Update OpenJDK to 15
This commit is contained in:
parent
add6024867
commit
5f3bdad081
|
@ -3,7 +3,7 @@
|
|||
# This script is used as a reference to generate a stripped-down JRE for the server
|
||||
|
||||
rm -rf java/
|
||||
wget https://github.com/AdoptOpenJDK/openjdk14-binaries/releases/download/jdk-14.0.2%2B12/OpenJDK14U-jdk_x64_linux_hotspot_14.0.2_12.tar.gz
|
||||
wget https://github.com/AdoptOpenJDK/openjdk15-binaries/releases/download/jdk-15.0.2%2B7/OpenJDK15U-jdk_x64_linux_hotspot_15.0.2_7.tar.gz
|
||||
tar -zxvf OpenJDK*
|
||||
rm OpenJDK*
|
||||
mv jdk* jdk/
|
||||
|
|
Binary file not shown.
|
@ -115,7 +115,7 @@ security.provider.12=SunPKCS11
|
|||
# and "DRBG" SecureRandom implementations in the "Sun" provider.
|
||||
# (Other SecureRandom implementations might also use this property.)
|
||||
#
|
||||
# On Unix-like systems (for example, Solaris/Linux/MacOS), the
|
||||
# On Unix-like systems (for example, Linux/MacOS), the
|
||||
# "NativePRNG", "SHA1PRNG" and "DRBG" implementations obtains seed data from
|
||||
# special device files such as file:/dev/random.
|
||||
#
|
||||
|
@ -251,15 +251,18 @@ policy.provider=sun.security.provider.PolicyFile
|
|||
policy.url.1=file:${java.home}/conf/security/java.policy
|
||||
policy.url.2=file:${user.home}/.java.policy
|
||||
|
||||
# whether or not we expand properties in the policy file
|
||||
# if this is set to false, properties (${...}) will not be expanded in policy
|
||||
# files.
|
||||
# Controls whether or not properties are expanded in policy and login
|
||||
# configuration files. If set to false, properties (${...}) will not
|
||||
# be expanded in policy and login configuration files. If commented out or
|
||||
# set to an empty string, the default value is "false" for policy files and
|
||||
# "true" for login configuration files.
|
||||
#
|
||||
policy.expandProperties=true
|
||||
|
||||
# whether or not we allow an extra policy to be passed on the command line
|
||||
# with -Djava.security.policy=somefile. Comment out this line to disable
|
||||
# this feature.
|
||||
# Controls whether or not an extra policy or login configuration file is
|
||||
# allowed to be passed on the command line with -Djava.security.policy=somefile
|
||||
# or -Djava.security.auth.login.config=somefile. If commented out or set to
|
||||
# an empty string, the default value is "false".
|
||||
#
|
||||
policy.allowSystemProperty=true
|
||||
|
||||
|
@ -631,6 +634,26 @@ jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \
|
|||
RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224, \
|
||||
include jdk.disabled.namedCurves
|
||||
|
||||
#
|
||||
# Legacy algorithms for certification path (CertPath) processing and
|
||||
# signed JAR files.
|
||||
#
|
||||
# In some environments, a certain algorithm or key length may be undesirable
|
||||
# but is not yet disabled.
|
||||
#
|
||||
# Tools such as keytool and jarsigner may emit warnings when these legacy
|
||||
# algorithms are used. See the man pages for those tools for more information.
|
||||
#
|
||||
# The syntax is the same as the "jdk.certpath.disabledAlgorithms" and
|
||||
# "jdk.jar.disabledAlgorithms" security properties.
|
||||
#
|
||||
# Note: This property is currently used by the JDK Reference
|
||||
# implementation. It is not guaranteed to be examined and used by other
|
||||
# implementations.
|
||||
|
||||
jdk.security.legacyAlgorithms=SHA1, \
|
||||
RSA keySize < 2048, DSA keySize < 2048
|
||||
|
||||
#
|
||||
# Algorithm restrictions for signed JAR files
|
||||
#
|
||||
|
@ -768,11 +791,7 @@ jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \
|
|||
# Example:
|
||||
# jdk.tls.legacyAlgorithms=DH_anon, DES_CBC, SSL_RSA_WITH_RC4_128_MD5
|
||||
#
|
||||
jdk.tls.legacyAlgorithms= \
|
||||
K_NULL, C_NULL, M_NULL, \
|
||||
DH_anon, ECDH_anon, \
|
||||
RC4_128, RC4_40, DES_CBC, DES40_CBC, \
|
||||
3DES_EDE_CBC
|
||||
jdk.tls.legacyAlgorithms=NULL, anon, RC4, DES, 3DES_EDE_CBC
|
||||
|
||||
#
|
||||
# The pre-defined default finite field Diffie-Hellman ephemeral (DHE)
|
||||
|
@ -1277,3 +1296,16 @@ jdk.io.permissionsUseCanonicalPath=false
|
|||
# security property value defined here.
|
||||
#
|
||||
#jdk.security.krb5.default.initiate.credential=always-impersonate
|
||||
|
||||
#
|
||||
# Trust Anchor Certificates - CA Basic Constraint check
|
||||
#
|
||||
# X.509 v3 certificates used as Trust Anchors (to validate signed code or TLS
|
||||
# connections) must have the cA Basic Constraint field set to 'true'. Also, if
|
||||
# they include a Key Usage extension, the keyCertSign bit must be set. These
|
||||
# checks, enabled by default, can be disabled for backward-compatibility
|
||||
# purposes with the jdk.security.allowNonCaAnchor System and Security
|
||||
# properties. In the case that both properties are simultaneously set, the
|
||||
# System value prevails. The default value of the property is "false".
|
||||
#
|
||||
#jdk.security.allowNonCaAnchor=true
|
||||
|
|
File diff suppressed because it is too large
Load Diff
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -1,20 +1,39 @@
|
|||
Algorithm=SHA-256
|
||||
03DB9E5E79FE6117177F81C11595AF598CB176AF766290DBCEB2C318B32E39A2
|
||||
08C396C006A21055D00826A5781A5CCFCE2C8D053AB3C197637A4A7A5BB9A650
|
||||
14E6D2764A4B06701C6CBC376A253775F79C782FBCB6C0EE6F99DE4BA1024ADD
|
||||
1C5E6985ACC09221DBD1A4B7BBC6D3A8C3F8540D19F20763A9537FDD42B4FFE7
|
||||
1F6BF8A3F2399AF7FD04516C2719C566CBAD51F412738F66D0457E1E6BDE6F2D
|
||||
2A464E4113141352C7962FBD1706ED4B88533EF24D7BBA6CCC5D797FD202F1C4
|
||||
31C8FD37DB9B56E708B03D1F01848B068C6DA66F36FB5D82C008C6040FA3E133
|
||||
3946901F46B0071E90D78279E82FABABCA177231A704BE72C5B0E8918566EA66
|
||||
3E11CF90719F6FB44D94EAC9A156B89BEBE7B8598F28EC58913F2BFCAF91D0C0
|
||||
423279423B9FC8CB06F1BB7C3B247522B948D5F18939F378ECC901126DE40BFB
|
||||
450F1B421BB05C8609854884559C323319619E8B06B001EA2DCBB74A23AA3BE2
|
||||
4CBBF8256BC9888A8007B2F386940A2E394378B0D903CBB3863C5A6394B889CE
|
||||
4FEE0163686ECBD65DB968E7494F55D84B25486D438E9DE558D629D28CD4D176
|
||||
535D04DFCE027C70BD5F8A9E0AD4F218E9AFDCF5BBCF9B6DE0D81E148E2E3172
|
||||
568FAF38D9F155F624838E2181B1CEB4D8459305EE652B0F810C97C3611BFE19
|
||||
585CFE6B7436CBD4E732763A2137D7F49599BA9B1790E688FCEC799C58EB84A6
|
||||
5E83124D68D24E8E177E306DF643D5EA99C5A94D6FC34B072F7544A1CABB7C7B
|
||||
71CB00749B9130FB2707A2664BFF958D0FCC8E161D9674C7450BA0FC2BEAF9D3
|
||||
76A45A496031E4DD2D7ED23E8F6FF97DBDEA980BAAC8B0BA94D7EDB551348645
|
||||
8A1BD21661C60015065212CC98B1ABB50DFD14C872A208E66BAE890F25C448AF
|
||||
9ED8F9B0E8E42A1656B8E1DD18F42BA42DC06FE52686173BA2FC70E756F207DC
|
||||
9FADCE80D62A959F9930D748488C1E22E821F4E1E4A43584B848C2FC11E04D77
|
||||
A686FEE577C88AB664D0787ECDFFF035F4806F3DE418DC9E4D516324FFF02083
|
||||
A90132CEA1D4F7185E4F688EFFD16F6AC14DFD78356A807599A5DABBEEF3333E
|
||||
B8686723E415534BC0DBD16326F9486F85B0B0799BF6639334E61DAAE67F36CD
|
||||
C0D1F42B9F4BF7ACC045B7BB5D4805E10737F67B6310CE505248D543D0D5FE07
|
||||
D0156949F1381943442C6974E9B5B49EF441BB799EF20477B90A89C3F33620CE
|
||||
D151962D954970501C60079258EBCFA38502E0A9F03CD640322B08C0A3117FE5
|
||||
D24566BF315F4E597D6E381C87119FB4198F5E9E2607F5F4AB362EF7E2E7672F
|
||||
D3A936E1A7775A45217C8296A1F22AC5631DCDEC45594099E78EEEBBEDCBA967
|
||||
D6CEAE5D9E047FAF7D797858D229AC991AD44316D1E2A37A21926D763153593A
|
||||
DF21016B00FC54F9FE3BC8B039911BB216E9162FAD2FD14D990AB96E951B49BE
|
||||
E0E740E4B0F8B3548181FF75B5372FAF4C70B99EC995D694ED0FB91B03FF8D21
|
||||
EC30C9C3065A06BB07DC5B1C6B497F370C1CA65C0F30C08E042BA6BCECC78F2C
|
||||
F5B6F88F75D391A4B1EB336F9E201239FB6B1377DB8CFA7B84736216E5AFFFD7
|
||||
FBB12938ABD86C125796EDF4162D291028890A7D6C0C1CCA75FD4B95EBFA7A1A
|
||||
FC02FD48DB92D4DCE6F11679D38354CF750CFC7F584A520EB90BDE80E241F2BD
|
||||
FDEDB5BDFCB67411513A61AEE5CB5B5D7C52AF06028EFC996CC1B05B1D6CEA2B
|
||||
|
|
Binary file not shown.
|
@ -78,6 +78,8 @@ grant codeBase "jrt:/java.sql.rowset" {
|
|||
|
||||
|
||||
grant codeBase "jrt:/java.xml.crypto" {
|
||||
permission java.lang.RuntimePermission
|
||||
"getStackWalkerWithClassReference";
|
||||
permission java.lang.RuntimePermission
|
||||
"accessClassInPackage.sun.security.util";
|
||||
permission java.util.PropertyPermission "*", "read";
|
||||
|
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -1,2 +1,2 @@
|
|||
JAVA_VERSION="14.0.2"
|
||||
JAVA_VERSION="15.0.2"
|
||||
MODULES="java.base java.datatransfer java.xml java.prefs java.desktop java.logging java.management java.security.sasl java.naming java.net.http java.scripting java.transaction.xa java.sql jdk.crypto.ec jdk.unsupported jdk.zipfs"
|
||||
|
|
Loading…
Reference in New Issue