diff --git a/packages/j/java-22-openjdk/.files b/packages/j/java-22-openjdk/.files
index 1d57447..c74d523 100644
Binary files a/packages/j/java-22-openjdk/.files and b/packages/j/java-22-openjdk/.files differ
diff --git a/packages/j/java-22-openjdk/.rev b/packages/j/java-22-openjdk/.rev
index bbcb3da..2bfe36b 100644
--- a/packages/j/java-22-openjdk/.rev
+++ b/packages/j/java-22-openjdk/.rev
@@ -7,4 +7,12 @@
Build 36 is the official OpenJDK 22 release
1159653
+
+ 3d295ef11ae4399e2a0d4f1d0f318bc0
+ 22.0.1.0
+
+ anag+factory
+ April 2024 CPU
+ 1168901
+
diff --git a/packages/j/java-22-openjdk/PStack-808293.patch b/packages/j/java-22-openjdk/PStack-808293.patch
index 4b488f0..50461a4 100644
--- a/packages/j/java-22-openjdk/PStack-808293.patch
+++ b/packages/j/java-22-openjdk/PStack-808293.patch
@@ -1,6 +1,6 @@
--- a/src/jdk.hotspot.agent/share/classes/sun/jvm/hotspot/tools/PStack.java
+++ b/src/jdk.hotspot.agent/share/classes/sun/jvm/hotspot/tools/PStack.java
-@@ -101,7 +101,8 @@ public class PStack extends Tool {
+@@ -101,7 +101,8 @@ public void run(PrintStream out, Debugger dbg) {
if (jthread != null) {
jthread.printThreadInfoOn(out);
}
@@ -10,7 +10,7 @@
ClosestSymbol sym = f.closestSymbolToPC();
Address pc = f.pc();
out.print(pc + "\t");
-@@ -183,10 +184,19 @@ public class PStack extends Tool {
+@@ -183,10 +184,19 @@ public void run(PrintStream out, Debugger dbg) {
}
}
}
diff --git a/packages/j/java-22-openjdk/disable-doclint-by-default.patch b/packages/j/java-22-openjdk/disable-doclint-by-default.patch
index c8007f0..0dfc8c5 100644
--- a/packages/j/java-22-openjdk/disable-doclint-by-default.patch
+++ b/packages/j/java-22-openjdk/disable-doclint-by-default.patch
@@ -1,6 +1,6 @@
--- a/src/jdk.javadoc/share/classes/jdk/javadoc/internal/doclets/toolkit/BaseConfiguration.java
+++ b/src/jdk.javadoc/share/classes/jdk/javadoc/internal/doclets/toolkit/BaseConfiguration.java
-@@ -795,7 +795,7 @@ public abstract class BaseConfiguration {
+@@ -631,7 +631,7 @@ public void initDocLint(List opts, Set customTagNames) {
}
} else {
// no -Xmsgs options of any kind, use default
@@ -11,7 +11,7 @@
if (!customTagNames.isEmpty()) {
--- a/test/langtools/jdk/javadoc/tool/doclint/DocLintTest.java
+++ b/test/langtools/jdk/javadoc/tool/doclint/DocLintTest.java
-@@ -150,12 +150,12 @@ public class DocLintTest {
+@@ -150,12 +150,12 @@ void run() throws Exception {
files = List.of(new TestJFO("Test.java", code));
test(List.of(htmlVersion),
@@ -28,7 +28,7 @@
// test(List.of("-Xdoclint:none"),
// Main.Result.OK,
-@@ -178,8 +178,8 @@ public class DocLintTest {
+@@ -178,8 +178,8 @@ void run() throws Exception {
EnumSet.of(Message.DL_WRN14));
test(List.of(htmlVersion, rawDiags, "-private"),
diff --git a/packages/j/java-22-openjdk/fips.patch b/packages/j/java-22-openjdk/fips.patch
index 6250367..e395d57 100644
--- a/packages/j/java-22-openjdk/fips.patch
+++ b/packages/j/java-22-openjdk/fips.patch
@@ -1,6 +1,6 @@
---- jdk22u-jdk-22-36/make/autoconf/build-aux/pkg.m4 2024-03-15 16:05:55.017767821 +0100
-+++ jdk22u-jdk-22-36/make/autoconf/build-aux/pkg.m4 2024-03-15 16:08:34.387868998 +0100
-@@ -179,3 +179,19 @@
+--- a/make/autoconf/build-aux/pkg.m4
++++ b/make/autoconf/build-aux/pkg.m4
+@@ -179,3 +179,19 @@ else
ifelse([$3], , :, [$3])
fi[]dnl
])# PKG_CHECK_MODULES
@@ -20,26 +20,8 @@
+
+AS_VAR_IF([$1], [""], [$5], [$4])dnl
+])dnl PKG_CHECK_VAR
---- jdk22u-jdk-22-36/make/autoconf/libraries.m4 2024-03-15 16:05:55.017767821 +0100
-+++ jdk22u-jdk-22-36/make/autoconf/libraries.m4 2024-03-15 16:08:34.387868998 +0100
-@@ -35,6 +35,7 @@
- m4_include([lib-x11.m4])
-
- m4_include([lib-tests.m4])
-+m4_include([lib-sysconf.m4])
-
- ################################################################################
- # Determine which libraries are needed for this configuration
-@@ -128,6 +129,7 @@
- LIB_SETUP_X11
-
- LIB_TESTS_SETUP_GTEST
-+ LIB_SETUP_SYSCONF_LIBS
-
- BASIC_JDKLIB_LIBS=""
- BASIC_JDKLIB_LIBS_TARGET=""
---- jdk22u-jdk-22-36/make/autoconf/lib-sysconf.m4 1970-01-01 01:00:00.000000000 +0100
-+++ jdk22u-jdk-22-36/make/autoconf/lib-sysconf.m4 2024-03-15 16:08:34.387868998 +0100
+--- /dev/null
++++ b/make/autoconf/lib-sysconf.m4
@@ -0,0 +1,87 @@
+#
+# Copyright (c) 2021, Red Hat, Inc.
@@ -128,9 +110,27 @@
+ AC_SUBST(USE_SYSCONF_NSS)
+ AC_SUBST(NSS_LIBDIR)
+])
---- jdk22u-jdk-22-36/make/autoconf/spec.gmk.in 2024-03-15 16:05:55.017767821 +0100
-+++ jdk22u-jdk-22-36/make/autoconf/spec.gmk.in 2024-03-15 16:11:32.251315250 +0100
-@@ -830,6 +830,11 @@
+--- a/make/autoconf/libraries.m4
++++ b/make/autoconf/libraries.m4
+@@ -35,6 +35,7 @@ m4_include([lib-std.m4])
+ m4_include([lib-x11.m4])
+
+ m4_include([lib-tests.m4])
++m4_include([lib-sysconf.m4])
+
+ ################################################################################
+ # Determine which libraries are needed for this configuration
+@@ -128,6 +129,7 @@ AC_DEFUN_ONCE([LIB_SETUP_LIBRARIES],
+ LIB_SETUP_X11
+
+ LIB_TESTS_SETUP_GTEST
++ LIB_SETUP_SYSCONF_LIBS
+
+ BASIC_JDKLIB_LIBS=""
+ BASIC_JDKLIB_LIBS_TARGET=""
+--- a/make/autoconf/spec.gmk.in
++++ b/make/autoconf/spec.gmk.in
+@@ -831,6 +831,11 @@ PANDOC_MARKDOWN_FLAG := @PANDOC_MARKDOWN_FLAG@
# Libraries
#
@@ -142,9 +142,9 @@
USE_EXTERNAL_LCMS := @USE_EXTERNAL_LCMS@
LCMS_CFLAGS := @LCMS_CFLAGS@
LCMS_LIBS := @LCMS_LIBS@
---- jdk22u-jdk-22-36/make/modules/java.base/Gendata.gmk 2024-03-15 16:05:55.097767871 +0100
-+++ jdk22u-jdk-22-36/make/modules/java.base/Gendata.gmk 2024-03-15 16:08:34.387868998 +0100
-@@ -98,3 +98,17 @@
+--- a/make/modules/java.base/Gendata.gmk
++++ b/make/modules/java.base/Gendata.gmk
+@@ -98,3 +98,17 @@ $(GENDATA_JAVA_SECURITY): $(BUILD_TOOLS_JDK) $(GENDATA_JAVA_SECURITY_SRC) $(REST
TARGETS += $(GENDATA_JAVA_SECURITY)
################################################################################
@@ -162,12 +162,13 @@
+TARGETS += $(GENDATA_NSS_FIPS_CFG)
+
+################################################################################
---- jdk22u-jdk-22-36/make/modules/java.base/Lib.gmk 2024-03-15 16:05:55.101101207 +0100
-+++ jdk22u-jdk-22-36/make/modules/java.base/Lib.gmk 2024-03-15 16:08:34.387868998 +0100
-@@ -165,6 +165,29 @@
+--- a/make/modules/java.base/Lib.gmk
++++ b/make/modules/java.base/Lib.gmk
+@@ -164,6 +164,29 @@ ifeq ($(call isTargetOsType, unix), true)
+ endif
endif
- ################################################################################
++################################################################################
+# Create the systemconf library
+
+LIBSYSTEMCONF_CFLAGS :=
@@ -190,12 +191,11 @@
+
+TARGETS += $(BUILD_LIBSYSTEMCONF)
+
-+################################################################################
+ ################################################################################
# Create the symbols file for static builds.
- ifeq ($(STATIC_BUILD), true)
---- jdk22u-jdk-22-36/src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java 2024-03-15 16:05:55.677768239 +0100
-+++ jdk22u-jdk-22-36/src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java 2024-03-15 16:08:34.387868998 +0100
+--- a/src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java
++++ b/src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java
@@ -31,6 +31,7 @@
import java.security.PrivilegedAction;
import java.util.HashMap;
@@ -215,7 +215,7 @@
@java.io.Serial
private static final long serialVersionUID = 6812507587804302833L;
-@@ -147,6 +152,7 @@
+@@ -147,6 +152,7 @@ public Void run() {
void putEntries() {
// reuse attribute map and reset before each reuse
HashMap attrs = new HashMap<>(3);
@@ -223,7 +223,7 @@
attrs.put("SupportedModes", "ECB");
attrs.put("SupportedPaddings", "NOPADDING|PKCS1PADDING|OAEPPADDING"
+ "|OAEPWITHMD5ANDMGF1PADDING"
-@@ -439,6 +444,7 @@
+@@ -439,6 +445,7 @@ void putEntries() {
psA("KeyPairGenerator", "DiffieHellman",
"com.sun.crypto.provider.DHKeyPairGenerator",
null);
@@ -231,7 +231,7 @@
/*
* Algorithm parameter generation engines
-@@ -447,6 +453,7 @@
+@@ -447,6 +454,7 @@ void putEntries() {
"DiffieHellman", "com.sun.crypto.provider.DHParameterGenerator",
null);
@@ -239,7 +239,7 @@
/*
* Key Agreement engines
*/
-@@ -456,6 +463,7 @@
+@@ -456,6 +464,7 @@ void putEntries() {
psA("KeyAgreement", "DiffieHellman",
"com.sun.crypto.provider.DHKeyAgreement",
attrs);
@@ -247,7 +247,7 @@
/*
* Algorithm Parameter engines
-@@ -651,6 +659,7 @@
+@@ -651,6 +660,7 @@ void putEntries() {
ps("SecretKeyFactory", "PBEWithHmacSHA512/256AndAES_256",
"com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA512_256AndAES_256");
@@ -255,7 +255,7 @@
// PBKDF2
psA("SecretKeyFactory", "PBKDF2WithHmacSHA1",
"com.sun.crypto.provider.PBKDF2Core$HmacSHA1",
-@@ -782,6 +790,7 @@
+@@ -782,6 +792,7 @@ void putEntries() {
"com.sun.crypto.provider.TlsRsaPremasterSecretGenerator",
List.of("SunTls12RsaPremasterSecret"), null);
}
@@ -263,8 +263,8 @@
// Return the instance of this class or create one if needed.
static SunJCE getInstance() {
---- jdk22u-jdk-22-36/src/java.base/share/classes/java/security/Security.java 2024-03-15 16:05:55.704434923 +0100
-+++ jdk22u-jdk-22-36/src/java.base/share/classes/java/security/Security.java 2024-03-15 16:08:34.391202334 +0100
+--- a/src/java.base/share/classes/java/security/Security.java
++++ b/src/java.base/share/classes/java/security/Security.java
@@ -34,6 +34,7 @@
import jdk.internal.access.JavaSecurityPropertiesAccess;
import jdk.internal.event.EventHelper;
@@ -285,7 +285,7 @@
/* Are we debugging? -- for developers */
private static final Debug sdebug =
Debug.getInstance("properties");
-@@ -75,6 +81,19 @@
+@@ -75,6 +81,19 @@ private static class ProviderProperty {
}
static {
@@ -305,7 +305,7 @@
// doPrivileged here because there are multiple
// things in initialize that might require privs.
// (the FileInputStream call and the File.exists call,
-@@ -96,6 +115,7 @@
+@@ -96,6 +115,7 @@ public Properties getInitialProperties() {
private static void initialize() {
props = new Properties();
boolean overrideAll = false;
@@ -313,7 +313,7 @@
// first load the system properties file
// to determine the value of security.overridePropertiesFile
-@@ -116,6 +136,61 @@
+@@ -116,6 +136,61 @@ private static void initialize() {
}
loadProps(null, extraPropFile, overrideAll);
}
@@ -375,7 +375,7 @@
initialSecurityProperties = (Properties) props.clone();
if (sdebug != null) {
for (String key : props.stringPropertyNames()) {
-@@ -126,7 +201,7 @@
+@@ -126,7 +201,7 @@ private static void initialize() {
}
@@ -384,8 +384,8 @@
InputStream is = null;
try {
if (masterFile != null && masterFile.exists()) {
---- jdk22u-jdk-22-36/src/java.base/share/classes/java/security/SystemConfigurator.java 1970-01-01 01:00:00.000000000 +0100
-+++ jdk22u-jdk-22-36/src/java.base/share/classes/java/security/SystemConfigurator.java 2024-03-15 16:08:34.391202334 +0100
+--- /dev/null
++++ b/src/java.base/share/classes/java/security/SystemConfigurator.java
@@ -0,0 +1,232 @@
+/*
+ * Copyright (c) 2019, 2021, Red Hat, Inc.
@@ -619,8 +619,8 @@
+ }
+ }
+}
---- jdk22u-jdk-22-36/src/java.base/share/classes/jdk/internal/access/JavaSecuritySystemConfiguratorAccess.java 1970-01-01 01:00:00.000000000 +0100
-+++ jdk22u-jdk-22-36/src/java.base/share/classes/jdk/internal/access/JavaSecuritySystemConfiguratorAccess.java 2024-03-15 16:08:34.391202334 +0100
+--- /dev/null
++++ b/src/java.base/share/classes/jdk/internal/access/JavaSecuritySystemConfiguratorAccess.java
@@ -0,0 +1,31 @@
+/*
+ * Copyright (c) 2020, Red Hat, Inc.
@@ -653,8 +653,8 @@
+ boolean isSystemFipsEnabled();
+ boolean isPlainKeySupportEnabled();
+}
---- jdk22u-jdk-22-36/src/java.base/share/classes/jdk/internal/access/SharedSecrets.java 2024-03-15 16:05:55.727768271 +0100
-+++ jdk22u-jdk-22-36/src/java.base/share/classes/jdk/internal/access/SharedSecrets.java 2024-03-15 16:08:34.391202334 +0100
+--- a/src/java.base/share/classes/jdk/internal/access/SharedSecrets.java
++++ b/src/java.base/share/classes/jdk/internal/access/SharedSecrets.java
@@ -43,6 +43,7 @@
import java.io.PrintWriter;
import java.io.RandomAccessFile;
@@ -663,7 +663,7 @@
import java.security.Signature;
/** A repository of "shared secrets", which are a mechanism for
-@@ -90,6 +91,7 @@
+@@ -90,6 +91,7 @@ public class SharedSecrets {
private static JavaxCryptoSealedObjectAccess javaxCryptoSealedObjectAccess;
private static JavaxCryptoSpecAccess javaxCryptoSpecAccess;
private static JavaTemplateAccess javaTemplateAccess;
@@ -671,7 +671,7 @@
public static void setJavaUtilCollectionAccess(JavaUtilCollectionAccess juca) {
javaUtilCollectionAccess = juca;
-@@ -537,4 +539,15 @@
+@@ -537,4 +539,15 @@ private static void ensureClassInitialized(Class> c) {
MethodHandles.lookup().ensureInitialized(c);
} catch (IllegalAccessException e) {}
}
@@ -687,8 +687,8 @@
+ return javaSecuritySystemConfiguratorAccess;
+ }
}
---- jdk22u-jdk-22-36/src/java.base/share/classes/module-info.java 2024-03-15 16:05:55.744434949 +0100
-+++ jdk22u-jdk-22-36/src/java.base/share/classes/module-info.java 2024-03-15 16:08:34.391202334 +0100
+--- a/src/java.base/share/classes/module-info.java
++++ b/src/java.base/share/classes/module-info.java
@@ -168,6 +168,7 @@
java.naming,
java.rmi,
@@ -697,8 +697,8 @@
jdk.jartool,
jdk.jlink,
jdk.jfr,
---- jdk22u-jdk-22-36/src/java.base/share/classes/sun/security/ec/SunEC.java 2024-03-15 16:05:55.754434955 +0100
-+++ jdk22u-jdk-22-36/src/java.base/share/classes/sun/security/ec/SunEC.java 2024-03-15 16:08:34.397869005 +0100
+--- a/src/java.base/share/classes/sun/security/ec/SunEC.java
++++ b/src/java.base/share/classes/sun/security/ec/SunEC.java
@@ -34,6 +34,7 @@
import java.util.HashMap;
import java.util.List;
@@ -707,7 +707,7 @@
import sun.security.ec.ed.EdDSAKeyFactory;
import sun.security.ec.ed.EdDSAKeyPairGenerator;
import sun.security.ec.ed.EdDSASignature;
-@@ -50,6 +51,10 @@
+@@ -50,6 +51,10 @@ public final class SunEC extends Provider {
private static final long serialVersionUID = -2279741672933606418L;
@@ -718,7 +718,7 @@
private static class ProviderServiceA extends ProviderService {
ProviderServiceA(Provider p, String type, String algo, String cn,
HashMap attrs) {
-@@ -240,6 +245,7 @@
+@@ -240,6 +245,7 @@ void putEntries() {
putXDHEntries();
putEdDSAEntries();
@@ -726,7 +726,7 @@
/*
* Signature engines
*/
-@@ -318,6 +324,7 @@
+@@ -318,6 +324,7 @@ void putEntries() {
putService(new ProviderService(this, "KeyAgreement",
"ECDH", "sun.security.ec.ECDHKeyAgreement", null, ATTRS));
}
@@ -734,7 +734,7 @@
private void putXDHEntries() {
-@@ -333,6 +340,7 @@
+@@ -333,6 +340,7 @@ private void putXDHEntries() {
"X448", "sun.security.ec.XDHKeyFactory.X448",
ATTRS));
@@ -742,7 +742,7 @@
putService(new ProviderService(this, "KeyPairGenerator",
"XDH", "sun.security.ec.XDHKeyPairGenerator", null, ATTRS));
putService(new ProviderServiceA(this, "KeyPairGenerator",
-@@ -351,6 +359,7 @@
+@@ -351,6 +359,7 @@ private void putXDHEntries() {
"X448", "sun.security.ec.XDHKeyAgreement.X448",
ATTRS));
}
@@ -750,7 +750,7 @@
private void putEdDSAEntries() {
-@@ -364,6 +373,7 @@
+@@ -364,6 +373,7 @@ private void putEdDSAEntries() {
putService(new ProviderServiceA(this, "KeyFactory",
"Ed448", "sun.security.ec.ed.EdDSAKeyFactory.Ed448", ATTRS));
@@ -758,7 +758,7 @@
putService(new ProviderService(this, "KeyPairGenerator",
"EdDSA", "sun.security.ec.ed.EdDSAKeyPairGenerator", null, ATTRS));
putService(new ProviderServiceA(this, "KeyPairGenerator",
-@@ -379,6 +389,7 @@
+@@ -379,6 +389,7 @@ private void putEdDSAEntries() {
"Ed25519", "sun.security.ec.ed.EdDSASignature.Ed25519", ATTRS));
putService(new ProviderServiceA(this, "Signature",
"Ed448", "sun.security.ec.ed.EdDSASignature.Ed448", ATTRS));
@@ -766,8 +766,8 @@
}
}
---- jdk22u-jdk-22-36/src/java.base/share/classes/sun/security/provider/SunEntries.java 2024-03-15 16:05:55.754434955 +0100
-+++ jdk22u-jdk-22-36/src/java.base/share/classes/sun/security/provider/SunEntries.java 2024-03-15 16:08:34.391202334 +0100
+--- a/src/java.base/share/classes/sun/security/provider/SunEntries.java
++++ b/src/java.base/share/classes/sun/security/provider/SunEntries.java
@@ -38,6 +38,7 @@
import java.util.Iterator;
import java.util.LinkedHashSet;
@@ -787,7 +787,7 @@
// the default algo used by SecureRandom class for new SecureRandom() calls
public static final String DEF_SECURE_RANDOM_ALGO;
-@@ -102,6 +107,7 @@
+@@ -102,6 +107,7 @@ public final class SunEntries {
// common attribute map
HashMap attrs = new HashMap<>(3);
@@ -795,7 +795,7 @@
/*
* SecureRandom engines
*/
-@@ -186,6 +192,8 @@
+@@ -186,6 +192,8 @@ public final class SunEntries {
add(p, "Signature", "SHA3-512withDSAinP1363Format",
"sun.security.provider.DSA$SHA3_512withDSAinP1363Format");
@@ -804,7 +804,7 @@
attrs.clear();
attrs.put("ImplementedIn", "Software");
addWithAlias(p, "Signature", "HSS/LMS", "sun.security.provider.HSS", attrs);
-@@ -196,9 +204,11 @@
+@@ -196,9 +204,11 @@ public final class SunEntries {
attrs.put("ImplementedIn", "Software");
attrs.put("KeySize", "2048"); // for DSA KPG and APG only
@@ -816,7 +816,7 @@
/*
* Algorithm Parameter Generator engines
-@@ -213,6 +223,7 @@
+@@ -213,6 +223,7 @@ public final class SunEntries {
addWithAlias(p, "AlgorithmParameters", "DSA",
"sun.security.provider.DSAParameters", attrs);
@@ -824,7 +824,7 @@
/*
* Key factories
*/
-@@ -251,6 +262,7 @@
+@@ -251,6 +262,7 @@ public final class SunEntries {
"sun.security.provider.SHA3$SHA384", attrs);
addWithAlias(p, "MessageDigest", "SHA3-512",
"sun.security.provider.SHA3$SHA512", attrs);
@@ -832,8 +832,8 @@
/*
* Certificates
---- jdk22u-jdk-22-36/src/java.base/share/classes/sun/security/rsa/SunRsaSignEntries.java 2024-03-15 16:05:55.757768290 +0100
-+++ jdk22u-jdk-22-36/src/java.base/share/classes/sun/security/rsa/SunRsaSignEntries.java 2024-03-15 16:08:34.391202334 +0100
+--- a/src/java.base/share/classes/sun/security/rsa/SunRsaSignEntries.java
++++ b/src/java.base/share/classes/sun/security/rsa/SunRsaSignEntries.java
@@ -27,6 +27,7 @@
import java.util.*;
@@ -853,7 +853,7 @@
private void add(Provider p, String type, String algo, String cn,
List aliases, HashMap attrs) {
services.add(new Provider.Service(p, type, algo, cn,
-@@ -63,6 +68,8 @@
+@@ -63,6 +68,8 @@ public SunRsaSignEntries(Provider p) {
add(p, "KeyFactory", "RSA",
"sun.security.rsa.RSAKeyFactory$Legacy",
getAliases("PKCS1"), null);
@@ -862,7 +862,7 @@
add(p, "KeyPairGenerator", "RSA",
"sun.security.rsa.RSAKeyPairGenerator$Legacy",
getAliases("PKCS1"), null);
-@@ -92,13 +99,18 @@
+@@ -92,13 +99,18 @@ public SunRsaSignEntries(Provider p) {
"sun.security.rsa.RSASignature$SHA3_384withRSA", attrs);
addA(p, "Signature", "SHA3-512withRSA",
"sun.security.rsa.RSASignature$SHA3_512withRSA", attrs);
@@ -881,12 +881,13 @@
addA(p, "AlgorithmParameters", "RSASSA-PSS",
"sun.security.rsa.PSSParameters", null);
}
---- jdk22u-jdk-22-36/src/java.base/share/conf/security/java.security 2024-03-15 16:05:55.771101632 +0100
-+++ jdk22u-jdk-22-36/src/java.base/share/conf/security/java.security 2024-03-15 16:08:34.391202334 +0100
-@@ -86,6 +86,17 @@
+--- a/src/java.base/share/conf/security/java.security
++++ b/src/java.base/share/conf/security/java.security
+@@ -85,6 +85,17 @@ security.provider.tbd=Apple
+ #endif
security.provider.tbd=SunPKCS11
- #
++#
+# Security providers used when FIPS mode support is active
+#
+fips.provider.1=SunPKCS11 ${java.home}/conf/security/nss.fips.cfg
@@ -897,14 +898,14 @@
+fips.provider.6=SunRsaSign
+fips.provider.7=XMLDSig
+
-+#
+ #
# A list of preferred providers for specific algorithms. These providers will
# be searched for matching algorithms before the list of registered providers.
- # Entries containing errors (parsing, etc) will be ignored. Use the
-@@ -296,6 +307,47 @@
+@@ -295,6 +306,47 @@ policy.ignoreIdentityScope=false
+ #
keystore.type=pkcs12
- #
++#
+# Default keystore type used when global crypto-policies are set to FIPS.
+#
+fips.keystore.type=pkcs12
@@ -945,26 +946,25 @@
+#
+fips.nssdb.pin=pin:
+
-+#
+ #
# Controls compatibility mode for JKS and PKCS12 keystore types.
#
- # When set to 'true', both JKS and PKCS12 keystore types support loading
-@@ -333,6 +385,13 @@
+@@ -336,6 +388,13 @@ package.definition=sun.misc.,\
+ #
security.overridePropertiesFile=true
- #
++#
+# Determines whether this properties file will be appended to
+# using the system properties file stored at
+# /etc/crypto-policies/back-ends/java.config
+#
+security.useSystemPropertiesFile=true
+
-+#
+ #
# Determines the default key and trust manager factory algorithms for
# the javax.net.ssl package.
- #
---- jdk22u-jdk-22-36/src/java.base/share/conf/security/nss.fips.cfg.in 1970-01-01 01:00:00.000000000 +0100
-+++ jdk22u-jdk-22-36/src/java.base/share/conf/security/nss.fips.cfg.in 2024-03-15 16:08:34.391202334 +0100
+--- /dev/null
++++ b/src/java.base/share/conf/security/nss.fips.cfg.in
@@ -0,0 +1,8 @@
+name = NSS-FIPS
+nssLibraryDirectory = @NSS_LIBDIR@
@@ -974,9 +974,9 @@
+
+attributes(*,CKO_SECRET_KEY,CKK_GENERIC_SECRET)={ CKA_SIGN=true }
+
---- jdk22u-jdk-22-36/src/java.base/share/lib/security/default.policy 2024-03-15 16:05:55.777768303 +0100
-+++ jdk22u-jdk-22-36/src/java.base/share/lib/security/default.policy 2024-03-15 16:10:36.574613233 +0100
-@@ -134,6 +134,7 @@
+--- a/src/java.base/share/lib/security/default.policy
++++ b/src/java.base/share/lib/security/default.policy
+@@ -134,6 +134,7 @@ grant codeBase "jrt:/jdk.crypto.cryptoki" {
permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.access";
permission java.lang.RuntimePermission
"accessClassInPackage.sun.security.*";
@@ -984,7 +984,7 @@
permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
permission java.lang.RuntimePermission "loadLibrary.j2pkcs11";
permission java.util.PropertyPermission "sun.security.pkcs11.allowSingleThreadedModules", "read";
-@@ -141,6 +142,8 @@
+@@ -141,6 +142,8 @@ grant codeBase "jrt:/jdk.crypto.cryptoki" {
permission java.util.PropertyPermission "os.name", "read";
permission java.util.PropertyPermission "os.arch", "read";
permission java.util.PropertyPermission "jdk.crypto.KeyAgreement.legacyKDF", "read";
@@ -993,8 +993,8 @@
permission java.security.SecurityPermission "putProviderProperty.*";
permission java.security.SecurityPermission "clearProviderProperties.*";
permission java.security.SecurityPermission "removeProviderProperty.*";
---- jdk22u-jdk-22-36/src/java.base/share/native/libsystemconf/systemconf.c 1970-01-01 01:00:00.000000000 +0100
-+++ jdk22u-jdk-22-36/src/java.base/share/native/libsystemconf/systemconf.c 2024-03-15 16:08:34.391202334 +0100
+--- /dev/null
++++ b/src/java.base/share/native/libsystemconf/systemconf.c
@@ -0,0 +1,236 @@
+/*
+ * Copyright (c) 2021, Red Hat, Inc.
@@ -1232,8 +1232,8 @@
+}
+
+#endif
---- jdk22u-jdk-22-36/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/FIPSKeyImporter.java 1970-01-01 01:00:00.000000000 +0100
-+++ jdk22u-jdk-22-36/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/FIPSKeyImporter.java 2024-03-15 16:08:34.391202334 +0100
+--- /dev/null
++++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/FIPSKeyImporter.java
@@ -0,0 +1,457 @@
+/*
+ * Copyright (c) 2021, Red Hat, Inc.
@@ -1692,8 +1692,8 @@
+ }
+ }
+}
---- jdk22u-jdk-22-36/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/FIPSTokenLoginHandler.java 1970-01-01 01:00:00.000000000 +0100
-+++ jdk22u-jdk-22-36/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/FIPSTokenLoginHandler.java 2024-03-15 16:08:34.391202334 +0100
+--- /dev/null
++++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/FIPSTokenLoginHandler.java
@@ -0,0 +1,149 @@
+/*
+ * Copyright (c) 2022, Red Hat, Inc.
@@ -1845,8 +1845,8 @@
+ }
+}
\ No newline at end of file
---- jdk22u-jdk-22-36/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java 2024-03-15 16:05:55.394434726 +0100
-+++ jdk22u-jdk-22-36/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java 2024-03-15 16:08:34.391202334 +0100
+--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java
++++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java
@@ -37,6 +37,8 @@
import javax.crypto.interfaces.*;
import javax.crypto.spec.*;
@@ -1856,7 +1856,7 @@
import sun.security.rsa.RSAUtil.KeyType;
import sun.security.rsa.RSAPublicKeyImpl;
import sun.security.rsa.RSAPrivateCrtKeyImpl;
-@@ -72,6 +74,9 @@
+@@ -72,6 +74,9 @@ abstract class P11Key implements Key, Length {
@Serial
private static final long serialVersionUID = -2575874101938349339L;
@@ -1866,7 +1866,7 @@
private static final String PUBLIC = "public";
private static final String PRIVATE = "private";
private static final String SECRET = "secret";
-@@ -395,8 +400,10 @@
+@@ -395,8 +400,10 @@ static PrivateKey privateKey(Session session, long keyID, String algorithm,
new CK_ATTRIBUTE(CKA_EXTRACTABLE),
});
@@ -1879,7 +1879,7 @@
return switch (algorithm) {
case "RSA" -> P11RSAPrivateKeyInternal.of(session, keyID, algorithm,
-@@ -448,7 +455,8 @@
+@@ -448,7 +455,8 @@ private static class P11SecretKey extends P11Key implements SecretKey {
public String getFormat() {
token.ensureValid();
@@ -1889,8 +1889,8 @@
return null;
} else {
return "RAW";
---- jdk22u-jdk-22-36/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java 2024-03-15 16:05:55.394434726 +0100
-+++ jdk22u-jdk-22-36/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java 2024-03-15 16:08:34.391202334 +0100
+--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java
++++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java
@@ -26,6 +26,9 @@
package sun.security.pkcs11;
@@ -1914,7 +1914,7 @@
import static sun.security.util.SecurityProviderConstants.getAliases;
import sun.security.pkcs11.Secmod.*;
-@@ -65,6 +70,39 @@
+@@ -65,6 +70,39 @@ public final class SunPKCS11 extends AuthProvider {
@Serial
private static final long serialVersionUID = -1354835039035306505L;
@@ -1954,7 +1954,7 @@
static final Debug debug = Debug.getInstance("sunpkcs11");
// the PKCS11 object through which we make the native calls
@SuppressWarnings("serial") // Type of field is not Serializable;
-@@ -123,6 +161,29 @@
+@@ -123,6 +161,29 @@ public Provider configure(String configArg) throws InvalidParameterException {
return AccessController.doPrivileged(new PrivilegedExceptionAction<>() {
@Override
public SunPKCS11 run() throws Exception {
@@ -1984,7 +1984,7 @@
return new SunPKCS11(new Config(newConfigName));
}
});
-@@ -325,9 +386,19 @@
+@@ -336,9 +397,19 @@ private static T checkNull(T obj) {
// request multithreaded access first
initArgs.flags = CKF_OS_LOCKING_OK;
PKCS11 tmpPKCS11;
@@ -2006,7 +2006,7 @@
} catch (PKCS11Exception e) {
if (debug != null) {
debug.println("Multi-threaded initialization failed: " + e);
-@@ -342,8 +413,9 @@
+@@ -353,8 +424,9 @@ private static T checkNull(T obj) {
} else {
initArgs.flags = 0;
}
@@ -2018,7 +2018,7 @@
}
p11 = tmpPKCS11;
-@@ -1389,11 +1461,52 @@
+@@ -1400,11 +1472,52 @@ private static final class P11Service extends Service {
}
@Override
@@ -2071,7 +2071,7 @@
try {
return newInstance0(param);
} catch (PKCS11Exception e) {
-@@ -1750,6 +1863,9 @@
+@@ -1761,6 +1874,9 @@ public void logout() throws LoginException {
try {
session = token.getOpSession();
p11.C_Logout(session.id());
@@ -2081,8 +2081,8 @@
if (debug != null) {
debug.println("logout succeeded");
}
---- jdk22u-jdk-22-36/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Token.java 2024-03-15 16:05:55.394434726 +0100
-+++ jdk22u-jdk-22-36/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Token.java 2024-03-15 16:08:34.391202334 +0100
+--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Token.java
++++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Token.java
@@ -33,6 +33,7 @@
import java.security.*;
import javax.security.auth.login.LoginException;
@@ -2101,7 +2101,7 @@
// need to be serializable to allow SecureRandom to be serialized
@Serial
private static final long serialVersionUID = 2541527649100571747L;
-@@ -125,6 +129,10 @@
+@@ -125,6 +129,10 @@ final class Token implements Serializable {
// flag indicating whether we are logged in
private volatile boolean loggedIn;
@@ -2112,7 +2112,7 @@
// time we last checked login status
private long lastLoginCheck;
-@@ -242,9 +250,14 @@
+@@ -242,9 +250,14 @@ boolean isLoggedInNow(Session session) throws PKCS11Exception {
// call provider.login() if not
void ensureLoggedIn(Session session) throws PKCS11Exception, LoginException {
if (!isLoggedIn(session)) {
@@ -2127,25 +2127,8 @@
// return whether this token object is valid (i.e. token not removed)
// returns value from last check, does not perform new check
---- jdk22u-jdk-22-36/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11Exception.java 2024-03-15 16:05:55.397768062 +0100
-+++ jdk22u-jdk-22-36/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11Exception.java 2024-03-15 16:08:34.391202334 +0100
-@@ -216,6 +216,14 @@
- }
-
- /**
-+ * Constructor taking the error code from the RV enum and
-+ * extra info for error message.
-+ */
-+ public PKCS11Exception(RV errorEnum, String extraInfo) {
-+ this(errorEnum.value, extraInfo);
-+ }
-+
-+ /**
- * Constructor taking the error code (the CKR_* constants in PKCS#11) and
- * extra info for error message.
- */
---- jdk22u-jdk-22-36/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java 2024-03-15 16:05:55.397768062 +0100
-+++ jdk22u-jdk-22-36/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java 2024-03-15 16:08:34.391202334 +0100
+--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java
++++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java
@@ -49,6 +49,9 @@
import java.io.File;
@@ -2156,7 +2139,7 @@
import java.util.*;
import java.security.AccessController;
-@@ -174,19 +177,44 @@
+@@ -174,19 +177,44 @@ public CK_VERSION getVersion() {
return version;
}
@@ -2201,7 +2184,7 @@
if (omitInitialize == false) {
try {
pkcs11.C_Initialize(pInitArgs);
-@@ -1976,4 +2004,194 @@
+@@ -1976,4 +2004,194 @@ public synchronized void C_GenerateRandom(long hSession, byte[] randomData)
super.C_GenerateRandom(hSession, randomData);
}
}
@@ -2396,8 +2379,25 @@
+ }
+}
}
---- jdk22u-jdk-22-36/test/jdk/sun/security/pkcs11/fips/NssdbPin.java 1970-01-01 01:00:00.000000000 +0100
-+++ jdk22u-jdk-22-36/test/jdk/sun/security/pkcs11/fips/NssdbPin.java 2024-03-15 16:08:34.397869005 +0100
+--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11Exception.java
++++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11Exception.java
+@@ -215,6 +215,14 @@ private static String lookup(long errorCode) {
+ return res;
+ }
+
++ /**
++ * Constructor taking the error code from the RV enum and
++ * extra info for error message.
++ */
++ public PKCS11Exception(RV errorEnum, String extraInfo) {
++ this(errorEnum.value, extraInfo);
++ }
++
+ /**
+ * Constructor taking the error code (the CKR_* constants in PKCS#11) and
+ * extra info for error message.
+--- /dev/null
++++ b/test/jdk/sun/security/pkcs11/fips/NssdbPin.java
@@ -0,0 +1,349 @@
+/*
+ * Copyright (c) 2022, Red Hat, Inc.
@@ -2748,8 +2748,8 @@
+ "2nd line with garbage");
+ }
+}
---- jdk22u-jdk-22-36/test/jdk/sun/security/pkcs11/fips/VerifyMissingAttributes.java 1970-01-01 01:00:00.000000000 +0100
-+++ jdk22u-jdk-22-36/test/jdk/sun/security/pkcs11/fips/VerifyMissingAttributes.java 2024-03-15 16:08:34.397869005 +0100
+--- /dev/null
++++ b/test/jdk/sun/security/pkcs11/fips/VerifyMissingAttributes.java
@@ -0,0 +1,77 @@
+/*
+ * Copyright (c) 2022, Red Hat, Inc.
diff --git a/packages/j/java-22-openjdk/java-22-openjdk.changes b/packages/j/java-22-openjdk/java-22-openjdk.changes
index 03796b4..0abb856 100644
--- a/packages/j/java-22-openjdk/java-22-openjdk.changes
+++ b/packages/j/java-22-openjdk/java-22-openjdk.changes
@@ -1,4 +1,144 @@
-------------------------------------------------------------------
+Thu Apr 18 14:57:53 UTC 2024 - Fridrich Strba
+
+- Upgrade to upstream tag jdk-22.0.1+8 (April 2024 CPU)
+ * Security fixes
+ + JDK-8315708, CVE-2024-21012, bsc#1222987: Enhance HTTP/2
+ client usage
+ + JDK-8318340: Improve RSA key implementations
+ + JDK-8319851, CVE-2024-21011, bsc#1222979: Improve exception
+ logging
+ + JDK-8322122, CVE-2024-21068, bsc#1222983: Enhance generation
+ of addresses
+ * Other changes
+ + JDK-8314164: java/net/HttpURLConnection/
+ /HttpURLConnectionExpectContinueTest.java fails intermittently
+ in timeout
+ + JDK-8314275: Incorrect stepping in switch
+ + JDK-8317299: safepoint scalarization doesn't keep track of
+ the depth of the JVM state
+ + JDK-8317804: com/sun/jdi/JdwpAllowTest.java fails on Alpine
+ 3.17 / 3.18
+ + JDK-8318158: RISC-V: implement roundD/roundF intrinsics
+ + JDK-8318603: Parallelize sun/java2d/marlin/ClipShapeTest.java
+ + JDK-8318696: Do not use LFS64 symbols on Linux
+ + JDK-8319382: com/sun/jdi/JdwpAllowTest.java shows failures on
+ AIX if prefixLen of mask is larger than 32 in IPv6 case
+ + JDK-8320890: [AIX] Find a better way to mimic dl handle
+ equality
+ + JDK-8321151: JDK-8294427 breaks Windows L&F on all older
+ Windows versions
+ + JDK-8321374: Add a configure option to explicitly set
+ CompanyName property in VersionInfo resource for Windows
+ exe/dll
+ + JDK-8321408: Add Certainly roots R1 and E1
+ + JDK-8321480: ISO 4217 Amendment 176 Update
+ + JDK-8321489: Update LCMS to 2.16
+ + JDK-8321815: Shenandoah: gc state should be synchronized to
+ java threads only once per safepoint
+ + JDK-8321972: test runtime/Unsafe/InternalErrorTest.java
+ timeout on linux-riscv64 platform
+ + JDK-8322092: Bump version numbers for 22.0.1
+ + JDK-8322098: os::Linux::print_system_memory_info enhance the
+ THP output with
+ /sys/kernel/mm/transparent_hugepage/hpage_pmd_size
+ + JDK-8322159: ThisEscapeAnalyzer crashes for erroneous code
+ + JDK-8322163: runtime/Unsafe/InternalErrorTest.java fails on
+ Alpine after JDK-8320886
+ + JDK-8322417: Console read line with zero out should zero out
+ when throwing exception
+ + JDK-8322725: (tz) Update Timezone Data to 2023d
+ + JDK-8322772: Clean up code after JDK-8322417
+ + JDK-8322783: prioritize /etc/os-release over
+ /etc/SuSE-release in hs_err/info output
+ + JDK-8322790: RISC-V: Tune costs for shuffles with no
+ conversion
+ + JDK-8322945: Problemlist runtime/CompressedOops/
+ /CompressedClassPointers.java on AIX
+ + JDK-8323021: Shenandoah: Encountered reference count always
+ attributed to first worker thread
+ + JDK-8323065: Unneccesary CodeBlob lookup in
+ CompiledIC::internal_set_ic_destination
+ + JDK-8323086: Shenandoah: Heap could be corrupted by oom
+ during evacuation
+ + JDK-8323154: C2: assert(cmp != nullptr && cmp->Opcode() ==
+ Op_Cmp(bt)) failed: no exit test
+ + JDK-8323170: j2dbench is using outdated javac source/target
+ to be able to build by itself
+ + JDK-8323210: Update the usage of cmsFLAGS_COPY_ALPHA
+ + JDK-8323331: fix typo hpage_pdm_size
+ + JDK-8323428: Shenandoah: Unused memory in regions compacted
+ during a full GC should be mangled
+ + JDK-8323515: Create test alias "all" for all test roots
+ + JDK-8323637: Capture hotspot replay files in GHA
+ + JDK-8323657: Compilation of snippet results in VerifyError at
+ runtime with --release 9 (and above)
+ + JDK-8323664: java/awt/font/JNICheck/FreeTypeScalerJNICheck.java
+ still fails with JNI warning on some Windows configurations
+ + JDK-8323675: Race in jdk.javadoc-gendata
+ + JDK-8323920: Change milestone to fcs for all releases
+ + JDK-8323964: runtime/Thread/ThreadCountLimit.java fails
+ intermittently on AIX
+ + JDK-8324041: ModuleOption.java failed with update release
+ versioning scheme
+ + JDK-8324050: Issue store-store barrier after re-materializing
+ objects during deoptimization
+ + JDK-8324280: RISC-V: Incorrect implementation in
+ VM_Version::parse_satp_mode
+ + JDK-8324347: Enable "maybe-uninitialized" warning for
+ FreeType 2.13.1
+ + JDK-8324598: use mem_unit when working with sysinfo memory
+ and swap related information
+ + JDK-8324637: [aix] Implement support for reporting swap space
+ in jdk.management
+ + JDK-8324647: Invalid test group of lib-test after JDK-8323515
+ + JDK-8324659: GHA: Generic jtreg errors are not reported
+ + JDK-8324753: [AIX] adjust os_posix after JDK-8318696
+ + JDK-8324937: GHA: Avoid multiple test suites per job
+ + JDK-8325074: ZGC fails assert(index == 0 ||
+ is_power_of_2(index)) failed: Incorrect load shift: 11
+ + JDK-8325150: (tz) Update Timezone Data to 2024a
+ + JDK-8325203: System.exit(0) kills the launched 3rd party
+ application
+ + JDK-8325213: Flags introduced by configure script are not
+ passed to ADLC build
+ + JDK-8325313: Header format error in TestIntrinsicBailOut
+ after JDK-8317299
+ + JDK-8325326: [PPC64] Don't relocate in case of allocation
+ failure
+ + JDK-8325470: [AIX] use fclose after fopen in read_psinfo
+ + JDK-8325496: Make TrimNativeHeapInterval a product switch
+ + JDK-8325590: Regression in round-tripping UTF-16 strings
+ after JDK-8311906
+ + JDK-8325672: C2: allocate PhaseIdealLoop::_loop_or_ctrl from
+ C->comp_arena()
+ + JDK-8325876: crashes in docker container tests on
+ Linuxppc64le Power8 machines
+ + JDK-8326000: Remove obsolete comments for class
+ sun.security.ssl.SunJSSE
+ + JDK-8326101: [PPC64] Need to bailout cleanly if creation of
+ stubs fails when code cache is out of space
+ + JDK-8326360: Update the Zlib version in
+ open/src/java.base/share/legal/zlib.md to 1.3
+ + JDK-8326638: Crash in
+ PhaseIdealLoop::remix_address_expressions due to unexpected
+ Region instead of Loop
+ + JDK-8327391: Add SipHash attribution file
+- Modified patches:
+ * PStack-808293.patch
+ * disable-doclint-by-default.patch
+ * fips.patch
+ * java-22-openjdk.spec
+ * java-atk-wrapper-security.patch
+ * loadAssistiveTechnologies.patch
+ * memory-limits.patch
+ * multiple-pkcs11-library-init.patch
+ * reproducible-properties.patch
+ * system-pcsclite.patch
+ * zero-ranges.patch
+ + rediff to apply without fuzz
+
+-------------------------------------------------------------------
Fri Mar 15 14:45:03 UTC 2024 - Fridrich Strba
- Initial packaging of OpenJDK 22 release
diff --git a/packages/j/java-22-openjdk/java-22-openjdk.spec b/packages/j/java-22-openjdk/java-22-openjdk.spec
index 997996d..2c2a3a2 100644
--- a/packages/j/java-22-openjdk/java-22-openjdk.spec
+++ b/packages/j/java-22-openjdk/java-22-openjdk.spec
@@ -33,8 +33,8 @@
# Standard JPackage naming and versioning defines.
%global featurever 22
%global interimver 0
-#global updatever 0
-%global buildver 36
+%global updatever 1
+%global buildver 8
%global openjdk_repo jdk22u
%global openjdk_tag jdk-%{featurever}%{?updatever:.%{interimver}.%{updatever}}%{?patchver:.%{patchver}}+%{buildver}
%global openjdk_dir %{openjdk_repo}-jdk-%{featurever}%{?updatever:.%{interimver}.%{updatever}}%{?patchver:.%{patchver}}-%{buildver}
@@ -100,6 +100,9 @@
%global package_version %{featurever}.%{interimver}.%{?updatever:%{updatever}}%{!?updatever:0}.%{?patchver:%{patchver}}%{!?patchver:0}~%{buildver}
%endif
%global NSS_LIBDIR %(pkg-config --variable=libdir nss)
+%if 0%{?gcc_version} < 7
+%global with_gcc 7
+%endif
%bcond_with zero
%if ! %{with zero}
%global with_systemtap 1
@@ -178,6 +181,8 @@ BuildRequires: desktop-file-utils
BuildRequires: fdupes
BuildRequires: fontconfig-devel
BuildRequires: freetype2-devel
+BuildRequires: gcc%{?with_gcc}
+BuildRequires: gcc%{?with_gcc}-c++
BuildRequires: giflib-devel
BuildRequires: hicolor-icon-theme
BuildRequires: java-ca-certificates
@@ -231,13 +236,6 @@ Provides: jre1.7.x
Provides: jre1.8.x
Provides: jre1.9.x
%endif
-%if 0%{?suse_version} < 1500
-BuildRequires: gcc7
-BuildRequires: gcc7-c++
-%else
-BuildRequires: gcc >= 7
-BuildRequires: gcc-c++ >= 7
-%endif
%if %{with_system_lcms}
BuildRequires: liblcms2-devel
%endif
@@ -450,11 +448,11 @@ mkdir -p %{buildoutputdir}
pushd %{buildoutputdir}
bash ../configure \
-%if 0%{?suse_version} < 1500
- CPP=cpp-7 \
- CXX=g++-7 \
- CC=gcc-7 \
- NM=gcc-nm-7 \
+%if 0%{?with_gcc}
+ CPP="cpp-%{with_gcc}" \
+ CXX="g++-%{with_gcc}" \
+ CC="gcc-%{with_gcc}" \
+ NM="gcc-nm-%{with_gcc}" \
%endif
%if %{is_release}
--with-version-pre="" \
diff --git a/packages/j/java-22-openjdk/java-atk-wrapper-security.patch b/packages/j/java-22-openjdk/java-atk-wrapper-security.patch
index aef506b..ee3ef02 100644
--- a/packages/j/java-22-openjdk/java-atk-wrapper-security.patch
+++ b/packages/j/java-22-openjdk/java-atk-wrapper-security.patch
@@ -1,6 +1,6 @@
--- a/src/java.base/share/conf/security/java.security
+++ b/src/java.base/share/conf/security/java.security
-@@ -307,6 +307,8 @@ keystore.type.compat=true
+@@ -313,6 +313,8 @@ keystore.type.compat=true
#
package.access=sun.misc.,\
sun.reflect.,\
@@ -9,7 +9,7 @@
#
# List of comma-separated packages that start with or equal this string
-@@ -319,6 +321,8 @@ package.access=sun.misc.,\
+@@ -325,6 +327,8 @@ package.access=sun.misc.,\
#
package.definition=sun.misc.,\
sun.reflect.,\
diff --git a/packages/j/java-22-openjdk/jdk-22+36.tar.gz b/packages/j/java-22-openjdk/jdk-22+36.tar.gz
deleted file mode 120000
index cc8b261..0000000
--- a/packages/j/java-22-openjdk/jdk-22+36.tar.gz
+++ /dev/null
@@ -1 +0,0 @@
-/ipfs/bafybeibxpa2ekdpfiqc3sf2odyyvpozigvvpxvjlb3yl3c5wj5t4mcwb4u
\ No newline at end of file
diff --git a/packages/j/java-22-openjdk/jdk-22.0.1+8.tar.gz b/packages/j/java-22-openjdk/jdk-22.0.1+8.tar.gz
new file mode 120000
index 0000000..3029181
--- /dev/null
+++ b/packages/j/java-22-openjdk/jdk-22.0.1+8.tar.gz
@@ -0,0 +1 @@
+/ipfs/bafybeidrhl7viunghgfvpaw2vmsyr5h4d5oldqwxxgikrbh4kf4qiaylhu
\ No newline at end of file
diff --git a/packages/j/java-22-openjdk/loadAssistiveTechnologies.patch b/packages/j/java-22-openjdk/loadAssistiveTechnologies.patch
index 6f3faac..2d36429 100644
--- a/packages/j/java-22-openjdk/loadAssistiveTechnologies.patch
+++ b/packages/j/java-22-openjdk/loadAssistiveTechnologies.patch
@@ -1,6 +1,6 @@
--- a/src/java.desktop/share/classes/java/awt/Toolkit.java
+++ b/src/java.desktop/share/classes/java/awt/Toolkit.java
-@@ -602,7 +602,11 @@ public abstract class Toolkit {
+@@ -598,7 +598,11 @@ public static synchronized Toolkit getDefaultToolkit() {
toolkit = new HeadlessToolkit(toolkit);
}
if (!GraphicsEnvironment.isHeadless()) {
diff --git a/packages/j/java-22-openjdk/memory-limits.patch b/packages/j/java-22-openjdk/memory-limits.patch
index 36c15ab..0ee15cf 100644
--- a/packages/j/java-22-openjdk/memory-limits.patch
+++ b/packages/j/java-22-openjdk/memory-limits.patch
@@ -1,6 +1,6 @@
--- a/src/hotspot/share/gc/shared/gc_globals.hpp
+++ b/src/hotspot/share/gc/shared/gc_globals.hpp
-@@ -596,7 +596,7 @@
+@@ -591,7 +591,7 @@
"Initial heap size (in bytes); zero means use ergonomics") \
constraint(InitialHeapSizeConstraintFunc,AfterErgo) \
\
diff --git a/packages/j/java-22-openjdk/multiple-pkcs11-library-init.patch b/packages/j/java-22-openjdk/multiple-pkcs11-library-init.patch
index 01ccc5c..3c725da 100644
--- a/packages/j/java-22-openjdk/multiple-pkcs11-library-init.patch
+++ b/packages/j/java-22-openjdk/multiple-pkcs11-library-init.patch
@@ -1,6 +1,6 @@
---- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Config.java 2023-04-01 12:03:26.147543172 +0200
-+++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Config.java 2023-04-01 12:03:45.455660866 +0200
-@@ -52,6 +52,7 @@
+--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Config.java
++++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Config.java
+@@ -52,6 +52,7 @@ final class Config {
static final int ERR_HALT = 1;
static final int ERR_IGNORE_ALL = 2;
static final int ERR_IGNORE_LIB = 3;
@@ -8,7 +8,7 @@
// same as allowSingleThreadedModules but controlled via a system property
// and applied to all providers. if set to false, no SunPKCS11 instances
-@@ -1037,6 +1038,7 @@
+@@ -1037,6 +1038,7 @@ private void parseHandleStartupErrors(String keyword) throws IOException {
handleStartupErrors = switch (val) {
case "ignoreAll" -> ERR_IGNORE_ALL;
case "ignoreMissingLibrary" -> ERR_IGNORE_LIB;
@@ -16,9 +16,9 @@
case "halt" -> ERR_HALT;
default -> throw excToken("Invalid value for handleStartupErrors:");
};
---- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java 2023-04-01 12:03:26.147543172 +0200
-+++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java 2023-04-01 12:07:19.664979695 +0200
-@@ -184,26 +184,37 @@
+--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java
++++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java
+@@ -184,26 +184,37 @@ private static T checkNull(T obj) {
String nssLibraryDirectory = config.getNssLibraryDirectory();
String nssSecmodDirectory = config.getNssSecmodDirectory();
boolean nssOptimizeSpace = config.getNssOptimizeSpace();
diff --git a/packages/j/java-22-openjdk/reproducible-properties.patch b/packages/j/java-22-openjdk/reproducible-properties.patch
index f3105bc..6953fcb 100644
--- a/packages/j/java-22-openjdk/reproducible-properties.patch
+++ b/packages/j/java-22-openjdk/reproducible-properties.patch
@@ -1,6 +1,6 @@
--- a/src/java.base/share/classes/java/util/Properties.java
+++ b/src/java.base/share/classes/java/util/Properties.java
-@@ -955,7 +955,7 @@ public class Properties extends Hashtable