From ecd20ed8a285a0e0f8b4d9717e5e79713af79d6e Mon Sep 17 00:00:00 2001 From: Simon Frankenberger <simon-alpine@fraho.eu> Date: Thu, 20 Jul 2023 08:13:18 +0200 Subject: [PATCH] community/openjdk17: upgrade to 17.0.8 (cherry picked from commit fde5f0d8192cb3cb890efb56a9f9f306fdf9c2ce) --- community/openjdk17/APKBUILD | 40 ++--------- community/openjdk17/Alpine_Bug_10126.java | 13 ---- community/openjdk17/HelloWorld.java | 3 - .../JDK-8218814_Wformat-security.patch | 17 +++++ .../openjdk17/JDK-8282306_disable-test.patch | 4 +- community/openjdk17/TestCryptoLevel.java | 72 ------------------- community/openjdk17/TestECDSA.java | 49 ------------- 7 files changed, 26 insertions(+), 172 deletions(-) delete mode 100644 community/openjdk17/Alpine_Bug_10126.java delete mode 100644 community/openjdk17/HelloWorld.java create mode 100644 community/openjdk17/JDK-8218814_Wformat-security.patch delete mode 100644 community/openjdk17/TestCryptoLevel.java delete mode 100644 community/openjdk17/TestECDSA.java diff --git a/community/openjdk17/APKBUILD b/community/openjdk17/APKBUILD index 77a76829f38f..18174c164e27 100644 --- a/community/openjdk17/APKBUILD +++ b/community/openjdk17/APKBUILD @@ -1,7 +1,7 @@ # Contributor: Simon Frankenberger <simon-alpine@fraho.eu> # Maintainer: Simon Frankenberger <simon-alpine@fraho.eu> pkgname=openjdk17 -pkgver=17.0.7_p7 +pkgver=17.0.8_p7 _pkgver=${pkgver%_p*}-ga pkgrel=0 pkgdesc="Oracle OpenJDK 17" @@ -44,14 +44,9 @@ subpackages="$pkgname-jmods:_jmods:noarch $pkgname-jdk:_jdk" source="jdk-$_pkgver.tar.gz::https://github.com/openjdk/jdk17u/archive/jdk-$_pkgver.tar.gz gtest-1.8.1.tar.gz::https://github.com/google/googletest/archive/release-1.8.1.tar.gz - ppc64le.patch JDK-8282306_disable-test.patch - - HelloWorld.java - TestECDSA.java - TestCryptoLevel.java - Alpine_Bug_10126.java + JDK-8218814_Wformat-security.patch " builddir="$srcdir/jdk17u-jdk-${_pkgver/+/-}" @@ -142,8 +137,8 @@ build() { --mandir=/usr/share/man \ --infodir=/usr/share/info \ --localstatedir=/var \ - --with-extra-cflags="$CFLAGS" \ - --with-extra-cxxflags="$CXXFLAGS" \ + --with-extra-cflags="$CFLAGS -D_LARGEFILE64_SOURCE" \ + --with-extra-cxxflags="$CXXFLAGS -D_LARGEFILE64_SOURCE" \ --with-extra-ldflags="$LDFLAGS" \ --with-zlib=system \ --with-libjpeg=system \ @@ -171,24 +166,6 @@ build() { } check() { - local _java_bin="./build/linux-*-server-release/images/jdk/bin" - - # 1) compile and run a simple hello world - $_java_bin/javac -d . "$srcdir"/HelloWorld.java - $_java_bin/java HelloWorld - - # 2) compile and run a testcase for unlimited policy - $_java_bin/javac -d . "$srcdir"/TestCryptoLevel.java - $_java_bin/java -cp . --add-opens java.base/javax.crypto=ALL-UNNAMED TestCryptoLevel - - # 3) compile and run a testcase for ECDSA signatures - $_java_bin/javac -d . "$srcdir"/TestECDSA.java - $_java_bin/java TestECDSA - - # 4) compile and run testcase for bug 10126 - $_java_bin/javac -d . "$srcdir"/Alpine_Bug_10126.java - $_java_bin/java Alpine_Bug_10126 - # run the gtest unittest suites # they don't take long, DO NOT DISABLE THEM! MAKEFLAGS='' make test-hotspot-gtest @@ -321,12 +298,9 @@ _jdk() { } sha512sums=" -b403c581b2a89c576ca5468ac34e1a97ef0ab2d6150d31724151b098738684ef9213d31e06fd1923f9cd8a8a1f257f032a166a502177a9b0670bea7280439969 jdk-17.0.7-ga.tar.gz +3a18290353f04ad953e8968a26e94966ec1c2e1af9b033619b80e8046abe2b521cf36d83c59761a13dee7188e4bb783a1be1dcf1b5e6251aef066034afd50c06 jdk-17.0.8-ga.tar.gz e6283c667558e1fd6e49fa96e52af0e415a3c8037afe1d28b7ff1ec4c2ef8f49beb70a9327b7fc77eb4052a58c4ccad8b5260ec90e4bceeac7a46ff59c4369d7 gtest-1.8.1.tar.gz 6d718468e1b6909e01758611bd297854a0cededed5ec3cbe08c32f809d2608ce65d7947f85288acf90815323d3c2b90f10eab1537f7fc20d5acb1c64b2c5a588 ppc64le.patch -24bae584d62de592758ffec98fec6832ce581454d8066d6ae4505b6b2187c862fdba61a4556f88419b024fe355f93e5e86a6a0db7421a759bbbbf6a940a3a2d9 JDK-8282306_disable-test.patch -d1767dddd8e0956e25c0f77ed45c6fc86a1191bae1704a6dc33be490fd20eaa50461fe5c2a3349512059d555651e2eb41437dd3c1096c351e8ee68b4534a2579 HelloWorld.java -27e91edef89d26c0c5b9a813e2045f8d2b348745a506ae37b34b660fa7093da9a4e0e676ea41dc4a5c901bce02e5304d95e90f68d6c99cbf461b2da40a7a9853 TestECDSA.java -b02dff8d549f88317bb4c741a9e269e8d59eef990197d085388fc49c7423a4eb9367dbe1e02bffb10e7862f5980301eb58d4494e177d0e8f60af6b05c7fbbe60 TestCryptoLevel.java -cc466f64fcc8762cf6e3c1f5739be6425209b27aa58acff4e7eb126003d61fa18266f0e79e57e9d84224654010185ab45dc0a8043543dea227258458a00a1eb1 Alpine_Bug_10126.java +4ee2362f4e2097eda9ca74b5333a9e8bb148adbc085be8cc66e54ccbe485fbed823bc7cf0481c1d5600c07029436ff074f2cc63fd5c722c81a261155afac5454 JDK-8282306_disable-test.patch +218217c4f0e41f709deff812e3b5dd80bf9b98935ba637f83b88a70773fefc08639a13c8072173921cd6e5605fb6e8b328758759683e7cfd3758d4bbc10a5a88 JDK-8218814_Wformat-security.patch " diff --git a/community/openjdk17/Alpine_Bug_10126.java b/community/openjdk17/Alpine_Bug_10126.java deleted file mode 100644 index a381c9ed70ac..000000000000 --- a/community/openjdk17/Alpine_Bug_10126.java +++ /dev/null @@ -1,13 +0,0 @@ -public class Alpine_Bug_10126 { - public static void main(String[] args) throws Exception { - try (java.net.Socket sock = javax.net.ssl.SSLSocketFactory.getDefault().createSocket("gitlab.alpinelinux.org", 443); - java.io.InputStream in = sock.getInputStream(); - java.io.OutputStream out = sock.getOutputStream()) { - out.write("GET / HTTP/1.0\n\nHost: gitlab.alpinelinux.org\n\nConnection: close\n\n\n\n".getBytes()); - out.flush(); - while (in.read(new byte[1024]) != -1) ; - } - System.out.println("Secured connection performed successfully"); - } -} - diff --git a/community/openjdk17/HelloWorld.java b/community/openjdk17/HelloWorld.java deleted file mode 100644 index 0be813a19015..000000000000 --- a/community/openjdk17/HelloWorld.java +++ /dev/null @@ -1,3 +0,0 @@ -public class HelloWorld { - public static void main(String[] args) { System.out.println("Hello World!"); } -} diff --git a/community/openjdk17/JDK-8218814_Wformat-security.patch b/community/openjdk17/JDK-8218814_Wformat-security.patch new file mode 100644 index 000000000000..95a54d9a09d5 --- /dev/null +++ b/community/openjdk17/JDK-8218814_Wformat-security.patch @@ -0,0 +1,17 @@ +Author: Simon Frankenberger <simon-alpine@fraho.eu> +Subject: Fix compilation of jtreg / gtest objects with -Werror=format-security CFLAGS +Upstream: Yes / closed unresolved (https://bugs.openjdk.org/browse/JDK-8218814) + +Remove the -Wno-format CLFAG for test objects + +--- old/make/common/TestFilesCompilation.gmk 2023-07-11 17:28:44.345270760 +0200 ++++ new/make/common/TestFilesCompilation.gmk 2023-07-11 17:29:57.941716556 +0200 +@@ -100,7 +100,7 @@ + CFLAGS := $$($1_BASE_CFLAGS) $$($1_CFLAGS) $$($1_CFLAGS_$$(name)), \ + CXXFLAGS := $$($1_BASE_CXXFLAGS) $$($1_CFLAGS) $$($1_CFLAGS_$$(name)), \ + LDFLAGS := $$($1_LDFLAGS) $$($1_LDFLAGS_$$(name)), \ +- DISABLED_WARNINGS_gcc := format undef unused-function unused-value, \ ++ DISABLED_WARNINGS_gcc := undef unused-function unused-value, \ + DISABLED_WARNINGS_clang := undef format-nonliteral \ + missing-field-initializers sometimes-uninitialized, \ + LIBS := $$($1_LIBS_$$(name)), \ diff --git a/community/openjdk17/JDK-8282306_disable-test.patch b/community/openjdk17/JDK-8282306_disable-test.patch index b325eedd5964..6dfe7b9a7aef 100644 --- a/community/openjdk17/JDK-8282306_disable-test.patch +++ b/community/openjdk17/JDK-8282306_disable-test.patch @@ -10,8 +10,8 @@ Disable failing test as workaround } TEST_VM(os, is_first_C_frame) { --#if !defined(_WIN32) && !defined(ZERO) -+#if !defined(_WIN32) && !defined(ZERO) && false +-#if !defined(_WIN32) && !defined(ZERO) && !defined(__thumb__) ++#if !defined(_WIN32) && !defined(ZERO) && !defined(__thumb__) && false frame invalid_frame; EXPECT_TRUE(os::is_first_C_frame(&invalid_frame)); // the frame has zeroes for all values diff --git a/community/openjdk17/TestCryptoLevel.java b/community/openjdk17/TestCryptoLevel.java deleted file mode 100644 index 3ed6c8dc15c1..000000000000 --- a/community/openjdk17/TestCryptoLevel.java +++ /dev/null @@ -1,72 +0,0 @@ -/* TestCryptoLevel -- Ensure unlimited crypto policy is in use. - Copyright (C) 2012 Red Hat, Inc. - -This program is free software: you can redistribute it and/or modify -it under the terms of the GNU Affero General Public License as -published by the Free Software Foundation, either version 3 of the -License, or (at your option) any later version. - -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU Affero General Public License for more details. - -You should have received a copy of the GNU Affero General Public License -along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -import java.lang.reflect.Field; -import java.lang.reflect.Method; -import java.lang.reflect.InvocationTargetException; - -import java.security.Permission; -import java.security.PermissionCollection; - -public class TestCryptoLevel -{ - public static void main(String[] args) - throws NoSuchFieldException, ClassNotFoundException, - IllegalAccessException, InvocationTargetException - { - Class<?> cls = null; - Method def = null, exempt = null; - - try - { - cls = Class.forName("javax.crypto.JceSecurity"); - } - catch (ClassNotFoundException ex) - { - System.err.println("Running a non-Sun JDK."); - System.exit(0); - } - try - { - def = cls.getDeclaredMethod("getDefaultPolicy"); - exempt = cls.getDeclaredMethod("getExemptPolicy"); - } - catch (NoSuchMethodException ex) - { - System.err.println("Running IcedTea with the original crypto patch."); - System.exit(0); - } - def.setAccessible(true); - exempt.setAccessible(true); - PermissionCollection defPerms = (PermissionCollection) def.invoke(null); - PermissionCollection exemptPerms = (PermissionCollection) exempt.invoke(null); - Class<?> apCls = Class.forName("javax.crypto.CryptoAllPermission"); - Field apField = apCls.getDeclaredField("INSTANCE"); - apField.setAccessible(true); - Permission allPerms = (Permission) apField.get(null); - if (defPerms.implies(allPerms) && (exemptPerms == null || exemptPerms.implies(allPerms))) - { - System.err.println("Running with the unlimited policy."); - System.exit(0); - } - else - { - System.err.println("WARNING: Running with a restricted crypto policy."); - System.exit(-1); - } - } -} diff --git a/community/openjdk17/TestECDSA.java b/community/openjdk17/TestECDSA.java deleted file mode 100644 index abd81d1cedf5..000000000000 --- a/community/openjdk17/TestECDSA.java +++ /dev/null @@ -1,49 +0,0 @@ -/* TestECDSA -- Ensure ECDSA signatures are working. - Copyright (C) 2016 Red Hat, Inc. - -This program is free software: you can redistribute it and/or modify -it under the terms of the GNU Affero General Public License as -published by the Free Software Foundation, either version 3 of the -License, or (at your option) any later version. - -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU Affero General Public License for more details. - -You should have received a copy of the GNU Affero General Public License -along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -import java.math.BigInteger; -import java.security.KeyPair; -import java.security.KeyPairGenerator; -import java.security.Signature; - -/** - * @test - */ -public class TestECDSA { - - public static void main(String[] args) throws Exception { - KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC"); - KeyPair key = keyGen.generateKeyPair(); - - byte[] data = "This is a string to sign".getBytes("UTF-8"); - - Signature dsa = Signature.getInstance("NONEwithECDSA"); - dsa.initSign(key.getPrivate()); - dsa.update(data); - byte[] sig = dsa.sign(); - System.out.println("Signature: " + new BigInteger(1, sig).toString(16)); - - Signature dsaCheck = Signature.getInstance("NONEwithECDSA"); - dsaCheck.initVerify(key.getPublic()); - dsaCheck.update(data); - boolean success = dsaCheck.verify(sig); - if (!success) { - throw new RuntimeException("Test failed. Signature verification error"); - } - System.out.println("Test passed."); - } -} -- GitLab