packages/openjdk-17
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

I556TM: fix X509TrustManagerImpl Symantec Distrust failed

Browse Source
This commit is contained in:
kuenking111 2022-04-28 16:33:56 +08:00
parent bbc9135b79
commit a7a6b51080
2 changed files with 78 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
fix_X509TrustManagerImpl_symantec_distrust.patch Normal file
View File

@ -0,0 +1,70 @@
diff --git a/make/data/cacerts/geotrustglobalca b/make/data/cacerts/geotrustglobalca
new file mode 100644
index 000000000..7f8bf9a66
--- /dev/null
+++ b/make/data/cacerts/geotrustglobalca
@@ -0,0 +1,27 @@
+Owner: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US
+Issuer: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US
+Serial number: 23456
+Valid from: Tue May 21 04:00:00 GMT 2002 until: Sat May 21 04:00:00 GMT 2022
+Signature algorithm name: SHA1withRSA
+Subject Public Key Algorithm: 2048-bit RSA key
+Version: 3
+-----BEGIN CERTIFICATE-----
+MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT
+MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
+YWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQG
+EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3Qg
+R2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD9
+9BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdq
+fnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDv
+iS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU
+1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+
+bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoW
+MPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTA
+ephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1l
+uMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKIn
+Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS
+tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF
+PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un
+hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV
+5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw==
+-----END CERTIFICATE-----
diff --git a/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java b/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java
index c404ed613..4d459f798 100644
--- a/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java
+++ b/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java
@@ -54,12 +54,12 @@ public class VerifyCACerts {
+ File.separator + "security" + File.separator + "cacerts";
// The numbers of certs now.
- private static final int COUNT = 89;
+ private static final int COUNT = 87;
// SHA-256 of cacerts, can be generated with
// shasum -a 256 cacerts | sed -e 's/../&:/g' | tr '[:lower:]' '[:upper:]' | cut -c1-95
private static final String CHECKSUM
- = "CC:AD:BB:49:70:97:3F:42:AD:73:91:A0:A2:C4:B8:AA:D1:95:59:F3:B3:22:09:2A:1F:2C:AB:04:47:08:EF:AA";
+ = "63:C4:11:7D:BF:C5:05:2B:BF:C2:B4:5A:2C:B6:26:C4:57:76:FB:D4:48:3B:E7:4C:62:B0:A1:7B:4F:07:B1:0C";
// Hex formatter to upper case with ":" delimiter
private static final HexFormat HEX = HexFormat.ofDelimiter(":").withUpperCase();
@@ -120,6 +120,8 @@ public class VerifyCACerts {
"7E:37:CB:8B:4C:47:09:0C:AB:36:55:1B:A6:F4:5D:B8:40:68:0F:BA:16:6A:95:2D:B1:00:71:7F:43:05:3F:C2");
put("digicerthighassuranceevrootca [jdk]",
"74:31:E5:F4:C3:C1:CE:46:90:77:4F:0B:61:E0:54:40:88:3B:A9:A0:1E:D0:0B:A6:AB:D7:80:6E:D3:B1:18:CF");
+ put("geotrustglobalca [jdk]",
+ "FF:85:6A:2D:25:1D:CD:88:D3:66:56:F4:50:12:67:98:CF:AB:AA:DE:40:79:9C:72:2D:E4:D2:B5:DB:36:A7:3A");
put("geotrustprimaryca [jdk]",
"37:D5:10:06:C5:12:EA:AB:62:64:21:F1:EC:8C:92:01:3F:C5:F8:2A:E9:8E:E5:33:EB:46:19:B8:DE:B4:D0:6C");
put("geotrustprimarycag2 [jdk]",
@@ -254,6 +256,8 @@ public class VerifyCACerts {
add("addtrustexternalca [jdk]");
// Valid until: Sat May 30 10:44:50 GMT 2020
add("addtrustqualifiedca [jdk]");
+ // Valid until: Sat May 21 04:00:00 GMT 2022
+ add("geotrustglobalca [jdk]");
}
};

9
openjdk-17.spec
View File

@ -885,7 +885,7 @@ Provides: java-src%{?1} = %{epoch}:%{version}-%{release}
Name: java-%{javaver}-%{origin} Name: java-%{javaver}-%{origin}
Version: %{newjavaver}.%{buildver} Version: %{newjavaver}.%{buildver}
Release: 0 Release: 1
# java-1.5.0-ibm from jpackage.org set Epoch to 1 for unknown reasons # java-1.5.0-ibm from jpackage.org set Epoch to 1 for unknown reasons
# and this change was brought into RHEL-4. java-1.5.0-ibm packages # and this change was brought into RHEL-4. java-1.5.0-ibm packages
@ -973,6 +973,9 @@ Patch14: Clean-up-JDK17-codeDEX.patch
Patch15: Delete-expired-certificate.patch Patch15: Delete-expired-certificate.patch
Patch16: Clean-up-JDK17-codeDEX-fix-Non-static-numa_node_dist.patch Patch16: Clean-up-JDK17-codeDEX-fix-Non-static-numa_node_dist.patch
# 17.0.3
Patch17: fix_X509TrustManagerImpl_symantec_distrust.patch
BuildRequires: autoconf BuildRequires: autoconf
BuildRequires: automake BuildRequires: automake
BuildRequires: alsa-lib-devel BuildRequires: alsa-lib-devel
@ -1206,6 +1209,7 @@ pushd %{top_level_dir_name}
%patch14 -p1 %patch14 -p1
%patch15 -p1 %patch15 -p1
%patch16 -p1 %patch16 -p1
%patch17 -p1
popd # openjdk popd # openjdk
%patch1000 %patch1000
@ -1759,5 +1763,8 @@ cjc.mainProgram(arg)
%changelog %changelog
* Thu April 28 2022 kuenking111 <wangkun49@huawei.com> - 1:17.0.3.7-1
- add fix_X509TrustManagerImpl_symantec_distrust.patch
* Tue April 26 2022 kuenking111 <wangkun49@huawei.com> - 1:17.0.3.7-0.rolling * Tue April 26 2022 kuenking111 <wangkun49@huawei.com> - 1:17.0.3.7-0.rolling
- Init jdk-17.0.3+7-ga - Init jdk-17.0.3+7-ga