- Add 2012/10/16 security patches from IcedTea6 1.11.5. [1]

http://icedtea.classpath.org/hg/release/icedtea6-1.11/rev/d9564350faa6 http://blog.fuseyism.com/index.php/2012/10/19/security-icedtea-1-10-10-1-11-15-2-1-3-2-2-3-2-3-3-released/ - Completely turn off parallel build by default and remove parallel build hack for HotSpot. There were several reports that it fails to build under certain environment, ports/162991 for example. Users can still do parallel build by setting FORCE_MAKE_JOBS (and MAKE_JOBS_NUMBER if desired). - Implement os::available_memory(). Now it is consistent with "vm.vmtotal" sysctl(3) MIB rather than bogus (physical memory / 4). - Prefer sysconf(_SC_NPROCESSORS_CONF) over HW_NCPU sysctl MIB to get the number of installed processors. There is no functional difference except for CURRENT, which obtains the information from ELF aux vector. - Prefer sysconf(_SC_PHYS_PAGES) * sysconf(_SC_PAGESIZE) over HW_USERMEM sysctl MIB to get size of physical memory. Although it looks more logical to find currently available memory, it has an inevitable side-effect, i. e., it changes dynamically depending on current wired page count. Therefore, it is unpredictable and not too useful some times. For example, launcher uses the parameter to determine initial heap size and machine class for i386. Now it is more consistent with other places (and Linux JDK/JREs, including the ones we have in ports tree). - Implement os::active_processor_count() using cpuset_getaffinity(2). For example, Runtime.getRuntime().availableProcessors() now returns number of available processors for the current process as it should. - Sync. launchers (java_md.c) for HotSpot and JDK as much as possible for maintainability. As a good side-effect, launcher for i386 can now determine machine class based on the current hardware configuration. Previously, client VM was always chosen by default. - Fix CounterGet(), which is only used for debugging launcher. - Add swap info for os::print_memory_info(). Obtained from: IcedTea project [1] Feature safe: yes
author: Jung-uk Kim <jkim@FreeBSD.org> 2012-10-19 22:43:10 +0000
committer: Jung-uk Kim <jkim@FreeBSD.org> 2012-10-19 22:43:10 +0000
commit: 81a8a55b63815f66e325d8ba0051a10e48f90bd1 (patch)
tree: 583a72c17d448ec15fd905bf3467d0378376c4de /java/openjdk6/files/icedtea/security/7189567.patch
parent: Update to 7u9. (diff)
1 files changed, 95 insertions, 0 deletions
diff --git a/java/openjdk6/files/icedtea/security/7189567.patch b/java/openjdk6/files/icedtea/security/7189567.patch
new file mode 100644
index 000000000000..9ba015744f67
--- /dev/null
+++ b/java/openjdk6/files/icedtea/security/7189567.patch
@@ -0,0 +1,95 @@
+# HG changeset patch
+# User robm
+# Date 1347900712 -3600
+# Node ID aa1fa3f96d77541a3bafd767001f3100fe6b8a5a
+# Parent  7fe230af5036c83eb337b3560821b97c6dec08c9
+7189567: java net obselete protocol
+Reviewed-by: chegar
+
+diff --git a/src/share/classes/java/net/URL.java b/src/share/classes/java/net/URL.java
+--- jdk/src/share/classes/java/net/URL.java
++++ jdk/src/share/classes/java/net/URL.java
+@@ -1,5 +1,5 @@
+ /*
+- * Copyright (c) 1995, 2007, Oracle and/or its affiliates. All rights reserved.
++ * Copyright (c) 1995, 2012, Oracle and/or its affiliates. All rights reserved.
+  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+  *
+  * This code is free software; you can redistribute it and/or modify it
+@@ -28,6 +28,8 @@
+ import java.io.IOException;
+ import java.io.InputStream;
+ import java.io.OutputStream;
++import java.security.AccessController;
++import java.security.PrivilegedAction;
+ import java.util.Hashtable;
+ import java.util.StringTokenizer;
+ import sun.security.util.SecurityConstants;
+@@ -1110,6 +1112,21 @@
+     static Hashtable handlers = new Hashtable();
+     private static Object streamHandlerLock = new Object();
+ 
++    // special case the gopher protocol, disabled by default
++    private static final String GOPHER = "gopher";
++    private static final String ENABLE_GOPHER_PROP = "jdk.net.registerGopherProtocol";
++    private static final boolean enableGopher = AccessController.doPrivileged(
++        new PrivilegedAction<Boolean>() {
++            public Boolean run() {
++                String prop = System.getProperty(ENABLE_GOPHER_PROP);
++                return prop == null ? false :
++                   (prop.equalsIgnoreCase("false") ? false : true);
++             }
++        });
++
++    // package name of the JDK implementation protocol handlers
++    private static final String JDK_PACKAGE_PREFIX =  "sun.net.www.protocol";
++
+     /**
+      * Returns the Stream Handler.
+      * @param protocol the protocol to use
+@@ -1141,7 +1158,7 @@
+ 
+                 // REMIND: decide whether to allow the "null" class prefix
+                 // or not.
+-                packagePrefixList += "sun.net.www.protocol";
++                packagePrefixList += JDK_PACKAGE_PREFIX;
+ 
+                 StringTokenizer packagePrefixIter =
+                     new StringTokenizer(packagePrefixList, "|");
+@@ -1151,6 +1168,15 @@
+ 
+                     String packagePrefix =
+                       packagePrefixIter.nextToken().trim();
++
++                    // do not try to instantiate the JDK gopher handler
++                    // unless the system property had been explicitly set
++                    if (protocol.equalsIgnoreCase(GOPHER) &&
++                        packagePrefix.equals(JDK_PACKAGE_PREFIX) &&
++                        !enableGopher) {
++                            continue;
++                    }
++
+                     try {
+                         String clsName = packagePrefix + "." + protocol +
+                           ".Handler";
+diff --git a/test/java/net/URL/Test.java b/test/java/net/URL/Test.java
+--- jdk/test/java/net/URL/Test.java
++++ jdk/test/java/net/URL/Test.java
+@@ -1,5 +1,5 @@
+ /*
+- * Copyright (c) 2001, 2003, Oracle and/or its affiliates. All rights reserved.
++ * Copyright (c) 2001, 2012, Oracle and/or its affiliates. All rights reserved.
+  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+  *
+  * This code is free software; you can redistribute it and/or modify it
+@@ -322,10 +322,6 @@
+         test("ftp://ftp.is.co.za/rfc/rfc1808.txt")
+             .s("ftp").h("ftp.is.co.za").p("/rfc/rfc1808.txt").z();
+ 
+-        test("gopher://spinaltap.micro.umn.edu/00/Weather/California/Los%20Angeles")
+-            .s("gopher").h("spinaltap.micro.umn.edu")
+-            .p("/00/Weather/California/Los%20Angeles").z();
+-
+         test("http://www.math.uio.no/faq/compression-faq/part1.html")
+             .s("http").h("www.math.uio.no").p("/faq/compression-faq/part1.html").z();
+
author	Jung-uk Kim <jkim@FreeBSD.org>	2012-10-19 22:43:10 +0000
committer	Jung-uk Kim <jkim@FreeBSD.org>	2012-10-19 22:43:10 +0000
commit	81a8a55b63815f66e325d8ba0051a10e48f90bd1 (patch)
tree	583a72c17d448ec15fd905bf3467d0378376c4de /java/openjdk6/files/icedtea/security/7189567.patch
parent	Update to 7u9. (diff)