!6 I5JXN9: upgrade to jdk17.0.4-ga

From: @kuenking111 Reviewed-by: @jvmboy Signed-off-by: @jvmboy
2022-08-03 07:01:29 +00:00 · 2022-08-03 07:01:29 +00:00 · d9fde5e440
commit d9fde5e440
parent 53853f5cdd 8a321ebc00
5 changed files with 32 additions and 84 deletions
--- a/Delete-expired-certificate.patch
+++ b/Delete-expired-certificate.patch
@ -1,4 +1,5 @@
 From 81e5f144710e946f70db91329a79b9ebcd76c2f3 Mon Sep 17 00:00:00 2001
+From: zhangyipeng  <zhangyipeng7@huawei.com>
 Date: Wed, 15 Dec 2021 17:04:17 +0800
 Subject: [PATCH] Delete expired certificate

@ -117,9 +118,24 @@ index 0c195ff51..000000000
 -SnQ2+Q==
 ------END CERTIFICATE-----
 diff --git a/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java b/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java
-index f39dca74a..c404ed613 100644
+index f39dca74a..768b6572c 100644
 --- a/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java
 +++ b/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java
+@@ -54,12 +54,12 @@ public class VerifyCACerts {
+             + File.separator + "security" + File.separator + "cacerts";
+ 
+     // The numbers of certs now.
+-    private static final int COUNT = 89;
+    private static final int COUNT = 86;
+ 
+     // SHA-256 of cacerts, can be generated with
+     // shasum -a 256 cacerts | sed -e 's/../&:/g' | tr '[:lower:]' '[:upper:]' | cut -c1-95
+     private static final String CHECKSUM
+-            = "CC:AD:BB:49:70:97:3F:42:AD:73:91:A0:A2:C4:B8:AA:D1:95:59:F3:B3:22:09:2A:1F:2C:AB:04:47:08:EF:AA";
+            = "89:78:5A:96:F4:B2:68:4C:91:C0:32:2C:ED:2D:6B:3B:26:B8:37:C3:07:DD:9E:50:87:53:53:7A:24:98:97:E0";
+ 
+     // Hex formatter to upper case with ":" delimiter
+     private static final HexFormat HEX = HexFormat.ofDelimiter(":").withUpperCase();
@@ -120,8 +120,6 @@ public class VerifyCACerts {
                     "7E:37:CB:8B:4C:47:09:0C:AB:36:55:1B:A6:F4:5D:B8:40:68:0F:BA:16:6A:95:2D:B1:00:71:7F:43:05:3F:C2");
             put("digicerthighassuranceevrootca [jdk]",
--- a/add-version-txt.patch
+++ b/add-version-txt.patch
@ -13,7 +13,7 @@ index 000000000..b717bafbe
 --- /dev/null
 +++ b/version.txt
@@ -0,0 +1 @@
-+17.0.3.0.13
+17.0.4.0.13
 -- 
 2.19.0

--- a/fix_X509TrustManagerImpl_symantec_distrust.patch
+++ b/fix_X509TrustManagerImpl_symantec_distrust.patch
@ -1,70 +0,0 @@
-diff --git a/make/data/cacerts/geotrustglobalca b/make/data/cacerts/geotrustglobalca
-new file mode 100644
-index 000000000..7f8bf9a66
--- /dev/null
-+++ b/make/data/cacerts/geotrustglobalca
-@@ -0,0 +1,27 @@
-+Owner: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US
-+Issuer: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US
-+Serial number: 23456
-+Valid from: Tue May 21 04:00:00 GMT 2002 until: Sat May 21 04:00:00 GMT 2022
-+Signature algorithm name: SHA1withRSA
-+Subject Public Key Algorithm: 2048-bit RSA key
-+Version: 3
-+-----BEGIN CERTIFICATE-----
-+MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT
-+MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
-+YWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQG
-+EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3Qg
-+R2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD9
-+9BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdq
-+fnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDv
-+iS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU
-+1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+
-+bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoW
-+MPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTA
-+ephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1l
-+uMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKIn
-+Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS
-+tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF
-+PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un
-+hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV
-+5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw==
-+-----END CERTIFICATE-----
-diff --git a/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java b/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java
-index c404ed613..4d459f798 100644
--- a/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java
-+++ b/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java
-@@ -54,12 +54,12 @@ public class VerifyCACerts {
-             + File.separator + "security" + File.separator + "cacerts";
- 
-     // The numbers of certs now.
-    private static final int COUNT = 89;
-+    private static final int COUNT = 87;
- 
-     // SHA-256 of cacerts, can be generated with
-     // shasum -a 256 cacerts | sed -e 's/../&:/g' | tr '[:lower:]' '[:upper:]' | cut -c1-95
-     private static final String CHECKSUM
-            = "CC:AD:BB:49:70:97:3F:42:AD:73:91:A0:A2:C4:B8:AA:D1:95:59:F3:B3:22:09:2A:1F:2C:AB:04:47:08:EF:AA";
-+            = "63:C4:11:7D:BF:C5:05:2B:BF:C2:B4:5A:2C:B6:26:C4:57:76:FB:D4:48:3B:E7:4C:62:B0:A1:7B:4F:07:B1:0C";
- 
-     // Hex formatter to upper case with ":" delimiter
-     private static final HexFormat HEX = HexFormat.ofDelimiter(":").withUpperCase();
-@@ -120,6 +120,8 @@ public class VerifyCACerts {
-                     "7E:37:CB:8B:4C:47:09:0C:AB:36:55:1B:A6:F4:5D:B8:40:68:0F:BA:16:6A:95:2D:B1:00:71:7F:43:05:3F:C2");
-             put("digicerthighassuranceevrootca [jdk]",
-                     "74:31:E5:F4:C3:C1:CE:46:90:77:4F:0B:61:E0:54:40:88:3B:A9:A0:1E:D0:0B:A6:AB:D7:80:6E:D3:B1:18:CF");
-+            put("geotrustglobalca [jdk]",
-+                    "FF:85:6A:2D:25:1D:CD:88:D3:66:56:F4:50:12:67:98:CF:AB:AA:DE:40:79:9C:72:2D:E4:D2:B5:DB:36:A7:3A");
-             put("geotrustprimaryca [jdk]",
-                     "37:D5:10:06:C5:12:EA:AB:62:64:21:F1:EC:8C:92:01:3F:C5:F8:2A:E9:8E:E5:33:EB:46:19:B8:DE:B4:D0:6C");
-             put("geotrustprimarycag2 [jdk]",
-@@ -254,6 +256,8 @@ public class VerifyCACerts {
-             add("addtrustexternalca [jdk]");
-             // Valid until: Sat May 30 10:44:50 GMT 2020
-             add("addtrustqualifiedca [jdk]");
-+	    // Valid until: Sat May 21 04:00:00 GMT 2022
-+            add("geotrustglobalca [jdk]");
-         }
-     };
- 
--- a/jdk-updates-jdk17u-jdk-17.0.4+8.tar.gz
+++ b/jdk-updates-jdk17u-jdk-17.0.4+8.tar.gz
--- a/openjdk-17.spec
+++ b/openjdk-17.spec
@ -81,7 +81,7 @@
 # By default, we build a debug build during main build on JIT architectures
 %if %{with slowdebug}
 %ifarch %{jit_arches}
-%global include_debug_build 0
+%global include_debug_build 1
 %else
 %global include_debug_build 0
 %endif
@ -155,7 +155,7 @@
 # Used via new version scheme. JDK 17 was
 # GA'ed in March 2021 => 21.9
 %global vendor_version_string 21.9
-%global securityver 3
+%global securityver 4
 # buildjdkver is usually same as %%{majorver},
 # but in time of bootstrap of next jdk, it is majorver-1, 
 # and this it is better to change it here, on single place
@ -175,7 +175,7 @@
 %global origin_nice     OpenJDK
 %global top_level_dir_name   %{origin}
 %global minorver        0
-%global buildver        7
+%global buildver        8
 # priority must be 8 digits in total; up to openjdk 1.8, we were using 18..... so when we moved to 11, we had to add another digit
 %if %is_system_jdk
 %global priority %( printf '%02d%02d%02d%02d' %{majorver} %{minorver} %{securityver} %{buildver} )
@ -885,7 +885,7 @@ Provides: java-src%{?1} = %{epoch}:%{version}-%{release}

 Name:    java-%{javaver}-%{origin}
 Version: %{newjavaver}.%{buildver}
-Release: 1
+Release: 0

 # java-1.5.0-ibm from jpackage.org set Epoch to 1 for unknown reasons
 # and this change was brought into RHEL-4. java-1.5.0-ibm packages
@ -973,9 +973,6 @@ Patch14: Clean-up-JDK17-codeDEX.patch
 Patch15: Delete-expired-certificate.patch
 Patch16: Clean-up-JDK17-codeDEX-fix-Non-static-numa_node_dist.patch

-# 17.0.3
-Patch17: fix_X509TrustManagerImpl_symantec_distrust.patch
-
 BuildRequires: autoconf
 BuildRequires: automake
 BuildRequires: alsa-lib-devel
@ -1209,7 +1206,6 @@ pushd %{top_level_dir_name}
 %patch14 -p1
 %patch15 -p1
 %patch16 -p1
-%patch17 -p1
 popd # openjdk

 %patch1000
@ -1427,7 +1423,7 @@ do
    do
     # We expect to see .cpp files, except for architectures like aarch64 and
     # s390 where we expect .o and .oS files
-      echo "$line" | grep -E "ABS ((.*/)?[-_a-zA-Z0-9]+\.(c|cc|cpp|cxx|o|oS))?$"
+      echo "$line" | grep -E "ABS ((.*/)?[-_a-zA-Z0-9]+\.(c|cc|cpp|cxx|o|S|oS))?$"
    done
    IFS="$old_IFS"

@ -1441,7 +1437,7 @@ do
    # debuginfo file. There shouldn't be any debuginfo files, so the link makes
    # no sense either
    eu-readelf -S "$lib" | grep 'gnu'
-    if eu-readelf -S "$lib" | grep '] .gnu_debuglink' | grep PROGBITS; then
+    if eu-readelf -S "$lib" | grep "] .gnu_debuglink" | grep PROGBITS; then
      echo "bad .gnu_debuglink section."
      eu-readelf -x .gnu_debuglink "$lib"
      false
@ -1763,8 +1759,14 @@ cjc.mainProgram(arg)


 %changelog
-* Thu April 28 2022 kuenking111 <wangkun49@huawei.com> - 1:17.0.3.7-1
+* Mon Aug 1 2022 kuenking111 <wangkun49@huawei.com> - 1:17.0.4.8-0.rolling
+- modified Delete-expired-certificate.patch
+- modified add-version-txt.patch
+- del fix_X509TrustManagerImpl_symantec_distrust.patch
+- add jdk17.0.4-ga
+
+* Thu Apr 28 2022 kuenking111 <wangkun49@huawei.com> - 1:17.0.3.7-1
 - add fix_X509TrustManagerImpl_symantec_distrust.patch

-* Tue April 26 2022 kuenking111 <wangkun49@huawei.com> - 1:17.0.3.7-0.rolling
+* Tue Apr 26 2022 kuenking111 <wangkun49@huawei.com> - 1:17.0.3.7-0.rolling
 - Init jdk-17.0.3+7-ga