Update OpenJDK to 18

This commit is contained in:
kaboom 2022-05-02 20:06:28 +03:00
parent 3443b8c5a2
commit 31db1206c9
37 changed files with 1375 additions and 1333 deletions

View file

@ -3,7 +3,7 @@
# This script is used as a reference to generate a stripped-down JRE for the server
rm -rf java/
curl -L https://download.java.net/java/GA/jdk17.0.1/2a2082e5a09d4267845be086888add4f/12/GPL/openjdk-17.0.1_linux-x64_bin.tar.gz > openjdk.tar.gz
curl -L https://download.java.net/java/GA/jdk18.0.1.1/65ae32619e2f40f3a9af3af1851d6e19/2/GPL/openjdk-18.0.1.1_linux-x64_bin.tar.gz > openjdk.tar.gz
tar -zxvf openjdk.tar.gz
rm openjdk.tar.gz
mv jdk* jdk/

BIN
vendor/java/bin/java vendored

Binary file not shown.

View file

@ -547,7 +547,7 @@ sun.security.krb5.maxReferrals=5
# can be included in the disabledAlgorithms properties. These properties are
# to help manage common actions easier across multiple disabledAlgorithm
# properties.
# There is one defined security property: jdk.disabled.NamedCurves
# There is one defined security property: jdk.disabled.namedCurves
# See the property for more specific details.
#
#
@ -623,7 +623,8 @@ sun.security.krb5.maxReferrals=5
#
#
jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \
RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224
RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224, \
SHA1 usage SignedJAR & denyAfter 2019-01-01
#
# Legacy algorithms for certification path (CertPath) processing and
@ -687,7 +688,7 @@ jdk.security.legacyAlgorithms=SHA1, \
# See "jdk.certpath.disabledAlgorithms" for syntax descriptions.
#
jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \
DSA keySize < 1024
DSA keySize < 1024, SHA1 denyAfter 2019-01-01
#
# Algorithm restrictions for Secure Socket Layer/Transport Layer Security
@ -1353,3 +1354,29 @@ jdk.tls.alpnCharset=ISO_8859_1
# The default pattern value allows any object factory class specified by the reference
# instance to recreate the referenced object.
#jdk.jndi.object.factoriesFilter=*
#
# Policy for non-forwardable service ticket in a S4U2proxy request
#
# The Service for User to Proxy (S4U2proxy) Kerberos extension enables a middle service
# to obtain a service ticket to another service on behalf of a user. It requires that
# the user's service ticket to the first service has the forwardable flag set [1].
# However, some KDC implementations ignore this requirement and accept service tickets
# with the flag unset.
#
# If this security property is set to "true", then
#
# 1) The user service ticket, when obtained by the middle service after a S4U2self
# impersonation, is not required to have the forwardable flag set; and,
#
# 2) If a S4U2proxy request receives a KRB_ERROR of the KDC_ERR_BADOPTION error code
# and the ticket to the middle service is not forwardable, OpenJDK will try the same
# request with another KDC instead of treating it as a fatal failure.
#
# The default value is "false".
#
# If a system property of the same name is also specified, it supersedes the
# security property value defined here.
#
# [1] https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-sfu/bde93b0e-f3c9-4ddf-9f44-e1453be7af5a
#jdk.security.krb5.s4u2proxy.acceptNonForwardableServiceTicket=false

File diff suppressed because it is too large Load diff

BIN
vendor/java/lib/jexec vendored

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

View file

@ -111,6 +111,8 @@ grant codeBase "jrt:/jdk.accessibility" {
grant codeBase "jrt:/jdk.charsets" {
permission java.util.PropertyPermission "os.name", "read";
permission java.lang.RuntimePermission "charsetProvider";
permission java.lang.RuntimePermission
"accessClassInPackage.jdk.internal.access";
permission java.lang.RuntimePermission
"accessClassInPackage.jdk.internal.misc";
permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.cs";

Binary file not shown.

Binary file not shown.

Binary file not shown.

2
vendor/java/release vendored
View file

@ -1,2 +1,2 @@
JAVA_VERSION="17.0.1"
JAVA_VERSION="18.0.1.1"
MODULES="java.base java.datatransfer java.xml java.prefs java.desktop java.instrument java.logging java.management java.security.sasl java.naming java.net.http java.scripting java.security.jgss java.transaction.xa java.sql jdk.crypto.ec jdk.security.auth jdk.unsupported jdk.zipfs"