Update OpenJDK to 18
This commit is contained in:
parent
3443b8c5a2
commit
31db1206c9
|
@ -3,7 +3,7 @@
|
|||
# This script is used as a reference to generate a stripped-down JRE for the server
|
||||
|
||||
rm -rf java/
|
||||
curl -L https://download.java.net/java/GA/jdk17.0.1/2a2082e5a09d4267845be086888add4f/12/GPL/openjdk-17.0.1_linux-x64_bin.tar.gz > openjdk.tar.gz
|
||||
curl -L https://download.java.net/java/GA/jdk18.0.1.1/65ae32619e2f40f3a9af3af1851d6e19/2/GPL/openjdk-18.0.1.1_linux-x64_bin.tar.gz > openjdk.tar.gz
|
||||
tar -zxvf openjdk.tar.gz
|
||||
rm openjdk.tar.gz
|
||||
mv jdk* jdk/
|
||||
|
|
Binary file not shown.
|
@ -547,7 +547,7 @@ sun.security.krb5.maxReferrals=5
|
|||
# can be included in the disabledAlgorithms properties. These properties are
|
||||
# to help manage common actions easier across multiple disabledAlgorithm
|
||||
# properties.
|
||||
# There is one defined security property: jdk.disabled.NamedCurves
|
||||
# There is one defined security property: jdk.disabled.namedCurves
|
||||
# See the property for more specific details.
|
||||
#
|
||||
#
|
||||
|
@ -623,7 +623,8 @@ sun.security.krb5.maxReferrals=5
|
|||
#
|
||||
#
|
||||
jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \
|
||||
RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224
|
||||
RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224, \
|
||||
SHA1 usage SignedJAR & denyAfter 2019-01-01
|
||||
|
||||
#
|
||||
# Legacy algorithms for certification path (CertPath) processing and
|
||||
|
@ -687,7 +688,7 @@ jdk.security.legacyAlgorithms=SHA1, \
|
|||
# See "jdk.certpath.disabledAlgorithms" for syntax descriptions.
|
||||
#
|
||||
jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \
|
||||
DSA keySize < 1024
|
||||
DSA keySize < 1024, SHA1 denyAfter 2019-01-01
|
||||
|
||||
#
|
||||
# Algorithm restrictions for Secure Socket Layer/Transport Layer Security
|
||||
|
@ -1353,3 +1354,29 @@ jdk.tls.alpnCharset=ISO_8859_1
|
|||
# The default pattern value allows any object factory class specified by the reference
|
||||
# instance to recreate the referenced object.
|
||||
#jdk.jndi.object.factoriesFilter=*
|
||||
|
||||
#
|
||||
# Policy for non-forwardable service ticket in a S4U2proxy request
|
||||
#
|
||||
# The Service for User to Proxy (S4U2proxy) Kerberos extension enables a middle service
|
||||
# to obtain a service ticket to another service on behalf of a user. It requires that
|
||||
# the user's service ticket to the first service has the forwardable flag set [1].
|
||||
# However, some KDC implementations ignore this requirement and accept service tickets
|
||||
# with the flag unset.
|
||||
#
|
||||
# If this security property is set to "true", then
|
||||
#
|
||||
# 1) The user service ticket, when obtained by the middle service after a S4U2self
|
||||
# impersonation, is not required to have the forwardable flag set; and,
|
||||
#
|
||||
# 2) If a S4U2proxy request receives a KRB_ERROR of the KDC_ERR_BADOPTION error code
|
||||
# and the ticket to the middle service is not forwardable, OpenJDK will try the same
|
||||
# request with another KDC instead of treating it as a fatal failure.
|
||||
#
|
||||
# The default value is "false".
|
||||
#
|
||||
# If a system property of the same name is also specified, it supersedes the
|
||||
# security property value defined here.
|
||||
#
|
||||
# [1] https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-sfu/bde93b0e-f3c9-4ddf-9f44-e1453be7af5a
|
||||
#jdk.security.krb5.s4u2proxy.acceptNonForwardableServiceTicket=false
|
||||
|
|
File diff suppressed because it is too large
Load Diff
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -111,6 +111,8 @@ grant codeBase "jrt:/jdk.accessibility" {
|
|||
grant codeBase "jrt:/jdk.charsets" {
|
||||
permission java.util.PropertyPermission "os.name", "read";
|
||||
permission java.lang.RuntimePermission "charsetProvider";
|
||||
permission java.lang.RuntimePermission
|
||||
"accessClassInPackage.jdk.internal.access";
|
||||
permission java.lang.RuntimePermission
|
||||
"accessClassInPackage.jdk.internal.misc";
|
||||
permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.cs";
|
||||
|
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -1,2 +1,2 @@
|
|||
JAVA_VERSION="17.0.1"
|
||||
JAVA_VERSION="18.0.1.1"
|
||||
MODULES="java.base java.datatransfer java.xml java.prefs java.desktop java.instrument java.logging java.management java.security.sasl java.naming java.net.http java.scripting java.security.jgss java.transaction.xa java.sql jdk.crypto.ec jdk.security.auth jdk.unsupported jdk.zipfs"
|
||||
|
|
Loading…
Reference in New Issue