From ecd20ed8a285a0e0f8b4d9717e5e79713af79d6e Mon Sep 17 00:00:00 2001
From: Simon Frankenberger <simon-alpine@fraho.eu>
Date: Thu, 20 Jul 2023 08:13:18 +0200
Subject: [PATCH] community/openjdk17: upgrade to 17.0.8

(cherry picked from commit fde5f0d8192cb3cb890efb56a9f9f306fdf9c2ce)
---
 community/openjdk17/APKBUILD                  | 40 ++---------
 community/openjdk17/Alpine_Bug_10126.java     | 13 ----
 community/openjdk17/HelloWorld.java           |  3 -
 .../JDK-8218814_Wformat-security.patch        | 17 +++++
 .../openjdk17/JDK-8282306_disable-test.patch  |  4 +-
 community/openjdk17/TestCryptoLevel.java      | 72 -------------------
 community/openjdk17/TestECDSA.java            | 49 -------------
 7 files changed, 26 insertions(+), 172 deletions(-)
 delete mode 100644 community/openjdk17/Alpine_Bug_10126.java
 delete mode 100644 community/openjdk17/HelloWorld.java
 create mode 100644 community/openjdk17/JDK-8218814_Wformat-security.patch
 delete mode 100644 community/openjdk17/TestCryptoLevel.java
 delete mode 100644 community/openjdk17/TestECDSA.java

diff --git a/community/openjdk17/APKBUILD b/community/openjdk17/APKBUILD
index 77a76829f38f..18174c164e27 100644
--- a/community/openjdk17/APKBUILD
+++ b/community/openjdk17/APKBUILD
@@ -1,7 +1,7 @@
 # Contributor: Simon Frankenberger <simon-alpine@fraho.eu>
 # Maintainer: Simon Frankenberger <simon-alpine@fraho.eu>
 pkgname=openjdk17
-pkgver=17.0.7_p7
+pkgver=17.0.8_p7
 _pkgver=${pkgver%_p*}-ga
 pkgrel=0
 pkgdesc="Oracle OpenJDK 17"
@@ -44,14 +44,9 @@ subpackages="$pkgname-jmods:_jmods:noarch
 	$pkgname-jdk:_jdk"
 source="jdk-$_pkgver.tar.gz::https://github.com/openjdk/jdk17u/archive/jdk-$_pkgver.tar.gz
 	gtest-1.8.1.tar.gz::https://github.com/google/googletest/archive/release-1.8.1.tar.gz
-
 	ppc64le.patch
 	JDK-8282306_disable-test.patch
-
-	HelloWorld.java
-	TestECDSA.java
-	TestCryptoLevel.java
-	Alpine_Bug_10126.java
+	JDK-8218814_Wformat-security.patch
 "
 builddir="$srcdir/jdk17u-jdk-${_pkgver/+/-}"
 
@@ -142,8 +137,8 @@ build() {
 		--mandir=/usr/share/man \
 		--infodir=/usr/share/info \
 		--localstatedir=/var \
-		--with-extra-cflags="$CFLAGS" \
-		--with-extra-cxxflags="$CXXFLAGS" \
+		--with-extra-cflags="$CFLAGS -D_LARGEFILE64_SOURCE" \
+		--with-extra-cxxflags="$CXXFLAGS -D_LARGEFILE64_SOURCE" \
 		--with-extra-ldflags="$LDFLAGS" \
 		--with-zlib=system \
 		--with-libjpeg=system \
@@ -171,24 +166,6 @@ build() {
 }
 
 check() {
-	local _java_bin="./build/linux-*-server-release/images/jdk/bin"
-
-	# 1) compile and run a simple hello world
-	$_java_bin/javac -d . "$srcdir"/HelloWorld.java
-	$_java_bin/java HelloWorld
-
-	# 2) compile and run a testcase for unlimited policy
-	$_java_bin/javac -d . "$srcdir"/TestCryptoLevel.java
-	$_java_bin/java -cp . --add-opens java.base/javax.crypto=ALL-UNNAMED TestCryptoLevel
-
-	# 3) compile and run a testcase for ECDSA signatures
-	$_java_bin/javac -d . "$srcdir"/TestECDSA.java
-	$_java_bin/java TestECDSA
-
-	# 4) compile and run testcase for bug 10126
-	$_java_bin/javac -d . "$srcdir"/Alpine_Bug_10126.java
-	$_java_bin/java Alpine_Bug_10126
-
 	# run the gtest unittest suites
 	# they don't take long, DO NOT DISABLE THEM!
 	MAKEFLAGS='' make test-hotspot-gtest
@@ -321,12 +298,9 @@ _jdk() {
 }
 
 sha512sums="
-b403c581b2a89c576ca5468ac34e1a97ef0ab2d6150d31724151b098738684ef9213d31e06fd1923f9cd8a8a1f257f032a166a502177a9b0670bea7280439969  jdk-17.0.7-ga.tar.gz
+3a18290353f04ad953e8968a26e94966ec1c2e1af9b033619b80e8046abe2b521cf36d83c59761a13dee7188e4bb783a1be1dcf1b5e6251aef066034afd50c06  jdk-17.0.8-ga.tar.gz
 e6283c667558e1fd6e49fa96e52af0e415a3c8037afe1d28b7ff1ec4c2ef8f49beb70a9327b7fc77eb4052a58c4ccad8b5260ec90e4bceeac7a46ff59c4369d7  gtest-1.8.1.tar.gz
 6d718468e1b6909e01758611bd297854a0cededed5ec3cbe08c32f809d2608ce65d7947f85288acf90815323d3c2b90f10eab1537f7fc20d5acb1c64b2c5a588  ppc64le.patch
-24bae584d62de592758ffec98fec6832ce581454d8066d6ae4505b6b2187c862fdba61a4556f88419b024fe355f93e5e86a6a0db7421a759bbbbf6a940a3a2d9  JDK-8282306_disable-test.patch
-d1767dddd8e0956e25c0f77ed45c6fc86a1191bae1704a6dc33be490fd20eaa50461fe5c2a3349512059d555651e2eb41437dd3c1096c351e8ee68b4534a2579  HelloWorld.java
-27e91edef89d26c0c5b9a813e2045f8d2b348745a506ae37b34b660fa7093da9a4e0e676ea41dc4a5c901bce02e5304d95e90f68d6c99cbf461b2da40a7a9853  TestECDSA.java
-b02dff8d549f88317bb4c741a9e269e8d59eef990197d085388fc49c7423a4eb9367dbe1e02bffb10e7862f5980301eb58d4494e177d0e8f60af6b05c7fbbe60  TestCryptoLevel.java
-cc466f64fcc8762cf6e3c1f5739be6425209b27aa58acff4e7eb126003d61fa18266f0e79e57e9d84224654010185ab45dc0a8043543dea227258458a00a1eb1  Alpine_Bug_10126.java
+4ee2362f4e2097eda9ca74b5333a9e8bb148adbc085be8cc66e54ccbe485fbed823bc7cf0481c1d5600c07029436ff074f2cc63fd5c722c81a261155afac5454  JDK-8282306_disable-test.patch
+218217c4f0e41f709deff812e3b5dd80bf9b98935ba637f83b88a70773fefc08639a13c8072173921cd6e5605fb6e8b328758759683e7cfd3758d4bbc10a5a88  JDK-8218814_Wformat-security.patch
 "
diff --git a/community/openjdk17/Alpine_Bug_10126.java b/community/openjdk17/Alpine_Bug_10126.java
deleted file mode 100644
index a381c9ed70ac..000000000000
--- a/community/openjdk17/Alpine_Bug_10126.java
+++ /dev/null
@@ -1,13 +0,0 @@
-public class Alpine_Bug_10126 {
-    public static void main(String[] args) throws Exception {
-        try (java.net.Socket sock = javax.net.ssl.SSLSocketFactory.getDefault().createSocket("gitlab.alpinelinux.org", 443);
-             java.io.InputStream in = sock.getInputStream();
-             java.io.OutputStream out = sock.getOutputStream()) {
-            out.write("GET / HTTP/1.0\n\nHost: gitlab.alpinelinux.org\n\nConnection: close\n\n\n\n".getBytes());
-            out.flush();
-            while (in.read(new byte[1024]) != -1) ;
-        }
-        System.out.println("Secured connection performed successfully");
-    }
-}
-
diff --git a/community/openjdk17/HelloWorld.java b/community/openjdk17/HelloWorld.java
deleted file mode 100644
index 0be813a19015..000000000000
--- a/community/openjdk17/HelloWorld.java
+++ /dev/null
@@ -1,3 +0,0 @@
-public class HelloWorld {
-  public static void main(String[] args) { System.out.println("Hello World!"); }
-}
diff --git a/community/openjdk17/JDK-8218814_Wformat-security.patch b/community/openjdk17/JDK-8218814_Wformat-security.patch
new file mode 100644
index 000000000000..95a54d9a09d5
--- /dev/null
+++ b/community/openjdk17/JDK-8218814_Wformat-security.patch
@@ -0,0 +1,17 @@
+Author: Simon Frankenberger <simon-alpine@fraho.eu>
+Subject: Fix compilation of jtreg / gtest objects with -Werror=format-security CFLAGS
+Upstream: Yes / closed unresolved (https://bugs.openjdk.org/browse/JDK-8218814)
+
+Remove the -Wno-format CLFAG for test objects
+
+--- old/make/common/TestFilesCompilation.gmk	2023-07-11 17:28:44.345270760 +0200
++++ new/make/common/TestFilesCompilation.gmk	2023-07-11 17:29:57.941716556 +0200
+@@ -100,7 +100,7 @@
+         CFLAGS := $$($1_BASE_CFLAGS) $$($1_CFLAGS) $$($1_CFLAGS_$$(name)), \
+         CXXFLAGS := $$($1_BASE_CXXFLAGS) $$($1_CFLAGS) $$($1_CFLAGS_$$(name)), \
+         LDFLAGS := $$($1_LDFLAGS) $$($1_LDFLAGS_$$(name)), \
+-        DISABLED_WARNINGS_gcc := format undef unused-function unused-value, \
++        DISABLED_WARNINGS_gcc := undef unused-function unused-value, \
+         DISABLED_WARNINGS_clang := undef format-nonliteral \
+             missing-field-initializers sometimes-uninitialized, \
+         LIBS := $$($1_LIBS_$$(name)), \
diff --git a/community/openjdk17/JDK-8282306_disable-test.patch b/community/openjdk17/JDK-8282306_disable-test.patch
index b325eedd5964..6dfe7b9a7aef 100644
--- a/community/openjdk17/JDK-8282306_disable-test.patch
+++ b/community/openjdk17/JDK-8282306_disable-test.patch
@@ -10,8 +10,8 @@ Disable failing test as workaround
  }
  
  TEST_VM(os, is_first_C_frame) {
--#if !defined(_WIN32) && !defined(ZERO)
-+#if !defined(_WIN32) && !defined(ZERO) && false
+-#if !defined(_WIN32) && !defined(ZERO) && !defined(__thumb__)
++#if !defined(_WIN32) && !defined(ZERO) && !defined(__thumb__) && false
    frame invalid_frame;
    EXPECT_TRUE(os::is_first_C_frame(&invalid_frame)); // the frame has zeroes for all values
  
diff --git a/community/openjdk17/TestCryptoLevel.java b/community/openjdk17/TestCryptoLevel.java
deleted file mode 100644
index 3ed6c8dc15c1..000000000000
--- a/community/openjdk17/TestCryptoLevel.java
+++ /dev/null
@@ -1,72 +0,0 @@
-/* TestCryptoLevel -- Ensure unlimited crypto policy is in use.
-   Copyright (C) 2012 Red Hat, Inc.
-
-This program is free software: you can redistribute it and/or modify
-it under the terms of the GNU Affero General Public License as
-published by the Free Software Foundation, either version 3 of the
-License, or (at your option) any later version.
-
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-GNU Affero General Public License for more details.
-
-You should have received a copy of the GNU Affero General Public License
-along with this program.  If not, see <http://www.gnu.org/licenses/>.
-*/
-
-import java.lang.reflect.Field;
-import java.lang.reflect.Method;
-import java.lang.reflect.InvocationTargetException;
-
-import java.security.Permission;
-import java.security.PermissionCollection;
-
-public class TestCryptoLevel
-{
-    public static void main(String[] args)
-            throws NoSuchFieldException, ClassNotFoundException,
-            IllegalAccessException, InvocationTargetException
-    {
-        Class<?> cls = null;
-        Method def = null, exempt = null;
-
-        try
-        {
-            cls = Class.forName("javax.crypto.JceSecurity");
-        }
-        catch (ClassNotFoundException ex)
-        {
-            System.err.println("Running a non-Sun JDK.");
-            System.exit(0);
-        }
-        try
-        {
-            def = cls.getDeclaredMethod("getDefaultPolicy");
-            exempt = cls.getDeclaredMethod("getExemptPolicy");
-        }
-        catch (NoSuchMethodException ex)
-        {
-            System.err.println("Running IcedTea with the original crypto patch.");
-            System.exit(0);
-        }
-        def.setAccessible(true);
-        exempt.setAccessible(true);
-        PermissionCollection defPerms = (PermissionCollection) def.invoke(null);
-        PermissionCollection exemptPerms = (PermissionCollection) exempt.invoke(null);
-        Class<?> apCls = Class.forName("javax.crypto.CryptoAllPermission");
-        Field apField = apCls.getDeclaredField("INSTANCE");
-        apField.setAccessible(true);
-        Permission allPerms = (Permission) apField.get(null);
-        if (defPerms.implies(allPerms) && (exemptPerms == null || exemptPerms.implies(allPerms)))
-        {
-            System.err.println("Running with the unlimited policy.");
-            System.exit(0);
-        }
-        else
-        {
-            System.err.println("WARNING: Running with a restricted crypto policy.");
-            System.exit(-1);
-        }
-    }
-}
diff --git a/community/openjdk17/TestECDSA.java b/community/openjdk17/TestECDSA.java
deleted file mode 100644
index abd81d1cedf5..000000000000
--- a/community/openjdk17/TestECDSA.java
+++ /dev/null
@@ -1,49 +0,0 @@
-/* TestECDSA -- Ensure ECDSA signatures are working.
-   Copyright (C) 2016 Red Hat, Inc.
-
-This program is free software: you can redistribute it and/or modify
-it under the terms of the GNU Affero General Public License as
-published by the Free Software Foundation, either version 3 of the
-License, or (at your option) any later version.
-
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-GNU Affero General Public License for more details.
-
-You should have received a copy of the GNU Affero General Public License
-along with this program.  If not, see <http://www.gnu.org/licenses/>.
-*/
-
-import java.math.BigInteger;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.Signature;
-
-/**
- * @test
- */
-public class TestECDSA {
-
-    public static void main(String[] args) throws Exception {
-        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC");
-        KeyPair key = keyGen.generateKeyPair();
-
-        byte[] data = "This is a string to sign".getBytes("UTF-8");
-
-        Signature dsa = Signature.getInstance("NONEwithECDSA");
-        dsa.initSign(key.getPrivate());
-        dsa.update(data);
-        byte[] sig = dsa.sign();
-        System.out.println("Signature: " + new BigInteger(1, sig).toString(16));
-
-        Signature dsaCheck = Signature.getInstance("NONEwithECDSA");
-        dsaCheck.initVerify(key.getPublic());
-        dsaCheck.update(data);
-        boolean success = dsaCheck.verify(sig);
-        if (!success) {
-            throw new RuntimeException("Test failed. Signature verification error");
-        }
-        System.out.println("Test passed.");
-    }
-}
-- 
GitLab