***    EVERYTHING BELOW IS DEPRECATED  ***/
-
-        // com.sun.security.auth.PolicyFile
-        {".error.parsing.", ": \u89E3\u6790\u65F6\u51FA\u9519 "},
-        {"COLON", ": "},
-        {".error.adding.Permission.", ": \u6DFB\u52A0\u6743\u9650\u65F6\u51FA\u9519 "},
-        {"SPACE", " "},
-        {".error.adding.Entry.", ": \u6DFB\u52A0\u6761\u76EE\u65F6\u51FA\u9519 "},
-        {"LPARAM", "("},
-        {"RPARAM", ")"},
-        {"attempt.to.add.a.Permission.to.a.readonly.PermissionCollection",
-            "\u5C1D\u8BD5\u5C06\u6743\u9650\u6DFB\u52A0\u81F3\u53EA\u8BFB\u7684 PermissionCollection"},
-
-        // com.sun.security.auth.PolicyParser
-        {"expected.keystore.type", "\u5E94\u4E3A\u5BC6\u94A5\u5E93\u7C7B\u578B"},
-        {"can.not.specify.Principal.with.a.wildcard.class.without.a.wildcard.name",
-                "\u6CA1\u6709\u901A\u914D\u7B26\u540D\u79F0, \u65E0\u6CD5\u4F7F\u7528\u901A\u914D\u7B26\u7C7B\u6307\u5B9A\u4E3B\u7528\u6237"},
-        {"expected.codeBase.or.SignedBy", "\u5E94\u4E3A codeBase \u6216 SignedBy"},
-        {"only.Principal.based.grant.entries.permitted",
-                "\u53EA\u5141\u8BB8\u57FA\u4E8E\u4E3B\u7528\u6237\u7684\u6388\u6743\u6761\u76EE"},
-        {"expected.permission.entry", "\u5E94\u4E3A\u6743\u9650\u6761\u76EE"},
-        {"number.", "\u7F16\u53F7 "},
-        {"expected.expect.read.end.of.file.",
-                "\u5E94\u4E3A{0}, \u8BFB\u53D6\u7684\u662F\u6587\u4EF6\u7ED3\u5C3E"},
-        {"expected.read.end.of.file", "\u5E94\u4E3A ';', \u8BFB\u53D6\u7684\u662F\u6587\u4EF6\u7ED3\u5C3E"},
-        {"line.", "\u884C "},
-        {".expected.", ": \u5E94\u4E3A '"},
-        {".found.", "', \u627E\u5230 '"},
-        {"QUOTE", "'"},
-
-        // SolarisPrincipals
-        {"SolarisNumericGroupPrincipal.Primary.Group.",
-                "SolarisNumericGroupPrincipal [\u4E3B\u7EC4]: "},
-        {"SolarisNumericGroupPrincipal.Supplementary.Group.",
-                "SolarisNumericGroupPrincipal [\u8865\u5145\u7EC4]: "},
-        {"SolarisNumericUserPrincipal.",
-                "SolarisNumericUserPrincipal: "},
-        {"SolarisPrincipal.", "SolarisPrincipal: "},
-        // provided.null.name is the NullPointerException message when a
-        // developer incorrectly passes a null name to the constructor of
-        // subclasses of java.security.Principal
-        {"provided.null.name", "\u63D0\u4F9B\u7684\u540D\u79F0\u4E3A\u7A7A\u503C"}
-
     };
 
     /**
--- a/src/java.base/share/classes/sun/security/util/AuthResources_zh_TW.java	Mon Aug 28 00:49:06 2017 -0700
+++ b/src/java.base/share/classes/sun/security/util/AuthResources_zh_TW.java	Mon Aug 28 07:53:26 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -95,50 +95,6 @@
                 "Kerberos \u4F7F\u7528\u8005\u540D\u7A31 [{0}]: "},
         {"Kerberos.password.for.username.",
                 "Kerberos \u5BC6\u78BC {0}: "},
-
-        /***    EVERYTHING BELOW IS DEPRECATED  ***/
-
-        // com.sun.security.auth.PolicyFile
-        {".error.parsing.", ": \u5256\u6790\u932F\u8AA4 "},
-        {"COLON", ": "},
-        {".error.adding.Permission.", ": \u65B0\u589E\u6B0A\u9650\u932F\u8AA4 "},
-        {"SPACE", " "},
-        {".error.adding.Entry.", ": \u65B0\u589E\u8F38\u5165\u932F\u8AA4 "},
-        {"LPARAM", "("},
-        {"RPARAM", ")"},
-        {"attempt.to.add.a.Permission.to.a.readonly.PermissionCollection",
-            "\u8A66\u8457\u65B0\u589E\u6B0A\u9650\u81F3\u552F\u8B80\u7684 PermissionCollection"},
-
-        // com.sun.security.auth.PolicyParser
-        {"expected.keystore.type", "\u9810\u671F\u7684\u91D1\u9470\u5132\u5B58\u5EAB\u985E\u578B"},
-        {"can.not.specify.Principal.with.a.wildcard.class.without.a.wildcard.name",
-                "\u6C92\u6709\u842C\u7528\u5B57\u5143\u540D\u7A31\uFF0C\u7121\u6CD5\u6307\u5B9A\u542B\u6709\u842C\u7528\u5B57\u5143\u985E\u5225\u7684 Principal"},
-        {"expected.codeBase.or.SignedBy", "\u9810\u671F\u7684 codeBase \u6216 SignedBy"},
-        {"only.Principal.based.grant.entries.permitted",
-                "\u53EA\u5141\u8A31\u4EE5 Principal \u70BA\u57FA\u790E\u7684\u6388\u6B0A\u9805\u76EE"},
-        {"expected.permission.entry", "\u9810\u671F\u7684\u6B0A\u9650\u9805\u76EE"},
-        {"number.", "\u865F\u78BC "},
-        {"expected.expect.read.end.of.file.",
-                "\u9810\u671F\u70BA {0}, \u8B80\u53D6\u6A94\u6848\u7D50\u5C3E"},
-        {"expected.read.end.of.file", "\u9810\u671F\u7684 ';'\uFF0C\u8B80\u53D6\u6A94\u6848\u7D50\u5C3E"},
-        {"line.", "\u884C "},
-        {".expected.", ": \u9810\u671F '"},
-        {".found.", "'\uFF0C\u767C\u73FE '"},
-        {"QUOTE", "'"},
-
-        // SolarisPrincipals
-        {"SolarisNumericGroupPrincipal.Primary.Group.",
-                "SolarisNumericGroupPrincipal [\u4E3B\u7FA4\u7D44]: "},
-        {"SolarisNumericGroupPrincipal.Supplementary.Group.",
-                "SolarisNumericGroupPrincipal [\u9644\u52A0\u7FA4\u7D44]: "},
-        {"SolarisNumericUserPrincipal.",
-                "SolarisNumericUserPrincipal: "},
-        {"SolarisPrincipal.", "SolarisPrincipal: "},
-        // provided.null.name is the NullPointerException message when a
-        // developer incorrectly passes a null name to the constructor of
-        // subclasses of java.security.Principal
-        {"provided.null.name", "\u63D0\u4F9B\u7A7A\u503C\u540D\u7A31"}
-
     };
 
     /**
--- a/src/java.base/share/conf/security/java.security	Mon Aug 28 00:49:06 2017 -0700
+++ b/src/java.base/share/conf/security/java.security	Mon Aug 28 07:53:26 2017 +0000
@@ -951,12 +951,36 @@
 #
 # The filter pattern uses the same format as jdk.serialFilter.
 # This filter can override the builtin filter if additional types need to be
-# allowed or rejected from the RMI Registry.
+# allowed or rejected from the RMI Registry or to decrease limits but not
+# to increase limits.
+# If the limits (maxdepth, maxrefs, or maxbytes) are exceeded, the object is rejected.
+#
+# Each non-array type is allowed or rejected if it matches one of the patterns,
+# evaluated from left to right, and is otherwise allowed. Arrays of any
+# component type, including subarrays and arrays of primitives, are allowed.
+#
+# Array construction of any component type, including subarrays and arrays of
+# primitives, are allowed unless the length is greater than the maxarray limit.
+# The filter is applied to each array element.
 #
 # Note: This property is currently used by the JDK Reference implementation.
 # It is not guaranteed to be examined and used by other implementations.
 #
-#sun.rmi.registry.registryFilter=pattern;pattern
+# The built-in filter allows subclasses of allowed classes and
+# can approximately be represented as the pattern:
+#
+#sun.rmi.registry.registryFilter=\
+#    maxarray=1000000;\
+#    maxdepth=20;\
+#    java.lang.String;\
+#    java.lang.Number;\
+#    java.lang.reflect.Proxy;\
+#    java.rmi.Remote;\
+#    sun.rmi.server.UnicastRef;\
+#    sun.rmi.server.RMIClientSocketFactory;\
+#    sun.rmi.server.RMIServerSocketFactory;\
+#    java.rmi.activation.ActivationID;\
+#    java.rmi.server.UID
 #
 # RMI Distributed Garbage Collector (DGC) Serial Filter
 #
--- a/src/java.rmi/share/classes/sun/rmi/registry/RegistryImpl.java	Mon Aug 28 00:49:06 2017 -0700
+++ b/src/java.rmi/share/classes/sun/rmi/registry/RegistryImpl.java	Mon Aug 28 07:53:26 2017 +0000
@@ -28,7 +28,6 @@
 import java.io.ObjectInputFilter;
 import java.nio.file.Path;
 import java.nio.file.Paths;
-import java.rmi.server.LogStream;
 import java.security.PrivilegedAction;
 import java.security.Security;
 import java.util.ArrayList;
@@ -58,6 +57,7 @@
 import java.security.ProtectionDomain;
 import java.text.MessageFormat;
 
+import jdk.internal.misc.SharedSecrets;
 import sun.rmi.runtime.Log;
 import sun.rmi.server.UnicastRef;
 import sun.rmi.server.UnicastServerRef;
@@ -109,7 +109,7 @@
     private static final int REGISTRY_MAX_DEPTH = 20;
 
     /** Registry maximum array size in remote invocations. **/
-    private static final int REGISTRY_MAX_ARRAY_SIZE = 10000;
+    private static final int REGISTRY_MAX_ARRAY_SIZE = 1_000_000;
 
     /**
      * The registryFilter created from the value of the {@code "sun.rmi.registry.registryFilter"}
@@ -130,7 +130,7 @@
             props = Security.getProperty(REGISTRY_FILTER_PROPNAME);
         }
         if (props != null) {
-            filter = ObjectInputFilter.Config.createFilter(props);
+            filter = SharedSecrets.getJavaObjectInputFilterAccess().createFilter2(props);
             Log regLog = Log.getLog("sun.rmi.registry", "registry", -1);
             if (regLog.isLoggable(Log.BRIEF)) {
                 regLog.log(Log.BRIEF, "registryFilter = " + filter);
@@ -451,17 +451,10 @@
         Class<?> clazz = filterInfo.serialClass();
         if (clazz != null) {
             if (clazz.isArray()) {
-                if (filterInfo.arrayLength() >= 0 && filterInfo.arrayLength() > REGISTRY_MAX_ARRAY_SIZE) {
-                    return ObjectInputFilter.Status.REJECTED;
-                }
-                do {
-                    // Arrays are allowed depending on the component type
-                    clazz = clazz.getComponentType();
-                } while (clazz.isArray());
-            }
-            if (clazz.isPrimitive()) {
-                // Arrays of primitives are allowed
-                return ObjectInputFilter.Status.ALLOWED;
+                // Arrays are REJECTED only if they exceed the limit
+                return (filterInfo.arrayLength() >= 0 && filterInfo.arrayLength() > REGISTRY_MAX_ARRAY_SIZE)
+                    ? ObjectInputFilter.Status.REJECTED
+                    : ObjectInputFilter.Status.UNDECIDED;
             }
             if (String.class == clazz
                     || java.lang.Number.class.isAssignableFrom(clazz)
--- a/src/jdk.attach/share/classes/com/sun/tools/attach/AttachNotSupportedException.java	Mon Aug 28 00:49:06 2017 -0700
+++ b/src/jdk.attach/share/classes/com/sun/tools/attach/AttachNotSupportedException.java	Mon Aug 28 07:53:26 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -29,7 +29,7 @@
 
 /**
  * Thrown by {@link com.sun.tools.attach.VirtualMachine#attach
- * VirtalMachine.attach} when attempting to attach to a Java virtual machine
+ * VirtualMachine.attach} when attempting to attach to a Java virtual machine
  * for which a compatible {@link com.sun.tools.attach.spi.AttachProvider
  * AttachProvider} does not exist. It is also thrown by {@link
  * com.sun.tools.attach.spi.AttachProvider#attachVirtualMachine
--- a/src/jdk.attach/share/classes/com/sun/tools/attach/AttachPermission.java	Mon Aug 28 00:49:06 2017 -0700
+++ b/src/jdk.attach/share/classes/com/sun/tools/attach/AttachPermission.java	Mon Aug 28 07:53:26 2017 +0000
@@ -28,7 +28,7 @@
 /**
  * When a {@link java.lang.SecurityManager SecurityManager} set, this
  * is the permission which will be checked when code invokes {@link
- * VirtualMachine#attach VirtalMachine.attach} to attach to a target virtual
+ * VirtualMachine#attach VirtualMachine.attach} to attach to a target virtual
  * machine.
  * This permission is also checked when an {@link
  * com.sun.tools.attach.spi.AttachProvider AttachProvider} is created.
--- a/src/jdk.incubator.httpclient/share/classes/jdk/incubator/http/AsyncSSLDelegate.java	Mon Aug 28 00:49:06 2017 -0700
+++ b/src/jdk.incubator.httpclient/share/classes/jdk/incubator/http/AsyncSSLDelegate.java	Mon Aug 28 07:53:26 2017 +0000
@@ -196,7 +196,7 @@
      * This same method is called to try and resume output after a blocking
      * handshaking operation has completed.
      */
-    private void upperWrite(ByteBufferReference[] refs, AsyncWriteQueue delayCallback) {
+    private boolean upperWrite(ByteBufferReference[] refs, AsyncWriteQueue delayCallback) {
         // currently delayCallback is not used. Use it when it's needed to execute handshake in another thread.
         try {
             ByteBuffer[] buffers = ByteBufferReference.toBuffers(refs);
@@ -230,6 +230,9 @@
             closeExceptionally(t);
             errorHandler.accept(t);
         }
+        // We always return true: either all the data was sent, or
+        // an exception happened and we have closed the queue.
+        return true;
     }
 
     // Connecting at this level means the initial handshake has completed.
--- a/src/jdk.incubator.httpclient/share/classes/jdk/incubator/http/PlainHttpConnection.java	Mon Aug 28 00:49:06 2017 -0700
+++ b/src/jdk.incubator.httpclient/share/classes/jdk/incubator/http/PlainHttpConnection.java	Mon Aug 28 07:53:26 2017 +0000
@@ -231,7 +231,7 @@
         assert false;
     }
 
-    void asyncOutput(ByteBufferReference[] refs, AsyncWriteQueue delayCallback) {
+    boolean asyncOutput(ByteBufferReference[] refs, AsyncWriteQueue delayCallback) {
         try {
             ByteBuffer[] bufs = ByteBufferReference.toBuffers(refs);
             while (Utils.remaining(bufs) > 0) {
@@ -239,13 +239,14 @@
                 if (n == 0) {
                     delayCallback.setDelayed(refs);
                     client.registerEvent(new WriteEvent());
-                    return;
+                    return false;
                 }
             }
             ByteBufferReference.clear(refs);
         } catch (IOException e) {
             shutdown();
         }
+        return true;
     }
 
     @Override
--- a/src/jdk.incubator.httpclient/share/classes/jdk/incubator/http/internal/common/AsyncWriteQueue.java	Mon Aug 28 00:49:06 2017 -0700
+++ b/src/jdk.incubator.httpclient/share/classes/jdk/incubator/http/internal/common/AsyncWriteQueue.java	Mon Aug 28 07:53:26 2017 +0000
@@ -27,17 +27,31 @@
 
 import java.io.Closeable;
 import java.io.IOException;
-import java.nio.ByteBuffer;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Deque;
 import java.util.List;
 import java.util.concurrent.ConcurrentLinkedDeque;
 import java.util.concurrent.atomic.AtomicInteger;
-import java.util.function.BiConsumer;
 
 public class AsyncWriteQueue implements Closeable {
 
+    @FunctionalInterface
+    public static interface AsyncConsumer {
+        /**
+         * Takes an array of buffer reference and attempt to send the data
+         * downstream. If not all the data can be sent, then push back
+         * to the source queue by calling {@code source.setDelayed(buffers)}
+         * and return false. If all the data was successfully sent downstream
+         * then returns true.
+         * @param buffers An array of ButeBufferReference containing data
+         *                to send downstream.
+         * @param source This AsyncWriteQueue.
+         * @return true if all the data could be sent downstream, false otherwise.
+         */
+        boolean trySend(ByteBufferReference[] buffers, AsyncWriteQueue source);
+    }
+
     private static final int IDLE    = 0;     // nobody is flushing from the queue
     private static final int FLUSHING = 1;    // there is the only thread flushing from the queue
     private static final int REFLUSHING = 2;  // while one thread was flushing from the queue
@@ -51,7 +65,7 @@
 
     private final AtomicInteger state = new AtomicInteger(IDLE);
     private final Deque<ByteBufferReference[]> queue = new ConcurrentLinkedDeque<>();
-    private final BiConsumer<ByteBufferReference[], AsyncWriteQueue> consumeAction;
+    private final AsyncConsumer consumeAction;
 
     // Queue may be processed in two modes:
     // 1. if(!doFullDrain) - invoke callback on each chunk
@@ -60,11 +74,11 @@
 
     private ByteBufferReference[] delayedElement = null;
 
-    public AsyncWriteQueue(BiConsumer<ByteBufferReference[], AsyncWriteQueue> consumeAction) {
+    public AsyncWriteQueue(AsyncConsumer consumeAction) {
         this(consumeAction, true);
     }
 
-    public AsyncWriteQueue(BiConsumer<ByteBufferReference[], AsyncWriteQueue> consumeAction, boolean doFullDrain) {
+    public AsyncWriteQueue(AsyncConsumer consumeAction, boolean doFullDrain) {
         this.consumeAction = consumeAction;
         this.doFullDrain = doFullDrain;
     }
@@ -156,8 +170,7 @@
         }
         while(true) {
             while (element != null) {
-                consumeAction.accept(element, this);
-                if (state.get() == DELAYED) {
+                if (!consumeAction.trySend(element, this)) {
                     return;
                 }
                 element = drain();
--- a/src/jdk.jdi/share/classes/com/sun/tools/jdi/TargetVM.java	Mon Aug 28 00:49:06 2017 -0700
+++ b/src/jdk.jdi/share/classes/com/sun/tools/jdi/TargetVM.java	Mon Aug 28 07:53:26 2017 +0000
@@ -41,7 +41,7 @@
 
 public class TargetVM implements Runnable {
     private Map<String, Packet> waitingQueue = new HashMap<>(32,0.75f);
-    private boolean shouldListen = true;
+    private volatile boolean shouldListen = true;
     private List<EventQueue> eventQueues = Collections.synchronizedList(new ArrayList<>(2));
     private VirtualMachineImpl vm;
     private Connection connection;
@@ -179,6 +179,9 @@
 
         // inform the VM mamager that this VM is history
         vm.vmManager.disposeVirtualMachine(vm);
+        if (eventController != null) {
+            eventController.release();
+        }
 
         // close down all the event queues
         // Closing a queue causes a VMDisconnectEvent to
@@ -237,7 +240,7 @@
 
     private EventController eventController() {
         if (eventController == null) {
-            eventController = new EventController(vm);
+            eventController = new EventController();
         }
         return eventController;
     }
@@ -326,13 +329,11 @@
         } catch (IOException ioe) { }
     }
 
-    static private class EventController extends Thread {
-        VirtualMachineImpl vm;
+    private class EventController extends Thread {
         int controlRequest = 0;
 
-        EventController(VirtualMachineImpl vm) {
+        EventController() {
             super(vm.threadGroupForJDI(), "JDI Event Control Thread");
-            this.vm = vm;
             setDaemon(true);
             setPriority((MAX_PRIORITY + NORM_PRIORITY)/2);
             super.start();
@@ -354,6 +355,9 @@
                 synchronized(this) {
                     while (controlRequest == 0) {
                         try {wait();} catch (InterruptedException e) {}
+                        if (!shouldListen) {
+                           return;
+                        }
                     }
                     currentRequest = controlRequest;
                     controlRequest = 0;
--- a/src/jdk.security.auth/share/classes/com/sun/security/auth/PolicyFile.java	Mon Aug 28 00:49:06 2017 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,300 +0,0 @@
-/*
- * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-package com.sun.security.auth;
-
-import java.security.CodeSource;
-import java.security.PermissionCollection;
-import javax.security.auth.Subject;
-
-/**
- * This class represents a default implementation for
- * {@code javax.security.auth.Policy}.
- *
- * <p> This object stores the policy for entire Java runtime,
- * and is the amalgamation of multiple static policy
- * configurations that resides in files.
- * The algorithm for locating the policy file(s) and reading their
- * information into this {@code Policy} object is:
- *
- * <ol>
- * <li>
- *   Loop through the security properties,
- *   <i>auth.policy.url.1</i>, <i>auth.policy.url.2</i>, ...,
- *   <i>auth.policy.url.X</i>".
- *   Each property value specifies a {@code URL} pointing to a
- *   policy file to be loaded.  Read in and load each policy.
- *
- * <li>
- *   The {@code java.lang.System} property <i>java.security.auth.policy</i>
- *   may also be set to a {@code URL} pointing to another policy file
- *   (which is the case when a user uses the -D switch at runtime).
- *   If this property is defined, and its use is allowed by the
- *   security property file (the Security property,
- *   <i>policy.allowSystemProperty</i> is set to <i>true</i>),
- *   also load that policy.
- *
- * <li>
- *   If the <i>java.security.auth.policy</i> property is defined using
- *   "==" (rather than "="), then ignore all other specified
- *   policies and only load this policy.
- * </ol>
- *
- * Each policy file consists of one or more grant entries, each of
- * which consists of a number of permission entries.
- *
- * <pre>
- *   grant signedBy "<b>alias</b>", codeBase "<b>URL</b>",
- *         principal <b>principalClass</b> "<b>principalName</b>",
- *         principal <b>principalClass</b> "<b>principalName</b>",
- *         ... {
- *
- *     permission <b>Type</b> "<b>name</b> "<b>action</b>",
- *         signedBy "<b>alias</b>";
- *     permission <b>Type</b> "<b>name</b> "<b>action</b>",
- *         signedBy "<b>alias</b>";
- *     ....
- *   };
- * </pre>
- *
- * All non-bold items above must appear as is (although case
- * doesn't matter and some are optional, as noted below).
- * Italicized items represent variable values.
- *
- * <p> A grant entry must begin with the word {@code grant}.
- * The {@code signedBy} and {@code codeBase}
- * name/value pairs are optional.
- * If they are not present, then any signer (including unsigned code)
- * will match, and any codeBase will match.  Note that the
- * {@code principal} name/value pair is not optional.
- * This {@code Policy} implementation only permits
- * Principal-based grant entries.  Note that the <i>principalClass</i>
- * may be set to the wildcard value, *, which allows it to match
- * any {@code Principal} class.  In addition, the <i>principalName</i>
- * may also be set to the wildcard value, *, allowing it to match
- * any {@code Principal} name.  When setting the <i>principalName</i>
- * to the *, do not surround the * with quotes.
- *
- * <p> A permission entry must begin with the word {@code permission}.
- * The word <i>{@code Type}</i> in the template above is
- * a specific permission type, such as {@code java.io.FilePermission}
- * or {@code java.lang.RuntimePermission}.
- *
- * <p> The "<i>action</i>" is required for
- * many permission types, such as {@code java.io.FilePermission}
- * (where it specifies what type of file access that is permitted).
- * It is not required for categories such as
- * {@code java.lang.RuntimePermission}
- * where it is not necessary - you either have the
- * permission specified by the "<i>{@code name}</i>"
- * value following the type name or you don't.
- *
- * <p> The {@code signedBy} name/value pair for a permission entry
- * is optional. If present, it indicates a signed permission. That is,
- * the permission class itself must be signed by the given alias in
- * order for it to be granted. For example,
- * suppose you have the following grant entry:
- *
- * <pre>
- *   grant principal foo.com.Principal "Duke" {
- *     permission Foo "foobar", signedBy "FooSoft";
- *   }
- * </pre>
- *
- * <p> Then this permission of type <i>Foo</i> is granted if the
- * {@code Foo.class} permission has been signed by the
- * "FooSoft" alias, or if {@code Foo.class} is a
- * system class (i.e., is found on the CLASSPATH).
- *
- * <p> Items that appear in an entry must appear in the specified order
- * ({@code permission}, <i>Type</i>, "<i>name</i>", and
- * "<i>action</i>"). An entry is terminated with a semicolon.
- *
- * <p> Case is unimportant for the identifiers ({@code permission},
- * {@code signedBy}, {@code codeBase}, etc.) but is
- * significant for the <i>Type</i>
- * or for any string that is passed in as a value.
- *
- * <p> An example of two entries in a policy configuration file is
- * <pre>
- *   // if the code is comes from "foo.com" and is running as "Duke",
- *   // grant it read/write to all files in /tmp.
- *
- *   grant codeBase "foo.com", principal foo.com.Principal "Duke" {
- *              permission java.io.FilePermission "/tmp/*", "read,write";
- *   };
- *
- *   // grant any code running as "Duke" permission to read
- *   // the "java.vendor" Property.
- *
- *   grant principal foo.com.Principal "Duke" {
- *         permission java.util.PropertyPermission "java.vendor";
- * </pre>
- *
- * <p> This {@code Policy} implementation supports
- * special handling for PrivateCredentialPermissions.
- * If a grant entry is configured with a
- * {@code PrivateCredentialPermission},
- * and the "Principal Class/Principal Name" for that
- * {@code PrivateCredentialPermission} is "self",
- * then the entry grants the specified {@code Subject} permission to
- * access its own private Credential.  For example,
- * the following grants the {@code Subject} "Duke"
- * access to its own a.b.Credential.
- *
- * <pre>
- *   grant principal foo.com.Principal "Duke" {
- *      permission javax.security.auth.PrivateCredentialPermission
- *              "a.b.Credential self",
- *              "read";
- *    };
- * </pre>
- *
- * The following grants the {@code Subject} "Duke"
- * access to all of its own private Credentials:
- *
- * <pre>
- *   grant principal foo.com.Principal "Duke" {
- *      permission javax.security.auth.PrivateCredentialPermission
- *              "* self",
- *              "read";
- *    };
- * </pre>
- *
- * The following grants all Subjects authenticated as a
- * {@code SolarisPrincipal} (regardless of their respective names)
- * permission to access their own private Credentials:
- *
- * <pre>
- *   grant principal com.sun.security.auth.SolarisPrincipal * {
- *      permission javax.security.auth.PrivateCredentialPermission
- *              "* self",
- *              "read";
- *    };
- * </pre>
- *
- * The following grants all Subjects permission to access their own
- * private Credentials:
- *
- * <pre>
- *   grant principal * * {
- *      permission javax.security.auth.PrivateCredentialPermission
- *              "* self",
- *              "read";
- *    };
- * </pre>
-
- * @deprecated As of JDK&nbsp;1.4, replaced by
- *             {@code sun.security.provider.PolicyFile}.
- *             This class is entirely deprecated.
- * This class is subject to removal in a future version of Java SE.
- *
- * @see java.security.CodeSource
- * @see java.security.Permissions
- * @see java.security.ProtectionDomain
- * @see java.security.Security security properties
- */
-@Deprecated(since="1.4", forRemoval=true)
-public class PolicyFile extends javax.security.auth.Policy {
-
-    private final sun.security.provider.AuthPolicyFile apf;
-
-    /**
-     * Initializes the Policy object and reads the default policy
-     * configuration file(s) into the Policy object.
-     */
-    public PolicyFile() {
-        apf = new sun.security.provider.AuthPolicyFile();
-    }
-
-    /**
-     * Refreshes the policy object by re-reading all the policy files.
-     *
-     * @exception SecurityException if the caller doesn't have permission
-     *          to refresh the {@code Policy}.
-     */
-    @Override
-    public void refresh() {
-        apf.refresh();
-    }
-
-    /**
-     * Examines this {@code Policy} and returns the Permissions granted
-     * to the specified {@code Subject} and {@code CodeSource}.
-     *
-     * <p> Permissions for a particular <i>grant</i> entry are returned
-     * if the {@code CodeSource} constructed using the codebase and
-     * signedby values specified in the entry {@code implies}
-     * the {@code CodeSource} provided to this method, and if the
-     * {@code Subject} provided to this method contains all of the
-     * Principals specified in the entry.
-     *
-     * <p> The {@code Subject} provided to this method contains all
-     * of the Principals specified in the entry if, for each
-     * {@code Principal}, "P1", specified in the <i>grant</i> entry
-     * one of the following two conditions is met:
-     *
-     * <ol>
-     * <li> the {@code Subject} has a
-     *      {@code Principal}, "P2", where
-     *      {@code P2.getClass().getName()} equals the
-     *      P1's class name, and where
-     *      {@code P2.getName()} equals the P1's name.
-     *
-     * <li> P1 implements
-     *      {@code com.sun.security.auth.PrincipalComparator},
-     *      and {@code P1.implies} the provided {@code Subject}.
-     * </ol>
-     *
-     * <p> Note that this {@code Policy} implementation has
-     * special handling for PrivateCredentialPermissions.
-     * When this method encounters a {@code PrivateCredentialPermission}
-     * which specifies "self" as the {@code Principal} class and name,
-     * it does not add that {@code Permission} to the returned
-     * {@code PermissionCollection}.  Instead, it builds
-     * a new {@code PrivateCredentialPermission}
-     * for each {@code Principal} associated with the provided
-     * {@code Subject}.  Each new {@code PrivateCredentialPermission}
-     * contains the same Credential class as specified in the
-     * originally granted permission, as well as the Class and name
-     * for the respective {@code Principal}.
-     *
-     * @param subject the Permissions granted to this {@code Subject}
-     *          and the additionally provided {@code CodeSource}
-     *          are returned.
-     *
-     * @param codesource the Permissions granted to this {@code CodeSource}
-     *          and the additionally provided {@code Subject}
-     *          are returned.
-     *
-     * @return the Permissions granted to the provided {@code Subject}
-     *          {@code CodeSource}.
-     */
-    @Override
-    public PermissionCollection getPermissions(final Subject subject,
-                                               final CodeSource codesource) {
-        return apf.getPermissions(subject, codesource);
-    }
-}
--- a/src/jdk.security.auth/share/classes/com/sun/security/auth/SolarisNumericGroupPrincipal.java	Mon Aug 28 00:49:06 2017 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,193 +0,0 @@
-/*
- * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-package com.sun.security.auth;
-
-import java.security.Principal;
-import static sun.security.util.ResourcesMgr.getAuthResourceString;
-
-/**
- * This class implements the {@code Principal} interface
- * and represents a user's Solaris group identification number (GID).
- *
- * <p> Principals such as this {@code SolarisNumericGroupPrincipal}
- * may be associated with a particular {@code Subject}
- * to augment that {@code Subject} with an additional
- * identity.  Refer to the {@code Subject} class for more information
- * on how to achieve this.  Authorization decisions can then be based upon
- * the Principals associated with a {@code Subject}.
-
- * @deprecated As of JDK&nbsp;1.4, replaced by
- *             {@link UnixNumericGroupPrincipal}.
- *             This class is entirely deprecated.
- * This class is subject to removal in a future version of Java SE.
- *
- * @see java.security.Principal
- * @see javax.security.auth.Subject
- */
-@Deprecated(since="1.4", forRemoval=true)
-public class SolarisNumericGroupPrincipal implements
-                                        Principal,
-                                        java.io.Serializable {
-
-    private static final long serialVersionUID = 2345199581042573224L;
-
-    /**
-     * @serial
-     */
-    private String name;
-
-    /**
-     * @serial
-     */
-    private boolean primaryGroup;
-
-    /**
-     * Create a {@code SolarisNumericGroupPrincipal} using a
-     * {@code String} representation of the user's
-     * group identification number (GID).
-     *
-     * @param name the user's group identification number (GID)
-     *                  for this user.
-     *
-     * @param primaryGroup true if the specified GID represents the
-     *                  primary group to which this user belongs.
-     *
-     * @exception NullPointerException if the {@code name}
-     *                  is {@code null}.
-     */
-    public SolarisNumericGroupPrincipal(String name, boolean primaryGroup) {
-        if (name == null)
-            throw new NullPointerException(getAuthResourceString("provided.null.name"));
-
-        this.name = name;
-        this.primaryGroup = primaryGroup;
-    }
-
-    /**
-     * Create a {@code SolarisNumericGroupPrincipal} using a
-     * long representation of the user's group identification number (GID).
-     *
-     * @param name the user's group identification number (GID) for this user
-     *                  represented as a long.
-     *
-     * @param primaryGroup true if the specified GID represents the
-     *                  primary group to which this user belongs.
-     *
-     */
-    public SolarisNumericGroupPrincipal(long name, boolean primaryGroup) {
-        this.name = Long.toString(name);
-        this.primaryGroup = primaryGroup;
-    }
-
-    /**
-     * Return the user's group identification number (GID) for this
-     * {@code SolarisNumericGroupPrincipal}.
-     *
-     * @return the user's group identification number (GID) for this
-     *          {@code SolarisNumericGroupPrincipal}
-     */
-    public String getName() {
-        return name;
-    }
-
-    /**
-     * Return the user's group identification number (GID) for this
-     * {@code SolarisNumericGroupPrincipal} as a long.
-     *
-     * @return the user's group identification number (GID) for this
-     *          {@code SolarisNumericGroupPrincipal} as a long.
-     */
-    public long longValue() {
-        return Long.parseLong(name);
-    }
-
-    /**
-     * Return whether this group identification number (GID) represents
-     * the primary group to which this user belongs.
-     *
-     * @return true if this group identification number (GID) represents
-     *          the primary group to which this user belongs,
-     *          or false otherwise.
-     */
-    public boolean isPrimaryGroup() {
-        return primaryGroup;
-    }
-
-    /**
-     * Return a string representation of this
-     * {@code SolarisNumericGroupPrincipal}.
-     *
-     * @return a string representation of this
-     *          {@code SolarisNumericGroupPrincipal}.
-     */
-    public String toString() {
-        return primaryGroup ?
-            getAuthResourceString
-            ("SolarisNumericGroupPrincipal.Primary.Group.") + name :
-            getAuthResourceString
-            ("SolarisNumericGroupPrincipal.Supplementary.Group.") + name;
-    }
-
-    /**
-     * Compares the specified Object with this
-     * {@code SolarisNumericGroupPrincipal}
-     * for equality.  Returns true if the given object is also a
-     * {@code SolarisNumericGroupPrincipal} and the two
-     * SolarisNumericGroupPrincipals
-     * have the same group identification number (GID).
-     *
-     * @param o Object to be compared for equality with this
-     *          {@code SolarisNumericGroupPrincipal}.
-     *
-     * @return true if the specified Object is equal to this
-     *          {@code SolarisNumericGroupPrincipal}.
-     */
-    public boolean equals(Object o) {
-        if (o == null)
-            return false;
-
-        if (this == o)
-            return true;
-
-        if (!(o instanceof SolarisNumericGroupPrincipal))
-            return false;
-        SolarisNumericGroupPrincipal that = (SolarisNumericGroupPrincipal)o;
-
-        if (this.getName().equals(that.getName()) &&
-            this.isPrimaryGroup() == that.isPrimaryGroup())
-            return true;
-        return false;
-    }
-
-    /**
-     * Return a hash code for this {@code SolarisNumericGroupPrincipal}.
-     *
-     * @return a hash code for this {@code SolarisNumericGroupPrincipal}.
-     */
-    public int hashCode() {
-        return toString().hashCode();
-    }
-}
--- a/src/jdk.security.auth/share/classes/com/sun/security/auth/SolarisNumericUserPrincipal.java	Mon Aug 28 00:49:06 2017 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,161 +0,0 @@
-/*
- * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-package com.sun.security.auth;
-
-import java.security.Principal;
-import static sun.security.util.ResourcesMgr.getAuthResourceString;
-
-/**
- * This class implements the {@code Principal} interface
- * and represents a user's Solaris identification number (UID).
- *
- * <p> Principals such as this {@code SolarisNumericUserPrincipal}
- * may be associated with a particular {@code Subject}
- * to augment that {@code Subject} with an additional
- * identity.  Refer to the {@code Subject} class for more information
- * on how to achieve this.  Authorization decisions can then be based upon
- * the Principals associated with a {@code Subject}.
- * @deprecated As of JDK&nbsp;1.4, replaced by
- *             {@link UnixNumericUserPrincipal}.
- *             This class is entirely deprecated.
- * This class is subject to removal in a future version of Java SE.
- *
- * @see java.security.Principal
- * @see javax.security.auth.Subject
- */
-@Deprecated(since="1.4", forRemoval=true)
-public class SolarisNumericUserPrincipal implements
-                                        Principal,
-                                        java.io.Serializable {
-
-    private static final long serialVersionUID = -3178578484679887104L;
-
-    /**
-     * @serial
-     */
-    private String name;
-
-    /**
-     * Create a {@code SolarisNumericUserPrincipal} using a
-     * {@code String} representation of the
-     * user's identification number (UID).
-     *
-     * @param name the user identification number (UID) for this user.
-     *
-     * @exception NullPointerException if the {@code name}
-     *                  is {@code null}.
-     */
-    public SolarisNumericUserPrincipal(String name) {
-        if (name == null)
-            throw new NullPointerException(getAuthResourceString("provided.null.name"));
-
-        this.name = name;
-    }
-
-    /**
-     * Create a {@code SolarisNumericUserPrincipal} using a
-     * long representation of the user's identification number (UID).
-     *
-     * @param name the user identification number (UID) for this user
-     *                  represented as a long.
-     */
-    public SolarisNumericUserPrincipal(long name) {
-        this.name = Long.toString(name);
-    }
-
-    /**
-     * Return the user identification number (UID) for this
-     * {@code SolarisNumericUserPrincipal}.
-     *
-     * @return the user identification number (UID) for this
-     *          {@code SolarisNumericUserPrincipal}
-     */
-    public String getName() {
-        return name;
-    }
-
-    /**
-     * Return the user identification number (UID) for this
-     * {@code SolarisNumericUserPrincipal} as a long.
-     *
-     * @return the user identification number (UID) for this
-     *          {@code SolarisNumericUserPrincipal} as a long.
-     */
-    public long longValue() {
-        return Long.parseLong(name);
-    }
-
-    /**
-     * Return a string representation of this
-     * {@code SolarisNumericUserPrincipal}.
-     *
-     * @return a string representation of this
-     *          {@code SolarisNumericUserPrincipal}.
-     */
-    public String toString() {
-        return(getAuthResourceString("SolarisNumericUserPrincipal.") + name);
-    }
-
-    /**
-     * Compares the specified Object with this
-     * {@code SolarisNumericUserPrincipal}
-     * for equality.  Returns true if the given object is also a
-     * {@code SolarisNumericUserPrincipal} and the two
-     * SolarisNumericUserPrincipals
-     * have the same user identification number (UID).
-     *
-     * @param o Object to be compared for equality with this
-     *          {@code SolarisNumericUserPrincipal}.
-     *
-     * @return true if the specified Object is equal to this
-     *          {@code SolarisNumericUserPrincipal}.
-     */
-    public boolean equals(Object o) {
-        if (o == null)
-            return false;
-
-        if (this == o)
-            return true;
-
-        if (!(o instanceof SolarisNumericUserPrincipal))
-            return false;
-        SolarisNumericUserPrincipal that = (SolarisNumericUserPrincipal)o;
-
-        if (this.getName().equals(that.getName()))
-            return true;
-
-       return false;
-    }
-
-    /**
-     * Return a hash code for this {@code SolarisNumericUserPrincipal}.
-     *
-     * @return a hash code for this {@code SolarisNumericUserPrincipal}.
-     */
-    public int hashCode() {
-        return name.hashCode();
-    }
-}
--- a/src/jdk.security.auth/share/classes/com/sun/security/auth/SolarisPrincipal.java	Mon Aug 28 00:49:06 2017 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,129 +0,0 @@
-/*
- * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-package com.sun.security.auth;
-
-import java.security.Principal;
-import static sun.security.util.ResourcesMgr.getAuthResourceString;
-
-
-/**
- * This class implements the {@code Principal} interface
- * and represents a Solaris user.
- *
- * <p> Principals such as this {@code SolarisPrincipal}
- * may be associated with a particular {@code Subject}
- * to augment that {@code Subject} with an additional
- * identity.  Refer to the {@code Subject} class for more information
- * on how to achieve this.  Authorization decisions can then be based upon
- * the Principals associated with a {@code Subject}.
- *
- * @deprecated As of JDK&nbsp;1.4, replaced by
- *             {@link UnixPrincipal}.
- *             This class is entirely deprecated.
- * This class is subject to removal in a future version of Java SE.
- * @see java.security.Principal
- * @see javax.security.auth.Subject
- */
-@Deprecated(since="1.4", forRemoval=true)
-public class SolarisPrincipal implements Principal, java.io.Serializable {
-
-    private static final long serialVersionUID = -7840670002439379038L;
-
-    /**
-     * @serial
-     */
-    private String name;
-
-    /**
-     * Create a SolarisPrincipal with a Solaris username.
-     *
-     * @param name the Unix username for this user.
-     *
-     * @exception NullPointerException if the {@code name}
-     *                  is {@code null}.
-     */
-    public SolarisPrincipal(String name) {
-        if (name == null)
-            throw new NullPointerException(getAuthResourceString("provided.null.name"));
-
-        this.name = name;
-    }
-
-    /**
-     * Return the Unix username for this {@code SolarisPrincipal}.
-     *
-     * @return the Unix username for this {@code SolarisPrincipal}
-     */
-    public String getName() {
-        return name;
-    }
-
-    /**
-     * Return a string representation of this {@code SolarisPrincipal}.
-     *
-     * @return a string representation of this {@code SolarisPrincipal}.
-     */
-    public String toString() {
-        return(getAuthResourceString("SolarisPrincipal.") + name);
-    }
-
-    /**
-     * Compares the specified Object with this {@code SolarisPrincipal}
-     * for equality.  Returns true if the given object is also a
-     * {@code SolarisPrincipal} and the two SolarisPrincipals
-     * have the same username.
-     *
-     * @param o Object to be compared for equality with this
-     *          {@code SolarisPrincipal}.
-     *
-     * @return true if the specified Object is equal to this
-     *          {@code SolarisPrincipal}.
-     */
-    public boolean equals(Object o) {
-        if (o == null)
-            return false;
-
-        if (this == o)
-            return true;
-
-        if (!(o instanceof SolarisPrincipal))
-            return false;
-        SolarisPrincipal that = (SolarisPrincipal)o;
-
-        if (this.getName().equals(that.getName()))
-            return true;
-        return false;
-    }
-
-    /**
-     * Return a hash code for this {@code SolarisPrincipal}.
-     *
-     * @return a hash code for this {@code SolarisPrincipal}.
-     */
-    public int hashCode() {
-        return name.hashCode();
-    }
-}
--- a/src/jdk.security.auth/share/classes/com/sun/security/auth/X500Principal.java	Mon Aug 28 00:49:06 2017 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,167 +0,0 @@
-/*
- * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-package com.sun.security.auth;
-
-import java.security.Principal;
-import sun.security.x509.X500Name;
-import static sun.security.util.ResourcesMgr.getAuthResourceString;
-
-/**
- * This class represents an X.500 {@code Principal}.
- * X500Principals have names such as,
- * "CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US"
- * (RFC 1779 style).
- *
- * <p> Principals such as this {@code X500Principal}
- * may be associated with a particular {@code Subject}
- * to augment that {@code Subject} with an additional
- * identity.  Refer to the {@code Subject} class for more information
- * on how to achieve this.  Authorization decisions can then be based upon
- * the Principals associated with a {@code Subject}.
- *
- * @see java.security.Principal
- * @see javax.security.auth.Subject
- * @deprecated A new X500Principal class is available in the Java platform.
- *             This X500Principal classs is entirely deprecated and
- *             is here to allow for a smooth transition to the new
- *             class.
- * This class is subject to removal in a future version of Java SE.
- * @see javax.security.auth.x500.X500Principal
-*/
-@Deprecated(since="1.4", forRemoval=true)
-public class X500Principal implements Principal, java.io.Serializable {
-
-    private static final long serialVersionUID = -8222422609431628648L;
-
-    /**
-     * @serial
-     */
-    private String name;
-
-    transient private X500Name thisX500Name;
-
-    /**
-     * Create a X500Principal with an X.500 Name,
-     * such as "CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US"
-     * (RFC 1779 style).
-     *
-     * @param name the X.500 name
-     *
-     * @exception NullPointerException if the {@code name}
-     *                  is {@code null}.
-     *
-     * @exception IllegalArgumentException if the {@code name}
-     *                  is improperly specified.
-     */
-    public X500Principal(String name) {
-        if (name == null)
-            throw new NullPointerException(getAuthResourceString("provided.null.name"));
-
-        try {
-            thisX500Name = new X500Name(name);
-        } catch (Exception e) {
-            throw new IllegalArgumentException(e.toString());
-        }
-
-        this.name = name;
-    }
-
-    /**
-     * Return the Unix username for this {@code X500Principal}.
-     *
-     * @return the Unix username for this {@code X500Principal}
-     */
-    public String getName() {
-        return thisX500Name.getName();
-    }
-
-    /**
-     * Return a string representation of this {@code X500Principal}.
-     *
-     * @return a string representation of this {@code X500Principal}.
-     */
-    public String toString() {
-        return thisX500Name.toString();
-    }
-
-    /**
-     * Compares the specified Object with this {@code X500Principal}
-     * for equality.
-     *
-     * @param o Object to be compared for equality with this
-     *          {@code X500Principal}.
-     *
-     * @return true if the specified Object is equal to this
-     *          {@code X500Principal}.
-     */
-    public boolean equals(Object o) {
-        if (o == null)
-            return false;
-
-        if (this == o)
-            return true;
-
-        if (o instanceof X500Principal) {
-            X500Principal that = (X500Principal)o;
-            try {
-                X500Name thatX500Name = new X500Name(that.getName());
-                return thisX500Name.equals(thatX500Name);
-            } catch (Exception e) {
-                // any parsing exceptions, return false
-                return false;
-            }
-        } else if (o instanceof Principal) {
-            // this will return 'true' if 'o' is a sun.security.x509.X500Name
-            // and the X500Names are equal
-            return o.equals(thisX500Name);
-        }
-
-        return false;
-    }
-
-    /**
-     * Return a hash code for this {@code X500Principal}.
-     *
-     * @return a hash code for this {@code X500Principal}.
-     */
-    public int hashCode() {
-        return thisX500Name.hashCode();
-    }
-
-    /**
-     * Reads this object from a stream (i.e., deserializes it)
-     */
-    private void readObject(java.io.ObjectInputStream s) throws
-                                        java.io.IOException,
-                                        java.io.NotActiveException,
-                                        ClassNotFoundException {
-
-        s.defaultReadObject();
-
-        // re-create thisX500Name
-        thisX500Name = new X500Name(name);
-    }
-}
--- a/src/jdk.security.auth/share/classes/com/sun/security/auth/module/SolarisLoginModule.java	Mon Aug 28 00:49:06 2017 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,313 +0,0 @@
-/*
- * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-package com.sun.security.auth.module;
-
-import java.util.*;
-import java.io.IOException;
-import javax.security.auth.*;
-import javax.security.auth.callback.*;
-import javax.security.auth.login.*;
-import javax.security.auth.spi.*;
-import com.sun.security.auth.SolarisPrincipal;
-import com.sun.security.auth.SolarisNumericUserPrincipal;
-import com.sun.security.auth.SolarisNumericGroupPrincipal;
-
-/**
- * This {@code LoginModule} imports a user's Solaris
- * {@code Principal} information ({@code SolarisPrincipal},
- * {@code SolarisNumericUserPrincipal},
- * and {@code SolarisNumericGroupPrincipal})
- * and associates them with the current {@code Subject}.
- *
- * <p> This LoginModule recognizes the debug option.
- * If set to true in the login Configuration,
- * debug messages will be output to the output stream, System.out.
- * @deprecated  As of JDK1.4, replaced by
- * {@code com.sun.security.auth.module.UnixLoginModule}.
- *             This LoginModule is entirely deprecated and
- *             is here to allow for a smooth transition to the new
- *             UnixLoginModule.
- * This class is subject to removal in a future version of Java SE.
- *
- */
-@Deprecated(since="1.4", forRemoval=true)
-public class SolarisLoginModule implements LoginModule {
-
-    // initial state
-    private Subject subject;
-    private CallbackHandler callbackHandler;
-    private Map<String, ?> sharedState;
-    private Map<String, ?> options;
-
-    // configurable option
-    private boolean debug = true;
-
-    // SolarisSystem to retrieve underlying system info
-    @SuppressWarnings("removal")
-    private SolarisSystem ss;
-
-    // the authentication status
-    private boolean succeeded = false;
-    private boolean commitSucceeded = false;
-
-    // Underlying system info
-    @SuppressWarnings("removal")
-    private SolarisPrincipal userPrincipal;
-    @SuppressWarnings("removal")
-    private SolarisNumericUserPrincipal UIDPrincipal;
-    @SuppressWarnings("removal")
-    private SolarisNumericGroupPrincipal GIDPrincipal;
-    @SuppressWarnings("removal")
-    private LinkedList<SolarisNumericGroupPrincipal> supplementaryGroups =
-                new LinkedList<>();
-
-    /**
-     * Initialize this {@code LoginModule}.
-     *
-     * @param subject the {@code Subject} to be authenticated.
-     *
-     * @param callbackHandler a {@code CallbackHandler} for communicating
-     *                  with the end user (prompting for usernames and
-     *                  passwords, for example).
-     *
-     * @param sharedState shared {@code LoginModule} state.
-     *
-     * @param options options specified in the login
-     *                  {@code Configuration} for this particular
-     *                  {@code LoginModule}.
-     */
-    public void initialize(Subject subject, CallbackHandler callbackHandler,
-                           Map<String,?> sharedState,
-                           Map<String,?> options)
-    {
-
-        this.subject = subject;
-        this.callbackHandler = callbackHandler;
-        this.sharedState = sharedState;
-        this.options = options;
-
-        // initialize any configured options
-        debug = "true".equalsIgnoreCase((String)options.get("debug"));
-    }
-
-    /**
-     * Authenticate the user (first phase).
-     *
-     * <p> The implementation of this method attempts to retrieve the user's
-     * Solaris {@code Subject} information by making a native Solaris
-     * system call.
-     *
-     * @exception FailedLoginException if attempts to retrieve the underlying
-     *          system information fail.
-     *
-     * @return true in all cases (this {@code LoginModule}
-     *          should not be ignored).
-     */
-    @SuppressWarnings("removal")
-    public boolean login() throws LoginException {
-
-        long[] solarisGroups = null;
-
-        try {
-            ss = new SolarisSystem();
-        } catch (UnsatisfiedLinkError ule) {
-            succeeded = false;
-            throw new FailedLoginException
-                                ("Failed in attempt to import " +
-                                "the underlying system identity information" +
-                                " on " + System.getProperty("os.name"));
-        }
-        userPrincipal = new SolarisPrincipal(ss.getUsername());
-        UIDPrincipal = new SolarisNumericUserPrincipal(ss.getUid());
-        GIDPrincipal = new SolarisNumericGroupPrincipal(ss.getGid(), true);
-        if (ss.getGroups() != null && ss.getGroups().length > 0)
-            solarisGroups = ss.getGroups();
-            for (int i = 0; i < solarisGroups.length; i++) {
-                SolarisNumericGroupPrincipal ngp =
-                    new SolarisNumericGroupPrincipal
-                    (solarisGroups[i], false);
-                if (!ngp.getName().equals(GIDPrincipal.getName()))
-                    supplementaryGroups.add(ngp);
-            }
-        if (debug) {
-            System.out.println("\t\t[SolarisLoginModule]: " +
-                    "succeeded importing info: ");
-            System.out.println("\t\t\tuid = " + ss.getUid());
-            System.out.println("\t\t\tgid = " + ss.getGid());
-            solarisGroups = ss.getGroups();
-            for (int i = 0; i < solarisGroups.length; i++) {
-                System.out.println("\t\t\tsupp gid = " + solarisGroups[i]);
-            }
-        }
-        succeeded = true;
-        return true;
-    }
-
-    /**
-     * Commit the authentication (second phase).
-     *
-     * <p> This method is called if the LoginContext's
-     * overall authentication succeeded
-     * (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules
-     * succeeded).
-     *
-     * <p> If this LoginModule's own authentication attempt
-     * succeeded (the importing of the Solaris authentication information
-     * succeeded), then this method associates the Solaris Principals
-     * with the {@code Subject} currently tied to the
-     * {@code LoginModule}.  If this LoginModule's
-     * authentication attempted failed, then this method removes
-     * any state that was originally saved.
-     *
-     * @exception LoginException if the commit fails
-     *
-     * @return true if this LoginModule's own login and commit attempts
-     *          succeeded, or false otherwise.
-     */
-    public boolean commit() throws LoginException {
-        if (succeeded == false) {
-            if (debug) {
-                System.out.println("\t\t[SolarisLoginModule]: " +
-                    "did not add any Principals to Subject " +
-                    "because own authentication failed.");
-            }
-            return false;
-        }
-        if (subject.isReadOnly()) {
-            throw new LoginException ("Subject is Readonly");
-        }
-        if (!subject.getPrincipals().contains(userPrincipal))
-            subject.getPrincipals().add(userPrincipal);
-        if (!subject.getPrincipals().contains(UIDPrincipal))
-            subject.getPrincipals().add(UIDPrincipal);
-        if (!subject.getPrincipals().contains(GIDPrincipal))
-            subject.getPrincipals().add(GIDPrincipal);
-        for (int i = 0; i < supplementaryGroups.size(); i++) {
-            if (!subject.getPrincipals().contains(supplementaryGroups.get(i)))
-                subject.getPrincipals().add(supplementaryGroups.get(i));
-        }
-
-        if (debug) {
-            System.out.println("\t\t[SolarisLoginModule]: " +
-                               "added SolarisPrincipal,");
-            System.out.println("\t\t\t\tSolarisNumericUserPrincipal,");
-            System.out.println("\t\t\t\tSolarisNumericGroupPrincipal(s),");
-            System.out.println("\t\t\t to Subject");
-        }
-
-        commitSucceeded = true;
-        return true;
-    }
-
-
-    /**
-     * Abort the authentication (second phase).
-     *
-     * <p> This method is called if the LoginContext's
-     * overall authentication failed.
-     * (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules
-     * did not succeed).
-     *
-     * <p> This method cleans up any state that was originally saved
-     * as part of the authentication attempt from the {@code login}
-     * and {@code commit} methods.
-     *
-     * @exception LoginException if the abort fails
-     *
-     * @return false if this LoginModule's own login and/or commit attempts
-     *          failed, and true otherwise.
-     */
-    @SuppressWarnings("removal")
-    public boolean abort() throws LoginException {
-        if (debug) {
-            System.out.println("\t\t[SolarisLoginModule]: " +
-                "aborted authentication attempt");
-        }
-
-        if (succeeded == false) {
-            return false;
-        } else if (succeeded == true && commitSucceeded == false) {
-
-            // Clean out state
-            succeeded = false;
-            ss = null;
-            userPrincipal = null;
-            UIDPrincipal = null;
-            GIDPrincipal = null;
-            supplementaryGroups =
-                        new LinkedList<SolarisNumericGroupPrincipal>();
-        } else {
-            // overall authentication succeeded and commit succeeded,
-            // but someone else's commit failed
-            logout();
-        }
-        return true;
-    }
-
-    /**
-     * Logout the user
-     *
-     * <p> This method removes the Principals associated
-     * with the {@code Subject}.
-     *
-     * @exception LoginException if the logout fails
-     *
-     * @return true in all cases (this {@code LoginModule}
-     *          should not be ignored).
-     */
-    @SuppressWarnings("removal")
-    public boolean logout() throws LoginException {
-        if (debug) {
-            System.out.println("\t\t[SolarisLoginModule]: " +
-                "Entering logout");
-        }
-        if (subject.isReadOnly()) {
-            throw new LoginException ("Subject is Readonly");
-        }
-        // remove the added Principals from the Subject
-        subject.getPrincipals().remove(userPrincipal);
-        subject.getPrincipals().remove(UIDPrincipal);
-        subject.getPrincipals().remove(GIDPrincipal);
-        for (int i = 0; i < supplementaryGroups.size(); i++) {
-            subject.getPrincipals().remove(supplementaryGroups.get(i));
-        }
-
-        // clean out state
-        ss = null;
-        succeeded = false;
-        commitSucceeded = false;
-        userPrincipal = null;
-        UIDPrincipal = null;
-        GIDPrincipal = null;
-        supplementaryGroups = new LinkedList<SolarisNumericGroupPrincipal>();
-
-        if (debug) {
-            System.out.println("\t\t[SolarisLoginModule]: " +
-                "logged out Subject");
-        }
-        return true;
-    }
-}
--- a/src/jdk.security.auth/share/classes/com/sun/security/auth/module/SolarisSystem.java	Mon Aug 28 00:49:06 2017 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,89 +0,0 @@
-/*
- * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-package com.sun.security.auth.module;
-
-/**
- * This class implementation retrieves and makes available Solaris
- * UID/GID/groups information for the current user.
- *
- * @deprecated replaced by {@link UnixSystem}.
- * This class is subject to removal in a future version of Java SE.
- */
-@Deprecated(since="1.4", forRemoval=true)
-public class SolarisSystem {
-
-    private native void getSolarisInfo();
-
-    protected String username;
-    protected long uid;
-    protected long gid;
-    protected long[] groups;
-
-    /**
-     * Instantiate a {@code SolarisSystem} and load
-     * the native library to access the underlying system information.
-     */
-    public SolarisSystem() {
-        System.loadLibrary("jaas_unix");
-        getSolarisInfo();
-    }
-
-    /**
-     * Get the username for the current Solaris user.
-     *
-     * @return the username for the current Solaris user.
-     */
-    public String getUsername() {
-        return username;
-    }
-
-    /**
-     * Get the UID for the current Solaris user.
-     *
-     * @return the UID for the current Solaris user.
-     */
-    public long getUid() {
-        return uid;
-    }
-
-    /**
-     * Get the GID for the current Solaris user.
-     *
-     * @return the GID for the current Solaris user.
-     */
-    public long getGid() {
-        return gid;
-    }
-
-    /**
-     * Get the supplementary groups for the current Solaris user.
-     *
-     * @return the supplementary groups for the current Solaris user.
-     */
-    public long[] getGroups() {
-        return groups == null ? null : groups.clone();
-    }
-}
--- a/src/jdk.security.auth/solaris/native/libjaas/Solaris.c	Mon Aug 28 00:49:06 2017 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,152 +0,0 @@
-/*
- * Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-#include <jni.h>
-#include "com_sun_security_auth_module_SolarisSystem.h"
-#include <stdio.h>
-#include <unistd.h>
-#include <stdlib.h>
-#include <string.h>
-
-/* For POSIX-compliant getpwuid_r on Solaris */
-#if defined(__solaris__)
-#define _POSIX_PTHREAD_SEMANTICS
-#endif
-#include <pwd.h>
-
-static void throwIllegalArgumentException(JNIEnv *env, const char *msg) {
-    jclass clazz = (*env)->FindClass(env, "java/lang/IllegalArgumentException");
-    if (clazz != NULL)
-        (*env)->ThrowNew(env, clazz, msg);
-}
-
-JNIEXPORT void JNICALL
-Java_com_sun_security_auth_module_SolarisSystem_getSolarisInfo
-                                                (JNIEnv *env, jobject obj) {
-
-    int i;
-    long pwd_bufsize;
-    char *pwd_buf = NULL;
-    struct passwd pwd;
-    struct passwd* p = NULL;
-    jsize numSuppGroups = getgroups(0, NULL);
-    jfieldID fid;
-    jstring jstr;
-    jlongArray jgroups;
-    jlong *jgroupsAsArray;
-    gid_t *groups;
-    jclass cls;
-
-    pwd_bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
-    if (pwd_bufsize == -1) {
-        pwd_bufsize = 1024;
-    }
-    pwd_buf = (char *)malloc(pwd_bufsize);
-    groups = (gid_t *)calloc(numSuppGroups, sizeof(gid_t));
-
-    if (pwd_buf == NULL || groups == NULL) {
-        if (pwd_buf != NULL) {
-            free(pwd_buf);
-        }
-        if (groups != NULL) {
-            free(groups);
-        }
-        cls = (*env)->FindClass(env,"java/lang/OutOfMemoryError");
-        if (cls != NULL) {
-            (*env)->ThrowNew(env, cls, NULL);
-        }
-        return;
-    }
-
-    cls = (*env)->GetObjectClass(env, obj);
-
-    if (getpwuid_r(getuid(), &pwd, pwd_buf, sizeof(pwd_buf), &p) != 0 &&
-        p != NULL && getgroups(numSuppGroups, groups) != -1) {
-
-        /*
-         * set username
-         */
-        fid = (*env)->GetFieldID(env, cls, "username", "Ljava/lang/String;");
-        if (fid == 0) {
-            (*env)->ExceptionClear(env);
-            throwIllegalArgumentException(env, "invalid field: username");
-            goto cleanupAndReturn;
-        }
-        jstr = (*env)->NewStringUTF(env, pwd.pw_name);
-        if (jstr == NULL) {
-            goto cleanupAndReturn;
-        }
-        (*env)->SetObjectField(env, obj, fid, jstr);
-
-        /*
-         * set uid
-         */
-        fid = (*env)->GetFieldID(env, cls, "uid", "J");
-        if (fid == 0) {
-            (*env)->ExceptionClear(env);
-            throwIllegalArgumentException(env, "invalid field: uid");
-            goto cleanupAndReturn;
-        }
-        (*env)->SetLongField(env, obj, fid, pwd.pw_uid);
-
-        /*
-         * set gid
-         */
-        fid = (*env)->GetFieldID(env, cls, "gid", "J");
-        if (fid == 0) {
-            (*env)->ExceptionClear(env);
-            throwIllegalArgumentException(env, "invalid field: gid");
-            goto cleanupAndReturn;
-        }
-        (*env)->SetLongField(env, obj, fid, pwd.pw_gid);
-
-        /*
-         * set supplementary groups
-         */
-        fid = (*env)->GetFieldID(env, cls, "groups", "[J");
-        if (fid == 0) {
-            (*env)->ExceptionClear(env);
-            throwIllegalArgumentException(env, "invalid field: groups");
-            goto cleanupAndReturn;
-        }
-
-        jgroups = (*env)->NewLongArray(env, numSuppGroups);
-        if (jgroups == NULL) {
-            goto cleanupAndReturn;
-        }
-        jgroupsAsArray = (*env)->GetLongArrayElements(env, jgroups, 0);
-        if (jgroupsAsArray == NULL) {
-            goto cleanupAndReturn;
-        }
-        for (i = 0; i < numSuppGroups; i++)
-            jgroupsAsArray[i] = groups[i];
-        (*env)->ReleaseLongArrayElements(env, jgroups, jgroupsAsArray, 0);
-        (*env)->SetObjectField(env, obj, fid, jgroups);
-    }
-cleanupAndReturn:
-    free(pwd_buf);
-    free(groups);
-    return;
-}
--- a/test/TEST.ROOT	Mon Aug 28 00:49:06 2017 -0700
+++ b/test/TEST.ROOT	Mon Aug 28 07:53:26 2017 +0000
@@ -11,7 +11,7 @@
 #
 # A "headful" test requires a graphical environment to meaningfully
 # run. Tests that are not headful are "headless".
-# A test flagged with key "printer" requires a printer to succeed, else 
+# A test flagged with key "printer" requires a printer to succeed, else
 # throws a PrinterException or the like.
 
 keys=2d dnd headful i18n intermittent printer randomness
@@ -28,8 +28,8 @@
 # Allow querying of various System properties in @requires clauses
 requires.properties=sun.arch.data.model java.runtime.name
 
-# Tests using jtreg 4.2 b07 features
-requiredVersion=4.2 b07
+# Minimum jtreg version
+requiredVersion=4.2 b08
 
 # Path to libraries in the topmost test directory. This is needed so @library
 # does not need ../../ notation to reach them
--- a/test/java/net/httpclient/http2/FixedThreadPoolTest.java	Mon Aug 28 00:49:06 2017 -0700
+++ b/test/java/net/httpclient/http2/FixedThreadPoolTest.java	Mon Aug 28 07:53:26 2017 +0000
@@ -23,8 +23,7 @@
 
 /*
  * @test
- * @bug 8087112
- * @key intermittent
+ * @bug 8087112 8177935
  * @library /lib/testlibrary server
  * @build jdk.testlibrary.SimpleSSLContext
  * @modules jdk.incubator.httpclient/jdk.incubator.http.internal.common
--- a/test/java/rmi/registry/serialFilter/RegistryFilterTest.java	Mon Aug 28 00:49:06 2017 -0700
+++ b/test/java/rmi/registry/serialFilter/RegistryFilterTest.java	Mon Aug 28 07:53:26 2017 +0000
@@ -35,7 +35,6 @@
 import java.util.Objects;
 
 import org.testng.Assert;
-import org.testng.TestNG;
 import org.testng.annotations.BeforeSuite;
 import org.testng.annotations.DataProvider;
 import org.testng.annotations.Test;
@@ -65,21 +64,14 @@
 
     static final int REGISTRY_MAX_DEPTH = 20;
 
-    static final int REGISTRY_MAX_ARRAY = 10000;
+    static final int REGISTRY_MAX_ARRAY = 1_000_000;
 
     static final String registryFilter =
             System.getProperty("sun.rmi.registry.registryFilter",
                     Security.getProperty("sun.rmi.registry.registryFilter"));
 
-    @DataProvider(name = "bindAllowed")
-    static Object[][] bindAllowedObjects() {
-        Object[][] objects = {
-        };
-        return objects;
-    }
-
     /**
-     * Data RMI Regiry bind test.
+     * Data RMI Registry bind test.
      * - name
      * - Object
      * - true/false if object is blacklisted by a filter (implicit or explicit)
@@ -90,9 +82,11 @@
         Object[][] data = {
                 { "byte[max]", new XX(new byte[REGISTRY_MAX_ARRAY]), false },
                 { "String", new XX("now is the time"), false},
-                { "String[]", new XX(new String[3]), false},
-                { "Long[4]", new XX(new Long[4]), registryFilter != null },
+                { "String[3]", new XX(new String[3]), false},
+                { "Long[4]", new XX(new Long[4]), false },
+                { "Object[REGISTRY_MAX_ARRAY]", new XX(new Object[REGISTRY_MAX_ARRAY]), false },
                 { "rej-byte[toobig]", new XX(new byte[REGISTRY_MAX_ARRAY + 1]), true },
+                { "rej-Object[toobig]", new XX(new Object[REGISTRY_MAX_ARRAY + 1]), true },
                 { "rej-MarshalledObject", createMarshalledObject(), true },
                 { "rej-RejectableClass", new RejectableClass(), registryFilter != null},
         };
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/util/jar/JarFile/JarBacktickManifest.java	Mon Aug 28 07:53:26 2017 +0000
@@ -0,0 +1,67 @@
+/*
+ * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * @test
+ * @bug 8186334
+ * @library /lib/testlibrary/java/util/jar
+ * @build JarBuilder
+ * @run testng JarBacktickManifest
+ * @summary Make sure scanning manifest doesn't throw AIOOBE on certain strings
+ *          containing backticks.
+ */
+
+import java.io.File;
+import java.io.IOException;
+import java.nio.file.Files;
+import java.util.jar.JarFile;
+
+import org.testng.Assert;
+import org.testng.annotations.AfterClass;
+import org.testng.annotations.BeforeClass;
+import org.testng.annotations.Test;
+
+public class JarBacktickManifest {
+
+    public static final String VERIFY_MANIFEST_JAR = "verifyManifest.jar";
+
+    @BeforeClass
+    public void initialize() throws Exception {
+        JarBuilder jb = new JarBuilder(VERIFY_MANIFEST_JAR);
+        jb.addAttribute("Test", " Class-`Path` ");
+        jb.addAttribute("Test2", " Multi-`Release ");
+        jb.build();
+    }
+
+    @Test
+    public void test() throws Exception {
+        try (JarFile jf = new JarFile(VERIFY_MANIFEST_JAR)) {  // do not set runtime versioning
+            Assert.assertFalse(jf.isMultiRelease(), "Shouldn't be multi-release");
+        }
+    }
+
+    @AfterClass
+    public void close() throws IOException {
+        Files.delete(new File(VERIFY_MANIFEST_JAR).toPath());
+    }
+}
--- a/test/javax/security/auth/PrivateCredentialPermission/Subset.java	Mon Aug 28 00:49:06 2017 -0700
+++ b/test/javax/security/auth/PrivateCredentialPermission/Subset.java	Mon Aug 28 07:53:26 2017 +0000
@@ -34,7 +34,7 @@
 import java.util.HashSet;
 import java.util.Iterator;
 import java.util.Set;
-import com.sun.security.auth.SolarisPrincipal;
+import com.sun.security.auth.UnixPrincipal;
 import javax.security.auth.Subject;
 
 /*
@@ -46,7 +46,7 @@
  *    permission javax.security.auth.AuthPermission \
  *              "modifyPrivateCredentials";
  *    permission javax.security.auth.PrivateCredentialPermission \
- * "java.lang.String com.sun.security.auth.SolarisPrincipal \"user"", "read";
+ * "java.lang.String com.sun.security.auth.UnixPrincipal \"user"", "read";
  * };
 
  * The test verifies the following:
@@ -71,7 +71,7 @@
         HashSet creds = new HashSet();
         Subject emptys =
             new Subject(false,  //readOnly
-                        Collections.singleton(new SolarisPrincipal("user")),
+                        Collections.singleton(new UnixPrincipal("user")),
                         Collections.EMPTY_SET,
                         creds);
         /* Test principals */
@@ -104,7 +104,7 @@
         creds.add(Boolean.TRUE);
         Subject sremove =
             new Subject(false,  //readOnly
-                        Collections.singleton(new SolarisPrincipal("user")),
+                        Collections.singleton(new UnixPrincipal("user")),
                         Collections.EMPTY_SET,
                         creds);
         Set p2 = sremove.getPrivateCredentials();
@@ -184,7 +184,7 @@
         creds1.add(new String("Exists"));
         Subject scontain =
             new Subject(false,  //readOnly
-                        Collections.singleton(new SolarisPrincipal("user")),
+                        Collections.singleton(new UnixPrincipal("user")),
                         Collections.EMPTY_SET,
                         creds1);
         p2 = scontain.getPrivateCredentials();
@@ -237,7 +237,7 @@
         creds2.add("ghi");
         Subject sstring =
             new Subject(false,  //readOnly
-                        Collections.singleton(new SolarisPrincipal("user")),
+                        Collections.singleton(new UnixPrincipal("user")),
                         Collections.EMPTY_SET,
                         creds2);
         p2 = sstring.getPrivateCredentials();
@@ -262,7 +262,7 @@
         creds4.add("Exists");
         Subject scontain1 =
             new Subject(false,  //readOnly
-                        Collections.singleton(new SolarisPrincipal("user")),
+                        Collections.singleton(new UnixPrincipal("user")),
                         Collections.EMPTY_SET,
                         creds4);
         Set p3 = scontain1.getPrivateCredentials();
@@ -462,7 +462,7 @@
         creds.add(new Integer(1));
         Subject s =
             new Subject(false,  //readOnly
-                        Collections.singleton(new SolarisPrincipal("user")),
+                        Collections.singleton(new UnixPrincipal("user")),
                         Collections.EMPTY_SET,
                         creds);
         try {
--- a/test/javax/security/auth/PrivateCredentialPermission/Subset.policy	Mon Aug 28 00:49:06 2017 -0700
+++ b/test/javax/security/auth/PrivateCredentialPermission/Subset.policy	Mon Aug 28 07:53:26 2017 +0000
@@ -6,5 +6,5 @@
 grant {
      permission javax.security.auth.AuthPermission "modifyPrivateCredentials";
      permission javax.security.auth.AuthPermission "modifyPublicCredentials";
-     permission	javax.security.auth.PrivateCredentialPermission "java.lang.String com.sun.security.auth.SolarisPrincipal \"user\"", "read";
+     permission	javax.security.auth.PrivateCredentialPermission "java.lang.String com.sun.security.auth.UnixPrincipal \"user\"", "read";
 };
--- a/test/jdk/nio/zipfs/ZeroDate.java	Mon Aug 28 00:49:06 2017 -0700
+++ b/test/jdk/nio/zipfs/ZeroDate.java	Mon Aug 28 07:53:26 2017 +0000
@@ -44,7 +44,7 @@
 import java.util.zip.ZipOutputStream;
 
 /* @test
- * @bug 8184940
+ * @bug 8184940 8186227
  * @summary JDK 9 rejects zip files where the modified day or month is 0
  * @author Liam Miller-Cushon
  */
@@ -85,7 +85,7 @@
         try (OutputStream os = Files.newOutputStream(path)) {
             os.write(data);
         }
-        URI uri = URI.create("jar:file://" + path.toAbsolutePath());
+        URI uri = URI.create("jar:" + path.toUri());
         try (FileSystem fs = FileSystems.newFileSystem(uri, Collections.emptyMap())) {
             Path entry = fs.getPath("x");
             Instant actualInstant =
--- a/test/sun/security/provider/PolicyFile/Comparator.java	Mon Aug 28 00:49:06 2017 -0700
+++ b/test/sun/security/provider/PolicyFile/Comparator.java	Mon Aug 28 07:53:26 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2004, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -42,7 +42,6 @@
 import sun.security.provider.PolicyFile;
 import com.sun.security.auth.UnixPrincipal;
 import com.sun.security.auth.NTUserPrincipal;
-import com.sun.security.auth.SolarisPrincipal;
 
 public class Comparator {
 
@@ -88,7 +87,7 @@
                                 new X500Principal("cn=x500") };
 
     private static final Principal[] badP = new Principal[] {
-                                new SolarisPrincipal("bad") };
+                                new UnixPrincipal("bad") };
 
     public static class PCompare1 implements Principal {