diff options
Diffstat (limited to 'community')
25 files changed, 3214 insertions, 388 deletions
diff --git a/community/exim/APKBUILD b/community/exim/APKBUILD index d15a819b70a..e7b54529c89 100644 --- a/community/exim/APKBUILD +++ b/community/exim/APKBUILD @@ -38,8 +38,6 @@ builddir="$srcdir/$pkgname-$pkgver" # - CVE-2019-13917 # 4.92-r0: # - CVE-2019-10149 -# 4.91-r0: -# - CVE-2018-6789 # 4.89-r5: # - CVE-2017-1000369 # 4.89-r7: diff --git a/community/ffmpeg/APKBUILD b/community/ffmpeg/APKBUILD index 132ec41c6e7..564265cf85a 100644 --- a/community/ffmpeg/APKBUILD +++ b/community/ffmpeg/APKBUILD @@ -3,7 +3,7 @@ # Contributor: Jakub Skrzypnik <j.skrzypnik@openmailbox.org> # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=ffmpeg -pkgver=4.0.4 +pkgver=4.0.6 pkgrel=0 pkgdesc="Complete and free Internet live audio and video broadcasting solution for Linux/Unix" url="https://ffmpeg.org/" @@ -22,6 +22,12 @@ source="https://ffmpeg.org/releases/ffmpeg-$pkgver.tar.xz builddir="$srcdir/$pkgname-$pkgver" # secfixes: +# 4.0.6-r0: +# - CVE-2019-12730 +# - CVE-2019-13390 +# - CVE-2019-17539 +# - CVE-2019-17542 +# - CVE-2020-13904 # 4.0.4-r0: # - CVE-2018-15822 # - CVE-2019-9718 @@ -117,5 +123,5 @@ libs() { mv "$pkgdir"/usr/lib "$subpkgdir"/usr } -sha512sums="b7f66f5b38df4114f96fd85e42c6a42cb9673d4ca042d6775d1b64b7966cc9833e01bfa83e429e2cff8f2ecdd7dea44ede135aca75c31a7ed706e7384657196c ffmpeg-4.0.4.tar.xz +sha512sums="46e631393b3c1ed6332f738b650085c6639ddc82519d78900ab97e28bebe8d7a0d356b0721b1773488fb88fcfa9eb438ff2a92789883a6ad59c4b739250815b8 ffmpeg-4.0.6.tar.xz 32652e18d4eb231a2e32ad1cacffdf33264aac9d459e0e2e6dd91484fced4e1ca5a62886057b1f0b4b1589c014bbe793d17c78adbaffec195f9a75733b5b18cb 0001-libavutil-clean-up-unused-FF_SYMVER-macro.patch" diff --git a/community/firefox-esr/APKBUILD b/community/firefox-esr/APKBUILD index 9deb7dea4ae..12da1198b68 100644 --- a/community/firefox-esr/APKBUILD +++ b/community/firefox-esr/APKBUILD @@ -154,7 +154,6 @@ ldpath="$_mozappdir" # - CVE-2018-5117 # 52.5.2-r0: # - CVE-2017-7843 -# - CVE-2017-7843 prepare() { default_prepare diff --git a/community/graphicsmagick/APKBUILD b/community/graphicsmagick/APKBUILD index 6729d759b95..3c3e5bfcdcb 100644 --- a/community/graphicsmagick/APKBUILD +++ b/community/graphicsmagick/APKBUILD @@ -13,7 +13,7 @@ source="https://downloads.sourceforge.net/$pkgname/$pkgname/$pkgver/GraphicsMagi options="libtool !check" builddir="$srcdir"/GraphicsMagick-$pkgver -# security fixes: +# secfixes: # 1.3.27-r0: # - CVE-2017-11102 # - CVE-2017-14314 diff --git a/community/opam/APKBUILD b/community/opam/APKBUILD index ba96c310292..cd135c39f1b 100644 --- a/community/opam/APKBUILD +++ b/community/opam/APKBUILD @@ -1,21 +1,20 @@ # Contributor: Michael Zuo <muh.muhten@gmail.com> +# Contributor: Sora Morimoto <sora@morimoto.io> # Maintainer: Anil Madhavapeddy <anil@recoil.org> pkgname=opam -pkgver=2.0.1 +pkgver=2.0.7 pkgrel=0 pkgdesc="OCaml Package Manager" url="https://opam.ocaml.org" -arch="all !x86 !armhf !armv7 !s390x" # ocaml not avail on excluded platforms +arch="all !x86 !armhf !armv7 !s390x !mips !mips64" # ocaml not avail on excluded platforms license="LGPL-2.1" -depends="ocaml curl xz tar unzip rsync patch bubblewrap bash" +depends="ocaml curl tar unzip rsync patch bubblewrap bash" makedepends="ocaml-compiler-libs" -source="https://github.com/ocaml/$pkgname/releases/download/$pkgver/$pkgname-full-$pkgver.tar.gz" +source="https://github.com/ocaml/opam/releases/download/$pkgver/opam-full-$pkgver.tar.gz" builddir="$srcdir/$pkgname-full-$pkgver" subpackages="$pkgname-doc" build() { - cd "$builddir" - ./configure \ --build=$CBUILD \ --host=$CHOST \ @@ -30,13 +29,11 @@ build() { } package() { - cd "$builddir" make DESTDIR="$pkgdir" install } check() { - cd "$builddir" make tests } -sha512sums="add6cd77067cddadd4be5d79699713211f5f2796c1e1931048eb5fc4f0127eca56e1f81d43335327ae04e2144186d9ce759e844d2a125ef27f22c26cd8153e3c opam-full-2.0.1.tar.gz" +sha512sums="670af4935bba0679c65f6592b7a52b1d429b604eb261e40b13cf72312aeb0bab0c5a76829a555fc5379a0371c352692cbabc46b460fcd9bf32b3cfebdaeceb81 opam-full-2.0.7.tar.gz" diff --git a/community/openjdk7/APKBUILD b/community/openjdk7/APKBUILD index d955112f889..0d011c7ba45 100644 --- a/community/openjdk7/APKBUILD +++ b/community/openjdk7/APKBUILD @@ -2,11 +2,11 @@ # Contributor: Jakub Jirutka <jakub@jirutka.cz> # Maintainer: Timo Teras <timo.teras@iki.fi> pkgname=openjdk7 -_icedteaver=2.6.18 +_icedteaver=2.6.22 _icedteaversrc=$_icedteaver # pkgver is <JDK version>.<JDK update> # check icedtea JDK when updating -pkgver=7.221.$_icedteaver +pkgver=7.261.$_icedteaver pkgrel=0 pkgdesc="OpenJDK 7 via IcedTea" url="https://icedtea.classpath.org/" @@ -73,7 +73,6 @@ source="https://icedtea.classpath.org/download/source/icedtea-$_icedteaversrc.ta https://archive.apache.org/dist/ant/binaries/apache-ant-$ANT_VER-bin.tar.gz https://github.com/mozilla/rhino/releases/download/Rhino${RHINO_VER//./_}_Release/rhino-$RHINO_VER.zip - icedtea-pr64174.patch icedtea-hotspot-musl.patch icedtea-hotspot-musl-ppc.patch icedtea-hotspot-noagent-musl.patch @@ -83,26 +82,68 @@ source="https://icedtea.classpath.org/download/source/icedtea-$_icedteaversrc.ta icedtea-jdk-fix-ipv6-init.patch icedtea-jdk-musl.patch icedtea-jdk-no-soname.patch + icedtea-jdk-revert-7fdd0d6ef2d3.patch + icedtea-jdk-revert-a32dc7400435.patch icedtea-cpio.patch " # secfixes: +# 7.261.2.6.22-r0: +# - CVE-2020-2756 +# - CVE-2020-2757 +# - CVE-2020-2773 +# - CVE-2020-2781 +# - CVE-2020-2800 +# - CVE-2020-2803 +# - CVE-2020-2805 +# - CVE-2020-2830 +# 7.251.2.6.21-r0: +# - CVE-2020-2583 +# - CVE-2020-2590 +# - CVE-2020-2593 +# - CVE-2020-2601 +# - CVE-2020-2604 +# - CVE-2020-2654 +# - CVE-2020-2659 +# 7.241.2.6.20-r0: +# - CVE-2019-2894 +# - CVE-2019-2933 +# - CVE-2019-2945 +# - CVE-2019-2949 +# - CVE-2019-2958 +# - CVE-2019-2962 +# - CVE-2019-2964 +# - CVE-2019-2973 +# - CVE-2019-2978 +# - CVE-2019-2981 +# - CVE-2019-2983 +# - CVE-2019-2987 +# - CVE-2019-2988 +# - CVE-2019-2989 +# - CVE-2019-2992 +# - CVE-2019-2999 +# 7.231.2.6.19-r0: +# - CVE-2019-2766 +# - CVE-2019-2769 +# - CVE-2019-2786 +# - CVE-2019-2816 +# - CVE-2019-2842 # 7.221.2.6.18-r0: -# - CVE-2019-2602 -# - CVE-2019-2684 -# - CVE-2019-2698 +# - CVE-2019-2602 +# - CVE-2019-2684 +# - CVE-2019-2698 # 7.211.2.6.17-r0: -# - CVE-2018-11212 -# - CVE-2019-2422 -# - CVE_2019-2426 +# - CVE-2018-11212 +# - CVE-2019-2422 +# - CVE_2019-2426 # 7.201.2.6.16-r0: -# - CVE-2018-3136 -# - CVE-2018-3139 -# - CVE-2018-3149 -# - CVE-2018-3169 -# - CVE-2018-3180 -# - CVE-2018-3214 -# - CVE-2018-13785 +# - CVE-2018-3136 +# - CVE-2018-3139 +# - CVE-2018-3149 +# - CVE-2018-3169 +# - CVE-2018-3180 +# - CVE-2018-3214 +# - CVE-2018-13785 builddir="$srcdir/icedtea-$_icedteaver" @@ -271,24 +312,25 @@ doc() { mv "$pkgdir"/$INSTALL_BASE/man "$subpkgdir"/$INSTALL_BASE/ } -sha512sums="202038af902c7619e787c3f55ccc4ab5b758a72e4c841d17065809d2331ed4f8ed7a2bce753917d9e6215525ba56840793c9a9850142e865edde1a92a7e5806d icedtea-2.6.18.tar.xz -af8bbdad44448fb73d4f8ac87c00fa2198b7d6a401b9af9c8330768aa5ca395b50ff85f053b02a3e6d4b166b0a8f7badf6bd3c983cc9b2e35f157d0389983982 openjdk-2.6.18.tar.bz2 -0c688037efebbea1175ae26fc77be205cb43f8de886b00a6d89d35666c523bad8dbde3be636a428bff1331e89c4a6acf2aefc5611e65e4a3a7b617e240c536bf corba-2.6.18.tar.bz2 -0a23f37bf35537333d93c88e6f3e018af32f9019ec081e679a4f204848851f4fbcf47f2c0e58e27b8a0c5fdfc9897d427070e62022afcfc42ad70bb413f12c1e jaxp-2.6.18.tar.bz2 -1b2b8fd93e9f94af202c3816b4ecaa8c0809d5eed5962ff57f2edd15232abcaa11d4ac74bfb5b9f9121e5cdec3ea33559ebcc5605d8aa1fd013152abafe14aa9 jaxws-2.6.18.tar.bz2 -82d8b69f6ba3eeb3825275506704b793b5c3ea416da04319fd62948c7fa9db9a4bcb96b0b43d13fc58fbaf2f8d4b5eea098d98d5da68977cb41f9614e8c30933 jdk-2.6.18.tar.bz2 -b64c832474295b3c8d3a22a906b156555171128002c1870d071c98902f7b611d8d0f0dab4c98bf21a102011a7bf2a542d0207cdbe23433a77073670a17eb6322 langtools-2.6.18.tar.bz2 -bff77060aa4ccceec62fc14a1c47ba6d31d510353050b9b213ef87a58b82132e5cad72c59ff38f50a2c290fd2cfd84e0db9768e205d72865b6fc4b6d15fb5f0c hotspot-2.6.18.tar.bz2 +sha512sums="28c96cd2971ce381f0bd1c2a7fe6443602ad89dc0dd5a48d533e3c1a473421bdb98abf5e38117409f305bab7c6c8fecf95e854e8da8acf022966014539916b5c icedtea-2.6.22.tar.xz +7e2027e0b32b34f63eb771aad0273313d963d455f11f635e6b268b49a7f390d9ef2ff2913f2b9f09b6959abbdc060788a1ad8da9ae221b0889054ec4120f9867 openjdk-2.6.22.tar.bz2 +105b9a40d2a65d106e2d59524b0ed24edc72f46f2383d5645d7dd1f09ea9359e76b07ce1712433c7ce1062c5c49f45937acbfe293cfb27379d9a412f03589324 corba-2.6.22.tar.bz2 +696f17f0ef263668fa775bfb65630dcbe5c673fd7b153eff598fc7a7ba60c99b3f6b5f8e82949f3ebf16f506a9158797227c7263292a04b63a8653189dd9bfbb jaxp-2.6.22.tar.bz2 +406d9066e66d38a6cfd697f594e6955a625b685fd7dd83eb774243a9c3bbeeef13a9f6fc5c9fa9b3e2de561264831779edc7af312f1df08c29315d97f5b71e9e jaxws-2.6.22.tar.bz2 +f2d6370b1bc5ee011670229b0d001f08e49aa688dfdaa196b5eb5db1484ce06046c6cf8415bb09ecca6810472f3211988a5a1cd42cdca805b3b56be8b6cd5bcd jdk-2.6.22.tar.bz2 +df11b0d172c1493870ce3aabca076c16f73c2e2f50ac6beac921c72c6bf925a8b879cf8754b19d2d6dd0407f9baadeb597719c6f5972c97f5a5f7567bf98fcb1 langtools-2.6.22.tar.bz2 +f7652d0e6c1fe33ed7fe0d6f0c36daffc6509bb92818d5eaaf183fd9e8afc1a2fca9d547a2c087aa41134d5da0da4c647b5cdad11b9a520cf9a94cc1a548e219 hotspot-2.6.22.tar.bz2 0da12cb0f761b8cb76e042449e7d93f43236e7bc948e337215470a70031f0a2dda6d1b508f9397b283808d84c4ebddb31558fe1cd8e6e6469c1dd390d69ec6e7 apache-ant-1.9.11-bin.tar.gz 1b9e8721749e81c5420a00af1e00ee0e4f48624ccb4e9aa969032114116ad50f59b254d4d16d74feff74de64157cc8b0a2ead9b555907c84b7055b796fba9a75 rhino-1.7.7.2.zip -dbebef0b6246ffaba8d10e1b672821b55e69950961dcfd265f8b37a8123a71bd80b33a1e4f1ea27343e08803744138687c6ee367e4158bc3540f5d886c0e9cb4 icedtea-pr64174.patch f62b942f0bacda8e37d0f1876d8ba14ddb4fc55a7d5fd1019463744927f40f422a85e9ee051948d566242f5a785aa28f275eb58768611283cba89af91235f43c icedtea-hotspot-musl.patch e5cf4d70f96fc1e72ae8b97a887adb96092ff36584711cbb8de9d9fa9e859cb8731d638838de0d9591239fc44ffe5c74422d1842bd9f10a0c00dff1627bdeeef icedtea-hotspot-musl-ppc.patch e7a2c1771bb582d427041f8d22e48c0daf8f20d7c0926cbce3549d49c4e949359ee25a35682b486e82f3e390535c950c5beee3bd8d06fb5a717b50f2d9b2a6bc icedtea-hotspot-noagent-musl.patch 822eee0dc4d3ba677a289dfeb3668b536d2d626708390a9d9702fb4144a481fd443a215a0d2041c6026113837aafa4ba0b5e9ead8589d2da6717a238bbc95a5a icedtea-hotspot-uclibc-fixes.patch -213a537de5f011cb39d608515c3413513ac75fb93593f9a9ef4205f71d72bdd8b097c80db185f7b26021d5bb85045b866f34f3478482dc4189972d8614a13458 icedtea-jdk-fix-build.patch +8fadeee6ea9886c7ee3118a1abaee2fbd04931a3ba880062bc97397ad30aab114a83542c888461a5a8a1d131c4e73920872317c96620e2a8c4689620adf9e9c3 icedtea-jdk-fix-build.patch 0391970e6a32946aa3cccf38fdef9c0fe2af26cd0df824b98aa2fcfa1bf661d4a68e339bffcfd16f386c565fc68bb28a29208a67d4bad8a0e847ad02bd8becbb icedtea-jdk-execinfo.patch 48533f87fc2cf29d26b259be0df51087d2fe5b252e72d00c6ea2f4add7b0fb113141718c116279c5905e03f64a1118082e719393786811367cf4d472b5d36774 icedtea-jdk-fix-ipv6-init.patch 44a35941c80f408d0607e32763b3b6ccee21e1d39886309327d3d74d2900117e4346ef59e77c663fd022fec10ee8f365eeb46c1260014d5765d226ce175ce3c5 icedtea-jdk-musl.patch bf4b184e170f7b0ff64ab30d2162784fe2bd5460d1fa31973259f7065fd4c511c46f97724fe2bd72bb94e9006cb568d0e0c87d1a9c90819e65880f8f44830bb1 icedtea-jdk-no-soname.patch +9a14c023662c25fc3338c60ba9e6ece625bf2db774776e0c633e5cc866d5c6daf160e90b164832b12eb304fcf65bf30b5d38f20cb7f97f01f6736bfa572ef4fc icedtea-jdk-revert-7fdd0d6ef2d3.patch +f4ee0ede2b62e81971e79bd7d382c09847488656bfa27a7346cd5a92f478bcf67cd10aa632989836a49e87ee435c3de831ad4c71f824113f55c61361895a7af8 icedtea-jdk-revert-a32dc7400435.patch a54c79c82afa1bc95265397b274260584c8b8c6be1651ddfb907d9523a809ea4581409e0d3fb0bbb63ef5a204e8ce29b7940e78cd640af1f490ae938c59129b6 icedtea-cpio.patch" diff --git a/community/openjdk7/icedtea-jdk-fix-build.patch b/community/openjdk7/icedtea-jdk-fix-build.patch index 9fae895b662..c8daa6fb2a5 100644 --- a/community/openjdk7/icedtea-jdk-fix-build.patch +++ b/community/openjdk7/icedtea-jdk-fix-build.patch @@ -22,7 +22,7 @@ Fixes three issues: +LDFLAGS_DEFS_OPTION = LDFLAGS_COMMON += $(LDFLAGS_DEFS_OPTION) - # + LDFLAGS_RELRO_OPTION = -Xlinker -z -Xlinker relro @@ -407,7 +407,7 @@ # the library itself should not. # diff --git a/community/openjdk7/icedtea-jdk-revert-7fdd0d6ef2d3.patch b/community/openjdk7/icedtea-jdk-revert-7fdd0d6ef2d3.patch new file mode 100644 index 00000000000..071a13c2eff --- /dev/null +++ b/community/openjdk7/icedtea-jdk-revert-7fdd0d6ef2d3.patch @@ -0,0 +1,1450 @@ +Revert 7fdd0d6ef2d3 due build error +This laos reverts a fix for CVE-2019-2745 +--- openjdk.orig/jdk/src/share/classes/sun/security/ec/ECDSAOperations.java 2019-07-14 02:30:40.000000000 +0200 ++++ openjdk/jdk/src/share/classes/sun/security/ec/ECDSAOperations.java 1970-01-01 01:00:00.000000000 +0100 +@@ -1,206 +0,0 @@ +-/* +- * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. +- */ +- +-package sun.security.ec; +- +-import sun.security.ec.point.*; +-import sun.security.util.ArrayUtil; +-import sun.security.util.Function; +-import sun.security.util.Optional; +-import sun.security.util.math.*; +-import static sun.security.ec.ECOperations.IntermediateValueException; +- +-import java.security.ProviderException; +-import java.security.spec.*; +- +-public class ECDSAOperations { +- +- public static class Seed { +- private final byte[] seedValue; +- +- public Seed(byte[] seedValue) { +- this.seedValue = seedValue; +- } +- +- public byte[] getSeedValue() { +- return seedValue; +- } +- } +- +- public static class Nonce { +- private final byte[] nonceValue; +- +- public Nonce(byte[] nonceValue) { +- this.nonceValue = nonceValue; +- } +- +- public byte[] getNonceValue() { +- return nonceValue; +- } +- } +- +- private final ECOperations ecOps; +- private final AffinePoint basePoint; +- +- public ECDSAOperations(ECOperations ecOps, ECPoint basePoint) { +- this.ecOps = ecOps; +- this.basePoint = toAffinePoint(basePoint, ecOps.getField()); +- } +- +- public ECOperations getEcOperations() { +- return ecOps; +- } +- +- public AffinePoint basePointMultiply(byte[] scalar) { +- return ecOps.multiply(basePoint, scalar).asAffine(); +- } +- +- public static AffinePoint toAffinePoint(ECPoint point, +- IntegerFieldModuloP field) { +- +- ImmutableIntegerModuloP affineX = field.getElement(point.getAffineX()); +- ImmutableIntegerModuloP affineY = field.getElement(point.getAffineY()); +- return new AffinePoint(affineX, affineY); +- } +- +- public static +- Optional<ECDSAOperations> forParameters(final ECParameterSpec ecParams) { +- Optional<ECOperations> curveOps = +- ECOperations.forParameters(ecParams); +- return curveOps.map(new Function<ECOperations, ECDSAOperations>() { +- @Override +- public ECDSAOperations apply(ECOperations ops) { +- return new ECDSAOperations(ops, ecParams.getGenerator()); +- } +- }); +- } +- +- /** +- * +- * Sign a digest using the provided private key and seed. +- * IMPORTANT: The private key is a scalar represented using a +- * little-endian byte array. This is backwards from the conventional +- * representation in ECDSA. The routines that produce and consume this +- * value uses little-endian, so this deviation from convention removes +- * the requirement to swap the byte order. The returned signature is in +- * the conventional byte order. +- * +- * @param privateKey the private key scalar as a little-endian byte array +- * @param digest the digest to be signed +- * @param seed the seed that will be used to produce the nonce. This object +- * should contain an array that is at least 64 bits longer than +- * the number of bits required to represent the group order. +- * @return the ECDSA signature value +- * @throws IntermediateValueException if the signature cannot be produced +- * due to an unacceptable intermediate or final value. If this +- * exception is thrown, then the caller should discard the nonnce and +- * try again with an entirely new nonce value. +- */ +- public byte[] signDigest(byte[] privateKey, byte[] digest, Seed seed) +- throws IntermediateValueException { +- +- byte[] nonceArr = ecOps.seedToScalar(seed.getSeedValue()); +- +- Nonce nonce = new Nonce(nonceArr); +- return signDigest(privateKey, digest, nonce); +- } +- +- /** +- * +- * Sign a digest using the provided private key and nonce. +- * IMPORTANT: The private key and nonce are scalars represented by a +- * little-endian byte array. This is backwards from the conventional +- * representation in ECDSA. The routines that produce and consume these +- * values use little-endian, so this deviation from convention removes +- * the requirement to swap the byte order. The returned signature is in +- * the conventional byte order. +- * +- * @param privateKey the private key scalar as a little-endian byte array +- * @param digest the digest to be signed +- * @param nonce the nonce object containing a little-endian scalar value. +- * @return the ECDSA signature value +- * @throws IntermediateValueException if the signature cannot be produced +- * due to an unacceptable intermediate or final value. If this +- * exception is thrown, then the caller should discard the nonnce and +- * try again with an entirely new nonce value. +- */ +- public byte[] signDigest(byte[] privateKey, byte[] digest, Nonce nonce) +- throws IntermediateValueException { +- +- IntegerFieldModuloP orderField = ecOps.getOrderField(); +- int orderBits = orderField.getSize().bitLength(); +- if (orderBits % 8 != 0 && orderBits < digest.length * 8) { +- // This implementation does not support truncating digests to +- // a length that is not a multiple of 8. +- throw new ProviderException("Invalid digest length"); +- } +- +- byte[] k = nonce.getNonceValue(); +- // check nonce length +- int length = (orderField.getSize().bitLength() + 7) / 8; +- if (k.length != length) { +- throw new ProviderException("Incorrect nonce length"); +- } +- +- MutablePoint R = ecOps.multiply(basePoint, k); +- IntegerModuloP r = R.asAffine().getX(); +- // put r into the correct field by fully reducing to an array +- byte[] temp = new byte[length]; +- r.asByteArray(temp); +- r = orderField.getElement(temp); +- // store r in result +- r.asByteArray(temp); +- byte[] result = new byte[2 * length]; +- ArrayUtil.reverse(temp); +- System.arraycopy(temp, 0, result, 0, length); +- // compare r to 0 +- if (ECOperations.allZero(temp)) { +- throw new IntermediateValueException(); +- } +- +- IntegerModuloP dU = orderField.getElement(privateKey); +- int lengthE = Math.min(length, digest.length); +- byte[] E = new byte[lengthE]; +- System.arraycopy(digest, 0, E, 0, lengthE); +- ArrayUtil.reverse(E); +- IntegerModuloP e = orderField.getElement(E); +- IntegerModuloP kElem = orderField.getElement(k); +- IntegerModuloP kInv = kElem.multiplicativeInverse(); +- MutableIntegerModuloP s = r.mutable(); +- s.setProduct(dU).setSum(e).setProduct(kInv); +- // store s in result +- s.asByteArray(temp); +- ArrayUtil.reverse(temp); +- System.arraycopy(temp, 0, result, length, length); +- // compare s to 0 +- if (ECOperations.allZero(temp)) { +- throw new IntermediateValueException(); +- } +- +- return result; +- +- } +- +-} +--- openjdk.orig/jdk/src/share/classes/sun/security/ec/ECOperations.java 2019-07-14 02:30:40.000000000 +0200 ++++ openjdk/jdk/src/share/classes/sun/security/ec/ECOperations.java 1970-01-01 01:00:00.000000000 +0100 +@@ -1,499 +0,0 @@ +-/* +- * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. +- */ +- +-package sun.security.ec; +- +-import sun.security.ec.point.*; +-import sun.security.util.Optional; +-import sun.security.util.math.*; +-import sun.security.util.math.intpoly.*; +- +-import java.math.BigInteger; +-import java.security.ProviderException; +-import java.security.spec.ECFieldFp; +-import java.security.spec.ECParameterSpec; +-import java.security.spec.EllipticCurve; +-import java.util.Collections; +-import java.util.HashMap; +-import java.util.Map; +- +-/* +- * Elliptic curve point arithmetic for prime-order curves where a=-3. +- * Formulas are derived from "Complete addition formulas for prime order +- * elliptic curves" by Renes, Costello, and Batina. +- */ +- +-public class ECOperations { +- +- /* +- * An exception indicating a problem with an intermediate value produced +- * by some part of the computation. For example, the signing operation +- * will throw this exception to indicate that the r or s value is 0, and +- * that the signing operation should be tried again with a different nonce. +- */ +- static class IntermediateValueException extends Exception { +- private static final long serialVersionUID = 1; +- } +- +- static final Map<BigInteger, IntegerFieldModuloP> fields; +- +- static final Map<BigInteger, IntegerFieldModuloP> orderFields; +- +- static { +- Map<BigInteger, IntegerFieldModuloP> map = new HashMap<>(); +- map.put(IntegerPolynomialP256.MODULUS, new IntegerPolynomialP256()); +- map.put(IntegerPolynomialP384.MODULUS, new IntegerPolynomialP384()); +- map.put(IntegerPolynomialP521.MODULUS, new IntegerPolynomialP521()); +- fields = Collections.unmodifiableMap(map); +- map = new HashMap<>(); +- map.put(P256OrderField.MODULUS, new P256OrderField()); +- map.put(P384OrderField.MODULUS, new P384OrderField()); +- map.put(P521OrderField.MODULUS, new P521OrderField()); +- orderFields = Collections.unmodifiableMap(map); +- } +- +- public static Optional<ECOperations> forParameters(ECParameterSpec params) { +- +- EllipticCurve curve = params.getCurve(); +- if (!(curve.getField() instanceof ECFieldFp)) { +- return Optional.empty(); +- } +- ECFieldFp primeField = (ECFieldFp) curve.getField(); +- +- BigInteger three = BigInteger.valueOf(3); +- if (!primeField.getP().subtract(curve.getA()).equals(three)) { +- return Optional.empty(); +- } +- IntegerFieldModuloP field = fields.get(primeField.getP()); +- if (field == null) { +- return Optional.empty(); +- } +- +- IntegerFieldModuloP orderField = orderFields.get(params.getOrder()); +- if (orderField == null) { +- return Optional.empty(); +- } +- +- ImmutableIntegerModuloP b = field.getElement(curve.getB()); +- ECOperations ecOps = new ECOperations(b, orderField); +- return Optional.of(ecOps); +- } +- +- final ImmutableIntegerModuloP b; +- final SmallValue one; +- final SmallValue two; +- final SmallValue three; +- final SmallValue four; +- final ProjectivePoint.Immutable neutral; +- private final IntegerFieldModuloP orderField; +- +- public ECOperations(IntegerModuloP b, IntegerFieldModuloP orderField) { +- this.b = b.fixed(); +- this.orderField = orderField; +- +- this.one = b.getField().getSmallValue(1); +- this.two = b.getField().getSmallValue(2); +- this.three = b.getField().getSmallValue(3); +- this.four = b.getField().getSmallValue(4); +- +- IntegerFieldModuloP field = b.getField(); +- this.neutral = new ProjectivePoint.Immutable(field.get0(), +- field.get1(), field.get0()); +- } +- +- public IntegerFieldModuloP getField() { +- return b.getField(); +- } +- public IntegerFieldModuloP getOrderField() { +- return orderField; +- } +- +- protected ProjectivePoint.Immutable getNeutral() { +- return neutral; +- } +- +- public boolean isNeutral(Point p) { +- ProjectivePoint<?> pp = (ProjectivePoint<?>) p; +- +- IntegerModuloP z = pp.getZ(); +- +- IntegerFieldModuloP field = z.getField(); +- int byteLength = (field.getSize().bitLength() + 7) / 8; +- byte[] zBytes = z.asByteArray(byteLength); +- return allZero(zBytes); +- } +- +- byte[] seedToScalar(byte[] seedBytes) +- throws IntermediateValueException { +- +- // Produce a nonce from the seed using FIPS 186-4,section B.5.1: +- // Per-Message Secret Number Generation Using Extra Random Bits +- // or +- // Produce a scalar from the seed using FIPS 186-4, section B.4.1: +- // Key Pair Generation Using Extra Random Bits +- +- // To keep the implementation simple, sample in the range [0,n) +- // and throw IntermediateValueException in the (unlikely) event +- // that the result is 0. +- +- // Get 64 extra bits and reduce in to the nonce +- int seedBits = orderField.getSize().bitLength() + 64; +- if (seedBytes.length * 8 < seedBits) { +- throw new ProviderException("Incorrect seed length: " + +- seedBytes.length * 8 + " < " + seedBits); +- } +- +- // input conversion only works on byte boundaries +- // clear high-order bits of last byte so they don't influence nonce +- int lastByteBits = seedBits % 8; +- if (lastByteBits != 0) { +- int lastByteIndex = seedBits / 8; +- byte mask = (byte) (0xFF >>> (8 - lastByteBits)); +- seedBytes[lastByteIndex] &= mask; +- } +- +- int seedLength = (seedBits + 7) / 8; +- IntegerModuloP scalarElem = +- orderField.getElement(seedBytes, 0, seedLength, (byte) 0); +- int scalarLength = (orderField.getSize().bitLength() + 7) / 8; +- byte[] scalarArr = new byte[scalarLength]; +- scalarElem.asByteArray(scalarArr); +- if (ECOperations.allZero(scalarArr)) { +- throw new IntermediateValueException(); +- } +- return scalarArr; +- } +- +- /* +- * Compare all values in the array to 0 without branching on any value +- * +- */ +- public static boolean allZero(byte[] arr) { +- byte acc = 0; +- for (int i = 0; i < arr.length; i++) { +- acc |= arr[i]; +- } +- return acc == 0; +- } +- +- /* +- * 4-bit branchless array lookup for projective points. +- */ +- private void lookup4(ProjectivePoint.Immutable[] arr, int index, +- ProjectivePoint.Mutable result, IntegerModuloP zero) { +- +- for (int i = 0; i < 16; i++) { +- int xor = index ^ i; +- int bit3 = (xor & 0x8) >>> 3; +- int bit2 = (xor & 0x4) >>> 2; +- int bit1 = (xor & 0x2) >>> 1; +- int bit0 = (xor & 0x1); +- int inverse = bit0 | bit1 | bit2 | bit3; +- int set = 1 - inverse; +- +- ProjectivePoint.Immutable pi = arr[i]; +- result.conditionalSet(pi, set); +- } +- } +- +- private void double4(ProjectivePoint.Mutable p, MutableIntegerModuloP t0, +- MutableIntegerModuloP t1, MutableIntegerModuloP t2, +- MutableIntegerModuloP t3, MutableIntegerModuloP t4) { +- +- for (int i = 0; i < 4; i++) { +- setDouble(p, t0, t1, t2, t3, t4); +- } +- } +- +- /** +- * Multiply an affine point by a scalar and return the result as a mutable +- * point. +- * +- * @param affineP the point +- * @param s the scalar as a little-endian array +- * @return the product +- */ +- public MutablePoint multiply(AffinePoint affineP, byte[] s) { +- +- // 4-bit windowed multiply with branchless lookup. +- // The mixed addition is faster, so it is used to construct the array +- // at the beginning of the operation. +- +- IntegerFieldModuloP field = affineP.getX().getField(); +- ImmutableIntegerModuloP zero = field.get0(); +- // temporaries +- MutableIntegerModuloP t0 = zero.mutable(); +- MutableIntegerModuloP t1 = zero.mutable(); +- MutableIntegerModuloP t2 = zero.mutable(); +- MutableIntegerModuloP t3 = zero.mutable(); +- MutableIntegerModuloP t4 = zero.mutable(); +- +- ProjectivePoint.Mutable result = new ProjectivePoint.Mutable(field); +- result.getY().setValue(field.get1().mutable()); +- +- ProjectivePoint.Immutable[] pointMultiples = +- new ProjectivePoint.Immutable[16]; +- // 0P is neutral---same as initial result value +- pointMultiples[0] = result.fixed(); +- +- ProjectivePoint.Mutable ps = new ProjectivePoint.Mutable(field); +- ps.setValue(affineP); +- // 1P = P +- pointMultiples[1] = ps.fixed(); +- +- // the rest are calculated using mixed point addition +- for (int i = 2; i < 16; i++) { +- setSum(ps, affineP, t0, t1, t2, t3, t4); +- pointMultiples[i] = ps.fixed(); +- } +- +- ProjectivePoint.Mutable lookupResult = ps.mutable(); +- +- for (int i = s.length - 1; i >= 0; i--) { +- +- double4(result, t0, t1, t2, t3, t4); +- +- int high = (0xFF & s[i]) >>> 4; +- lookup4(pointMultiples, high, lookupResult, zero); +- setSum(result, lookupResult, t0, t1, t2, t3, t4); +- +- double4(result, t0, t1, t2, t3, t4); +- +- int low = 0xF & s[i]; +- lookup4(pointMultiples, low, lookupResult, zero); +- setSum(result, lookupResult, t0, t1, t2, t3, t4); +- } +- +- return result; +- +- } +- +- /* +- * Point double +- */ +- private void setDouble(ProjectivePoint.Mutable p, MutableIntegerModuloP t0, +- MutableIntegerModuloP t1, MutableIntegerModuloP t2, +- MutableIntegerModuloP t3, MutableIntegerModuloP t4) { +- +- t0.setValue(p.getX()).setSquare(); +- t1.setValue(p.getY()).setSquare(); +- t2.setValue(p.getZ()).setSquare(); +- t3.setValue(p.getX()).setProduct(p.getY()); +- t4.setValue(p.getY()).setProduct(p.getZ()); +- +- t3.setSum(t3); +- p.getZ().setProduct(p.getX()); +- +- p.getZ().setProduct(two); +- +- p.getY().setValue(t2).setProduct(b); +- p.getY().setDifference(p.getZ()); +- +- p.getX().setValue(p.getY()).setProduct(two); +- p.getY().setSum(p.getX()); +- p.getY().setReduced(); +- p.getX().setValue(t1).setDifference(p.getY()); +- +- p.getY().setSum(t1); +- p.getY().setProduct(p.getX()); +- p.getX().setProduct(t3); +- +- t3.setValue(t2).setProduct(two); +- t2.setSum(t3); +- p.getZ().setProduct(b); +- +- t2.setReduced(); +- p.getZ().setDifference(t2); +- p.getZ().setDifference(t0); +- t3.setValue(p.getZ()).setProduct(two); +- p.getZ().setReduced(); +- p.getZ().setSum(t3); +- t0.setProduct(three); +- +- t0.setDifference(t2); +- t0.setProduct(p.getZ()); +- p.getY().setSum(t0); +- +- t4.setSum(t4); +- p.getZ().setProduct(t4); +- +- p.getX().setDifference(p.getZ()); +- p.getZ().setValue(t4).setProduct(t1); +- +- p.getZ().setProduct(four); +- +- } +- +- /* +- * Mixed point addition. This method constructs new temporaries each time +- * it is called. For better efficiency, the method that reuses temporaries +- * should be used if more than one sum will be computed. +- */ +- public void setSum(MutablePoint p, AffinePoint p2) { +- +- IntegerModuloP zero = p.getField().get0(); +- MutableIntegerModuloP t0 = zero.mutable(); +- MutableIntegerModuloP t1 = zero.mutable(); +- MutableIntegerModuloP t2 = zero.mutable(); +- MutableIntegerModuloP t3 = zero.mutable(); +- MutableIntegerModuloP t4 = zero.mutable(); +- setSum((ProjectivePoint.Mutable) p, p2, t0, t1, t2, t3, t4); +- +- } +- +- /* +- * Mixed point addition +- */ +- private void setSum(ProjectivePoint.Mutable p, AffinePoint p2, +- MutableIntegerModuloP t0, MutableIntegerModuloP t1, +- MutableIntegerModuloP t2, MutableIntegerModuloP t3, +- MutableIntegerModuloP t4) { +- +- t0.setValue(p.getX()).setProduct(p2.getX()); +- t1.setValue(p.getY()).setProduct(p2.getY()); +- t3.setValue(p2.getX()).setSum(p2.getY()); +- t4.setValue(p.getX()).setSum(p.getY()); +- p.getX().setReduced(); +- t3.setProduct(t4); +- t4.setValue(t0).setSum(t1); +- +- t3.setDifference(t4); +- t4.setValue(p2.getY()).setProduct(p.getZ()); +- t4.setSum(p.getY()); +- +- p.getY().setValue(p2.getX()).setProduct(p.getZ()); +- p.getY().setSum(p.getX()); +- t2.setValue(p.getZ()); +- p.getZ().setProduct(b); +- +- p.getX().setValue(p.getY()).setDifference(p.getZ()); +- p.getX().setReduced(); +- p.getZ().setValue(p.getX()).setProduct(two); +- p.getX().setSum(p.getZ()); +- +- p.getZ().setValue(t1).setDifference(p.getX()); +- p.getX().setSum(t1); +- p.getY().setProduct(b); +- +- t1.setValue(t2).setProduct(two); +- t2.setSum(t1); +- t2.setReduced(); +- p.getY().setDifference(t2); +- +- p.getY().setDifference(t0); +- p.getY().setReduced(); +- t1.setValue(p.getY()).setProduct(two); +- p.getY().setSum(t1); +- +- t1.setValue(t0).setProduct(two); +- t0.setSum(t1); +- t0.setDifference(t2); +- +- t1.setValue(t4).setProduct(p.getY()); +- t2.setValue(t0).setProduct(p.getY()); +- p.getY().setValue(p.getX()).setProduct(p.getZ()); +- +- p.getY().setSum(t2); +- p.getX().setProduct(t3); +- p.getX().setDifference(t1); +- +- p.getZ().setProduct(t4); +- t1.setValue(t3).setProduct(t0); +- p.getZ().setSum(t1); +- +- } +- +- /* +- * Projective point addition +- */ +- private void setSum(ProjectivePoint.Mutable p, ProjectivePoint.Mutable p2, +- MutableIntegerModuloP t0, MutableIntegerModuloP t1, +- MutableIntegerModuloP t2, MutableIntegerModuloP t3, +- MutableIntegerModuloP t4) { +- +- t0.setValue(p.getX()).setProduct(p2.getX()); +- t1.setValue(p.getY()).setProduct(p2.getY()); +- t2.setValue(p.getZ()).setProduct(p2.getZ()); +- +- t3.setValue(p.getX()).setSum(p.getY()); +- t4.setValue(p2.getX()).setSum(p2.getY()); +- t3.setProduct(t4); +- +- t4.setValue(t0).setSum(t1); +- t3.setDifference(t4); +- t4.setValue(p.getY()).setSum(p.getZ()); +- +- p.getY().setValue(p2.getY()).setSum(p2.getZ()); +- t4.setProduct(p.getY()); +- p.getY().setValue(t1).setSum(t2); +- +- t4.setDifference(p.getY()); +- p.getX().setSum(p.getZ()); +- p.getY().setValue(p2.getX()).setSum(p2.getZ()); +- +- p.getX().setProduct(p.getY()); +- p.getY().setValue(t0).setSum(t2); +- p.getY().setAdditiveInverse().setSum(p.getX()); +- p.getY().setReduced(); +- +- p.getZ().setValue(t2).setProduct(b); +- p.getX().setValue(p.getY()).setDifference(p.getZ()); +- p.getZ().setValue(p.getX()).setProduct(two); +- +- p.getX().setSum(p.getZ()); +- p.getX().setReduced(); +- p.getZ().setValue(t1).setDifference(p.getX()); +- p.getX().setSum(t1); +- +- p.getY().setProduct(b); +- t1.setValue(t2).setSum(t2); +- t2.setSum(t1); +- t2.setReduced(); +- +- p.getY().setDifference(t2); +- p.getY().setDifference(t0); +- p.getY().setReduced(); +- t1.setValue(p.getY()).setSum(p.getY()); +- +- p.getY().setSum(t1); +- t1.setValue(t0).setProduct(two); +- t0.setSum(t1); +- +- t0.setDifference(t2); +- t1.setValue(t4).setProduct(p.getY()); +- t2.setValue(t0).setProduct(p.getY()); +- +- p.getY().setValue(p.getX()).setProduct(p.getZ()); +- p.getY().setSum(t2); +- p.getX().setProduct(t3); +- +- p.getX().setDifference(t1); +- p.getZ().setProduct(t4); +- t1.setValue(t3).setProduct(t0); +- +- p.getZ().setSum(t1); +- +- } +-} +--- openjdk.orig/jdk/src/share/classes/sun/security/ec/point/AffinePoint.java 2019-07-14 02:30:40.000000000 +0200 ++++ openjdk/jdk/src/share/classes/sun/security/ec/point/AffinePoint.java 1970-01-01 01:00:00.000000000 +0100 +@@ -1,76 +0,0 @@ +-/* +- * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. +- */ +-package sun.security.ec.point; +- +-import sun.security.util.math.ImmutableIntegerModuloP; +- +-import java.util.Objects; +- +-/** +- * Elliptic curve point represented using affine coordinates (x, y). This class +- * is not part of the sun.security.ec.point.Point hierarchy because it is not +- * used to hold intermediate values during point arithmetic, and so it does not +- * have a mutable form. +- */ +-public class AffinePoint { +- +- private final ImmutableIntegerModuloP x; +- private final ImmutableIntegerModuloP y; +- +- public AffinePoint(ImmutableIntegerModuloP x, ImmutableIntegerModuloP y) { +- this.x = x; +- this.y = y; +- } +- +- public ImmutableIntegerModuloP getX() { +- return x; +- } +- +- public ImmutableIntegerModuloP getY() { +- return y; +- } +- +- @Override +- public boolean equals(Object obj) { +- if (!(obj instanceof AffinePoint)) { +- return false; +- } +- AffinePoint p = (AffinePoint) obj; +- boolean xEquals = x.asBigInteger().equals(p.x.asBigInteger()); +- boolean yEquals = y.asBigInteger().equals(p.y.asBigInteger()); +- return xEquals && yEquals; +- } +- +- @Override +- public int hashCode() { +- return Objects.hash(x, y); +- } +- +- @Override +- public String toString() { +- return "(" + x.asBigInteger().toString() + "," + +- y.asBigInteger().toString() + ")"; +- } +-} +--- openjdk.orig/jdk/src/share/classes/sun/security/ec/point/ImmutablePoint.java 2019-07-14 02:30:40.000000000 +0200 ++++ openjdk/jdk/src/share/classes/sun/security/ec/point/ImmutablePoint.java 1970-01-01 01:00:00.000000000 +0100 +@@ -1,32 +0,0 @@ +-/* +- * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. +- */ +- +-package sun.security.ec.point; +- +-/** +- * An interface for immutable points on an elliptic curve over a finite field. +- */ +-public interface ImmutablePoint extends Point { +-} +--- openjdk.orig/jdk/src/share/classes/sun/security/ec/point/MutablePoint.java 2019-07-14 02:30:40.000000000 +0200 ++++ openjdk/jdk/src/share/classes/sun/security/ec/point/MutablePoint.java 1970-01-01 01:00:00.000000000 +0100 +@@ -1,37 +0,0 @@ +-/* +- * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. +- */ +- +-package sun.security.ec.point; +- +-/** +- * An interface for mutable points on an elliptic curve over a finite field. +- */ +-public interface MutablePoint extends Point { +- +- MutablePoint setValue(AffinePoint p); +- MutablePoint setValue(Point p); +- MutablePoint conditionalSet(Point p, int set); +- +-} +--- openjdk.orig/jdk/src/share/classes/sun/security/ec/point/Point.java 2019-07-14 02:30:40.000000000 +0200 ++++ openjdk/jdk/src/share/classes/sun/security/ec/point/Point.java 1970-01-01 01:00:00.000000000 +0100 +@@ -1,45 +0,0 @@ +-/* +- * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. +- */ +- +-package sun.security.ec.point; +- +-import sun.security.util.math.IntegerFieldModuloP; +- +-/** +- * A base interface for points on an elliptic curve over a finite field. +- * Implementations may use different representations for points, and this +- * interface creates a common API for manipulating points. This API has no +- * methods for point arithmetic, which depends on group structure and curve +- * parameters in addition to point representation. +- */ +-public interface Point { +- +- IntegerFieldModuloP getField(); +- AffinePoint asAffine(); +- +- ImmutablePoint fixed(); +- MutablePoint mutable(); +- +-} +--- openjdk.orig/jdk/src/share/classes/sun/security/ec/point/ProjectivePoint.java 2019-07-14 02:30:40.000000000 +0200 ++++ openjdk/jdk/src/share/classes/sun/security/ec/point/ProjectivePoint.java 1970-01-01 01:00:00.000000000 +0100 +@@ -1,160 +0,0 @@ +-/* +- * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. +- */ +-package sun.security.ec.point; +- +-import sun.security.util.math.*; +- +-/** +- * Elliptic curve point in projective coordinates (X, Y, Z) where +- * an affine point (x, y) is represented using any (X, Y, Z) s.t. +- * x = X/Z and y = Y/Z. +- */ +-public abstract class ProjectivePoint +- <T extends IntegerModuloP> implements Point { +- +- protected final T x; +- protected final T y; +- protected final T z; +- +- protected ProjectivePoint(T x, T y, T z) { +- +- this.x = x; +- this.y = y; +- this.z = z; +- } +- +- @Override +- public IntegerFieldModuloP getField() { +- return this.x.getField(); +- } +- +- @Override +- public Immutable fixed() { +- return new Immutable(x.fixed(), y.fixed(), z.fixed()); +- } +- +- @Override +- public Mutable mutable() { +- return new Mutable(x.mutable(), y.mutable(), z.mutable()); +- } +- +- public T getX() { +- return x; +- } +- +- public T getY() { +- return y; +- } +- +- public T getZ() { +- return z; +- } +- +- public AffinePoint asAffine() { +- IntegerModuloP zInv = z.multiplicativeInverse(); +- return new AffinePoint(x.multiply(zInv), y.multiply(zInv)); +- } +- +- public static class Immutable +- extends ProjectivePoint<ImmutableIntegerModuloP> +- implements ImmutablePoint { +- +- public Immutable(ImmutableIntegerModuloP x, +- ImmutableIntegerModuloP y, +- ImmutableIntegerModuloP z) { +- super(x, y, z); +- } +- } +- +- public static class Mutable +- extends ProjectivePoint<MutableIntegerModuloP> +- implements MutablePoint { +- +- public Mutable(MutableIntegerModuloP x, +- MutableIntegerModuloP y, +- MutableIntegerModuloP z) { +- super(x, y, z); +- } +- +- public Mutable(IntegerFieldModuloP field) { +- super(field.get0().mutable(), +- field.get0().mutable(), +- field.get0().mutable()); +- } +- +- @Override +- public Mutable conditionalSet(Point p, int set) { +- if (!(p instanceof ProjectivePoint)) { +- throw new RuntimeException("Incompatible point"); +- } +- @SuppressWarnings("unchecked") +- ProjectivePoint<IntegerModuloP> pp = +- (ProjectivePoint<IntegerModuloP>) p; +- return conditionalSet(pp, set); +- } +- +- private <T extends IntegerModuloP> +- Mutable conditionalSet(ProjectivePoint<T> pp, int set) { +- +- x.conditionalSet(pp.x, set); +- y.conditionalSet(pp.y, set); +- z.conditionalSet(pp.z, set); +- +- return this; +- } +- +- @Override +- public Mutable setValue(AffinePoint p) { +- x.setValue(p.getX()); +- y.setValue(p.getY()); +- z.setValue(p.getX().getField().get1()); +- +- return this; +- } +- +- @Override +- public Mutable setValue(Point p) { +- if (!(p instanceof ProjectivePoint)) { +- throw new RuntimeException("Incompatible point"); +- } +- @SuppressWarnings("unchecked") +- ProjectivePoint<IntegerModuloP> pp = +- (ProjectivePoint<IntegerModuloP>) p; +- return setValue(pp); +- } +- +- private <T extends IntegerModuloP> +- Mutable setValue(ProjectivePoint<T> pp) { +- +- x.setValue(pp.x); +- y.setValue(pp.y); +- z.setValue(pp.z); +- +- return this; +- } +- +- } +- +-} +--- openjdk.orig/jdk/src/share/classes/sun/security/util/Function.java 2019-07-14 02:30:40.000000000 +0200 ++++ openjdk/jdk/src/share/classes/sun/security/util/Function.java 1970-01-01 01:00:00.000000000 +0100 +@@ -1,44 +0,0 @@ +-/* +- * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. +- */ +-package sun.security.util; +- +-/** +- * Represents a function that accepts one argument and produces a result. +- * +- * @param <T> the type of the input to the function +- * @param <R> the type of the result of the function +- * +- * @since 1.8 +- */ +-public interface Function<T, R> { +- +- /** +- * Applies this function to the given argument. +- * +- * @param t the function argument +- * @return the function result +- */ +- R apply(T t); +-} +--- openjdk.orig/jdk/src/share/classes/sun/security/util/Optional.java 2019-07-14 02:30:40.000000000 +0200 ++++ openjdk/jdk/src/share/classes/sun/security/util/Optional.java 1970-01-01 01:00:00.000000000 +0100 +@@ -1,271 +0,0 @@ +-/* +- * Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. +- */ +-package sun.security.util; +- +-import java.util.Objects; +-import java.util.NoSuchElementException; +- +-/** +- * A container object which may or may not contain a non-null value. +- * If a value is present, {@code isPresent()} will return {@code true} and +- * {@code get()} will return the value. +- * +- * <p>Additional methods that depend on the presence or absence of a contained +- * value are provided, such as {@link #orElse(java.lang.Object) orElse()} +- * (return a default value if value not present) and +- * {@link #ifPresent(java.util.function.Consumer) ifPresent()} (execute a block +- * of code if the value is present). +- * +- * <p>This is a <a href="../lang/doc-files/ValueBased.html">value-based</a> +- * class; use of identity-sensitive operations (including reference equality +- * ({@code ==}), identity hash code, or synchronization) on instances of +- * {@code Optional} may have unpredictable results and should be avoided. +- * +- * @since 1.8 +- */ +-public final class Optional<T> { +- /** +- * Common instance for {@code empty()}. +- */ +- private static final Optional<?> EMPTY = new Optional<>(); +- +- /** +- * If non-null, the value; if null, indicates no value is present +- */ +- private final T value; +- +- /** +- * Constructs an empty instance. +- * +- * @implNote Generally only one empty instance, {@link Optional#EMPTY}, +- * should exist per VM. +- */ +- private Optional() { +- this.value = null; +- } +- +- /** +- * Returns an empty {@code Optional} instance. No value is present for this +- * {@code Optional}. +- * +- * @apiNote +- * Though it may be tempting to do so, avoid testing if an object is empty +- * by comparing with {@code ==} against instances returned by +- * {@code Optional.empty()}. There is no guarantee that it is a singleton. +- * Instead, use {@link #isPresent()}. +- * +- * @param <T> The type of the non-existent value +- * @return an empty {@code Optional} +- */ +- public static<T> Optional<T> empty() { +- @SuppressWarnings("unchecked") +- Optional<T> t = (Optional<T>) EMPTY; +- return t; +- } +- +- +- /** +- * Constructs an instance with the described value. +- * +- * @param value the non-{@code null} value to describe +- * @throws NullPointerException if value is {@code null} +- */ +- private Optional(T value) { +- this.value = Objects.requireNonNull(value); +- } +- +- /** +- * Returns an {@code Optional} describing the given non-{@code null} +- * value. +- * +- * @param value the value to describe, which must be non-{@code null} +- * @param <T> the type of the value +- * @return an {@code Optional} with the value present +- * @throws NullPointerException if value is {@code null} +- */ +- public static <T> Optional<T> of(T value) { +- return new Optional<>(value); +- } +- +- /** +- * Returns an {@code Optional} describing the specified value, if non-null, +- * otherwise returns an empty {@code Optional}. +- * +- * @param <T> the class of the value +- * @param value the possibly-null value to describe +- * @return an {@code Optional} with a present value if the specified value +- * is non-null, otherwise an empty {@code Optional} +- */ +- public static <T> Optional<T> ofNullable(T value) { +- return value == null ? new Optional<T>() : of(value); +- } +- +- /** +- * If a value is present, returns the value, otherwise throws +- * {@code NoSuchElementException}. +- * +- * @apiNote +- * The preferred alternative to this method is {@link #orElseThrow()}. +- * +- * @return the non-{@code null} value described by this {@code Optional} +- * @throws NoSuchElementException if no value is present +- */ +- public T get() { +- if (value == null) { +- throw new NoSuchElementException("No value present"); +- } +- return value; +- } +- +- /** +- * If a value is present, returns {@code true}, otherwise {@code false}. +- * +- * @return {@code true} if a value is present, otherwise {@code false} +- */ +- public boolean isPresent() { +- return value != null; +- } +- +- /** +- * If a value is not present, returns {@code true}, otherwise +- * {@code false}. +- * +- * @return {@code true} if a value is not present, otherwise {@code false} +- * @since 11 +- */ +- public boolean isEmpty() { +- return value == null; +- } +- +- /** +- * If a value is present, apply the provided mapping function to it, +- * and if the result is non-null, return an {@code Optional} describing the +- * result. Otherwise return an empty {@code Optional}. +- * +- * @apiNote This method supports post-processing on optional values, without +- * the need to explicitly check for a return status. For example, the +- * following code traverses a stream of file names, selects one that has +- * not yet been processed, and then opens that file, returning an +- * {@code Optional<FileInputStream>}: +- * +- * <pre>{@code +- * Optional<FileInputStream> fis = +- * names.stream().filter(name -> !isProcessedYet(name)) +- * .findFirst() +- * .map(name -> new FileInputStream(name)); +- * }</pre> +- * +- * Here, {@code findFirst} returns an {@code Optional<String>}, and then +- * {@code map} returns an {@code Optional<FileInputStream>} for the desired +- * file if one exists. +- * +- * @param <U> The type of the result of the mapping function +- * @param mapper a mapping function to apply to the value, if present +- * @return an {@code Optional} describing the result of applying a mapping +- * function to the value of this {@code Optional}, if a value is present, +- * otherwise an empty {@code Optional} +- * @throws NullPointerException if the mapping function is null +- */ +- public<U> Optional<U> map(Function<? super T, ? extends U> mapper) { +- Objects.requireNonNull(mapper); +- if (!isPresent()) +- return empty(); +- else { +- return Optional.ofNullable(mapper.apply(value)); +- } +- } +- +- /** +- * Return the value if present, otherwise invoke {@code other} and return +- * the result of that invocation. +- * +- * @param other a {@code Supplier} whose result is returned if no value +- * is present +- * @return the value if present otherwise the result of {@code other.get()} +- * @throws NullPointerException if value is not present and {@code other} is +- * null +- */ +- public T orElseGet(Supplier<? extends T> other) { +- return value != null ? value : other.get(); +- } +- +- /** +- * Indicates whether some other object is "equal to" this {@code Optional}. +- * The other object is considered equal if: +- * <ul> +- * <li>it is also an {@code Optional} and; +- * <li>both instances have no value present or; +- * <li>the present values are "equal to" each other via {@code equals()}. +- * </ul> +- * +- * @param obj an object to be tested for equality +- * @return {@code true} if the other object is "equal to" this object +- * otherwise {@code false} +- */ +- @Override +- public boolean equals(Object obj) { +- if (this == obj) { +- return true; +- } +- +- if (!(obj instanceof Optional)) { +- return false; +- } +- +- Optional<?> other = (Optional<?>) obj; +- return Objects.equals(value, other.value); +- } +- +- /** +- * Returns the hash code of the value, if present, otherwise {@code 0} +- * (zero) if no value is present. +- * +- * @return hash code value of the present value or {@code 0} if no value is +- * present +- */ +- @Override +- public int hashCode() { +- return Objects.hashCode(value); +- } +- +- /** +- * Returns a non-empty string representation of this {@code Optional} +- * suitable for debugging. The exact presentation format is unspecified and +- * may vary between implementations and versions. +- * +- * @implSpec +- * If a value is present the result must include its string representation +- * in the result. Empty and present {@code Optional}s must be unambiguously +- * differentiable. +- * +- * @return the string representation of this instance +- */ +- @Override +- public String toString() { +- return value != null +- ? String.format("Optional[%s]", value) +- : "Optional.empty"; +- } +-} +--- openjdk.orig/jdk/src/share/classes/sun/security/util/Supplier.java 2019-07-14 02:30:40.000000000 +0200 ++++ openjdk/jdk/src/share/classes/sun/security/util/Supplier.java 1970-01-01 01:00:00.000000000 +0100 +@@ -1,48 +0,0 @@ +-/* +- * Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. +- */ +-package sun.security.util; +- +-/** +- * Represents a supplier of results. +- * +- * <p>There is no requirement that a new or distinct result be returned each +- * time the supplier is invoked. +- * +- * <p>This is a <a href="package-summary.html">functional interface</a> +- * whose functional method is {@link #get()}. +- * +- * @param <T> the type of results supplied by this supplier +- * +- * @since 1.8 +- */ +-public interface Supplier<T> { +- +- /** +- * Gets a result. +- * +- * @return a result +- */ +- T get(); +-} diff --git a/community/openjdk7/icedtea-jdk-revert-a32dc7400435.patch b/community/openjdk7/icedtea-jdk-revert-a32dc7400435.patch new file mode 100644 index 00000000000..dc2eac62251 --- /dev/null +++ b/community/openjdk7/icedtea-jdk-revert-a32dc7400435.patch @@ -0,0 +1,1377 @@ +Revert a32dc7400435 due build error +--- openjdk.orig/jdk/src/share/classes/com/sun/crypto/provider/AESCrypt.java 2019-07-15 08:52:23.000000000 +0200 ++++ openjdk/jdk/src/share/classes/com/sun/crypto/provider/AESCrypt.java 2019-07-04 19:20:08.000000000 +0200 +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2002, 2018, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2002, 2015, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -38,6 +38,7 @@ + + import java.security.InvalidKeyException; + import java.security.MessageDigest; ++import java.util.Objects; + + /** + * Rijndael --pronounced Reindaal-- is a symmetric cipher with a 128-bit +@@ -347,8 +348,8 @@ + */ + void encryptBlock(byte[] in, int inOffset, + byte[] out, int outOffset) { +- // Array bound checks are done in caller code, i.e. +- // FeedbackCipher.encrypt/decrypt(...) to improve performance. ++ cryptBlockCheck(in, inOffset); ++ cryptBlockCheck(out, outOffset); + implEncryptBlock(in, inOffset, out, outOffset); + } + +@@ -425,8 +426,8 @@ + */ + void decryptBlock(byte[] in, int inOffset, + byte[] out, int outOffset) { +- // Array bound checks are done in caller code, i.e. +- // FeedbackCipher.encrypt/decrypt(...) to improve performance. ++ cryptBlockCheck(in, inOffset); ++ cryptBlockCheck(out, outOffset); + implDecryptBlock(in, inOffset, out, outOffset); + } + +@@ -587,6 +588,26 @@ + out[outOffset ] = (byte)(Si[(a0 ) & 0xFF] ^ (t1 )); + } + ++ // Used to perform all checks required by the Java semantics ++ // (i.e., null checks and bounds checks) on the input parameters ++ // to encryptBlock and to decryptBlock. ++ // Normally, the Java Runtime performs these checks, however, as ++ // encryptBlock and decryptBlock are possibly replaced with ++ // compiler intrinsics, the JDK performs the required checks instead. ++ // Does not check accesses to class-internal (private) arrays. ++ private static void cryptBlockCheck(byte[] array, int offset) { ++ Objects.requireNonNull(array); ++ ++ if (offset < 0 || offset >= array.length) { ++ throw new ArrayIndexOutOfBoundsException(offset); ++ } ++ ++ int largestIndex = offset + AES_BLOCK_SIZE - 1; ++ if (largestIndex < 0 || largestIndex >= array.length) { ++ throw new ArrayIndexOutOfBoundsException(largestIndex); ++ } ++ } ++ + /** + * Expand a user-supplied key material into a session key. + * +--- openjdk.orig/jdk/src/share/classes/com/sun/crypto/provider/CipherBlockChaining.java 2019-07-15 08:52:23.000000000 +0200 ++++ openjdk/jdk/src/share/classes/com/sun/crypto/provider/CipherBlockChaining.java 2019-07-04 19:20:08.000000000 +0200 +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -29,7 +29,6 @@ + import java.security.ProviderException; + import java.util.Objects; + +-import sun.security.util.ArrayUtil; + + /** + * This class represents ciphers in cipher block chaining (CBC) mode. +@@ -144,9 +143,9 @@ + if (plainLen <= 0) { + return plainLen; + } +- ArrayUtil.blockSizeCheck(plainLen, blockSize); +- ArrayUtil.nullAndBoundsCheck(plain, plainOffset, plainLen); +- ArrayUtil.nullAndBoundsCheck(cipher, cipherOffset, plainLen); ++ cryptBlockSizeCheck(plainLen); ++ cryptNullAndBoundsCheck(plain, plainOffset, plainLen); ++ cryptNullAndBoundsCheck(cipher, cipherOffset, plainLen); + return implEncrypt(plain, plainOffset, plainLen, + cipher, cipherOffset); + } +@@ -194,9 +193,9 @@ + if (cipherLen <= 0) { + return cipherLen; + } +- ArrayUtil.blockSizeCheck(cipherLen, blockSize); +- ArrayUtil.nullAndBoundsCheck(cipher, cipherOffset, cipherLen); +- ArrayUtil.nullAndBoundsCheck(plain, plainOffset, cipherLen); ++ cryptBlockSizeCheck(cipherLen); ++ cryptNullAndBoundsCheck(cipher, cipherOffset, cipherLen); ++ cryptNullAndBoundsCheck(plain, plainOffset, cipherLen); + return implDecrypt(cipher, cipherOffset, cipherLen, plain, plainOffset); + } + +@@ -215,4 +214,23 @@ + } + return cipherLen; + } ++ ++ private void cryptBlockSizeCheck(int len) { ++ if ((len % blockSize) != 0) { ++ throw new ProviderException("Internal error in input buffering"); ++ } ++ } ++ ++ private static void cryptNullAndBoundsCheck(byte[] array, int offset, int len) { ++ Objects.requireNonNull(array); ++ ++ if (offset < 0 || offset >= array.length) { ++ throw new ArrayIndexOutOfBoundsException(offset); ++ } ++ ++ int endIndex = offset + len - 1; ++ if (endIndex < 0 || endIndex >= array.length) { ++ throw new ArrayIndexOutOfBoundsException(endIndex); ++ } ++ } + } +--- openjdk.orig/jdk/src/share/classes/com/sun/crypto/provider/CipherFeedback.java 2019-07-15 08:52:23.000000000 +0200 ++++ openjdk/jdk/src/share/classes/com/sun/crypto/provider/CipherFeedback.java 2019-07-04 19:20:08.000000000 +0200 +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -27,7 +27,6 @@ + + import java.security.InvalidKeyException; + import java.security.ProviderException; +-import sun.security.util.ArrayUtil; + + /** + * This class represents ciphers in cipher-feedback (CFB) mode. +@@ -150,9 +149,9 @@ + */ + int encrypt(byte[] plain, int plainOffset, int plainLen, + byte[] cipher, int cipherOffset) { +- ArrayUtil.blockSizeCheck(plainLen, numBytes); +- ArrayUtil.nullAndBoundsCheck(plain, plainOffset, plainLen); +- ArrayUtil.nullAndBoundsCheck(cipher, cipherOffset, plainLen); ++ if ((plainLen % numBytes) != 0) { ++ throw new ProviderException("Internal error in input buffering"); ++ } + + int nShift = blockSize - numBytes; + int loopCount = plainLen / numBytes; +@@ -226,10 +225,9 @@ + */ + int decrypt(byte[] cipher, int cipherOffset, int cipherLen, + byte[] plain, int plainOffset) { +- +- ArrayUtil.blockSizeCheck(cipherLen, numBytes); +- ArrayUtil.nullAndBoundsCheck(cipher, cipherOffset, cipherLen); +- ArrayUtil.nullAndBoundsCheck(plain, plainOffset, cipherLen); ++ if ((cipherLen % numBytes) != 0) { ++ throw new ProviderException("Internal error in input buffering"); ++ } + + int nShift = blockSize - numBytes; + int loopCount = cipherLen / numBytes; +--- openjdk.orig/jdk/src/share/classes/com/sun/crypto/provider/CounterMode.java 2019-07-15 08:52:23.000000000 +0200 ++++ openjdk/jdk/src/share/classes/com/sun/crypto/provider/CounterMode.java 2019-07-04 19:20:08.000000000 +0200 +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2002, 2018, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2002, 2017, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -27,7 +27,6 @@ + + import java.security.InvalidKeyException; + +-import sun.security.util.ArrayUtil; + + /** + * This class represents ciphers in counter (CTR) mode. +@@ -174,10 +173,6 @@ + if (len == 0) { + return 0; + } +- +- ArrayUtil.nullAndBoundsCheck(in, inOff, len); +- ArrayUtil.nullAndBoundsCheck(out, outOff, len); +- + int result = len; + while (len-- > 0) { + if (used >= blockSize) { +--- openjdk.orig/jdk/src/share/classes/com/sun/crypto/provider/ElectronicCodeBook.java 2019-07-15 08:52:23.000000000 +0200 ++++ openjdk/jdk/src/share/classes/com/sun/crypto/provider/ElectronicCodeBook.java 2019-07-04 19:20:08.000000000 +0200 +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -27,7 +27,6 @@ + + import java.security.InvalidKeyException; + import java.security.ProviderException; +-import sun.security.util.ArrayUtil; + + /** + * This class represents ciphers in electronic codebook (ECB) mode. +@@ -113,10 +112,9 @@ + * @return the length of the encrypted data + */ + int encrypt(byte[] in, int inOff, int len, byte[] out, int outOff) { +- ArrayUtil.blockSizeCheck(len, blockSize); +- ArrayUtil.nullAndBoundsCheck(in, inOff, len); +- ArrayUtil.nullAndBoundsCheck(out, outOff, len); +- ++ if ((len % blockSize) != 0) { ++ throw new ProviderException("Internal error in input buffering"); ++ } + for (int i = len; i >= blockSize; i -= blockSize) { + embeddedCipher.encryptBlock(in, inOff, out, outOff); + inOff += blockSize; +@@ -143,10 +141,9 @@ + * @return the length of the decrypted data + */ + int decrypt(byte[] in, int inOff, int len, byte[] out, int outOff) { +- ArrayUtil.blockSizeCheck(len, blockSize); +- ArrayUtil.nullAndBoundsCheck(in, inOff, len); +- ArrayUtil.nullAndBoundsCheck(out, outOff, len); +- ++ if ((len % blockSize) != 0) { ++ throw new ProviderException("Internal error in input buffering"); ++ } + for (int i = len; i >= blockSize; i -= blockSize) { + embeddedCipher.decryptBlock(in, inOff, out, outOff); + inOff += blockSize; +--- openjdk.orig/jdk/src/share/classes/com/sun/crypto/provider/OutputFeedback.java 2019-07-15 08:52:23.000000000 +0200 ++++ openjdk/jdk/src/share/classes/com/sun/crypto/provider/OutputFeedback.java 2019-07-04 19:20:08.000000000 +0200 +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -27,7 +27,6 @@ + + import java.security.InvalidKeyException; + import java.security.ProviderException; +-import sun.security.util.ArrayUtil; + + /** + * This class represents ciphers in output-feedback (OFB) mode. +@@ -149,10 +148,10 @@ + */ + int encrypt(byte[] plain, int plainOffset, int plainLen, + byte[] cipher, int cipherOffset) { +- ArrayUtil.blockSizeCheck(plainLen, numBytes); +- ArrayUtil.nullAndBoundsCheck(plain, plainOffset, plainLen); +- ArrayUtil.nullAndBoundsCheck(cipher, cipherOffset, plainLen); + ++ if ((plainLen % numBytes) != 0) { ++ throw new ProviderException("Internal error in input buffering"); ++ } + int nShift = blockSize - numBytes; + int loopCount = plainLen / numBytes; + +@@ -190,9 +189,6 @@ + */ + int encryptFinal(byte[] plain, int plainOffset, int plainLen, + byte[] cipher, int cipherOffset) { +- ArrayUtil.nullAndBoundsCheck(plain, plainOffset, plainLen); +- ArrayUtil.nullAndBoundsCheck(cipher, cipherOffset, plainLen); +- + int oddBytes = plainLen % numBytes; + int len = encrypt(plain, plainOffset, (plainLen - oddBytes), + cipher, cipherOffset); +--- openjdk.orig/jdk/src/share/classes/com/sun/crypto/provider/PCBC.java 2019-07-15 08:52:23.000000000 +0200 ++++ openjdk/jdk/src/share/classes/com/sun/crypto/provider/PCBC.java 2019-07-04 19:20:08.000000000 +0200 +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -27,7 +27,6 @@ + + import java.security.InvalidKeyException; + import java.security.ProviderException; +-import sun.security.util.ArrayUtil; + + + /** +@@ -137,10 +136,9 @@ + int encrypt(byte[] plain, int plainOffset, int plainLen, + byte[] cipher, int cipherOffset) + { +- ArrayUtil.blockSizeCheck(plainLen, blockSize); +- ArrayUtil.nullAndBoundsCheck(plain, plainOffset, plainLen); +- ArrayUtil.nullAndBoundsCheck(cipher, cipherOffset, plainLen); +- ++ if ((plainLen % blockSize) != 0) { ++ throw new ProviderException("Internal error in input buffering"); ++ } + int i; + int endIndex = plainOffset + plainLen; + +@@ -178,10 +176,9 @@ + int decrypt(byte[] cipher, int cipherOffset, int cipherLen, + byte[] plain, int plainOffset) + { +- ArrayUtil.blockSizeCheck(cipherLen, blockSize); +- ArrayUtil.nullAndBoundsCheck(cipher, cipherOffset, cipherLen); +- ArrayUtil.nullAndBoundsCheck(plain, plainOffset, cipherLen); +- ++ if ((cipherLen % blockSize) != 0) { ++ throw new ProviderException("Internal error in input buffering"); ++ } + int i; + int endIndex = cipherOffset + cipherLen; + +--- openjdk.orig/jdk/src/share/classes/sun/security/util/ArrayUtil.java 2019-07-15 08:52:23.000000000 +0200 ++++ openjdk/jdk/src/share/classes/sun/security/util/ArrayUtil.java 2019-07-04 19:20:08.000000000 +0200 +@@ -25,38 +25,12 @@ + + package sun.security.util; + +-import java.util.List; +-import java.security.*; +- + /** + * This class holds the various utility methods for array range checks. + */ + + public final class ArrayUtil { + +- private static final Function<String, ArrayIndexOutOfBoundsException> aioobeGenerator = +- new Function<String, ArrayIndexOutOfBoundsException>() { +- @Override +- public ArrayIndexOutOfBoundsException apply(String x) { +- return new ArrayIndexOutOfBoundsException(x); +- } +- }; +- +- private static final BiFunction<String, List<Integer>, +- ArrayIndexOutOfBoundsException> AIOOBE_SUPPLIER = +- Preconditions.outOfBoundsExceptionFormatter(aioobeGenerator); +- +- public static void blockSizeCheck(int len, int blockSize) { +- if ((len % blockSize) != 0) { +- throw new ProviderException("Internal error in input buffering"); +- } +- } +- +- public static void nullAndBoundsCheck(byte[] array, int offset, int len) { +- // NPE is thrown when array is null +- Preconditions.checkFromIndexSize(offset, len, array.length, AIOOBE_SUPPLIER); +- } +- + private static void swap(byte[] arr, int i, int j) { + byte tmp = arr[i]; + arr[i] = arr[j]; +@@ -74,3 +48,4 @@ + } + } + } ++ +--- openjdk.orig/jdk/src/share/classes/sun/security/util/BiConsumer.java 2019-07-15 08:52:23.000000000 +0200 ++++ openjdk/jdk/src/share/classes/sun/security/util/BiConsumer.java 1970-01-01 01:00:00.000000000 +0100 +@@ -1,48 +0,0 @@ +-/* +- * Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. +- */ +-package sun.security.util; +- +-/** +- * Represents an operation that accepts two input arguments and returns no +- * result. This is the two-arity specialization of {@link Consumer}. +- * Unlike most other functional interfaces, {@code BiConsumer} is expected +- * to operate via side-effects. +- * +- * @param <T> the type of the first argument to the operation +- * @param <U> the type of the second argument to the operation +- * +- * @see Consumer +- * @since 1.8 +- */ +-public interface BiConsumer<T, U> { +- +- /** +- * Performs this operation on the given arguments. +- * +- * @param t the first input argument +- * @param u the second input argument +- */ +- void accept(T t, U u); +-} +--- openjdk.orig/jdk/src/share/classes/sun/security/util/BiFunction.java 2019-07-15 08:52:23.000000000 +0200 ++++ openjdk/jdk/src/share/classes/sun/security/util/BiFunction.java 1970-01-01 01:00:00.000000000 +0100 +@@ -1,48 +0,0 @@ +-/* +- * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. +- */ +-package sun.security.util; +- +-/** +- * Represents a function that accepts two arguments and produces a result. +- * This is the two-arity specialization of {@link Function}. +- * +- * @param <T> the type of the first argument to the function +- * @param <U> the type of the second argument to the function +- * @param <R> the type of the result of the function +- * +- * @see Function +- * @since 1.8 +- */ +-public interface BiFunction<T, U, R> { +- +- /** +- * Applies this function to the given arguments. +- * +- * @param t the first function argument +- * @param u the second function argument +- * @return the function result +- */ +- R apply(T t, U u); +-} +--- openjdk.orig/jdk/src/share/classes/sun/security/util/IntSupplier.java 2019-07-15 08:52:23.000000000 +0200 ++++ openjdk/jdk/src/share/classes/sun/security/util/IntSupplier.java 1970-01-01 01:00:00.000000000 +0100 +@@ -1,45 +0,0 @@ +-/* +- * Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. +- */ +-package sun.security.util; +- +-/** +- * Represents a supplier of {@code int}-valued results. This is the +- * {@code int}-producing primitive specialization of {@link Supplier}. +- * +- * <p>There is no requirement that a distinct result be returned each +- * time the supplier is invoked. +- * +- * @see Supplier +- * @since 1.8 +- */ +-public interface IntSupplier { +- +- /** +- * Gets a result. +- * +- * @return a result +- */ +- int getAsInt(); +-} +--- openjdk.orig/jdk/src/share/classes/sun/security/util/Preconditions.java 2019-07-15 08:52:23.000000000 +0200 ++++ openjdk/jdk/src/share/classes/sun/security/util/Preconditions.java 1970-01-01 01:00:00.000000000 +0100 +@@ -1,343 +0,0 @@ +-/* +- * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. Oracle designates this +- * particular file as subject to the "Classpath" exception as provided +- * by Oracle in the LICENSE file that accompanied this code. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. +- */ +-package sun.security.util; +- +-import java.util.Arrays; +-import java.util.Collections; +-import java.util.List; +- +-/** +- * Utility methods to check if state or arguments are correct. +- * +- */ +-public class Preconditions { +- +- /** +- * Maps out-of-bounds values to a runtime exception. +- * +- * @param checkKind the kind of bounds check, whose name may correspond +- * to the name of one of the range check methods, checkIndex, +- * checkFromToIndex, checkFromIndexSize +- * @param args the out-of-bounds arguments that failed the range check. +- * If the checkKind corresponds a the name of a range check method +- * then the bounds arguments are those that can be passed in order +- * to the method. +- * @param oobef the exception formatter that when applied with a checkKind +- * and a list out-of-bounds arguments returns a runtime exception. +- * If {@code null} then, it is as if an exception formatter was +- * supplied that returns {@link IndexOutOfBoundsException} for any +- * given arguments. +- * @return the runtime exception +- */ +- private static RuntimeException outOfBounds( +- BiFunction<String, List<Integer>, ? extends RuntimeException> oobef, +- String checkKind, +- Integer... args) { +- List<Integer> largs = Collections.unmodifiableList(Arrays.asList(args)); +- RuntimeException e = oobef == null +- ? null : oobef.apply(checkKind, largs); +- return e == null +- ? new IndexOutOfBoundsException(outOfBoundsMessage(checkKind, largs)) : e; +- } +- +- private static RuntimeException outOfBoundsCheckIndex( +- BiFunction<String, List<Integer>, ? extends RuntimeException> oobe, +- int index, int length) { +- return outOfBounds(oobe, "checkIndex", index, length); +- } +- +- private static RuntimeException outOfBoundsCheckFromToIndex( +- BiFunction<String, List<Integer>, ? extends RuntimeException> oobe, +- int fromIndex, int toIndex, int length) { +- return outOfBounds(oobe, "checkFromToIndex", fromIndex, toIndex, length); +- } +- +- private static RuntimeException outOfBoundsCheckFromIndexSize( +- BiFunction<String, List<Integer>, ? extends RuntimeException> oobe, +- int fromIndex, int size, int length) { +- return outOfBounds(oobe, "checkFromIndexSize", fromIndex, size, length); +- } +- +- /** +- * Returns an out-of-bounds exception formatter from an given exception +- * factory. The exception formatter is a function that formats an +- * out-of-bounds message from its arguments and applies that message to the +- * given exception factory to produce and relay an exception. +- * +- * <p>The exception formatter accepts two arguments: a {@code String} +- * describing the out-of-bounds range check that failed, referred to as the +- * <em>check kind</em>; and a {@code List<Integer>} containing the +- * out-of-bound integer values that failed the check. The list of +- * out-of-bound values is not modified. +- * +- * <p>Three check kinds are supported {@code checkIndex}, +- * {@code checkFromToIndex} and {@code checkFromIndexSize} corresponding +- * respectively to the specified application of an exception formatter as an +- * argument to the out-of-bounds range check methods +- * {@link #checkIndex(int, int, BiFunction) checkIndex}, +- * {@link #checkFromToIndex(int, int, int, BiFunction) checkFromToIndex}, and +- * {@link #checkFromIndexSize(int, int, int, BiFunction) checkFromIndexSize}. +- * Thus a supported check kind corresponds to a method name and the +- * out-of-bound integer values correspond to method argument values, in +- * order, preceding the exception formatter argument (similar in many +- * respects to the form of arguments required for a reflective invocation of +- * such a range check method). +- * +- * <p>Formatter arguments conforming to such supported check kinds will +- * produce specific exception messages describing failed out-of-bounds +- * checks. Otherwise, more generic exception messages will be produced in +- * any of the following cases: the check kind is supported but fewer +- * or more out-of-bounds values are supplied, the check kind is not +- * supported, the check kind is {@code null}, or the list of out-of-bound +- * values is {@code null}. +- * +- * @apiNote +- * This method produces an out-of-bounds exception formatter that can be +- * passed as an argument to any of the supported out-of-bounds range check +- * methods declared by {@code Objects}. For example, a formatter producing +- * an {@code ArrayIndexOutOfBoundsException} may be produced and stored on a +- * {@code static final} field as follows: +- * <pre>{@code +- * static final +- * BiFunction<String, List<Integer>, ArrayIndexOutOfBoundsException> AIOOBEF = +- * outOfBoundsExceptionFormatter(ArrayIndexOutOfBoundsException::new); +- * }</pre> +- * The formatter instance {@code AIOOBEF} may be passed as an argument to an +- * out-of-bounds range check method, such as checking if an {@code index} +- * is within the bounds of a {@code limit}: +- * <pre>{@code +- * checkIndex(index, limit, AIOOBEF); +- * }</pre> +- * If the bounds check fails then the range check method will throw an +- * {@code ArrayIndexOutOfBoundsException} with an appropriate exception +- * message that is a produced from {@code AIOOBEF} as follows: +- * <pre>{@code +- * AIOOBEF.apply("checkIndex", List.of(index, limit)); +- * }</pre> +- * +- * @param f the exception factory, that produces an exception from a message +- * where the message is produced and formatted by the returned +- * exception formatter. If this factory is stateless and side-effect +- * free then so is the returned formatter. +- * Exceptions thrown by the factory are relayed to the caller +- * of the returned formatter. +- * @param <X> the type of runtime exception to be returned by the given +- * exception factory and relayed by the exception formatter +- * @return the out-of-bounds exception formatter +- */ +- public static <X extends RuntimeException> +- BiFunction<String, List<Integer>, X> outOfBoundsExceptionFormatter(final Function<String, X> f) { +- // Use anonymous class to avoid bootstrap issues if this method is +- // used early in startup +- return new BiFunction<String, List<Integer>, X>() { +- @Override +- public X apply(String checkKind, List<Integer> args) { +- return f.apply(outOfBoundsMessage(checkKind, args)); +- } +- }; +- } +- +- private static String outOfBoundsMessage(String checkKind, List<Integer> args) { +- if (checkKind == null && args == null) { +- return String.format("Range check failed"); +- } else if (checkKind == null) { +- return String.format("Range check failed: %s", args); +- } else if (args == null) { +- return String.format("Range check failed: %s", checkKind); +- } +- +- int argSize = 0; +- switch (checkKind) { +- case "checkIndex": +- argSize = 2; +- break; +- case "checkFromToIndex": +- case "checkFromIndexSize": +- argSize = 3; +- break; +- default: +- } +- +- // Switch to default if fewer or more arguments than required are supplied +- switch ((args.size() != argSize) ? "" : checkKind) { +- case "checkIndex": +- return String.format("Index %d out-of-bounds for length %d", +- args.get(0), args.get(1)); +- case "checkFromToIndex": +- return String.format("Range [%d, %d) out-of-bounds for length %d", +- args.get(0), args.get(1), args.get(2)); +- case "checkFromIndexSize": +- return String.format("Range [%d, %<d + %d) out-of-bounds for length %d", +- args.get(0), args.get(1), args.get(2)); +- default: +- return String.format("Range check failed: %s %s", checkKind, args); +- } +- } +- +- /** +- * Checks if the {@code index} is within the bounds of the range from +- * {@code 0} (inclusive) to {@code length} (exclusive). +- * +- * <p>The {@code index} is defined to be out-of-bounds if any of the +- * following inequalities is true: +- * <ul> +- * <li>{@code index < 0}</li> +- * <li>{@code index >= length}</li> +- * <li>{@code length < 0}, which is implied from the former inequalities</li> +- * </ul> +- * +- * <p>If the {@code index} is out-of-bounds, then a runtime exception is +- * thrown that is the result of applying the following arguments to the +- * exception formatter: the name of this method, {@code checkIndex}; +- * and an unmodifiable list integers whose values are, in order, the +- * out-of-bounds arguments {@code index} and {@code length}. +- * +- * @param <X> the type of runtime exception to throw if the arguments are +- * out-of-bounds +- * @param index the index +- * @param length the upper-bound (exclusive) of the range +- * @param oobef the exception formatter that when applied with this +- * method name and out-of-bounds arguments returns a runtime +- * exception. If {@code null} or returns {@code null} then, it is as +- * if an exception formatter produced from an invocation of +- * {@code outOfBoundsExceptionFormatter(IndexOutOfBounds::new)} is used +- * instead (though it may be more efficient). +- * Exceptions thrown by the formatter are relayed to the caller. +- * @return {@code index} if it is within bounds of the range +- * @throws X if the {@code index} is out-of-bounds and the exception +- * formatter is non-{@code null} +- * @throws IndexOutOfBoundsException if the {@code index} is out-of-bounds +- * and the exception formatter is {@code null} +- * @since 9 +- * +- * @implNote +- * This method is made intrinsic in optimizing compilers to guide them to +- * perform unsigned comparisons of the index and length when it is known the +- * length is a non-negative value (such as that of an array length or from +- * the upper bound of a loop) +- */ +- public static <X extends RuntimeException> +- int checkIndex(int index, int length, +- BiFunction<String, List<Integer>, X> oobef) { +- if (index < 0 || index >= length) +- throw outOfBoundsCheckIndex(oobef, index, length); +- return index; +- } +- +- /** +- * Checks if the sub-range from {@code fromIndex} (inclusive) to +- * {@code toIndex} (exclusive) is within the bounds of range from {@code 0} +- * (inclusive) to {@code length} (exclusive). +- * +- * <p>The sub-range is defined to be out-of-bounds if any of the following +- * inequalities is true: +- * <ul> +- * <li>{@code fromIndex < 0}</li> +- * <li>{@code fromIndex > toIndex}</li> +- * <li>{@code toIndex > length}</li> +- * <li>{@code length < 0}, which is implied from the former inequalities</li> +- * </ul> +- * +- * <p>If the sub-range is out-of-bounds, then a runtime exception is +- * thrown that is the result of applying the following arguments to the +- * exception formatter: the name of this method, {@code checkFromToIndex}; +- * and an unmodifiable list integers whose values are, in order, the +- * out-of-bounds arguments {@code fromIndex}, {@code toIndex}, and {@code length}. +- * +- * @param <X> the type of runtime exception to throw if the arguments are +- * out-of-bounds +- * @param fromIndex the lower-bound (inclusive) of the sub-range +- * @param toIndex the upper-bound (exclusive) of the sub-range +- * @param length the upper-bound (exclusive) the range +- * @param oobef the exception formatter that when applied with this +- * method name and out-of-bounds arguments returns a runtime +- * exception. If {@code null} or returns {@code null} then, it is as +- * if an exception formatter produced from an invocation of +- * {@code outOfBoundsExceptionFormatter(IndexOutOfBounds::new)} is used +- * instead (though it may be more efficient). +- * Exceptions thrown by the formatter are relayed to the caller. +- * @return {@code fromIndex} if the sub-range within bounds of the range +- * @throws X if the sub-range is out-of-bounds and the exception factory +- * function is non-{@code null} +- * @throws IndexOutOfBoundsException if the sub-range is out-of-bounds and +- * the exception factory function is {@code null} +- * @since 9 +- */ +- public static <X extends RuntimeException> +- int checkFromToIndex(int fromIndex, int toIndex, int length, +- BiFunction<String, List<Integer>, X> oobef) { +- if (fromIndex < 0 || fromIndex > toIndex || toIndex > length) +- throw outOfBoundsCheckFromToIndex(oobef, fromIndex, toIndex, length); +- return fromIndex; +- } +- +- /** +- * Checks if the sub-range from {@code fromIndex} (inclusive) to +- * {@code fromIndex + size} (exclusive) is within the bounds of range from +- * {@code 0} (inclusive) to {@code length} (exclusive). +- * +- * <p>The sub-range is defined to be out-of-bounds if any of the following +- * inequalities is true: +- * <ul> +- * <li>{@code fromIndex < 0}</li> +- * <li>{@code size < 0}</li> +- * <li>{@code fromIndex + size > length}, taking into account integer overflow</li> +- * <li>{@code length < 0}, which is implied from the former inequalities</li> +- * </ul> +- * +- * <p>If the sub-range is out-of-bounds, then a runtime exception is +- * thrown that is the result of applying the following arguments to the +- * exception formatter: the name of this method, {@code checkFromIndexSize}; +- * and an unmodifiable list integers whose values are, in order, the +- * out-of-bounds arguments {@code fromIndex}, {@code size}, and +- * {@code length}. +- * +- * @param <X> the type of runtime exception to throw if the arguments are +- * out-of-bounds +- * @param fromIndex the lower-bound (inclusive) of the sub-interval +- * @param size the size of the sub-range +- * @param length the upper-bound (exclusive) of the range +- * @param oobef the exception formatter that when applied with this +- * method name and out-of-bounds arguments returns a runtime +- * exception. If {@code null} or returns {@code null} then, it is as +- * if an exception formatter produced from an invocation of +- * {@code outOfBoundsExceptionFormatter(IndexOutOfBounds::new)} is used +- * instead (though it may be more efficient). +- * Exceptions thrown by the formatter are relayed to the caller. +- * @return {@code fromIndex} if the sub-range within bounds of the range +- * @throws X if the sub-range is out-of-bounds and the exception factory +- * function is non-{@code null} +- * @throws IndexOutOfBoundsException if the sub-range is out-of-bounds and +- * the exception factory function is {@code null} +- * @since 9 +- */ +- public static <X extends RuntimeException> +- int checkFromIndexSize(int fromIndex, int size, int length, +- BiFunction<String, List<Integer>, X> oobef) { +- if ((length | fromIndex | size) < 0 || size > length - fromIndex) +- throw outOfBoundsCheckFromIndexSize(oobef, fromIndex, size, length); +- return fromIndex; +- } +-} +--- openjdk.orig/test/src/java/util/Objects/CheckIndex.java 2019-07-15 08:52:23.000000000 +0200 ++++ openjdk/jdk/test/java/util/Objects/CheckIndex.java 1970-01-01 01:00:00.000000000 +0100 +@@ -1,408 +0,0 @@ +-/* +- * Copyright (c) 2015, 2016 Oracle and/or its affiliates. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. +- */ +- +-/** +- * @test +- * @summary Objects.checkIndex/jdk.internal.util.Preconditions.checkIndex tests +- * @run testng CheckIndex +- * @bug 8135248 8142493 8155794 +- */ +- +-import org.testng.annotations.DataProvider; +-import org.testng.annotations.Test; +- +-import java.util.ArrayList; +-import java.util.Arrays; +-import java.util.Collections; +-import java.util.HashSet; +-import java.util.List; +-import java.util.Objects; +-import java.util.Set; +- +-import sun.security.util.BiConsumer; +-import sun.security.util.BiFunction; +-import sun.security.util.Function; +-import sun.security.util.IntSupplier; +-import sun.security.util.Preconditions; +- +-import static org.testng.Assert.*; +- +-public class CheckIndex { +- +- private static final Function<String, IndexOutOfBoundsException> ioobeGenerator = +- new Function<String, IndexOutOfBoundsException>() { +- @Override +- public IndexOutOfBoundsException apply(String x) { +- return new IndexOutOfBoundsException(x); +- } +- }; +- +- private static final Function<String, StringIndexOutOfBoundsException> sioobeGenerator = +- new Function<String, StringIndexOutOfBoundsException>() { +- @Override +- public StringIndexOutOfBoundsException apply(String x) { +- return new StringIndexOutOfBoundsException(x); +- } +- }; +- +- private static final Function<String, ArrayIndexOutOfBoundsException> aioobeGenerator = +- new Function<String, ArrayIndexOutOfBoundsException>() { +- @Override +- public ArrayIndexOutOfBoundsException apply(String x) { +- return new ArrayIndexOutOfBoundsException(x); +- } +- }; +- +- static class AssertingOutOfBoundsException extends RuntimeException { +- public AssertingOutOfBoundsException(String message) { +- super(message); +- } +- } +- +- static BiFunction<String, List<Integer>, AssertingOutOfBoundsException> assertingOutOfBounds( +- final String message, final String expCheckKind, final Integer... expArgs) { +- return new BiFunction<String, List<Integer>, AssertingOutOfBoundsException>() { +- @Override +- public AssertingOutOfBoundsException apply(String checkKind, List<Integer> args) { +- assertEquals(checkKind, expCheckKind); +- assertEquals(args, Collections.unmodifiableList(Arrays.asList(expArgs))); +- try { +- args.clear(); +- fail("Out of bounds List<Integer> argument should be unmodifiable"); +- } catch (Exception e) { +- } +- return new AssertingOutOfBoundsException(message); +- } +- }; +- } +- +- static BiFunction<String, List<Integer>, AssertingOutOfBoundsException> assertingOutOfBoundsReturnNull( +- final String expCheckKind, final Integer... expArgs) { +- return new BiFunction<String, List<Integer>, AssertingOutOfBoundsException>() { +- @Override +- public AssertingOutOfBoundsException apply(String checkKind, List<Integer> args) { +- assertEquals(checkKind, expCheckKind); +- assertEquals(args, Collections.unmodifiableList(Arrays.asList(expArgs))); +- return null; +- } +- }; +- } +- +- static final int[] VALUES = {0, 1, Integer.MAX_VALUE - 1, Integer.MAX_VALUE, -1, Integer.MIN_VALUE + 1, Integer.MIN_VALUE}; +- +- @DataProvider +- static Object[][] checkIndexProvider() { +- List<Object[]> l = new ArrayList<>(); +- for (int index : VALUES) { +- for (int length : VALUES) { +- boolean withinBounds = index >= 0 && +- length >= 0 && +- index < length; +- l.add(new Object[]{index, length, withinBounds}); +- } +- } +- return l.toArray(new Object[0][0]); +- } +- +- interface X { +- int apply(int a, int b, int c); +- } +- +- @Test(dataProvider = "checkIndexProvider") +- public void testCheckIndex(final int index, final int length, final boolean withinBounds) { +- List<Integer> list = Collections.unmodifiableList(Arrays.asList(new Integer[] { index, length })); +- final String expectedMessage = withinBounds +- ? null +- : Preconditions.outOfBoundsExceptionFormatter(ioobeGenerator). +- apply("checkIndex", list).getMessage(); +- +- BiConsumer<Class<? extends RuntimeException>, IntSupplier> checker = +- new BiConsumer<Class<? extends RuntimeException>, IntSupplier>() { +- @Override +- public void accept(Class<? extends RuntimeException> ec, IntSupplier s) { +- try { +- int rIndex = s.getAsInt(); +- if (!withinBounds) +- fail(String.format( +- "Index %d is out of bounds of [0, %d), but was reported to be within bounds", index, length)); +- assertEquals(rIndex, index); +- } +- catch (RuntimeException e) { +- assertTrue(ec.isInstance(e)); +- if (withinBounds) +- fail(String.format( +- "Index %d is within bounds of [0, %d), but was reported to be out of bounds", index, length)); +- else +- assertEquals(e.getMessage(), expectedMessage); +- } +- } +- }; +- +- checker.accept(AssertingOutOfBoundsException.class, new IntSupplier() { +- @Override +- public int getAsInt() { +- return Preconditions.checkIndex(index, length, +- assertingOutOfBounds(expectedMessage, "checkIndex", index, length)); +- } +- }); +- checker.accept(IndexOutOfBoundsException.class, new IntSupplier() { +- @Override +- public int getAsInt() { +- return Preconditions.checkIndex(index, length, +- assertingOutOfBoundsReturnNull("checkIndex", index, length)); +- } +- }); +- checker.accept(IndexOutOfBoundsException.class, new IntSupplier() { +- @Override +- public int getAsInt() { +- return Preconditions.checkIndex(index, length, null); +- } +- }); +- checker.accept(ArrayIndexOutOfBoundsException.class, new IntSupplier() { +- @Override +- public int getAsInt() { +- return Preconditions.checkIndex(index, length, +- Preconditions.outOfBoundsExceptionFormatter(aioobeGenerator)); +- } +- }); +- checker.accept(StringIndexOutOfBoundsException.class, new IntSupplier() { +- @Override +- public int getAsInt() { +- return Preconditions.checkIndex(index, length, +- Preconditions.outOfBoundsExceptionFormatter(sioobeGenerator)); +- } +- }); +- } +- +- +- @DataProvider +- static Object[][] checkFromToIndexProvider() { +- List<Object[]> l = new ArrayList<>(); +- for (int fromIndex : VALUES) { +- for (int toIndex : VALUES) { +- for (int length : VALUES) { +- boolean withinBounds = fromIndex >= 0 && +- toIndex >= 0 && +- length >= 0 && +- fromIndex <= toIndex && +- toIndex <= length; +- l.add(new Object[]{fromIndex, toIndex, length, withinBounds}); +- } +- } +- } +- return l.toArray(new Object[0][0]); +- } +- +- @Test(dataProvider = "checkFromToIndexProvider") +- public void testCheckFromToIndex(final int fromIndex, final int toIndex, +- final int length, final boolean withinBounds) { +- List<Integer> list = Collections.unmodifiableList(Arrays.asList(new Integer[] { fromIndex, toIndex, length })); +- final String expectedMessage = withinBounds +- ? null +- : Preconditions.outOfBoundsExceptionFormatter(ioobeGenerator). +- apply("checkFromToIndex", list).getMessage(); +- +- BiConsumer<Class<? extends RuntimeException>, IntSupplier> check = +- new BiConsumer<Class<? extends RuntimeException>, IntSupplier>() { +- @Override +- public void accept(Class<? extends RuntimeException> ec, IntSupplier s) { +- try { +- int rIndex = s.getAsInt(); +- if (!withinBounds) +- fail(String.format( +- "Range [%d, %d) is out of bounds of [0, %d), but was reported to be withing bounds", fromIndex, toIndex, length)); +- assertEquals(rIndex, fromIndex); +- } +- catch (RuntimeException e) { +- assertTrue(ec.isInstance(e)); +- if (withinBounds) +- fail(String.format( +- "Range [%d, %d) is within bounds of [0, %d), but was reported to be out of bounds", fromIndex, toIndex, length)); +- else +- assertEquals(e.getMessage(), expectedMessage); +- } +- } +- }; +- +- check.accept(AssertingOutOfBoundsException.class, new IntSupplier() { +- @Override +- public int getAsInt() { +- return Preconditions.checkFromToIndex(fromIndex, toIndex, length, +- assertingOutOfBounds(expectedMessage, "checkFromToIndex", fromIndex, toIndex, length)); +- } +- }); +- check.accept(IndexOutOfBoundsException.class, new IntSupplier() { +- @Override +- public int getAsInt() { +- return Preconditions.checkFromToIndex(fromIndex, toIndex, length, +- assertingOutOfBoundsReturnNull("checkFromToIndex", fromIndex, toIndex, length)); +- } +- }); +- check.accept(IndexOutOfBoundsException.class, new IntSupplier() { +- @Override +- public int getAsInt() { +- return Preconditions.checkFromToIndex(fromIndex, toIndex, length, null); +- } +- }); +- check.accept(ArrayIndexOutOfBoundsException.class, new IntSupplier() { +- @Override +- public int getAsInt() { +- return Preconditions.checkFromToIndex(fromIndex, toIndex, length, +- Preconditions.outOfBoundsExceptionFormatter(aioobeGenerator)); +- } +- }); +- check.accept(StringIndexOutOfBoundsException.class, new IntSupplier() { +- @Override +- public int getAsInt() { +- return Preconditions.checkFromToIndex(fromIndex, toIndex, length, +- Preconditions.outOfBoundsExceptionFormatter(sioobeGenerator)); +- } +- }); +- } +- +- +- @DataProvider +- static Object[][] checkFromIndexSizeProvider() { +- List<Object[]> l = new ArrayList<>(); +- for (int fromIndex : VALUES) { +- for (int size : VALUES) { +- for (int length : VALUES) { +- // Explicitly convert to long +- long lFromIndex = fromIndex; +- long lSize = size; +- long lLength = length; +- // Avoid overflow +- long lToIndex = lFromIndex + lSize; +- +- boolean withinBounds = lFromIndex >= 0L && +- lSize >= 0L && +- lLength >= 0L && +- lFromIndex <= lToIndex && +- lToIndex <= lLength; +- l.add(new Object[]{fromIndex, size, length, withinBounds}); +- } +- } +- } +- return l.toArray(new Object[0][0]); +- } +- +- @Test(dataProvider = "checkFromIndexSizeProvider") +- public void testCheckFromIndexSize(final int fromIndex, final int size, +- final int length, final boolean withinBounds) { +- List<Integer> list = Collections.unmodifiableList(Arrays.asList(new Integer[] { fromIndex, size, length })); +- final String expectedMessage = withinBounds +- ? null +- : Preconditions.outOfBoundsExceptionFormatter(ioobeGenerator). +- apply("checkFromIndexSize", list).getMessage(); +- +- BiConsumer<Class<? extends RuntimeException>, IntSupplier> check = +- new BiConsumer<Class<? extends RuntimeException>, IntSupplier>() { +- @Override +- public void accept(Class<? extends RuntimeException> ec, IntSupplier s) { +- try { +- int rIndex = s.getAsInt(); +- if (!withinBounds) +- fail(String.format( +- "Range [%d, %d + %d) is out of bounds of [0, %d), but was reported to be withing bounds", fromIndex, fromIndex, size, length)); +- assertEquals(rIndex, fromIndex); +- } +- catch (RuntimeException e) { +- assertTrue(ec.isInstance(e)); +- if (withinBounds) +- fail(String.format( +- "Range [%d, %d + %d) is within bounds of [0, %d), but was reported to be out of bounds", fromIndex, fromIndex, size, length)); +- else +- assertEquals(e.getMessage(), expectedMessage); +- } +- } +- }; +- +- check.accept(AssertingOutOfBoundsException.class, new IntSupplier() { +- @Override +- public int getAsInt() { +- return Preconditions.checkFromIndexSize(fromIndex, size, length, +- assertingOutOfBounds(expectedMessage, "checkFromIndexSize", fromIndex, size, length)); +- } +- }); +- check.accept(IndexOutOfBoundsException.class, new IntSupplier() { +- @Override +- public int getAsInt() { +- return Preconditions.checkFromIndexSize(fromIndex, size, length, +- assertingOutOfBoundsReturnNull("checkFromIndexSize", fromIndex, size, length)); +- } +- }); +- check.accept(IndexOutOfBoundsException.class, new IntSupplier() { +- @Override +- public int getAsInt() { +- return Preconditions.checkFromIndexSize(fromIndex, size, length, null); +- } +- }); +- check.accept(ArrayIndexOutOfBoundsException.class, new IntSupplier() { +- @Override +- public int getAsInt() { +- return Preconditions.checkFromIndexSize(fromIndex, size, length, +- Preconditions.outOfBoundsExceptionFormatter(aioobeGenerator)); +- } +- }); +- check.accept(StringIndexOutOfBoundsException.class, new IntSupplier () { +- @Override +- public int getAsInt() { +- return Preconditions.checkFromIndexSize(fromIndex, size, length, +- Preconditions.outOfBoundsExceptionFormatter(sioobeGenerator)); +- } +- }); +- } +- +- @Test +- public void uniqueMessagesForCheckKinds() { +- BiFunction<String, List<Integer>, IndexOutOfBoundsException> f = +- Preconditions.outOfBoundsExceptionFormatter(ioobeGenerator); +- +- List<String> messages = new ArrayList<>(); +- List<Integer> arg1 = Collections.unmodifiableList(Arrays.asList(new Integer[] { -1 })); +- List<Integer> arg2 = Collections.unmodifiableList(Arrays.asList(new Integer[] { -1, 0 })); +- List<Integer> arg3 = Collections.unmodifiableList(Arrays.asList(new Integer[] { -1, 0, 0 })); +- List<Integer> arg4 = Collections.unmodifiableList(Arrays.asList(new Integer[] { -1, 0, 0, 0 })); +- // Exact arguments +- messages.add(f.apply("checkIndex", arg2).getMessage()); +- messages.add(f.apply("checkFromToIndex", arg3).getMessage()); +- messages.add(f.apply("checkFromIndexSize", arg3).getMessage()); +- // Unknown check kind +- messages.add(f.apply("checkUnknown", arg3).getMessage()); +- // Known check kind with more arguments +- messages.add(f.apply("checkIndex", arg3).getMessage()); +- messages.add(f.apply("checkFromToIndex", arg4).getMessage()); +- messages.add(f.apply("checkFromIndexSize", arg4).getMessage()); +- // Known check kind with fewer arguments +- messages.add(f.apply("checkIndex", arg1).getMessage()); +- messages.add(f.apply("checkFromToIndex", arg2).getMessage()); +- messages.add(f.apply("checkFromIndexSize", arg2).getMessage()); +- // Null arguments +- messages.add(f.apply(null, null).getMessage()); +- messages.add(f.apply("checkNullArguments", null).getMessage()); +- messages.add(f.apply(null, arg1).getMessage()); +- +- Set<String> distinct = new HashSet<>(messages); +- assertEquals(messages.size(), distinct.size()); +- } +-} +--- openjdk.orig/test/src/sun/security/util/math/TestIntegerModuloP.java 2019-07-15 08:52:23.000000000 +0200 ++++ openjdk/jdk/test/sun/security/util/math/TestIntegerModuloP.java 2019-07-04 19:20:08.000000000 +0200 +@@ -37,7 +37,6 @@ + * @run main TestIntegerModuloP sun.security.util.math.intpoly.P521OrderField 66 10 + */ + +-import sun.security.util.BiFunction; + import sun.security.util.math.*; + import sun.security.util.math.intpoly.*; + +@@ -52,6 +51,9 @@ + // The test has a list of functions, and it selects randomly from that list + + // The function types ++ interface BiFunction <T, U, V> { ++ V apply(T t, U u); ++ } + interface ElemFunction extends BiFunction + <MutableIntegerModuloP, IntegerModuloP, IntegerModuloP> { } + interface ElemArrayFunction extends BiFunction +--- patches.orig/boot/ecj-stringswitch.patch ++++ patches/boot/ecj-stringswitch.patch +@@ -1800,64 +1800,6 @@ + "No MAC implementation for " + algo); + } + return kdf; +-diff -Nru openjdk-boot.orig/jdk/src/share/classes/sun/security/util/Preconditions.java openjdk-boot/jdk/src/share/classes/sun/security/util/Preconditions.java +---- openjdk-boot.orig/jdk/src/share/classes/sun/security/util/Preconditions.java 2019-07-17 04:20:04.496029417 +0100 +-+++ openjdk-boot/jdk/src/share/classes/sun/security/util/Preconditions.java 2019-07-17 04:54:34.212283390 +0100 +-@@ -169,31 +169,30 @@ +- } +- +- int argSize = 0; +-- switch (checkKind) { +-- case "checkIndex": +-- argSize = 2; +-- break; +-- case "checkFromToIndex": +-- case "checkFromIndexSize": +-- argSize = 3; +-- break; +-- default: +-- } +-- +-+ if ("checkIndex".equals(checkKind)) { +-+ argSize = 2; +-+ } else if ("checkFromToIndex".equals(checkKind) || +-+ "checkFromIndexSize".equals(checkKind)) { +-+ argSize = 3; +-+ } +-+ +- // Switch to default if fewer or more arguments than required are supplied +-- switch ((args.size() != argSize) ? "" : checkKind) { +-- case "checkIndex": +-- return String.format("Index %d out-of-bounds for length %d", +-- args.get(0), args.get(1)); +-- case "checkFromToIndex": +-- return String.format("Range [%d, %d) out-of-bounds for length %d", +-- args.get(0), args.get(1), args.get(2)); +-- case "checkFromIndexSize": +-- return String.format("Range [%d, %<d + %d) out-of-bounds for length %d", +-- args.get(0), args.get(1), args.get(2)); +-- default: +-- return String.format("Range check failed: %s %s", checkKind, args); +-- } +-+ if (args.size() != argSize) { +-+ return String.format("Range check failed: %s %s", checkKind, args); +-+ } +-+ +-+ if ("checkIndex".equals(checkKind)) { +-+ return String.format("Index %d out-of-bounds for length %d", +-+ args.get(0), args.get(1)); +-+ } else if ("checkFromToIndex".equals(checkKind)) { +-+ return String.format("Range [%d, %d) out-of-bounds for length %d", +-+ args.get(0), args.get(1), args.get(2)); +-+ } else if ("checkFromIndexSize".equals(checkKind)) { +-+ return String.format("Range [%d, %<d + %d) out-of-bounds for length %d", +-+ args.get(0), args.get(1), args.get(2)); +-+ } else { +-+ return String.format("Range check failed: %s %s", checkKind, args); +-+ } +- } +- +- /** + diff -Nru openjdk-boot.orig/jdk/src/share/classes/java/util/ResourceBundle.java openjdk-boot/jdk/src/share/classes/java/util/ResourceBundle.java + --- openjdk-boot.orig/jdk/src/share/classes/java/util/ResourceBundle.java 2019-11-13 21:46:22.926858210 +0000 + +++ openjdk-boot/jdk/src/share/classes/java/util/ResourceBundle.java 2019-11-13 21:48:58.096470164 +0000 diff --git a/community/openjdk7/icedtea-pr64174.patch b/community/openjdk7/icedtea-pr64174.patch deleted file mode 100644 index ec8f0d5d3a3..00000000000 --- a/community/openjdk7/icedtea-pr64174.patch +++ /dev/null @@ -1,24 +0,0 @@ ---- patches.orig/boot/pr64174.patch -+++ patches/boot/pr64174.patch -@@ -1,8 +1,7 @@ --diff -Nru openjdk-boot.orig/jdk/src/share/classes/java/util/CurrencyData.properties openjdk-boot/jdk/src/share/classes/java/util/CurrencyData.properties ----- openjdk-boot.orig/jdk/src/share/classes/java/util/CurrencyData.properties 2014-12-04 15:09:06.030312835 +0000 --+++ openjdk-boot/jdk/src/share/classes/java/util/CurrencyData.properties 2014-12-04 15:10:07.527160626 +0000 --@@ -320,7 +320,7 @@ -- # LAO PEOPLE'S DEMOCRATIC REPUBLIC -+--- openjdk-boot.orig/jdk/src/share/classes/java/util/CurrencyData.properties -++++ openjdk-boot/jdk/src/share/classes/java/util/CurrencyData.properties -+@@ -323,7 +323,7 @@ -+ # LAO PEOPLE'S DEMOCRATIC REPUBLIC (THE) - LA=LAK - # LATVIA - -LV=LVL;2013-12-31-22-00-00;EUR -@@ -10,7 +9,7 @@ - # LEBANON - LB=LBP - # LESOTHO --@@ -332,7 +332,7 @@ -+@@ -335,7 +335,7 @@ - # LIECHTENSTEIN - LI=CHF - # LITHUANIA diff --git a/community/openjdk8/APKBUILD b/community/openjdk8/APKBUILD index 556746b1442..f076450da25 100644 --- a/community/openjdk8/APKBUILD +++ b/community/openjdk8/APKBUILD @@ -2,10 +2,10 @@ # Contributor: Jakub Jirutka <jakub@jirutka.cz> # Maintainer: Timo Teras <timo.teras@iki.fi> pkgname=openjdk8 -_icedteaver=3.15.0 +_icedteaver=3.17.1 # pkgver is <JDK version>.<JDK update>.<JDK build> # Check https://icedtea.classpath.org/wiki/Main_Page when updating! -pkgver=8.242.08 +pkgver=8.275.01 pkgrel=0 pkgdesc="OpenJDK 8 provided by IcedTea" url="https://icedtea.classpath.org/" @@ -13,14 +13,47 @@ arch="all" license="custom" depends="$pkgname-jre java-cacerts nss" options="sover-namecheck" -makedepends="bash findutils tar zip file paxmark gawk util-linux libxslt - autoconf automake linux-headers sed xz coreutils - openjdk7 ca-certificates - nss-dev nss-static cups-dev jpeg-dev giflib-dev libpng-dev libxt-dev - lcms2-dev libxp-dev libxtst-dev libxinerama-dev zlib-dev - libxrender-dev alsa-lib-dev freetype-dev fontconfig-dev - gtk+2.0-dev krb5-dev attr-dev pcsc-lite-dev lksctp-tools-dev - libxcomposite-dev" +makedepends=" + alsa-lib-dev + attr-dev + autoconf + automake + bash + ca-certificates + coreutils + cups-dev + file + findutils + fontconfig-dev + freetype-dev + gawk + giflib-dev + gtk+2.0-dev + jpeg-dev + krb5-dev + lcms2-dev + libpng-dev + libxcomposite-dev + libxinerama-dev + libxp-dev + libxrender-dev + libxslt + libxt-dev + libxtst-dev + linux-headers + lksctp-tools-dev + nss-dev + nss-static + openjdk7 + paxmark + pcsc-lite-dev + sed + tar + util-linux + xz + zip + zlib-dev + " case $CARCH in x86) _jarch=i386;; @@ -29,6 +62,12 @@ arm*) _jarch=aarch32;; *) _jarch="$CARCH";; esac +case $CARCH in +x86|x86_64|aarch64) + _configure_jfr="--enable-jfr";; +*) _configure_jfr="--disable-jfr";; +esac + _bootstrap_java_home="/usr/lib/jvm/java-1.7-openjdk" _java_home="/usr/lib/jvm/java-1.8-openjdk" _jrelib="$_java_home/jre/lib/$_jarch" @@ -63,12 +102,39 @@ source="https://icedtea.classpath.org/download/source/icedtea-$_icedteaver.tar.x icedtea-jdk-fix-libjvm-load.patch icedtea-jdk-musl.patch icedtea-jdk-includes.patch - icedtea-jdk-getmntent-buffer.patch icedtea-autoconf-config.patch " builddir="$srcdir/icedtea-$_icedteaver" # secfixes: +# 8.272.10-r0: +# - CVE-2020-14556 +# - CVE-2020-14577 +# - CVE-2020-14578 +# - CVE-2020-14579 +# - CVE-2020-14581 +# - CVE-2020-14583 +# - CVE-2020-14593 +# - CVE-2020-14621 +# - CVE-2020-14779 +# - CVE-2020-14781 +# - CVE-2020-14782 +# - CVE-2020-14792 +# - CVE-2020-14796 +# - CVE-2020-14797 +# - CVE-2020-14798 +# - CVE-2020-14803 +# 8.252.09-r0: +# - CVE-2020-2754 +# - CVE-2020-2755 +# - CVE-2020-2756 +# - CVE-2020-2757 +# - CVE-2020-2773 +# - CVE-2020-2781 +# - CVE-2020-2800 +# - CVE-2020-2803 +# - CVE-2020-2805 +# - CVE-2020-2830 # 8.242.08-r0: # - CVE-2020-2583 # - CVE-2020-2590 @@ -136,7 +202,7 @@ unpack() { fi mkdir -p "$srcdir" msg "Unpacking sources..." - tar -C "$srcdir" -Jxf icedtea-$_icedteaver.tar.xz + unxz -c icedtea-$_icedteaver.tar.xz | tar -C "$srcdir" -x } prepare() { @@ -196,6 +262,7 @@ build() { --disable-dependency-tracking \ --disable-downloading \ --disable-precompiled-headers \ + --disable-docs \ --with-parallel-jobs=${JOBS:-2} \ --with-hotspot-build=default \ --with-openjdk-src-zip="$srcdir/openjdk-$_dropsver.tar.xz" \ @@ -208,10 +275,10 @@ build() { --with-nashorn-src-zip="$srcdir/nashorn-$_dropsver.tar.xz" \ --with-pax=paxmark \ --with-jdk-home="$_bootstrap_java_home" \ - --with-pkgversion="Alpine ${pkgver}-r${pkgrel}" \ + --with-pkgversion="Alpine $pkgver-r$pkgrel" \ + --with-curves="nist+" \ --enable-nss \ - --enable-sunec \ - --enable-non-nss-curves + $_configure_jfr make } @@ -266,6 +333,7 @@ jrelib() { jre() { pkgdesc="OpenJDK 8 Java Runtime" + depends="ttf-dejavu" local file dir mkdir -p "$subpkgdir" @@ -293,6 +361,7 @@ jrebase() { mkdir -p "$subpkgdir"/$_java_home/bin \ "$subpkgdir"/$_java_home/lib/$_jarch + ln -s java-1.8-openjdk "$subpkgdir"/usr/lib/jvm/java-8-openjdk mv "$pkgdir"/$_java_home/lib/$_jarch/jli \ "$subpkgdir"/$_java_home/lib/$_jarch/ @@ -325,23 +394,22 @@ demos() { "$subpkgdir"/$_java_home/ } -sha512sums="7c5917acc03b19a41b5001beb71a72b3f63e65b3c97c5f9173067fbd795088f9578f628b386bfa0e934caa8f4faab4cfcae80329ee7180c0cbe49563309c84ca icedtea-3.15.0.tar.xz -d7dca834fc65b67b1888c4cfbd50e263e58604b70560b4dd4e8e7ca518fcd54a70eaf9e5cff89fa1954beaa3071f5b55ef36fffb36589f5008e4be39e5a1aa38 openjdk-3.15.0.tar.xz -b27aaef4839be9a6993d8511e492cf33884738e2fe19cd7d00f244a0f94cd0f3a3ff84c63811cd66ea18cdf7327bb270b7ab21c5b66c220a3bb0a31226bb21b5 corba-3.15.0.tar.xz -25e166d208d99360c9ec5deba5075a5268f2fbc3f31ad9dee0dbd33ee37bc78829d12c9ea11faa5d59ec53385f7dc5f0be29512199db2856068cf81b9ec1ca79 jaxp-3.15.0.tar.xz -cb7a9f80bd33a33f4eb03b091e6c6d3fb6a450695d0231c378d04878fc03e1574f82045c628993e6136188fd2e4144e31c82320b178b21a0aae867e989bfdeeb jaxws-3.15.0.tar.xz -306e2c188987de8d1aa233db1c42522249198b4f3eb71919da911289ab2308b4ab9406c6215c5c157868618341cafbc086bb0e5c423bb6650edfedcc05b17475 jdk-3.15.0.tar.xz -3fcb7d264ff23de8b049b264213b05ee9e9120089eaea989e881c0cddc73a2ef9d01f89f66e7ff23c88d9bc4864824c77894d0291caaf9a2a134d5fae650cc32 langtools-3.15.0.tar.xz -181e9f8d0c083b26a24e6bafe0187e39313a6685f3288d62794c5ec07cb8901b53eba25badc74b367de08b53cd2176df45e184f7a6ccbfab57370e7d3cf388f9 hotspot-3.15.0.tar.xz -6d27137dd80d6363e64ef2c6b3abc60603480e9e7f5b99e06ee546a2cc707b801087ce8cc8d021776f5d2b15b73728f08b2e649c65265ba264655d816921ffe7 nashorn-3.15.0.tar.xz +sha512sums="eaf66df177f08cf335fe795f816e4f6b70a25a402ff8db4c1a2c545dd129350e1135c45e131eab8820620de2a75fda1d56141583ec1a651218d0a02680eb1df7 icedtea-3.17.1.tar.xz +82f2688b018b893cbf583ccc1cd328f6909ebeb4d30655ddb554691f1f0ee38debe57dc91bc8200d6676ad531047ffbf149ce7c1e49b65e67db3254c7d6205ed openjdk-3.17.1.tar.xz +c33886bfa517087e3cf37064fd9dcf1c0b8a9c9ccc4147beac3eb9c07e66c2f8aa3053feb8ab6cbdd42054b073854ed5aaf4a2cfb2888e0a09b7efe3809447c8 corba-3.17.1.tar.xz +e690a6c498e2418feaa22713517aefd051524aedd349fbab5c70fbdee3ca0f17a297089e02f1de2a27e318413e5ca6fe7dfd825b49c37e749ff48e9c8981307a jaxp-3.17.1.tar.xz +99c32483c6f5469c256026be9ee5c2a5654768ceff9d10fa9aa10888640af60d618668ae47880062d1253668e546949fd6ffe94c27d6436088e0a8367e2602fd jaxws-3.17.1.tar.xz +7f5321944cc6c7510db5d6ea6ef189bd15fdf7c904c8ec009576c33ce1e0288e18e51a5dc906e5c7c3beb4daebb161be0c08d1fe8f2ebde81b72a992da919142 jdk-3.17.1.tar.xz +68ff7857d180b90a77858505523416bee6102e30af7a394d08ab1581ba65d28b78c30f48c1b5555c30bf8b43adc5497d5530372101dc2e4adbc99e5d9c988def langtools-3.17.1.tar.xz +e377a2ad481727a1d5218f1bf629690ea5f1b7976307f593505efc07252cc5cd408f7eb0873032ec74ed44a31e5f2cd90747be3e6f709eba5ac9fd90857887ab hotspot-3.17.1.tar.xz +088948d01fc6ea627610bbdcf6691a7bcdd34c5715be103297292db54d0e9080f82f395c3b4bb432058615bc04e05c2d4292fc8f31735e3005d4cf16ff1f9af1 nashorn-3.17.1.tar.xz 1f470432275d5beaa8b4e4352a2f24a4a00593546dc4f3bd857794c89e521e8e6d6abc540762bbd769be3e1e3da058e134dc5dc066d12b9b8a1f0656040a795c fix-paxmark.patch 28709285390a997adbd56ebda42ef718fbc08daf572b8568f484436d255514f9d25f033e3333dff8aa352fc9846057ac5bb42fa955d3e5e44eddc96dc273c07c icedtea-hotspot-musl.patch -e5cf4d70f96fc1e72ae8b97a887adb96092ff36584711cbb8de9d9fa9e859cb8731d638838de0d9591239fc44ffe5c74422d1842bd9f10a0c00dff1627bdeeef icedtea-hotspot-musl-ppc.patch +54ef36ea5a749b733cadaf4fb47a2766db204fe7c9d4dbc1c2d49dd1cec14a552d18da5c49da9ebe8718329c59bdee2c34f94f7882a23837cee2f18af6ffe95f icedtea-hotspot-musl-ppc.patch 19459dbb922f5a71cd15b53199481498626a783c24f91d2544d55b7dddd2cdb34a64bbf0226b99548612dd1743af01b3f9ff32c30abbbc90ce727ca2dbbbd1f9 icedtea-hotspot-noagent-musl.patch f6365cfafafa008bd6c1bf0ccec01a63f8a39bd1a8bc87baa492a27234d47793ba02d455e5667a873ef50148df3baaf6a8421e2da0b15faac675867da714dd5f icedtea-jdk-execinfo.patch 48533f87fc2cf29d26b259be0df51087d2fe5b252e72d00c6ea2f4add7b0fb113141718c116279c5905e03f64a1118082e719393786811367cf4d472b5d36774 icedtea-jdk-fix-ipv6-init.patch b135991c76b0db8fa7c363e0903624668e11eda7b54a943035c214aa4d7fc8c3e8110ed200edcec82792f3c9393150a9bd628625ddf7f3e55720ff163fbbb471 icedtea-jdk-fix-libjvm-load.patch -1fbc32ddc528c7c0099dbc1e48f88d29dccf55e7b8997793aa1d3d8408003a1223d898cca4248e1a12d343d3feec5144f875e6cdac8460d763c73ab3ad7e49f9 icedtea-jdk-musl.patch -e8d9f1b867bf4fc84aa00d1237b264bcf503b1ed5f34735e14b0b747a728953fe0051a5af69ed058d377fbf65d8be1ed9e38fe5fc6edb2d50b31f34bf3ba91dc icedtea-jdk-includes.patch -7e6fa46b10c630517bfa46943858aea1d032c12d32ba3fcb7a2143ae1e896c34fa4cb8f925af80cb19f8e29149b835aa054adfd30ebb00539f6c78588d6f5211 icedtea-jdk-getmntent-buffer.patch +3b01de971f64f082d3e289cf337e635ef001381e8ca427a77baa9c52c7ba423889f57665779ca5b3c8bcefb8feacbea31dfaac580c969a4f061439069ee34aae icedtea-jdk-musl.patch +974fb54532b7e7d738f4278187fc6bd9f9b2d99866b94f68a617ee4911c89a3b8cc41ecfdcaefecf9157492d006b1844b6b0b41ac4209d84f9e8d13c9e485dd3 icedtea-jdk-includes.patch 662d662d0a7a84be2978e921317589f212f3ba3b7629527ba0f1140b5ac4c1024893e0ed176211688ed1a4505968c4befc841ed57ffcdbb9d355c2cb0571b167 icedtea-autoconf-config.patch" diff --git a/community/openjdk8/icedtea-hotspot-musl-ppc.patch b/community/openjdk8/icedtea-hotspot-musl-ppc.patch index eca684884c8..dfb3150f6b6 100644 --- a/community/openjdk8/icedtea-hotspot-musl-ppc.patch +++ b/community/openjdk8/icedtea-hotspot-musl-ppc.patch @@ -1,13 +1,94 @@ +Subject: Fix compilation with different ucontext_t on musl +Upstream: No +Author: Simon Frankenberger <simon-alpine@fraho.eu> + +The machine state registers have to be accessed differently when +running on musl libc. This patch fix this by replacing +"uc_mcontext.regs->grp" with "uc_mcontext.gp_regs" +and accessing the named fields (like "->nip") by the array index constants. + +--- openjdk.orig/hotspot/src/cpu/ppc/vm/macroAssembler_ppc.cpp ++++ openjdk/hotspot/src/cpu/ppc/vm/macroAssembler_ppc.cpp +@@ -1243,7 +1243,11 @@ + // the safepoing polling page. + ucontext_t* uc = (ucontext_t*) ucontext; + // Set polling address. ++#if defined(__GLIBC__) || defined(__UCLIBC__) + address addr = (address)uc->uc_mcontext.regs->gpr[ra] + (ssize_t)ds; ++#else // Musl ++ address addr = (address)uc->uc_mcontext.gp_regs[ra] + (ssize_t)ds; ++#endif + if (polling_address_ptr != NULL) { + *polling_address_ptr = addr; + } +@@ -1264,15 +1268,24 @@ + int rb = inv_rb_field(instruction); + + // look up content of ra and rb in ucontext ++#if defined(__GLIBC__) || defined(__UCLIBC__) + address ra_val=(address)uc->uc_mcontext.regs->gpr[ra]; + long rb_val=(long)uc->uc_mcontext.regs->gpr[rb]; ++#else // Musl ++ address ra_val=(address)uc->uc_mcontext.gp_regs[ra]; ++ long rb_val=(long)uc->uc_mcontext.gp_regs[rb]; ++#endif + return os::is_memory_serialize_page(thread, ra_val+rb_val); + } else if (is_stw(instruction) || is_stwu(instruction)) { + int ra = inv_ra_field(instruction); + int d1 = inv_d1_field(instruction); + + // look up content of ra in ucontext ++#if defined(__GLIBC__) || defined(__UCLIBC__) + address ra_val=(address)uc->uc_mcontext.regs->gpr[ra]; ++#else // Musl ++ address ra_val=(address)uc->uc_mcontext.gp_regs[ra]; ++#endif + return os::is_memory_serialize_page(thread, ra_val+d1); + } else { + return false; +@@ -1335,11 +1348,20 @@ + || (is_stdu(instruction) && rs == 1)) { + int ds = inv_ds_field(instruction); + // return banged address ++#if defined(__GLIBC__) || defined(__UCLIBC__) + return ds+(address)uc->uc_mcontext.regs->gpr[ra]; ++#else // Musl ++ return ds+(address)uc->uc_mcontext.gp_regs[ra]; ++#endif + } else if (is_stdux(instruction) && rs == 1) { + int rb = inv_rb_field(instruction); ++#if defined(__GLIBC__) || defined(__UCLIBC__) + address sp = (address)uc->uc_mcontext.regs->gpr[1]; + long rb_val = (long)uc->uc_mcontext.regs->gpr[rb]; ++#else // Musl ++ address sp = (address)uc->uc_mcontext.gp_regs[1]; ++ long rb_val = (long)uc->uc_mcontext.gp_regs[rb]; ++#endif + return ra != 1 || rb_val >= 0 ? NULL // not a stack bang + : sp + rb_val; // banged address + } --- openjdk.orig/hotspot/src/os_cpu/linux_ppc/vm/os_linux_ppc.cpp +++ openjdk/hotspot/src/os_cpu/linux_ppc/vm/os_linux_ppc.cpp -@@ -110,11 +110,19 @@ +@@ -75,7 +75,11 @@ + # include <poll.h> + # include <ucontext.h> + ++#if ! (defined(__GLIBC__) || defined(__UCLIBC__)) ++# include <asm/ptrace.h> ++#endif + ++ + address os::current_stack_pointer() { + intptr_t* csp; + +@@ -110,11 +114,19 @@ // it because the volatile registers are not needed to make setcontext() work. // Hopefully it was zero'd out beforehand. guarantee(uc->uc_mcontext.regs != NULL, "only use ucontext_get_pc in sigaction context"); +#if defined(__GLIBC__) || defined(__UCLIBC__) return (address)uc->uc_mcontext.regs->nip; +#else // Musl -+ return (address)uc->uc_mcontext.gp_regs[32]; ++ return (address)uc->uc_mcontext.gp_regs[PT_NIP]; +#endif } @@ -20,55 +101,55 @@ } intptr_t* os::Linux::ucontext_get_fp(ucontext_t * uc) { -@@ -213,7 +221,11 @@ +@@ -213,7 +225,11 @@ if (uc) { address const pc = os::Linux::ucontext_get_pc(uc); if (pc && StubRoutines::is_safefetch_fault(pc)) { +#if defined(__GLIBC__) || defined(__UCLIBC__) uc->uc_mcontext.regs->nip = (unsigned long)StubRoutines::continuation_for_safefetch_fault(pc); +#else // Musl -+ uc->uc_mcontext.gp_regs[32] = (unsigned long)StubRoutines::continuation_for_safefetch_fault(pc); ++ uc->uc_mcontext.gp_regs[PT_NIP] = (unsigned long)StubRoutines::continuation_for_safefetch_fault(pc); +#endif return true; } } -@@ -364,7 +376,11 @@ +@@ -364,7 +380,11 @@ // continue at the next instruction after the faulting read. Returning // garbage from this read is ok. thread->set_pending_unsafe_access_error(); +#if defined(__GLIBC__) || defined(__UCLIBC__) uc->uc_mcontext.regs->nip = ((unsigned long)pc) + 4; +#else // Musl -+ uc->uc_mcontext.gp_regs[32] = ((unsigned long)pc) + 4; ++ uc->uc_mcontext.gp_regs[PT_NIP] = ((unsigned long)pc) + 4; +#endif return true; } } -@@ -383,7 +399,11 @@ +@@ -383,7 +403,11 @@ // continue at the next instruction after the faulting read. Returning // garbage from this read is ok. thread->set_pending_unsafe_access_error(); +#if defined(__GLIBC__) || defined(__UCLIBC__) uc->uc_mcontext.regs->nip = ((unsigned long)pc) + 4; +#else // Musl -+ uc->uc_mcontext.gp_regs[32] = ((unsigned long)pc) + 4; ++ uc->uc_mcontext.gp_regs[PT_NIP] = ((unsigned long)pc) + 4; +#endif return true; } } -@@ -406,7 +426,11 @@ +@@ -406,7 +430,11 @@ if (stub != NULL) { // Save all thread context in case we need to restore it. if (thread != NULL) thread->set_saved_exception_pc(pc); +#if defined(__GLIBC__) || defined(__UCLIBC__) uc->uc_mcontext.regs->nip = (unsigned long)stub; +#else -+ uc->uc_mcontext.gp_regs[32] = (unsigned long)stub; ++ uc->uc_mcontext.gp_regs[PT_NIP] = (unsigned long)stub; +#endif return true; } -@@ -564,6 +588,7 @@ +@@ -564,6 +592,7 @@ ucontext_t* uc = (ucontext_t*)context; st->print_cr("Registers:"); @@ -76,14 +157,14 @@ st->print("pc =" INTPTR_FORMAT " ", uc->uc_mcontext.regs->nip); st->print("lr =" INTPTR_FORMAT " ", uc->uc_mcontext.regs->link); st->print("ctr=" INTPTR_FORMAT " ", uc->uc_mcontext.regs->ctr); -@@ -572,8 +597,18 @@ +@@ -572,8 +601,18 @@ st->print("r%-2d=" INTPTR_FORMAT " ", i, uc->uc_mcontext.regs->gpr[i]); if (i % 3 == 2) st->cr(); } +#else // Musl -+ st->print("pc =" INTPTR_FORMAT " ", uc->uc_mcontext.gp_regs[32]); -+ st->print("lr =" INTPTR_FORMAT " ", uc->uc_mcontext.gp_regs[36]); -+ st->print("ctr=" INTPTR_FORMAT " ", uc->uc_mcontext.gp_regs[35]); ++ st->print("pc =" INTPTR_FORMAT " ", uc->uc_mcontext.gp_regs[PT_NIP]); ++ st->print("lr =" INTPTR_FORMAT " ", uc->uc_mcontext.gp_regs[PT_LNK]); ++ st->print("ctr=" INTPTR_FORMAT " ", uc->uc_mcontext.gp_regs[PT_CTR]); st->cr(); + for (int i = 0; i < 32; i++) { + st->print("r%-2d=" INTPTR_FORMAT " ", i, uc->uc_mcontext.gp_regs[i]); @@ -95,7 +176,7 @@ intptr_t *sp = (intptr_t *)os::Linux::ucontext_get_sp(uc); st->print_cr("Top of Stack: (sp=" PTR_FORMAT ")", p2i(sp)); -@@ -600,7 +635,11 @@ +@@ -600,7 +639,11 @@ // this is only for the "general purpose" registers for (int i = 0; i < 32; i++) { st->print("r%-2d=", i); @@ -107,63 +188,42 @@ } st->cr(); } ---- openjdk.orig/hotspot.orig/src/cpu/ppc/vm/macroAssembler_ppc.cpp -+++ openjdk/hotspot/src/cpu/ppc/vm/macroAssembler_ppc.cpp -@@ -1242,7 +1242,11 @@ - // the safepoing polling page. - ucontext_t* uc = (ucontext_t*) ucontext; - // Set polling address. -+#if defined(__GLIBC__) || defined(__UCLIBC__) - address addr = (address)uc->uc_mcontext.regs->gpr[ra] + (ssize_t)ds; -+#else // Musl -+ address addr = (address)uc->uc_mcontext.gp_regs[ra] + (ssize_t)ds; -+#endif - if (polling_address_ptr != NULL) { - *polling_address_ptr = addr; - } -@@ -1263,15 +1267,24 @@ - int rb = inv_rb_field(instruction); +--- openjdk.orig/hotspot/src/os_cpu/linux_ppc/vm/thread_linux_ppc.cpp ++++ openjdk/hotspot/src/os_cpu/linux_ppc/vm/thread_linux_ppc.cpp +@@ -27,6 +27,10 @@ + #include "runtime/frame.inline.hpp" + #include "runtime/thread.hpp" - // look up content of ra and rb in ucontext -+#if defined(__GLIBC__) || defined(__UCLIBC__) - address ra_val=(address)uc->uc_mcontext.regs->gpr[ra]; - long rb_val=(long)uc->uc_mcontext.regs->gpr[rb]; -+#else // Musl -+ address ra_val=(address)uc->uc_mcontext.gp_regs[ra]; -+ long rb_val=(long)uc->uc_mcontext.gp_regs[rb]; ++#if ! (defined(__GLIBC__) || defined(__UCLIBC__)) ++#include <asm/ptrace.h> +#endif - return os::is_memory_serialize_page(thread, ra_val+rb_val); - } else if (is_stw(instruction) || is_stwu(instruction)) { - int ra = inv_ra_field(instruction); - int d1 = inv_d1_field(instruction); ++ + bool JavaThread::pd_get_top_frame_for_profiling(frame* fr_addr, void* ucontext, bool isInJava) { + assert(this->is_Java_thread(), "must be JavaThread"); - // look up content of ra in ucontext +@@ -42,8 +46,13 @@ + // if we were running Java code when SIGPROF came in. + if (isInJava) { + ucontext_t* uc = (ucontext_t*) ucontext; +#if defined(__GLIBC__) || defined(__UCLIBC__) - address ra_val=(address)uc->uc_mcontext.regs->gpr[ra]; + frame ret_frame((intptr_t*)uc->uc_mcontext.regs->gpr[1/*REG_SP*/], + (address)uc->uc_mcontext.regs->nip); +#else // Musl -+ address ra_val=(address)uc->uc_mcontext.gp_regs[ra]; ++ frame ret_frame((intptr_t*)uc->uc_mcontext.gp_regs[1/*REG_SP*/], ++ (address)uc->uc_mcontext.gp_regs[PT_NIP]); +#endif - return os::is_memory_serialize_page(thread, ra_val+d1); - } else { - return false; -@@ -1334,11 +1347,20 @@ - || (is_stdu(instruction) && rs == 1)) { - int ds = inv_ds_field(instruction); - // return banged address -+#if defined(__GLIBC__) || defined(__UCLIBC__) - return ds+(address)uc->uc_mcontext.regs->gpr[ra]; -+#else // Musl -+ return ds+(address)uc->uc_mcontext.gp_regs[ra]; -+#endif - } else if (is_stdux(instruction) && rs == 1) { - int rb = inv_rb_field(instruction); + + if (ret_frame.pc() == NULL) { + // ucontext wasn't useful +@@ -55,7 +64,11 @@ + if (!((Method*)(istate->method))->is_metaspace_object()) { + return false; + } +#if defined(__GLIBC__) || defined(__UCLIBC__) - address sp = (address)uc->uc_mcontext.regs->gpr[1]; - long rb_val = (long)uc->uc_mcontext.regs->gpr[rb]; + uint64_t reg_bcp = uc->uc_mcontext.regs->gpr[14/*R14_bcp*/]; +#else // Musl -+ address sp = (address)uc->uc_mcontext.gp_regs[1]; -+ long rb_val = (long)uc->uc_mcontext.gp_regs[rb]; ++ uint64_t reg_bcp = uc->uc_mcontext.gp_regs[14/*R14_bcp*/]; +#endif - return ra != 1 || rb_val >= 0 ? NULL // not a stack bang - : sp + rb_val; // banged address - } + uint64_t istate_bcp = istate->bcp; + uint64_t code_start = (uint64_t)(((Method*)(istate->method))->code_base()); + uint64_t code_end = (uint64_t)(((Method*)istate->method)->code_base() + ((Method*)istate->method)->code_size()); diff --git a/community/openjdk8/icedtea-jdk-getmntent-buffer.patch b/community/openjdk8/icedtea-jdk-getmntent-buffer.patch deleted file mode 100644 index 075a9d42385..00000000000 --- a/community/openjdk8/icedtea-jdk-getmntent-buffer.patch +++ /dev/null @@ -1,88 +0,0 @@ -Give a much bigger buffer to getmntent_r. - -https://bugs.alpinelinux.org/issues/7093 - -diff --git a/openjdk/jdk/src/solaris/native/sun/nio/fs/LinuxNativeDispatcher.c b/openjdk/jdk/src/solaris/native/sun/nio/fs/LinuxNativeDispatcher.c -index c8500db..d0b85d6 100644 ---- openjdk/jdk/src/solaris/native/sun/nio/fs/LinuxNativeDispatcher.c -+++ openjdk/jdk/src/solaris/native/sun/nio/fs/LinuxNativeDispatcher.c -@@ -33,6 +33,7 @@ - #include <dlfcn.h> - #include <errno.h> - #include <mntent.h> -+#include <limits.h> - - #include "sun_nio_fs_LinuxNativeDispatcher.h" - -@@ -173,8 +174,8 @@ Java_sun_nio_fs_LinuxNativeDispatcher_getmntent(JNIEnv* env, jclass this, - jlong value, jobject entry) - { - struct mntent ent; -- char buf[1024]; -- int buflen = sizeof(buf); -+ char *buf = NULL; -+ const size_t buflen = PATH_MAX * 4; - struct mntent* m; - FILE* fp = jlong_to_ptr(value); - jsize len; -@@ -183,10 +184,17 @@ Java_sun_nio_fs_LinuxNativeDispatcher_getmntent(JNIEnv* env, jclass this, - char* dir; - char* fstype; - char* options; -+ jint res = -1; - -- m = getmntent_r(fp, &ent, (char*)&buf, buflen); -- if (m == NULL) -+ buf = malloc(buflen); -+ if (buf == NULL) { -+ JNU_ThrowOutOfMemoryError(env, "native heap"); - return -1; -+ } -+ m = getmntent_r(fp, &ent, buf, buflen); -+ if (m == NULL) -+ goto out; -+ - name = m->mnt_fsname; - dir = m->mnt_dir; - fstype = m->mnt_type; -@@ -195,32 +203,35 @@ Java_sun_nio_fs_LinuxNativeDispatcher_getmntent(JNIEnv* env, jclass this, - len = strlen(name); - bytes = (*env)->NewByteArray(env, len); - if (bytes == NULL) -- return -1; -+ goto out; - (*env)->SetByteArrayRegion(env, bytes, 0, len, (jbyte*)name); - (*env)->SetObjectField(env, entry, entry_name, bytes); - - len = strlen(dir); - bytes = (*env)->NewByteArray(env, len); - if (bytes == NULL) -- return -1; -+ goto out; - (*env)->SetByteArrayRegion(env, bytes, 0, len, (jbyte*)dir); - (*env)->SetObjectField(env, entry, entry_dir, bytes); - - len = strlen(fstype); - bytes = (*env)->NewByteArray(env, len); - if (bytes == NULL) -- return -1; -+ goto out; - (*env)->SetByteArrayRegion(env, bytes, 0, len, (jbyte*)fstype); - (*env)->SetObjectField(env, entry, entry_fstype, bytes); - - len = strlen(options); - bytes = (*env)->NewByteArray(env, len); - if (bytes == NULL) -- return -1; -+ goto out; - (*env)->SetByteArrayRegion(env, bytes, 0, len, (jbyte*)options); - (*env)->SetObjectField(env, entry, entry_options, bytes); - -- return 0; -+ res = 0; -+out: -+ free(buf); -+ return res; - } - - JNIEXPORT void JNICALL diff --git a/community/openjdk8/icedtea-jdk-includes.patch b/community/openjdk8/icedtea-jdk-includes.patch index 6443a1973d5..5acbb9efb86 100644 --- a/community/openjdk8/icedtea-jdk-includes.patch +++ b/community/openjdk8/icedtea-jdk-includes.patch @@ -53,17 +53,6 @@ /* O Flags */ ---- openjdk.orig/jdk/src/solaris/native/java/net/PlainSocketImpl.c -+++ openjdk/jdk/src/solaris/native/java/net/PlainSocketImpl.c -@@ -28,7 +28,7 @@ - #include <sys/types.h> - #include <sys/socket.h> - #if defined(__linux__) && !defined(USE_SELECT) --#include <sys/poll.h> -+#include <poll.h> - #endif - #include <netinet/tcp.h> /* Defines TCP_NODELAY, needed for 2.6 */ - #include <netinet/in.h> --- openjdk.orig/jdk/src/solaris/native/java/net/bsd_close.c +++ openjdk/jdk/src/solaris/native/java/net/bsd_close.c @@ -36,7 +36,7 @@ @@ -88,14 +77,14 @@ * Stack allocated by thread when doing blocking operation --- openjdk.orig/jdk/src/solaris/native/java/net/net_util_md.h +++ openjdk/jdk/src/solaris/native/java/net/net_util_md.h -@@ -33,7 +33,7 @@ - #include <unistd.h> - - #ifndef USE_SELECT +@@ -27,7 +27,7 @@ + #define NET_UTILS_MD_H + + #include <netdb.h> -#include <sys/poll.h> +#include <poll.h> - #endif - + #include <sys/socket.h> + int NET_Timeout(int s, long timeout); --- openjdk.orig/jdk/src/solaris/native/sun/nio/ch/DevPollArrayWrapper.c +++ openjdk/jdk/src/solaris/native/sun/nio/ch/DevPollArrayWrapper.c diff --git a/community/openjdk8/icedtea-jdk-musl.patch b/community/openjdk8/icedtea-jdk-musl.patch index 97946ba424f..09f5c082e58 100644 --- a/community/openjdk8/icedtea-jdk-musl.patch +++ b/community/openjdk8/icedtea-jdk-musl.patch @@ -47,28 +47,6 @@ diff -ru openjdk.orig/jdk/src/solaris/native/java/net/Inet4AddressImpl.c openjdk #define HAS_GLIBC_GETHOSTBY_R 1 #endif -diff -ru openjdk.orig/jdk/src/solaris/native/java/net/PlainDatagramSocketImpl.c openjdk/jdk/src/solaris/native/java/net/PlainDatagramSocketImpl.c ---- openjdk.orig/jdk/src/solaris/native/java/net/PlainDatagramSocketImpl.c 2017-01-25 04:22:03.000000000 +0000 -+++ openjdk/jdk/src/solaris/native/java/net/PlainDatagramSocketImpl.c 2017-02-06 11:23:47.047832009 +0000 -@@ -41,7 +41,6 @@ - #endif - #ifdef __linux__ - #include <unistd.h> --#include <sys/sysctl.h> - #include <sys/utsname.h> - #include <netinet/ip.h> - -diff -ru openjdk.orig/jdk/src/solaris/native/java/net/PlainSocketImpl.c openjdk/jdk/src/solaris/native/java/net/PlainSocketImpl.c ---- openjdk.orig/jdk/src/solaris/native/java/net/PlainSocketImpl.c 2017-01-25 04:22:03.000000000 +0000 -+++ openjdk/jdk/src/solaris/native/java/net/PlainSocketImpl.c 2017-02-06 11:23:47.047832009 +0000 -@@ -43,7 +43,6 @@ - #endif - #ifdef __linux__ - #include <unistd.h> --#include <sys/sysctl.h> - #endif - - #include "jvm.h" diff -ru openjdk.orig/jdk/src/solaris/native/java/net/linux_close.c openjdk/jdk/src/solaris/native/java/net/linux_close.c --- openjdk.orig/jdk/src/solaris/native/java/net/linux_close.c 2017-01-25 04:22:03.000000000 +0000 +++ openjdk/jdk/src/solaris/native/java/net/linux_close.c 2017-02-06 11:23:47.047832009 +0000 @@ -80,7 +58,7 @@ diff -ru openjdk.orig/jdk/src/solaris/native/java/net/linux_close.c openjdk/jdk/ +static int sigWakeup; /* - * The fd table and the number of file descriptors + * fdTable holds one entry per file descriptor, up to a certain @@ -95,6 +95,9 @@ /* * Setup the signal handler @@ -92,8 +70,8 @@ diff -ru openjdk.orig/jdk/src/solaris/native/java/net/linux_close.c openjdk/jdk/ sa.sa_flags = 0; sigemptyset(&sa.sa_mask); diff -ru openjdk.orig/jdk/src/solaris/native/sun/nio/ch/NativeThread.c openjdk/jdk/src/solaris/native/sun/nio/ch/NativeThread.c ---- openjdk.orig/jdk/src/solaris/native/sun/nio/ch/NativeThread.c 2017-01-25 04:22:03.000000000 +0000 -+++ openjdk/jdk/src/solaris/native/sun/nio/ch/NativeThread.c 2017-02-06 11:23:47.051165409 +0000 +--- openjdk.orig/jdk/src/solaris/native/sun/nio/ch/NativeThread.c 2017-01-25 04:22:03.000000000 +0000 ++++ openjdk/jdk/src/solaris/native/sun/nio/ch/NativeThread.c 2017-02-06 11:23:47.051165409 +0000 @@ -36,7 +36,7 @@ #include <pthread.h> #include <sys/signal.h> diff --git a/community/pdns-recursor/APKBUILD b/community/pdns-recursor/APKBUILD index d2137dad8ea..60204c880fb 100644 --- a/community/pdns-recursor/APKBUILD +++ b/community/pdns-recursor/APKBUILD @@ -1,7 +1,7 @@ # Contributor: Olivier Mauras <olivier@mauras.ch> pkgname=pdns-recursor -pkgver=4.1.9 -pkgrel=1 +pkgver=4.1.16 +pkgrel=0 pkgdesc="PowerDNS Recursive Server" url="https://www.powerdns.com/" # s390x: missing boost-context @@ -22,6 +22,10 @@ source="https://downloads.powerdns.com/releases/$pkgname-$pkgver.tar.bz2 builddir="$srcdir/$pkgname-$pkgver" # secfixes: +# 4.1.16-r0: +# - CVE-2020-10030 +# - CVE-2020-10995 +# - CVE-2020-12244 # 4.1.9-r0: # - CVE-2019-3806 # - CVE-2019-3807 @@ -69,6 +73,6 @@ package() { "$pkgdir"/etc/pdns/recursor.conf } -sha512sums="2deaf1cdc8c32087f744efe0d142421cfd2d89dc9b31edcdea55c1efc2637987e8557891716498e3703c4b1af4b0d301e2a53316c5a97c7a18ec85016ccfa8f1 pdns-recursor-4.1.9.tar.bz2 +sha512sums="dc5d6113d88ce0da9e4735b2af98705c635651215e11f10b94e93b11fcbe20e91479aa0a9730e8d0f027aa6d1905c2b1131f3fd0efeeb5ca11af97bd3d7d7ff4 pdns-recursor-4.1.16.tar.bz2 6eea64828a363a8f36a694da4ab08f48482a096572e5597e3182bbf5f4e7c0114d9b643c7ea5060ae46b50b05c6ebbace2fedd44dc6309b641fd638d44db879e pdns-recursor.initd 954df537693a202fc195e751011bbfaa605b3f3df42ac386fa82eb809b73c2b987f5e418b5c96bb3b0669497426ce0daa39a719844701e06990b82843a4cf0d4 recursor.conf" diff --git a/community/pdns/4.1.10_to_4.1.11.schema.pgsql.sql.patch b/community/pdns/4.1.10_to_4.1.11.schema.pgsql.sql.patch deleted file mode 100644 index 525f954d146..00000000000 --- a/community/pdns/4.1.10_to_4.1.11.schema.pgsql.sql.patch +++ /dev/null @@ -1,31 +0,0 @@ -diff --git a/modules/gpgsqlbackend/4.1.10_to_4.1.11.schema.pgsql.sql b/modules/gpgsqlbackend/4.1.10_to_4.1.11.schema.pgsql.sql -new file mode 100644 -index 0000000..b0c2ee1 ---- /dev/null -+++ b/modules/gpgsqlbackend/4.1.10_to_4.1.11.schema.pgsql.sql -@@ -0,0 +1 @@ -+ALTER TABLE domains ALTER notified_serial TYPE bigint USING CASE WHEN notified_serial >= 0 THEN notified_serial::bigint END; -diff --git a/modules/gpgsqlbackend/Makefile.am b/modules/gpgsqlbackend/Makefile.am -index 8a820d5..9e2f271 100644 ---- a/modules/gpgsqlbackend/Makefile.am -+++ b/modules/gpgsqlbackend/Makefile.am -@@ -12,6 +12,7 @@ dist_doc_DATA = \ - schema.pgsql.sql \ - nodnssec-3.x_to_3.4.0_schema.pgsql.sql \ - dnssec-3.x_to_3.4.0_schema.pgsql.sql \ -+ 4.1.10_to_4.1.11.schema.pgsql.sql \ - 3.4.0_to_4.1.0_schema.pgsql.sql - - libgpgsqlbackend_la_SOURCES = \ -diff --git a/modules/gpgsqlbackend/Makefile.in b/modules/gpgsqlbackend/Makefile.in -index 4c1f978..9793c9d 100644 ---- a/modules/gpgsqlbackend/Makefile.in -+++ b/modules/gpgsqlbackend/Makefile.in -@@ -479,6 +479,7 @@ dist_doc_DATA = \ - schema.pgsql.sql \ - nodnssec-3.x_to_3.4.0_schema.pgsql.sql \ - dnssec-3.x_to_3.4.0_schema.pgsql.sql \ -+ 4.1.10_to_4.1.11.schema.pgsql.sql \ - 3.4.0_to_4.1.0_schema.pgsql.sql - - libgpgsqlbackend_la_SOURCES = \ diff --git a/community/pdns/APKBUILD b/community/pdns/APKBUILD index ce40f88cc69..999e58ded8f 100644 --- a/community/pdns/APKBUILD +++ b/community/pdns/APKBUILD @@ -5,7 +5,7 @@ # Contributor: Fabian Zoske <fabian@zoske.it> # Maintainer: Matt Smith <mcs@darkregion.net> pkgname=pdns -pkgver=4.1.11 +pkgver=4.1.14 pkgrel=0 pkgdesc="PowerDNS Authoritative Server" url="https://www.powerdns.com/" @@ -38,12 +38,13 @@ pkggroups="pdns" source="https://downloads.powerdns.com/releases/$pkgname-$pkgver.tar.bz2 $pkgname.initd $pkgname.conf - 4.1.10_to_4.1.11.schema.pgsql.sql.patch README.alpine " builddir="$srcdir/$pkgname-$pkgver" # secfixes: +# 4.1.14-r0: +# - CVE-2020-17482 # 4.1.11-r0: # - CVE-2019-10203 # 4.1.10-r0: @@ -145,8 +146,7 @@ backend_remote() { _mv_backend remote; } backend_sqlite3() { _mv_backend gsqlite3 sqlite; } #backend_tinydns() { _mv_backend tinydns; } -sha512sums="18215f523a39d48c8756bc13ecae1bd78967c2d66619d93ddaafb13062690002a9bdfe1d337796820706692c449286c7b9e9b8d45933684d32acbc20e490c0c4 pdns-4.1.11.tar.bz2 +sha512sums="d78e5548fd6d497c827b3e3ad3c10f0d14d1c5da8c302aacb853e6c54f853288b86c6efd5d7e0cd84d4508accc7b0641c70f9278117540c6e22ba1fdf64d37d1 pdns-4.1.14.tar.bz2 3a55547e1b6407e7d2faa6e02982ed903c2364381af1b7eeb626ae3a8b0e32558dd79bf31c982b134414e5636d4868c1f3660ac523f25d2440ed6f7b436843bf pdns.initd 3f809f3257680c3e496fa6a4c86c8a636db5d9d5b92aef96fe54c29b8266ee590deb792d13205cc171e27307fa73295dd3b101b09102fd66a2393a7cdbf9dd27 pdns.conf -a3caac012fae6d53afa9d08eaf4d2e70b406197e586b6716e0a9177d3833165493a55bf119669fd29c4397a8230a33982e38ef0b5a6883d71ee8869c06f0fe22 4.1.10_to_4.1.11.schema.pgsql.sql.patch f2781a23e14bea9b4bbb84f3b596663c76359c449ef6fd39c87b5ea1163c47e01c5ba490c804709033598f0542ac558bde477729ad1ab9f17d49606fa61b2049 README.alpine" diff --git a/community/php7-pecl-timezonedb/APKBUILD b/community/php7-pecl-timezonedb/APKBUILD index 55bfa4326e7..5026e0a52f4 100644 --- a/community/php7-pecl-timezonedb/APKBUILD +++ b/community/php7-pecl-timezonedb/APKBUILD @@ -1,33 +1,36 @@ # Contributor: Fabio Ribeiro <fabiorphp@gmail.com> # Maintainer: Fabio Ribeiro <fabiorphp@gmail.com> pkgname=php7-pecl-timezonedb -_pkgreal=timezonedb -pkgver=2018.9 +_extname=timezonedb +pkgver=2020.4 pkgrel=0 pkgdesc="Timezone Database to be used with PHP's date and time functions." url="https://pecl.php.net/package/timezonedb" arch="all" -license="PHP" +license="PHP-3.01" depends="php7-common" -makedepends="php7-dev autoconf re2c" -source="https://pecl.php.net/get/$_pkgreal-$pkgver.tgz" -builddir="$srcdir/$_pkgreal-$pkgver" -options="!check" # upstream does not provide tests yet +makedepends="php7-dev" +source="https://pecl.php.net/get/$_extname-$pkgver.tgz" +builddir="$srcdir/$_extname-$pkgver" provides="php7-timezonedb=$pkgver-r$pkgrel" # for backward compatibility replaces="php7-timezonedb" # for backward compatibility build() { - cd "$builddir" phpize7 ./configure --prefix=/usr --with-php-config=php-config7 make } +check() { + # Test suite is not a part of pecl release. + php7 -d extension=modules/$_extname.so --ri $_extname +} + package() { - cd "$builddir" - make INSTALL_ROOT="$pkgdir"/ install - install -d "$pkgdir"/etc/php7/conf.d - echo "extension=$_pkgreal.so" > "$pkgdir"/etc/php7/conf.d/40_$_pkgreal.ini + make INSTALL_ROOT="$pkgdir" install + local _confdir="$pkgdir"/etc/php7/conf.d + install -d $_confdir + echo "extension=$_extname.so" > $_confdir/40_$_extname.ini } -sha512sums="77fabe3aa0283900ea2d3d20caaf7c4b9bac1859249c9df4f0225c203fc92310dfe9b4144640af034a4ba86ba78a748a39980ff796affc67edc99ec874867e06 timezonedb-2018.9.tgz" +sha512sums="d5c41c76b4b0b033464a4f086072d061504fc439c910c47a7077a0586b308cc37a4202ff9f418a39cee63534d55136d15a173bb94923160c0fa16bb33ac89a09 timezonedb-2020.4.tgz" diff --git a/community/php7/APKBUILD b/community/php7/APKBUILD index 146c83add2c..e1098e63361 100644 --- a/community/php7/APKBUILD +++ b/community/php7/APKBUILD @@ -25,7 +25,7 @@ pkgname=php7 _pkgreal=php -pkgver=7.2.27 +pkgver=7.2.33 pkgrel=0 _apiver=20170718 _suffix=${pkgname#php} @@ -181,6 +181,14 @@ case "$CARCH" in esac # secfixes: +# 7.2.33-r0: +# - CVE-2020-7068 +# 7.2.31-r0: +# - CVE-2019-11048 +# - CVE-2020-7062 +# - CVE-2020-7063 +# - CVE-2020-7064 +# - CVE-2020-7066 # 7.2.27-r0: # - CVE-2020-7059 # - CVE-2020-7060 @@ -679,7 +687,7 @@ _mv() { mv $@ } -sha512sums="0d2cdfce73405772f359b231c66e6f64e0584a2b77e8e6e24f0c6bf38d3f3cb77dccc829fd7d0974f20030e875c3de399facce659e2b0293fb1c6336d9a37bed php-7.2.27.tar.bz2 +sha512sums="44664414c537fc9dc0bd77c6def5f23ce31a24e4cbc7a817cc581292f2ddb3ed163b72edda3284e065ee9533462837eb87391230742c326f80d5d295ab5f5550 php-7.2.33.tar.bz2 1c708de82d1086f272f484faf6cf6d087af7c31750cc2550b0b94ed723961b363f28a947b015b2dfc0765caea185a75f5d2c2f2b099c948b65c290924f606e4f php7-fpm.initd cacce7bf789467ff40647b7319e3760c6c587218720538516e8d400baa75651f72165c4e28056cd0c1dc89efecb4d00d0d7823bed80b29136262c825ce816691 php7-fpm.logrotate 274bd7b0b2b7002fa84c779640af37b59258bb37b05cb7dd5c89452977d71807f628d91b523b5039608376d1f760f3425d165242ca75ee5129b2730e71c4e198 php7-module.conf diff --git a/community/tor/APKBUILD b/community/tor/APKBUILD index 14caac4d98a..97d3d3919eb 100644 --- a/community/tor/APKBUILD +++ b/community/tor/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Christine Dodrill <me@christine.website> pkgname=tor pkgver=0.3.4.11 -pkgrel=0 +pkgrel=1 pkgdesc="Anonymous network connectivity" url="https://www.torproject.org" arch="all" @@ -12,7 +12,7 @@ makedepends="linux-headers bash libevent-dev openssl-dev ca-certificates zlib-dev" install="$pkgname.post-upgrade $pkgname.pre-install" subpackages="$pkgname-doc $pkgname-openrc" -source="https://www.torproject.org/dist/$pkgname-$pkgver.tar.gz +source="https://archive.torproject.org/tor-package-archive/$pkgname-$pkgver.tar.gz tor.initd tor.confd torrc.sample.patch" diff --git a/community/virtualbox-guest-modules-vanilla/APKBUILD b/community/virtualbox-guest-modules-vanilla/APKBUILD index e18cb364851..81304aa6227 100644 --- a/community/virtualbox-guest-modules-vanilla/APKBUILD +++ b/community/virtualbox-guest-modules-vanilla/APKBUILD @@ -8,7 +8,7 @@ _rel=0 _flavor=${FLAVOR:-vanilla} _kpkg=linux-$_flavor -_kver=4.19.98 +_kver=4.19.118 _krel=0 _kpkgver="$_kver-r$_krel" diff --git a/community/wireshark/APKBUILD b/community/wireshark/APKBUILD index 6cbaf39f837..45f3e3ddcbd 100644 --- a/community/wireshark/APKBUILD +++ b/community/wireshark/APKBUILD @@ -3,23 +3,36 @@ # Contributor: Jeremy Thomerson <jeremy@thomersonfamily.com> # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=wireshark -pkgver=2.6.9 +pkgver=2.6.20 pkgrel=0 -pkgdesc="A network protocol analyzer - GTK version" +pkgdesc="network protocol analyzer - GTK version" url="https://www.wireshark.org" arch="all" license="GPL-2.0-or-later" -depends="" makedepends="bison flex perl-dev glib glib-dev libpcap-dev libcap-dev gtk+3.0-dev c-ares-dev pcre-dev gnutls-dev libgcrypt-dev libnl3-dev qt5-qtbase-dev qt5-qttools-dev lua5.2-dev bash portaudio-dev" subpackages="$pkgname-dev $pkgname-doc $pkgname-gtk $pkgname-common tshark" source="https://www.wireshark.org/download/src/$pkgname-$pkgver.tar.xz fix-udpdump.patch - " + " builddir="$srcdir"/$pkgname-$pkgver # secfixes: +# 2.6.20-r0: +# - CVE-2020-25862 +# 2.6.16-r0: +# - CVE-2020-11647 +# 2.6.15-r0: +# - CVE-2020-9431 +# - CVE-2020-9430 +# - CVE-2020-9428 +# 2.6.13-r0: +# - CVE-2019-19553 +# 2.6.11-r0: +# - CVE-2019-16319 +# 2.6.10-r0: +# - CVE-2019-13619 # 2.6.9-r0: # - CVE-2019-12295 # 2.6.8-r0: @@ -123,14 +136,6 @@ builddir="$srcdir"/$pkgname-$pkgver # - CVE-2017-13765 # - CVE-2017-13766 # - CVE-2017-13767 -# 2.2.10-r0: -# - CVE-2017-15191 -# - CVE-2017-15192 -# - CVE-2017-15193 -# 2.2.9-r0: -# - CVE-2017-13765 -# - CVE-2017-13766 -# - CVE-2017-13767 # 2.2.8-r0: # - CVE-2017-11406 # - CVE-2017-11407 @@ -234,5 +239,5 @@ gtk() { mv "$pkgdir"/usr/bin/wireshark-gtk "$subpkgdir"/usr/bin/ } -sha512sums="ddd2efe25623f44d7f3d47808a000b2979d426a0cdf37dfa81af4d4159e0f67b172c7dbeedeb31034d48499089bfc7a99a8e7c6d1e7890be0523b693269c41ca wireshark-2.6.9.tar.xz +sha512sums="0e49e807b578368478e912970e7b4434cffcf499b803f62dbff64281c1400db5be8e96b69872270f2f52276c5fd8aee75ad3f175e8c1979dbe721a2d77f8cb13 wireshark-2.6.20.tar.xz 951677dd125b1e36b351cc87a98e8b8d0391d184c7695594dd4270334d86ada1dff5f14cd960da9c5d5d26fc801c42f0219b2db6269f3c526c841c7940d2f369 fix-udpdump.patch" diff --git a/community/zabbix/APKBUILD b/community/zabbix/APKBUILD index 6a341f58447..e2bc94e0e09 100644 --- a/community/zabbix/APKBUILD +++ b/community/zabbix/APKBUILD @@ -3,7 +3,7 @@ # Contributor: Leonardo Arena <rnalrd@alpinelinux.org> # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=zabbix -pkgver=4.0.16 +pkgver=4.0.27 pkgrel=0 pkgdesc="Enterprise-class open source distributed monitoring" url="http://www.zabbix.com" @@ -25,7 +25,7 @@ options="!check" # no tests available subpackages="$pkgname-doc $pkgname-agent $pkgname-pgsql $pkgname-mysql $pkgname-sqlite $pkgname-webif::noarch $pkgname-utils $pkgname-setup::noarch $pkgname-openrc $pkgname-agent-openrc:agent_openrc" -source="https://downloads.sourceforge.net/$pkgname/$pkgname-$pkgver.tar.gz +source="$pkgname-$pkgver.tar.gz::https://github.com/zabbix/zabbix/archive/$pkgver.tar.gz zabbix-server.initd zabbix-server.confd zabbix-agentd.initd @@ -39,7 +39,7 @@ source="https://downloads.sourceforge.net/$pkgname/$pkgname-$pkgver.tar.gz builddir="$srcdir"/$pkgname-$pkgver -# security fixes: +# secfixes: # 3.0.4-r0: # - CVE N/A ZBX-11023 @@ -200,10 +200,10 @@ agent_openrc() { "$subpkgdir"/etc/init.d/zabbix-agentd } -sha512sums="e5a0b13790ef082d63c879ebf989739ffde448161d45eb16ccf4100473556ef39d00466687ecce69e3430e54ec32015c2d00461b81f51510d08d8e38284e2ee6 zabbix-4.0.16.tar.gz +sha512sums="c5187c4421db0d179a49a7ef3af0a0bca950090644bbf8b474a5be807a8e54d08688946e5c9a63e5f367487314d806873718b081f2dc62ac310a2c19f1472eaf zabbix-4.0.27.tar.gz 9998ee172a28002d98bacc3f76038ff52b8cf2b206e101418d76b4ca3de94afaf92cb4f7a6235ecf177f74beb9dd3ea1f3983c4f164b4f60bb601acba65aa175 zabbix-server.initd 9c06527bf653c40585fa7eeb3f7a0b2fc454031d24cd0d1633aed87b78a681c5227a193c5b9fcfcea0839135874e27ba7dd9b198573f905f680a2856f79e9512 zabbix-server.confd -523013cab3ba79cbc00db92f09d4c5d514fd6aa9cbebf8f29227dc91fbc19d2f8375af74c21d2037e4f3380a818f808194dbc94e69709ef2cf90f66e715895c4 zabbix-agentd.initd +c6513c5cdc4709886ad2f2351ddd9fb3a5aeb35d07a3ca34ca7a531cc48be3b3c1dab74aecabe67aac78146bb5ee984c102b882707d1fbfa4120cf780eca9a92 zabbix-agentd.initd a26e7ac422ff60a4b8eed3603022c3a1bde640870bb9286ab061c3cb5c2fd7e91ddb317cb3d1cf61034adda0a080fc212ad416c9e2853a1deb03c5279753f4e2 zabbix-proxy.initd 9fc413b11a01c8202c7ee1c7950d6ca3de2d2d6cd01bea994cd4bc412533b53c4e4b1f58fc3c8df16ea70902053e278e2c5dcc936ce3e0a686a6eac62310ef53 zabbix-getloadavg.patch 7f70dfd602aa164ec8cc65ebb7e8274c685975f6aea9051933928051b8d9b6e368e5a673a07e7084a2105468c5085d72fa7b9f934460f10648d594f28f031a91 automake.patch diff --git a/community/zabbix/zabbix-agentd.initd b/community/zabbix/zabbix-agentd.initd index 56d67db8ae1..c24b0f82267 100644 --- a/community/zabbix/zabbix-agentd.initd +++ b/community/zabbix/zabbix-agentd.initd @@ -1,34 +1,19 @@ #!/sbin/openrc-run -# Copyright 1999-2007 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/zabbix/files/1.6.6/init.d/zabbix-agentd,v 1.1 2009/10/05 15:55:23 patrick Exp $ -# ensure the same file is specified as PidFile in /etc/zabbix/zabbix_agentd.conf -pidfile=/var/run/zabbix/zabbix_agentd.pid -user=zabbix -group=zabbix +name="Zabbix Agent" +command="/usr/sbin/zabbix_agentd" +command_args="--foreground" +command_background=yes +pidfile="/run/zabbix/zabbix_agentd.pid" +: ${command_user:=zabbix} +: ${command_group:=zabbix} start_pre() { - checkpath --owner ${user}:${group} --directory ${pidfile%/*} + checkpath --owner ${command_user}:${command_group} --directory ${pidfile%/*} /var/log/zabbix } - depend() { need net provide zabbix-agent use zabbix-server } - -start() { - ebegin "Starting Zabbix agent" - start-stop-daemon --pidfile ${pidfile} --start --user ${user}:${group} --exec /usr/sbin/zabbix_agentd - eend $? -} - -stop() { - ebegin "Stopping Zabbix agent" - start-stop-daemon --stop --user ${user} --pidfile ${pidfile} - eend $? -} - - |